CRED: Wrap task credential accesses in the XFS filesystem
Wrap access to task credentials so that they can be separated more easily from the task_struct during the introduction of COW creds. Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id(). Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more sense to use RCU directly rather than a convenient wrapper; these will be addressed by later patches. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: xfs@oss.sgi.com Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Родитель
a5f773a659
Коммит
82ab8deda7
|
@ -24,7 +24,7 @@
|
|||
* Credentials
|
||||
*/
|
||||
typedef struct cred {
|
||||
/* EMPTY */
|
||||
/* EMPTY */
|
||||
} cred_t;
|
||||
|
||||
extern struct cred *sys_cred;
|
||||
|
|
|
@ -1007,7 +1007,7 @@ xfs_ioctl_setattr(
|
|||
* to the file owner ID, except in cases where the
|
||||
* CAP_FSETID capability is applicable.
|
||||
*/
|
||||
if (current->fsuid != ip->i_d.di_uid && !capable(CAP_FOWNER)) {
|
||||
if (current_fsuid() != ip->i_d.di_uid && !capable(CAP_FOWNER)) {
|
||||
code = XFS_ERROR(EPERM);
|
||||
goto error_return;
|
||||
}
|
||||
|
|
|
@ -366,7 +366,7 @@ xfs_acl_allow_set(
|
|||
return ENOTDIR;
|
||||
if (vp->i_sb->s_flags & MS_RDONLY)
|
||||
return EROFS;
|
||||
if (XFS_I(vp)->i_d.di_uid != current->fsuid && !capable(CAP_FOWNER))
|
||||
if (XFS_I(vp)->i_d.di_uid != current_fsuid() && !capable(CAP_FOWNER))
|
||||
return EPERM;
|
||||
return 0;
|
||||
}
|
||||
|
@ -413,13 +413,13 @@ xfs_acl_access(
|
|||
switch (fap->acl_entry[i].ae_tag) {
|
||||
case ACL_USER_OBJ:
|
||||
seen_userobj = 1;
|
||||
if (fuid != current->fsuid)
|
||||
if (fuid != current_fsuid())
|
||||
continue;
|
||||
matched.ae_tag = ACL_USER_OBJ;
|
||||
matched.ae_perm = allows;
|
||||
break;
|
||||
case ACL_USER:
|
||||
if (fap->acl_entry[i].ae_id != current->fsuid)
|
||||
if (fap->acl_entry[i].ae_id != current_fsuid())
|
||||
continue;
|
||||
matched.ae_tag = ACL_USER;
|
||||
matched.ae_perm = allows;
|
||||
|
|
Загрузка…
Ссылка в новой задаче