1 /* $NetBSD: umap_subr.c,v 1.29 2014/11/09 18:08:07 maxv Exp $ */ 2 3 /* 4 * Copyright (c) 1999 National Aeronautics & Space Administration 5 * All rights reserved. 6 * 7 * This software was written by William Studenmund of the 8 * Numerical Aerospace Simulation Facility, NASA Ames Research Center. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the National Aeronautics & Space Administration 19 * nor the names of its contributors may be used to endorse or promote 20 * products derived from this software without specific prior written 21 * permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE NATIONAL AERONAUTICS & SPACE ADMINISTRATION 24 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE ADMINISTRATION OR CONTRIB- 27 * UTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 28 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 33 * POSSIBILITY OF SUCH DAMAGE. 34 */ 35 /* 36 * Copyright (c) 1992, 1993, 1995 37 * The Regents of the University of California. All rights reserved. 38 * 39 * This code is derived from software donated to Berkeley by 40 * Jan-Simon Pendry. 41 * 42 * Redistribution and use in source and binary forms, with or without 43 * modification, are permitted provided that the following conditions 44 * are met: 45 * 1. Redistributions of source code must retain the above copyright 46 * notice, this list of conditions and the following disclaimer. 47 * 2. Redistributions in binary form must reproduce the above copyright 48 * notice, this list of conditions and the following disclaimer in the 49 * documentation and/or other materials provided with the distribution. 50 * 3. Neither the name of the University nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 64 * SUCH DAMAGE. 65 * 66 * from: Id: lofs_subr.c, v 1.11 1992/05/30 10:05:43 jsp Exp 67 * @(#)umap_subr.c 8.9 (Berkeley) 5/14/95 68 */ 69 70 #include <sys/cdefs.h> 71 __KERNEL_RCSID(0, "$NetBSD: umap_subr.c,v 1.29 2014/11/09 18:08:07 maxv Exp $"); 72 73 #include <sys/param.h> 74 #include <sys/systm.h> 75 #include <sys/proc.h> 76 #include <sys/time.h> 77 #include <sys/vnode.h> 78 #include <sys/mount.h> 79 #include <sys/namei.h> 80 #include <sys/kauth.h> 81 82 #include <miscfs/specfs/specdev.h> 83 #include <miscfs/umapfs/umap.h> 84 85 u_long umap_findid(u_long, u_long [][2], int); 86 int umap_node_alloc(struct mount *, struct vnode *, 87 struct vnode **); 88 89 /* 90 * umap_findid is called by various routines in umap_vnodeops.c to 91 * find a user or group id in a map. 92 */ 93 u_long 94 umap_findid(u_long id, u_long map[][2], int nentries) 95 { 96 int i; 97 98 /* Find uid entry in map */ 99 i = 0; 100 while ((i<nentries) && ((map[i][0]) != id)) 101 i++; 102 103 if (i < nentries) 104 return (map[i][1]); 105 else 106 return (-1); 107 108 } 109 110 /* 111 * umap_reverse_findid is called by umap_getattr() in umap_vnodeops.c to 112 * find a user or group id in a map, in reverse. 113 */ 114 u_long 115 umap_reverse_findid(u_long id, u_long map[][2], int nentries) 116 { 117 int i; 118 119 /* Find uid entry in map */ 120 i = 0; 121 while ((i<nentries) && ((map[i][1]) != id)) 122 i++; 123 124 if (i < nentries) 125 return (map[i][0]); 126 else 127 return (-1); 128 129 } 130 131 /* umap_mapids maps all of the ids in a credential, both user and group. */ 132 133 void 134 umap_mapids(struct mount *v_mount, kauth_cred_t credp) 135 { 136 int i, unentries, gnentries; 137 uid_t uid; 138 gid_t gid; 139 u_long (*usermap)[2], (*groupmap)[2]; 140 gid_t groups[NGROUPS]; 141 uint16_t ngroups; 142 143 if (credp == NOCRED || credp == FSCRED) 144 return; 145 146 unentries = MOUNTTOUMAPMOUNT(v_mount)->info_nentries; 147 usermap = MOUNTTOUMAPMOUNT(v_mount)->info_mapdata; 148 gnentries = MOUNTTOUMAPMOUNT(v_mount)->info_gnentries; 149 groupmap = MOUNTTOUMAPMOUNT(v_mount)->info_gmapdata; 150 151 /* Find uid entry in map */ 152 153 uid = (uid_t) umap_findid(kauth_cred_geteuid(credp), usermap, unentries); 154 155 if (uid != -1) 156 kauth_cred_seteuid(credp, uid); 157 else 158 kauth_cred_seteuid(credp, (uid_t)NOBODY); 159 160 #if 1 161 /* cr_gid is the same as cr_groups[0] in 4BSD, but not in NetBSD */ 162 163 /* Find gid entry in map */ 164 165 gid = (gid_t) umap_findid(kauth_cred_getegid(credp), groupmap, gnentries); 166 167 if (gid != -1) 168 kauth_cred_setegid(credp, gid); 169 else 170 kauth_cred_setegid(credp, NULLGROUP); 171 #endif 172 173 /* Now we must map each of the set of groups in the cr_groups 174 structure. */ 175 176 ngroups = kauth_cred_ngroups(credp); 177 for (i = 0; i < ngroups; i++) { 178 /* XXX elad: can't we just skip cases where gid == -1? */ 179 groups[i] = kauth_cred_group(credp, i); 180 gid = (gid_t) umap_findid(groups[i], 181 groupmap, gnentries); 182 if (gid != -1) 183 groups[i] = gid; 184 else 185 groups[i] = NULLGROUP; 186 } 187 188 kauth_cred_setgroups(credp, groups, ngroups, -1, UIO_SYSSPACE); 189 } 190