diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2013-02-02 06:24:49 -0800 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2013-02-13 06:16:07 -0800 |
commit | 03bc6d1cc1759e6b5959cacc02a19ef36e95e741 (patch) | |
tree | a573059a5c568b5ad560e28d77d6ea27bc91eb07 | |
parent | ab8e4aee0a3f73d1b12e6d63b42075f0586ad4fd (diff) | |
download | linux-03bc6d1cc1759e6b5959cacc02a19ef36e95e741.tar.gz linux-03bc6d1cc1759e6b5959cacc02a19ef36e95e741.tar.bz2 linux-03bc6d1cc1759e6b5959cacc02a19ef36e95e741.zip |
nfsd: Modify nfsd4_cb_sec to use kuids and kgids
Change uid and gid in struct nfsd4_cb_sec to be of type kuid_t and
kgid_t.
In nfsd4_decode_cb_sec when reading uids and gids off the wire convert
them to kuids and kgids, and if they don't convert to valid kuids or
valid kuids ignore RPC_AUTH_UNIX and don't fill in any of the fields.
Cc: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
-rw-r--r-- | fs/nfsd/nfs4xdr.c | 13 | ||||
-rw-r--r-- | fs/nfsd/state.h | 4 |
2 files changed, 12 insertions, 5 deletions
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index 3812b06d24b1..2d1d06bae3a7 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c @@ -464,9 +464,16 @@ static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_ READ32(dummy); READ_BUF(dummy * 4); if (cbs->flavor == (u32)(-1)) { - cbs->uid = uid; - cbs->gid = gid; - cbs->flavor = RPC_AUTH_UNIX; + kuid_t kuid = make_kuid(&init_user_ns, uid); + kgid_t kgid = make_kgid(&init_user_ns, gid); + if (uid_valid(kuid) && gid_valid(kgid)) { + cbs->uid = kuid; + cbs->gid = kgid; + cbs->flavor = RPC_AUTH_UNIX; + } else { + dprintk("RPC_AUTH_UNIX with invalid" + "uid or gid ignoring!\n"); + } } break; case RPC_AUTH_GSS: diff --git a/fs/nfsd/state.h b/fs/nfsd/state.h index d1c229feed52..1a8c7391f7ae 100644 --- a/fs/nfsd/state.h +++ b/fs/nfsd/state.h @@ -152,8 +152,8 @@ struct nfsd4_channel_attrs { struct nfsd4_cb_sec { u32 flavor; /* (u32)(-1) used to mean "no valid flavor" */ - u32 uid; - u32 gid; + kuid_t uid; + kgid_t gid; }; struct nfsd4_create_session { |