diff options
| author | Ryan Moeller <[email protected]> | 2022-03-18 08:47:57 -0400 |
|---|---|---|
| committer | GitHub <[email protected]> | 2022-03-18 06:47:57 -0600 |
| commit | d42979c6ef1ec10b041c3394d969643f8862f7c3 (patch) | |
| tree | 3b3614a9635ab5f8f3017afefdc8d36e28f44558 /include | |
| parent | a5920d24c04b64a96b4bd6be43a591a29f278b16 (diff) | |
Fix ACL checks for NFS kernel server
This PR changes ZFS ACL checks to evaluate
fsuid / fsgid rather than euid / egid to avoid
accidentally granting elevated permissions to
NFS clients.
Reviewed-by: Serapheim Dimitropoulos <[email protected]>
Reviewed-by: Brian Behlendorf <[email protected]>
Co-authored-by: Andrew Walker <[email protected]>
Signed-off-by: Ryan Moeller <[email protected]>
Closes #13221
Diffstat (limited to 'include')
| -rw-r--r-- | include/os/freebsd/spl/sys/Makefile.am | 1 | ||||
| -rw-r--r-- | include/os/freebsd/spl/sys/cred.h | 136 | ||||
| -rw-r--r-- | include/os/freebsd/spl/sys/kidmap.h | 41 | ||||
| -rw-r--r-- | include/os/freebsd/spl/sys/sid.h | 25 | ||||
| -rw-r--r-- | include/os/linux/spl/sys/cred.h | 5 |
5 files changed, 9 insertions, 199 deletions
diff --git a/include/os/freebsd/spl/sys/Makefile.am b/include/os/freebsd/spl/sys/Makefile.am index 816f73354..7d5081a4c 100644 --- a/include/os/freebsd/spl/sys/Makefile.am +++ b/include/os/freebsd/spl/sys/Makefile.am @@ -22,7 +22,6 @@ KERNEL_H = \ inttypes.h \ isa_defs.h \ kmem_cache.h \ - kidmap.h \ kmem.h \ kstat.h \ list_impl.h \ diff --git a/include/os/freebsd/spl/sys/cred.h b/include/os/freebsd/spl/sys/cred.h index 86f79011d..db986af57 100644 --- a/include/os/freebsd/spl/sys/cred.h +++ b/include/os/freebsd/spl/sys/cred.h @@ -48,138 +48,20 @@ extern "C" { typedef struct ucred cred_t; #define CRED() curthread->td_ucred -#define kcred (thread0.td_ucred) - -#define KUID_TO_SUID(x) (x) -#define KGID_TO_SGID(x) (x) -#define crgetuid(cred) ((cred)->cr_uid) -#define crgetruid(cred) ((cred)->cr_ruid) -#define crgetgid(cred) ((cred)->cr_gid) -#define crgetgroups(cred) ((cred)->cr_groups) -#define crgetngroups(cred) ((cred)->cr_ngroups) -#define crgetsid(cred, i) (NULL) -struct proc; /* cred.h is included in proc.h */ -struct prcred; -struct ksid; -struct ksidlist; -struct credklpd; -struct credgrp; - -struct auditinfo_addr; /* cred.h is included in audit.h */ - -extern int ngroups_max; /* * kcred is used when you need all privileges. */ +#define kcred (thread0.td_ucred) -extern void cred_init(void); -extern void crfree(cred_t *); -extern cred_t *cralloc(void); /* all but ref uninitialized */ -extern cred_t *cralloc_ksid(void); /* cralloc() + ksid alloc'ed */ -extern cred_t *crget(void); /* initialized */ -extern void crcopy_to(cred_t *, cred_t *); -extern cred_t *crdup(cred_t *); -extern void crdup_to(cred_t *, cred_t *); -extern cred_t *crgetcred(void); -extern void crset(struct proc *, cred_t *); -extern void crset_zone_privall(cred_t *); -extern int supgroupmember(gid_t, const cred_t *); -extern int hasprocperm(const cred_t *, const cred_t *); -extern int prochasprocperm(struct proc *, struct proc *, const cred_t *); -extern int crcmp(const cred_t *, const cred_t *); -extern cred_t *zone_kcred(void); - -extern gid_t crgetrgid(const cred_t *); -extern gid_t crgetsgid(const cred_t *); - -#define crgetzoneid(cr) ((cr)->cr_prison->pr_id) -extern projid_t crgetprojid(const cred_t *); - -extern cred_t *crgetmapped(const cred_t *); - - -extern const struct auditinfo_addr *crgetauinfo(const cred_t *); -extern struct auditinfo_addr *crgetauinfo_modifiable(cred_t *); - -extern uint_t crgetref(const cred_t *); - -extern const gid_t *crgetggroups(const struct credgrp *); - - -/* - * Sets real, effective and/or saved uid/gid; - * -1 argument accepted as "no change". - */ -extern int crsetresuid(cred_t *, uid_t, uid_t, uid_t); -extern int crsetresgid(cred_t *, gid_t, gid_t, gid_t); - -/* - * Sets real, effective and saved uids/gids all to the same - * values. Both values must be non-negative and <= MAXUID - */ -extern int crsetugid(cred_t *, uid_t, gid_t); - -/* - * Functions to handle the supplemental group list. - */ -extern struct credgrp *crgrpcopyin(int, gid_t *); -extern void crgrprele(struct credgrp *); -extern void crsetcredgrp(cred_t *, struct credgrp *); - -/* - * Private interface for setting zone association of credential. - */ -struct zone; -extern void crsetzone(cred_t *, struct zone *); -extern struct zone *crgetzone(const cred_t *); - -/* - * Private interface for setting project id in credential. - */ -extern void crsetprojid(cred_t *, projid_t); - -/* - * Private interface for nfs. - */ -extern cred_t *crnetadjust(cred_t *); - -/* - * Private interface for procfs. - */ -extern void cred2prcred(const cred_t *, struct prcred *); - -/* - * Private interfaces for Rampart Trusted Solaris. - */ -struct ts_label_s; -extern struct ts_label_s *crgetlabel(const cred_t *); -extern boolean_t crisremote(const cred_t *); - -/* - * Private interfaces for ephemeral uids. - */ -#define VALID_UID(id, zn) \ - ((id) <= MAXUID || valid_ephemeral_uid((zn), (id))) - -#define VALID_GID(id, zn) \ - ((id) <= MAXUID || valid_ephemeral_gid((zn), (id))) - -extern boolean_t valid_ephemeral_uid(struct zone *, uid_t); -extern boolean_t valid_ephemeral_gid(struct zone *, gid_t); - -extern int eph_uid_alloc(struct zone *, int, uid_t *, int); -extern int eph_gid_alloc(struct zone *, int, gid_t *, int); - -extern void crsetsid(cred_t *, struct ksid *, int); -extern void crsetsidlist(cred_t *, struct ksidlist *); - -extern struct ksidlist *crgetsidlist(const cred_t *); - -extern int crsetpriv(cred_t *, ...); - -extern struct credklpd *crgetcrklpd(const cred_t *); -extern void crsetcrklpd(cred_t *, struct credklpd *); +#define KUID_TO_SUID(x) (x) +#define KGID_TO_SGID(x) (x) +#define crgetuid(cr) ((cr)->cr_uid) +#define crgetruid(cr) ((cr)->cr_ruid) +#define crgetgid(cr) ((cr)->cr_gid) +#define crgetgroups(cr) ((cr)->cr_groups) +#define crgetngroups(cr) ((cr)->cr_ngroups) +#define crgetzoneid(cr) ((cr)->cr_prison->pr_id) #ifdef __cplusplus } diff --git a/include/os/freebsd/spl/sys/kidmap.h b/include/os/freebsd/spl/sys/kidmap.h deleted file mode 100644 index dc0cf5988..000000000 --- a/include/os/freebsd/spl/sys/kidmap.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2007 Pawel Jakub Dawidek <[email protected]> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _OPENSOLARIS_SYS_KIDMAP_H_ -#define _OPENSOLARIS_SYS_KIDMAP_H_ - -#include <sys/idmap.h> - -typedef int32_t idmap_stat; -typedef void idmap_get_handle_t; - -#define kidmap_get_create() (NULL) -#define kidmap_get_destroy(hdl) do { } while (0) -#define kidmap_get_mappings(hdl) (NULL) - -#endif /* _OPENSOLARIS_SYS_KIDMAP_H_ */ diff --git a/include/os/freebsd/spl/sys/sid.h b/include/os/freebsd/spl/sys/sid.h index d3fab8b24..f249d05d5 100644 --- a/include/os/freebsd/spl/sys/sid.h +++ b/include/os/freebsd/spl/sys/sid.h @@ -29,7 +29,6 @@ #ifndef _OPENSOLARIS_SYS_SID_H_ #define _OPENSOLARIS_SYS_SID_H_ #include <sys/idmap.h> -#include <sys/kidmap.h> typedef struct ksiddomain { char *kd_name; /* Domain part of SID */ @@ -59,28 +58,4 @@ ksiddomain_rele(ksiddomain_t *kd) kmem_free(kd, sizeof (*kd)); } -static __inline uint_t -ksid_getid(ksid_t *ks) -{ - - panic("%s has been unexpectedly called", __func__); -} - -static __inline const char * -ksid_getdomain(ksid_t *ks) -{ - - panic("%s has been unexpectedly called", __func__); -} - -static __inline uint_t -ksid_getrid(ksid_t *ks) -{ - - panic("%s has been unexpectedly called", __func__); -} - -#define kidmap_getsidbyuid(zone, uid, sid_prefix, rid) (1) -#define kidmap_getsidbygid(zone, gid, sid_prefix, rid) (1) - #endif /* _OPENSOLARIS_SYS_SID_H_ */ diff --git a/include/os/linux/spl/sys/cred.h b/include/os/linux/spl/sys/cred.h index 9cc85deb5..b7d3f38d7 100644 --- a/include/os/linux/spl/sys/cred.h +++ b/include/os/linux/spl/sys/cred.h @@ -49,12 +49,7 @@ extern void crhold(cred_t *cr); extern void crfree(cred_t *cr); extern uid_t crgetuid(const cred_t *cr); extern uid_t crgetruid(const cred_t *cr); -extern uid_t crgetsuid(const cred_t *cr); -extern uid_t crgetfsuid(const cred_t *cr); extern gid_t crgetgid(const cred_t *cr); -extern gid_t crgetrgid(const cred_t *cr); -extern gid_t crgetsgid(const cred_t *cr); -extern gid_t crgetfsgid(const cred_t *cr); extern int crgetngroups(const cred_t *cr); extern gid_t *crgetgroups(const cred_t *cr); extern int groupmember(gid_t gid, const cred_t *cr); |