xref: /openbmc/linux/fs/nfsd/auth.c (revision b6dff3ec5e116e3af6f537d4caedcad6b9e5082a) 
1 /*
2  * linux/fs/nfsd/auth.c
3  *
4  * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
5  */
6 
7 #include <linux/types.h>
8 #include <linux/sched.h>
9 #include <linux/sunrpc/svc.h>
10 #include <linux/sunrpc/svcauth.h>
11 #include <linux/nfsd/nfsd.h>
12 #include <linux/nfsd/export.h>
13 #include "auth.h"
14 
15 int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
16 {
17 	struct exp_flavor_info *f;
18 	struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors;
19 
20 	for (f = exp->ex_flavors; f < end; f++) {
21 		if (f->pseudoflavor == rqstp->rq_flavor)
22 			return f->flags;
23 	}
24 	return exp->ex_flags;
25 
26 }
27 
28 int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
29 {
30 	struct cred *act_as = current->cred ;
31 	struct svc_cred	cred = rqstp->rq_cred;
32 	int i;
33 	int flags = nfsexp_flags(rqstp, exp);
34 	int ret;
35 
36 	if (flags & NFSEXP_ALLSQUASH) {
37 		cred.cr_uid = exp->ex_anon_uid;
38 		cred.cr_gid = exp->ex_anon_gid;
39 		cred.cr_group_info = groups_alloc(0);
40 	} else if (flags & NFSEXP_ROOTSQUASH) {
41 		struct group_info *gi;
42 		if (!cred.cr_uid)
43 			cred.cr_uid = exp->ex_anon_uid;
44 		if (!cred.cr_gid)
45 			cred.cr_gid = exp->ex_anon_gid;
46 		gi = groups_alloc(cred.cr_group_info->ngroups);
47 		if (gi)
48 			for (i = 0; i < cred.cr_group_info->ngroups; i++) {
49 				if (!GROUP_AT(cred.cr_group_info, i))
50 					GROUP_AT(gi, i) = exp->ex_anon_gid;
51 				else
52 					GROUP_AT(gi, i) = GROUP_AT(cred.cr_group_info, i);
53 			}
54 		cred.cr_group_info = gi;
55 	} else
56 		get_group_info(cred.cr_group_info);
57 
58 	if (cred.cr_uid != (uid_t) -1)
59 		act_as->fsuid = cred.cr_uid;
60 	else
61 		act_as->fsuid = exp->ex_anon_uid;
62 	if (cred.cr_gid != (gid_t) -1)
63 		act_as->fsgid = cred.cr_gid;
64 	else
65 		act_as->fsgid = exp->ex_anon_gid;
66 
67 	if (!cred.cr_group_info)
68 		return -ENOMEM;
69 	ret = set_groups(act_as, cred.cr_group_info);
70 	put_group_info(cred.cr_group_info);
71 	if ((cred.cr_uid)) {
72 		act_as->cap_effective =
73 			cap_drop_nfsd_set(act_as->cap_effective);
74 	} else {
75 		act_as->cap_effective =
76 			cap_raise_nfsd_set(act_as->cap_effective,
77 					   act_as->cap_permitted);
78 	}
79 	return ret;
80 }
81 
82