diff options
| author | Philip Guenther <guenther@cvs.openbsd.org> | 2014-03-24 00:19:49 +0000 |
|---|---|---|
| committer | Philip Guenther <guenther@cvs.openbsd.org> | 2014-03-24 00:19:49 +0000 |
| commit | d8290a491b942a98582508cc9b6718832261d4ad (patch) | |
| tree | 71b9f523f4979b625ecfdd3fb49c43a38cef3053 /sys | |
| parent | f75538b630ba05fcf2635e8fe5e4f51c32f429ea (diff) | |
Split the API: struct ucred remains the kernel internal structure while
struct xucred becomes the structure for syscalls (mount(2) and nfssvc(2)).
ok deraadt@ beck@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/kern_prot.c | 16 | ||||
| -rw-r--r-- | sys/kern/vfs_subr.c | 12 | ||||
| -rw-r--r-- | sys/nfs/nfs.h | 4 | ||||
| -rw-r--r-- | sys/sys/mount.h | 4 | ||||
| -rw-r--r-- | sys/sys/ucred.h | 13 |
5 files changed, 36 insertions, 13 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 6a42a3a61b5..4e7c7171315 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_prot.c,v 1.56 2013/04/06 03:44:34 tedu Exp $ */ +/* $OpenBSD: kern_prot.c,v 1.57 2014/03/24 00:19:48 guenther Exp $ */ /* $NetBSD: kern_prot.c,v 1.33 1996/02/09 18:59:42 christos Exp $ */ /* @@ -837,6 +837,20 @@ crdup(struct ucred *cr) } /* + * Convert the userspace xucred to a kernel ucred + */ +void +crfromxucred(struct ucred *cr, const struct xucred *xcr) +{ + cr->cr_ref = 1; + cr->cr_uid = xcr->cr_uid; + cr->cr_gid = xcr->cr_gid; + cr->cr_ngroups = xcr->cr_ngroups; + memcpy(cr->cr_groups, xcr->cr_groups, + sizeof(cr->cr_groups[0]) * xcr->cr_ngroups); +} + +/* * Get login name, if available. */ /* ARGSUSED */ diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index ca729adaae6..51f2c51d366 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_subr.c,v 1.211 2014/01/21 01:48:45 tedu Exp $ */ +/* $OpenBSD: vfs_subr.c,v 1.212 2014/03/24 00:19:48 guenther Exp $ */ /* $NetBSD: vfs_subr.c,v 1.53 1996/04/22 01:39:13 christos Exp $ */ /* @@ -1397,11 +1397,8 @@ vfs_hang_addrlist(struct mount *mp, struct netexport *nep, if (mp->mnt_flag & MNT_DEFEXPORTED) return (EPERM); np = &nep->ne_defexported; - np->netc_exflags = argp->ex_flags; - np->netc_anon = argp->ex_anon; - np->netc_anon.cr_ref = 1; mp->mnt_flag |= MNT_DEFEXPORTED; - return (0); + goto finish; } if (argp->ex_addrlen > MLEN || argp->ex_masklen > MLEN || argp->ex_addrlen < 0 || argp->ex_masklen < 0) @@ -1449,9 +1446,10 @@ vfs_hang_addrlist(struct mount *mp, struct netexport *nep, error = EPERM; goto out; } +finish: np->netc_exflags = argp->ex_flags; - np->netc_anon = argp->ex_anon; - np->netc_anon.cr_ref = 1; + /* fill in the kernel's ucred from userspace's xucred */ + crfromxucred(&np->netc_anon, &argp->ex_anon); return (0); out: free(np, M_NETADDR); diff --git a/sys/nfs/nfs.h b/sys/nfs/nfs.h index 1dcaa29cbcf..3326af33122 100644 --- a/sys/nfs/nfs.h +++ b/sys/nfs/nfs.h @@ -1,4 +1,4 @@ -/* $OpenBSD: nfs.h,v 1.51 2009/09/02 18:20:54 thib Exp $ */ +/* $OpenBSD: nfs.h,v 1.52 2014/03/24 00:19:48 guenther Exp $ */ /* $NetBSD: nfs.h,v 1.10.4.1 1996/05/27 11:23:56 fvdl Exp $ */ /* @@ -107,7 +107,7 @@ struct nfsd_srvargs { struct nfsd *nsd_nfsd; /* Pointer to in kernel nfsd struct */ uid_t nsd_uid; /* Effective uid mapped to cred */ u_int32_t nsd_haddr; /* IP address of client */ - struct ucred nsd_cr; /* Cred. uid maps to */ + struct xucred nsd_cr; /* Cred. uid maps to */ int nsd_authlen; /* Length of auth string (ret) */ u_char *nsd_authstr; /* Auth string (ret) */ int nsd_verflen; /* and the verifier */ diff --git a/sys/sys/mount.h b/sys/sys/mount.h index 724a5e684d2..4cd3ecb308b 100644 --- a/sys/sys/mount.h +++ b/sys/sys/mount.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mount.h,v 1.117 2013/12/01 16:40:56 krw Exp $ */ +/* $OpenBSD: mount.h,v 1.118 2014/03/24 00:19:48 guenther Exp $ */ /* $NetBSD: mount.h,v 1.48 1996/02/18 11:55:47 fvdl Exp $ */ /* @@ -62,7 +62,7 @@ struct fid { struct export_args { int ex_flags; /* export related flags */ uid_t ex_root; /* mapping for root uid */ - struct ucred ex_anon; /* mapping for anonymous user */ + struct xucred ex_anon; /* mapping for anonymous user */ struct sockaddr *ex_addr; /* net address to which exported */ int ex_addrlen; /* and the net address length */ struct sockaddr *ex_mask; /* mask of valid bits in saddr */ diff --git a/sys/sys/ucred.h b/sys/sys/ucred.h index a75c073d200..bf8c34a4669 100644 --- a/sys/sys/ucred.h +++ b/sys/sys/ucred.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ucred.h,v 1.6 2003/08/15 20:32:20 tedu Exp $ */ +/* $OpenBSD: ucred.h,v 1.7 2014/03/24 00:19:48 guenther Exp $ */ /* $NetBSD: ucred.h,v 1.12 1995/06/01 22:44:50 jtc Exp $ */ /* @@ -48,11 +48,22 @@ struct ucred { #define NOCRED ((struct ucred *)-1) /* no credential available */ #define FSCRED ((struct ucred *)-2) /* filesystem credential */ +/* + * Userspace version, for use in syscalls arguments + */ +struct xucred { + uid_t cr_uid; /* user id */ + gid_t cr_gid; /* group id */ + short cr_ngroups; /* number of groups */ + gid_t cr_groups[NGROUPS]; /* groups */ +}; + #ifdef _KERNEL #define crhold(cr) (cr)->cr_ref++ #define SUSER_NOACCT 0x1 /* don't mark accounting flags */ +void crfromxucred(struct ucred *, const struct xucred *); struct ucred *crcopy(struct ucred *cr); struct ucred *crdup(struct ucred *cr); void crfree(struct ucred *cr); |