Home | History | Annotate | Line # | Download | only in umapfs
umap_subr.c revision 1.25.32.1 
      1 /*	$NetBSD: umap_subr.c,v 1.25.32.1 2009/05/04 08:14:06 yamt Exp $	*/
      2 
      3 /*
      4  * Copyright (c) 1999 National Aeronautics & Space Administration
      5  * All rights reserved.
      6  *
      7  * This software was written by William Studenmund of the
      8  * Numerical Aerospace Simulation Facility, NASA Ames Research Center.
      9  *
     10  * Redistribution and use in source and binary forms, with or without
     11  * modification, are permitted provided that the following conditions
     12  * are met:
     13  * 1. Redistributions of source code must retain the above copyright
     14  *    notice, this list of conditions and the following disclaimer.
     15  * 2. Redistributions in binary form must reproduce the above copyright
     16  *    notice, this list of conditions and the following disclaimer in the
     17  *    documentation and/or other materials provided with the distribution.
     18  * 3. Neither the name of the National Aeronautics & Space Administration
     19  *    nor the names of its contributors may be used to endorse or promote
     20  *    products derived from this software without specific prior written
     21  *    permission.
     22  *
     23  * THIS SOFTWARE IS PROVIDED BY THE NATIONAL AERONAUTICS & SPACE ADMINISTRATION
     24  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
     25  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     26  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE ADMINISTRATION OR CONTRIB-
     27  * UTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
     28  * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
     29  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
     30  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
     31  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     32  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     33  * POSSIBILITY OF SUCH DAMAGE.
     34  */
     35 /*
     36  * Copyright (c) 1992, 1993, 1995
     37  *	The Regents of the University of California.  All rights reserved.
     38  *
     39  * This code is derived from software donated to Berkeley by
     40  * Jan-Simon Pendry.
     41  *
     42  * Redistribution and use in source and binary forms, with or without
     43  * modification, are permitted provided that the following conditions
     44  * are met:
     45  * 1. Redistributions of source code must retain the above copyright
     46  *    notice, this list of conditions and the following disclaimer.
     47  * 2. Redistributions in binary form must reproduce the above copyright
     48  *    notice, this list of conditions and the following disclaimer in the
     49  *    documentation and/or other materials provided with the distribution.
     50  * 3. Neither the name of the University nor the names of its contributors
     51  *    may be used to endorse or promote products derived from this software
     52  *    without specific prior written permission.
     53  *
     54  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
     55  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     56  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     57  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
     58  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     59  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     60  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     61  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     62  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     63  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     64  * SUCH DAMAGE.
     65  *
     66  *	from: Id: lofs_subr.c, v 1.11 1992/05/30 10:05:43 jsp Exp
     67  *	@(#)umap_subr.c	8.9 (Berkeley) 5/14/95
     68  */
     69 
     70 #include <sys/cdefs.h>
     71 __KERNEL_RCSID(0, "$NetBSD: umap_subr.c,v 1.25.32.1 2009/05/04 08:14:06 yamt Exp $");
     72 
     73 #include <sys/param.h>
     74 #include <sys/systm.h>
     75 #include <sys/proc.h>
     76 #include <sys/time.h>
     77 #include <sys/vnode.h>
     78 #include <sys/mount.h>
     79 #include <sys/namei.h>
     80 #include <sys/malloc.h>
     81 #include <sys/kauth.h>
     82 
     83 #include <miscfs/specfs/specdev.h>
     84 #include <miscfs/umapfs/umap.h>
     85 
     86 u_long umap_findid(u_long, u_long [][2], int);
     87 int umap_node_alloc(struct mount *, struct vnode *,
     88 				struct vnode **);
     89 
     90 /*
     91  * umap_findid is called by various routines in umap_vnodeops.c to
     92  * find a user or group id in a map.
     93  */
     94 u_long
     95 umap_findid(u_long id, u_long map[][2], int nentries)
     96 {
     97 	int i;
     98 
     99 	/* Find uid entry in map */
    100 	i = 0;
    101 	while ((i<nentries) && ((map[i][0]) != id))
    102 		i++;
    103 
    104 	if (i < nentries)
    105 		return (map[i][1]);
    106 	else
    107 		return (-1);
    108 
    109 }
    110 
    111 /*
    112  * umap_reverse_findid is called by umap_getattr() in umap_vnodeops.c to
    113  * find a user or group id in a map, in reverse.
    114  */
    115 u_long
    116 umap_reverse_findid(u_long id, u_long map[][2], int nentries)
    117 {
    118 	int i;
    119 
    120 	/* Find uid entry in map */
    121 	i = 0;
    122 	while ((i<nentries) && ((map[i][1]) != id))
    123 		i++;
    124 
    125 	if (i < nentries)
    126 		return (map[i][0]);
    127 	else
    128 		return (-1);
    129 
    130 }
    131 
    132 /* umap_mapids maps all of the ids in a credential, both user and group. */
    133 
    134 void
    135 umap_mapids(struct mount *v_mount, kauth_cred_t credp)
    136 {
    137 	int i, unentries, gnentries;
    138 	uid_t uid;
    139 	gid_t gid;
    140 	u_long (*usermap)[2], (*groupmap)[2];
    141 	gid_t groups[NGROUPS];
    142 	uint16_t ngroups;
    143 
    144 	if (credp == NOCRED || credp == FSCRED)
    145 		return;
    146 
    147 	unentries =  MOUNTTOUMAPMOUNT(v_mount)->info_nentries;
    148 	usermap =  MOUNTTOUMAPMOUNT(v_mount)->info_mapdata;
    149 	gnentries =  MOUNTTOUMAPMOUNT(v_mount)->info_gnentries;
    150 	groupmap =  MOUNTTOUMAPMOUNT(v_mount)->info_gmapdata;
    151 
    152 	/* Find uid entry in map */
    153 
    154 	uid = (uid_t) umap_findid(kauth_cred_geteuid(credp), usermap, unentries);
    155 
    156 	if (uid != -1)
    157 		kauth_cred_seteuid(credp, uid);
    158 	else
    159 		kauth_cred_seteuid(credp, (uid_t)NOBODY);
    160 
    161 #if 1
    162 	/* cr_gid is the same as cr_groups[0] in 4BSD, but not in NetBSD */
    163 
    164 	/* Find gid entry in map */
    165 
    166 	gid = (gid_t) umap_findid(kauth_cred_getegid(credp), groupmap, gnentries);
    167 
    168 	if (gid != -1)
    169 		kauth_cred_setegid(credp, gid);
    170 	else
    171 		kauth_cred_setegid(credp, NULLGROUP);
    172 #endif
    173 
    174 	/* Now we must map each of the set of groups in the cr_groups
    175 		structure. */
    176 
    177 	ngroups = kauth_cred_ngroups(credp);
    178 	for (i = 0; i < ngroups; i++) {
    179 		/* XXX elad: can't we just skip cases where gid == -1? */
    180 		groups[i] = kauth_cred_group(credp, i);
    181 		gid = (gid_t) umap_findid(groups[i],
    182 					  groupmap, gnentries);
    183 		if (gid != -1)
    184 			groups[i] = gid;
    185 		else
    186 			groups[i] = NULLGROUP;
    187 	}
    188 
    189 	kauth_cred_setgroups(credp, groups, ngroups, -1, UIO_SYSSPACE);
    190 }
    191