[5/8] syscall_cred() a system call that receives alternate CREDs

[Boaz Harrosh <bharrosh@panasas.com>]

From: Jim Lieb <jlieb@panasas.com>

In current NFS Server (Ganesha) lots of operation becomes 6 syscalls
(Or is it 7?)

- setfsuid(), setfsgid(), thread_setgroups()
- The OP
- Revert setfsuid(), setfsgid() to root

This is because if we do all these file operations as root then
FS will not account for the quota a user have on create files,
data space, and so on.
(Note that permission checking is done by Ganesha core, because
 We may cache open fd(s) and such not, another topic)

We could maybe with hard work save the last two calls for reverting
to root, but this will force us to audit lots of code that we are
not prepared to do right now. And will not save us much.

[thread_setgroups()]
thread_setgroups() is what we use at Ganesha and what Samaba guys use
for a per-thread setgroups() call. In the Linux Kernel the setgroups is
actually always per thread. It is only the POSIX (crap) pthread layer
at glibc that intercepts the setgroups() call (and others), Iterates on
all threads that belong to a process, and calls the native Kernel setgroups
on them. So thread_setgroups() is just the raw syscall bypassing glibc's
processing. We will eventually push this API to glibc.
BTW: this is done exactly the same on FreeBSD, with same exact glibc intervention.

[Proposed]
What Jim proposed is a syscall that receives a struct that has
the regular syscalls parameters plus the creds structure with fsuid/fsgid and
groups array. Kernel will set these in, call the original syscall, and revert.
This will be done on only an interested subset of the syscalls that are one -
are related to filesystems (setfsXid) and two - are of interest to us Servers.

Jim care to scribble a structure definition?

Thanks
Boaz