From: Marc Dionne Date: Sat, 19 Jan 2013 03:40:03 +0000 (-0500) Subject: Linux: setpag() may replace credentials X-Git-Tag: upstream/1.6.2.1^2~2 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=b0a10607f90c4097206bc38cb9bd16e842dbda10;p=packages%2Fo%2Fopenafs.git Linux: setpag() may replace credentials For recent Linux. setpag() may replace the current process' cred structure with a new one. This is not a problem for most callers, but in the case of processing a SetTokens2 pioctl with the setpag option, the new credentials should be used to determine the target for the token. Reviewed-on: http://gerrit.openafs.org/8924 Reviewed-by: Chas Williams - CONTRACTOR Tested-by: BuildBot Reviewed-by: Derrick Brashear (cherry picked from commit b61eac783e8c092cd4ba9f53a2b5ca7d43e08b1b) Change-Id: I66b5f171318964ff40fe78be24e75519183c3a82 Reviewed-on: http://gerrit.openafs.org/8948 Tested-by: BuildBot Reviewed-by: Andrew Deason Reviewed-by: Paul Smeddle Reviewed-by: Ken Dreyer Reviewed-by: Stephan Wiesand --- diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c index 3c01be5f0..98919a344 100644 --- a/src/afs/afs_pioctl.c +++ b/src/afs/afs_pioctl.c @@ -1859,6 +1859,9 @@ DECL_PIOCTL(PSetTokens) afs_PutCell(tcell, READ_LOCK); if (set_parent_pag) { afs_uint32 pag; +#if defined(AFS_LINUX26_ENV) + afs_ucred_t *old_cred = *acred; +#endif #if defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV) char procname[256]; osi_procname(procname, 256); @@ -1867,6 +1870,11 @@ DECL_PIOCTL(PSetTokens) if (!setpag(osi_curproc(), acred, -1, &pag, 1)) { #else if (!setpag(acred, -1, &pag, 1)) { +#endif +#if defined(AFS_LINUX26_ENV) + /* setpag() may have changed our credentials */ + *acred = crref(); + crfree(old_cred); #endif afs_InitReq(&treq, *acred); areq = &treq;