Unix client: wrappers for credentials structure access

This patch introduces and makes use of wrappers for access
to credentials structure members:
	cr_uid (afs_ucred_t *)
	cr_ruid(afs_ucred_t *)
	cr_gid (afs_ucred_t *)
	cr_rgid(afs_ucred_t *)
	cr_group_info(afs_ucred_t *)

Inline functions are also introduced to set values:
	set_cr_uid (afs_ucred_t *, uid_t)
	set_cr_ruid(afs_ucred_t *, uid_t)
	set_cr_gid (afs_ucred_t *, gid_t)
	set_cr_rgid(afs_ucred_t *, gid_t)
	set_cr_group_info(afs_ucred_t *, struct group_info *)

This will allow an architecture to make use of an alternate
structure to hold credentials.  In particular it will allow
the linux client to be modified to use the kernel credentials
structure directly instead of shadowing it into our own local
structure.

There should be no functional change.

Change-Id: I7739196a0691a9c30887043b085e4878e88780ae
Reviewed-on: http://gerrit.openafs.org/768
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/afs/DARWIN/osi_vnodeops.c b/src/afs/DARWIN/osi_vnodeops.c
index a2fd4e1..63fd91f 100644 (file)
--- a/src/afs/DARWIN/osi_vnodeops.c
+++ b/src/afs/DARWIN/osi_vnodeops.c
@@ -1423,7 +1423,7 @@ afs_vop_rename(ap)
         * run mv as the user, thus:
         */
        printf("su %d -c /bin/mv /afs/.:mount/%d:%d:%d:%d/%s /afs/.:mount/%d:%d:%d:%d/%s\n",
-              (cn_cred(tcnp))->cr_uid, fvc->f.fid.Cell, fvc->f.fid.Fid.Volume,
+              cr_uid(cn_cred(tcnp)), fvc->f.fid.Cell, fvc->f.fid.Fid.Volume,
               fvc->f.fid.Fid.Vnode, fvc->f.fid.Fid.Unique, fname, 
               tvc->f.fid.Cell, tvc->f.fid.Fid.Volume, tvc->f.fid.Fid.Vnode, 
               tvc->f.fid.Fid.Unique, tname);

diff --git a/src/afs/IRIX/osi_vnodeops.c b/src/afs/IRIX/osi_vnodeops.c
index b594526..6354de3 100644 (file)
--- a/src/afs/IRIX/osi_vnodeops.c
+++ b/src/afs/IRIX/osi_vnodeops.c
@@ -976,7 +976,7 @@ OSI_VC_DECL(avc);
            /* at least one daemon is idle, so ask it to do the store.
             * Also, note that  we don't lock it any more... */
            tb = afs_BQueue(BOP_STORE, avc, 0, 1, acred,
-                           (afs_size_t) acred->cr_uid, 0L, (void *)0);
+                           (afs_size_t) cr_uid(acred), 0L, (void *)0);
            /* sleep waiting for the store to start, then retrieve error code */
            while ((tb->flags & BUVALID) == 0) {
                tb->flags |= BUWAIT;

diff --git a/src/afs/LINUX/osi_cred.c b/src/afs/LINUX/osi_cred.c
index 266929c..bbd4a73 100644 (file)
--- a/src/afs/LINUX/osi_cred.c
+++ b/src/afs/LINUX/osi_cred.c
@@ -42,7 +42,7 @@ crfree(cred_t * cr)
        return;
     }
 
-    put_group_info(cr->cr_group_info);
+    put_group_info(cr_group_info(cr));
 
     kfree(cr);
 }
@@ -54,13 +54,13 @@ crdup(cred_t * cr)
 {
     cred_t *tmp = crget();
 
-    tmp->cr_uid = cr->cr_uid;
-    tmp->cr_ruid = cr->cr_ruid;
-    tmp->cr_gid = cr->cr_gid;
-    tmp->cr_rgid = cr->cr_rgid;
+    set_cr_uid(tmp, cr_uid(cr));
+    set_cr_ruid(tmp, cr_ruid(cr));
+    set_cr_gid(tmp, cr_gid(cr));
+    set_cr_rgid(tmp, cr_rgid(cr));
 
-    get_group_info(cr->cr_group_info);
-    tmp->cr_group_info = cr->cr_group_info;
+    get_group_info(cr_group_info(cr));
+    set_cr_group_info(tmp, cr_group_info(cr));
 
     return tmp;
 }
@@ -70,14 +70,14 @@ crref(void)
 {
     cred_t *cr = crget();
 
-    cr->cr_uid = current_fsuid();
-    cr->cr_ruid = current_uid();
-    cr->cr_gid = current_fsgid();
-    cr->cr_rgid = current_gid();
+    set_cr_uid(cr, current_fsuid());
+    set_cr_ruid(cr, current_uid());
+    set_cr_gid(cr, current_fsgid());
+    set_cr_rgid(cr, current_gid());
 
     task_lock(current);
     get_group_info(current_group_info());
-    cr->cr_group_info = current_group_info();
+    set_cr_group_info(cr, current_group_info());
     task_unlock(current);
 
     return cr;
@@ -98,28 +98,28 @@ crset(cred_t * cr)
     if (current->cred != current->real_cred)
         return;
     new_creds = prepare_creds();
-    new_creds->fsuid = cr->cr_uid;
-    new_creds->uid = cr->cr_ruid;
-    new_creds->fsgid = cr->cr_gid;
-    new_creds->gid = cr->cr_rgid;
+    new_creds->fsuid = cr_uid(cr);
+    new_creds->uid = cr_ruid(cr);
+    new_creds->fsgid = cr_gid(cr);
+    new_creds->gid = cr_rgid(cr);
 #else
-    current->fsuid = cr->cr_uid;
-    current->uid = cr->cr_ruid;
-    current->fsgid = cr->cr_gid;
-    current->gid = cr->cr_rgid;
+    current->fsuid = cr_uid(cr);
+    current->uid = cr_ruid(cr);
+    current->fsgid = cr_gid(cr);
+    current->gid = cr_rgid(cr);
 #endif
 
     /* using set_current_groups() will sort the groups */
-    get_group_info(cr->cr_group_info);
+    get_group_info(cr_group_info(cr));
 
     task_lock(current);
 #if defined(STRUCT_TASK_HAS_CRED)
     old_info = current->cred->group_info;
-    new_creds->group_info = cr->cr_group_info;
+    new_creds->group_info = cr_group_info(cr);
     commit_creds(new_creds);
 #else
     old_info = current->group_info;
-    current->group_info = cr->cr_group_info;
+    current->group_info = cr_group_info(cr);
 #endif
     task_unlock(current);
 

diff --git a/src/afs/LINUX/osi_groups.c b/src/afs/LINUX/osi_groups.c
index 4d2dbd9..a034ce2 100644 (file)
--- a/src/afs/LINUX/osi_groups.c
+++ b/src/afs/LINUX/osi_groups.c
@@ -39,9 +39,9 @@ afs_setgroups(cred_t **cr, struct group_info *group_info, int change_parent)
 
     AFS_STATCNT(afs_setgroups);
 
-    old_info = (*cr)->cr_group_info;
+    old_info = cr_group_info(*cr);
     get_group_info(group_info);
-    (*cr)->cr_group_info = group_info;
+    set_cr_group_info(*cr, group_info);
     put_group_info(old_info);
 
     crset(*cr);
@@ -65,8 +65,8 @@ afs_getgroups(cred_t * cr)
 {
     AFS_STATCNT(afs_getgroups);
 
-    get_group_info(cr->cr_group_info);
-    return cr->cr_group_info;
+    get_group_info(cr_group_info(cr));
+    return cr_group_info(cr);
 }
 
 int
@@ -209,7 +209,7 @@ setpag(cred_t **cr, afs_uint32 pagvalue, afs_uint32 *newpag,
     code = __setpag(cr, pagvalue, newpag, change_parent);
 
 #ifdef LINUX_KEYRING_SUPPORT
-    if (code == 0 && (*cr)->cr_rgid != NFSXLATOR_CRED) {
+    if (code == 0 && cr_rgid(*cr) != NFSXLATOR_CRED) {
        (void) install_session_keyring(NULL);
 
        if (current_session_keyring()) {

diff --git a/src/afs/LINUX/osi_machdep.h b/src/afs/LINUX/osi_machdep.h
index fb8a5f5..2ff0896 100644 (file)
--- a/src/afs/LINUX/osi_machdep.h
+++ b/src/afs/LINUX/osi_machdep.h
@@ -166,6 +166,12 @@ typedef struct afs_cred {          /* maps to task field: */
 typedef struct afs_cred afs_ucred_t;
 typedef struct task_struct afs_proc_t;
 
+#define cr_group_info(cred) ((cred)->cr_group_info)
+static inline void
+set_cr_group_info(afs_ucred_t *cred, struct group_info *group_info) {
+    cred->cr_group_info = group_info;
+}
+
 #if !defined(current_cred)
 #define current_gid() (current->gid)
 #define current_uid() (current->uid)

diff --git a/src/afs/LINUX/osi_nfssrv.c b/src/afs/LINUX/osi_nfssrv.c
index 7c61403..edfa61f 100644 (file)
--- a/src/afs/LINUX/osi_nfssrv.c
+++ b/src/afs/LINUX/osi_nfssrv.c
@@ -120,14 +120,14 @@ svcauth_afs_accept(struct svc_rqst *rqstp, u32 *authp)
     ns->code           = EACCES;
     ns->client_addr    = *addr;
     ns->client_addrlen = rqstp->rq_addrlen;
-    ns->client_uid     = rqstp->rq_cred.cr_uid;
-    ns->client_gid     = rqstp->rq_cred.cr_gid;
-    if (rqstp->rq_cred.cr_group_info->ngroups > 0)
-       ns->client_g0   = GROUP_AT(rqstp->rq_cred.cr_group_info, 0);
+    ns->client_uid     = cr_uid(&rqstp->rq_cred);
+    ns->client_gid     = cr_gid(&rqstp->rq_cred);
+    if (cr_group_info(&rqstp->rq_cred)->ngroups > 0)
+       ns->client_g0   = GROUP_AT(cr_group_info(&rqstp->rq_cred), 0);
     else
        ns->client_g0   = -1;
-    if (rqstp->rq_cred.cr_group_info->ngroups > 1)
-       ns->client_g1   = GROUP_AT(rqstp->rq_cred.cr_group_info, 1);
+    if (cr_group_info(&rqstp->rq_cred)->ngroups > 1)
+       ns->client_g1   = GROUP_AT(cr_group_info(&rqstp->rq_cred), 1);
     else
        ns->client_g1   = -1;
 
@@ -138,15 +138,15 @@ svcauth_afs_accept(struct svc_rqst *rqstp, u32 *authp)
     }
 
     credp = crget();
-    credp->cr_uid = rqstp->rq_cred.cr_uid;
-    credp->cr_gid = rqstp->rq_cred.cr_gid;
-    get_group_info(rqstp->rq_cred.cr_group_info);
-    credp->cr_group_info = rqstp->rq_cred.cr_group_info;
+    set_cr_uid(credp, cr_uid(&rqstp->rq_cred));
+    set_cr_gid(credp, cr_gid(&rqstp->rq_cred));
+    get_group_info(cr_group_info(&rqstp->rq_cred));
+    set_cr_group_info(credp, cr_group_info(&rqstp->rq_cred));
 
     /* avoid creating wildcard entries by mapping anonymous
      * clients to afs_nobody */
-    if (credp->cr_uid == -1)
-       credp->cr_uid = -2;
+    if (cr_uid(credp) == -1)
+       set_cr_uid(credp, -2);
     code = afs_nfsclient_reqhandler(0, &credp, addr->sin_addr.s_addr,
                                    &ns->uid, &outexp);
     if (!code && outexp) EXP_RELE(outexp);
@@ -191,7 +191,7 @@ int osi_linux_nfs_initreq(struct vrequest *av, afs_ucred_t *cr, int *code)
 
     *code = ns->code;
     if (!ns->code) {
-       cr->cr_ruid = NFSXLATOR_CRED;
+       cr_ruid(cr) = NFSXLATOR_CRED;
        av->uid = ns->uid;
     }
     return 1;

diff --git a/src/afs/LINUX24/osi_cred.c b/src/afs/LINUX24/osi_cred.c
index 9a52a2a..b760f97 100644 (file)
--- a/src/afs/LINUX24/osi_cred.c
+++ b/src/afs/LINUX24/osi_cred.c
@@ -52,10 +52,10 @@ crdup(cred_t * cr)
 {
     cred_t *tmp = crget();
 
-    tmp->cr_uid = cr->cr_uid;
-    tmp->cr_ruid = cr->cr_ruid;
-    tmp->cr_gid = cr->cr_gid;
-    tmp->cr_rgid = cr->cr_rgid;
+    set_cr_uid(tmp, cr_uid(cr));
+    set_cr_ruid(tmp, cr_ruid(cr));
+    set_cr_gid(tmp, cr_gid(cr));
+    set_cr_rgid(tmp, cr_rgid(cr));
 
     memcpy(tmp->cr_groups, cr->cr_groups, NGROUPS * sizeof(gid_t));
     tmp->cr_ngroups = cr->cr_ngroups;
@@ -68,10 +68,10 @@ crref(void)
 {
     cred_t *cr = crget();
 
-    cr->cr_uid = current_fsuid();
-    cr->cr_ruid = current_uid();
-    cr->cr_gid = current_fsgid();
-    cr->cr_rgid = current_gid();
+    set_cr_uid(cr, current_fsuid());
+    set_cr_ruid(cr, current_uid());
+    set_cr_gid(cr, current_fsgid());
+    set_cr_rgid(cr, current_gid());
 
     memcpy(cr->cr_groups, current->groups, NGROUPS * sizeof(gid_t));
     cr->cr_ngroups = current->ngroups;
@@ -94,15 +94,15 @@ crset(cred_t * cr)
     if (current->cred != current->real_cred)
         return;
     new_creds = prepare_creds();
-    new_creds->fsuid = cr->cr_uid;
-    new_creds->uid = cr->cr_ruid;
-    new_creds->fsgid = cr->cr_gid;
-    new_creds->gid = cr->cr_rgid;
+    new_creds->fsuid = cr_uid(cr);
+    new_creds->uid = cr_ruid(cr);
+    new_creds->fsgid = cr_gid(cr);
+    new_creds->gid = cr_rgid(cr);
 #else
-    current->fsuid = cr->cr_uid;
-    current->uid = cr->cr_ruid;
-    current->fsgid = cr->cr_gid;
-    current->gid = cr->cr_rgid;
+    current->fsuid = cr_uid(cr);
+    current->uid = cr_ruid(cr);
+    current->fsgid = cr_gid(cr);
+    current->gid = cr_rgid(cr);
 #endif
     memcpy(current->groups, cr->cr_groups, NGROUPS * sizeof(gid_t));
     current->ngroups = cr->cr_ngroups;

diff --git a/src/afs/LINUX24/osi_machdep.h b/src/afs/LINUX24/osi_machdep.h
index b7206ec..24bcd67 100644 (file)
--- a/src/afs/LINUX24/osi_machdep.h
+++ b/src/afs/LINUX24/osi_machdep.h
@@ -168,6 +168,12 @@ typedef struct afs_cred {          /* maps to task field: */
 typedef struct afs_cred afs_ucred_t;
 typedef struct task_struct afs_proc_t;
 
+#define cr_group_info(cred) ((cred)->cr_group_info)
+static inline void
+set_cr_group_info(afs_ucred_t *cred, struct group_info *group_info) {
+    cred->cr_group_info = group_info;
+}
+
 #if !defined(current_cred)
 #define current_gid() (current->gid)
 #define current_uid() (current->uid)

diff --git a/src/afs/UKERNEL/afs_usrops.c b/src/afs/UKERNEL/afs_usrops.c
index a52dc0e..9d4a353 100644 (file)
--- a/src/afs/UKERNEL/afs_usrops.c
+++ b/src/afs/UKERNEL/afs_usrops.c
@@ -1493,12 +1493,12 @@ uafs_Init(char *rn, char *mountDirParam, char *confDirParam,
        afs_osi_Alloc(sizeof(struct usr_ucred));
     usr_assert(afs_global_ucredp != NULL);
     afs_global_ucredp->cr_ref = 1;
-    afs_global_ucredp->cr_uid = geteuid();
-    afs_global_ucredp->cr_gid = getegid();
-    afs_global_ucredp->cr_ruid = getuid();
-    afs_global_ucredp->cr_rgid = getgid();
-    afs_global_ucredp->cr_suid = afs_global_ucredp->cr_ruid;
-    afs_global_ucredp->cr_sgid = afs_global_ucredp->cr_rgid;
+    set_cr_uid(afs_global_ucredp, geteuid());
+    set_cr_gid(afs_global_ucredp, getegid());
+    set_cr_ruid(afs_global_ucredp, getuid());
+    set_cr_rgid(afs_global_ucredp, getgid());
+    afs_global_ucredp->cr_suid = cr_ruid(afs_global_ucredp);
+    afs_global_ucredp->cr_sgid = cr_rgid(afs_global_ucredp);
     st = getgroups(NGROUPS, &afs_global_ucredp->cr_groups[0]);
     usr_assert(st >= 0);
     afs_global_ucredp->cr_ngroups = (unsigned long)st;
@@ -1983,8 +1983,8 @@ syscallThread(void *argp)
      */
     u.u_viceid = getuid();
     crp = u.u_cred;
-    crp->cr_uid = getuid();
-    crp->cr_ruid = getuid();
+    set_cr_uid(crp, getuid());
+    set_cr_ruid(crp, getuid());
     crp->cr_suid = getuid();
     crp->cr_groups[0] = getgid();
     crp->cr_ngroups = 1;
@@ -2579,8 +2579,8 @@ uafs_mkdir_r(char *path, int mode)
     usr_vattr_null(&attrs);
     attrs.va_type = VREG;
     attrs.va_mode = mode;
-    attrs.va_uid = u.u_cred->cr_uid;
-    attrs.va_gid = u.u_cred->cr_gid;
+    attrs.va_uid = cr_uid(u.u_cred);
+    attrs.va_gid = cr_gid(u.u_cred);
     dirP = NULL;
     code = afs_mkdir(VTOAFS(parentP), nameP, &attrs, &dirP, u.u_cred);
     VN_RELE(parentP);
@@ -2678,8 +2678,8 @@ uafs_open_r(char *path, int flags, int mode)
            usr_vattr_null(&attrs);
            attrs.va_type = VREG;
            attrs.va_mode = mode;
-           attrs.va_uid = u.u_cred->cr_uid;
-           attrs.va_gid = u.u_cred->cr_gid;
+           attrs.va_uid = cr_uid(u.u_cred);
+           attrs.va_gid = cr_gid(u.u_cred);
            if (flags & O_TRUNC) {
                attrs.va_size = 0;
            }
@@ -3505,8 +3505,8 @@ uafs_symlink_r(char *target, char *source)
     usr_vattr_null(&attrs);
     attrs.va_type = VLNK;
     attrs.va_mode = 0777;
-    attrs.va_uid = u.u_cred->cr_uid;
-    attrs.va_gid = u.u_cred->cr_gid;
+    attrs.va_uid = cr_uid(u.u_cred);
+    attrs.va_gid = cr_gid(u.u_cred);
     code = afs_symlink(VTOAFS(dirP), nameP, &attrs, target, u.u_cred);
     VN_RELE(dirP);
     if (code != 0) {

diff --git a/src/afs/VNOPS/afs_vnop_create.c b/src/afs/VNOPS/afs_vnop_create.c
index 9f78157..fb6abc3 100644 (file)
--- a/src/afs/VNOPS/afs_vnop_create.c
+++ b/src/afs/VNOPS/afs_vnop_create.c
@@ -271,7 +271,7 @@ afs_create(OSI_VC_DECL(adp), char *aname, struct vattr *attrs,
     }
     InStatus.Mask = AFS_SETMODTIME | AFS_SETMODE | AFS_SETGROUP;
     InStatus.ClientModTime = osi_Time();
-    InStatus.Group = (afs_int32) acred->cr_gid;
+    InStatus.Group = (afs_int32) cr_gid(acred);
     if (AFS_NFSXLATORREQ(acred)) {
        /*
         * XXX The following is mainly used to fix a bug in the HP-UX

diff --git a/src/afs/VNOPS/afs_vnop_dirops.c b/src/afs/VNOPS/afs_vnop_dirops.c
index bf506b2..913de75 100644 (file)
--- a/src/afs/VNOPS/afs_vnop_dirops.c
+++ b/src/afs/VNOPS/afs_vnop_dirops.c
@@ -99,7 +99,7 @@ afs_mkdir(OSI_VC_DECL(adp), char *aname, struct vattr *attrs,
     InStatus.Mask = AFS_SETMODTIME | AFS_SETMODE | AFS_SETGROUP;
     InStatus.ClientModTime = osi_Time();
     InStatus.UnixModeBits = attrs->va_mode & 0xffff;   /* only care about protection bits */
-    InStatus.Group = (afs_int32) acred->cr_gid;
+    InStatus.Group = (afs_int32) cr_gid(acred);
     tdc = afs_GetDCache(adp, (afs_size_t) 0, &treq, &offset, &len, 1);
     ObtainWriteLock(&adp->lock, 153);
 

diff --git a/src/afs/VNOPS/afs_vnop_write.c b/src/afs/VNOPS/afs_vnop_write.c
index b47b0f6..5e76c10 100644 (file)
--- a/src/afs/VNOPS/afs_vnop_write.c
+++ b/src/afs/VNOPS/afs_vnop_write.c
@@ -745,7 +745,7 @@ afs_close(OSI_VC_DECL(avc), afs_int32 aflags, afs_ucred_t *acred)
            /* at least one daemon is idle, so ask it to do the store.
             * Also, note that  we don't lock it any more... */
            tb = afs_BQueue(BOP_STORE, avc, 0, 1, acred,
-                           (afs_size_t) acred->cr_uid, (afs_size_t) 0,
+                           (afs_size_t) cr_uid(acred), (afs_size_t) 0,
                            (void *)0);
            /* sleep waiting for the store to start, then retrieve error code */
            while ((tb->flags & BUVALID) == 0) {

diff --git a/src/afs/afs.h b/src/afs/afs.h
index 0c6b859..677f918 100644 (file)
--- a/src/afs/afs.h
+++ b/src/afs/afs.h
@@ -1399,4 +1399,26 @@ extern int afsd_dynamic_vcaches;
 #define afsd_dynamic_vcaches 0
 #endif
 
+/* Wrappers for access to credentials structure members */
+#define cr_uid(cred) ((cred)->cr_uid)
+#define cr_gid(cred) ((cred)->cr_gid)
+#define cr_ruid(cred) ((cred)->cr_ruid)
+#define cr_rgid(cred) ((cred)->cr_rgid)
+
+static_inline void
+set_cr_uid(afs_ucred_t *cred, uid_t uid) {
+    cred->cr_uid = uid;
+}
+static_inline void
+set_cr_gid(afs_ucred_t *cred, gid_t gid) {
+    cred->cr_gid = gid;
+}
+static_inline void
+set_cr_ruid(afs_ucred_t *cred, uid_t uid) {
+    cred->cr_ruid = uid;
+}
+static_inline void
+set_cr_rgid(afs_ucred_t *cred, gid_t gid) {
+    cred->cr_rgid = gid;
+}
 #endif /* _AFS_H_ */

diff --git a/src/afs/afs_disconnected.c b/src/afs/afs_disconnected.c
index f743322..1289a2e 100644 (file)
--- a/src/afs/afs_disconnected.c
+++ b/src/afs/afs_disconnected.c
@@ -713,7 +713,7 @@ afs_ProcessOpCreate(struct vcache *avc, struct vrequest *areq,
     InStatus.Mask = AFS_SETMODTIME | AFS_SETMODE | AFS_SETGROUP;
     InStatus.ClientModTime = avc->f.m.Date;
     InStatus.Owner = avc->f.m.Owner;
-    InStatus.Group = (afs_int32) acred->cr_gid;
+    InStatus.Group = (afs_int32) cr_gid(acred);
     /* Only care about protection bits. */
     InStatus.UnixModeBits = avc->f.m.Mode & 0xffff;
 

diff --git a/src/afs/afs_dynroot.c b/src/afs/afs_dynroot.c
index b57c881..4edcf70 100644 (file)
--- a/src/afs/afs_dynroot.c
+++ b/src/afs/afs_dynroot.c
@@ -798,7 +798,7 @@ afs_DynrootVOPRemove(struct vcache *avc, afs_ucred_t *acred, char *aname)
 #if defined(AFS_SUN510_ENV)
     if (crgetruid(acred))
 #else
-    if (acred->cr_uid)
+    if (cr_uid(acred))
 #endif
        return EPERM;
 
@@ -838,7 +838,7 @@ afs_DynrootVOPSymlink(struct vcache *avc, afs_ucred_t *acred,
 {
     struct afs_dynSymlink *tps;
 
-    if (acred->cr_uid)
+    if (cr_uid(acred))
        return EPERM;
     if (afs_CellOrAliasExists(aname))
        return EEXIST;

diff --git a/src/afs/afs_nfsclnt.c b/src/afs/afs_nfsclnt.c
index 5fe7a9b..9845032 100644 (file)
--- a/src/afs/afs_nfsclnt.c
+++ b/src/afs/afs_nfsclnt.c
@@ -203,10 +203,10 @@ afs_nfsclient_reqhandler(struct afs_exporter *exporter,
 #if defined(AFS_SUN510_ENV)
     uid = crgetuid(*cred);
 #else
-    uid = (*cred)->cr_uid;
+    uid = cr_uid(*cred);
 #endif
     /* Do this early, so pag management knows */
-    (*cred)->cr_rgid = NFSXLATOR_CRED; /* Identify it as nfs xlator call */
+    set_cr_rgid(*cred, NFSXLATOR_CRED);        /* Identify it as nfs xlator call */
     if ((afs_nfsexporter->exp_states & EXP_CLIPAGS) && pag != NOPAG) {
        uid = pag;
     } else if (pag != NOPAG) {
@@ -226,7 +226,7 @@ afs_nfsclient_reqhandler(struct afs_exporter *exporter,
     }
     np = afs_FindNfsClientPag(uid, host, 0);
     afs_Trace4(afs_iclSetp, CM_TRACE_NFSREQH, ICL_TYPE_INT32, pag,
-              ICL_TYPE_LONG, (*cred)->cr_uid, ICL_TYPE_INT32, host,
+              ICL_TYPE_LONG, cr_uid(*cred), ICL_TYPE_INT32, host,
               ICL_TYPE_POINTER, np);
     /* If remote-pags are enabled, we are no longer interested in what PAG
      * they claimed, and from here on we should behave as if they claimed
@@ -253,7 +253,7 @@ afs_nfsclient_reqhandler(struct afs_exporter *exporter,
        }
        np = afs_GetNfsClientPag(uid, host);
        np->pag = pag;
-       np->client_uid = (*cred)->cr_uid;
+       np->client_uid = cr_uid(*cred);
     } else {
        if (pag == NOPAG) {
            if ((code = setpag(cred, np->pag, &pag, 0))) {
@@ -590,11 +590,12 @@ afs_iauth_verify(long id, fsid_t * fsidp, long host, int uid,
 
     if (code) {
        /* ensure anonymous cred. */
-       credp->cr_uid = credp->cr_ruid = (uid_t) - 2;   /* anonymous */
+       set_cr_uid(credp, (uid_t) -2;   /* anonymous */
+       set_cr_ruid(credp, (uid_t) -2;
     }
 
     /* Mark this thread as an NFS translator thread. */
-    credp->cr_rgid = NFSXLATOR_CRED;
+    set_cr_rgid(credp, NFSXLATOR_CRED);
 
     AFS_GUNLOCK();
     return 0;

diff --git a/src/afs/afs_osi.c b/src/afs/afs_osi.c
index 47ccfcc..f075ef2 100644 (file)
--- a/src/afs/afs_osi.c
+++ b/src/afs/afs_osi.c
@@ -115,7 +115,7 @@ osi_Init(void)
 #else
        memset(&afs_osi_cred, 0, sizeof(afs_ucred_t));
 #if defined(AFS_LINUX26_ENV)
-        afs_osi_cred.cr_group_info = groups_alloc(0);
+        set_cr_group_info(&afs_osi_cred, groups_alloc(0));
 #endif
 #if defined(AFS_DARWIN80_ENV)
         afs_osi_cred.cr_ref = 1; /* kauth_cred_get_ref needs 1 existing ref */

diff --git a/src/afs/afs_osi_gcpags.c b/src/afs/afs_osi_gcpags.c
index 40f3171..1f8d0ab 100644 (file)
--- a/src/afs/afs_osi_gcpags.c
+++ b/src/afs/afs_osi_gcpags.c
@@ -424,7 +424,7 @@ afs_osi_proc2cred(afs_proc_t * pr)
     }
     pcred = proc_ucred(pr);
     cr.cr_ref = 1;
-    cr.cr_uid = pcred->cr_uid;
+    set_cr_uid(&cr, cr_uid(pcred));
     cr.cr_ngroups = pcred->cr_ngroups;
     memcpy(cr.cr_groups, pcred->cr_groups,
            NGROUPS * sizeof(gid_t));
@@ -445,7 +445,7 @@ afs_osi_proc2cred(afs_proc_t * pr)
        || (pr->p_stat == SSTOP)) {
        pcred_readlock(pr);
        cr.cr_ref = 1;
-       cr.cr_uid = pr->p_cred->pc_ucred->cr_uid;
+       set_cr_uid(&cr, cr_uid(pr->p_cred->pc_ucred));
        cr.cr_ngroups = pr->p_cred->pc_ucred->cr_ngroups;
        memcpy(cr.cr_groups, pr->p_cred->pc_ucred->cr_groups,
               NGROUPS * sizeof(gid_t));
@@ -471,14 +471,14 @@ afs_osi_proc2cred(afs_proc_t * pr)
        || (pr->state == TASK_UNINTERRUPTIBLE)
        || (pr->state == TASK_STOPPED)) {
        cr.cr_ref = 1;
-       cr.cr_uid = task_uid(pr);
+       set_cr_uid(&cr, task_uid(pr));
 #if defined(AFS_LINUX26_ENV)
 #if defined(STRUCT_TASK_HAS_CRED)
        get_group_info(pr->cred->group_info);
-       cr.cr_group_info = pr->cred->group_info;
+       set_cr_group_info(&cr, pr->cred->group_info);
 #else
        get_group_info(pr->group_info);
-       cr.cr_group_info = pr->group_info;
+       set_cr_group_info(&cr, pr->group_info);
 #endif
 #else
        cr.cr_ngroups = pr->ngroups;

diff --git a/src/afs/afs_osi_pag.c b/src/afs/afs_osi_pag.c
index 1bedaea..424cdcf 100644 (file)
--- a/src/afs/afs_osi_pag.c
+++ b/src/afs/afs_osi_pag.c
@@ -455,11 +455,11 @@ afs_InitReq(register struct vrequest *av, afs_ucred_t *acred)
        if (acred == NOCRED)
            av->uid = -2;       /* XXX nobody... ? */
        else
-           av->uid = acred->cr_uid;    /* bsd creds don't have ruid */
+           av->uid = cr_uid(acred);    /* bsd creds don't have ruid */
 #elif defined(AFS_SUN510_ENV)
         av->uid = crgetruid(acred);
 #else
-       av->uid = acred->cr_ruid;       /* default when no pag is set */
+       av->uid = cr_uid(acred);        /* default when no pag is set */
 #endif
     }
     return 0;
@@ -571,7 +571,7 @@ PagInCred(afs_ucred_t *cred)
        return NOPAG;
     }
 #elif defined(AFS_LINUX26_ENV)
-    if (cred->cr_group_info->ngroups < NUMPAGGROUPS) {
+    if (cr_group_info(cred)->ngroups < NUMPAGGROUPS) {
        pag = NOPAG;
        goto out;
     }
@@ -590,8 +590,8 @@ PagInCred(afs_ucred_t *cred)
     g1 = cred->cr_groupset.gs_union.un_groups[1];
 #elif defined(AFS_LINUX26_ONEGROUP_ENV)
 #elif defined(AFS_LINUX26_ENV)
-    g0 = GROUP_AT(cred->cr_group_info, 0);
-    g1 = GROUP_AT(cred->cr_group_info, 1);
+    g0 = GROUP_AT(cr_group_info(cred), 0);
+    g1 = GROUP_AT(cr_group_info(cred), 1);
 #elif defined(AFS_SUN510_ENV)
     g0 = gids[0];
     g1 = gids[1];
@@ -601,7 +601,7 @@ PagInCred(afs_ucred_t *cred)
 #endif
 #endif
 #if defined(AFS_LINUX26_ONEGROUP_ENV)
-    pag = (afs_int32) afs_get_pag_from_groups(cred->cr_group_info);
+    pag = (afs_int32) afs_get_pag_from_groups(cr_group_info(cred));
 #else
     pag = (afs_int32) afs_get_pag_from_groups(g0, g1);
 #endif
@@ -609,7 +609,7 @@ PagInCred(afs_ucred_t *cred)
 out:
 #endif
 #if defined(AFS_LINUX26_ENV) && defined(LINUX_KEYRING_SUPPORT)
-    if (pag == NOPAG && cred->cr_rgid != NFSXLATOR_CRED) {
+    if (pag == NOPAG && cr_rgid(cred) != NFSXLATOR_CRED) {
        struct key *key;
        afs_uint32 upag, newpag;
 

diff --git a/src/afs/afs_pag_call.c b/src/afs/afs_pag_call.c
index 431c09c..e5b8eaa 100644 (file)
--- a/src/afs/afs_pag_call.c
+++ b/src/afs/afs_pag_call.c
@@ -425,7 +425,7 @@ afs_syscall_pioctl(path, com, cmarg, follow)
     /* Set up credentials */
     memset(&ccred, 0, sizeof(ccred));
     pag = PagInCred(credp);
-    ccred.uid = credp->cr_uid;
+    ccred.uid = cr_uid(credp);
     if (pag != NOPAG) {
         afs_get_groups_from_pag(pag, &g0, &g1);
         ccred.group0 = g0;

diff --git a/src/afs/afs_pag_cred.c b/src/afs/afs_pag_cred.c
index ad3237a..79c4de3 100644 (file)
--- a/src/afs/afs_pag_cred.c
+++ b/src/afs/afs_pag_cred.c
@@ -99,7 +99,7 @@ int afspag_PUnlog(char *ain, afs_int32 ainSize, afs_ucred_t **acred)
        return EIO;             /* Inappropriate ioctl for device */
 
     pag = PagInCred(*acred);
-    uid = (pag == NOPAG) ? (*acred)->cr_uid : pag;
+    uid = (pag == NOPAG) ? cr_uid(*acred) : pag;
     i = UHash(uid);
     ObtainWriteLock(&afs_xuser, 823);
     for (tu = afs_users[i]; tu; tu = tu->next) {
@@ -187,7 +187,7 @@ int afspag_PSetTokens(char *ain, afs_int32 ainSize, afs_ucred_t **acred)
 #endif
     }
     pag = PagInCred(*acred);
-    uid = (pag == NOPAG) ? (*acred)->cr_uid : pag;
+    uid = (pag == NOPAG) ? cr_uid(*acred) : pag;
     /* now we just set the tokens */
     tu = afs_GetUser(uid, tcell->cellnum, WRITE_LOCK);
     if (!tu->cellinfo)

diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c
index 4ff344a..3a44500 100644 (file)
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@@ -3237,9 +3237,9 @@ DECL_PIOCTL(PSetSysName)
        ain += t + 1;
        num = count;
     }
-    if ((*acred)->cr_gid == RMTUSER_REQ ||
-       (*acred)->cr_gid == RMTUSER_REQ_PRIV) { /* Handles all exporters */
-       if (allpags && (*acred)->cr_gid != RMTUSER_REQ_PRIV) {
+    if (cr_gid(*acred) == RMTUSER_REQ ||
+       cr_gid(*acred) == RMTUSER_REQ_PRIV) {   /* Handles all exporters */
+       if (allpags && cr_gid(*acred) != RMTUSER_REQ_PRIV) {
            return EPERM;
        }
        pag = PagInCred(*acred);
@@ -3977,21 +3977,21 @@ HandleClientContext(struct afs_ioctl *ablob, int *com,
 #ifdef AFS_AIX41_ENV
     setuerror(0);
 #endif
-    newcred->cr_gid = isroot ? RMTUSER_REQ_PRIV : RMTUSER_REQ;
+    set_cr_gid(newcred, isroot ? RMTUSER_REQ_PRIV : RMTUSER_REQ);
 #ifdef AFS_AIX51_ENV
     newcred->cr_groupset.gs_union.un_groups[0] = g0;
     newcred->cr_groupset.gs_union.un_groups[1] = g1;
 #elif defined(AFS_LINUX26_ENV)
 #ifdef AFS_LINUX26_ONEGROUP_ENV
-    newcred->cr_group_info = groups_alloc(1); /* not that anything sets this */
+    set_cr_group_info(newcred, groups_alloc(1)); /* not that anything sets this */
     l = (((g0-0x3f00) & 0x3fff) << 14) | ((g1-0x3f00) & 0x3fff);
     h = ((g0-0x3f00) >> 14);
     h = ((g1-0x3f00) >> 14) + h + h + h;
-    GROUP_AT(newcred->cr_group_info, 0) = ((h << 28) | l);
+    GROUP_AT(cr_group_info(newcred), 0) = ((h << 28) | l);
 #else
-    newcred->cr_group_info = groups_alloc(2);
-    GROUP_AT(newcred->cr_group_info, 0) = g0;
-    GROUP_AT(newcred->cr_group_info, 1) = g1;
+    set_cr_group_info(newcred, groups_alloc(2));
+    GROUP_AT(cr_group_info(newcred), 0) = g0;
+    GROUP_AT(cr_group_info(newcred), 1) = g1;
 #endif
 #else
     newcred->cr_groups[0] = g0;
@@ -4013,15 +4013,15 @@ HandleClientContext(struct afs_ioctl *ablob, int *com,
        return EINVAL;
     }
     if (exporter->exp_states & EXP_PWSYNC) {
-       if (uid != credp->cr_uid) {
+       if (uid != cr_uid(credp)) {
            crfree(newcred);
            return ENOEXEC;     /* XXX Find a better errno XXX */
        }
     }
-    newcred->cr_uid = uid;     /* Only temporary  */
+    set_cr_uid(newcred, uid);  /* Only temporary  */
     code = EXP_REQHANDLER(exporter, &newcred, hostaddr, &pag, &outexporter);
     /* The client's pag is the only unique identifier for it */
-    newcred->cr_uid = pag;
+    set_cr_uid(newcred, pag);
     *acred = newcred;
     if (!code && *com == PSETPAG) {
        /* Special case for 'setpag' */
@@ -4709,7 +4709,7 @@ DECL_PIOCTL(PNFSNukeCreds)
        return EINVAL;
     memcpy(&addr, ain, sizeof(afs_int32));
 
-    if ((*acred)->cr_gid == RMTUSER_REQ_PRIV && !addr) {
+    if (cr_gid(*acred) == RMTUSER_REQ_PRIV && !addr) {
        tu = afs_GetUser(areq->uid, -1, SHARED_LOCK);
        if (!tu->exporter || !(addr = EXP_GETHOST(tu->exporter))) {
            afs_PutUser(tu, SHARED_LOCK);

diff --git a/src/afs/afs_user.c b/src/afs/afs_user.c
index bad9926..c7c6826 100644 (file)
--- a/src/afs/afs_user.c
+++ b/src/afs/afs_user.c
@@ -608,11 +608,11 @@ afs_GCPAGs_perproc_func(afs_proc_t * pproc)
 
     pag = PagInCred(pcred);
 #if defined(AFS_DARWIN_ENV) || defined(AFS_FBSD40_ENV) || defined(AFS_LINUX22_ENV)
-    uid = (pag != NOPAG ? pag : pcred->cr_uid);
+    uid = (pag != NOPAG ? pag : cr_uid(pcred));
 #elif defined(AFS_SUN510_ENV)
     uid = (pag != NOPAG ? pag : crgetruid(pcred));
 #else
-    uid = (pag != NOPAG ? pag : pcred->cr_ruid);
+    uid = (pag != NOPAG ? pag : cr_ruid(pcred);
 #endif
     hash = UHash(uid);
 

diff --git a/src/afs/exporter.h b/src/afs/exporter.h
index ecaa8c0..e38c0fc 100644 (file)
--- a/src/afs/exporter.h
+++ b/src/afs/exporter.h
@@ -43,7 +43,7 @@
 #if defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
 #define AFS_NFSXLATORREQ(cred) 0
 #else
-#define        AFS_NFSXLATORREQ(cred)    ((cred)->cr_rgid == NFSXLATOR_CRED)
+#define        AFS_NFSXLATORREQ(cred)    (cr_rgid(cred) == NFSXLATOR_CRED)
 #endif
 
 struct afs_exporter;

diff --git a/src/afsweb/nsafs.c b/src/afsweb/nsafs.c
index 2182d9c..d0a1e24 100644 (file)
--- a/src/afsweb/nsafs.c
+++ b/src/afsweb/nsafs.c
@@ -305,8 +305,8 @@ nsafs_set_id_from_ints(int viceid, int group0, int group1)
 
     u.u_viceid = viceid;
     crp = u.u_cred;
-    crp->cr_uid = viceid;
-    crp->cr_ruid = viceid;
+    set_cr_uid(crp, viceid);
+    set_cr_ruid(crp, viceid);
     crp->cr_suid = viceid;
     crp->cr_groups[0] = group0;
     crp->cr_groups[1] = group1;
@@ -331,8 +331,8 @@ nsafs_set_id_from_strings(char *viceid, char *group0, char *group1)
     } else {
        u.u_viceid = getuid();
        crp = u.u_cred;
-       crp->cr_uid = getuid();
-       crp->cr_ruid = getuid();
+       set_cr_uid(crp, getuid());
+       set_cr_ruid(crp, getuid());
        crp->cr_suid = getuid();
        crp->cr_groups[0] = getgid();
        crp->cr_ngroups = 1;