linux/net
Latchesar Ionkov ba17674fe0 9p: attach-per-user
The 9P2000 protocol requires the authentication and permission checks to be
done in the file server. For that reason every user that accesses the file
server tree has to authenticate and attach to the server separately.
Multiple users can share the same connection to the server.

Currently v9fs does a single attach and executes all I/O operations as a
single user. This makes using v9fs in multiuser environment unsafe as it
depends on the client doing the permission checking.

This patch improves the 9P2000 support by allowing every user to attach
separately. The patch defines three modes of access (new mount option
'access'):

- attach-per-user (access=user) (default mode for 9P2000.u)
 If a user tries to access a file served by v9fs for the first time, v9fs
 sends an attach command to the server (Tattach) specifying the user. If
 the attach succeeds, the user can access the v9fs tree.
 As there is no uname->uid (string->integer) mapping yet, this mode works
 only with the 9P2000.u dialect.

- allow only one user to access the tree (access=<uid>)
 Only the user with uid can access the v9fs tree. Other users that attempt
 to access it will get EPERM error.

- do all operations as a single user (access=any) (default for 9P2000)
 V9fs does a single attach and all operations are done as a single user.
 If this mode is selected, the v9fs behavior is identical with the current
 one.

Signed-off-by: Latchesar Ionkov <lucho@ionkov.net>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2007-10-17 14:31:07 -05:00
..
9p 9p: attach-per-user 2007-10-17 14:31:07 -05:00
802 [NET]: Move hardware header operations out of netdevice. 2007-10-10 16:52:52 -07:00
8021q [8021Q]: transfer dev_id from real device 2007-10-10 16:54:56 -07:00
appletalk [NET]: sparse warning fixes 2007-10-10 16:54:48 -07:00
atm Driver core: change add_uevent_var to use a struct 2007-10-12 14:51:01 -07:00
ax25 [NET]: Move hardware header operations out of netdevice. 2007-10-10 16:52:52 -07:00
bluetooth [BLUETOOTH]: Make hidp_setup_input() return int 2007-10-10 16:52:39 -07:00
bridge [BRIDGE]: Remove SKB share checks in br_nf_pre_routing(). 2007-10-15 12:26:35 -07:00
core [NEIGH]: Ensure that pneigh_lookup is protected with RTNL 2007-10-15 12:54:15 -07:00
dccp [IPV6]: Replace sk_buff ** with sk_buff * in input handlers 2007-10-15 12:50:28 -07:00
decnet [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
econet [NET]: Wrap netdevice hardware header creation. 2007-10-10 16:52:50 -07:00
ethernet [NET]: Move hardware header operations out of netdevice. 2007-10-10 16:52:52 -07:00
ieee80211 [IEEE80211]: Fix softmac lockdep reports. 2007-10-10 16:52:22 -07:00
ipv4 [INET]: kmalloc+memset -> kzalloc in frag_alloc_queue 2007-10-15 12:53:13 -07:00
ipv6 [IPV6]: Consolidate the ip6_pol_route_(input|output) pair 2007-10-15 13:02:51 -07:00
ipx [NET]: Make the device list and device lookups per namespace. 2007-10-10 16:49:10 -07:00
irda [IRDA]: Make the IRDA use the seq_open_private() 2007-10-10 16:55:35 -07:00
iucv [AF_IUCV]: postpone receival of iucv-packets 2007-10-10 16:54:51 -07:00
key [IPSEC]: Lock state when copying non-atomic fields to user-space 2007-10-10 16:55:02 -07:00
lapb [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
llc [NET]: Introduce and use print_mac() and DECLARE_MAC_BUF() 2007-10-10 16:51:42 -07:00
mac80211 [PATCH] mac80211: Defer setting of RX_FLAG_DECRYPTED. 2007-10-10 16:55:23 -07:00
netfilter [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
netlabel [NETLINK]: Introduce nested and byteorder flag to netlink attribute 2007-10-10 16:49:16 -07:00
netlink [NETLINK]: Don't leak 'listeners' in netlink_kernel_create() 2007-10-15 12:26:32 -07:00
netrom [NET]: Move hardware header operations out of netdevice. 2007-10-10 16:52:52 -07:00
packet [NET]: Move hardware header operations out of netdevice. 2007-10-10 16:52:52 -07:00
rfkill [RFKILL]: Add support for hardware-only rfkill buttons 2007-10-10 16:54:11 -07:00
rose [NET]: Move hardware header operations out of netdevice. 2007-10-10 16:52:52 -07:00
rxrpc KEYS: Make request_key() and co fundamentally asynchronous 2007-10-17 08:42:57 -07:00
sched [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
sctp Remove "unsafe" from module struct 2007-10-17 08:42:49 -07:00
sunrpc Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
tipc [NET]: Wrap netdevice hardware header creation. 2007-10-10 16:52:50 -07:00
unix sched: affine sync wakeups 2007-10-15 17:00:19 +02:00
wanrouter [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
wireless Driver core: change add_uevent_var to use a struct 2007-10-12 14:51:01 -07:00
x25 [NET]: Make the device list and device lookups per namespace. 2007-10-10 16:49:10 -07:00
xfrm [NET]: make netlink user -> kernel interface synchronious 2007-10-10 21:15:29 -07:00
compat.c O_CLOEXEC for SCM_RIGHTS 2007-07-16 09:05:45 -07:00
Kconfig [NET]: Add network namespace clone & unshare support. 2007-10-10 16:52:46 -07:00
Makefile 9p: Reorganization of 9p file system code 2007-07-14 15:13:40 -05:00
nonet.c
socket.c r/o bind mounts: filesystem helpers for custom 'struct file's 2007-10-17 08:43:04 -07:00
sysctl_net.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
TUNABLE