From dc2e474f79c1287592679cd5e0c4c2307feccd60 Mon Sep 17 00:00:00 2001 From: jhb Date: Mon, 1 Apr 2002 21:31:13 +0000 Subject: Change the suser() API to take advantage of td_ucred as well as do a general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes a thread pointer as its only argument. The td_ucred member of this thread must be valid so the only valid thread pointers are curthread and a few kernel threads such as thread0. The suser_cred() function takes a pointer to a struct ucred as its first argument and an integer flag as its second argument. The flag is currently only used for the PRISON_ROOT flag. Discussed on: smp@ --- sys/fs/msdosfs/msdosfs_vfsops.c | 4 ++-- sys/fs/msdosfs/msdosfs_vnops.c | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'sys/fs/msdosfs') diff --git a/sys/fs/msdosfs/msdosfs_vfsops.c b/sys/fs/msdosfs/msdosfs_vfsops.c index ff4c418..f62b0c7 100644 --- a/sys/fs/msdosfs/msdosfs_vfsops.c +++ b/sys/fs/msdosfs/msdosfs_vfsops.c @@ -194,7 +194,7 @@ msdosfs_mount(mp, path, data, ndp, td) * If upgrade to read-write by non-root, then verify * that user has necessary permissions on the device. */ - if (suser_td(td)) { + if (suser(td)) { devvp = pmp->pm_devvp; vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, td); error = VOP_ACCESS(devvp, VREAD | VWRITE, @@ -241,7 +241,7 @@ msdosfs_mount(mp, path, data, ndp, td) * If mount by non-root, then verify that user has necessary * permissions on the device. */ - if (suser_td(td)) { + if (suser(td)) { accessmode = VREAD; if ((mp->mnt_flag & MNT_RDONLY) == 0) accessmode |= VWRITE; diff --git a/sys/fs/msdosfs/msdosfs_vnops.c b/sys/fs/msdosfs/msdosfs_vnops.c index 5118409..f8e3742 100644 --- a/sys/fs/msdosfs/msdosfs_vnops.c +++ b/sys/fs/msdosfs/msdosfs_vnops.c @@ -376,7 +376,7 @@ msdosfs_setattr(ap) if (vp->v_mount->mnt_flag & MNT_RDONLY) return (EROFS); if (cred->cr_uid != pmp->pm_uid && - (error = suser_xxx(cred, ap->a_td->td_proc, PRISON_ROOT))) + (error = suser_cred(cred, PRISON_ROOT))) return (error); /* * We are very inconsistent about handling unsupported @@ -390,7 +390,7 @@ msdosfs_setattr(ap) * set ATTR_ARCHIVE for directories `cp -pr' from a more * sensible file system attempts it a lot. */ - if (suser_xxx(cred, ap->a_td->td_proc, PRISON_ROOT)) { + if (suser_cred(cred, PRISON_ROOT)) { if (vap->va_flags & SF_SETTABLE) return EPERM; } @@ -417,7 +417,7 @@ msdosfs_setattr(ap) gid = pmp->pm_gid; if ((cred->cr_uid != pmp->pm_uid || uid != pmp->pm_uid || (gid != pmp->pm_gid && !groupmember(gid, cred))) && - (error = suser_xxx(cred, ap->a_td->td_proc, PRISON_ROOT))) + (error = suser_cred(cred, PRISON_ROOT))) return error; if (uid != pmp->pm_uid || gid != pmp->pm_gid) return EINVAL; @@ -449,7 +449,7 @@ msdosfs_setattr(ap) if (vp->v_mount->mnt_flag & MNT_RDONLY) return (EROFS); if (cred->cr_uid != pmp->pm_uid && - (error = suser_xxx(cred, ap->a_td->td_proc, PRISON_ROOT)) && + (error = suser_cred(cred, PRISON_ROOT)) && ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || (error = VOP_ACCESS(ap->a_vp, VWRITE, cred, ap->a_td)))) return (error); @@ -472,7 +472,7 @@ msdosfs_setattr(ap) if (vp->v_mount->mnt_flag & MNT_RDONLY) return (EROFS); if (cred->cr_uid != pmp->pm_uid && - (error = suser_xxx(cred, ap->a_td->td_proc, PRISON_ROOT))) + (error = suser_cred(cred, PRISON_ROOT))) return (error); if (vp->v_type != VDIR) { /* We ignore the read and execute bits. */ -- cgit v1.1