diff mbox

[07/23] SUNRPC: remove uid and gid from struct auth_cred

Message ID 151901654898.17421.4355422985169182426.stgit@noble (mailing list archive)
State New, archived
Headers show

Commit Message

NeilBrown Feb. 19, 2018, 5:02 a.m. UTC
Use cred->fsuid and cred->fsgid instead.

Signed-off-by: NeilBrown <neilb@suse.com>
---
 fs/nfs/flexfilelayout/flexfilelayout.c |   14 ++++++++------
 fs/nfsd/nfs4callback.c                 |    6 ++----
 include/linux/sunrpc/auth.h            |    3 ---
 net/sunrpc/auth.c                      |    6 +-----
 net/sunrpc/auth_generic.c              |   23 ++++++++---------------
 net/sunrpc/auth_gss/auth_gss.c         |    7 +++----
 net/sunrpc/auth_unix.c                 |   12 ++++++------
 7 files changed, 28 insertions(+), 43 deletions(-)



--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/fs/nfs/flexfilelayout/flexfilelayout.c b/fs/nfs/flexfilelayout/flexfilelayout.c
index 40be5b102346..8ef4a9c50b10 100644
--- a/fs/nfs/flexfilelayout/flexfilelayout.c
+++ b/fs/nfs/flexfilelayout/flexfilelayout.c
@@ -414,6 +414,8 @@  ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
 		struct auth_cred acred = {};
 		struct rpc_cred	__rcu *cred;
 		struct cred *kcred;
+		kuid_t uid;
+		kgid_t gid;
 		u32 ds_count, fh_count, id;
 		int j;
 
@@ -481,14 +483,14 @@  ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
 		if (rc)
 			goto out_err_free;
 
-		acred.uid = make_kuid(&init_user_ns, id);
+		uid = make_kuid(&init_user_ns, id);
 
 		/* group */
 		rc = decode_name(&stream, &id);
 		if (rc)
 			goto out_err_free;
 
-		acred.gid = make_kgid(&init_user_ns, id);
+		gid = make_kgid(&init_user_ns, id);
 
 		if (gfp_flags & __GFP_FS)
 			kcred = prepare_kernel_cred(NULL);
@@ -500,8 +502,8 @@  ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
 		rc = -ENOMEM;
 		if (!kcred)
 			goto out_err_free;
-		kcred->fsuid = acred.uid;
-		kcred->fsgid = acred.gid;
+		kcred->fsuid = uid;
+		kcred->fsgid = gid;
 		acred.cred = kcred;
 
 		/* find the cred for it */
@@ -533,8 +535,8 @@  ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
 
 		dprintk("%s: iomode %s uid %u gid %u\n", __func__,
 			lgr->range.iomode == IOMODE_READ ? "READ" : "RW",
-			from_kuid(&init_user_ns, acred.uid),
-			from_kgid(&init_user_ns, acred.gid));
+			from_kuid(&init_user_ns, uid),
+			from_kgid(&init_user_ns, gid));
 	}
 
 	p = xdr_inline_decode(&stream, 4);
diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c
index 65c39817fcfc..64154db945cf 100644
--- a/fs/nfsd/nfs4callback.c
+++ b/fs/nfsd/nfs4callback.c
@@ -780,10 +780,8 @@  static struct rpc_cred *get_backchannel_cred(struct nfs4_client *clp, struct rpc
 		if (!kcred)
 			return NULL;
 
-		acred.uid = ses->se_cb_sec.uid;
-		acred.gid = ses->se_cb_sec.gid;
-		kcred->uid = acred.uid;
-		kcred->gid = acred.gid;
+		kcred->uid = ses->se_cb_sec.uid;
+		kcred->gid = ses->se_cb_sec.gid;
 		acred.cred = kcred;
 		ret = auth->au_ops->lookup_cred(client->cl_auth, &acred, 0);
 		put_cred(kcred);
diff --git a/include/linux/sunrpc/auth.h b/include/linux/sunrpc/auth.h
index c4782203791d..2b19e687dc29 100644
--- a/include/linux/sunrpc/auth.h
+++ b/include/linux/sunrpc/auth.h
@@ -44,11 +44,8 @@  enum {
 					key will expire soon */
 };
 
-/* Work around the lack of a VFS credential */
 struct auth_cred {
 	const struct cred *cred;
-	kuid_t	uid;
-	kgid_t	gid;
 	const char *principal;
 	unsigned long ac_flags;
 	unsigned char machine_cred : 1;
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c
index 65af3a66de24..70133c54d96e 100644
--- a/net/sunrpc/auth.c
+++ b/net/sunrpc/auth.c
@@ -631,8 +631,6 @@  rpcauth_lookupcred(struct rpc_auth *auth, int flags)
 		auth->au_ops->au_name);
 
 	memset(&acred, 0, sizeof(acred));
-	acred.uid = cred->fsuid;
-	acred.gid = cred->fsgid;
 	acred.cred = cred;
 	ret = auth->au_ops->lookup_cred(auth, &acred, flags);
 	return ret;
@@ -650,7 +648,7 @@  rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred,
 	cred->cr_ops = ops;
 	cred->cr_expire = jiffies;
 	cred->cr_cred = get_cred(acred->cred);
-	cred->cr_uid = acred->uid;
+	cred->cr_uid = acred->cred->fsuid;
 }
 EXPORT_SYMBOL_GPL(rpcauth_init_cred);
 
@@ -668,8 +666,6 @@  rpcauth_bind_root_cred(struct rpc_task *task, int lookupflags)
 {
 	struct rpc_auth *auth = task->tk_client->cl_auth;
 	struct auth_cred acred = {
-		.uid = GLOBAL_ROOT_UID,
-		.gid = GLOBAL_ROOT_GID,
 		.cred = get_task_cred(&init_task),
 	};
 	struct rpc_cred *ret;
diff --git a/net/sunrpc/auth_generic.c b/net/sunrpc/auth_generic.c
index 75b5cbb81fbd..de7ffff73943 100644
--- a/net/sunrpc/auth_generic.c
+++ b/net/sunrpc/auth_generic.c
@@ -18,9 +18,6 @@ 
 # define RPCDBG_FACILITY	RPCDBG_AUTH
 #endif
 
-#define RPC_MACHINE_CRED_USERID		GLOBAL_ROOT_UID
-#define RPC_MACHINE_CRED_GROUPID	GLOBAL_ROOT_GID
-
 struct generic_cred {
 	struct rpc_cred gc_base;
 	struct auth_cred acred;
@@ -57,8 +54,6 @@  EXPORT_SYMBOL_GPL(rpc_lookup_cred_nonblock);
 struct rpc_cred *rpc_lookup_machine_cred(const char *service_name)
 {
 	struct auth_cred acred = {
-		.uid = RPC_MACHINE_CRED_USERID,
-		.gid = RPC_MACHINE_CRED_GROUPID,
 		.principal = service_name,
 		.machine_cred = 1,
 		.cred = get_task_cred(&init_task),
@@ -85,8 +80,8 @@  static struct rpc_cred *generic_bind_cred(struct rpc_task *task,
 static int
 generic_hash_cred(struct auth_cred *acred, unsigned int hashbits)
 {
-	return hash_64(from_kgid(&init_user_ns, acred->gid) |
-		((u64)from_kuid(&init_user_ns, acred->uid) <<
+	return hash_64(from_kgid(&init_user_ns, acred->cred->fsgid) |
+		((u64)from_kuid(&init_user_ns, acred->cred->fsuid) <<
 			(sizeof(gid_t) * 8)), hashbits);
 }
 
@@ -111,8 +106,6 @@  generic_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, g
 	rpcauth_init_cred(&gcred->gc_base, acred, &generic_auth, &generic_credops);
 	gcred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE;
 
-	gcred->acred.uid = acred->uid;
-	gcred->acred.gid = acred->gid;
 	gcred->acred.cred = gcred->gc_base.cr_cred;
 	gcred->acred.ac_flags = 0;
 	gcred->acred.machine_cred = acred->machine_cred;
@@ -121,8 +114,8 @@  generic_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, g
 	dprintk("RPC:       allocated %s cred %p for uid %d gid %d\n",
 			gcred->acred.machine_cred ? "machine" : "generic",
 			gcred,
-			from_kuid(&init_user_ns, acred->uid),
-			from_kgid(&init_user_ns, acred->gid));
+			from_kuid(&init_user_ns, acred->cred->fsuid),
+			from_kgid(&init_user_ns, acred->cred->fsgid));
 	return &gcred->gc_base;
 }
 
@@ -154,8 +147,8 @@  machine_cred_match(struct auth_cred *acred, struct generic_cred *gcred, int flag
 {
 	if (!gcred->acred.machine_cred ||
 	    gcred->acred.principal != acred->principal ||
-	    !uid_eq(gcred->acred.uid, acred->uid) ||
-	    !gid_eq(gcred->acred.gid, acred->gid))
+	    !uid_eq(gcred->acred.cred->fsuid, acred->cred->fsuid) ||
+	    !gid_eq(gcred->acred.cred->fsgid, acred->cred->fsgid))
 		return 0;
 	return 1;
 }
@@ -173,8 +166,8 @@  generic_match(struct auth_cred *acred, struct rpc_cred *cred, int flags)
 	if (acred->machine_cred)
 		return machine_cred_match(acred, gcred, flags);
 
-	if (!uid_eq(gcred->acred.uid, acred->uid) ||
-	    !gid_eq(gcred->acred.gid, acred->gid) ||
+	if (!uid_eq(gcred->acred.cred->fsuid, acred->cred->fsuid) ||
+	    !gid_eq(gcred->acred.cred->fsgid, acred->cred->fsgid) ||
 	    gcred->acred.machine_cred != 0)
 		goto out_nomatch;
 
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 76e6086081b7..97513cf5ec4e 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -1307,7 +1307,7 @@  gss_destroy_cred(struct rpc_cred *cred)
 static int
 gss_hash_cred(struct auth_cred *acred, unsigned int hashbits)
 {
-	return hash_64(from_kuid(&init_user_ns, acred->uid), hashbits);
+	return hash_64(from_kuid(&init_user_ns, acred->cred->fsuid), hashbits);
 }
 
 /*
@@ -1327,7 +1327,7 @@  gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, gfp_t
 	int err = -ENOMEM;
 
 	dprintk("RPC:       %s for uid %d, flavor %d\n",
-		__func__, from_kuid(&init_user_ns, acred->uid),
+		__func__, from_kuid(&init_user_ns, acred->cred->fsuid),
 		auth->au_flavor);
 
 	if (!(cred = kzalloc(sizeof(*cred), gfp)))
@@ -1468,7 +1468,7 @@  gss_match(struct auth_cred *acred, struct rpc_cred *rc, int flags)
 	}
 	if (gss_cred->gc_principal != NULL)
 		return 0;
-	ret = uid_eq(rc->cr_uid, acred->uid);
+	ret = uid_eq(rc->cr_uid, acred->cred->fsuid);
 
 check_expire:
 	if (ret == 0)
@@ -1553,7 +1553,6 @@  static int gss_renew_cred(struct rpc_task *task)
 						 gc_base);
 	struct rpc_auth *auth = oldcred->cr_auth;
 	struct auth_cred acred = {
-		.uid = oldcred->cr_uid,
 		.cred = oldcred->cr_cred,
 		.principal = gss_cred->gc_principal,
 		.machine_cred = (gss_cred->gc_principal != NULL ? 1 : 0),
diff --git a/net/sunrpc/auth_unix.c b/net/sunrpc/auth_unix.c
index 93c4d6df7158..d9d2f74ee44b 100644
--- a/net/sunrpc/auth_unix.c
+++ b/net/sunrpc/auth_unix.c
@@ -48,8 +48,8 @@  unx_destroy(struct rpc_auth *auth)
 static int
 unx_hash_cred(struct auth_cred *acred, unsigned int hashbits)
 {
-	return hash_64(from_kgid(&init_user_ns, acred->gid) |
-		((u64)from_kuid(&init_user_ns, acred->uid) <<
+	return hash_64(from_kgid(&init_user_ns, acred->cred->fsgid) |
+		((u64)from_kuid(&init_user_ns, acred->cred->fsuid) <<
 			(sizeof(gid_t) * 8)), hashbits);
 }
 
@@ -70,8 +70,8 @@  unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, gfp_t
 	unsigned int i;
 
 	dprintk("RPC:       allocating UNIX cred for uid %d gid %d\n",
-			from_kuid(&init_user_ns, acred->uid),
-			from_kgid(&init_user_ns, acred->gid));
+			from_kuid(&init_user_ns, acred->cred->fsuid),
+			from_kgid(&init_user_ns, acred->cred->fsgid));
 
 	if (!(cred = kmalloc(sizeof(*cred), gfp)))
 		return ERR_PTR(-ENOMEM);
@@ -84,7 +84,7 @@  unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, gfp_t
 	if (groups > UNX_NGROUPS)
 		groups = UNX_NGROUPS;
 
-	cred->uc_gid = acred->gid;
+	cred->uc_gid = acred->cred->fsgid;
 	for (i = 0; i < groups; i++)
 		cred->uc_gids[i] = acred->cred->group_info->gid[i];
 	if (i < UNX_NGROUPS)
@@ -127,7 +127,7 @@  unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int flags)
 	unsigned int i;
 
 
-	if (!uid_eq(cred->uc_uid, acred->uid) || !gid_eq(cred->uc_gid, acred->gid))
+	if (!uid_eq(cred->uc_uid, acred->cred->fsuid) || !gid_eq(cred->uc_gid, acred->cred->fsgid))
 		return 0;
 
 	if (acred->cred && acred->cred->group_info != NULL)