fs/nfsd/auth.c

   1 /*
   2  * linux/fs/nfsd/auth.c
   3  *
   4  * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
   5  */
   6
   7 #include <linux/types.h>
   8 #include <linux/sched.h>
   9 #include <linux/sunrpc/svc.h>
  10 #include <linux/sunrpc/svcauth.h>
  11 #include <linux/nfsd/nfsd.h>
  12 #include <linux/nfsd/export.h>
  13 #include "auth.h"
  14
  15 int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
  16 {
  17         struct exp_flavor_info *f;
  18         struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors;
  19
  20         for (f = exp->ex_flavors; f < end; f++) {
  21                 if (f->pseudoflavor == rqstp->rq_flavor)
  22                         return f->flags;
  23         }
  24         return exp->ex_flags;
  25
  26 }
  27
  28 int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
  29 {
  30         struct cred *act_as = current->cred ;
  31         struct svc_cred cred = rqstp->rq_cred;
  32         int i;
  33         int flags = nfsexp_flags(rqstp, exp);
  34         int ret;
  35
  36         if (flags & NFSEXP_ALLSQUASH) {
  37                 cred.cr_uid = exp->ex_anon_uid;
  38                 cred.cr_gid = exp->ex_anon_gid;
  39                 cred.cr_group_info = groups_alloc(0);
  40         } else if (flags & NFSEXP_ROOTSQUASH) {
  41                 struct group_info *gi;
  42                 if (!cred.cr_uid)
  43                         cred.cr_uid = exp->ex_anon_uid;
  44                 if (!cred.cr_gid)
  45                         cred.cr_gid = exp->ex_anon_gid;
  46                 gi = groups_alloc(cred.cr_group_info->ngroups);
  47                 if (gi)
  48                         for (i = 0; i < cred.cr_group_info->ngroups; i++) {
  49                                 if (!GROUP_AT(cred.cr_group_info, i))
  50                                         GROUP_AT(gi, i) = exp->ex_anon_gid;
  51                                 else
  52                                         GROUP_AT(gi, i) = GROUP_AT(cred.cr_group_info, i);
  53                         }
  54                 cred.cr_group_info = gi;
  55         } else
  56                 get_group_info(cred.cr_group_info);
  57
  58         if (cred.cr_uid != (uid_t) -1)
  59                 act_as->fsuid = cred.cr_uid;
  60         else
  61                 act_as->fsuid = exp->ex_anon_uid;
  62         if (cred.cr_gid != (gid_t) -1)
  63                 act_as->fsgid = cred.cr_gid;
  64         else
  65                 act_as->fsgid = exp->ex_anon_gid;
  66
  67         if (!cred.cr_group_info)
  68                 return -ENOMEM;
  69         ret = set_groups(act_as, cred.cr_group_info);
  70         put_group_info(cred.cr_group_info);
  71         if ((cred.cr_uid)) {
  72                 act_as->cap_effective =
  73                         cap_drop_nfsd_set(act_as->cap_effective);
  74         } else {
  75                 act_as->cap_effective =
  76                         cap_raise_nfsd_set(act_as->cap_effective,
  77                                            act_as->cap_permitted);
  78         }
  79         return ret;
  80 }
  81