svn commit: r193830 - in projects/ngroups/sys: contrib/pf/net fs/nfs gnu/fs/xfs gnu/fs/xfs/FreeBSD kern netncp netsmb nfsclient nfsserver rpc security/audit ufs/ufs

Brooks Davis brooks at FreeBSD.org
Tue Jun 9 13:50:18 UTC 2009 

Author: brooks
Date: Tue Jun  9 13:50:16 2009
New Revision: 193830
URL: http://svn.freebsd.org/changeset/base/193830

Log:
  Back out the new uses of the cr_gid macro introduced in r193537.  We're
  certaintly not going to split cr_gid out from cr_groups for 8.0.
  
  Also reintroduce a few related comments.

Modified:
  projects/ngroups/sys/contrib/pf/net/pf.c
  projects/ngroups/sys/fs/nfs/nfs_commonport.c
  projects/ngroups/sys/gnu/fs/xfs/FreeBSD/xfs_compat.h
  projects/ngroups/sys/gnu/fs/xfs/xfs_inode.c
  projects/ngroups/sys/gnu/fs/xfs/xfs_vnodeops.c
  projects/ngroups/sys/kern/kern_prot.c
  projects/ngroups/sys/kern/vfs_syscalls.c
  projects/ngroups/sys/netncp/ncp_conn.c
  projects/ngroups/sys/netsmb/smb_conn.c
  projects/ngroups/sys/nfsclient/nfs_subs.c
  projects/ngroups/sys/nfsserver/nfs_srvsock.c
  projects/ngroups/sys/rpc/svc_auth.c
  projects/ngroups/sys/rpc/svc_auth_unix.c
  projects/ngroups/sys/security/audit/audit.c
  projects/ngroups/sys/security/audit/audit_arg.c
  projects/ngroups/sys/ufs/ufs/ufs_vnops.c

Modified: projects/ngroups/sys/contrib/pf/net/pf.c
==============================================================================
--- projects/ngroups/sys/contrib/pf/net/pf.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/contrib/pf/net/pf.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -2945,7 +2945,7 @@ pf_socket_lookup(int direction, struct p
 	if (inp_arg != NULL) {
 		INP_LOCK_ASSERT(inp_arg);
 		pd->lookup.uid = inp_arg->inp_cred->cr_uid;
-		pd->lookup.gid = inp_arg->inp_cred->cr_gid;
+		pd->lookup.gid = inp_arg->inp_cred->cr_groups[0];
 		return (1);
 	}
 #endif
@@ -3043,7 +3043,7 @@ pf_socket_lookup(int direction, struct p
 	}
 #ifdef __FreeBSD__
 	pd->lookup.uid = inp->inp_cred->cr_uid;
-	pd->lookup.gid = inp->inp_cred->cr_gid;
+	pd->lookup.gid = inp->inp_cred->cr_groups[0];
 	INP_INFO_RUNLOCK(pi);
 #else
 	pd->lookup.uid = inp->inp_socket->so_euid;

Modified: projects/ngroups/sys/fs/nfs/nfs_commonport.c
==============================================================================
--- projects/ngroups/sys/fs/nfs/nfs_commonport.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/fs/nfs/nfs_commonport.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -290,13 +290,15 @@ nfsrv_atroot(struct vnode *vp, long *ret
 
 /*
  * Set the credentials to refer to root.
+ * If only the various BSDen could agree on whether cr_gid is a separate
+ * field or cr_groups[0]...
  */
 void
 newnfs_setroot(struct ucred *cred)
 {
 
 	cred->cr_uid = 0;
-	cred->cr_gid = 0;
+	cred->cr_groups[0] = 0;
 	cred->cr_ngroups = 1;
 }
 

Modified: projects/ngroups/sys/gnu/fs/xfs/FreeBSD/xfs_compat.h
==============================================================================
--- projects/ngroups/sys/gnu/fs/xfs/FreeBSD/xfs_compat.h	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/gnu/fs/xfs/FreeBSD/xfs_compat.h	Tue Jun  9 13:50:16 2009	(r193830)
@@ -163,7 +163,7 @@ typedef struct mtx xfs_mutex_t;
  * Cedentials manipulation.
  */
 #define current_fsuid(credp)	(credp)->cr_uid
-#define current_fsgid(credp)	(credp)->cr_gid
+#define current_fsgid(credp)	(credp)->cr_groups[0]
 
 #define PAGE_CACHE_SIZE PAGE_SIZE
 

Modified: projects/ngroups/sys/gnu/fs/xfs/xfs_inode.c
==============================================================================
--- projects/ngroups/sys/gnu/fs/xfs/xfs_inode.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/gnu/fs/xfs/xfs_inode.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -1124,7 +1124,7 @@ xfs_ialloc(
 	ip->i_d.di_nlink = nlink;
 	ASSERT(ip->i_d.di_nlink == nlink);
 	ip->i_d.di_uid = curthread->td_ucred->cr_uid;
-	ip->i_d.di_gid = curthread->td_ucred->cr_gid;
+	ip->i_d.di_gid = curthread->td_ucred->cr_groups[0];
 	ip->i_d.di_projid = prid;
 	memset(&(ip->i_d.di_pad[0]), 0, sizeof(ip->i_d.di_pad));
 

Modified: projects/ngroups/sys/gnu/fs/xfs/xfs_vnodeops.c
==============================================================================
--- projects/ngroups/sys/gnu/fs/xfs/xfs_vnodeops.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/gnu/fs/xfs/xfs_vnodeops.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -3379,7 +3379,7 @@ xfs_symlink(
 	 */
 	error = XFS_QM_DQVOPALLOC(mp, dp,
 				  current->td_ucred->cr_uid,
-				  current->td_ucred->cr_gid,
+				  current->td_ucred->cr_groups[0],
 				  prid,
 				  XFS_QMOPT_QUOTALL | XFS_QMOPT_INHERIT, &udqp, &gdqp);
 	if (error)

Modified: projects/ngroups/sys/kern/kern_prot.c
==============================================================================
--- projects/ngroups/sys/kern/kern_prot.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/kern/kern_prot.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -246,11 +246,16 @@ getgid(struct thread *td, struct getgid_
 
 	td->td_retval[0] = td->td_ucred->cr_rgid;
 #if defined(COMPAT_43)
-	td->td_retval[1] = td->td_ucred->cr_gid;
+	td->td_retval[1] = td->td_ucred->cr_groups[0];
 #endif
 	return (0);
 }
 
+/*
+ * Get effective group ID.  The "egid" is groups[0], and could be obtained
+ * via getgroups.  This syscall exists because it is somewhat painful to do
+ * correctly in a library function.
+ */
 #ifndef _SYS_SYSPROTO_H_
 struct getegid_args {
         int     dummy;
@@ -261,7 +266,7 @@ int
 getegid(struct thread *td, struct getegid_args *uap)
 {
 
-	td->td_retval[0] = td->td_ucred->cr_gid;
+	td->td_retval[0] = td->td_ucred->cr_groups[0];
 	return (0);
 }
 
@@ -677,7 +682,7 @@ setgid(struct thread *td, struct setgid_
 	    gid != oldcred->cr_svgid &&		/* allow setgid(saved gid) */
 #endif
 #ifdef POSIX_APPENDIX_B_4_2_2	/* Use BSD-compat clause from B.4.2.2 */
-	    gid != oldcred->cr_gid && /* allow setgid(getegid()) */
+	    gid != oldcred->cr_groups[0] && /* allow setgid(getegid()) */
 #endif
 	    (error = priv_check_cred(oldcred, PRIV_CRED_SETGID, 0)) != 0)
 		goto fail;
@@ -689,7 +694,7 @@ setgid(struct thread *td, struct setgid_
 	 */
 	if (
 #ifdef POSIX_APPENDIX_B_4_2_2	/* use the clause from B.4.2.2 */
-	    gid == oldcred->cr_gid ||
+	    gid == oldcred->cr_groups[0] ||
 #endif
 	    /* We are using privs. */
 	    priv_check_cred(oldcred, PRIV_CRED_SETGID, 0) == 0)
@@ -718,7 +723,7 @@ setgid(struct thread *td, struct setgid_
 	 * In all cases permitted cases, we are changing the egid.
 	 * Copy credentials so other references do not see our changes.
 	 */
-	if (oldcred->cr_gid != gid) {
+	if (oldcred->cr_groups[0] != gid) {
 		change_egid(newcred, gid);
 		setsugid(p);
 	}
@@ -764,7 +769,7 @@ setegid(struct thread *td, struct setegi
 	    (error = priv_check_cred(oldcred, PRIV_CRED_SETEGID, 0)) != 0)
 		goto fail;
 
-	if (oldcred->cr_gid != egid) {
+	if (oldcred->cr_groups[0] != egid) {
 		change_egid(newcred, egid);
 		setsugid(p);
 	}
@@ -950,12 +955,12 @@ setregid(register struct thread *td, str
 
 	if (((rgid != (gid_t)-1 && rgid != oldcred->cr_rgid &&
 	    rgid != oldcred->cr_svgid) ||
-	     (egid != (gid_t)-1 && egid != oldcred->cr_gid &&
+	     (egid != (gid_t)-1 && egid != oldcred->cr_groups[0] &&
 	     egid != oldcred->cr_rgid && egid != oldcred->cr_svgid)) &&
 	    (error = priv_check_cred(oldcred, PRIV_CRED_SETREGID, 0)) != 0)
 		goto fail;
 
-	if (egid != (gid_t)-1 && oldcred->cr_gid != egid) {
+	if (egid != (gid_t)-1 && oldcred->cr_groups[0] != egid) {
 		change_egid(newcred, egid);
 		setsugid(p);
 	}
@@ -963,9 +968,9 @@ setregid(register struct thread *td, str
 		change_rgid(newcred, rgid);
 		setsugid(p);
 	}
-	if ((rgid != (gid_t)-1 || newcred->cr_gid != newcred->cr_rgid) &&
-	    newcred->cr_svgid != newcred->cr_gid) {
-		change_svgid(newcred, newcred->cr_gid);
+	if ((rgid != (gid_t)-1 || newcred->cr_groups[0] != newcred->cr_rgid) &&
+	    newcred->cr_svgid != newcred->cr_groups[0]) {
+		change_svgid(newcred, newcred->cr_groups[0]);
 		setsugid(p);
 	}
 	p->p_ucred = newcred;
@@ -1096,17 +1101,17 @@ setresgid(register struct thread *td, st
 
 	if (((rgid != (gid_t)-1 && rgid != oldcred->cr_rgid &&
 	      rgid != oldcred->cr_svgid &&
-	      rgid != oldcred->cr_gid) ||
+	      rgid != oldcred->cr_groups[0]) ||
 	     (egid != (gid_t)-1 && egid != oldcred->cr_rgid &&
 	      egid != oldcred->cr_svgid &&
-	      egid != oldcred->cr_gid) ||
+	      egid != oldcred->cr_groups[0]) ||
 	     (sgid != (gid_t)-1 && sgid != oldcred->cr_rgid &&
 	      sgid != oldcred->cr_svgid &&
-	      sgid != oldcred->cr_gid)) &&
+	      sgid != oldcred->cr_groups[0])) &&
 	    (error = priv_check_cred(oldcred, PRIV_CRED_SETRESGID, 0)) != 0)
 		goto fail;
 
-	if (egid != (gid_t)-1 && oldcred->cr_gid != egid) {
+	if (egid != (gid_t)-1 && oldcred->cr_groups[0] != egid) {
 		change_egid(newcred, egid);
 		setsugid(p);
 	}
@@ -1175,8 +1180,8 @@ getresgid(register struct thread *td, st
 		error1 = copyout(&cred->cr_rgid,
 		    uap->rgid, sizeof(cred->cr_rgid));
 	if (uap->egid)
-		error2 = copyout(&cred->cr_gid,
-		    uap->egid, sizeof(cred->cr_gid));
+		error2 = copyout(&cred->cr_groups[0],
+		    uap->egid, sizeof(cred->cr_groups[0]));
 	if (uap->sgid)
 		error3 = copyout(&cred->cr_svgid,
 		    uap->sgid, sizeof(cred->cr_svgid));
@@ -2101,7 +2106,7 @@ void
 change_egid(struct ucred *newcred, gid_t egid)
 {
 
-	newcred->cr_gid = egid;
+	newcred->cr_groups[0] = egid;
 }
 
 /*-

Modified: projects/ngroups/sys/kern/vfs_syscalls.c
==============================================================================
--- projects/ngroups/sys/kern/vfs_syscalls.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/kern/vfs_syscalls.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -2128,7 +2128,7 @@ kern_accessat(struct thread *td, int fd,
 		cred = td->td_ucred;
 		tmpcred = crdup(cred);
 		tmpcred->cr_uid = cred->cr_ruid;
-		tmpcred->cr_gid = cred->cr_rgid;
+		tmpcred->cr_groups[0] = cred->cr_rgid;
 		td->td_ucred = tmpcred;
 	} else
 		cred = tmpcred = td->td_ucred;

Modified: projects/ngroups/sys/netncp/ncp_conn.c
==============================================================================
--- projects/ngroups/sys/netncp/ncp_conn.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/netncp/ncp_conn.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -249,7 +249,7 @@ ncp_conn_alloc(struct ncp_conn_args *cap
 	ncp->connid = 0xFFFF;
 	ncp->li = *cap;
 	ncp->nc_group = (cap->group != NCP_DEFAULT_GROUP) ?
-		cap->group : cred->cr_gid;
+		cap->group : cred->cr_groups[0];
 
 	if (cap->retry_count == 0)
 		ncp->li.retry_count = NCP_RETRY_COUNT;

Modified: projects/ngroups/sys/netsmb/smb_conn.c
==============================================================================
--- projects/ngroups/sys/netsmb/smb_conn.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/netsmb/smb_conn.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -416,7 +416,7 @@ smb_vc_create(struct smb_vcspec *vcspec,
 	if (uid == SMBM_ANY_OWNER)
 		uid = realuid;
 	if (gid == SMBM_ANY_GROUP)
-		gid = cred->cr_gid;
+		gid = cred->cr_groups[0];
 	vcp->vc_uid = uid;
 	vcp->vc_grp = gid;
 
@@ -714,7 +714,7 @@ smb_share_create(struct smb_vc *vcp, str
 	if (uid == SMBM_ANY_OWNER)
 		uid = realuid;
 	if (gid == SMBM_ANY_GROUP)
-		gid = cred->cr_gid;
+		gid = cred->cr_groups[0];
 	ssp = smb_zmalloc(sizeof(*ssp), M_SMBCONN, M_WAITOK);
 	smb_co_init(SSTOCP(ssp), SMBL_SHARE, "smbss ilock", "smbss");
 	ssp->obj.co_free = smb_share_free;

Modified: projects/ngroups/sys/nfsclient/nfs_subs.c
==============================================================================
--- projects/ngroups/sys/nfsclient/nfs_subs.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/nfsclient/nfs_subs.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -253,7 +253,7 @@ nfsm_rpchead(struct ucred *cr, int nmfla
 		*tl++ = 0;		/* stamp ?? */
 		*tl++ = 0;		/* NULL hostname */
 		*tl++ = txdr_unsigned(cr->cr_uid);
-		*tl++ = txdr_unsigned(cr->cr_gid);
+		*tl++ = txdr_unsigned(cr->cr_groups[0]);
 		grpsiz = (auth_len >> 2) - 5;
 		*tl++ = txdr_unsigned(grpsiz);
 		for (i = 1; i <= grpsiz; i++)

Modified: projects/ngroups/sys/nfsserver/nfs_srvsock.c
==============================================================================
--- projects/ngroups/sys/nfsserver/nfs_srvsock.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/nfsserver/nfs_srvsock.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -358,7 +358,7 @@ nfs_getreq(struct nfsrv_descript *nd, st
 		tl = nfsm_dissect_nonblock(u_int32_t *, 3 * NFSX_UNSIGNED);
 		nd->nd_cr->cr_uid = nd->nd_cr->cr_ruid =
 		    nd->nd_cr->cr_svuid = fxdr_unsigned(uid_t, *tl++);
-		nd->nd_cr->cr_gid = nd->nd_cr->cr_rgid =
+		nd->nd_cr->cr_groups[0] = nd->nd_cr->cr_rgid =
 		    nd->nd_cr->cr_svgid = fxdr_unsigned(gid_t, *tl++);
 #ifdef MAC
 		mac_cred_associate_nfsd(nd->nd_cr);

Modified: projects/ngroups/sys/rpc/svc_auth.c
==============================================================================
--- projects/ngroups/sys/rpc/svc_auth.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/rpc/svc_auth.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -178,7 +178,7 @@ svc_getcred(struct svc_req *rqst, struct
 		cr = crget();
 		cr->cr_uid = cr->cr_ruid = cr->cr_svuid = xcr->cr_uid;
 		crsetgroups(cr, xcr->cr_ngroups, xcr->cr_groups);
-		cr->cr_rgid = cr->cr_svgid = cr->cr_gid;
+		cr->cr_rgid = cr->cr_svgid = cr->cr_groups[0];
 		*crp = cr;
 		return (TRUE);
 

Modified: projects/ngroups/sys/rpc/svc_auth_unix.c
==============================================================================
--- projects/ngroups/sys/rpc/svc_auth_unix.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/rpc/svc_auth_unix.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -88,7 +88,7 @@ _svcauth_unix(struct svc_req *rqst, stru
 		str_len = RNDUP(str_len);
 		buf += str_len / sizeof (int32_t);
 		xcr->cr_uid = IXDR_GET_UINT32(buf);
-		xcr->cr_gid = IXDR_GET_UINT32(buf);
+		xcr->cr_groups[0] = IXDR_GET_UINT32(buf);
 		gid_len = (size_t)IXDR_GET_UINT32(buf);
 		if (gid_len > NGRPS) {
 			stat = AUTH_BADCRED;

Modified: projects/ngroups/sys/security/audit/audit.c
==============================================================================
--- projects/ngroups/sys/security/audit/audit.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/security/audit/audit.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -224,7 +224,7 @@ audit_record_ctor(void *mem, int size, v
 	cru2x(cred, &ar->k_ar.ar_subj_cred);
 	ar->k_ar.ar_subj_ruid = cred->cr_ruid;
 	ar->k_ar.ar_subj_rgid = cred->cr_rgid;
-	ar->k_ar.ar_subj_egid = cred->cr_gid;
+	ar->k_ar.ar_subj_egid = cred->cr_groups[0];
 	ar->k_ar.ar_subj_auid = cred->cr_audit.ai_auid;
 	ar->k_ar.ar_subj_asid = cred->cr_audit.ai_asid;
 	ar->k_ar.ar_subj_pid = td->td_proc->p_pid;

Modified: projects/ngroups/sys/security/audit/audit_arg.c
==============================================================================
--- projects/ngroups/sys/security/audit/audit_arg.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/security/audit/audit_arg.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -369,7 +369,7 @@ audit_arg_process(struct proc *p)
 	cred = p->p_ucred;
 	ar->k_ar.ar_arg_auid = cred->cr_audit.ai_auid;
 	ar->k_ar.ar_arg_euid = cred->cr_uid;
-	ar->k_ar.ar_arg_egid = cred->cr_gid;
+	ar->k_ar.ar_arg_egid = cred->cr_groups[0];
 	ar->k_ar.ar_arg_ruid = cred->cr_ruid;
 	ar->k_ar.ar_arg_rgid = cred->cr_rgid;
 	ar->k_ar.ar_arg_asid = cred->cr_audit.ai_asid;

Modified: projects/ngroups/sys/ufs/ufs/ufs_vnops.c
==============================================================================
--- projects/ngroups/sys/ufs/ufs/ufs_vnops.c	Tue Jun  9 13:44:17 2009	(r193829)
+++ projects/ngroups/sys/ufs/ufs/ufs_vnops.c	Tue Jun  9 13:50:16 2009	(r193830)
@@ -1475,7 +1475,7 @@ ufs_mkdir(ap)
 				refcount_init(&ucred.cr_ref, 1);
 				ucred.cr_uid = ip->i_uid;
 				ucred.cr_ngroups = 1;
-				ucred.cr_gid = dp->i_gid;
+				ucred.cr_groups[0] = dp->i_gid;
 				ucp = &ucred;
 			}
 #endif
@@ -2294,7 +2294,7 @@ ufs_makeinode(mode, dvp, vpp, cnp)
 			ucred.cr_uid = ip->i_uid;
 			ucred.cr_ngroups = 1;
 			ucred.cr_groups = &ucred_group;
-			ucred.cr_gid = pdir->i_gid;
+			ucred.cr_groups[0] = pdir->i_gid;
 			ucp = &ucred;
 #endif
 		} else {

More information about the svn-src-projects mailing list