o Make the credential used by socreate() an explicit argument to

socreate(), rather than getting it implicitly from the thread argument. o Make NFS cache the credential provided at mount-time, and use the cached credential (nfsmount->nm_cred) when making calls to socreate() on initially connecting, or reconnecting the socket. This fixes bugs involving NFS over TCP and ipfw uid/gid rules, as well as bugs involving NFS and mandatory access control implementations. Reviewed by: freebsd-arch
author: rwatson <rwatson@FreeBSD.org> 2001-12-31 17:45:16 +0000
committer: rwatson <rwatson@FreeBSD.org> 2001-12-31 17:45:16 +0000
commit: 5eea21cccab61c0a7e31c0025f3f57feeb99870a (patch)
tree: 7c8b2985310180ddd6c0718cf693e5b928d63555 /sys/fs/portalfs
parent: 25ebb0c5b897fa6d9c618e7d9ced3a63510278d1 (diff)
download: FreeBSD-src-5eea21cccab61c0a7e31c0025f3f57feeb99870a.zip
FreeBSD-src-5eea21cccab61c0a7e31c0025f3f57feeb99870a.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/fs/portalfs/portal_vnops.c b/sys/fs/portalfs/portal_vnops.c
index 0e20d13..dd90516 100644
--- a/sys/fs/portalfs/portal_vnops.c
+++ b/sys/fs/portalfs/portal_vnops.c
@@ -246,7 +246,8 @@ portal_open(ap)
 	/*
 	 * Create a new socket.
 	 */
-	error = socreate(AF_UNIX, &so, SOCK_STREAM, 0, ap->a_td);
+	error = socreate(AF_UNIX, &so, SOCK_STREAM, 0,
+	    ap->a_td->td_proc->p_ucred, ap->a_td);
 	if (error)
 		goto bad;
author	rwatson <rwatson@FreeBSD.org>	2001-12-31 17:45:16 +0000
committer	rwatson <rwatson@FreeBSD.org>	2001-12-31 17:45:16 +0000
commit	5eea21cccab61c0a7e31c0025f3f57feeb99870a (patch)
tree	7c8b2985310180ddd6c0718cf693e5b928d63555 /sys/fs/portalfs
parent	25ebb0c5b897fa6d9c618e7d9ced3a63510278d1 (diff)
download	FreeBSD-src-5eea21cccab61c0a7e31c0025f3f57feeb99870a.zip FreeBSD-src-5eea21cccab61c0a7e31c0025f3f57feeb99870a.tar.gz