1 /* $NetBSD: umap_subr.c,v 1.28 2009/03/15 17:22:38 cegger Exp $ */ 2 3 /* 4 * Copyright (c) 1999 National Aeronautics & Space Administration 5 * All rights reserved. 6 * 7 * This software was written by William Studenmund of the 8 * Numerical Aerospace Simulation Facility, NASA Ames Research Center. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the National Aeronautics & Space Administration 19 * nor the names of its contributors may be used to endorse or promote 20 * products derived from this software without specific prior written 21 * permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE NATIONAL AERONAUTICS & SPACE ADMINISTRATION 24 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE ADMINISTRATION OR CONTRIB- 27 * UTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 28 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 33 * POSSIBILITY OF SUCH DAMAGE. 34 */ 35 /* 36 * Copyright (c) 1992, 1993, 1995 37 * The Regents of the University of California. All rights reserved. 38 * 39 * This code is derived from software donated to Berkeley by 40 * Jan-Simon Pendry. 41 * 42 * Redistribution and use in source and binary forms, with or without 43 * modification, are permitted provided that the following conditions 44 * are met: 45 * 1. Redistributions of source code must retain the above copyright 46 * notice, this list of conditions and the following disclaimer. 47 * 2. Redistributions in binary form must reproduce the above copyright 48 * notice, this list of conditions and the following disclaimer in the 49 * documentation and/or other materials provided with the distribution. 50 * 3. Neither the name of the University nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 64 * SUCH DAMAGE. 65 * 66 * from: Id: lofs_subr.c, v 1.11 1992/05/30 10:05:43 jsp Exp 67 * @(#)umap_subr.c 8.9 (Berkeley) 5/14/95 68 */ 69 70 #include <sys/cdefs.h> 71 __KERNEL_RCSID(0, "$NetBSD: umap_subr.c,v 1.28 2009/03/15 17:22:38 cegger Exp $"); 72 73 #include <sys/param.h> 74 #include <sys/systm.h> 75 #include <sys/proc.h> 76 #include <sys/time.h> 77 #include <sys/vnode.h> 78 #include <sys/mount.h> 79 #include <sys/namei.h> 80 #include <sys/malloc.h> 81 #include <sys/kauth.h> 82 83 #include <miscfs/specfs/specdev.h> 84 #include <miscfs/umapfs/umap.h> 85 86 u_long umap_findid(u_long, u_long [][2], int); 87 int umap_node_alloc(struct mount *, struct vnode *, 88 struct vnode **); 89 90 /* 91 * umap_findid is called by various routines in umap_vnodeops.c to 92 * find a user or group id in a map. 93 */ 94 u_long 95 umap_findid(u_long id, u_long map[][2], int nentries) 96 { 97 int i; 98 99 /* Find uid entry in map */ 100 i = 0; 101 while ((i<nentries) && ((map[i][0]) != id)) 102 i++; 103 104 if (i < nentries) 105 return (map[i][1]); 106 else 107 return (-1); 108 109 } 110 111 /* 112 * umap_reverse_findid is called by umap_getattr() in umap_vnodeops.c to 113 * find a user or group id in a map, in reverse. 114 */ 115 u_long 116 umap_reverse_findid(u_long id, u_long map[][2], int nentries) 117 { 118 int i; 119 120 /* Find uid entry in map */ 121 i = 0; 122 while ((i<nentries) && ((map[i][1]) != id)) 123 i++; 124 125 if (i < nentries) 126 return (map[i][0]); 127 else 128 return (-1); 129 130 } 131 132 /* umap_mapids maps all of the ids in a credential, both user and group. */ 133 134 void 135 umap_mapids(struct mount *v_mount, kauth_cred_t credp) 136 { 137 int i, unentries, gnentries; 138 uid_t uid; 139 gid_t gid; 140 u_long (*usermap)[2], (*groupmap)[2]; 141 gid_t groups[NGROUPS]; 142 uint16_t ngroups; 143 144 if (credp == NOCRED || credp == FSCRED) 145 return; 146 147 unentries = MOUNTTOUMAPMOUNT(v_mount)->info_nentries; 148 usermap = MOUNTTOUMAPMOUNT(v_mount)->info_mapdata; 149 gnentries = MOUNTTOUMAPMOUNT(v_mount)->info_gnentries; 150 groupmap = MOUNTTOUMAPMOUNT(v_mount)->info_gmapdata; 151 152 /* Find uid entry in map */ 153 154 uid = (uid_t) umap_findid(kauth_cred_geteuid(credp), usermap, unentries); 155 156 if (uid != -1) 157 kauth_cred_seteuid(credp, uid); 158 else 159 kauth_cred_seteuid(credp, (uid_t)NOBODY); 160 161 #if 1 162 /* cr_gid is the same as cr_groups[0] in 4BSD, but not in NetBSD */ 163 164 /* Find gid entry in map */ 165 166 gid = (gid_t) umap_findid(kauth_cred_getegid(credp), groupmap, gnentries); 167 168 if (gid != -1) 169 kauth_cred_setegid(credp, gid); 170 else 171 kauth_cred_setegid(credp, NULLGROUP); 172 #endif 173 174 /* Now we must map each of the set of groups in the cr_groups 175 structure. */ 176 177 ngroups = kauth_cred_ngroups(credp); 178 for (i = 0; i < ngroups; i++) { 179 /* XXX elad: can't we just skip cases where gid == -1? */ 180 groups[i] = kauth_cred_group(credp, i); 181 gid = (gid_t) umap_findid(groups[i], 182 groupmap, gnentries); 183 if (gid != -1) 184 groups[i] = gid; 185 else 186 groups[i] = NULLGROUP; 187 } 188 189 kauth_cred_setgroups(credp, groups, ngroups, -1, UIO_SYSSPACE); 190 } 191