Home | History | Annotate | Line # | Download | only in umapfs
umap_subr.c revision 1.25 
      1 /*	$NetBSD: umap_subr.c,v 1.25 2007/06/30 15:27:03 dsl Exp $	*/
      2 
      3 /*
      4  * Copyright (c) 1999 National Aeronautics & Space Administration
      5  * All rights reserved.
      6  *
      7  * This software was written by William Studenmund of the
      8  * Numerical Aerospace Simulation Facility, NASA Ames Research Center.
      9  *
     10  * Redistribution and use in source and binary forms, with or without
     11  * modification, are permitted provided that the following conditions
     12  * are met:
     13  * 1. Redistributions of source code must retain the above copyright
     14  *    notice, this list of conditions and the following disclaimer.
     15  * 2. Redistributions in binary form must reproduce the above copyright
     16  *    notice, this list of conditions and the following disclaimer in the
     17  *    documentation and/or other materials provided with the distribution.
     18  * 3. Neither the name of the National Aeronautics & Space Administration
     19  *    nor the names of its contributors may be used to endorse or promote
     20  *    products derived from this software without specific prior written
     21  *    permission.
     22  *
     23  * THIS SOFTWARE IS PROVIDED BY THE NATIONAL AERONAUTICS & SPACE ADMINISTRATION
     24  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
     25  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     26  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE ADMINISTRATION OR CONTRIB-
     27  * UTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
     28  * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
     29  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
     30  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
     31  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     32  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     33  * POSSIBILITY OF SUCH DAMAGE.
     34  */
     35 /*
     36  * Copyright (c) 1992, 1993, 1995
     37  *	The Regents of the University of California.  All rights reserved.
     38  *
     39  * This code is derived from software donated to Berkeley by
     40  * Jan-Simon Pendry.
     41  *
     42  * Redistribution and use in source and binary forms, with or without
     43  * modification, are permitted provided that the following conditions
     44  * are met:
     45  * 1. Redistributions of source code must retain the above copyright
     46  *    notice, this list of conditions and the following disclaimer.
     47  * 2. Redistributions in binary form must reproduce the above copyright
     48  *    notice, this list of conditions and the following disclaimer in the
     49  *    documentation and/or other materials provided with the distribution.
     50  * 3. Neither the name of the University nor the names of its contributors
     51  *    may be used to endorse or promote products derived from this software
     52  *    without specific prior written permission.
     53  *
     54  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
     55  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     56  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     57  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
     58  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     59  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     60  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     61  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     62  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     63  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     64  * SUCH DAMAGE.
     65  *
     66  *	from: Id: lofs_subr.c, v 1.11 1992/05/30 10:05:43 jsp Exp
     67  *	@(#)umap_subr.c	8.9 (Berkeley) 5/14/95
     68  */
     69 
     70 #include <sys/cdefs.h>
     71 __KERNEL_RCSID(0, "$NetBSD: umap_subr.c,v 1.25 2007/06/30 15:27:03 dsl Exp $");
     72 
     73 #include <sys/param.h>
     74 #include <sys/systm.h>
     75 #include <sys/proc.h>
     76 #include <sys/time.h>
     77 #include <sys/vnode.h>
     78 #include <sys/mount.h>
     79 #include <sys/namei.h>
     80 #include <sys/malloc.h>
     81 #include <sys/kauth.h>
     82 
     83 #include <miscfs/specfs/specdev.h>
     84 #include <miscfs/umapfs/umap.h>
     85 
     86 u_long umap_findid(u_long, u_long [][2], int);
     87 int umap_node_alloc(struct mount *, struct vnode *,
     88 				struct vnode **);
     89 
     90 /*
     91  * umap_findid is called by various routines in umap_vnodeops.c to
     92  * find a user or group id in a map.
     93  */
     94 u_long
     95 umap_findid(id, map, nentries)
     96 	u_long id;
     97 	u_long map[][2];
     98 	int nentries;
     99 {
    100 	int i;
    101 
    102 	/* Find uid entry in map */
    103 	i = 0;
    104 	while ((i<nentries) && ((map[i][0]) != id))
    105 		i++;
    106 
    107 	if (i < nentries)
    108 		return (map[i][1]);
    109 	else
    110 		return (-1);
    111 
    112 }
    113 
    114 /*
    115  * umap_reverse_findid is called by umap_getattr() in umap_vnodeops.c to
    116  * find a user or group id in a map, in reverse.
    117  */
    118 u_long
    119 umap_reverse_findid(id, map, nentries)
    120 	u_long id;
    121 	u_long map[][2];
    122 	int nentries;
    123 {
    124 	int i;
    125 
    126 	/* Find uid entry in map */
    127 	i = 0;
    128 	while ((i<nentries) && ((map[i][1]) != id))
    129 		i++;
    130 
    131 	if (i < nentries)
    132 		return (map[i][0]);
    133 	else
    134 		return (-1);
    135 
    136 }
    137 
    138 /* umap_mapids maps all of the ids in a credential, both user and group. */
    139 
    140 void
    141 umap_mapids(v_mount, credp)
    142 	struct mount *v_mount;
    143 	kauth_cred_t credp;
    144 {
    145 	int i, unentries, gnentries;
    146 	uid_t uid;
    147 	gid_t gid;
    148 	u_long (*usermap)[2], (*groupmap)[2];
    149 	gid_t groups[NGROUPS];
    150 	uint16_t ngroups;
    151 
    152 	if (credp == NOCRED)
    153 		return;
    154 
    155 	unentries =  MOUNTTOUMAPMOUNT(v_mount)->info_nentries;
    156 	usermap =  MOUNTTOUMAPMOUNT(v_mount)->info_mapdata;
    157 	gnentries =  MOUNTTOUMAPMOUNT(v_mount)->info_gnentries;
    158 	groupmap =  MOUNTTOUMAPMOUNT(v_mount)->info_gmapdata;
    159 
    160 	/* Find uid entry in map */
    161 
    162 	uid = (uid_t) umap_findid(kauth_cred_geteuid(credp), usermap, unentries);
    163 
    164 	if (uid != -1)
    165 		kauth_cred_seteuid(credp, uid);
    166 	else
    167 		kauth_cred_seteuid(credp, (uid_t)NOBODY);
    168 
    169 #if 1
    170 	/* cr_gid is the same as cr_groups[0] in 4BSD, but not in NetBSD */
    171 
    172 	/* Find gid entry in map */
    173 
    174 	gid = (gid_t) umap_findid(kauth_cred_getegid(credp), groupmap, gnentries);
    175 
    176 	if (gid != -1)
    177 		kauth_cred_setegid(credp, gid);
    178 	else
    179 		kauth_cred_setegid(credp, NULLGROUP);
    180 #endif
    181 
    182 	/* Now we must map each of the set of groups in the cr_groups
    183 		structure. */
    184 
    185 	ngroups = kauth_cred_ngroups(credp);
    186 	for (i = 0; i < ngroups; i++) {
    187 		/* XXX elad: can't we just skip cases where gid == -1? */
    188 		groups[i] = kauth_cred_group(credp, i);
    189 		gid = (gid_t) umap_findid(groups[i],
    190 					  groupmap, gnentries);
    191 		if (gid != -1)
    192 			groups[i] = gid;
    193 		else
    194 			groups[i] = NULLGROUP;
    195 	}
    196 
    197 	kauth_cred_setgroups(credp, groups, ngroups, -1, UIO_SYSSPACE);
    198 }
    199