CRED: Wrap task credential accesses in the NFS daemon
Wrap access to task credentials so that they can be separated more easily from the task_struct during the introduction of COW creds. Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id(). Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more sense to use RCU directly rather than a convenient wrapper; these will be addressed by later patches. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: J. Bruce Fields <bfields@fieldses.org> Cc: Neil Brown <neilb@suse.de> Cc: linux-nfs@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
48937024c6
commit
5cc0a84076
@ -1169,7 +1169,7 @@ nfsd_create_setattr(struct svc_rqst *rqstp, struct svc_fh *resfhp,
|
||||
* send along the gid on create when it tries to implement
|
||||
* setgid directories via NFS:
|
||||
*/
|
||||
if (current->fsuid != 0)
|
||||
if (current_fsuid() != 0)
|
||||
iap->ia_valid &= ~(ATTR_UID|ATTR_GID);
|
||||
if (iap->ia_valid)
|
||||
return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);
|
||||
@ -2004,7 +2004,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp,
|
||||
IS_APPEND(inode)? " append" : "",
|
||||
__mnt_is_readonly(exp->ex_path.mnt)? " ro" : "");
|
||||
dprintk(" owner %d/%d user %d/%d\n",
|
||||
inode->i_uid, inode->i_gid, current->fsuid, current->fsgid);
|
||||
inode->i_uid, inode->i_gid, current_fsuid(), current_fsgid());
|
||||
#endif
|
||||
|
||||
/* Normally we reject any write/sattr etc access on a read-only file
|
||||
@ -2047,7 +2047,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp,
|
||||
* with NFSv3.
|
||||
*/
|
||||
if ((acc & NFSD_MAY_OWNER_OVERRIDE) &&
|
||||
inode->i_uid == current->fsuid)
|
||||
inode->i_uid == current_fsuid())
|
||||
return 0;
|
||||
|
||||
/* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */
|
||||
|
Loading…
Reference in New Issue
Block a user