13026 Sdiff usr/src/uts/common/os/cred.c

Print this page

13026 SMB and NFS use the global zone's IDMAP when they shouldn't
Change-Id: I3b5f7bc68bb77764aa7cb59a48dd1740a8387ccf

   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2013, Ira Cooper.  All rights reserved.

  23  */
  24 /*
  25  * Copyright (c) 1989, 2010, Oracle and/or its affiliates. All rights reserved.
  26  */
  27 
  28 /*      Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T     */
  29 /*        All Rights Reserved   */
  30 
  31 /*
  32  * University Copyright- Copyright (c) 1982, 1986, 1988
  33  * The Regents of the University of California
  34  * All Rights Reserved
  35  *
  36  * University Acknowledgment- Portions of this document are derived from
  37  * software developed by the University of California, Berkeley, and its
  38  * contributors.
  39  */
  40 
  41 #include <sys/types.h>
  42 #include <sys/sysmacros.h>

 271  * As cralloc but prepared for ksid change (if appropriate).
 272  */
 273 cred_t *
 274 cralloc_ksid(void)
 275 {
 276         cred_t *cr = cralloc();
 277         if (hasephids)
 278                 cr->cr_ksid = kcrsid_alloc();
 279         return (cr);
 280 }
 281 
 282 /*
 283  * Allocate a initialized cred structure and crhold() it.
 284  * Initialized means: all ids 0, group count 0, L=Full, E=P=I=I0
 285  */
 286 cred_t *
 287 crget(void)
 288 {
 289         cred_t *cr = kmem_cache_alloc(cred_cache, KM_SLEEP);
 290 
 291         bcopy(kcred, cr, crsize);
 292         cr->cr_ref = 1;
 293         zone_cred_hold(cr->cr_zone);
 294         if (cr->cr_label)
 295                 label_hold(cr->cr_label);
 296         ASSERT(cr->cr_klpd == NULL);
 297         ASSERT(cr->cr_grps == NULL);
 298         return (cr);
 299 }
 300 
 301 /*
 302  * Broadcast the cred to all the threads in the process.
 303  * The current thread's credentials can be set right away, but other
 304  * threads must wait until the start of the next system call or trap.
 305  * This avoids changing the cred in the middle of a system call.
 306  *
 307  * The cred has already been held for the process and the thread (2 holds),
 308  * and p->p_cred set.
 309  *
 310  * p->p_crlock shouldn't be held here, since p_lock must be acquired.
 311  */

   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2013, Ira Cooper.  All rights reserved.
  23  * Copyright 2020 Nexenta by DDN, Inc. All rights reserved.
  24  */
  25 /*
  26  * Copyright (c) 1989, 2010, Oracle and/or its affiliates. All rights reserved.
  27  */
  28 
  29 /*      Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T     */
  30 /*        All Rights Reserved   */
  31 
  32 /*
  33  * University Copyright- Copyright (c) 1982, 1986, 1988
  34  * The Regents of the University of California
  35  * All Rights Reserved
  36  *
  37  * University Acknowledgment- Portions of this document are derived from
  38  * software developed by the University of California, Berkeley, and its
  39  * contributors.
  40  */
  41 
  42 #include <sys/types.h>
  43 #include <sys/sysmacros.h>

 272  * As cralloc but prepared for ksid change (if appropriate).
 273  */
 274 cred_t *
 275 cralloc_ksid(void)
 276 {
 277         cred_t *cr = cralloc();
 278         if (hasephids)
 279                 cr->cr_ksid = kcrsid_alloc();
 280         return (cr);
 281 }
 282 
 283 /*
 284  * Allocate a initialized cred structure and crhold() it.
 285  * Initialized means: all ids 0, group count 0, L=Full, E=P=I=I0
 286  */
 287 cred_t *
 288 crget(void)
 289 {
 290         cred_t *cr = kmem_cache_alloc(cred_cache, KM_SLEEP);
 291 
 292         bcopy(zone_kcred(), cr, crsize);
 293         cr->cr_ref = 1;
 294         zone_cred_hold(cr->cr_zone);
 295         if (cr->cr_label)
 296                 label_hold(cr->cr_label);
 297         ASSERT(cr->cr_klpd == NULL);
 298         ASSERT(cr->cr_grps == NULL);
 299         return (cr);
 300 }
 301 
 302 /*
 303  * Broadcast the cred to all the threads in the process.
 304  * The current thread's credentials can be set right away, but other
 305  * threads must wait until the start of the next system call or trap.
 306  * This avoids changing the cred in the middle of a system call.
 307  *
 308  * The cred has already been held for the process and the thread (2 holds),
 309  * and p->p_cred set.
 310  *
 311  * p->p_crlock shouldn't be held here, since p_lock must be acquired.
 312  */