From owner-svn-src-projects@FreeBSD.ORG Tue Jun 9 13:50:17 2009 Return-Path: Delivered-To: svn-src-projects@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B15A3106567E; Tue, 9 Jun 2009 13:50:17 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 9C1078FC24; Tue, 9 Jun 2009 13:50:17 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n59DoH64072982; Tue, 9 Jun 2009 13:50:17 GMT (envelope-from brooks@svn.freebsd.org) Received: (from brooks@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n59DoGA5072964; Tue, 9 Jun 2009 13:50:16 GMT (envelope-from brooks@svn.freebsd.org) Message-Id: <200906091350.n59DoGA5072964@svn.freebsd.org> From: Brooks Davis Date: Tue, 9 Jun 2009 13:50:16 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org X-SVN-Group: projects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r193830 - in projects/ngroups/sys: contrib/pf/net fs/nfs gnu/fs/xfs gnu/fs/xfs/FreeBSD kern netncp netsmb nfsclient nfsserver rpc security/audit ufs/ufs X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Jun 2009 13:50:18 -0000 Author: brooks Date: Tue Jun 9 13:50:16 2009 New Revision: 193830 URL: http://svn.freebsd.org/changeset/base/193830 Log: Back out the new uses of the cr_gid macro introduced in r193537. We're certaintly not going to split cr_gid out from cr_groups for 8.0. Also reintroduce a few related comments. Modified: projects/ngroups/sys/contrib/pf/net/pf.c projects/ngroups/sys/fs/nfs/nfs_commonport.c projects/ngroups/sys/gnu/fs/xfs/FreeBSD/xfs_compat.h projects/ngroups/sys/gnu/fs/xfs/xfs_inode.c projects/ngroups/sys/gnu/fs/xfs/xfs_vnodeops.c projects/ngroups/sys/kern/kern_prot.c projects/ngroups/sys/kern/vfs_syscalls.c projects/ngroups/sys/netncp/ncp_conn.c projects/ngroups/sys/netsmb/smb_conn.c projects/ngroups/sys/nfsclient/nfs_subs.c projects/ngroups/sys/nfsserver/nfs_srvsock.c projects/ngroups/sys/rpc/svc_auth.c projects/ngroups/sys/rpc/svc_auth_unix.c projects/ngroups/sys/security/audit/audit.c projects/ngroups/sys/security/audit/audit_arg.c projects/ngroups/sys/ufs/ufs/ufs_vnops.c Modified: projects/ngroups/sys/contrib/pf/net/pf.c ============================================================================== --- projects/ngroups/sys/contrib/pf/net/pf.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/contrib/pf/net/pf.c Tue Jun 9 13:50:16 2009 (r193830) @@ -2945,7 +2945,7 @@ pf_socket_lookup(int direction, struct p if (inp_arg != NULL) { INP_LOCK_ASSERT(inp_arg); pd->lookup.uid = inp_arg->inp_cred->cr_uid; - pd->lookup.gid = inp_arg->inp_cred->cr_gid; + pd->lookup.gid = inp_arg->inp_cred->cr_groups[0]; return (1); } #endif @@ -3043,7 +3043,7 @@ pf_socket_lookup(int direction, struct p } #ifdef __FreeBSD__ pd->lookup.uid = inp->inp_cred->cr_uid; - pd->lookup.gid = inp->inp_cred->cr_gid; + pd->lookup.gid = inp->inp_cred->cr_groups[0]; INP_INFO_RUNLOCK(pi); #else pd->lookup.uid = inp->inp_socket->so_euid; Modified: projects/ngroups/sys/fs/nfs/nfs_commonport.c ============================================================================== --- projects/ngroups/sys/fs/nfs/nfs_commonport.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/fs/nfs/nfs_commonport.c Tue Jun 9 13:50:16 2009 (r193830) @@ -290,13 +290,15 @@ nfsrv_atroot(struct vnode *vp, long *ret /* * Set the credentials to refer to root. + * If only the various BSDen could agree on whether cr_gid is a separate + * field or cr_groups[0]... */ void newnfs_setroot(struct ucred *cred) { cred->cr_uid = 0; - cred->cr_gid = 0; + cred->cr_groups[0] = 0; cred->cr_ngroups = 1; } Modified: projects/ngroups/sys/gnu/fs/xfs/FreeBSD/xfs_compat.h ============================================================================== --- projects/ngroups/sys/gnu/fs/xfs/FreeBSD/xfs_compat.h Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/gnu/fs/xfs/FreeBSD/xfs_compat.h Tue Jun 9 13:50:16 2009 (r193830) @@ -163,7 +163,7 @@ typedef struct mtx xfs_mutex_t; * Cedentials manipulation. */ #define current_fsuid(credp) (credp)->cr_uid -#define current_fsgid(credp) (credp)->cr_gid +#define current_fsgid(credp) (credp)->cr_groups[0] #define PAGE_CACHE_SIZE PAGE_SIZE Modified: projects/ngroups/sys/gnu/fs/xfs/xfs_inode.c ============================================================================== --- projects/ngroups/sys/gnu/fs/xfs/xfs_inode.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/gnu/fs/xfs/xfs_inode.c Tue Jun 9 13:50:16 2009 (r193830) @@ -1124,7 +1124,7 @@ xfs_ialloc( ip->i_d.di_nlink = nlink; ASSERT(ip->i_d.di_nlink == nlink); ip->i_d.di_uid = curthread->td_ucred->cr_uid; - ip->i_d.di_gid = curthread->td_ucred->cr_gid; + ip->i_d.di_gid = curthread->td_ucred->cr_groups[0]; ip->i_d.di_projid = prid; memset(&(ip->i_d.di_pad[0]), 0, sizeof(ip->i_d.di_pad)); Modified: projects/ngroups/sys/gnu/fs/xfs/xfs_vnodeops.c ============================================================================== --- projects/ngroups/sys/gnu/fs/xfs/xfs_vnodeops.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/gnu/fs/xfs/xfs_vnodeops.c Tue Jun 9 13:50:16 2009 (r193830) @@ -3379,7 +3379,7 @@ xfs_symlink( */ error = XFS_QM_DQVOPALLOC(mp, dp, current->td_ucred->cr_uid, - current->td_ucred->cr_gid, + current->td_ucred->cr_groups[0], prid, XFS_QMOPT_QUOTALL | XFS_QMOPT_INHERIT, &udqp, &gdqp); if (error) Modified: projects/ngroups/sys/kern/kern_prot.c ============================================================================== --- projects/ngroups/sys/kern/kern_prot.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/kern/kern_prot.c Tue Jun 9 13:50:16 2009 (r193830) @@ -246,11 +246,16 @@ getgid(struct thread *td, struct getgid_ td->td_retval[0] = td->td_ucred->cr_rgid; #if defined(COMPAT_43) - td->td_retval[1] = td->td_ucred->cr_gid; + td->td_retval[1] = td->td_ucred->cr_groups[0]; #endif return (0); } +/* + * Get effective group ID. The "egid" is groups[0], and could be obtained + * via getgroups. This syscall exists because it is somewhat painful to do + * correctly in a library function. + */ #ifndef _SYS_SYSPROTO_H_ struct getegid_args { int dummy; @@ -261,7 +266,7 @@ int getegid(struct thread *td, struct getegid_args *uap) { - td->td_retval[0] = td->td_ucred->cr_gid; + td->td_retval[0] = td->td_ucred->cr_groups[0]; return (0); } @@ -677,7 +682,7 @@ setgid(struct thread *td, struct setgid_ gid != oldcred->cr_svgid && /* allow setgid(saved gid) */ #endif #ifdef POSIX_APPENDIX_B_4_2_2 /* Use BSD-compat clause from B.4.2.2 */ - gid != oldcred->cr_gid && /* allow setgid(getegid()) */ + gid != oldcred->cr_groups[0] && /* allow setgid(getegid()) */ #endif (error = priv_check_cred(oldcred, PRIV_CRED_SETGID, 0)) != 0) goto fail; @@ -689,7 +694,7 @@ setgid(struct thread *td, struct setgid_ */ if ( #ifdef POSIX_APPENDIX_B_4_2_2 /* use the clause from B.4.2.2 */ - gid == oldcred->cr_gid || + gid == oldcred->cr_groups[0] || #endif /* We are using privs. */ priv_check_cred(oldcred, PRIV_CRED_SETGID, 0) == 0) @@ -718,7 +723,7 @@ setgid(struct thread *td, struct setgid_ * In all cases permitted cases, we are changing the egid. * Copy credentials so other references do not see our changes. */ - if (oldcred->cr_gid != gid) { + if (oldcred->cr_groups[0] != gid) { change_egid(newcred, gid); setsugid(p); } @@ -764,7 +769,7 @@ setegid(struct thread *td, struct setegi (error = priv_check_cred(oldcred, PRIV_CRED_SETEGID, 0)) != 0) goto fail; - if (oldcred->cr_gid != egid) { + if (oldcred->cr_groups[0] != egid) { change_egid(newcred, egid); setsugid(p); } @@ -950,12 +955,12 @@ setregid(register struct thread *td, str if (((rgid != (gid_t)-1 && rgid != oldcred->cr_rgid && rgid != oldcred->cr_svgid) || - (egid != (gid_t)-1 && egid != oldcred->cr_gid && + (egid != (gid_t)-1 && egid != oldcred->cr_groups[0] && egid != oldcred->cr_rgid && egid != oldcred->cr_svgid)) && (error = priv_check_cred(oldcred, PRIV_CRED_SETREGID, 0)) != 0) goto fail; - if (egid != (gid_t)-1 && oldcred->cr_gid != egid) { + if (egid != (gid_t)-1 && oldcred->cr_groups[0] != egid) { change_egid(newcred, egid); setsugid(p); } @@ -963,9 +968,9 @@ setregid(register struct thread *td, str change_rgid(newcred, rgid); setsugid(p); } - if ((rgid != (gid_t)-1 || newcred->cr_gid != newcred->cr_rgid) && - newcred->cr_svgid != newcred->cr_gid) { - change_svgid(newcred, newcred->cr_gid); + if ((rgid != (gid_t)-1 || newcred->cr_groups[0] != newcred->cr_rgid) && + newcred->cr_svgid != newcred->cr_groups[0]) { + change_svgid(newcred, newcred->cr_groups[0]); setsugid(p); } p->p_ucred = newcred; @@ -1096,17 +1101,17 @@ setresgid(register struct thread *td, st if (((rgid != (gid_t)-1 && rgid != oldcred->cr_rgid && rgid != oldcred->cr_svgid && - rgid != oldcred->cr_gid) || + rgid != oldcred->cr_groups[0]) || (egid != (gid_t)-1 && egid != oldcred->cr_rgid && egid != oldcred->cr_svgid && - egid != oldcred->cr_gid) || + egid != oldcred->cr_groups[0]) || (sgid != (gid_t)-1 && sgid != oldcred->cr_rgid && sgid != oldcred->cr_svgid && - sgid != oldcred->cr_gid)) && + sgid != oldcred->cr_groups[0])) && (error = priv_check_cred(oldcred, PRIV_CRED_SETRESGID, 0)) != 0) goto fail; - if (egid != (gid_t)-1 && oldcred->cr_gid != egid) { + if (egid != (gid_t)-1 && oldcred->cr_groups[0] != egid) { change_egid(newcred, egid); setsugid(p); } @@ -1175,8 +1180,8 @@ getresgid(register struct thread *td, st error1 = copyout(&cred->cr_rgid, uap->rgid, sizeof(cred->cr_rgid)); if (uap->egid) - error2 = copyout(&cred->cr_gid, - uap->egid, sizeof(cred->cr_gid)); + error2 = copyout(&cred->cr_groups[0], + uap->egid, sizeof(cred->cr_groups[0])); if (uap->sgid) error3 = copyout(&cred->cr_svgid, uap->sgid, sizeof(cred->cr_svgid)); @@ -2101,7 +2106,7 @@ void change_egid(struct ucred *newcred, gid_t egid) { - newcred->cr_gid = egid; + newcred->cr_groups[0] = egid; } /*- Modified: projects/ngroups/sys/kern/vfs_syscalls.c ============================================================================== --- projects/ngroups/sys/kern/vfs_syscalls.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/kern/vfs_syscalls.c Tue Jun 9 13:50:16 2009 (r193830) @@ -2128,7 +2128,7 @@ kern_accessat(struct thread *td, int fd, cred = td->td_ucred; tmpcred = crdup(cred); tmpcred->cr_uid = cred->cr_ruid; - tmpcred->cr_gid = cred->cr_rgid; + tmpcred->cr_groups[0] = cred->cr_rgid; td->td_ucred = tmpcred; } else cred = tmpcred = td->td_ucred; Modified: projects/ngroups/sys/netncp/ncp_conn.c ============================================================================== --- projects/ngroups/sys/netncp/ncp_conn.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/netncp/ncp_conn.c Tue Jun 9 13:50:16 2009 (r193830) @@ -249,7 +249,7 @@ ncp_conn_alloc(struct ncp_conn_args *cap ncp->connid = 0xFFFF; ncp->li = *cap; ncp->nc_group = (cap->group != NCP_DEFAULT_GROUP) ? - cap->group : cred->cr_gid; + cap->group : cred->cr_groups[0]; if (cap->retry_count == 0) ncp->li.retry_count = NCP_RETRY_COUNT; Modified: projects/ngroups/sys/netsmb/smb_conn.c ============================================================================== --- projects/ngroups/sys/netsmb/smb_conn.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/netsmb/smb_conn.c Tue Jun 9 13:50:16 2009 (r193830) @@ -416,7 +416,7 @@ smb_vc_create(struct smb_vcspec *vcspec, if (uid == SMBM_ANY_OWNER) uid = realuid; if (gid == SMBM_ANY_GROUP) - gid = cred->cr_gid; + gid = cred->cr_groups[0]; vcp->vc_uid = uid; vcp->vc_grp = gid; @@ -714,7 +714,7 @@ smb_share_create(struct smb_vc *vcp, str if (uid == SMBM_ANY_OWNER) uid = realuid; if (gid == SMBM_ANY_GROUP) - gid = cred->cr_gid; + gid = cred->cr_groups[0]; ssp = smb_zmalloc(sizeof(*ssp), M_SMBCONN, M_WAITOK); smb_co_init(SSTOCP(ssp), SMBL_SHARE, "smbss ilock", "smbss"); ssp->obj.co_free = smb_share_free; Modified: projects/ngroups/sys/nfsclient/nfs_subs.c ============================================================================== --- projects/ngroups/sys/nfsclient/nfs_subs.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/nfsclient/nfs_subs.c Tue Jun 9 13:50:16 2009 (r193830) @@ -253,7 +253,7 @@ nfsm_rpchead(struct ucred *cr, int nmfla *tl++ = 0; /* stamp ?? */ *tl++ = 0; /* NULL hostname */ *tl++ = txdr_unsigned(cr->cr_uid); - *tl++ = txdr_unsigned(cr->cr_gid); + *tl++ = txdr_unsigned(cr->cr_groups[0]); grpsiz = (auth_len >> 2) - 5; *tl++ = txdr_unsigned(grpsiz); for (i = 1; i <= grpsiz; i++) Modified: projects/ngroups/sys/nfsserver/nfs_srvsock.c ============================================================================== --- projects/ngroups/sys/nfsserver/nfs_srvsock.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/nfsserver/nfs_srvsock.c Tue Jun 9 13:50:16 2009 (r193830) @@ -358,7 +358,7 @@ nfs_getreq(struct nfsrv_descript *nd, st tl = nfsm_dissect_nonblock(u_int32_t *, 3 * NFSX_UNSIGNED); nd->nd_cr->cr_uid = nd->nd_cr->cr_ruid = nd->nd_cr->cr_svuid = fxdr_unsigned(uid_t, *tl++); - nd->nd_cr->cr_gid = nd->nd_cr->cr_rgid = + nd->nd_cr->cr_groups[0] = nd->nd_cr->cr_rgid = nd->nd_cr->cr_svgid = fxdr_unsigned(gid_t, *tl++); #ifdef MAC mac_cred_associate_nfsd(nd->nd_cr); Modified: projects/ngroups/sys/rpc/svc_auth.c ============================================================================== --- projects/ngroups/sys/rpc/svc_auth.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/rpc/svc_auth.c Tue Jun 9 13:50:16 2009 (r193830) @@ -178,7 +178,7 @@ svc_getcred(struct svc_req *rqst, struct cr = crget(); cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xcr->cr_uid; crsetgroups(cr, xcr->cr_ngroups, xcr->cr_groups); - cr->cr_rgid = cr->cr_svgid = cr->cr_gid; + cr->cr_rgid = cr->cr_svgid = cr->cr_groups[0]; *crp = cr; return (TRUE); Modified: projects/ngroups/sys/rpc/svc_auth_unix.c ============================================================================== --- projects/ngroups/sys/rpc/svc_auth_unix.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/rpc/svc_auth_unix.c Tue Jun 9 13:50:16 2009 (r193830) @@ -88,7 +88,7 @@ _svcauth_unix(struct svc_req *rqst, stru str_len = RNDUP(str_len); buf += str_len / sizeof (int32_t); xcr->cr_uid = IXDR_GET_UINT32(buf); - xcr->cr_gid = IXDR_GET_UINT32(buf); + xcr->cr_groups[0] = IXDR_GET_UINT32(buf); gid_len = (size_t)IXDR_GET_UINT32(buf); if (gid_len > NGRPS) { stat = AUTH_BADCRED; Modified: projects/ngroups/sys/security/audit/audit.c ============================================================================== --- projects/ngroups/sys/security/audit/audit.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/security/audit/audit.c Tue Jun 9 13:50:16 2009 (r193830) @@ -224,7 +224,7 @@ audit_record_ctor(void *mem, int size, v cru2x(cred, &ar->k_ar.ar_subj_cred); ar->k_ar.ar_subj_ruid = cred->cr_ruid; ar->k_ar.ar_subj_rgid = cred->cr_rgid; - ar->k_ar.ar_subj_egid = cred->cr_gid; + ar->k_ar.ar_subj_egid = cred->cr_groups[0]; ar->k_ar.ar_subj_auid = cred->cr_audit.ai_auid; ar->k_ar.ar_subj_asid = cred->cr_audit.ai_asid; ar->k_ar.ar_subj_pid = td->td_proc->p_pid; Modified: projects/ngroups/sys/security/audit/audit_arg.c ============================================================================== --- projects/ngroups/sys/security/audit/audit_arg.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/security/audit/audit_arg.c Tue Jun 9 13:50:16 2009 (r193830) @@ -369,7 +369,7 @@ audit_arg_process(struct proc *p) cred = p->p_ucred; ar->k_ar.ar_arg_auid = cred->cr_audit.ai_auid; ar->k_ar.ar_arg_euid = cred->cr_uid; - ar->k_ar.ar_arg_egid = cred->cr_gid; + ar->k_ar.ar_arg_egid = cred->cr_groups[0]; ar->k_ar.ar_arg_ruid = cred->cr_ruid; ar->k_ar.ar_arg_rgid = cred->cr_rgid; ar->k_ar.ar_arg_asid = cred->cr_audit.ai_asid; Modified: projects/ngroups/sys/ufs/ufs/ufs_vnops.c ============================================================================== --- projects/ngroups/sys/ufs/ufs/ufs_vnops.c Tue Jun 9 13:44:17 2009 (r193829) +++ projects/ngroups/sys/ufs/ufs/ufs_vnops.c Tue Jun 9 13:50:16 2009 (r193830) @@ -1475,7 +1475,7 @@ ufs_mkdir(ap) refcount_init(&ucred.cr_ref, 1); ucred.cr_uid = ip->i_uid; ucred.cr_ngroups = 1; - ucred.cr_gid = dp->i_gid; + ucred.cr_groups[0] = dp->i_gid; ucp = &ucred; } #endif @@ -2294,7 +2294,7 @@ ufs_makeinode(mode, dvp, vpp, cnp) ucred.cr_uid = ip->i_uid; ucred.cr_ngroups = 1; ucred.cr_groups = &ucred_group; - ucred.cr_gid = pdir->i_gid; + ucred.cr_groups[0] = pdir->i_gid; ucp = &ucred; #endif } else {