~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/fs/nfsd/nfs4idmap.c

Version: ~ [ linux-5.9.1 ] ~ [ linux-5.8.16 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.72 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.152 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.202 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.240 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.240 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.85 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  *  Mapping of UID/GIDs to name and vice versa.
  3  *
  4  *  Copyright (c) 2002, 2003 The Regents of the University of
  5  *  Michigan.  All rights reserved.
  6  *
  7  *  Marius Aamodt Eriksen <marius@umich.edu>
  8  *
  9  *  Redistribution and use in source and binary forms, with or without
 10  *  modification, are permitted provided that the following conditions
 11  *  are met:
 12  *
 13  *  1. Redistributions of source code must retain the above copyright
 14  *     notice, this list of conditions and the following disclaimer.
 15  *  2. Redistributions in binary form must reproduce the above copyright
 16  *     notice, this list of conditions and the following disclaimer in the
 17  *     documentation and/or other materials provided with the distribution.
 18  *  3. Neither the name of the University nor the names of its
 19  *     contributors may be used to endorse or promote products derived
 20  *     from this software without specific prior written permission.
 21  *
 22  *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
 23  *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 24  *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 25  *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 26  *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 27  *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 28  *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 29  *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 30  *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 31  *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 32  *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 33  */
 34 
 35 #include <linux/module.h>
 36 #include <linux/seq_file.h>
 37 #include <linux/sched.h>
 38 #include <linux/slab.h>
 39 #include <linux/sunrpc/svc_xprt.h>
 40 #include <net/net_namespace.h>
 41 #include "idmap.h"
 42 #include "nfsd.h"
 43 #include "netns.h"
 44 
 45 /*
 46  * Turn off idmapping when using AUTH_SYS.
 47  */
 48 static bool nfs4_disable_idmapping = true;
 49 module_param(nfs4_disable_idmapping, bool, 0644);
 50 MODULE_PARM_DESC(nfs4_disable_idmapping,
 51                 "Turn off server's NFSv4 idmapping when using 'sec=sys'");
 52 
 53 /*
 54  * Cache entry
 55  */
 56 
 57 /*
 58  * XXX we know that IDMAP_NAMESZ < PAGE_SIZE, but it's ugly to rely on
 59  * that.
 60  */
 61 
 62 struct ent {
 63         struct cache_head h;
 64         int               type;                /* User / Group */
 65         u32               id;
 66         char              name[IDMAP_NAMESZ];
 67         char              authname[IDMAP_NAMESZ];
 68 };
 69 
 70 /* Common entry handling */
 71 
 72 #define ENT_HASHBITS          8
 73 #define ENT_HASHMAX           (1 << ENT_HASHBITS)
 74 
 75 static void
 76 ent_init(struct cache_head *cnew, struct cache_head *citm)
 77 {
 78         struct ent *new = container_of(cnew, struct ent, h);
 79         struct ent *itm = container_of(citm, struct ent, h);
 80 
 81         new->id = itm->id;
 82         new->type = itm->type;
 83 
 84         strlcpy(new->name, itm->name, sizeof(new->name));
 85         strlcpy(new->authname, itm->authname, sizeof(new->name));
 86 }
 87 
 88 static void
 89 ent_put(struct kref *ref)
 90 {
 91         struct ent *map = container_of(ref, struct ent, h.ref);
 92         kfree(map);
 93 }
 94 
 95 static struct cache_head *
 96 ent_alloc(void)
 97 {
 98         struct ent *e = kmalloc(sizeof(*e), GFP_KERNEL);
 99         if (e)
100                 return &e->h;
101         else
102                 return NULL;
103 }
104 
105 /*
106  * ID -> Name cache
107  */
108 
109 static uint32_t
110 idtoname_hash(struct ent *ent)
111 {
112         uint32_t hash;
113 
114         hash = hash_str(ent->authname, ENT_HASHBITS);
115         hash = hash_long(hash ^ ent->id, ENT_HASHBITS);
116 
117         /* Flip LSB for user/group */
118         if (ent->type == IDMAP_TYPE_GROUP)
119                 hash ^= 1;
120 
121         return hash;
122 }
123 
124 static void
125 idtoname_request(struct cache_detail *cd, struct cache_head *ch, char **bpp,
126     int *blen)
127 {
128         struct ent *ent = container_of(ch, struct ent, h);
129         char idstr[11];
130 
131         qword_add(bpp, blen, ent->authname);
132         snprintf(idstr, sizeof(idstr), "%u", ent->id);
133         qword_add(bpp, blen, ent->type == IDMAP_TYPE_GROUP ? "group" : "user");
134         qword_add(bpp, blen, idstr);
135 
136         (*bpp)[-1] = '\n';
137 }
138 
139 static int
140 idtoname_match(struct cache_head *ca, struct cache_head *cb)
141 {
142         struct ent *a = container_of(ca, struct ent, h);
143         struct ent *b = container_of(cb, struct ent, h);
144 
145         return (a->id == b->id && a->type == b->type &&
146             strcmp(a->authname, b->authname) == 0);
147 }
148 
149 static int
150 idtoname_show(struct seq_file *m, struct cache_detail *cd, struct cache_head *h)
151 {
152         struct ent *ent;
153 
154         if (h == NULL) {
155                 seq_puts(m, "#domain type id [name]\n");
156                 return 0;
157         }
158         ent = container_of(h, struct ent, h);
159         seq_printf(m, "%s %s %u", ent->authname,
160                         ent->type == IDMAP_TYPE_GROUP ? "group" : "user",
161                         ent->id);
162         if (test_bit(CACHE_VALID, &h->flags))
163                 seq_printf(m, " %s", ent->name);
164         seq_printf(m, "\n");
165         return 0;
166 }
167 
168 static void
169 warn_no_idmapd(struct cache_detail *detail, int has_died)
170 {
171         printk("nfsd: nfsv4 idmapping failing: has idmapd %s?\n",
172                         has_died ? "died" : "not been started");
173 }
174 
175 
176 static int         idtoname_parse(struct cache_detail *, char *, int);
177 static struct ent *idtoname_lookup(struct cache_detail *, struct ent *);
178 static struct ent *idtoname_update(struct cache_detail *, struct ent *,
179                                    struct ent *);
180 
181 static const struct cache_detail idtoname_cache_template = {
182         .owner          = THIS_MODULE,
183         .hash_size      = ENT_HASHMAX,
184         .name           = "nfs4.idtoname",
185         .cache_put      = ent_put,
186         .cache_request  = idtoname_request,
187         .cache_parse    = idtoname_parse,
188         .cache_show     = idtoname_show,
189         .warn_no_listener = warn_no_idmapd,
190         .match          = idtoname_match,
191         .init           = ent_init,
192         .update         = ent_init,
193         .alloc          = ent_alloc,
194 };
195 
196 static int
197 idtoname_parse(struct cache_detail *cd, char *buf, int buflen)
198 {
199         struct ent ent, *res;
200         char *buf1, *bp;
201         int len;
202         int error = -EINVAL;
203 
204         if (buf[buflen - 1] != '\n')
205                 return (-EINVAL);
206         buf[buflen - 1]= '\0';
207 
208         buf1 = kmalloc(PAGE_SIZE, GFP_KERNEL);
209         if (buf1 == NULL)
210                 return (-ENOMEM);
211 
212         memset(&ent, 0, sizeof(ent));
213 
214         /* Authentication name */
215         len = qword_get(&buf, buf1, PAGE_SIZE);
216         if (len <= 0 || len >= IDMAP_NAMESZ)
217                 goto out;
218         memcpy(ent.authname, buf1, sizeof(ent.authname));
219 
220         /* Type */
221         if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
222                 goto out;
223         ent.type = strcmp(buf1, "user") == 0 ?
224                 IDMAP_TYPE_USER : IDMAP_TYPE_GROUP;
225 
226         /* ID */
227         if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
228                 goto out;
229         ent.id = simple_strtoul(buf1, &bp, 10);
230         if (bp == buf1)
231                 goto out;
232 
233         /* expiry */
234         ent.h.expiry_time = get_expiry(&buf);
235         if (ent.h.expiry_time == 0)
236                 goto out;
237 
238         error = -ENOMEM;
239         res = idtoname_lookup(cd, &ent);
240         if (!res)
241                 goto out;
242 
243         /* Name */
244         error = -EINVAL;
245         len = qword_get(&buf, buf1, PAGE_SIZE);
246         if (len < 0 || len >= IDMAP_NAMESZ)
247                 goto out;
248         if (len == 0)
249                 set_bit(CACHE_NEGATIVE, &ent.h.flags);
250         else
251                 memcpy(ent.name, buf1, sizeof(ent.name));
252         error = -ENOMEM;
253         res = idtoname_update(cd, &ent, res);
254         if (res == NULL)
255                 goto out;
256 
257         cache_put(&res->h, cd);
258         error = 0;
259 out:
260         kfree(buf1);
261         return error;
262 }
263 
264 static struct ent *
265 idtoname_lookup(struct cache_detail *cd, struct ent *item)
266 {
267         struct cache_head *ch = sunrpc_cache_lookup(cd, &item->h,
268                                                     idtoname_hash(item));
269         if (ch)
270                 return container_of(ch, struct ent, h);
271         else
272                 return NULL;
273 }
274 
275 static struct ent *
276 idtoname_update(struct cache_detail *cd, struct ent *new, struct ent *old)
277 {
278         struct cache_head *ch = sunrpc_cache_update(cd, &new->h, &old->h,
279                                                     idtoname_hash(new));
280         if (ch)
281                 return container_of(ch, struct ent, h);
282         else
283                 return NULL;
284 }
285 
286 
287 /*
288  * Name -> ID cache
289  */
290 
291 static inline int
292 nametoid_hash(struct ent *ent)
293 {
294         return hash_str(ent->name, ENT_HASHBITS);
295 }
296 
297 static void
298 nametoid_request(struct cache_detail *cd, struct cache_head *ch, char **bpp,
299     int *blen)
300 {
301         struct ent *ent = container_of(ch, struct ent, h);
302 
303         qword_add(bpp, blen, ent->authname);
304         qword_add(bpp, blen, ent->type == IDMAP_TYPE_GROUP ? "group" : "user");
305         qword_add(bpp, blen, ent->name);
306 
307         (*bpp)[-1] = '\n';
308 }
309 
310 static int
311 nametoid_match(struct cache_head *ca, struct cache_head *cb)
312 {
313         struct ent *a = container_of(ca, struct ent, h);
314         struct ent *b = container_of(cb, struct ent, h);
315 
316         return (a->type == b->type && strcmp(a->name, b->name) == 0 &&
317             strcmp(a->authname, b->authname) == 0);
318 }
319 
320 static int
321 nametoid_show(struct seq_file *m, struct cache_detail *cd, struct cache_head *h)
322 {
323         struct ent *ent;
324 
325         if (h == NULL) {
326                 seq_puts(m, "#domain type name [id]\n");
327                 return 0;
328         }
329         ent = container_of(h, struct ent, h);
330         seq_printf(m, "%s %s %s", ent->authname,
331                         ent->type == IDMAP_TYPE_GROUP ? "group" : "user",
332                         ent->name);
333         if (test_bit(CACHE_VALID, &h->flags))
334                 seq_printf(m, " %u", ent->id);
335         seq_printf(m, "\n");
336         return 0;
337 }
338 
339 static struct ent *nametoid_lookup(struct cache_detail *, struct ent *);
340 static struct ent *nametoid_update(struct cache_detail *, struct ent *,
341                                    struct ent *);
342 static int         nametoid_parse(struct cache_detail *, char *, int);
343 
344 static const struct cache_detail nametoid_cache_template = {
345         .owner          = THIS_MODULE,
346         .hash_size      = ENT_HASHMAX,
347         .name           = "nfs4.nametoid",
348         .cache_put      = ent_put,
349         .cache_request  = nametoid_request,
350         .cache_parse    = nametoid_parse,
351         .cache_show     = nametoid_show,
352         .warn_no_listener = warn_no_idmapd,
353         .match          = nametoid_match,
354         .init           = ent_init,
355         .update         = ent_init,
356         .alloc          = ent_alloc,
357 };
358 
359 static int
360 nametoid_parse(struct cache_detail *cd, char *buf, int buflen)
361 {
362         struct ent ent, *res;
363         char *buf1;
364         int len, error = -EINVAL;
365 
366         if (buf[buflen - 1] != '\n')
367                 return (-EINVAL);
368         buf[buflen - 1]= '\0';
369 
370         buf1 = kmalloc(PAGE_SIZE, GFP_KERNEL);
371         if (buf1 == NULL)
372                 return (-ENOMEM);
373 
374         memset(&ent, 0, sizeof(ent));
375 
376         /* Authentication name */
377         len = qword_get(&buf, buf1, PAGE_SIZE);
378         if (len <= 0 || len >= IDMAP_NAMESZ)
379                 goto out;
380         memcpy(ent.authname, buf1, sizeof(ent.authname));
381 
382         /* Type */
383         if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
384                 goto out;
385         ent.type = strcmp(buf1, "user") == 0 ?
386                 IDMAP_TYPE_USER : IDMAP_TYPE_GROUP;
387 
388         /* Name */
389         len = qword_get(&buf, buf1, PAGE_SIZE);
390         if (len <= 0 || len >= IDMAP_NAMESZ)
391                 goto out;
392         memcpy(ent.name, buf1, sizeof(ent.name));
393 
394         /* expiry */
395         ent.h.expiry_time = get_expiry(&buf);
396         if (ent.h.expiry_time == 0)
397                 goto out;
398 
399         /* ID */
400         error = get_int(&buf, &ent.id);
401         if (error == -EINVAL)
402                 goto out;
403         if (error == -ENOENT)
404                 set_bit(CACHE_NEGATIVE, &ent.h.flags);
405 
406         error = -ENOMEM;
407         res = nametoid_lookup(cd, &ent);
408         if (res == NULL)
409                 goto out;
410         res = nametoid_update(cd, &ent, res);
411         if (res == NULL)
412                 goto out;
413 
414         cache_put(&res->h, cd);
415         error = 0;
416 out:
417         kfree(buf1);
418         return (error);
419 }
420 
421 
422 static struct ent *
423 nametoid_lookup(struct cache_detail *cd, struct ent *item)
424 {
425         struct cache_head *ch = sunrpc_cache_lookup(cd, &item->h,
426                                                     nametoid_hash(item));
427         if (ch)
428                 return container_of(ch, struct ent, h);
429         else
430                 return NULL;
431 }
432 
433 static struct ent *
434 nametoid_update(struct cache_detail *cd, struct ent *new, struct ent *old)
435 {
436         struct cache_head *ch = sunrpc_cache_update(cd, &new->h, &old->h,
437                                                     nametoid_hash(new));
438         if (ch)
439                 return container_of(ch, struct ent, h);
440         else
441                 return NULL;
442 }
443 
444 /*
445  * Exported API
446  */
447 
448 int
449 nfsd_idmap_init(struct net *net)
450 {
451         int rv;
452         struct nfsd_net *nn = net_generic(net, nfsd_net_id);
453 
454         nn->idtoname_cache = cache_create_net(&idtoname_cache_template, net);
455         if (IS_ERR(nn->idtoname_cache))
456                 return PTR_ERR(nn->idtoname_cache);
457         rv = cache_register_net(nn->idtoname_cache, net);
458         if (rv)
459                 goto destroy_idtoname_cache;
460         nn->nametoid_cache = cache_create_net(&nametoid_cache_template, net);
461         if (IS_ERR(nn->nametoid_cache)) {
462                 rv = PTR_ERR(nn->nametoid_cache);
463                 goto unregister_idtoname_cache;
464         }
465         rv = cache_register_net(nn->nametoid_cache, net);
466         if (rv)
467                 goto destroy_nametoid_cache;
468         return 0;
469 
470 destroy_nametoid_cache:
471         cache_destroy_net(nn->nametoid_cache, net);
472 unregister_idtoname_cache:
473         cache_unregister_net(nn->idtoname_cache, net);
474 destroy_idtoname_cache:
475         cache_destroy_net(nn->idtoname_cache, net);
476         return rv;
477 }
478 
479 void
480 nfsd_idmap_shutdown(struct net *net)
481 {
482         struct nfsd_net *nn = net_generic(net, nfsd_net_id);
483 
484         cache_unregister_net(nn->idtoname_cache, net);
485         cache_unregister_net(nn->nametoid_cache, net);
486         cache_destroy_net(nn->idtoname_cache, net);
487         cache_destroy_net(nn->nametoid_cache, net);
488 }
489 
490 static int
491 idmap_lookup(struct svc_rqst *rqstp,
492                 struct ent *(*lookup_fn)(struct cache_detail *, struct ent *),
493                 struct ent *key, struct cache_detail *detail, struct ent **item)
494 {
495         int ret;
496 
497         *item = lookup_fn(detail, key);
498         if (!*item)
499                 return -ENOMEM;
500  retry:
501         ret = cache_check(detail, &(*item)->h, &rqstp->rq_chandle);
502 
503         if (ret == -ETIMEDOUT) {
504                 struct ent *prev_item = *item;
505                 *item = lookup_fn(detail, key);
506                 if (*item != prev_item)
507                         goto retry;
508                 cache_put(&(*item)->h, detail);
509         }
510         return ret;
511 }
512 
513 static char *
514 rqst_authname(struct svc_rqst *rqstp)
515 {
516         struct auth_domain *clp;
517 
518         clp = rqstp->rq_gssclient ? rqstp->rq_gssclient : rqstp->rq_client;
519         return clp->name;
520 }
521 
522 static __be32
523 idmap_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen,
524                 u32 *id)
525 {
526         struct ent *item, key = {
527                 .type = type,
528         };
529         int ret;
530         struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
531 
532         if (namelen + 1 > sizeof(key.name))
533                 return nfserr_badowner;
534         memcpy(key.name, name, namelen);
535         key.name[namelen] = '\0';
536         strlcpy(key.authname, rqst_authname(rqstp), sizeof(key.authname));
537         ret = idmap_lookup(rqstp, nametoid_lookup, &key, nn->nametoid_cache, &item);
538         if (ret == -ENOENT)
539                 return nfserr_badowner;
540         if (ret)
541                 return nfserrno(ret);
542         *id = item->id;
543         cache_put(&item->h, nn->nametoid_cache);
544         return 0;
545 }
546 
547 static __be32 encode_ascii_id(struct xdr_stream *xdr, u32 id)
548 {
549         char buf[11];
550         int len;
551         __be32 *p;
552 
553         len = sprintf(buf, "%u", id);
554         p = xdr_reserve_space(xdr, len + 4);
555         if (!p)
556                 return nfserr_resource;
557         p = xdr_encode_opaque(p, buf, len);
558         return 0;
559 }
560 
561 static __be32 idmap_id_to_name(struct xdr_stream *xdr,
562                                struct svc_rqst *rqstp, int type, u32 id)
563 {
564         struct ent *item, key = {
565                 .id = id,
566                 .type = type,
567         };
568         __be32 *p;
569         int ret;
570         struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
571 
572         strlcpy(key.authname, rqst_authname(rqstp), sizeof(key.authname));
573         ret = idmap_lookup(rqstp, idtoname_lookup, &key, nn->idtoname_cache, &item);
574         if (ret == -ENOENT)
575                 return encode_ascii_id(xdr, id);
576         if (ret)
577                 return nfserrno(ret);
578         ret = strlen(item->name);
579         WARN_ON_ONCE(ret > IDMAP_NAMESZ);
580         p = xdr_reserve_space(xdr, ret + 4);
581         if (!p)
582                 return nfserr_resource;
583         p = xdr_encode_opaque(p, item->name, ret);
584         cache_put(&item->h, nn->idtoname_cache);
585         return 0;
586 }
587 
588 static bool
589 numeric_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, u32 *id)
590 {
591         int ret;
592         char buf[11];
593 
594         if (namelen + 1 > sizeof(buf))
595                 /* too long to represent a 32-bit id: */
596                 return false;
597         /* Just to make sure it's null-terminated: */
598         memcpy(buf, name, namelen);
599         buf[namelen] = '\0';
600         ret = kstrtouint(buf, 10, id);
601         return ret == 0;
602 }
603 
604 static __be32
605 do_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, u32 *id)
606 {
607         if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
608                 if (numeric_name_to_id(rqstp, type, name, namelen, id))
609                         return 0;
610                 /*
611                  * otherwise, fall through and try idmapping, for
612                  * backwards compatibility with clients sending names:
613                  */
614         return idmap_name_to_id(rqstp, type, name, namelen, id);
615 }
616 
617 static __be32 encode_name_from_id(struct xdr_stream *xdr,
618                                   struct svc_rqst *rqstp, int type, u32 id)
619 {
620         if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
621                 return encode_ascii_id(xdr, id);
622         return idmap_id_to_name(xdr, rqstp, type, id);
623 }
624 
625 __be32
626 nfsd_map_name_to_uid(struct svc_rqst *rqstp, const char *name, size_t namelen,
627                 kuid_t *uid)
628 {
629         __be32 status;
630         u32 id = -1;
631 
632         if (name == NULL || namelen == 0)
633                 return nfserr_inval;
634 
635         status = do_name_to_id(rqstp, IDMAP_TYPE_USER, name, namelen, &id);
636         *uid = make_kuid(&init_user_ns, id);
637         if (!uid_valid(*uid))
638                 status = nfserr_badowner;
639         return status;
640 }
641 
642 __be32
643 nfsd_map_name_to_gid(struct svc_rqst *rqstp, const char *name, size_t namelen,
644                 kgid_t *gid)
645 {
646         __be32 status;
647         u32 id = -1;
648 
649         if (name == NULL || namelen == 0)
650                 return nfserr_inval;
651 
652         status = do_name_to_id(rqstp, IDMAP_TYPE_GROUP, name, namelen, &id);
653         *gid = make_kgid(&init_user_ns, id);
654         if (!gid_valid(*gid))
655                 status = nfserr_badowner;
656         return status;
657 }
658 
659 __be32 nfsd4_encode_user(struct xdr_stream *xdr, struct svc_rqst *rqstp,
660                          kuid_t uid)
661 {
662         u32 id = from_kuid(&init_user_ns, uid);
663         return encode_name_from_id(xdr, rqstp, IDMAP_TYPE_USER, id);
664 }
665 
666 __be32 nfsd4_encode_group(struct xdr_stream *xdr, struct svc_rqst *rqstp,
667                           kgid_t gid)
668 {
669         u32 id = from_kgid(&init_user_ns, gid);
670         return encode_name_from_id(xdr, rqstp, IDMAP_TYPE_GROUP, id);
671 }
672 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp