Archive-Team
/
zfs
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 103 Wiki Activity

Remove credential configure checks. 

The groups_search() function was never exported by a mainline kernel
therefore we drop this compatibility code and always provide our own
implementation.

Additionally, the cred_t structure has been available since 2.6.29
so there is no longer a need to maintain compatibility code.

Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
This commit is contained in:
Brian Behlendorf 2014-10-02 13:41:09 -04:00
parent e39174ed56
commit 68a829b29d
3 changed files with 23 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
config/spl-build.m4
View File

@ -35,9 +35,7 @@ AC_DEFUN([SPL_AC_CONFIG_KERNEL], [
SPL_AC_2ARGS_VFS_FSYNC SPL_AC_2ARGS_VFS_FSYNC
SPL_AC_INODE_TRUNCATE_RANGE SPL_AC_INODE_TRUNCATE_RANGE
SPL_AC_FS_STRUCT_SPINLOCK SPL_AC_FS_STRUCT_SPINLOCK
SPL_AC_CRED_STRUCT
SPL_AC_KUIDGID_T SPL_AC_KUIDGID_T
SPL_AC_GROUPS_SEARCH
SPL_AC_PUT_TASK_STRUCT SPL_AC_PUT_TASK_STRUCT
SPL_AC_5ARGS_PROC_HANDLER SPL_AC_5ARGS_PROC_HANDLER
SPL_AC_KVASPRINTF SPL_AC_KVASPRINTF
@ -1135,26 +1133,6 @@ AC_DEFUN([SPL_AC_FS_STRUCT_SPINLOCK], [
EXTRA_KCFLAGS="$tmp_flags" EXTRA_KCFLAGS="$tmp_flags"
]) ])
dnl #
dnl # 2.6.29 API change,
dnl # check whether 'struct cred' exists
dnl #
AC_DEFUN([SPL_AC_CRED_STRUCT], [
AC_MSG_CHECKING([whether struct cred exists])
SPL_LINUX_TRY_COMPILE([
#include <linux/cred.h>
],[
struct cred *cr __attribute__ ((unused));
cr = NULL;
],[
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_CRED_STRUCT, 1, [struct cred exists])
],[
AC_MSG_RESULT(no)
])
])
dnl # dnl #
dnl # User namespaces, use kuid_t in place of uid_t dnl # User namespaces, use kuid_t in place of uid_t
dnl # where available. Not strictly a user namespaces thing dnl # where available. Not strictly a user namespaces thing
@ -1184,30 +1162,6 @@ AC_DEFUN([SPL_AC_KUIDGID_T], [
]) ])
]) ])
dnl #
dnl # Custom SPL patch may export this symbol.
dnl #
AC_DEFUN([SPL_AC_GROUPS_SEARCH],
[AC_MSG_CHECKING([whether groups_search() is available])
SPL_LINUX_TRY_COMPILE_SYMBOL([
#include <linux/cred.h>
#ifdef HAVE_KUIDGID_T
#include <linux/uidgid.h>
#endif
], [
#ifdef HAVE_KUIDGID_T
groups_search(NULL, KGIDT_INIT(0));
#else
groups_search(NULL, 0);
#endif
], [groups_search], [], [
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_GROUPS_SEARCH, 1, [groups_search() is available])
], [
AC_MSG_RESULT(no)
])
])
dnl # dnl #
dnl # 2.6.x API change, dnl # 2.6.x API change,
dnl # __put_task_struct() was exported in RHEL5 but unavailable elsewhere. dnl # __put_task_struct() was exported in RHEL5 but unavailable elsewhere.

43
include/sys/cred.h
View File

@ -29,49 +29,38 @@
#include <sys/types.h> #include <sys/types.h>
#include <sys/vfs.h> #include <sys/vfs.h>
#ifdef HAVE_CRED_STRUCT
typedef struct cred cred_t; typedef struct cred cred_t;
#define kcred ((cred_t *)(init_task.cred)) #define kcred ((cred_t *)(init_task.cred))
#define CRED() ((cred_t *)current_cred()) #define CRED() ((cred_t *)current_cred())
#else
typedef struct task_struct cred_t;
#define kcred ((cred_t *)&init_task)
#define CRED() ((cred_t *)current)
#endif /* HAVE_CRED_STRUCT */
#ifdef HAVE_KUIDGID_T #ifdef HAVE_KUIDGID_T
/* /*
* Linux 3.8+ uses typedefs to redefine uid_t and gid_t. We have to rename the * Linux 3.8+ uses typedefs to redefine uid_t and gid_t. We have to rename the
* typedefs to recover the original types. We then can use them provided that * typedefs to recover the original types. We then can use them provided that
* we are careful about translating from k{g,u}id_t to the original versions * we are careful about translating from k{g,u}id_t to the original versions
* and vice versa. * and vice versa.
*/ */
#define uid_t xuid_t #define uid_t xuid_t
#define gid_t xgid_t #define gid_t xgid_t
#include <linux/uidgid.h> #include <linux/uidgid.h>
#undef uid_t #undef uid_t
#undef gid_t #undef gid_t
#define KUID_TO_SUID(x) (__kuid_val(x)) #define KUID_TO_SUID(x) (__kuid_val(x))
#define KGID_TO_SGID(x) (__kgid_val(x)) #define KGID_TO_SGID(x) (__kgid_val(x))
#define SUID_TO_KUID(x) (KUIDT_INIT(x)) #define SUID_TO_KUID(x) (KUIDT_INIT(x))
#define SGID_TO_KGID(x) (KGIDT_INIT(x)) #define SGID_TO_KGID(x) (KGIDT_INIT(x))
#define KGIDP_TO_SGIDP(x) (&(x)->val) #define KGIDP_TO_SGIDP(x) (&(x)->val)
#else /* HAVE_KUIDGID_T */ #else /* HAVE_KUIDGID_T */
#define KUID_TO_SUID(x) (x) #define KUID_TO_SUID(x) (x)
#define KGID_TO_SGID(x) (x) #define KGID_TO_SGID(x) (x)
#define SUID_TO_KUID(x) (x) #define SUID_TO_KUID(x) (x)
#define SGID_TO_KGID(x) (x) #define SGID_TO_KGID(x) (x)
#define KGIDP_TO_SGIDP(x) (x) #define KGIDP_TO_SGIDP(x) (x)
#endif /* HAVE_KUIDGID_T */ #endif /* HAVE_KUIDGID_T */

94
module/spl/spl-cred.c
View File

@ -32,11 +32,6 @@
#define DEBUG_SUBSYSTEM S_CRED #define DEBUG_SUBSYSTEM S_CRED
#ifdef HAVE_GROUPS_SEARCH
/* Symbol may be exported by custom kernel patch */
#define cr_groups_search(gi, grp) groups_search(gi, grp)
#else
/* Implementation from 2.6.30 kernel */
static int static int
#ifdef HAVE_KUIDGID_T #ifdef HAVE_KUIDGID_T
cr_groups_search(const struct group_info *group_info, kgid_t grp) cr_groups_search(const struct group_info *group_info, kgid_t grp)
@ -66,14 +61,6 @@ cr_groups_search(const struct group_info *group_info, gid_t grp)
} }
return 0; return 0;
} }
#endif
#ifdef HAVE_CRED_STRUCT
/*
* As of 2.6.29 a clean credential API appears in the linux kernel.
* We attempt to layer the Solaris API on top of the linux API.
*/
/* Hold a reference on the credential and group info */ /* Hold a reference on the credential and group info */
void void
@ -137,87 +124,6 @@ groupmember(gid_t gid, const cred_t *cr)
return rc; return rc;
} }
#else /* HAVE_CRED_STRUCT */
/*
* Until very recently all credential information was embedded in
* the linux task struct. For this reason to simulate a Solaris
* cred_t we need to pass the entire task structure around.
*/
/* Hold a reference on the credential and group info */
void crhold(cred_t *cr) { }
/* Free a reference on the credential and group info */
void crfree(cred_t *cr) { }
/* Return the number of supplemental groups */
int
crgetngroups(const cred_t *cr)
{
int lock, rc;
lock = (cr != current);
if (lock)
task_lock((struct task_struct *)cr);
get_group_info(cr->group_info);
rc = cr->group_info->ngroups;
put_group_info(cr->group_info);
if (lock)
task_unlock((struct task_struct *)cr);
return rc;
}
/*
* Return an array of supplemental gids. The returned address is safe
* to use as long as the caller has taken a reference with crhold().
* The caller is responsible for releasing the reference with crfree().
*/
gid_t *
crgetgroups(const cred_t *cr)
{
gid_t *gids;
int lock;
lock = (cr != current);
if (lock)
task_lock((struct task_struct *)cr);
get_group_info(cr->group_info);
gids = KGID_TO_SGID(cr->group_info->blocks[0]);
put_group_info(cr->group_info);
if (lock)
task_unlock((struct task_struct *)cr);
return gids;
}
/* Check if the passed gid is available is in supplied credential. */
int
groupmember(gid_t gid, const cred_t *cr)
{
int lock, rc;
lock = (cr != current);
if (lock)
task_lock((struct task_struct *)cr);
get_group_info(cr->group_info);
rc = cr_groups_search(cr->group_info, gid);
put_group_info(cr->group_info);
if (lock)
task_unlock((struct task_struct *)cr);
return rc;
}
#endif /* HAVE_CRED_STRUCT */
/* Return the effective user id */ /* Return the effective user id */
uid_t uid_t
crgetuid(const cred_t *cr) crgetuid(const cred_t *cr)