summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/spl-build.m446
-rw-r--r--include/sys/cred.h59
-rw-r--r--module/spl/spl-cred.c94
3 files changed, 24 insertions, 175 deletions
diff --git a/config/spl-build.m4 b/config/spl-build.m4
index 1eda1772a..91318efc3 100644
--- a/config/spl-build.m4
+++ b/config/spl-build.m4
@@ -35,9 +35,7 @@ AC_DEFUN([SPL_AC_CONFIG_KERNEL], [
SPL_AC_2ARGS_VFS_FSYNC
SPL_AC_INODE_TRUNCATE_RANGE
SPL_AC_FS_STRUCT_SPINLOCK
- SPL_AC_CRED_STRUCT
SPL_AC_KUIDGID_T
- SPL_AC_GROUPS_SEARCH
SPL_AC_PUT_TASK_STRUCT
SPL_AC_5ARGS_PROC_HANDLER
SPL_AC_KVASPRINTF
@@ -1136,26 +1134,6 @@ AC_DEFUN([SPL_AC_FS_STRUCT_SPINLOCK], [
])
dnl #
-dnl # 2.6.29 API change,
-dnl # check whether 'struct cred' exists
-dnl #
-AC_DEFUN([SPL_AC_CRED_STRUCT], [
- AC_MSG_CHECKING([whether struct cred exists])
- SPL_LINUX_TRY_COMPILE([
- #include <linux/cred.h>
- ],[
- struct cred *cr __attribute__ ((unused));
- cr = NULL;
- ],[
- AC_MSG_RESULT(yes)
- AC_DEFINE(HAVE_CRED_STRUCT, 1, [struct cred exists])
- ],[
- AC_MSG_RESULT(no)
- ])
-])
-
-
-dnl #
dnl # User namespaces, use kuid_t in place of uid_t
dnl # where available. Not strictly a user namespaces thing
dnl # but it should prevent surprises
@@ -1185,30 +1163,6 @@ AC_DEFUN([SPL_AC_KUIDGID_T], [
])
dnl #
-dnl # Custom SPL patch may export this symbol.
-dnl #
-AC_DEFUN([SPL_AC_GROUPS_SEARCH],
- [AC_MSG_CHECKING([whether groups_search() is available])
- SPL_LINUX_TRY_COMPILE_SYMBOL([
- #include <linux/cred.h>
- #ifdef HAVE_KUIDGID_T
- #include <linux/uidgid.h>
- #endif
- ], [
- #ifdef HAVE_KUIDGID_T
- groups_search(NULL, KGIDT_INIT(0));
- #else
- groups_search(NULL, 0);
- #endif
- ], [groups_search], [], [
- AC_MSG_RESULT(yes)
- AC_DEFINE(HAVE_GROUPS_SEARCH, 1, [groups_search() is available])
- ], [
- AC_MSG_RESULT(no)
- ])
-])
-
-dnl #
dnl # 2.6.x API change,
dnl # __put_task_struct() was exported in RHEL5 but unavailable elsewhere.
dnl #
diff --git a/include/sys/cred.h b/include/sys/cred.h
index 3ba5c141b..4f62b00fd 100644
--- a/include/sys/cred.h
+++ b/include/sys/cred.h
@@ -29,49 +29,38 @@
#include <sys/types.h>
#include <sys/vfs.h>
-#ifdef HAVE_CRED_STRUCT
-
typedef struct cred cred_t;
-#define kcred ((cred_t *)(init_task.cred))
-#define CRED() ((cred_t *)current_cred())
-
-#else
-
-typedef struct task_struct cred_t;
-
-#define kcred ((cred_t *)&init_task)
-#define CRED() ((cred_t *)current)
-
-#endif /* HAVE_CRED_STRUCT */
+#define kcred ((cred_t *)(init_task.cred))
+#define CRED() ((cred_t *)current_cred())
#ifdef HAVE_KUIDGID_T
- /*
- * Linux 3.8+ uses typedefs to redefine uid_t and gid_t. We have to rename the
- * typedefs to recover the original types. We then can use them provided that
- * we are careful about translating from k{g,u}id_t to the original versions
- * and vice versa.
- */
- #define uid_t xuid_t
- #define gid_t xgid_t
- #include <linux/uidgid.h>
- #undef uid_t
- #undef gid_t
-
- #define KUID_TO_SUID(x) (__kuid_val(x))
- #define KGID_TO_SGID(x) (__kgid_val(x))
- #define SUID_TO_KUID(x) (KUIDT_INIT(x))
- #define SGID_TO_KGID(x) (KGIDT_INIT(x))
- #define KGIDP_TO_SGIDP(x) (&(x)->val)
+/*
+ * Linux 3.8+ uses typedefs to redefine uid_t and gid_t. We have to rename the
+ * typedefs to recover the original types. We then can use them provided that
+ * we are careful about translating from k{g,u}id_t to the original versions
+ * and vice versa.
+ */
+#define uid_t xuid_t
+#define gid_t xgid_t
+#include <linux/uidgid.h>
+#undef uid_t
+#undef gid_t
+
+#define KUID_TO_SUID(x) (__kuid_val(x))
+#define KGID_TO_SGID(x) (__kgid_val(x))
+#define SUID_TO_KUID(x) (KUIDT_INIT(x))
+#define SGID_TO_KGID(x) (KGIDT_INIT(x))
+#define KGIDP_TO_SGIDP(x) (&(x)->val)
#else /* HAVE_KUIDGID_T */
- #define KUID_TO_SUID(x) (x)
- #define KGID_TO_SGID(x) (x)
- #define SUID_TO_KUID(x) (x)
- #define SGID_TO_KGID(x) (x)
- #define KGIDP_TO_SGIDP(x) (x)
+#define KUID_TO_SUID(x) (x)
+#define KGID_TO_SGID(x) (x)
+#define SUID_TO_KUID(x) (x)
+#define SGID_TO_KGID(x) (x)
+#define KGIDP_TO_SGIDP(x) (x)
#endif /* HAVE_KUIDGID_T */
diff --git a/module/spl/spl-cred.c b/module/spl/spl-cred.c
index 602bd74e8..a03f459e0 100644
--- a/module/spl/spl-cred.c
+++ b/module/spl/spl-cred.c
@@ -32,11 +32,6 @@
#define DEBUG_SUBSYSTEM S_CRED
-#ifdef HAVE_GROUPS_SEARCH
-/* Symbol may be exported by custom kernel patch */
-#define cr_groups_search(gi, grp) groups_search(gi, grp)
-#else
-/* Implementation from 2.6.30 kernel */
static int
#ifdef HAVE_KUIDGID_T
cr_groups_search(const struct group_info *group_info, kgid_t grp)
@@ -66,14 +61,6 @@ cr_groups_search(const struct group_info *group_info, gid_t grp)
}
return 0;
}
-#endif
-
-#ifdef HAVE_CRED_STRUCT
-
-/*
- * As of 2.6.29 a clean credential API appears in the linux kernel.
- * We attempt to layer the Solaris API on top of the linux API.
- */
/* Hold a reference on the credential and group info */
void
@@ -137,87 +124,6 @@ groupmember(gid_t gid, const cred_t *cr)
return rc;
}
-#else /* HAVE_CRED_STRUCT */
-
-/*
- * Until very recently all credential information was embedded in
- * the linux task struct. For this reason to simulate a Solaris
- * cred_t we need to pass the entire task structure around.
- */
-
-/* Hold a reference on the credential and group info */
-void crhold(cred_t *cr) { }
-
-/* Free a reference on the credential and group info */
-void crfree(cred_t *cr) { }
-
-/* Return the number of supplemental groups */
-int
-crgetngroups(const cred_t *cr)
-{
- int lock, rc;
-
- lock = (cr != current);
- if (lock)
- task_lock((struct task_struct *)cr);
-
- get_group_info(cr->group_info);
- rc = cr->group_info->ngroups;
- put_group_info(cr->group_info);
-
- if (lock)
- task_unlock((struct task_struct *)cr);
-
- return rc;
-}
-
-/*
- * Return an array of supplemental gids. The returned address is safe
- * to use as long as the caller has taken a reference with crhold().
- * The caller is responsible for releasing the reference with crfree().
- */
-gid_t *
-crgetgroups(const cred_t *cr)
-{
- gid_t *gids;
- int lock;
-
- lock = (cr != current);
- if (lock)
- task_lock((struct task_struct *)cr);
-
- get_group_info(cr->group_info);
- gids = KGID_TO_SGID(cr->group_info->blocks[0]);
- put_group_info(cr->group_info);
-
- if (lock)
- task_unlock((struct task_struct *)cr);
-
- return gids;
-}
-
-/* Check if the passed gid is available is in supplied credential. */
-int
-groupmember(gid_t gid, const cred_t *cr)
-{
- int lock, rc;
-
- lock = (cr != current);
- if (lock)
- task_lock((struct task_struct *)cr);
-
- get_group_info(cr->group_info);
- rc = cr_groups_search(cr->group_info, gid);
- put_group_info(cr->group_info);
-
- if (lock)
- task_unlock((struct task_struct *)cr);
-
- return rc;
-}
-
-#endif /* HAVE_CRED_STRUCT */
-
/* Return the effective user id */
uid_t
crgetuid(const cred_t *cr)