1 | /* $NetBSD: umap_subr.c,v 1.29 2014/11/09 18:08:07 maxv Exp $ */ |
2 | |
3 | /* |
4 | * Copyright (c) 1999 National Aeronautics & Space Administration |
5 | * All rights reserved. |
6 | * |
7 | * This software was written by William Studenmund of the |
8 | * Numerical Aerospace Simulation Facility, NASA Ames Research Center. |
9 | * |
10 | * Redistribution and use in source and binary forms, with or without |
11 | * modification, are permitted provided that the following conditions |
12 | * are met: |
13 | * 1. Redistributions of source code must retain the above copyright |
14 | * notice, this list of conditions and the following disclaimer. |
15 | * 2. Redistributions in binary form must reproduce the above copyright |
16 | * notice, this list of conditions and the following disclaimer in the |
17 | * documentation and/or other materials provided with the distribution. |
18 | * 3. Neither the name of the National Aeronautics & Space Administration |
19 | * nor the names of its contributors may be used to endorse or promote |
20 | * products derived from this software without specific prior written |
21 | * permission. |
22 | * |
23 | * THIS SOFTWARE IS PROVIDED BY THE NATIONAL AERONAUTICS & SPACE ADMINISTRATION |
24 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED |
25 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
26 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE ADMINISTRATION OR CONTRIB- |
27 | * UTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, |
28 | * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
29 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
30 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
31 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
32 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
33 | * POSSIBILITY OF SUCH DAMAGE. |
34 | */ |
35 | /* |
36 | * Copyright (c) 1992, 1993, 1995 |
37 | * The Regents of the University of California. All rights reserved. |
38 | * |
39 | * This code is derived from software donated to Berkeley by |
40 | * Jan-Simon Pendry. |
41 | * |
42 | * Redistribution and use in source and binary forms, with or without |
43 | * modification, are permitted provided that the following conditions |
44 | * are met: |
45 | * 1. Redistributions of source code must retain the above copyright |
46 | * notice, this list of conditions and the following disclaimer. |
47 | * 2. Redistributions in binary form must reproduce the above copyright |
48 | * notice, this list of conditions and the following disclaimer in the |
49 | * documentation and/or other materials provided with the distribution. |
50 | * 3. Neither the name of the University nor the names of its contributors |
51 | * may be used to endorse or promote products derived from this software |
52 | * without specific prior written permission. |
53 | * |
54 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
55 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
56 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
57 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
58 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
59 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
60 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
61 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
62 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
63 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
64 | * SUCH DAMAGE. |
65 | * |
66 | * from: Id: lofs_subr.c, v 1.11 1992/05/30 10:05:43 jsp Exp |
67 | * @(#)umap_subr.c 8.9 (Berkeley) 5/14/95 |
68 | */ |
69 | |
70 | #include <sys/cdefs.h> |
71 | __KERNEL_RCSID(0, "$NetBSD: umap_subr.c,v 1.29 2014/11/09 18:08:07 maxv Exp $" ); |
72 | |
73 | #include <sys/param.h> |
74 | #include <sys/systm.h> |
75 | #include <sys/proc.h> |
76 | #include <sys/time.h> |
77 | #include <sys/vnode.h> |
78 | #include <sys/mount.h> |
79 | #include <sys/namei.h> |
80 | #include <sys/kauth.h> |
81 | |
82 | #include <miscfs/specfs/specdev.h> |
83 | #include <miscfs/umapfs/umap.h> |
84 | |
85 | u_long umap_findid(u_long, u_long [][2], int); |
86 | int umap_node_alloc(struct mount *, struct vnode *, |
87 | struct vnode **); |
88 | |
89 | /* |
90 | * umap_findid is called by various routines in umap_vnodeops.c to |
91 | * find a user or group id in a map. |
92 | */ |
93 | u_long |
94 | umap_findid(u_long id, u_long map[][2], int nentries) |
95 | { |
96 | int i; |
97 | |
98 | /* Find uid entry in map */ |
99 | i = 0; |
100 | while ((i<nentries) && ((map[i][0]) != id)) |
101 | i++; |
102 | |
103 | if (i < nentries) |
104 | return (map[i][1]); |
105 | else |
106 | return (-1); |
107 | |
108 | } |
109 | |
110 | /* |
111 | * umap_reverse_findid is called by umap_getattr() in umap_vnodeops.c to |
112 | * find a user or group id in a map, in reverse. |
113 | */ |
114 | u_long |
115 | umap_reverse_findid(u_long id, u_long map[][2], int nentries) |
116 | { |
117 | int i; |
118 | |
119 | /* Find uid entry in map */ |
120 | i = 0; |
121 | while ((i<nentries) && ((map[i][1]) != id)) |
122 | i++; |
123 | |
124 | if (i < nentries) |
125 | return (map[i][0]); |
126 | else |
127 | return (-1); |
128 | |
129 | } |
130 | |
131 | /* umap_mapids maps all of the ids in a credential, both user and group. */ |
132 | |
133 | void |
134 | umap_mapids(struct mount *v_mount, kauth_cred_t credp) |
135 | { |
136 | int i, unentries, gnentries; |
137 | uid_t uid; |
138 | gid_t gid; |
139 | u_long (*usermap)[2], (*groupmap)[2]; |
140 | gid_t groups[NGROUPS]; |
141 | uint16_t ngroups; |
142 | |
143 | if (credp == NOCRED || credp == FSCRED) |
144 | return; |
145 | |
146 | unentries = MOUNTTOUMAPMOUNT(v_mount)->info_nentries; |
147 | usermap = MOUNTTOUMAPMOUNT(v_mount)->info_mapdata; |
148 | gnentries = MOUNTTOUMAPMOUNT(v_mount)->info_gnentries; |
149 | groupmap = MOUNTTOUMAPMOUNT(v_mount)->info_gmapdata; |
150 | |
151 | /* Find uid entry in map */ |
152 | |
153 | uid = (uid_t) umap_findid(kauth_cred_geteuid(credp), usermap, unentries); |
154 | |
155 | if (uid != -1) |
156 | kauth_cred_seteuid(credp, uid); |
157 | else |
158 | kauth_cred_seteuid(credp, (uid_t)NOBODY); |
159 | |
160 | #if 1 |
161 | /* cr_gid is the same as cr_groups[0] in 4BSD, but not in NetBSD */ |
162 | |
163 | /* Find gid entry in map */ |
164 | |
165 | gid = (gid_t) umap_findid(kauth_cred_getegid(credp), groupmap, gnentries); |
166 | |
167 | if (gid != -1) |
168 | kauth_cred_setegid(credp, gid); |
169 | else |
170 | kauth_cred_setegid(credp, NULLGROUP); |
171 | #endif |
172 | |
173 | /* Now we must map each of the set of groups in the cr_groups |
174 | structure. */ |
175 | |
176 | ngroups = kauth_cred_ngroups(credp); |
177 | for (i = 0; i < ngroups; i++) { |
178 | /* XXX elad: can't we just skip cases where gid == -1? */ |
179 | groups[i] = kauth_cred_group(credp, i); |
180 | gid = (gid_t) umap_findid(groups[i], |
181 | groupmap, gnentries); |
182 | if (gid != -1) |
183 | groups[i] = gid; |
184 | else |
185 | groups[i] = NULLGROUP; |
186 | } |
187 | |
188 | kauth_cred_setgroups(credp, groups, ngroups, -1, UIO_SYSSPACE); |
189 | } |
190 | |