tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

nfsd: Pass 'cred' instead of 'rqstp' to some functions.

nfsd_permission(), exp_rdonly(), nfsd_setuser(), and nfsexp_flags()
only ever need the cred out of rqstp, so pass it explicitly instead of
the whole rqstp.

This makes the interfaces cleaner.

Signed-off-by: NeilBrown <neilb@suse.de>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

authored by

NeilBrown and committed by
Chuck Lever 9fd45c16 c55aeef7

+34 -28
+7 -7
fs/nfsd/auth.c
··· 5 5 #include "nfsd.h" 6 6 #include "auth.h" 7 7 8 - int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp) 8 + int nfsexp_flags(struct svc_cred *cred, struct svc_export *exp) 9 9 { 10 10 struct exp_flavor_info *f; 11 11 struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors; 12 12 13 13 for (f = exp->ex_flavors; f < end; f++) { 14 - if (f->pseudoflavor == rqstp->rq_cred.cr_flavor) 14 + if (f->pseudoflavor == cred->cr_flavor) 15 15 return f->flags; 16 16 } 17 17 return exp->ex_flags; 18 18 19 19 } 20 20 21 - int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) 21 + int nfsd_setuser(struct svc_cred *cred, struct svc_export *exp) 22 22 { 23 23 struct group_info *rqgi; 24 24 struct group_info *gi; 25 25 struct cred *new; 26 26 int i; 27 - int flags = nfsexp_flags(rqstp, exp); 27 + int flags = nfsexp_flags(cred, exp); 28 28 29 29 /* discard any old override before preparing the new set */ 30 30 revert_creds(get_cred(current_real_cred())); ··· 32 32 if (!new) 33 33 return -ENOMEM; 34 34 35 - new->fsuid = rqstp->rq_cred.cr_uid; 36 - new->fsgid = rqstp->rq_cred.cr_gid; 35 + new->fsuid = cred->cr_uid; 36 + new->fsgid = cred->cr_gid; 37 37 38 - rqgi = rqstp->rq_cred.cr_group_info; 38 + rqgi = cred->cr_group_info; 39 39 40 40 if (flags & NFSEXP_ALLSQUASH) { 41 41 new->fsuid = exp->ex_anon_uid;
+1 -1
fs/nfsd/auth.h
··· 12 12 * Set the current process's fsuid/fsgid etc to those of the NFS 13 13 * client user 14 14 */ 15 - int nfsd_setuser(struct svc_rqst *, struct svc_export *); 15 + int nfsd_setuser(struct svc_cred *cred, struct svc_export *exp); 16 16 17 17 #endif /* LINUX_NFSD_AUTH_H */
+2 -1
fs/nfsd/export.h
··· 99 99 #define EX_NOHIDE(exp) ((exp)->ex_flags & NFSEXP_NOHIDE) 100 100 #define EX_WGATHER(exp) ((exp)->ex_flags & NFSEXP_GATHERED_WRITES) 101 101 102 - int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp); 102 + struct svc_cred; 103 + int nfsexp_flags(struct svc_cred *cred, struct svc_export *exp); 103 104 __be32 check_nfsd_access(struct svc_export *exp, struct svc_rqst *rqstp); 104 105 105 106 /*
+2 -1
fs/nfsd/nfs4state.c
··· 6891 6891 6892 6892 nf = nfs4_find_file(s, flags); 6893 6893 if (nf) { 6894 - status = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 6894 + status = nfsd_permission(&rqstp->rq_cred, 6895 + fhp->fh_export, fhp->fh_dentry, 6895 6896 acc | NFSD_MAY_OWNER_OVERRIDE); 6896 6897 if (status) { 6897 6898 nfsd_file_put(nf);
+3 -3
fs/nfsd/nfsfh.c
··· 102 102 static __be32 nfsd_setuser_and_check_port(struct svc_rqst *rqstp, 103 103 struct svc_export *exp) 104 104 { 105 - int flags = nfsexp_flags(rqstp, exp); 105 + int flags = nfsexp_flags(&rqstp->rq_cred, exp); 106 106 107 107 /* Check if the request originated from a secure port. */ 108 108 if (!nfsd_originating_port_ok(rqstp, flags)) { ··· 113 113 } 114 114 115 115 /* Set user creds for this exportpoint */ 116 - return nfserrno(nfsd_setuser(rqstp, exp)); 116 + return nfserrno(nfsd_setuser(&rqstp->rq_cred, exp)); 117 117 } 118 118 119 119 static inline __be32 check_pseudo_root(struct svc_rqst *rqstp, ··· 394 394 395 395 skip_pseudoflavor_check: 396 396 /* Finally, check access permissions. */ 397 - error = nfsd_permission(rqstp, exp, dentry, access); 397 + error = nfsd_permission(&rqstp->rq_cred, exp, dentry, access); 398 398 out: 399 399 trace_nfsd_fh_verify_err(rqstp, fhp, type, access, error); 400 400 if (error == nfserr_stale)
+5 -4
fs/nfsd/nfsproc.c
··· 331 331 * echo thing > device-special-file-or-pipe 332 332 * by doing a CREATE with type==0 333 333 */ 334 - resp->status = nfsd_permission(rqstp, 335 - newfhp->fh_export, 336 - newfhp->fh_dentry, 337 - NFSD_MAY_WRITE|NFSD_MAY_LOCAL_ACCESS); 334 + resp->status = nfsd_permission( 335 + &rqstp->rq_cred, 336 + newfhp->fh_export, 337 + newfhp->fh_dentry, 338 + NFSD_MAY_WRITE|NFSD_MAY_LOCAL_ACCESS); 338 339 if (resp->status && resp->status != nfserr_rofs) 339 340 goto out_unlock; 340 341 }
+12 -9
fs/nfsd/vfs.c
··· 421 421 if (iap->ia_size < inode->i_size) { 422 422 __be32 err; 423 423 424 - err = nfsd_permission(rqstp, fhp->fh_export, fhp->fh_dentry, 425 - NFSD_MAY_TRUNC | NFSD_MAY_OWNER_OVERRIDE); 424 + err = nfsd_permission(&rqstp->rq_cred, 425 + fhp->fh_export, fhp->fh_dentry, 426 + NFSD_MAY_TRUNC | NFSD_MAY_OWNER_OVERRIDE); 426 427 if (err) 427 428 return err; 428 429 } ··· 815 814 816 815 sresult |= map->access; 817 816 818 - err2 = nfsd_permission(rqstp, export, dentry, map->how); 817 + err2 = nfsd_permission(&rqstp->rq_cred, export, 818 + dentry, map->how); 819 819 switch (err2) { 820 820 case nfs_ok: 821 821 result |= map->access; ··· 1477 1475 dirp = d_inode(dentry); 1478 1476 1479 1477 dchild = dget(resfhp->fh_dentry); 1480 - err = nfsd_permission(rqstp, fhp->fh_export, dentry, NFSD_MAY_CREATE); 1478 + err = nfsd_permission(&rqstp->rq_cred, fhp->fh_export, dentry, 1479 + NFSD_MAY_CREATE); 1481 1480 if (err) 1482 1481 goto out; 1483 1482 ··· 2258 2255 return err; 2259 2256 } 2260 2257 2261 - static int exp_rdonly(struct svc_rqst *rqstp, struct svc_export *exp) 2258 + static int exp_rdonly(struct svc_cred *cred, struct svc_export *exp) 2262 2259 { 2263 - return nfsexp_flags(rqstp, exp) & NFSEXP_READONLY; 2260 + return nfsexp_flags(cred, exp) & NFSEXP_READONLY; 2264 2261 } 2265 2262 2266 2263 #ifdef CONFIG_NFSD_V4 ··· 2504 2501 * Check for a user's access permissions to this inode. 2505 2502 */ 2506 2503 __be32 2507 - nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp, 2508 - struct dentry *dentry, int acc) 2504 + nfsd_permission(struct svc_cred *cred, struct svc_export *exp, 2505 + struct dentry *dentry, int acc) 2509 2506 { 2510 2507 struct inode *inode = d_inode(dentry); 2511 2508 int err; ··· 2536 2533 */ 2537 2534 if (!(acc & NFSD_MAY_LOCAL_ACCESS)) 2538 2535 if (acc & (NFSD_MAY_WRITE | NFSD_MAY_SATTR | NFSD_MAY_TRUNC)) { 2539 - if (exp_rdonly(rqstp, exp) || 2536 + if (exp_rdonly(cred, exp) || 2540 2537 __mnt_is_readonly(exp->ex_path.mnt)) 2541 2538 return nfserr_rofs; 2542 2539 if (/* (acc & NFSD_MAY_WRITE) && */ IS_IMMUTABLE(inode))
+2 -2
fs/nfsd/vfs.h
··· 153 153 __be32 nfsd_statfs(struct svc_rqst *, struct svc_fh *, 154 154 struct kstatfs *, int access); 155 155 156 - __be32 nfsd_permission(struct svc_rqst *, struct svc_export *, 157 - struct dentry *, int); 156 + __be32 nfsd_permission(struct svc_cred *cred, struct svc_export *exp, 157 + struct dentry *dentry, int acc); 158 158 159 159 void nfsd_filp_close(struct file *fp); 160 160