tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

CRED: Introduce credential access wrappers

The patches that are intended to introduce copy-on-write credentials for 2.6.28
require abstraction of access to some fields of the task structure,
particularly for the case of one task accessing another's credentials where RCU
will have to be observed.

Introduced here are trivial no-op versions of the desired accessors for current
and other tasks so that other subsystems can start to be converted over more
easily.

Wrappers are introduced into a new header (linux/cred.h) for UID/GID,
EUID/EGID, SUID/SGID, FSUID/FSGID, cap_effective and current's subscribed
user_struct. These wrappers are macros because the ordering between header
files mitigates against making them inline functions.

linux/cred.h is #included from linux/sched.h.

Further, XFS is modified such that it no longer defines and uses parameterised
versions of current_fs[ug]id(), thus getting rid of the namespace collision
otherwise incurred.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>

authored by

David Howells and committed by
James Morris 9e2b2dc4 8d0968ab

+57 -8
-2
fs/xfs/linux-2.6/xfs_linux.h
··· 126 126 127 127 #define current_cpu() (raw_smp_processor_id()) 128 128 #define current_pid() (current->pid) 129 - #define current_fsuid(cred) (current->fsuid) 130 - #define current_fsgid(cred) (current->fsgid) 131 129 #define current_test_flags(f) (current->flags & (f)) 132 130 #define current_set_flags_nested(sp, f) \ 133 131 (*(sp) = current->flags, current->flags |= (f))
+2 -2
fs/xfs/xfs_inode.c
··· 1081 1081 ip->i_d.di_onlink = 0; 1082 1082 ip->i_d.di_nlink = nlink; 1083 1083 ASSERT(ip->i_d.di_nlink == nlink); 1084 - ip->i_d.di_uid = current_fsuid(cr); 1085 - ip->i_d.di_gid = current_fsgid(cr); 1084 + ip->i_d.di_uid = current_fsuid(); 1085 + ip->i_d.di_gid = current_fsgid(); 1086 1086 ip->i_d.di_projid = prid; 1087 1087 memset(&(ip->i_d.di_pad[0]), 0, sizeof(ip->i_d.di_pad)); 1088 1088
+4 -4
fs/xfs/xfs_vnodeops.c
··· 182 182 xfs_ilock(ip, lock_flags); 183 183 184 184 /* boolean: are we the file owner? */ 185 - file_owner = (current_fsuid(credp) == ip->i_d.di_uid); 185 + file_owner = (current_fsuid() == ip->i_d.di_uid); 186 186 187 187 /* 188 188 * Change various properties of a file. ··· 1533 1533 * Make sure that we have allocated dquot(s) on disk. 1534 1534 */ 1535 1535 error = XFS_QM_DQVOPALLOC(mp, dp, 1536 - current_fsuid(credp), current_fsgid(credp), prid, 1536 + current_fsuid(), current_fsgid(), prid, 1537 1537 XFS_QMOPT_QUOTALL|XFS_QMOPT_INHERIT, &udqp, &gdqp); 1538 1538 if (error) 1539 1539 goto std_return; ··· 2269 2269 * Make sure that we have allocated dquot(s) on disk. 2270 2270 */ 2271 2271 error = XFS_QM_DQVOPALLOC(mp, dp, 2272 - current_fsuid(credp), current_fsgid(credp), prid, 2272 + current_fsuid(), current_fsgid(), prid, 2273 2273 XFS_QMOPT_QUOTALL | XFS_QMOPT_INHERIT, &udqp, &gdqp); 2274 2274 if (error) 2275 2275 goto std_return; ··· 2495 2495 * Make sure that we have allocated dquot(s) on disk. 2496 2496 */ 2497 2497 error = XFS_QM_DQVOPALLOC(mp, dp, 2498 - current_fsuid(credp), current_fsgid(credp), prid, 2498 + current_fsuid(), current_fsgid(), prid, 2499 2499 XFS_QMOPT_QUOTALL | XFS_QMOPT_INHERIT, &udqp, &gdqp); 2500 2500 if (error) 2501 2501 goto std_return;
+50
include/linux/cred.h
··· 1 + /* Credentials management 2 + * 3 + * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved. 4 + * Written by David Howells (dhowells@redhat.com) 5 + * 6 + * This program is free software; you can redistribute it and/or 7 + * modify it under the terms of the GNU General Public Licence 8 + * as published by the Free Software Foundation; either version 9 + * 2 of the Licence, or (at your option) any later version. 10 + */ 11 + 12 + #ifndef _LINUX_CRED_H 13 + #define _LINUX_CRED_H 14 + 15 + #define get_current_user() (get_uid(current->user)) 16 + 17 + #define task_uid(task) ((task)->uid) 18 + #define task_gid(task) ((task)->gid) 19 + #define task_euid(task) ((task)->euid) 20 + #define task_egid(task) ((task)->egid) 21 + 22 + #define current_uid() (current->uid) 23 + #define current_gid() (current->gid) 24 + #define current_euid() (current->euid) 25 + #define current_egid() (current->egid) 26 + #define current_suid() (current->suid) 27 + #define current_sgid() (current->sgid) 28 + #define current_fsuid() (current->fsuid) 29 + #define current_fsgid() (current->fsgid) 30 + #define current_cap() (current->cap_effective) 31 + 32 + #define current_uid_gid(_uid, _gid) \ 33 + do { \ 34 + *(_uid) = current->uid; \ 35 + *(_gid) = current->gid; \ 36 + } while(0) 37 + 38 + #define current_euid_egid(_uid, _gid) \ 39 + do { \ 40 + *(_uid) = current->euid; \ 41 + *(_gid) = current->egid; \ 42 + } while(0) 43 + 44 + #define current_fsuid_fsgid(_uid, _gid) \ 45 + do { \ 46 + *(_uid) = current->fsuid; \ 47 + *(_gid) = current->fsgid; \ 48 + } while(0) 49 + 50 + #endif /* _LINUX_CRED_H */
+1
include/linux/sched.h
··· 87 87 #include <linux/task_io_accounting.h> 88 88 #include <linux/kobject.h> 89 89 #include <linux/latencytop.h> 90 + #include <linux/cred.h> 90 91 91 92 #include <asm/processor.h> 92 93