fs/nfsd/nfs4idmap.c

0001 /*
0002  *  Mapping of UID/GIDs to name and vice versa.
0003  *
0004  *  Copyright (c) 2002, 2003 The Regents of the University of
0005  *  Michigan.  All rights reserved.
0006  *
0007  *  Marius Aamodt Eriksen <marius@umich.edu>
0008  *
0009  *  Redistribution and use in source and binary forms, with or without
0010  *  modification, are permitted provided that the following conditions
0011  *  are met:
0012  *
0013  *  1. Redistributions of source code must retain the above copyright
0014  *     notice, this list of conditions and the following disclaimer.
0015  *  2. Redistributions in binary form must reproduce the above copyright
0016  *     notice, this list of conditions and the following disclaimer in the
0017  *     documentation and/or other materials provided with the distribution.
0018  *  3. Neither the name of the University nor the names of its
0019  *     contributors may be used to endorse or promote products derived
0020  *     from this software without specific prior written permission.
0021  *
0022  *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
0023  *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
0024  *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
0025  *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
0026  *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
0027  *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
0028  *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
0029  *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
0030  *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
0031  *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
0032  *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
0033  */
0034
0035 #include <linux/module.h>
0036 #include <linux/seq_file.h>
0037 #include <linux/sched.h>
0038 #include <linux/slab.h>
0039 #include <linux/sunrpc/svc_xprt.h>
0040 #include <net/net_namespace.h>
0041 #include "idmap.h"
0042 #include "nfsd.h"
0043 #include "netns.h"
0044
0045 /*
0046  * Turn off idmapping when using AUTH_SYS.
0047  */
0048 static bool nfs4_disable_idmapping = true;
0049 module_param(nfs4_disable_idmapping, bool, 0644);
0050 MODULE_PARM_DESC(nfs4_disable_idmapping,
0051         "Turn off server's NFSv4 idmapping when using 'sec=sys'");
0052
0053 /*
0054  * Cache entry
0055  */
0056
0057 /*
0058  * XXX we know that IDMAP_NAMESZ < PAGE_SIZE, but it's ugly to rely on
0059  * that.
0060  */
0061
0062 struct ent {
0063     struct cache_head h;
0064     int               type;            /* User / Group */
0065     u32               id;
0066     char              name[IDMAP_NAMESZ];
0067     char              authname[IDMAP_NAMESZ];
0068     struct rcu_head   rcu_head;
0069 };
0070
0071 /* Common entry handling */
0072
0073 #define ENT_HASHBITS          8
0074 #define ENT_HASHMAX           (1 << ENT_HASHBITS)
0075
0076 static void
0077 ent_init(struct cache_head *cnew, struct cache_head *citm)
0078 {
0079     struct ent *new = container_of(cnew, struct ent, h);
0080     struct ent *itm = container_of(citm, struct ent, h);
0081
0082     new->id = itm->id;
0083     new->type = itm->type;
0084
0085     strlcpy(new->name, itm->name, sizeof(new->name));
0086     strlcpy(new->authname, itm->authname, sizeof(new->authname));
0087 }
0088
0089 static void
0090 ent_put(struct kref *ref)
0091 {
0092     struct ent *map = container_of(ref, struct ent, h.ref);
0093     kfree_rcu(map, rcu_head);
0094 }
0095
0096 static struct cache_head *
0097 ent_alloc(void)
0098 {
0099     struct ent *e = kmalloc(sizeof(*e), GFP_KERNEL);
0100     if (e)
0101         return &e->h;
0102     else
0103         return NULL;
0104 }
0105
0106 /*
0107  * ID -> Name cache
0108  */
0109
0110 static uint32_t
0111 idtoname_hash(struct ent *ent)
0112 {
0113     uint32_t hash;
0114
0115     hash = hash_str(ent->authname, ENT_HASHBITS);
0116     hash = hash_long(hash ^ ent->id, ENT_HASHBITS);
0117
0118     /* Flip LSB for user/group */
0119     if (ent->type == IDMAP_TYPE_GROUP)
0120         hash ^= 1;
0121
0122     return hash;
0123 }
0124
0125 static int
0126 idtoname_upcall(struct cache_detail *cd, struct cache_head *h)
0127 {
0128     return sunrpc_cache_pipe_upcall_timeout(cd, h);
0129 }
0130
0131 static void
0132 idtoname_request(struct cache_detail *cd, struct cache_head *ch, char **bpp,
0133     int *blen)
0134 {
0135     struct ent *ent = container_of(ch, struct ent, h);
0136     char idstr[11];
0137
0138     qword_add(bpp, blen, ent->authname);
0139     snprintf(idstr, sizeof(idstr), "%u", ent->id);
0140     qword_add(bpp, blen, ent->type == IDMAP_TYPE_GROUP ? "group" : "user");
0141     qword_add(bpp, blen, idstr);
0142
0143     (*bpp)[-1] = '\n';
0144 }
0145
0146 static int
0147 idtoname_match(struct cache_head *ca, struct cache_head *cb)
0148 {
0149     struct ent *a = container_of(ca, struct ent, h);
0150     struct ent *b = container_of(cb, struct ent, h);
0151
0152     return (a->id == b->id && a->type == b->type &&
0153         strcmp(a->authname, b->authname) == 0);
0154 }
0155
0156 static int
0157 idtoname_show(struct seq_file *m, struct cache_detail *cd, struct cache_head *h)
0158 {
0159     struct ent *ent;
0160
0161     if (h == NULL) {
0162         seq_puts(m, "#domain type id [name]\n");
0163         return 0;
0164     }
0165     ent = container_of(h, struct ent, h);
0166     seq_printf(m, "%s %s %u", ent->authname,
0167             ent->type == IDMAP_TYPE_GROUP ? "group" : "user",
0168             ent->id);
0169     if (test_bit(CACHE_VALID, &h->flags))
0170         seq_printf(m, " %s", ent->name);
0171     seq_putc(m, '\n');
0172     return 0;
0173 }
0174
0175 static void
0176 warn_no_idmapd(struct cache_detail *detail, int has_died)
0177 {
0178     printk("nfsd: nfsv4 idmapping failing: has idmapd %s?\n",
0179             has_died ? "died" : "not been started");
0180 }
0181
0182
0183 static int         idtoname_parse(struct cache_detail *, char *, int);
0184 static struct ent *idtoname_lookup(struct cache_detail *, struct ent *);
0185 static struct ent *idtoname_update(struct cache_detail *, struct ent *,
0186                    struct ent *);
0187
0188 static const struct cache_detail idtoname_cache_template = {
0189     .owner      = THIS_MODULE,
0190     .hash_size  = ENT_HASHMAX,
0191     .name       = "nfs4.idtoname",
0192     .cache_put  = ent_put,
0193     .cache_upcall   = idtoname_upcall,
0194     .cache_request  = idtoname_request,
0195     .cache_parse    = idtoname_parse,
0196     .cache_show = idtoname_show,
0197     .warn_no_listener = warn_no_idmapd,
0198     .match      = idtoname_match,
0199     .init       = ent_init,
0200     .update     = ent_init,
0201     .alloc      = ent_alloc,
0202 };
0203
0204 static int
0205 idtoname_parse(struct cache_detail *cd, char *buf, int buflen)
0206 {
0207     struct ent ent, *res;
0208     char *buf1, *bp;
0209     int len;
0210     int error = -EINVAL;
0211
0212     if (buf[buflen - 1] != '\n')
0213         return (-EINVAL);
0214     buf[buflen - 1]= '\0';
0215
0216     buf1 = kmalloc(PAGE_SIZE, GFP_KERNEL);
0217     if (buf1 == NULL)
0218         return (-ENOMEM);
0219
0220     memset(&ent, 0, sizeof(ent));
0221
0222     /* Authentication name */
0223     len = qword_get(&buf, buf1, PAGE_SIZE);
0224     if (len <= 0 || len >= IDMAP_NAMESZ)
0225         goto out;
0226     memcpy(ent.authname, buf1, sizeof(ent.authname));
0227
0228     /* Type */
0229     if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
0230         goto out;
0231     ent.type = strcmp(buf1, "user") == 0 ?
0232         IDMAP_TYPE_USER : IDMAP_TYPE_GROUP;
0233
0234     /* ID */
0235     if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
0236         goto out;
0237     ent.id = simple_strtoul(buf1, &bp, 10);
0238     if (bp == buf1)
0239         goto out;
0240
0241     /* expiry */
0242     ent.h.expiry_time = get_expiry(&buf);
0243     if (ent.h.expiry_time == 0)
0244         goto out;
0245
0246     error = -ENOMEM;
0247     res = idtoname_lookup(cd, &ent);
0248     if (!res)
0249         goto out;
0250
0251     /* Name */
0252     error = -EINVAL;
0253     len = qword_get(&buf, buf1, PAGE_SIZE);
0254     if (len < 0 || len >= IDMAP_NAMESZ)
0255         goto out;
0256     if (len == 0)
0257         set_bit(CACHE_NEGATIVE, &ent.h.flags);
0258     else
0259         memcpy(ent.name, buf1, sizeof(ent.name));
0260     error = -ENOMEM;
0261     res = idtoname_update(cd, &ent, res);
0262     if (res == NULL)
0263         goto out;
0264
0265     cache_put(&res->h, cd);
0266     error = 0;
0267 out:
0268     kfree(buf1);
0269     return error;
0270 }
0271
0272 static struct ent *
0273 idtoname_lookup(struct cache_detail *cd, struct ent *item)
0274 {
0275     struct cache_head *ch = sunrpc_cache_lookup_rcu(cd, &item->h,
0276                             idtoname_hash(item));
0277     if (ch)
0278         return container_of(ch, struct ent, h);
0279     else
0280         return NULL;
0281 }
0282
0283 static struct ent *
0284 idtoname_update(struct cache_detail *cd, struct ent *new, struct ent *old)
0285 {
0286     struct cache_head *ch = sunrpc_cache_update(cd, &new->h, &old->h,
0287                             idtoname_hash(new));
0288     if (ch)
0289         return container_of(ch, struct ent, h);
0290     else
0291         return NULL;
0292 }
0293
0294
0295 /*
0296  * Name -> ID cache
0297  */
0298
0299 static inline int
0300 nametoid_hash(struct ent *ent)
0301 {
0302     return hash_str(ent->name, ENT_HASHBITS);
0303 }
0304
0305 static int
0306 nametoid_upcall(struct cache_detail *cd, struct cache_head *h)
0307 {
0308     return sunrpc_cache_pipe_upcall_timeout(cd, h);
0309 }
0310
0311 static void
0312 nametoid_request(struct cache_detail *cd, struct cache_head *ch, char **bpp,
0313     int *blen)
0314 {
0315     struct ent *ent = container_of(ch, struct ent, h);
0316
0317     qword_add(bpp, blen, ent->authname);
0318     qword_add(bpp, blen, ent->type == IDMAP_TYPE_GROUP ? "group" : "user");
0319     qword_add(bpp, blen, ent->name);
0320
0321     (*bpp)[-1] = '\n';
0322 }
0323
0324 static int
0325 nametoid_match(struct cache_head *ca, struct cache_head *cb)
0326 {
0327     struct ent *a = container_of(ca, struct ent, h);
0328     struct ent *b = container_of(cb, struct ent, h);
0329
0330     return (a->type == b->type && strcmp(a->name, b->name) == 0 &&
0331         strcmp(a->authname, b->authname) == 0);
0332 }
0333
0334 static int
0335 nametoid_show(struct seq_file *m, struct cache_detail *cd, struct cache_head *h)
0336 {
0337     struct ent *ent;
0338
0339     if (h == NULL) {
0340         seq_puts(m, "#domain type name [id]\n");
0341         return 0;
0342     }
0343     ent = container_of(h, struct ent, h);
0344     seq_printf(m, "%s %s %s", ent->authname,
0345             ent->type == IDMAP_TYPE_GROUP ? "group" : "user",
0346             ent->name);
0347     if (test_bit(CACHE_VALID, &h->flags))
0348         seq_printf(m, " %u", ent->id);
0349     seq_putc(m, '\n');
0350     return 0;
0351 }
0352
0353 static struct ent *nametoid_lookup(struct cache_detail *, struct ent *);
0354 static struct ent *nametoid_update(struct cache_detail *, struct ent *,
0355                    struct ent *);
0356 static int         nametoid_parse(struct cache_detail *, char *, int);
0357
0358 static const struct cache_detail nametoid_cache_template = {
0359     .owner      = THIS_MODULE,
0360     .hash_size  = ENT_HASHMAX,
0361     .name       = "nfs4.nametoid",
0362     .cache_put  = ent_put,
0363     .cache_upcall   = nametoid_upcall,
0364     .cache_request  = nametoid_request,
0365     .cache_parse    = nametoid_parse,
0366     .cache_show = nametoid_show,
0367     .warn_no_listener = warn_no_idmapd,
0368     .match      = nametoid_match,
0369     .init       = ent_init,
0370     .update     = ent_init,
0371     .alloc      = ent_alloc,
0372 };
0373
0374 static int
0375 nametoid_parse(struct cache_detail *cd, char *buf, int buflen)
0376 {
0377     struct ent ent, *res;
0378     char *buf1;
0379     int len, error = -EINVAL;
0380
0381     if (buf[buflen - 1] != '\n')
0382         return (-EINVAL);
0383     buf[buflen - 1]= '\0';
0384
0385     buf1 = kmalloc(PAGE_SIZE, GFP_KERNEL);
0386     if (buf1 == NULL)
0387         return (-ENOMEM);
0388
0389     memset(&ent, 0, sizeof(ent));
0390
0391     /* Authentication name */
0392     len = qword_get(&buf, buf1, PAGE_SIZE);
0393     if (len <= 0 || len >= IDMAP_NAMESZ)
0394         goto out;
0395     memcpy(ent.authname, buf1, sizeof(ent.authname));
0396
0397     /* Type */
0398     if (qword_get(&buf, buf1, PAGE_SIZE) <= 0)
0399         goto out;
0400     ent.type = strcmp(buf1, "user") == 0 ?
0401         IDMAP_TYPE_USER : IDMAP_TYPE_GROUP;
0402
0403     /* Name */
0404     len = qword_get(&buf, buf1, PAGE_SIZE);
0405     if (len <= 0 || len >= IDMAP_NAMESZ)
0406         goto out;
0407     memcpy(ent.name, buf1, sizeof(ent.name));
0408
0409     /* expiry */
0410     ent.h.expiry_time = get_expiry(&buf);
0411     if (ent.h.expiry_time == 0)
0412         goto out;
0413
0414     /* ID */
0415     error = get_int(&buf, &ent.id);
0416     if (error == -EINVAL)
0417         goto out;
0418     if (error == -ENOENT)
0419         set_bit(CACHE_NEGATIVE, &ent.h.flags);
0420
0421     error = -ENOMEM;
0422     res = nametoid_lookup(cd, &ent);
0423     if (res == NULL)
0424         goto out;
0425     res = nametoid_update(cd, &ent, res);
0426     if (res == NULL)
0427         goto out;
0428
0429     cache_put(&res->h, cd);
0430     error = 0;
0431 out:
0432     kfree(buf1);
0433     return (error);
0434 }
0435
0436
0437 static struct ent *
0438 nametoid_lookup(struct cache_detail *cd, struct ent *item)
0439 {
0440     struct cache_head *ch = sunrpc_cache_lookup_rcu(cd, &item->h,
0441                             nametoid_hash(item));
0442     if (ch)
0443         return container_of(ch, struct ent, h);
0444     else
0445         return NULL;
0446 }
0447
0448 static struct ent *
0449 nametoid_update(struct cache_detail *cd, struct ent *new, struct ent *old)
0450 {
0451     struct cache_head *ch = sunrpc_cache_update(cd, &new->h, &old->h,
0452                             nametoid_hash(new));
0453     if (ch)
0454         return container_of(ch, struct ent, h);
0455     else
0456         return NULL;
0457 }
0458
0459 /*
0460  * Exported API
0461  */
0462
0463 int
0464 nfsd_idmap_init(struct net *net)
0465 {
0466     int rv;
0467     struct nfsd_net *nn = net_generic(net, nfsd_net_id);
0468
0469     nn->idtoname_cache = cache_create_net(&idtoname_cache_template, net);
0470     if (IS_ERR(nn->idtoname_cache))
0471         return PTR_ERR(nn->idtoname_cache);
0472     rv = cache_register_net(nn->idtoname_cache, net);
0473     if (rv)
0474         goto destroy_idtoname_cache;
0475     nn->nametoid_cache = cache_create_net(&nametoid_cache_template, net);
0476     if (IS_ERR(nn->nametoid_cache)) {
0477         rv = PTR_ERR(nn->nametoid_cache);
0478         goto unregister_idtoname_cache;
0479     }
0480     rv = cache_register_net(nn->nametoid_cache, net);
0481     if (rv)
0482         goto destroy_nametoid_cache;
0483     return 0;
0484
0485 destroy_nametoid_cache:
0486     cache_destroy_net(nn->nametoid_cache, net);
0487 unregister_idtoname_cache:
0488     cache_unregister_net(nn->idtoname_cache, net);
0489 destroy_idtoname_cache:
0490     cache_destroy_net(nn->idtoname_cache, net);
0491     return rv;
0492 }
0493
0494 void
0495 nfsd_idmap_shutdown(struct net *net)
0496 {
0497     struct nfsd_net *nn = net_generic(net, nfsd_net_id);
0498
0499     cache_unregister_net(nn->idtoname_cache, net);
0500     cache_unregister_net(nn->nametoid_cache, net);
0501     cache_destroy_net(nn->idtoname_cache, net);
0502     cache_destroy_net(nn->nametoid_cache, net);
0503 }
0504
0505 static int
0506 idmap_lookup(struct svc_rqst *rqstp,
0507         struct ent *(*lookup_fn)(struct cache_detail *, struct ent *),
0508         struct ent *key, struct cache_detail *detail, struct ent **item)
0509 {
0510     int ret;
0511
0512     *item = lookup_fn(detail, key);
0513     if (!*item)
0514         return -ENOMEM;
0515  retry:
0516     ret = cache_check(detail, &(*item)->h, &rqstp->rq_chandle);
0517
0518     if (ret == -ETIMEDOUT) {
0519         struct ent *prev_item = *item;
0520         *item = lookup_fn(detail, key);
0521         if (*item != prev_item)
0522             goto retry;
0523         cache_put(&(*item)->h, detail);
0524     }
0525     return ret;
0526 }
0527
0528 static char *
0529 rqst_authname(struct svc_rqst *rqstp)
0530 {
0531     struct auth_domain *clp;
0532
0533     clp = rqstp->rq_gssclient ? rqstp->rq_gssclient : rqstp->rq_client;
0534     return clp->name;
0535 }
0536
0537 static __be32
0538 idmap_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen,
0539         u32 *id)
0540 {
0541     struct ent *item, key = {
0542         .type = type,
0543     };
0544     int ret;
0545     struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
0546
0547     if (namelen + 1 > sizeof(key.name))
0548         return nfserr_badowner;
0549     memcpy(key.name, name, namelen);
0550     key.name[namelen] = '\0';
0551     strlcpy(key.authname, rqst_authname(rqstp), sizeof(key.authname));
0552     ret = idmap_lookup(rqstp, nametoid_lookup, &key, nn->nametoid_cache, &item);
0553     if (ret == -ENOENT)
0554         return nfserr_badowner;
0555     if (ret)
0556         return nfserrno(ret);
0557     *id = item->id;
0558     cache_put(&item->h, nn->nametoid_cache);
0559     return 0;
0560 }
0561
0562 static __be32 encode_ascii_id(struct xdr_stream *xdr, u32 id)
0563 {
0564     char buf[11];
0565     int len;
0566     __be32 *p;
0567
0568     len = sprintf(buf, "%u", id);
0569     p = xdr_reserve_space(xdr, len + 4);
0570     if (!p)
0571         return nfserr_resource;
0572     p = xdr_encode_opaque(p, buf, len);
0573     return 0;
0574 }
0575
0576 static __be32 idmap_id_to_name(struct xdr_stream *xdr,
0577                    struct svc_rqst *rqstp, int type, u32 id)
0578 {
0579     struct ent *item, key = {
0580         .id = id,
0581         .type = type,
0582     };
0583     __be32 *p;
0584     int ret;
0585     struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
0586
0587     strlcpy(key.authname, rqst_authname(rqstp), sizeof(key.authname));
0588     ret = idmap_lookup(rqstp, idtoname_lookup, &key, nn->idtoname_cache, &item);
0589     if (ret == -ENOENT)
0590         return encode_ascii_id(xdr, id);
0591     if (ret)
0592         return nfserrno(ret);
0593     ret = strlen(item->name);
0594     WARN_ON_ONCE(ret > IDMAP_NAMESZ);
0595     p = xdr_reserve_space(xdr, ret + 4);
0596     if (!p)
0597         return nfserr_resource;
0598     p = xdr_encode_opaque(p, item->name, ret);
0599     cache_put(&item->h, nn->idtoname_cache);
0600     return 0;
0601 }
0602
0603 static bool
0604 numeric_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, u32 *id)
0605 {
0606     int ret;
0607     char buf[11];
0608
0609     if (namelen + 1 > sizeof(buf))
0610         /* too long to represent a 32-bit id: */
0611         return false;
0612     /* Just to make sure it's null-terminated: */
0613     memcpy(buf, name, namelen);
0614     buf[namelen] = '\0';
0615     ret = kstrtouint(buf, 10, id);
0616     return ret == 0;
0617 }
0618
0619 static __be32
0620 do_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, u32 *id)
0621 {
0622     if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
0623         if (numeric_name_to_id(rqstp, type, name, namelen, id))
0624             return 0;
0625         /*
0626          * otherwise, fall through and try idmapping, for
0627          * backwards compatibility with clients sending names:
0628          */
0629     return idmap_name_to_id(rqstp, type, name, namelen, id);
0630 }
0631
0632 static __be32 encode_name_from_id(struct xdr_stream *xdr,
0633                   struct svc_rqst *rqstp, int type, u32 id)
0634 {
0635     if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
0636         return encode_ascii_id(xdr, id);
0637     return idmap_id_to_name(xdr, rqstp, type, id);
0638 }
0639
0640 __be32
0641 nfsd_map_name_to_uid(struct svc_rqst *rqstp, const char *name, size_t namelen,
0642         kuid_t *uid)
0643 {
0644     __be32 status;
0645     u32 id = -1;
0646
0647     if (name == NULL || namelen == 0)
0648         return nfserr_inval;
0649
0650     status = do_name_to_id(rqstp, IDMAP_TYPE_USER, name, namelen, &id);
0651     *uid = make_kuid(nfsd_user_namespace(rqstp), id);
0652     if (!uid_valid(*uid))
0653         status = nfserr_badowner;
0654     return status;
0655 }
0656
0657 __be32
0658 nfsd_map_name_to_gid(struct svc_rqst *rqstp, const char *name, size_t namelen,
0659         kgid_t *gid)
0660 {
0661     __be32 status;
0662     u32 id = -1;
0663
0664     if (name == NULL || namelen == 0)
0665         return nfserr_inval;
0666
0667     status = do_name_to_id(rqstp, IDMAP_TYPE_GROUP, name, namelen, &id);
0668     *gid = make_kgid(nfsd_user_namespace(rqstp), id);
0669     if (!gid_valid(*gid))
0670         status = nfserr_badowner;
0671     return status;
0672 }
0673
0674 __be32 nfsd4_encode_user(struct xdr_stream *xdr, struct svc_rqst *rqstp,
0675              kuid_t uid)
0676 {
0677     u32 id = from_kuid_munged(nfsd_user_namespace(rqstp), uid);
0678     return encode_name_from_id(xdr, rqstp, IDMAP_TYPE_USER, id);
0679 }
0680
0681 __be32 nfsd4_encode_group(struct xdr_stream *xdr, struct svc_rqst *rqstp,
0682               kgid_t gid)
0683 {
0684     u32 id = from_kgid_munged(nfsd_user_namespace(rqstp), gid);
0685     return encode_name_from_id(xdr, rqstp, IDMAP_TYPE_GROUP, id);
0686 }