diff options
author | rwatson <rwatson@FreeBSD.org> | 2001-12-31 17:45:16 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2001-12-31 17:45:16 +0000 |
commit | 5eea21cccab61c0a7e31c0025f3f57feeb99870a (patch) | |
tree | 7c8b2985310180ddd6c0718cf693e5b928d63555 /sys/fs | |
parent | 25ebb0c5b897fa6d9c618e7d9ced3a63510278d1 (diff) | |
download | FreeBSD-src-5eea21cccab61c0a7e31c0025f3f57feeb99870a.zip FreeBSD-src-5eea21cccab61c0a7e31c0025f3f57feeb99870a.tar.gz |
o Make the credential used by socreate() an explicit argument to
socreate(), rather than getting it implicitly from the thread
argument.
o Make NFS cache the credential provided at mount-time, and use
the cached credential (nfsmount->nm_cred) when making calls to
socreate() on initially connecting, or reconnecting the socket.
This fixes bugs involving NFS over TCP and ipfw uid/gid rules, as well
as bugs involving NFS and mandatory access control implementations.
Reviewed by: freebsd-arch
Diffstat (limited to 'sys/fs')
-rw-r--r-- | sys/fs/fifofs/fifo_vnops.c | 6 | ||||
-rw-r--r-- | sys/fs/portalfs/portal_vnops.c | 3 |
2 files changed, 6 insertions, 3 deletions
diff --git a/sys/fs/fifofs/fifo_vnops.c b/sys/fs/fifofs/fifo_vnops.c index 9448f5e..461f7c4 100644 --- a/sys/fs/fifofs/fifo_vnops.c +++ b/sys/fs/fifofs/fifo_vnops.c @@ -174,14 +174,16 @@ fifo_open(ap) if ((fip = vp->v_fifoinfo) == NULL) { MALLOC(fip, struct fifoinfo *, sizeof(*fip), M_VNODE, M_WAITOK); vp->v_fifoinfo = fip; - error = socreate(AF_LOCAL, &rso, SOCK_STREAM, 0, ap->a_td); + error = socreate(AF_LOCAL, &rso, SOCK_STREAM, 0, + ap->a_td->td_proc->p_ucred, ap->a_td); if (error) { free(fip, M_VNODE); vp->v_fifoinfo = NULL; return (error); } fip->fi_readsock = rso; - error = socreate(AF_LOCAL, &wso, SOCK_STREAM, 0, ap->a_td); + error = socreate(AF_LOCAL, &wso, SOCK_STREAM, 0, + ap->a_td->td_proc->p_ucred, ap->a_td); if (error) { (void)soclose(rso); free(fip, M_VNODE); diff --git a/sys/fs/portalfs/portal_vnops.c b/sys/fs/portalfs/portal_vnops.c index 0e20d13..dd90516 100644 --- a/sys/fs/portalfs/portal_vnops.c +++ b/sys/fs/portalfs/portal_vnops.c @@ -246,7 +246,8 @@ portal_open(ap) /* * Create a new socket. */ - error = socreate(AF_UNIX, &so, SOCK_STREAM, 0, ap->a_td); + error = socreate(AF_UNIX, &so, SOCK_STREAM, 0, + ap->a_td->td_proc->p_ucred, ap->a_td); if (error) goto bad; |