git: 3ce5ef4f7a97 - stable/13 - cred: Separate constant for the number of inlined groups
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 15 Nov 2024 13:00:46 UTC
The branch stable/13 has been updated by olce:
URL: https://cgit.FreeBSD.org/src/commit/?id=3ce5ef4f7a97d3e059fba7d6afc60881e8f3fb9f
commit 3ce5ef4f7a97d3e059fba7d6afc60881e8f3fb9f
Author: Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2024-07-16 20:37:44 +0000
Commit: Olivier Certner <olce@FreeBSD.org>
CommitDate: 2024-11-15 12:59:08 +0000
cred: Separate constant for the number of inlined groups
CRED_SMALLGROUPS_NB now holds the number of inlined groups in field
'cr_smallgroups'. XU_NGROUPS stays the number of groups allowed in
'struct xucred'. The first is an implementation detail, while the
second is part of a public interface. All mentions of XU_NGROUPS in the
tree have been reviewed and only those concerning the implementation
detail have been changed to use CRED_SMALLGROUPS_NB (they were all in
'kern_prot.c').
No functional change, as CRED_SMALLGROUPS_NB is set to 16, the same
value as XU_NGROUPS.
Reviewed by: mhorne (slightly different version)
Approved by: markj (mentor)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D46911
(cherry picked from commit 664b9fcb1c051c17ba11d1e5e8a1db9938d76bd5)
Approved by: markj (mentor)
---
sys/kern/kern_prot.c | 6 +++---
sys/sys/ucred.h | 12 ++++++++++--
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 5fdb0a40a425..cb9a2f3c5ae7 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -807,7 +807,7 @@ struct setgroups_args {
int
sys_setgroups(struct thread *td, struct setgroups_args *uap)
{
- gid_t smallgroups[XU_NGROUPS];
+ gid_t smallgroups[CRED_SMALLGROUPS_NB];
gid_t *groups;
int gidsetsize, error;
@@ -815,7 +815,7 @@ sys_setgroups(struct thread *td, struct setgroups_args *uap)
if (gidsetsize > ngroups_max + 1 || gidsetsize < 0)
return (EINVAL);
- if (gidsetsize > XU_NGROUPS)
+ if (gidsetsize > CRED_SMALLGROUPS_NB)
groups = malloc(gidsetsize * sizeof(gid_t), M_TEMP, M_WAITOK);
else
groups = smallgroups;
@@ -824,7 +824,7 @@ sys_setgroups(struct thread *td, struct setgroups_args *uap)
if (error == 0)
error = kern_setgroups(td, gidsetsize, groups);
- if (gidsetsize > XU_NGROUPS)
+ if (gidsetsize > CRED_SMALLGROUPS_NB)
free(groups, M_TEMP);
return (error);
}
diff --git a/sys/sys/ucred.h b/sys/sys/ucred.h
index da0568e9648f..243a2431bd0b 100644
--- a/sys/sys/ucred.h
+++ b/sys/sys/ucred.h
@@ -44,6 +44,14 @@ struct loginclass;
#define XU_NGROUPS 16
+#if defined(_KERNEL) || defined(_WANT_UCRED)
+/*
+ * Number of groups inlined in 'struct ucred'. It must stay reasonably low as
+ * it is also used by some functions to allocate an array of this size on the
+ * stack.
+ */
+#define CRED_SMALLGROUPS_NB 16
+
/*
* Credentials.
*
@@ -57,7 +65,6 @@ struct loginclass;
*
* See "Credential management" comment in kern_prot.c for more information.
*/
-#if defined(_KERNEL) || defined(_WANT_UCRED)
struct ucred {
struct mtx cr_mtx;
u_int cr_ref; /* (c) reference count */
@@ -80,7 +87,8 @@ struct ucred {
struct label *cr_label; /* MAC label */
gid_t *cr_groups; /* groups */
int cr_agroups; /* Available groups */
- gid_t cr_smallgroups[XU_NGROUPS]; /* storage for small groups */
+ /* storage for small groups */
+ gid_t cr_smallgroups[CRED_SMALLGROUPS_NB];
};
#define NOCRED ((struct ucred *)0) /* no credential available */
#define FSCRED ((struct ucred *)-1) /* filesystem credential */