Skip to content

Commit

Permalink
Test commit for KUID_TO_SUID translation
Browse files Browse the repository at this point in the history
  • Loading branch information
Nikolay Borisov committed Jul 4, 2016
1 parent 2b2f377 commit 130bf17
Show file tree
Hide file tree
Showing 6 changed files with 36 additions and 33 deletions.
25 changes: 13 additions & 12 deletions module/zfs/zfs_acl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1167,8 +1167,8 @@ zfs_acl_chown_setattr(znode_t *zp)
error = zfs_acl_node_read(zp, B_TRUE, &aclp, B_FALSE);
if (error == 0 && aclp->z_acl_count > 0)
zp->z_mode = zfs_mode_compute(zp->z_mode, aclp,
&zp->z_pflags, zfs_uid_read(ZTOI(zp)),
zfs_gid_read(ZTOI(zp)));
&zp->z_pflags, KUID_TO_SUID(ZTOI(zp)->i_uid),
KGID_TO_SGID(ZTOI(zp)->i_gid));

/*
* Some ZFS implementations (ZEVO) create neither a ZNODE_ACL
Expand Down Expand Up @@ -1780,7 +1780,7 @@ zfs_acl_ids_create(znode_t *dzp, int flag, vattr_t *vap, cred_t *cr,
(uint64_t)vap->va_gid,
cr, ZFS_GROUP, &acl_ids->z_fuidp);
gid = vap->va_gid;
if (acl_ids->z_fgid != zfs_gid_read(ZTOI(dzp)) &&
if (acl_ids->z_fgid != KGID_TO_SGID(ZTOI(dzp)->i_gid) &&
!groupmember(vap->va_gid, cr) &&
secpolicy_vnode_create_gid(cr) != 0)
acl_ids->z_fgid = 0;
Expand All @@ -1790,7 +1790,8 @@ zfs_acl_ids_create(znode_t *dzp, int flag, vattr_t *vap, cred_t *cr,
char *domain;
uint32_t rid;

acl_ids->z_fgid = zfs_gid_read(ZTOI(dzp));
acl_ids->z_fgid = KGID_TO_SGID(
ZTOI(dzp)->i_gid);
gid = zfs_fuid_map_id(zsb, acl_ids->z_fgid,
cr, ZFS_GROUP);

Expand Down Expand Up @@ -2342,8 +2343,8 @@ zfs_has_access(znode_t *zp, cred_t *cr)
if (zfs_zaccess_aces_check(zp, &have, B_TRUE, cr) != 0) {
uid_t owner;

owner = zfs_fuid_map_id(ZTOZSB(zp), zfs_uid_read(ZTOI(zp)),
cr, ZFS_OWNER);
owner = zfs_fuid_map_id(ZTOZSB(zp),
KUID_TO_SUID(ZTOI(zp)->i_uid), cr, ZFS_OWNER);
return (secpolicy_vnode_any_access(cr, ZTOI(zp), owner) == 0);
}
return (B_TRUE);
Expand Down Expand Up @@ -2421,13 +2422,13 @@ zfs_fastaccesschk_execute(znode_t *zdp, cred_t *cr)
return (0);
}

if (zfs_uid_read(ZTOI(zdp)) != 0 ||
zfs_gid_read(ZTOI(zdp)) != 0) {
if (KUID_TO_SUID(ZTOI(zdp)->i_uid) != 0 ||
KGID_TO_SGID(ZTOI(zdp)->i_gid) != 0) {
mutex_exit(&zdp->z_acl_lock);
goto slow;
}

if (uid == zfs_uid_read(ZTOI(zdp))) {
if (uid == KUID_TO_SUID(ZTOI(zdp)->i_uid)) {
owner = B_TRUE;
if (zdp->z_mode & S_IXUSR) {
mutex_exit(&zdp->z_acl_lock);
Expand All @@ -2437,7 +2438,7 @@ zfs_fastaccesschk_execute(znode_t *zdp, cred_t *cr)
goto slow;
}
}
if (groupmember(zfs_gid_read(ZTOI(zdp)), cr)) {
if (groupmember(KGID_TO_SGID(ZTOI(zdp)->i_gid), cr)) {
groupmbr = B_TRUE;
if (zdp->z_mode & S_IXGRP) {
mutex_exit(&zdp->z_acl_lock);
Expand Down Expand Up @@ -2537,7 +2538,7 @@ zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr)
}
}

owner = zfs_fuid_map_id(ZTOZSB(zp), zfs_uid_read(ZTOI(zp)),
owner = zfs_fuid_map_id(ZTOZSB(zp), KUID_TO_SUID(ZTOI(zp)->i_uid),
cr, ZFS_OWNER);
/*
* Map the bits required to the standard inode flags
Expand Down Expand Up @@ -2660,7 +2661,7 @@ zfs_delete_final_check(znode_t *zp, znode_t *dzp,
int error;
uid_t downer;

downer = zfs_fuid_map_id(ZTOZSB(dzp), zfs_uid_read(ZTOI(dzp)),
downer = zfs_fuid_map_id(ZTOZSB(dzp), KUID_TO_SUID(ZTOI(dzp)->i_uid),
cr, ZFS_OWNER);

error = secpolicy_vnode_access2(cr, ZTOI(dzp),
Expand Down
6 changes: 4 additions & 2 deletions module/zfs/zfs_dir.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1088,8 +1088,10 @@ zfs_sticky_remove_access(znode_t *zdp, znode_t *zp, cred_t *cr)
if ((zdp->z_mode & S_ISVTX) == 0)
return (0);

downer = zfs_fuid_map_id(zsb, zfs_uid_read(ZTOI(zdp)), cr, ZFS_OWNER);
fowner = zfs_fuid_map_id(zsb, zfs_uid_read(ZTOI(zp)), cr, ZFS_OWNER);
downer = zfs_fuid_map_id(zsb, KUID_TO_SUID(ZTOI(zdp)->i_uid),
cr, ZFS_OWNER);
fowner = zfs_fuid_map_id(zsb, KUID_TO_SUID(ZTOI(zp)->i_uid),
cr, ZFS_OWNER);

if ((uid = crgetuid(cr)) == downer || uid == fowner ||
(S_ISDIR(ZTOI(zp)->i_mode) &&
Expand Down
5 changes: 2 additions & 3 deletions module/zfs/zfs_fuid.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@
#include <sys/sid.h>
#include <sys/zfs_vfsops.h>
#include <sys/zfs_znode.h>
#include <linux/vfs_compat.h>
#endif
#include <sys/zfs_fuid.h>

Expand Down Expand Up @@ -388,9 +387,9 @@ zfs_fuid_find_by_idx(zfs_sb_t *zsb, uint32_t idx)
void
zfs_fuid_map_ids(znode_t *zp, cred_t *cr, uid_t *uidp, uid_t *gidp)
{
*uidp = zfs_fuid_map_id(ZTOZSB(zp), zfs_uid_read(ZTOI(zp)),
*uidp = zfs_fuid_map_id(ZTOZSB(zp), KUID_TO_SUID(ZTOI(zp)->i_uid),
cr, ZFS_OWNER);
*gidp = zfs_fuid_map_id(ZTOZSB(zp), zfs_gid_read(ZTOI(zp)),
*gidp = zfs_fuid_map_id(ZTOZSB(zp), KGID_TO_SGID(ZTOI(zp)->i_gid),
cr, ZFS_GROUP);
}

Expand Down
13 changes: 6 additions & 7 deletions module/zfs/zfs_log.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@
#include <sys/zfs_fuid.h>
#include <sys/ddi.h>
#include <sys/dsl_dataset.h>
#include <linux/vfs_compat.h>

/*
* These zfs_log_* functions must be called within a dmu tx, in one
Expand Down Expand Up @@ -283,13 +282,13 @@ zfs_log_create(zilog_t *zilog, dmu_tx_t *tx, uint64_t txtype,
/* Store dnode slot count in 8 bits above object id. */
LR_FOID_SET_SLOTS(lr->lr_foid, zp->z_dnodesize >> DNODE_SHIFT);
lr->lr_mode = zp->z_mode;
if (!IS_EPHEMERAL(zfs_uid_read(ZTOI(zp)))) {
lr->lr_uid = (uint64_t)zfs_uid_read(ZTOI(zp));
if (!IS_EPHEMERAL(KUID_TO_SUID(ZTOI(zp)->i_uid))) {
lr->lr_uid = (uint64_t)KUID_TO_SUID(ZTOI(zp)->i_uid);
} else {
lr->lr_uid = fuidp->z_fuid_owner;
}
if (!IS_EPHEMERAL(zfs_gid_read(ZTOI(zp)))) {
lr->lr_gid = (uint64_t)zfs_gid_read(ZTOI(zp));
if (!IS_EPHEMERAL(KGID_TO_SGID(ZTOI(zp)->i_gid))) {
lr->lr_gid = (uint64_t)KGID_TO_SGID(ZTOI(zp)->i_gid);
} else {
lr->lr_gid = fuidp->z_fuid_group;
}
Expand Down Expand Up @@ -408,8 +407,8 @@ zfs_log_symlink(zilog_t *zilog, dmu_tx_t *tx, uint64_t txtype,
lr = (lr_create_t *)&itx->itx_lr;
lr->lr_doid = dzp->z_id;
lr->lr_foid = zp->z_id;
lr->lr_uid = zfs_uid_read(ZTOI(zp));
lr->lr_gid = zfs_gid_read(ZTOI(zp));
lr->lr_uid = KUID_TO_SUID(ZTOI(zp)->i_uid);
lr->lr_gid = KGID_TO_SGID(ZTOI(zp)->i_gid);
lr->lr_mode = zp->z_mode;
(void) sa_lookup(zp->z_sa_hdl, SA_ZPL_GEN(ZTOZSB(zp)), &lr->lr_gen,
sizeof (uint64_t));
Expand Down
2 changes: 1 addition & 1 deletion module/zfs/zfs_vfsops.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -631,7 +631,7 @@ zfs_owner_overquota(zfs_sb_t *zsb, znode_t *zp, boolean_t isgroup)

quotaobj = isgroup ? zsb->z_groupquota_obj : zsb->z_userquota_obj;

fuid = isgroup ? zfs_gid_read(ip) : zfs_uid_read(ip);
fuid = isgroup ? KGID_TO_SGID(ip->i_gid) : KUID_TO_SUID(ip->i_uid);

if (quotaobj == 0 || zsb->z_replay)
return (B_FALSE);
Expand Down
18 changes: 10 additions & 8 deletions module/zfs/zfs_vnops.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -603,6 +603,7 @@ zfs_write(struct inode *ip, uio_t *uio, int ioflag, cred_t *cr)
sa_bulk_attr_t bulk[4];
uint64_t mtime[2], ctime[2];
boolean_t retain_policy;
uint32_t uid;
ASSERTV(int iovcnt = uio->uio_iovcnt);

/*
Expand Down Expand Up @@ -863,8 +864,9 @@ zfs_write(struct inode *ip, uio_t *uio, int ioflag, cred_t *cr)
* user 0 is not an ephemeral uid.
*/
mutex_enter(&zp->z_acl_lock);
uid = KUID_TO_SUID(ip->i_uid);
retain_policy = ((zp->z_mode & S_ISUID) != 0 &&
zfs_uid_read(ip) == 0);
uid == 0);
if ((zp->z_mode & (S_IXUSR | (S_IXUSR >> 3) |
(S_IXUSR >> 6))) != 0 &&
(zp->z_mode & (S_ISUID | S_ISGID)) != 0 &&
Expand Down Expand Up @@ -2844,7 +2846,7 @@ zfs_setattr(struct inode *ip, vattr_t *vap, int flags, cred_t *cr)
if (mask & ATTR_UID) {
new_uid = zfs_fuid_create(zsb,
(uint64_t)vap->va_uid, cr, ZFS_OWNER, &fuidp);
if (new_uid != zfs_uid_read(ZTOI(zp)) &&
if (new_uid != KUID_TO_SUID(ZTOI(zp)->i_uid) &&
zfs_fuid_overquota(zsb, B_FALSE, new_uid)) {
if (attrzp)
iput(ZTOI(attrzp));
Expand All @@ -2856,7 +2858,7 @@ zfs_setattr(struct inode *ip, vattr_t *vap, int flags, cred_t *cr)
if (mask & ATTR_GID) {
new_gid = zfs_fuid_create(zsb, (uint64_t)vap->va_gid,
cr, ZFS_GROUP, &fuidp);
if (new_gid != zfs_gid_read(ZTOI(zp)) &&
if (new_gid != KGID_TO_SGID(ZTOI(zp)->i_gid) &&
zfs_fuid_overquota(zsb, B_TRUE, new_gid)) {
if (attrzp)
iput(ZTOI(attrzp));
Expand Down Expand Up @@ -2950,24 +2952,24 @@ zfs_setattr(struct inode *ip, vattr_t *vap, int flags, cred_t *cr)
if (mask & ATTR_UID) {
SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zsb), NULL,
&new_uid, sizeof (new_uid));
zfs_uid_write(ZTOI(zp), new_uid);
ZTOI(zp)->i_uid = SUID_TO_KUID(new_uid);
if (attrzp) {
SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
SA_ZPL_UID(zsb), NULL, &new_uid,
sizeof (new_uid));
zfs_uid_write(ZTOI(attrzp), new_uid);
ZTOI(attrzp)->i_uid = SUID_TO_KUID(new_uid);
}
}

if (mask & ATTR_GID) {
SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zsb),
NULL, &new_gid, sizeof (new_gid));
zfs_gid_write(ZTOI(zp), new_gid);
ZTOI(zp)->i_gid = SGID_TO_KGID(new_gid);
if (attrzp) {
SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
SA_ZPL_GID(zsb), NULL, &new_gid,
sizeof (new_gid));
zfs_gid_write(ZTOI(attrzp), new_gid);
ZTOI(attrzp)->i_gid = SGID_TO_KGID(new_gid);
}
}
if (!(mask & ATTR_MODE)) {
Expand Down Expand Up @@ -3847,7 +3849,7 @@ zfs_link(struct inode *tdip, struct inode *sip, char *name, cred_t *cr,
return (SET_ERROR(EINVAL));
}

owner = zfs_fuid_map_id(zsb, zfs_uid_read(sip), cr, ZFS_OWNER);
owner = zfs_fuid_map_id(zsb, KUID_TO_SUID(sip->i_uid), cr, ZFS_OWNER);
if (owner != crgetuid(cr) && secpolicy_basic_link(cr) != 0) {
ZFS_EXIT(zsb);
return (SET_ERROR(EPERM));
Expand Down

0 comments on commit 130bf17

Please sign in to comment.