提交 82ab8ded 编写于 作者: D David Howells 提交者: James Morris

CRED: Wrap task credential accesses in the XFS filesystem

Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.

Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().

Change some task->e?[ug]id to task_e?[ug]id().  In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.
Signed-off-by: NDavid Howells <dhowells@redhat.com>
Reviewed-by: NJames Morris <jmorris@namei.org>
Acked-by: NSerge Hallyn <serue@us.ibm.com>
Cc: xfs@oss.sgi.com
Signed-off-by: NJames Morris <jmorris@namei.org>
上级 a5f773a6
...@@ -24,7 +24,7 @@ ...@@ -24,7 +24,7 @@
* Credentials * Credentials
*/ */
typedef struct cred { typedef struct cred {
/* EMPTY */ /* EMPTY */
} cred_t; } cred_t;
extern struct cred *sys_cred; extern struct cred *sys_cred;
......
...@@ -1007,7 +1007,7 @@ xfs_ioctl_setattr( ...@@ -1007,7 +1007,7 @@ xfs_ioctl_setattr(
* to the file owner ID, except in cases where the * to the file owner ID, except in cases where the
* CAP_FSETID capability is applicable. * CAP_FSETID capability is applicable.
*/ */
if (current->fsuid != ip->i_d.di_uid && !capable(CAP_FOWNER)) { if (current_fsuid() != ip->i_d.di_uid && !capable(CAP_FOWNER)) {
code = XFS_ERROR(EPERM); code = XFS_ERROR(EPERM);
goto error_return; goto error_return;
} }
......
...@@ -366,7 +366,7 @@ xfs_acl_allow_set( ...@@ -366,7 +366,7 @@ xfs_acl_allow_set(
return ENOTDIR; return ENOTDIR;
if (vp->i_sb->s_flags & MS_RDONLY) if (vp->i_sb->s_flags & MS_RDONLY)
return EROFS; return EROFS;
if (XFS_I(vp)->i_d.di_uid != current->fsuid && !capable(CAP_FOWNER)) if (XFS_I(vp)->i_d.di_uid != current_fsuid() && !capable(CAP_FOWNER))
return EPERM; return EPERM;
return 0; return 0;
} }
...@@ -413,13 +413,13 @@ xfs_acl_access( ...@@ -413,13 +413,13 @@ xfs_acl_access(
switch (fap->acl_entry[i].ae_tag) { switch (fap->acl_entry[i].ae_tag) {
case ACL_USER_OBJ: case ACL_USER_OBJ:
seen_userobj = 1; seen_userobj = 1;
if (fuid != current->fsuid) if (fuid != current_fsuid())
continue; continue;
matched.ae_tag = ACL_USER_OBJ; matched.ae_tag = ACL_USER_OBJ;
matched.ae_perm = allows; matched.ae_perm = allows;
break; break;
case ACL_USER: case ACL_USER:
if (fap->acl_entry[i].ae_id != current->fsuid) if (fap->acl_entry[i].ae_id != current_fsuid())
continue; continue;
matched.ae_tag = ACL_USER; matched.ae_tag = ACL_USER;
matched.ae_perm = allows; matched.ae_perm = allows;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册