CRED: Wrap task credential accesses in the GFS2 filesystem
Wrap access to task credentials so that they can be separated more easily from the task_struct during the introduction of COW creds. Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id(). Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more sense to use RCU directly rather than a convenient wrapper; these will be addressed by later patches. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Steven Whitehouse <swhiteho@redhat.com> Cc: cluster-devel@redhat.com Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
2186a71cbc
commit
3de7be3355
@ -705,18 +705,18 @@ static void munge_mode_uid_gid(struct gfs2_inode *dip, unsigned int *mode,
|
|||||||
(dip->i_inode.i_mode & S_ISUID) && dip->i_inode.i_uid) {
|
(dip->i_inode.i_mode & S_ISUID) && dip->i_inode.i_uid) {
|
||||||
if (S_ISDIR(*mode))
|
if (S_ISDIR(*mode))
|
||||||
*mode |= S_ISUID;
|
*mode |= S_ISUID;
|
||||||
else if (dip->i_inode.i_uid != current->fsuid)
|
else if (dip->i_inode.i_uid != current_fsuid())
|
||||||
*mode &= ~07111;
|
*mode &= ~07111;
|
||||||
*uid = dip->i_inode.i_uid;
|
*uid = dip->i_inode.i_uid;
|
||||||
} else
|
} else
|
||||||
*uid = current->fsuid;
|
*uid = current_fsuid();
|
||||||
|
|
||||||
if (dip->i_inode.i_mode & S_ISGID) {
|
if (dip->i_inode.i_mode & S_ISGID) {
|
||||||
if (S_ISDIR(*mode))
|
if (S_ISDIR(*mode))
|
||||||
*mode |= S_ISGID;
|
*mode |= S_ISGID;
|
||||||
*gid = dip->i_inode.i_gid;
|
*gid = dip->i_inode.i_gid;
|
||||||
} else
|
} else
|
||||||
*gid = current->fsgid;
|
*gid = current_fsgid();
|
||||||
}
|
}
|
||||||
|
|
||||||
static int alloc_dinode(struct gfs2_inode *dip, u64 *no_addr, u64 *generation)
|
static int alloc_dinode(struct gfs2_inode *dip, u64 *no_addr, u64 *generation)
|
||||||
@ -1124,8 +1124,8 @@ int gfs2_unlink_ok(struct gfs2_inode *dip, const struct qstr *name,
|
|||||||
return -EPERM;
|
return -EPERM;
|
||||||
|
|
||||||
if ((dip->i_inode.i_mode & S_ISVTX) &&
|
if ((dip->i_inode.i_mode & S_ISVTX) &&
|
||||||
dip->i_inode.i_uid != current->fsuid &&
|
dip->i_inode.i_uid != current_fsuid() &&
|
||||||
ip->i_inode.i_uid != current->fsuid && !capable(CAP_FOWNER))
|
ip->i_inode.i_uid != current_fsuid() && !capable(CAP_FOWNER))
|
||||||
return -EPERM;
|
return -EPERM;
|
||||||
|
|
||||||
if (IS_APPEND(&dip->i_inode))
|
if (IS_APPEND(&dip->i_inode))
|
||||||
|
Loading…
Reference in New Issue
Block a user