summaryrefslogtreecommitdiffstats
path: root/fs/cifs/cifs_spnego.c
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2010-07-19 18:00:17 -0400
committerSteve French <sfrench@us.ibm.com>2010-08-02 12:40:39 +0000
commit3e4b3e1f68c10510ec8d3076cffc5729b88f8de6 (patch)
treebee962570f8a54547cfb67550f76874d82981fea /fs/cifs/cifs_spnego.c
parentf55fdcca6bf1c17e86a270a8c0d81c6677c61222 (diff)
downloadlinux-3e4b3e1f68c10510ec8d3076cffc5729b88f8de6.tar.gz
linux-3e4b3e1f68c10510ec8d3076cffc5729b88f8de6.tar.bz2
linux-3e4b3e1f68c10510ec8d3076cffc5729b88f8de6.zip
cifs: add separate cred_uid field to sesInfo
Right now, there's no clear separation between the uid that owns the credentials used to do the mount and the overriding owner of the files on that mount. Add a separate cred_uid field that is set to the real uid of the mount user. Unlike the linux_uid, the uid= option does not override this parameter. The parm is sent to cifs.upcall, which can then preferentially use the creduid= parm instead of the uid= parm for finding credentials. This is not the only way to solve this. We could try to do all of this in kernel instead by having a module parameter that affects what gets passed in the uid= field of the upcall. That said, we have a lot more flexibility to change things in userspace so I think it probably makes sense to do it this way. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/cifs_spnego.c')
-rw-r--r--fs/cifs/cifs_spnego.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c
index 379bd7d9c05f..6effccff85a5 100644
--- a/fs/cifs/cifs_spnego.c
+++ b/fs/cifs/cifs_spnego.c
@@ -144,6 +144,9 @@ cifs_get_spnego_key(struct cifsSesInfo *sesInfo)
sprintf(dp, ";uid=0x%x", sesInfo->linux_uid);
dp = description + strlen(description);
+ sprintf(dp, ";creduid=0x%x", sesInfo->cred_uid);
+
+ dp = description + strlen(description);
sprintf(dp, ";user=%s", sesInfo->userName);
dp = description + strlen(description);