BLANK();
DEFINE(TASK_BLOCKED, offsetof(struct task_struct, blocked));
- DEFINE(TASK_UID, offsetof(struct task_struct, uid));
- DEFINE(TASK_EUID, offsetof(struct task_struct, euid));
- DEFINE(TASK_GID, offsetof(struct task_struct, gid));
- DEFINE(TASK_EGID, offsetof(struct task_struct, egid));
+ DEFINE(TASK_CRED, offsetof(struct task_struct, cred));
DEFINE(TASK_REAL_PARENT, offsetof(struct task_struct, real_parent));
DEFINE(TASK_GROUP_LEADER, offsetof(struct task_struct, group_leader));
DEFINE(TASK_TGID, offsetof(struct task_struct, tgid));
BLANK();
+ DEFINE(CRED_UID, offsetof(struct cred, uid));
+ DEFINE(CRED_EUID, offsetof(struct cred, euid));
+ DEFINE(CRED_GID, offsetof(struct cred, gid));
+ DEFINE(CRED_EGID, offsetof(struct cred, egid));
+ BLANK();
+
DEFINE(SIZEOF_PT_REGS, sizeof(struct pt_regs));
DEFINE(PT_PTRACED, PT_PTRACED);
DEFINE(CLONE_VM, CLONE_VM);
sys_getxuid:
.prologue 0
ldq $2, TI_TASK($8)
- ldl $0, TASK_UID($2)
- ldl $1, TASK_EUID($2)
+ ldq $3, TASK_CRED($2)
+ ldl $0, CRED_UID($3)
+ ldl $1, CRED_EUID($3)
stq $1, 80($sp)
ret
.end sys_getxuid
sys_getxgid:
.prologue 0
ldq $2, TI_TASK($8)
- ldl $0, TASK_GID($2)
- ldl $1, TASK_EGID($2)
+ ldq $3, TASK_CRED($2)
+ ldl $0, CRED_GID($3)
+ ldl $1, CRED_EGID($3)
stq $1, 80($sp)
ret
.end sys_getxgid
if (gidsetsize < 0)
return -EINVAL;
- get_group_info(current->group_info);
- i = current->group_info->ngroups;
+ get_group_info(current->cred->group_info);
+ i = current->cred->group_info->ngroups;
if (gidsetsize) {
if (i > gidsetsize) {
i = -EINVAL;
goto out;
}
- if (groups16_to_user(grouplist, current->group_info)) {
+ if (groups16_to_user(grouplist, current->cred->group_info)) {
i = -EFAULT;
goto out;
}
}
out:
- put_group_info(current->group_info);
+ put_group_info(current->cred->group_info);
return i;
}
static void sp_setfsuidgid( uid_t uid, gid_t gid)
{
- current->fsuid = uid;
- current->fsgid = gid;
+ current->cred->fsuid = uid;
+ current->cred->fsgid = gid;
key_fsuid_changed(current);
key_fsgid_changed(current);
{
int retval;
- if (!(retval = put_user(high2lowuid(current->uid), ruid)) &&
- !(retval = put_user(high2lowuid(current->euid), euid)))
- retval = put_user(high2lowuid(current->suid), suid);
+ if (!(retval = put_user(high2lowuid(current->cred->uid), ruid)) &&
+ !(retval = put_user(high2lowuid(current->cred->euid), euid)))
+ retval = put_user(high2lowuid(current->cred->suid), suid);
return retval;
}
{
int retval;
- if (!(retval = put_user(high2lowgid(current->gid), rgid)) &&
- !(retval = put_user(high2lowgid(current->egid), egid)))
- retval = put_user(high2lowgid(current->sgid), sgid);
+ if (!(retval = put_user(high2lowgid(current->cred->gid), rgid)) &&
+ !(retval = put_user(high2lowgid(current->cred->egid), egid)))
+ retval = put_user(high2lowgid(current->cred->sgid), sgid);
return retval;
}
if (gidsetsize < 0)
return -EINVAL;
- get_group_info(current->group_info);
- i = current->group_info->ngroups;
+ get_group_info(current->cred->group_info);
+ i = current->cred->group_info->ngroups;
if (gidsetsize) {
if (i > gidsetsize) {
i = -EINVAL;
goto out;
}
- if (groups16_to_user(grouplist, current->group_info)) {
+ if (groups16_to_user(grouplist, current->cred->group_info)) {
i = -EFAULT;
goto out;
}
}
out:
- put_group_info(current->group_info);
+ put_group_info(current->cred->group_info);
return i;
}
asmlinkage long sys32_getuid16(void)
{
- return high2lowuid(current->uid);
+ return high2lowuid(current->cred->uid);
}
asmlinkage long sys32_geteuid16(void)
{
- return high2lowuid(current->euid);
+ return high2lowuid(current->cred->euid);
}
asmlinkage long sys32_getgid16(void)
{
- return high2lowgid(current->gid);
+ return high2lowgid(current->cred->gid);
}
asmlinkage long sys32_getegid16(void)
{
- return high2lowgid(current->egid);
+ return high2lowgid(current->cred->egid);
}
/*
ev->event_data.id.process_pid = task->pid;
ev->event_data.id.process_tgid = task->tgid;
if (which_id == PROC_EVENT_UID) {
- ev->event_data.id.r.ruid = task->uid;
- ev->event_data.id.e.euid = task->euid;
+ ev->event_data.id.r.ruid = task->cred->uid;
+ ev->event_data.id.e.euid = task->cred->euid;
} else if (which_id == PROC_EVENT_GID) {
- ev->event_data.id.r.rgid = task->gid;
- ev->event_data.id.e.egid = task->egid;
+ ev->event_data.id.r.rgid = task->cred->gid;
+ ev->event_data.id.e.egid = task->cred->egid;
} else
return;
get_seq(&msg->seq, &ev->cpu);
NEW_AUX_ENT(AT_BASE, interp_load_addr);
NEW_AUX_ENT(AT_FLAGS, 0);
NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
- NEW_AUX_ENT(AT_UID, tsk->uid);
- NEW_AUX_ENT(AT_EUID, tsk->euid);
- NEW_AUX_ENT(AT_GID, tsk->gid);
- NEW_AUX_ENT(AT_EGID, tsk->egid);
+ NEW_AUX_ENT(AT_UID, tsk->cred->uid);
+ NEW_AUX_ENT(AT_EUID, tsk->cred->euid);
+ NEW_AUX_ENT(AT_GID, tsk->cred->gid);
+ NEW_AUX_ENT(AT_EGID, tsk->cred->egid);
NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
NEW_AUX_ENT(AT_EXECFN, bprm->exec);
if (k_platform) {
psinfo->pr_zomb = psinfo->pr_sname == 'Z';
psinfo->pr_nice = task_nice(p);
psinfo->pr_flag = p->flags;
- SET_UID(psinfo->pr_uid, p->uid);
- SET_GID(psinfo->pr_gid, p->gid);
+ SET_UID(psinfo->pr_uid, p->cred->uid);
+ SET_GID(psinfo->pr_gid, p->cred->gid);
strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
return 0;
NEW_AUX_ENT(AT_BASE, interp_params->elfhdr_addr);
NEW_AUX_ENT(AT_FLAGS, 0);
NEW_AUX_ENT(AT_ENTRY, exec_params->entry_addr);
- NEW_AUX_ENT(AT_UID, (elf_addr_t) current_uid());
- NEW_AUX_ENT(AT_EUID, (elf_addr_t) current_euid());
- NEW_AUX_ENT(AT_GID, (elf_addr_t) current_gid());
- NEW_AUX_ENT(AT_EGID, (elf_addr_t) current_egid());
+ NEW_AUX_ENT(AT_UID, (elf_addr_t) current->cred->uid);
+ NEW_AUX_ENT(AT_EUID, (elf_addr_t) current->cred->euid);
+ NEW_AUX_ENT(AT_GID, (elf_addr_t) current->cred->gid);
+ NEW_AUX_ENT(AT_EGID, (elf_addr_t) current->cred->egid);
NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
NEW_AUX_ENT(AT_EXECFN, bprm->exec);
psinfo->pr_zomb = psinfo->pr_sname == 'Z';
psinfo->pr_nice = task_nice(p);
psinfo->pr_flag = p->flags;
- SET_UID(psinfo->pr_uid, p->uid);
- SET_GID(psinfo->pr_gid, p->gid);
+ SET_UID(psinfo->pr_uid, p->cred->uid);
+ SET_GID(psinfo->pr_gid, p->cred->gid);
strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
return 0;
*/
if (get_dumpable(mm) == 2) { /* Setuid core dump mode */
flag = O_EXCL; /* Stop rewrite attacks */
- current->fsuid = 0; /* Dump root private */
+ current->cred->fsuid = 0; /* Dump root private */
}
retval = coredump_wait(exit_code, &core_state);
if (helper_argv)
argv_free(helper_argv);
- current->fsuid = fsuid;
+ current->cred->fsuid = fsuid;
coredump_finish(mm);
fail:
return retval;
struct fown_struct *fown, int sig)
{
return (((fown->euid == 0) ||
- (fown->euid == p->suid) || (fown->euid == p->uid) ||
- (fown->uid == p->suid) || (fown->uid == p->uid)) &&
+ (fown->euid == p->cred->suid) || (fown->euid == p->cred->uid) ||
+ (fown->uid == p->cred->suid) || (fown->uid == p->cred->uid)) &&
!security_file_send_sigiotask(p, fown, sig));
}
INIT_LIST_HEAD(&f->f_u.fu_list);
atomic_long_set(&f->f_count, 1);
rwlock_init(&f->f_owner.lock);
- f->f_uid = tsk->fsuid;
- f->f_gid = tsk->fsgid;
+ f->f_uid = tsk->cred->fsuid;
+ f->f_gid = tsk->cred->fsgid;
eventpoll_init_file(f);
/* f->f_version: 0 */
return f;
if (fc->flags & FUSE_ALLOW_OTHER)
return 1;
- if (task->euid == fc->user_id &&
- task->suid == fc->user_id &&
- task->uid == fc->user_id &&
- task->egid == fc->group_id &&
- task->sgid == fc->group_id &&
- task->gid == fc->group_id)
+ if (task->cred->euid == fc->user_id &&
+ task->cred->suid == fc->user_id &&
+ task->cred->uid == fc->user_id &&
+ task->cred->egid == fc->group_id &&
+ task->cred->sgid == fc->group_id &&
+ task->cred->gid == fc->group_id)
return 1;
return 0;
if (!can_do_hugetlb_shm())
return ERR_PTR(-EPERM);
- if (!user_shm_lock(size, current->user))
+ if (!user_shm_lock(size, current->cred->user))
return ERR_PTR(-ENOMEM);
root = hugetlbfs_vfsmount->mnt_root;
out_dentry:
dput(dentry);
out_shm_unlock:
- user_shm_unlock(size, current->user);
+ user_shm_unlock(size, current->cred->user);
return ERR_PTR(error);
}
int err;
struct io_context *ioc;
- if (task->uid != current_euid() &&
- task->uid != current_uid() && !capable(CAP_SYS_NICE))
+ if (task->cred->uid != current_euid() &&
+ task->cred->uid != current_uid() && !capable(CAP_SYS_NICE))
return -EPERM;
err = security_task_setioprio(task, ioprio);
break;
case IOPRIO_WHO_USER:
if (!who)
- user = current->user;
+ user = current->cred->user;
else
user = find_user(who);
break;
do_each_thread(g, p) {
- if (p->uid != who)
+ if (p->cred->uid != who)
continue;
ret = set_task_ioprio(p, ioprio);
if (ret)
break;
case IOPRIO_WHO_USER:
if (!who)
- user = current->user;
+ user = current->cred->user;
else
user = find_user(who);
break;
do_each_thread(g, p) {
- if (p->uid != user->uid)
+ if (p->cred->uid != user->uid)
continue;
tmpio = get_task_ioprio(p);
if (tmpio < 0)
int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
{
+ struct cred *act_as = current->cred ;
struct svc_cred cred = rqstp->rq_cred;
int i;
int flags = nfsexp_flags(rqstp, exp);
get_group_info(cred.cr_group_info);
if (cred.cr_uid != (uid_t) -1)
- current->fsuid = cred.cr_uid;
+ act_as->fsuid = cred.cr_uid;
else
- current->fsuid = exp->ex_anon_uid;
+ act_as->fsuid = exp->ex_anon_uid;
if (cred.cr_gid != (gid_t) -1)
- current->fsgid = cred.cr_gid;
+ act_as->fsgid = cred.cr_gid;
else
- current->fsgid = exp->ex_anon_gid;
+ act_as->fsgid = exp->ex_anon_gid;
if (!cred.cr_group_info)
return -ENOMEM;
- ret = set_current_groups(cred.cr_group_info);
+ ret = set_groups(act_as, cred.cr_group_info);
put_group_info(cred.cr_group_info);
if ((cred.cr_uid)) {
- current->cap_effective =
- cap_drop_nfsd_set(current->cap_effective);
+ act_as->cap_effective =
+ cap_drop_nfsd_set(act_as->cap_effective);
} else {
- current->cap_effective =
- cap_raise_nfsd_set(current->cap_effective,
- current->cap_permitted);
+ act_as->cap_effective =
+ cap_raise_nfsd_set(act_as->cap_effective,
+ act_as->cap_permitted);
}
return ret;
}
+
static void
nfs4_save_user(uid_t *saveuid, gid_t *savegid)
{
- *saveuid = current->fsuid;
- *savegid = current->fsgid;
- current->fsuid = 0;
- current->fsgid = 0;
+ *saveuid = current->cred->fsuid;
+ *savegid = current->cred->fsgid;
+ current->cred->fsuid = 0;
+ current->cred->fsgid = 0;
}
static void
nfs4_reset_user(uid_t saveuid, gid_t savegid)
{
- current->fsuid = saveuid;
- current->fsgid = savegid;
+ current->cred->fsuid = saveuid;
+ current->cred->fsgid = savegid;
}
static void
* access control settings being in effect, we cannot
* fix that case easily.
*/
- current->cap_effective =
- cap_raise_nfsd_set(current->cap_effective,
- current->cap_permitted);
+ current->cred->cap_effective =
+ cap_raise_nfsd_set(current->cred->cap_effective,
+ current->cred->cap_permitted);
} else {
error = nfsd_setuser_and_check_port(rqstp, exp);
if (error)
*/
asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
{
+ struct cred *cred = current->cred;
struct path path;
struct inode *inode;
int old_fsuid, old_fsgid;
if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */
return -EINVAL;
- old_fsuid = current->fsuid;
- old_fsgid = current->fsgid;
+ old_fsuid = cred->fsuid;
+ old_fsgid = cred->fsgid;
- current->fsuid = current->uid;
- current->fsgid = current->gid;
+ cred->fsuid = cred->uid;
+ cred->fsgid = cred->gid;
if (!issecure(SECURE_NO_SETUID_FIXUP)) {
/* Clear the capabilities if we switch to a non-root user */
- if (current->uid)
+ if (current->cred->uid)
old_cap = cap_set_effective(__cap_empty_set);
else
- old_cap = cap_set_effective(current->cap_permitted);
+ old_cap = cap_set_effective(cred->cap_permitted);
}
res = user_path_at(dfd, filename, LOOKUP_FOLLOW, &path);
out_path_release:
path_put(&path);
out:
- current->fsuid = old_fsuid;
- current->fsgid = old_fsgid;
+ cred->fsuid = old_fsuid;
+ cred->fsgid = old_fsgid;
if (!issecure(SECURE_NO_SETUID_FIXUP))
cap_set_effective(old_cap);
task_tgid_nr_ns(p, ns),
pid_nr_ns(pid, ns),
ppid, tpid,
- p->uid, p->euid, p->suid, p->fsuid,
- p->gid, p->egid, p->sgid, p->fsgid);
+ p->cred->uid, p->cred->euid, p->cred->suid, p->cred->fsuid,
+ p->cred->gid, p->cred->egid, p->cred->sgid, p->cred->fsgid);
task_lock(p);
if (p->files)
fdt ? fdt->max_fds : 0);
rcu_read_unlock();
- group_info = p->group_info;
+ group_info = p->cred->group_info;
get_group_info(group_info);
task_unlock(p);
blocked = p->blocked;
collect_sigign_sigcatch(p, &ignored, &caught);
num_threads = atomic_read(&p->signal->count);
- qsize = atomic_read(&p->user->sigpending);
+ qsize = atomic_read(&p->cred->user->sigpending);
qlim = p->signal->rlim[RLIMIT_SIGPENDING].rlim_cur;
unlock_task_sighand(p, &flags);
}
static inline void task_cap(struct seq_file *m, struct task_struct *p)
{
- render_cap_t(m, "CapInh:\t", &p->cap_inheritable);
- render_cap_t(m, "CapPrm:\t", &p->cap_permitted);
- render_cap_t(m, "CapEff:\t", &p->cap_effective);
- render_cap_t(m, "CapBnd:\t", &p->cap_bset);
+ struct cred *cred = p->cred;
+
+ render_cap_t(m, "CapInh:\t", &cred->cap_inheritable);
+ render_cap_t(m, "CapPrm:\t", &cred->cap_permitted);
+ render_cap_t(m, "CapEff:\t", &cred->cap_effective);
+ render_cap_t(m, "CapBnd:\t", &cred->cap_bset);
}
static inline void task_context_switch_counts(struct seq_file *m,
inode->i_uid = 0;
inode->i_gid = 0;
if (task_dumpable(task)) {
- inode->i_uid = task->euid;
- inode->i_gid = task->egid;
+ inode->i_uid = task->cred->euid;
+ inode->i_gid = task->cred->egid;
}
security_task_to_inode(task, inode);
if (task) {
if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
task_dumpable(task)) {
- stat->uid = task->euid;
- stat->gid = task->egid;
+ stat->uid = task->cred->euid;
+ stat->gid = task->cred->egid;
}
}
rcu_read_unlock();
if (task) {
if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
task_dumpable(task)) {
- inode->i_uid = task->euid;
- inode->i_gid = task->egid;
+ inode->i_uid = task->cred->euid;
+ inode->i_gid = task->cred->egid;
} else {
inode->i_uid = 0;
inode->i_gid = 0;
rcu_read_unlock();
put_files_struct(files);
if (task_dumpable(task)) {
- inode->i_uid = task->euid;
- inode->i_gid = task->egid;
+ inode->i_uid = task->cred->euid;
+ inode->i_gid = task->cred->egid;
} else {
inode->i_uid = 0;
inode->i_gid = 0;
/*
* Credentials
*/
-typedef struct cred {
- /* EMPTY */
-} cred_t;
+typedef const struct cred cred_t;
-extern struct cred *sys_cred;
+extern cred_t *sys_cred;
/* this is a hack.. (assumes sys_cred is the only cred_t in the system) */
static inline int capable_cred(cred_t *cr, int cid)
#define __XFS_GLOBALS_H__
extern uint64_t xfs_panic_mask; /* set to cause more panics */
-extern struct cred *sys_cred;
+extern cred_t *sys_cred;
#endif /* __XFS_GLOBALS_H__ */
xfs_inode_t **, xfs_daddr_t, uint);
int xfs_iread_extents(struct xfs_trans *, xfs_inode_t *, int);
int xfs_ialloc(struct xfs_trans *, xfs_inode_t *, mode_t,
- xfs_nlink_t, xfs_dev_t, struct cred *, xfs_prid_t,
+ xfs_nlink_t, xfs_dev_t, cred_t *, xfs_prid_t,
int, struct xfs_buf **, boolean_t *, xfs_inode_t **);
void xfs_dinode_from_disk(struct xfs_icdinode *,
struct xfs_dinode_core *);
int xfs_open(struct xfs_inode *ip);
int xfs_setattr(struct xfs_inode *ip, struct iattr *vap, int flags,
- struct cred *credp);
+ cred_t *credp);
#define XFS_ATTR_DMI 0x01 /* invocation from a DMI function */
#define XFS_ATTR_NONBLOCK 0x02 /* return EAGAIN if operation would block */
#define XFS_ATTR_NOLOCK 0x04 /* Don't grab any conflicting locks */
int xfs_lookup(struct xfs_inode *dp, struct xfs_name *name,
struct xfs_inode **ipp, struct xfs_name *ci_name);
int xfs_create(struct xfs_inode *dp, struct xfs_name *name, mode_t mode,
- xfs_dev_t rdev, struct xfs_inode **ipp, struct cred *credp);
+ xfs_dev_t rdev, struct xfs_inode **ipp, cred_t *credp);
int xfs_remove(struct xfs_inode *dp, struct xfs_name *name,
struct xfs_inode *ip);
int xfs_link(struct xfs_inode *tdp, struct xfs_inode *sip,
struct xfs_name *target_name);
int xfs_mkdir(struct xfs_inode *dp, struct xfs_name *dir_name,
- mode_t mode, struct xfs_inode **ipp, struct cred *credp);
+ mode_t mode, struct xfs_inode **ipp, cred_t *credp);
int xfs_readdir(struct xfs_inode *dp, void *dirent, size_t bufsize,
xfs_off_t *offset, filldir_t filldir);
int xfs_symlink(struct xfs_inode *dp, struct xfs_name *link_name,
const char *target_path, mode_t mode, struct xfs_inode **ipp,
- struct cred *credp);
+ cred_t *credp);
int xfs_inode_flush(struct xfs_inode *ip, int flags);
int xfs_set_dmattrs(struct xfs_inode *ip, u_int evmask, u_int16_t state);
int xfs_reclaim(struct xfs_inode *ip);
int xfs_change_file_space(struct xfs_inode *ip, int cmd,
xfs_flock64_t *bf, xfs_off_t offset,
- struct cred *credp, int attr_flags);
+ cred_t *credp, int attr_flags);
int xfs_rename(struct xfs_inode *src_dp, struct xfs_name *src_name,
struct xfs_inode *src_ip, struct xfs_inode *target_dp,
struct xfs_name *target_name, struct xfs_inode *target_ip);
#ifndef _LINUX_CRED_H
#define _LINUX_CRED_H
-#define get_current_user() (get_uid(current->user))
-
-#define task_uid(task) ((task)->uid)
-#define task_gid(task) ((task)->gid)
-#define task_euid(task) ((task)->euid)
-#define task_egid(task) ((task)->egid)
-
-#define current_uid() (current->uid)
-#define current_gid() (current->gid)
-#define current_euid() (current->euid)
-#define current_egid() (current->egid)
-#define current_suid() (current->suid)
-#define current_sgid() (current->sgid)
-#define current_fsuid() (current->fsuid)
-#define current_fsgid() (current->fsgid)
-#define current_cap() (current->cap_effective)
+#include <linux/capability.h>
+#include <linux/key.h>
+#include <asm/atomic.h>
+
+struct user_struct;
+struct cred;
+
+/*
+ * COW Supplementary groups list
+ */
+#define NGROUPS_SMALL 32
+#define NGROUPS_PER_BLOCK ((unsigned int)(PAGE_SIZE / sizeof(gid_t)))
+
+struct group_info {
+ atomic_t usage;
+ int ngroups;
+ int nblocks;
+ gid_t small_block[NGROUPS_SMALL];
+ gid_t *blocks[0];
+};
+
+/**
+ * get_group_info - Get a reference to a group info structure
+ * @group_info: The group info to reference
+ *
+ * This must be called with the owning task locked (via task_lock()) when task
+ * != current. The reason being that the vast majority of callers are looking
+ * at current->group_info, which can not be changed except by the current task.
+ * Changing current->group_info requires the task lock, too.
+ */
+#define get_group_info(group_info) \
+do { \
+ atomic_inc(&(group_info)->usage); \
+} while (0)
+
+/**
+ * put_group_info - Release a reference to a group info structure
+ * @group_info: The group info to release
+ */
+#define put_group_info(group_info) \
+do { \
+ if (atomic_dec_and_test(&(group_info)->usage)) \
+ groups_free(group_info); \
+} while (0)
+
+extern struct group_info *groups_alloc(int);
+extern void groups_free(struct group_info *);
+extern int set_current_groups(struct group_info *);
+extern int set_groups(struct cred *, struct group_info *);
+extern int groups_search(struct group_info *, gid_t);
+
+/* access the groups "array" with this macro */
+#define GROUP_AT(gi, i) \
+ ((gi)->blocks[(i) / NGROUPS_PER_BLOCK][(i) % NGROUPS_PER_BLOCK])
+
+extern int in_group_p(gid_t);
+extern int in_egroup_p(gid_t);
+
+/*
+ * The security context of a task
+ *
+ * The parts of the context break down into two categories:
+ *
+ * (1) The objective context of a task. These parts are used when some other
+ * task is attempting to affect this one.
+ *
+ * (2) The subjective context. These details are used when the task is acting
+ * upon another object, be that a file, a task, a key or whatever.
+ *
+ * Note that some members of this structure belong to both categories - the
+ * LSM security pointer for instance.
+ *
+ * A task has two security pointers. task->real_cred points to the objective
+ * context that defines that task's actual details. The objective part of this
+ * context is used whenever that task is acted upon.
+ *
+ * task->cred points to the subjective context that defines the details of how
+ * that task is going to act upon another object. This may be overridden
+ * temporarily to point to another security context, but normally points to the
+ * same context as task->real_cred.
+ */
+struct cred {
+ atomic_t usage;
+ uid_t uid; /* real UID of the task */
+ gid_t gid; /* real GID of the task */
+ uid_t suid; /* saved UID of the task */
+ gid_t sgid; /* saved GID of the task */
+ uid_t euid; /* effective UID of the task */
+ gid_t egid; /* effective GID of the task */
+ uid_t fsuid; /* UID for VFS ops */
+ gid_t fsgid; /* GID for VFS ops */
+ unsigned securebits; /* SUID-less security management */
+ kernel_cap_t cap_inheritable; /* caps our children can inherit */
+ kernel_cap_t cap_permitted; /* caps we're permitted */
+ kernel_cap_t cap_effective; /* caps we can actually use */
+ kernel_cap_t cap_bset; /* capability bounding set */
+#ifdef CONFIG_KEYS
+ unsigned char jit_keyring; /* default keyring to attach requested
+ * keys to */
+ struct key *thread_keyring; /* keyring private to this thread */
+ struct key *request_key_auth; /* assumed request_key authority */
+#endif
+#ifdef CONFIG_SECURITY
+ void *security; /* subjective LSM security */
+#endif
+ struct user_struct *user; /* real user ID subscription */
+ struct group_info *group_info; /* supplementary groups for euid/fsgid */
+ struct rcu_head rcu; /* RCU deletion hook */
+ spinlock_t lock; /* lock for pointer changes */
+};
+
+#define get_current_user() (get_uid(current->cred->user))
+
+#define task_uid(task) ((task)->cred->uid)
+#define task_gid(task) ((task)->cred->gid)
+#define task_euid(task) ((task)->cred->euid)
+#define task_egid(task) ((task)->cred->egid)
+
+#define current_uid() (current->cred->uid)
+#define current_gid() (current->cred->gid)
+#define current_euid() (current->cred->euid)
+#define current_egid() (current->cred->egid)
+#define current_suid() (current->cred->suid)
+#define current_sgid() (current->cred->sgid)
+#define current_fsuid() (current->cred->fsuid)
+#define current_fsgid() (current->cred->fsgid)
+#define current_cap() (current->cred->cap_effective)
#define current_uid_gid(_uid, _gid) \
do { \
- *(_uid) = current->uid; \
- *(_gid) = current->gid; \
+ *(_uid) = current->cred->uid; \
+ *(_gid) = current->cred->gid; \
} while(0)
#define current_euid_egid(_uid, _gid) \
do { \
- *(_uid) = current->euid; \
- *(_gid) = current->egid; \
+ *(_uid) = current->cred->euid; \
+ *(_gid) = current->cred->egid; \
} while(0)
#define current_fsuid_fsgid(_uid, _gid) \
do { \
- *(_uid) = current->fsuid; \
- *(_gid) = current->fsgid; \
+ *(_uid) = current->cred->fsuid; \
+ *(_gid) = current->cred->fsgid; \
} while(0)
#endif /* _LINUX_CRED_H */
# define CAP_INIT_BSET CAP_INIT_EFF_SET
#endif
+extern struct cred init_cred;
+
+#define INIT_CRED(p) \
+{ \
+ .usage = ATOMIC_INIT(3), \
+ .securebits = SECUREBITS_DEFAULT, \
+ .cap_inheritable = CAP_INIT_INH_SET, \
+ .cap_permitted = CAP_FULL_SET, \
+ .cap_effective = CAP_INIT_EFF_SET, \
+ .cap_bset = CAP_INIT_BSET, \
+ .user = INIT_USER, \
+ .group_info = &init_groups, \
+ .lock = __SPIN_LOCK_UNLOCKED(p.lock), \
+}
+
/*
* INIT_TASK is used to set up the first task table, touch at
* your own risk!. Base=0, limit=0x1fffff (=2MB)
.children = LIST_HEAD_INIT(tsk.children), \
.sibling = LIST_HEAD_INIT(tsk.sibling), \
.group_leader = &tsk, \
- .group_info = &init_groups, \
- .cap_effective = CAP_INIT_EFF_SET, \
- .cap_inheritable = CAP_INIT_INH_SET, \
- .cap_permitted = CAP_FULL_SET, \
- .cap_bset = CAP_INIT_BSET, \
- .securebits = SECUREBITS_DEFAULT, \
- .user = INIT_USER, \
+ .__temp_cred = INIT_CRED(tsk.__temp_cred), \
+ .cred = &tsk.__temp_cred, \
.comm = "swapper", \
.thread = INIT_THREAD, \
.fs = &init_fs, \
extern struct user_struct root_user;
#define INIT_USER (&root_user)
+
struct backing_dev_info;
struct reclaim_state;
#endif /* !CONFIG_SMP */
struct io_context; /* See blkdev.h */
-#define NGROUPS_SMALL 32
-#define NGROUPS_PER_BLOCK ((unsigned int)(PAGE_SIZE / sizeof(gid_t)))
-struct group_info {
- int ngroups;
- atomic_t usage;
- gid_t small_block[NGROUPS_SMALL];
- int nblocks;
- gid_t *blocks[0];
-};
-
-/*
- * get_group_info() must be called with the owning task locked (via task_lock())
- * when task != current. The reason being that the vast majority of callers are
- * looking at current->group_info, which can not be changed except by the
- * current task. Changing current->group_info requires the task lock, too.
- */
-#define get_group_info(group_info) do { \
- atomic_inc(&(group_info)->usage); \
-} while (0)
-#define put_group_info(group_info) do { \
- if (atomic_dec_and_test(&(group_info)->usage)) \
- groups_free(group_info); \
-} while (0)
-
-extern struct group_info *groups_alloc(int gidsetsize);
-extern void groups_free(struct group_info *group_info);
-extern int set_current_groups(struct group_info *group_info);
-extern int groups_search(struct group_info *group_info, gid_t grp);
-/* access the groups "array" with this macro */
-#define GROUP_AT(gi, i) \
- ((gi)->blocks[(i)/NGROUPS_PER_BLOCK][(i)%NGROUPS_PER_BLOCK])
#ifdef ARCH_HAS_PREFETCH_SWITCH_STACK
extern void prefetch_stack(struct task_struct *t);
struct list_head cpu_timers[3];
/* process credentials */
- uid_t uid,euid,suid,fsuid;
- gid_t gid,egid,sgid,fsgid;
- struct group_info *group_info;
- kernel_cap_t cap_effective, cap_inheritable, cap_permitted, cap_bset;
- struct user_struct *user;
- unsigned securebits;
-#ifdef CONFIG_KEYS
- unsigned char jit_keyring; /* default keyring to attach requested keys to */
- struct key *request_key_auth; /* assumed request_key authority */
- struct key *thread_keyring; /* keyring private to this thread */
-#endif
+ struct cred __temp_cred __deprecated; /* temporary credentials to be removed */
+ struct cred *cred; /* actual/objective task credentials */
+
char comm[TASK_COMM_LEN]; /* executable name excluding path
- access with [gs]et_task_comm (which lock
it with task_lock())
int (*notifier)(void *priv);
void *notifier_data;
sigset_t *notifier_mask;
-#ifdef CONFIG_SECURITY
- void *security;
-#endif
struct audit_context *audit_context;
#ifdef CONFIG_AUDITSYSCALL
uid_t loginuid;
extern void sched_fork(struct task_struct *p, int clone_flags);
extern void sched_dead(struct task_struct *p);
-extern int in_group_p(gid_t);
-extern int in_egroup_p(gid_t);
-
extern void proc_caches_init(void);
extern void flush_signals(struct task_struct *);
extern void ignore_signals(struct task_struct *);
setting is locked or not. A setting which is locked cannot be
changed from user-level. */
#define issecure_mask(X) (1 << (X))
-#define issecure(X) (issecure_mask(X) & current->securebits)
+#define issecure(X) (issecure_mask(X) & current->cred->securebits)
#define SECURE_ALL_BITS (issecure_mask(SECURE_NOROOT) | \
issecure_mask(SECURE_NO_SETUID_FIXUP) | \
if (S_ISREG(mode)) {
struct mqueue_inode_info *info;
struct task_struct *p = current;
- struct user_struct *u = p->user;
+ struct user_struct *u = p->cred->user;
unsigned long mq_bytes, mq_msg_tblsz;
inode->i_fop = &mqueue_file_operations;
if (shmflg & SHM_HUGETLB) {
/* hugetlb_file_setup takes care of mlock user accounting */
file = hugetlb_file_setup(name, size);
- shp->mlock_user = current->user;
+ shp->mlock_user = current->cred->user;
} else {
int acctflag = VM_ACCOUNT;
/*
goto out_unlock;
if(cmd==SHM_LOCK) {
- struct user_struct * user = current->user;
+ struct user_struct *user = current->cred->user;
if (!is_file_hugepages(shp->shm_file)) {
err = shmem_lock(shp->shm_file, 1, user);
if (!err && !(shp->shm_perm.mode & SHM_LOCKED)){
struct audit_names *name,
enum audit_state *state)
{
+ struct cred *cred = tsk->cred;
int i, j, need_sid = 1;
u32 sid;
}
break;
case AUDIT_UID:
- result = audit_comparator(tsk->uid, f->op, f->val);
+ result = audit_comparator(cred->uid, f->op, f->val);
break;
case AUDIT_EUID:
- result = audit_comparator(tsk->euid, f->op, f->val);
+ result = audit_comparator(cred->euid, f->op, f->val);
break;
case AUDIT_SUID:
- result = audit_comparator(tsk->suid, f->op, f->val);
+ result = audit_comparator(cred->suid, f->op, f->val);
break;
case AUDIT_FSUID:
- result = audit_comparator(tsk->fsuid, f->op, f->val);
+ result = audit_comparator(cred->fsuid, f->op, f->val);
break;
case AUDIT_GID:
- result = audit_comparator(tsk->gid, f->op, f->val);
+ result = audit_comparator(cred->gid, f->op, f->val);
break;
case AUDIT_EGID:
- result = audit_comparator(tsk->egid, f->op, f->val);
+ result = audit_comparator(cred->egid, f->op, f->val);
break;
case AUDIT_SGID:
- result = audit_comparator(tsk->sgid, f->op, f->val);
+ result = audit_comparator(cred->sgid, f->op, f->val);
break;
case AUDIT_FSGID:
- result = audit_comparator(tsk->fsgid, f->op, f->val);
+ result = audit_comparator(cred->fsgid, f->op, f->val);
break;
case AUDIT_PERS:
result = audit_comparator(tsk->personality, f->op, f->val);
static void audit_log_exit(struct audit_context *context, struct task_struct *tsk)
{
+ struct cred *cred = tsk->cred;
int i, call_panic = 0;
struct audit_buffer *ab;
struct audit_aux_data *aux;
context->pid = tsk->pid;
if (!context->ppid)
context->ppid = sys_getppid();
- context->uid = tsk->uid;
- context->gid = tsk->gid;
- context->euid = tsk->euid;
- context->suid = tsk->suid;
- context->fsuid = tsk->fsuid;
- context->egid = tsk->egid;
- context->sgid = tsk->sgid;
- context->fsgid = tsk->fsgid;
+ context->uid = cred->uid;
+ context->gid = cred->gid;
+ context->euid = cred->euid;
+ context->suid = cred->suid;
+ context->fsuid = cred->fsuid;
+ context->egid = cred->egid;
+ context->sgid = cred->sgid;
+ context->fsgid = cred->fsgid;
context->personality = tsk->personality;
ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL);
audit_log_format(ab, "login pid=%d uid=%u "
"old auid=%u new auid=%u"
" old ses=%u new ses=%u",
- task->pid, task->uid,
+ task->pid, task->cred->uid,
task->loginuid, loginuid,
task->sessionid, sessionid);
audit_log_end(ab);
context->target_pid = t->pid;
context->target_auid = audit_get_loginuid(t);
- context->target_uid = t->uid;
+ context->target_uid = t->cred->uid;
context->target_sessionid = audit_get_sessionid(t);
security_task_getsecid(t, &context->target_sid);
memcpy(context->target_comm, t->comm, TASK_COMM_LEN);
if (tsk->loginuid != -1)
audit_sig_uid = tsk->loginuid;
else
- audit_sig_uid = tsk->uid;
+ audit_sig_uid = tsk->cred->uid;
security_task_getsecid(tsk, &audit_sig_sid);
}
if (!audit_signals || audit_dummy_context())
if (!ctx->target_pid) {
ctx->target_pid = t->tgid;
ctx->target_auid = audit_get_loginuid(t);
- ctx->target_uid = t->uid;
+ ctx->target_uid = t->cred->uid;
ctx->target_sessionid = audit_get_sessionid(t);
security_task_getsecid(t, &ctx->target_sid);
memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN);
axp->target_pid[axp->pid_count] = t->tgid;
axp->target_auid[axp->pid_count] = audit_get_loginuid(t);
- axp->target_uid[axp->pid_count] = t->uid;
+ axp->target_uid[axp->pid_count] = t->cred->uid;
axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t);
security_task_getsecid(t, &axp->target_sid[axp->pid_count]);
memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN);
ax->fcap_ver = (vcaps.magic_etc & VFS_CAP_REVISION_MASK) >> VFS_CAP_REVISION_SHIFT;
ax->old_pcap.permitted = *pP;
- ax->old_pcap.inheritable = current->cap_inheritable;
+ ax->old_pcap.inheritable = current->cred->cap_inheritable;
ax->old_pcap.effective = *pE;
- ax->new_pcap.permitted = current->cap_permitted;
- ax->new_pcap.inheritable = current->cap_inheritable;
- ax->new_pcap.effective = current->cap_effective;
+ ax->new_pcap.permitted = current->cred->cap_permitted;
+ ax->new_pcap.inheritable = current->cred->cap_inheritable;
+ ax->new_pcap.effective = current->cred->cap_effective;
}
/**
spin_lock(&task_capability_lock);
- pE_old = current->cap_effective;
- current->cap_effective = pE_new;
+ pE_old = current->cred->cap_effective;
+ current->cred->cap_effective = pE_new;
spin_unlock(&task_capability_lock);
rcu_read_unlock();
euid = current_euid();
- if (euid && euid != tsk->uid && euid != tsk->suid) {
+ if (euid &&
+ euid != tsk->cred->uid &&
+ euid != tsk->cred->suid) {
put_task_struct(tsk);
return -EACCES;
}
int zap_leader;
repeat:
tracehook_prepare_release_task(p);
- atomic_dec(&p->user->processes);
+ atomic_dec(&p->cred->user->processes);
proc_flush_task(p);
write_lock_irq(&tasklist_lock);
tracehook_finish_release_task(p);
return 0;
if (unlikely(options & WNOWAIT)) {
- uid_t uid = p->uid;
+ uid_t uid = p->cred->uid;
int exit_code = p->exit_code;
int why, status;
if (!retval && infop)
retval = put_user(pid, &infop->si_pid);
if (!retval && infop)
- retval = put_user(p->uid, &infop->si_uid);
+ retval = put_user(p->cred->uid, &infop->si_uid);
if (!retval)
retval = pid;
if (!unlikely(options & WNOWAIT))
p->exit_code = 0;
- uid = p->uid;
+ uid = p->cred->uid;
unlock_sig:
spin_unlock_irq(&p->sighand->siglock);
if (!exit_code)
spin_unlock_irq(&p->sighand->siglock);
pid = task_pid_vnr(p);
- uid = p->uid;
+ uid = p->cred->uid;
get_task_struct(p);
read_unlock(&tasklist_lock);
WARN_ON(tsk == current);
security_task_free(tsk);
- free_uid(tsk->user);
- put_group_info(tsk->group_info);
+ free_uid(tsk->__temp_cred.user);
+ put_group_info(tsk->__temp_cred.group_info);
delayacct_tsk_free(tsk);
if (!profile_handoff_task(tsk))
DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled);
DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
#endif
+ p->cred = &p->__temp_cred;
retval = -EAGAIN;
- if (atomic_read(&p->user->processes) >=
+ if (atomic_read(&p->cred->user->processes) >=
p->signal->rlim[RLIMIT_NPROC].rlim_cur) {
if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) &&
- p->user != current->nsproxy->user_ns->root_user)
+ p->cred->user != current->nsproxy->user_ns->root_user)
goto bad_fork_free;
}
- atomic_inc(&p->user->__count);
- atomic_inc(&p->user->processes);
- get_group_info(p->group_info);
+ atomic_inc(&p->cred->user->__count);
+ atomic_inc(&p->cred->user->processes);
+ get_group_info(p->cred->group_info);
/*
* If multiple threads are within copy_process(), then this check
p->real_start_time = p->start_time;
monotonic_to_bootbased(&p->real_start_time);
#ifdef CONFIG_SECURITY
- p->security = NULL;
+ p->cred->security = NULL;
#endif
- p->cap_bset = current->cap_bset;
p->io_context = NULL;
p->audit_context = NULL;
cgroup_fork(p);
bad_fork_cleanup_put_domain:
module_put(task_thread_info(p)->exec_domain->module);
bad_fork_cleanup_count:
- put_group_info(p->group_info);
- atomic_dec(&p->user->processes);
- free_uid(p->user);
+ put_group_info(p->cred->group_info);
+ atomic_dec(&p->cred->user->processes);
+ free_uid(p->cred->user);
bad_fork_free:
free_task(p);
fork_out:
rcu_read_lock();
p = find_task_by_vpid(pid);
- if (!p || (euid != p->euid && euid != p->uid))
+ if (!p || (euid != p->cred->euid &&
+ euid != p->cred->uid))
p = ERR_PTR(-ESRCH);
else
get_task_struct(p);
if (!p)
goto err_unlock;
ret = -EPERM;
- if (euid != p->euid && euid != p->uid &&
+ if (euid != p->cred->euid &&
+ euid != p->cred->uid &&
!capable(CAP_SYS_PTRACE))
goto err_unlock;
head = p->robust_list;
if (!p)
goto err_unlock;
ret = -EPERM;
- if (euid != p->euid && euid != p->uid &&
- !capable(CAP_SYS_PTRACE))
+ if (euid != p->cred->euid &&
+ euid != p->cred->uid &&
+ !capable(CAP_SYS_PTRACE))
goto err_unlock;
head = p->compat_robust_list;
read_unlock(&tasklist_lock);
int __ptrace_may_access(struct task_struct *task, unsigned int mode)
{
+ struct cred *cred = current->cred, *tcred = task->cred;
+
/* May we inspect the given task?
* This check is used both for attaching with ptrace
* and for allowing access to sensitive information in /proc.
* because setting up the necessary parent/child relationship
* or halting the specified task is impossible.
*/
- uid_t uid;
- gid_t gid;
+ uid_t uid = cred->uid;
+ gid_t gid = cred->gid;
int dumpable = 0;
/* Don't let security modules deny introspection */
if (task == current)
return 0;
- current_uid_gid(&uid, &gid);
- if ((uid != task->euid ||
- uid != task->suid ||
- uid != task->uid ||
- gid != task->egid ||
- gid != task->sgid ||
- gid != task->gid) && !capable(CAP_SYS_PTRACE))
+ if ((uid != tcred->euid ||
+ uid != tcred->suid ||
+ uid != tcred->uid ||
+ gid != tcred->egid ||
+ gid != tcred->sgid ||
+ gid != tcred->gid) && !capable(CAP_SYS_PTRACE))
return -EPERM;
smp_rmb();
if (task->mm)
struct task_group *tg;
#ifdef CONFIG_USER_SCHED
- tg = p->user->tg;
+ tg = p->cred->user->tg;
#elif defined(CONFIG_CGROUP_SCHED)
tg = container_of(task_subsys_state(p, cpu_cgroup_subsys_id),
struct task_group, css);
/* can't change other user's priorities */
euid = current_euid();
- if (euid != p->euid &&
- euid != p->uid)
+ if (euid != p->cred->euid &&
+ euid != p->cred->uid)
return -EPERM;
}
euid = current_euid();
retval = -EPERM;
- if (euid != p->euid && euid != p->uid && !capable(CAP_SYS_NICE))
+ if (euid != p->cred->euid &&
+ euid != p->cred->uid &&
+ !capable(CAP_SYS_NICE))
goto out_unlock;
retval = security_task_setscheduler(p, 0, NULL);
* In order to avoid problems with "switch_user()", we want to make
* sure that the compiler doesn't re-load "t->user"
*/
- user = t->user;
+ user = t->cred->user;
barrier();
atomic_inc(&user->sigpending);
if (override_rlimit ||
uid = current_uid();
euid = current_euid();
- if ((euid ^ t->suid) && (euid ^ t->uid) &&
- (uid ^ t->suid) && (uid ^ t->uid) &&
+ if ((euid ^ t->cred->suid) && (euid ^ t->cred->uid) &&
+ (uid ^ t->cred->suid) && (uid ^ t->cred->uid) &&
!capable(CAP_KILL)) {
switch (sig) {
case SIGCONT:
goto out_unlock;
}
if ((info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info)))
- && (euid != p->suid) && (euid != p->uid)
- && (uid != p->suid) && (uid != p->uid)) {
+ && (euid != p->cred->suid) && (euid != p->cred->uid)
+ && (uid != p->cred->suid) && (uid != p->cred->uid)) {
ret = -EPERM;
goto out_unlock;
}
info.si_pid = task_pid_nr_ns(tsk, tsk->parent->nsproxy->pid_ns);
rcu_read_unlock();
- info.si_uid = tsk->uid;
+ info.si_uid = tsk->cred->uid;
thread_group_cputime(tsk, &cputime);
info.si_utime = cputime_to_jiffies(cputime.utime);
info.si_pid = task_pid_nr_ns(tsk, tsk->parent->nsproxy->pid_ns);
rcu_read_unlock();
- info.si_uid = tsk->uid;
+ info.si_uid = tsk->cred->uid;
info.si_utime = cputime_to_clock_t(tsk->utime);
info.si_stime = cputime_to_clock_t(tsk->stime);
info->si_errno = 0;
info->si_code = SI_USER;
info->si_pid = task_pid_vnr(current->parent);
- info->si_uid = current->parent->uid;
+ info->si_uid = current->parent->cred->uid;
}
/* If the (new) signal is now blocked, requeue it. */
uid_t euid = current_euid();
int no_nice;
- if (p->uid != euid && p->euid != euid && !capable(CAP_SYS_NICE)) {
+ if (p->cred->uid != euid &&
+ p->cred->euid != euid &&
+ !capable(CAP_SYS_NICE)) {
error = -EPERM;
goto out;
}
} while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
break;
case PRIO_USER:
- user = current->user;
+ user = current->cred->user;
if (!who)
who = current_uid();
else
goto out_unlock; /* No processes for this user */
do_each_thread(g, p)
- if (p->uid == who)
+ if (p->cred->uid == who)
error = set_one_prio(p, niceval, error);
while_each_thread(g, p);
if (who != current_uid())
} while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
break;
case PRIO_USER:
- user = current->user;
+ user = current->cred->user;
if (!who)
who = current_uid();
else
goto out_unlock; /* No processes for this user */
do_each_thread(g, p)
- if (p->uid == who) {
+ if (p->cred->uid == who) {
niceval = 20 - task_nice(p);
if (niceval > retval)
retval = niceval;
*/
asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
{
- int old_rgid = current->gid;
- int old_egid = current->egid;
+ struct cred *cred = current->cred;
+ int old_rgid = cred->gid;
+ int old_egid = cred->egid;
int new_rgid = old_rgid;
int new_egid = old_egid;
int retval;
if (rgid != (gid_t) -1) {
if ((old_rgid == rgid) ||
- (current->egid==rgid) ||
+ (cred->egid == rgid) ||
capable(CAP_SETGID))
new_rgid = rgid;
else
}
if (egid != (gid_t) -1) {
if ((old_rgid == egid) ||
- (current->egid == egid) ||
- (current->sgid == egid) ||
+ (cred->egid == egid) ||
+ (cred->sgid == egid) ||
capable(CAP_SETGID))
new_egid = egid;
else
}
if (rgid != (gid_t) -1 ||
(egid != (gid_t) -1 && egid != old_rgid))
- current->sgid = new_egid;
- current->fsgid = new_egid;
- current->egid = new_egid;
- current->gid = new_rgid;
+ cred->sgid = new_egid;
+ cred->fsgid = new_egid;
+ cred->egid = new_egid;
+ cred->gid = new_rgid;
key_fsgid_changed(current);
proc_id_connector(current, PROC_EVENT_GID);
return 0;
*/
asmlinkage long sys_setgid(gid_t gid)
{
- int old_egid = current->egid;
+ struct cred *cred = current->cred;
+ int old_egid = cred->egid;
int retval;
retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->gid = current->egid = current->sgid = current->fsgid = gid;
- } else if ((gid == current->gid) || (gid == current->sgid)) {
+ cred->gid = cred->egid = cred->sgid = cred->fsgid = gid;
+ } else if ((gid == cred->gid) || (gid == cred->sgid)) {
if (old_egid != gid) {
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->egid = current->fsgid = gid;
+ cred->egid = cred->fsgid = gid;
}
else
return -EPERM;
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->uid = new_ruid;
+ current->cred->uid = new_ruid;
return 0;
}
*/
asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
{
+ struct cred *cred = current->cred;
int old_ruid, old_euid, old_suid, new_ruid, new_euid;
int retval;
if (retval)
return retval;
- new_ruid = old_ruid = current->uid;
- new_euid = old_euid = current->euid;
- old_suid = current->suid;
+ new_ruid = old_ruid = cred->uid;
+ new_euid = old_euid = cred->euid;
+ old_suid = cred->suid;
if (ruid != (uid_t) -1) {
new_ruid = ruid;
if ((old_ruid != ruid) &&
- (current->euid != ruid) &&
+ (cred->euid != ruid) &&
!capable(CAP_SETUID))
return -EPERM;
}
if (euid != (uid_t) -1) {
new_euid = euid;
if ((old_ruid != euid) &&
- (current->euid != euid) &&
- (current->suid != euid) &&
+ (cred->euid != euid) &&
+ (cred->suid != euid) &&
!capable(CAP_SETUID))
return -EPERM;
}
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->fsuid = current->euid = new_euid;
+ cred->fsuid = cred->euid = new_euid;
if (ruid != (uid_t) -1 ||
(euid != (uid_t) -1 && euid != old_ruid))
- current->suid = current->euid;
- current->fsuid = current->euid;
+ cred->suid = cred->euid;
+ cred->fsuid = cred->euid;
key_fsuid_changed(current);
proc_id_connector(current, PROC_EVENT_UID);
*/
asmlinkage long sys_setuid(uid_t uid)
{
- int old_euid = current->euid;
+ struct cred *cred = current->cred;
+ int old_euid = cred->euid;
int old_ruid, old_suid, new_suid;
int retval;
if (retval)
return retval;
- old_ruid = current->uid;
- old_suid = current->suid;
+ old_ruid = cred->uid;
+ old_suid = cred->suid;
new_suid = old_suid;
if (capable(CAP_SETUID)) {
if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
return -EAGAIN;
new_suid = uid;
- } else if ((uid != current->uid) && (uid != new_suid))
+ } else if ((uid != cred->uid) && (uid != new_suid))
return -EPERM;
if (old_euid != uid) {
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->fsuid = current->euid = uid;
- current->suid = new_suid;
+ cred->fsuid = cred->euid = uid;
+ cred->suid = new_suid;
key_fsuid_changed(current);
proc_id_connector(current, PROC_EVENT_UID);
*/
asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
{
- int old_ruid = current->uid;
- int old_euid = current->euid;
- int old_suid = current->suid;
+ struct cred *cred = current->cred;
+ int old_ruid = cred->uid;
+ int old_euid = cred->euid;
+ int old_suid = cred->suid;
int retval;
retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
return retval;
if (!capable(CAP_SETUID)) {
- if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
- (ruid != current->euid) && (ruid != current->suid))
+ if ((ruid != (uid_t) -1) && (ruid != cred->uid) &&
+ (ruid != cred->euid) && (ruid != cred->suid))
return -EPERM;
- if ((euid != (uid_t) -1) && (euid != current->uid) &&
- (euid != current->euid) && (euid != current->suid))
+ if ((euid != (uid_t) -1) && (euid != cred->uid) &&
+ (euid != cred->euid) && (euid != cred->suid))
return -EPERM;
- if ((suid != (uid_t) -1) && (suid != current->uid) &&
- (suid != current->euid) && (suid != current->suid))
+ if ((suid != (uid_t) -1) && (suid != cred->uid) &&
+ (suid != cred->euid) && (suid != cred->suid))
return -EPERM;
}
if (ruid != (uid_t) -1) {
- if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
+ if (ruid != cred->uid &&
+ set_user(ruid, euid != cred->euid) < 0)
return -EAGAIN;
}
if (euid != (uid_t) -1) {
- if (euid != current->euid) {
+ if (euid != cred->euid) {
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->euid = euid;
+ cred->euid = euid;
}
- current->fsuid = current->euid;
+ cred->fsuid = cred->euid;
if (suid != (uid_t) -1)
- current->suid = suid;
+ cred->suid = suid;
key_fsuid_changed(current);
proc_id_connector(current, PROC_EVENT_UID);
asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
{
+ struct cred *cred = current->cred;
int retval;
- if (!(retval = put_user(current->uid, ruid)) &&
- !(retval = put_user(current->euid, euid)))
- retval = put_user(current->suid, suid);
+ if (!(retval = put_user(cred->uid, ruid)) &&
+ !(retval = put_user(cred->euid, euid)))
+ retval = put_user(cred->suid, suid);
return retval;
}
*/
asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
{
+ struct cred *cred = current->cred;
int retval;
retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
return retval;
if (!capable(CAP_SETGID)) {
- if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
- (rgid != current->egid) && (rgid != current->sgid))
+ if ((rgid != (gid_t) -1) && (rgid != cred->gid) &&
+ (rgid != cred->egid) && (rgid != cred->sgid))
return -EPERM;
- if ((egid != (gid_t) -1) && (egid != current->gid) &&
- (egid != current->egid) && (egid != current->sgid))
+ if ((egid != (gid_t) -1) && (egid != cred->gid) &&
+ (egid != cred->egid) && (egid != cred->sgid))
return -EPERM;
- if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
- (sgid != current->egid) && (sgid != current->sgid))
+ if ((sgid != (gid_t) -1) && (sgid != cred->gid) &&
+ (sgid != cred->egid) && (sgid != cred->sgid))
return -EPERM;
}
if (egid != (gid_t) -1) {
- if (egid != current->egid) {
+ if (egid != cred->egid) {
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->egid = egid;
+ cred->egid = egid;
}
- current->fsgid = current->egid;
+ cred->fsgid = cred->egid;
if (rgid != (gid_t) -1)
- current->gid = rgid;
+ cred->gid = rgid;
if (sgid != (gid_t) -1)
- current->sgid = sgid;
+ cred->sgid = sgid;
key_fsgid_changed(current);
proc_id_connector(current, PROC_EVENT_GID);
asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
{
+ struct cred *cred = current->cred;
int retval;
- if (!(retval = put_user(current->gid, rgid)) &&
- !(retval = put_user(current->egid, egid)))
- retval = put_user(current->sgid, sgid);
+ if (!(retval = put_user(cred->gid, rgid)) &&
+ !(retval = put_user(cred->egid, egid)))
+ retval = put_user(cred->sgid, sgid);
return retval;
}
*/
asmlinkage long sys_setfsuid(uid_t uid)
{
+ struct cred *cred = current->cred;
int old_fsuid;
- old_fsuid = current->fsuid;
+ old_fsuid = cred->fsuid;
if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
return old_fsuid;
- if (uid == current->uid || uid == current->euid ||
- uid == current->suid || uid == current->fsuid ||
+ if (uid == cred->uid || uid == cred->euid ||
+ uid == cred->suid || uid == cred->fsuid ||
capable(CAP_SETUID)) {
if (uid != old_fsuid) {
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->fsuid = uid;
+ cred->fsuid = uid;
}
key_fsuid_changed(current);
*/
asmlinkage long sys_setfsgid(gid_t gid)
{
+ struct cred *cred = current->cred;
int old_fsgid;
- old_fsgid = current->fsgid;
+ old_fsgid = cred->fsgid;
if (security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS))
return old_fsgid;
- if (gid == current->gid || gid == current->egid ||
- gid == current->sgid || gid == current->fsgid ||
+ if (gid == cred->gid || gid == cred->egid ||
+ gid == cred->sgid || gid == cred->fsgid ||
capable(CAP_SETGID)) {
if (gid != old_fsgid) {
set_dumpable(current->mm, suid_dumpable);
smp_wmb();
}
- current->fsgid = gid;
+ cred->fsgid = gid;
key_fsgid_changed(current);
proc_id_connector(current, PROC_EVENT_GID);
}
return 0;
}
-/* validate and set current->group_info */
-int set_current_groups(struct group_info *group_info)
+/**
+ * set_groups - Change a group subscription in a security record
+ * @sec: The security record to alter
+ * @group_info: The group list to impose
+ *
+ * Validate a group subscription and, if valid, impose it upon a task security
+ * record.
+ */
+int set_groups(struct cred *cred, struct group_info *group_info)
{
int retval;
struct group_info *old_info;
groups_sort(group_info);
get_group_info(group_info);
- task_lock(current);
- old_info = current->group_info;
- current->group_info = group_info;
- task_unlock(current);
+ spin_lock(&cred->lock);
+ old_info = cred->group_info;
+ cred->group_info = group_info;
+ spin_unlock(&cred->lock);
put_group_info(old_info);
-
return 0;
}
+EXPORT_SYMBOL(set_groups);
+
+/**
+ * set_current_groups - Change current's group subscription
+ * @group_info: The group list to impose
+ *
+ * Validate a group subscription and, if valid, impose it upon current's task
+ * security record.
+ */
+int set_current_groups(struct group_info *group_info)
+{
+ return set_groups(current->cred, group_info);
+}
+
EXPORT_SYMBOL(set_current_groups);
asmlinkage long sys_getgroups(int gidsetsize, gid_t __user *grouplist)
{
+ struct cred *cred = current->cred;
int i = 0;
/*
return -EINVAL;
/* no need to grab task_lock here; it cannot change */
- i = current->group_info->ngroups;
+ i = cred->group_info->ngroups;
if (gidsetsize) {
if (i > gidsetsize) {
i = -EINVAL;
goto out;
}
- if (groups_to_user(grouplist, current->group_info)) {
+ if (groups_to_user(grouplist, cred->group_info)) {
i = -EFAULT;
goto out;
}
*/
int in_group_p(gid_t grp)
{
+ struct cred *cred = current->cred;
int retval = 1;
- if (grp != current->fsgid)
- retval = groups_search(current->group_info, grp);
+ if (grp != cred->fsgid)
+ retval = groups_search(cred->group_info, grp);
return retval;
}
int in_egroup_p(gid_t grp)
{
+ struct cred *cred = current->cred;
int retval = 1;
- if (grp != current->egid)
- retval = groups_search(current->group_info, grp);
+ if (grp != cred->egid)
+ retval = groups_search(cred->group_info, grp);
return retval;
}
asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5)
{
- long error = 0;
+ struct task_struct *me = current;
+ unsigned char comm[sizeof(me->comm)];
+ long error;
if (security_task_prctl(option, arg2, arg3, arg4, arg5, &error))
return error;
error = -EINVAL;
break;
}
- current->pdeath_signal = arg2;
+ me->pdeath_signal = arg2;
+ error = 0;
break;
case PR_GET_PDEATHSIG:
- error = put_user(current->pdeath_signal, (int __user *)arg2);
+ error = put_user(me->pdeath_signal, (int __user *)arg2);
break;
case PR_GET_DUMPABLE:
- error = get_dumpable(current->mm);
+ error = get_dumpable(me->mm);
break;
case PR_SET_DUMPABLE:
if (arg2 < 0 || arg2 > 1) {
error = -EINVAL;
break;
}
- set_dumpable(current->mm, arg2);
+ set_dumpable(me->mm, arg2);
+ error = 0;
break;
case PR_SET_UNALIGN:
- error = SET_UNALIGN_CTL(current, arg2);
+ error = SET_UNALIGN_CTL(me, arg2);
break;
case PR_GET_UNALIGN:
- error = GET_UNALIGN_CTL(current, arg2);
+ error = GET_UNALIGN_CTL(me, arg2);
break;
case PR_SET_FPEMU:
- error = SET_FPEMU_CTL(current, arg2);
+ error = SET_FPEMU_CTL(me, arg2);
break;
case PR_GET_FPEMU:
- error = GET_FPEMU_CTL(current, arg2);
+ error = GET_FPEMU_CTL(me, arg2);
break;
case PR_SET_FPEXC:
- error = SET_FPEXC_CTL(current, arg2);
+ error = SET_FPEXC_CTL(me, arg2);
break;
case PR_GET_FPEXC:
- error = GET_FPEXC_CTL(current, arg2);
+ error = GET_FPEXC_CTL(me, arg2);
break;
case PR_GET_TIMING:
error = PR_TIMING_STATISTICAL;
case PR_SET_TIMING:
if (arg2 != PR_TIMING_STATISTICAL)
error = -EINVAL;
+ else
+ error = 0;
break;
- case PR_SET_NAME: {
- struct task_struct *me = current;
- unsigned char ncomm[sizeof(me->comm)];
-
- ncomm[sizeof(me->comm)-1] = 0;
- if (strncpy_from_user(ncomm, (char __user *)arg2,
- sizeof(me->comm)-1) < 0)
+ case PR_SET_NAME:
+ comm[sizeof(me->comm)-1] = 0;
+ if (strncpy_from_user(comm, (char __user *)arg2,
+ sizeof(me->comm) - 1) < 0)
return -EFAULT;
- set_task_comm(me, ncomm);
+ set_task_comm(me, comm);
return 0;
- }
- case PR_GET_NAME: {
- struct task_struct *me = current;
- unsigned char tcomm[sizeof(me->comm)];
-
- get_task_comm(tcomm, me);
- if (copy_to_user((char __user *)arg2, tcomm, sizeof(tcomm)))
+ case PR_GET_NAME:
+ get_task_comm(comm, me);
+ if (copy_to_user((char __user *)arg2, comm,
+ sizeof(comm)))
return -EFAULT;
return 0;
- }
case PR_GET_ENDIAN:
- error = GET_ENDIAN(current, arg2);
+ error = GET_ENDIAN(me, arg2);
break;
case PR_SET_ENDIAN:
- error = SET_ENDIAN(current, arg2);
+ error = SET_ENDIAN(me, arg2);
break;
case PR_GET_SECCOMP:
current->default_timer_slack_ns;
else
current->timer_slack_ns = arg2;
+ error = 0;
break;
default:
error = -EINVAL;
memcpy(data->comm, tsk->comm, TASK_COMM_LEN);
data->pid = tsk->pid;
- data->uid = tsk->uid;
+ data->uid = task_uid(tsk);
data->nice = tsk->static_prio - 20 - MAX_RT_PRIO;
data->policy = tsk->policy;
data->rt_priority = tsk->rt_priority;
stats->ac_flag |= AXSIG;
stats->ac_nice = task_nice(tsk);
stats->ac_sched = tsk->policy;
- stats->ac_uid = tsk->uid;
- stats->ac_gid = tsk->gid;
+ stats->ac_uid = tsk->cred->uid;
+ stats->ac_gid = tsk->cred->gid;
stats->ac_pid = tsk->pid;
rcu_read_lock();
stats->ac_ppid = pid_alive(tsk) ?
{
int retval;
- if (!(retval = put_user(high2lowuid(current->uid), ruid)) &&
- !(retval = put_user(high2lowuid(current->euid), euid)))
- retval = put_user(high2lowuid(current->suid), suid);
+ if (!(retval = put_user(high2lowuid(current->cred->uid), ruid)) &&
+ !(retval = put_user(high2lowuid(current->cred->euid), euid)))
+ retval = put_user(high2lowuid(current->cred->suid), suid);
return retval;
}
{
int retval;
- if (!(retval = put_user(high2lowgid(current->gid), rgid)) &&
- !(retval = put_user(high2lowgid(current->egid), egid)))
- retval = put_user(high2lowgid(current->sgid), sgid);
+ if (!(retval = put_user(high2lowgid(current->cred->gid), rgid)) &&
+ !(retval = put_user(high2lowgid(current->cred->egid), egid)))
+ retval = put_user(high2lowgid(current->cred->sgid), sgid);
return retval;
}
if (gidsetsize < 0)
return -EINVAL;
- get_group_info(current->group_info);
- i = current->group_info->ngroups;
+ get_group_info(current->cred->group_info);
+ i = current->cred->group_info->ngroups;
if (gidsetsize) {
if (i > gidsetsize) {
i = -EINVAL;
goto out;
}
- if (groups16_to_user(grouplist, current->group_info)) {
+ if (groups16_to_user(grouplist, current->cred->group_info)) {
i = -EFAULT;
goto out;
}
}
out:
- put_group_info(current->group_info);
+ put_group_info(current->cred->group_info);
return i;
}
asmlinkage long sys_getuid16(void)
{
- return high2lowuid(current->uid);
+ return high2lowuid(current->cred->uid);
}
asmlinkage long sys_geteuid16(void)
{
- return high2lowuid(current->euid);
+ return high2lowuid(current->cred->euid);
}
asmlinkage long sys_getgid16(void)
{
- return high2lowgid(current->gid);
+ return high2lowgid(current->cred->gid);
}
asmlinkage long sys_getegid16(void)
{
- return high2lowgid(current->egid);
+ return high2lowgid(current->cred->egid);
}
* cheaply with the new uid cache, so if it matters
* we should be checking for it. -DaveM
*/
- old_user = current->user;
+ old_user = current->cred->user;
atomic_inc(&new_user->processes);
atomic_dec(&old_user->processes);
switch_uid_keyring(new_user);
- current->user = new_user;
+ current->cred->user = new_user;
sched_switch_user(current);
/*
const unsigned long __user *old_nodes,
const unsigned long __user *new_nodes)
{
+ struct cred *cred, *tcred;
struct mm_struct *mm;
struct task_struct *task;
nodemask_t old;
nodemask_t new;
nodemask_t task_nodes;
- uid_t uid, euid;
int err;
err = get_nodes(&old, old_nodes, maxnode);
* capabilities, superuser privileges or the same
* userid as the target process.
*/
- uid = current_uid();
- euid = current_euid();
- if (euid != task->suid && euid != task->uid &&
- uid != task->suid && uid != task->uid &&
+ cred = current->cred;
+ tcred = task->cred;
+ if (cred->euid != tcred->suid && cred->euid != tcred->uid &&
+ cred->uid != tcred->suid && cred->uid != tcred->uid &&
!capable(CAP_SYS_NICE)) {
err = -EPERM;
goto out;
const int __user *nodes,
int __user *status, int flags)
{
+ struct cred *cred, *tcred;
struct task_struct *task;
struct mm_struct *mm;
int err;
- uid_t uid, euid;
/* Check flags */
if (flags & ~(MPOL_MF_MOVE|MPOL_MF_MOVE_ALL))
* capabilities, superuser privileges or the same
* userid as the target process.
*/
- uid = current_uid();
- euid = current_euid();
- if (euid != task->suid && euid != task->uid &&
- uid != task->suid && uid != task->uid &&
+ cred = current->cred;
+ tcred = task->cred;
+ if (cred->euid != tcred->suid && cred->euid != tcred->uid &&
+ cred->uid != tcred->suid && cred->uid != tcred->uid &&
!capable(CAP_SYS_NICE)) {
err = -EPERM;
goto out;
task_lock(p);
printk(KERN_INFO "[%5d] %5d %5d %8lu %8lu %3d %3d %s\n",
- p->pid, p->uid, p->tgid, p->mm->total_vm,
+ p->pid, p->cred->uid, p->tgid, p->mm->total_vm,
get_mm_rss(p->mm), (int)task_cpu(p), p->oomkilladj,
p->comm);
task_unlock(p);
static __inline__ int scm_check_creds(struct ucred *creds)
{
+ struct cred *cred = current->cred;
+
if ((creds->pid == task_tgid_vnr(current) || capable(CAP_SYS_ADMIN)) &&
- ((creds->uid == current_uid() || creds->uid == current_euid() ||
- creds->uid == current_suid()) || capable(CAP_SETUID)) &&
- ((creds->gid == current_gid() || creds->gid == current_egid() ||
- creds->gid == current_sgid()) || capable(CAP_SETGID))) {
+ ((creds->uid == cred->uid || creds->uid == cred->euid ||
+ creds->uid == cred->suid) || capable(CAP_SETUID)) &&
+ ((creds->gid == cred->gid || creds->gid == cred->egid ||
+ creds->gid == cred->sgid) || capable(CAP_SETGID))) {
return 0;
}
return -EPERM;
struct auth_cred acred = {
.uid = current_fsuid(),
.gid = current_fsgid(),
- .group_info = current->group_info,
+ .group_info = current->cred->group_info,
};
struct rpc_cred *ret;
int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
{
- NETLINK_CB(skb).eff_cap = current->cap_effective;
+ NETLINK_CB(skb).eff_cap = current_cap();
return 0;
}
int cap_capable(struct task_struct *tsk, int cap, int audit)
{
/* Derived from include/linux/sched.h:capable. */
- if (cap_raised(tsk->cap_effective, cap))
+ if (cap_raised(tsk->cred->cap_effective, cap))
return 0;
return -EPERM;
}
int cap_ptrace_may_access(struct task_struct *child, unsigned int mode)
{
/* Derived from arch/i386/kernel/ptrace.c:sys_ptrace. */
- if (cap_issubset(child->cap_permitted, current->cap_permitted))
+ if (cap_issubset(child->cred->cap_permitted,
+ current->cred->cap_permitted))
return 0;
if (capable(CAP_SYS_PTRACE))
return 0;
int cap_ptrace_traceme(struct task_struct *parent)
{
- /* Derived from arch/i386/kernel/ptrace.c:sys_ptrace. */
- if (cap_issubset(current->cap_permitted, parent->cap_permitted))
+ if (cap_issubset(current->cred->cap_permitted,
+ parent->cred->cap_permitted))
return 0;
if (has_capability(parent, CAP_SYS_PTRACE))
return 0;
int cap_capget (struct task_struct *target, kernel_cap_t *effective,
kernel_cap_t *inheritable, kernel_cap_t *permitted)
{
+ struct cred *cred = target->cred;
+
/* Derived from kernel/capability.c:sys_capget. */
- *effective = target->cap_effective;
- *inheritable = target->cap_inheritable;
- *permitted = target->cap_permitted;
+ *effective = cred->cap_effective;
+ *inheritable = cred->cap_inheritable;
+ *permitted = cred->cap_permitted;
return 0;
}
const kernel_cap_t *inheritable,
const kernel_cap_t *permitted)
{
+ const struct cred *cred = current->cred;
+
if (cap_inh_is_capped()
&& !cap_issubset(*inheritable,
- cap_combine(current->cap_inheritable,
- current->cap_permitted))) {
+ cap_combine(cred->cap_inheritable,
+ cred->cap_permitted))) {
/* incapable of using this inheritable set */
return -EPERM;
}
if (!cap_issubset(*inheritable,
- cap_combine(current->cap_inheritable,
- current->cap_bset))) {
+ cap_combine(cred->cap_inheritable,
+ cred->cap_bset))) {
/* no new pI capabilities outside bounding set */
return -EPERM;
}
/* verify restrictions on target's new Permitted set */
if (!cap_issubset (*permitted,
- cap_combine (current->cap_permitted,
- current->cap_permitted))) {
+ cap_combine (cred->cap_permitted,
+ cred->cap_permitted))) {
return -EPERM;
}
const kernel_cap_t *inheritable,
const kernel_cap_t *permitted)
{
- current->cap_effective = *effective;
- current->cap_inheritable = *inheritable;
- current->cap_permitted = *permitted;
+ struct cred *cred = current->cred;
+
+ cred->cap_effective = *effective;
+ cred->cap_inheritable = *inheritable;
+ cred->cap_permitted = *permitted;
}
static inline void bprm_clear_caps(struct linux_binprm *bprm)
* pP' = (X & fP) | (pI & fI)
*/
bprm->cap_post_exec_permitted.cap[i] =
- (current->cap_bset.cap[i] & permitted) |
- (current->cap_inheritable.cap[i] & inheritable);
+ (current->cred->cap_bset.cap[i] & permitted) |
+ (current->cred->cap_inheritable.cap[i] & inheritable);
if (permitted & ~bprm->cap_post_exec_permitted.cap[i]) {
/*
if (bprm->e_uid == 0 || current_uid() == 0) {
/* pP' = (cap_bset & ~0) | (pI & ~0) */
bprm->cap_post_exec_permitted = cap_combine(
- current->cap_bset, current->cap_inheritable
- );
+ current->cred->cap_bset,
+ current->cred->cap_inheritable);
bprm->cap_effective = (bprm->e_uid == 0);
ret = 0;
}
void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
{
- kernel_cap_t pP = current->cap_permitted;
- kernel_cap_t pE = current->cap_effective;
- uid_t uid;
- gid_t gid;
+ struct cred *cred = current->cred;
- current_uid_gid(&uid, &gid);
-
- if (bprm->e_uid != uid || bprm->e_gid != gid ||
+ if (bprm->e_uid != cred->uid || bprm->e_gid != cred->gid ||
!cap_issubset(bprm->cap_post_exec_permitted,
- current->cap_permitted)) {
+ cred->cap_permitted)) {
set_dumpable(current->mm, suid_dumpable);
current->pdeath_signal = 0;
if (unsafe & ~LSM_UNSAFE_PTRACE_CAP) {
if (!capable(CAP_SETUID)) {
- bprm->e_uid = uid;
- bprm->e_gid = gid;
+ bprm->e_uid = cred->uid;
+ bprm->e_gid = cred->gid;
}
if (cap_limit_ptraced_target()) {
bprm->cap_post_exec_permitted = cap_intersect(
bprm->cap_post_exec_permitted,
- current->cap_permitted);
+ cred->cap_permitted);
}
}
}
- current->suid = current->euid = current->fsuid = bprm->e_uid;
- current->sgid = current->egid = current->fsgid = bprm->e_gid;
+ cred->suid = cred->euid = cred->fsuid = bprm->e_uid;
+ cred->sgid = cred->egid = cred->fsgid = bprm->e_gid;
/* For init, we want to retain the capabilities set
* in the init_task struct. Thus we skip the usual
* capability rules */
if (!is_global_init(current)) {
- current->cap_permitted = bprm->cap_post_exec_permitted;
+ cred->cap_permitted = bprm->cap_post_exec_permitted;
if (bprm->cap_effective)
- current->cap_effective = bprm->cap_post_exec_permitted;
+ cred->cap_effective = bprm->cap_post_exec_permitted;
else
- cap_clear(current->cap_effective);
+ cap_clear(cred->cap_effective);
}
/*
* Number 1 above might fail if you don't have a full bset, but I think
* that is interesting information to audit.
*/
- if (!cap_isclear(current->cap_effective)) {
- if (!cap_issubset(CAP_FULL_SET, current->cap_effective) ||
- (bprm->e_uid != 0) || (current->uid != 0) ||
+ if (!cap_isclear(cred->cap_effective)) {
+ if (!cap_issubset(CAP_FULL_SET, cred->cap_effective) ||
+ (bprm->e_uid != 0) || (cred->uid != 0) ||
issecure(SECURE_NOROOT))
- audit_log_bprm_fcaps(bprm, &pP, &pE);
+ audit_log_bprm_fcaps(bprm, &cred->cap_permitted,
+ &cred->cap_effective);
}
- current->securebits &= ~issecure_mask(SECURE_KEEP_CAPS);
+ cred->securebits &= ~issecure_mask(SECURE_KEEP_CAPS);
}
int cap_bprm_secureexec (struct linux_binprm *bprm)
{
- if (current_uid() != 0) {
+ const struct cred *cred = current->cred;
+
+ if (cred->uid != 0) {
if (bprm->cap_effective)
return 1;
if (!cap_isclear(bprm->cap_post_exec_permitted))
return 1;
}
- return (current_euid() != current_uid() ||
- current_egid() != current_gid());
+ return (cred->euid != cred->uid ||
+ cred->egid != cred->gid);
}
int cap_inode_setxattr(struct dentry *dentry, const char *name,
static inline void cap_emulate_setxuid (int old_ruid, int old_euid,
int old_suid)
{
- uid_t euid = current_euid();
+ struct cred *cred = current->cred;
if ((old_ruid == 0 || old_euid == 0 || old_suid == 0) &&
- (current_uid() != 0 && euid != 0 && current_suid() != 0) &&
+ (cred->uid != 0 && cred->euid != 0 && cred->suid != 0) &&
!issecure(SECURE_KEEP_CAPS)) {
- cap_clear (current->cap_permitted);
- cap_clear (current->cap_effective);
+ cap_clear (cred->cap_permitted);
+ cap_clear (cred->cap_effective);
}
- if (old_euid == 0 && euid != 0) {
- cap_clear (current->cap_effective);
+ if (old_euid == 0 && cred->euid != 0) {
+ cap_clear (cred->cap_effective);
}
- if (old_euid != 0 && euid == 0) {
- current->cap_effective = current->cap_permitted;
+ if (old_euid != 0 && cred->euid == 0) {
+ cred->cap_effective = cred->cap_permitted;
}
}
int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid,
int flags)
{
+ struct cred *cred = current->cred;
+
switch (flags) {
case LSM_SETID_RE:
case LSM_SETID_ID:
*/
if (!issecure (SECURE_NO_SETUID_FIXUP)) {
- if (old_fsuid == 0 && current_fsuid() != 0) {
- current->cap_effective =
+ if (old_fsuid == 0 && cred->fsuid != 0) {
+ cred->cap_effective =
cap_drop_fs_set(
- current->cap_effective);
+ cred->cap_effective);
}
- if (old_fsuid != 0 && current_fsuid() == 0) {
- current->cap_effective =
+ if (old_fsuid != 0 && cred->fsuid == 0) {
+ cred->cap_effective =
cap_raise_fs_set(
- current->cap_effective,
- current->cap_permitted);
+ cred->cap_effective,
+ cred->cap_permitted);
}
}
break;
*/
static int cap_safe_nice(struct task_struct *p)
{
- if (!cap_issubset(p->cap_permitted, current->cap_permitted) &&
+ if (!cap_issubset(p->cred->cap_permitted,
+ current->cred->cap_permitted) &&
!capable(CAP_SYS_NICE))
return -EPERM;
return 0;
return -EPERM;
if (!cap_valid(cap))
return -EINVAL;
- cap_lower(current->cap_bset, cap);
+ cap_lower(current->cred->cap_bset, cap);
return 0;
}
int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5, long *rc_p)
{
+ struct cred *cred = current->cred;
long error = 0;
switch (option) {
if (!cap_valid(arg2))
error = -EINVAL;
else
- error = !!cap_raised(current->cap_bset, arg2);
+ error = !!cap_raised(cred->cap_bset, arg2);
break;
#ifdef CONFIG_SECURITY_FILE_CAPABILITIES
case PR_CAPBSET_DROP:
* capability-based-privilege environment.
*/
case PR_SET_SECUREBITS:
- if ((((current->securebits & SECURE_ALL_LOCKS) >> 1)
- & (current->securebits ^ arg2)) /*[1]*/
- || ((current->securebits & SECURE_ALL_LOCKS
+ if ((((cred->securebits & SECURE_ALL_LOCKS) >> 1)
+ & (cred->securebits ^ arg2)) /*[1]*/
+ || ((cred->securebits & SECURE_ALL_LOCKS
& ~arg2)) /*[2]*/
|| (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS)) /*[3]*/
|| (cap_capable(current, CAP_SETPCAP, SECURITY_CAP_AUDIT) != 0)) { /*[4]*/
*/
error = -EPERM; /* cannot change a locked bit */
} else {
- current->securebits = arg2;
+ cred->securebits = arg2;
}
break;
case PR_GET_SECUREBITS:
- error = current->securebits;
+ error = cred->securebits;
break;
#endif /* def CONFIG_SECURITY_FILE_CAPABILITIES */
else if (issecure(SECURE_KEEP_CAPS_LOCKED))
error = -EPERM;
else if (arg2)
- current->securebits |= issecure_mask(SECURE_KEEP_CAPS);
+ cred->securebits |= issecure_mask(SECURE_KEEP_CAPS);
else
- current->securebits &=
- ~issecure_mask(SECURE_KEEP_CAPS);
+ cred->securebits &= ~issecure_mask(SECURE_KEEP_CAPS);
break;
default:
void cap_task_reparent_to_init (struct task_struct *p)
{
- cap_set_init_eff(p->cap_effective);
- cap_clear(p->cap_inheritable);
- cap_set_full(p->cap_permitted);
- p->securebits = SECUREBITS_DEFAULT;
- return;
+ struct cred *cred = p->cred;
+
+ cap_set_init_eff(cred->cap_effective);
+ cap_clear(cred->cap_inheritable);
+ cap_set_full(cred->cap_permitted);
+ p->cred->securebits = SECUREBITS_DEFAULT;
}
int cap_syslog (int type)
/* the appropriate instantiation authorisation key must have been
* assumed before calling this */
ret = -EPERM;
- instkey = current->request_key_auth;
+ instkey = current->cred->request_key_auth;
if (!instkey)
goto error;
/* discard the assumed authority if it's just been disabled by
* instantiation of the key */
if (ret == 0) {
- key_put(current->request_key_auth);
- current->request_key_auth = NULL;
+ key_put(current->cred->request_key_auth);
+ current->cred->request_key_auth = NULL;
}
error2:
/* the appropriate instantiation authorisation key must have been
* assumed before calling this */
ret = -EPERM;
- instkey = current->request_key_auth;
+ instkey = current->cred->request_key_auth;
if (!instkey)
goto error;
/* discard the assumed authority if it's just been disabled by
* instantiation of the key */
if (ret == 0) {
- key_put(current->request_key_auth);
- current->request_key_auth = NULL;
+ key_put(current->cred->request_key_auth);
+ current->cred->request_key_auth = NULL;
}
error:
*/
long keyctl_set_reqkey_keyring(int reqkey_defl)
{
+ struct cred *cred = current->cred;
int ret;
switch (reqkey_defl) {
case KEY_REQKEY_DEFL_USER_KEYRING:
case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
set:
- current->jit_keyring = reqkey_defl;
+ cred->jit_keyring = reqkey_defl;
case KEY_REQKEY_DEFL_NO_CHANGE:
- return current->jit_keyring;
+ return cred->jit_keyring;
case KEY_REQKEY_DEFL_GROUP_KEYRING:
default:
/* we divest ourselves of authority if given an ID of 0 */
if (id == 0) {
- key_put(current->request_key_auth);
- current->request_key_auth = NULL;
+ key_put(current->cred->request_key_auth);
+ current->cred->request_key_auth = NULL;
ret = 0;
goto error;
}
goto error;
}
- key_put(current->request_key_auth);
- current->request_key_auth = authkey;
+ key_put(current->cred->request_key_auth);
+ current->cred->request_key_auth = authkey;
ret = authkey->serial;
error:
struct task_struct *context,
key_perm_t perm)
{
+ struct cred *cred = context->cred;
struct key *key;
key_perm_t kperm;
int ret;
key = key_ref_to_ptr(key_ref);
/* use the second 8-bits of permissions for keys the caller owns */
- if (key->uid == context->fsuid) {
+ if (key->uid == cred->fsuid) {
kperm = key->perm >> 16;
goto use_these_perms;
}
/* use the third 8-bits of permissions for keys the caller has a group
* membership in common with */
if (key->gid != -1 && key->perm & KEY_GRP_ALL) {
- if (key->gid == context->fsgid) {
+ if (key->gid == cred->fsgid) {
kperm = key->perm >> 8;
goto use_these_perms;
}
- task_lock(context);
- ret = groups_search(context->group_info, key->gid);
- task_unlock(context);
+ spin_lock(&cred->lock);
+ ret = groups_search(cred->group_info, key->gid);
+ spin_unlock(&cred->lock);
if (ret) {
kperm = key->perm >> 8;
*/
int install_user_keyrings(void)
{
- struct user_struct *user = current->user;
+ struct user_struct *user = current->cred->user;
struct key *uid_keyring, *session_keyring;
char buf[20];
int ret;
sprintf(buf, "_tid.%u", tsk->pid);
- keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk,
+ keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk,
KEY_ALLOC_QUOTA_OVERRUN, NULL);
if (IS_ERR(keyring)) {
ret = PTR_ERR(keyring);
}
task_lock(tsk);
- old = tsk->thread_keyring;
- tsk->thread_keyring = keyring;
+ old = tsk->cred->thread_keyring;
+ tsk->cred->thread_keyring = keyring;
task_unlock(tsk);
ret = 0;
if (!tsk->signal->process_keyring) {
sprintf(buf, "_pid.%u", tsk->tgid);
- keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk,
+ keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk,
KEY_ALLOC_QUOTA_OVERRUN, NULL);
if (IS_ERR(keyring)) {
ret = PTR_ERR(keyring);
if (tsk->signal->session_keyring)
flags = KEY_ALLOC_IN_QUOTA;
- keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk,
+ keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk,
flags, NULL);
if (IS_ERR(keyring))
return PTR_ERR(keyring);
*/
int copy_keys(unsigned long clone_flags, struct task_struct *tsk)
{
- key_check(tsk->thread_keyring);
- key_check(tsk->request_key_auth);
+ key_check(tsk->cred->thread_keyring);
+ key_check(tsk->cred->request_key_auth);
/* no thread keyring yet */
- tsk->thread_keyring = NULL;
+ tsk->cred->thread_keyring = NULL;
/* copy the request_key() authorisation for this thread */
- key_get(tsk->request_key_auth);
+ key_get(tsk->cred->request_key_auth);
return 0;
*/
void exit_keys(struct task_struct *tsk)
{
- key_put(tsk->thread_keyring);
- key_put(tsk->request_key_auth);
+ key_put(tsk->cred->thread_keyring);
+ key_put(tsk->cred->request_key_auth);
} /* end exit_keys() */
/* newly exec'd tasks don't get a thread keyring */
task_lock(tsk);
- old = tsk->thread_keyring;
- tsk->thread_keyring = NULL;
+ old = tsk->cred->thread_keyring;
+ tsk->cred->thread_keyring = NULL;
task_unlock(tsk);
key_put(old);
void key_fsuid_changed(struct task_struct *tsk)
{
/* update the ownership of the thread keyring */
- if (tsk->thread_keyring) {
- down_write(&tsk->thread_keyring->sem);
- tsk->thread_keyring->uid = tsk->fsuid;
- up_write(&tsk->thread_keyring->sem);
+ BUG_ON(!tsk->cred);
+ if (tsk->cred->thread_keyring) {
+ down_write(&tsk->cred->thread_keyring->sem);
+ tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
+ up_write(&tsk->cred->thread_keyring->sem);
}
} /* end key_fsuid_changed() */
void key_fsgid_changed(struct task_struct *tsk)
{
/* update the ownership of the thread keyring */
- if (tsk->thread_keyring) {
- down_write(&tsk->thread_keyring->sem);
- tsk->thread_keyring->gid = tsk->fsgid;
- up_write(&tsk->thread_keyring->sem);
+ BUG_ON(!tsk->cred);
+ if (tsk->cred->thread_keyring) {
+ down_write(&tsk->cred->thread_keyring->sem);
+ tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
+ up_write(&tsk->cred->thread_keyring->sem);
}
} /* end key_fsgid_changed() */
err = ERR_PTR(-EAGAIN);
/* search the thread keyring first */
- if (context->thread_keyring) {
+ if (context->cred->thread_keyring) {
key_ref = keyring_search_aux(
- make_key_ref(context->thread_keyring, 1),
+ make_key_ref(context->cred->thread_keyring, 1),
context, type, description, match);
if (!IS_ERR(key_ref))
goto found;
}
}
/* or search the user-session keyring */
- else if (context->user->session_keyring) {
+ else if (context->cred->user->session_keyring) {
key_ref = keyring_search_aux(
- make_key_ref(context->user->session_keyring, 1),
+ make_key_ref(context->cred->user->session_keyring, 1),
context, type, description, match);
if (!IS_ERR(key_ref))
goto found;
* search the keyrings of the process mentioned there
* - we don't permit access to request_key auth keys via this method
*/
- if (context->request_key_auth &&
+ if (context->cred->request_key_auth &&
context == current &&
type != &key_type_request_key_auth
) {
/* defend against the auth key being revoked */
- down_read(&context->request_key_auth->sem);
+ down_read(&context->cred->request_key_auth->sem);
- if (key_validate(context->request_key_auth) == 0) {
- rka = context->request_key_auth->payload.data;
+ if (key_validate(context->cred->request_key_auth) == 0) {
+ rka = context->cred->request_key_auth->payload.data;
key_ref = search_process_keyrings(type, description,
match, rka->context);
- up_read(&context->request_key_auth->sem);
+ up_read(&context->cred->request_key_auth->sem);
if (!IS_ERR(key_ref))
goto found;
break;
}
} else {
- up_read(&context->request_key_auth->sem);
+ up_read(&context->cred->request_key_auth->sem);
}
}
{
struct request_key_auth *rka;
struct task_struct *t = current;
- key_ref_t key_ref, skey_ref;
+ struct cred *cred = t->cred;
struct key *key;
+ key_ref_t key_ref, skey_ref;
int ret;
key_ref = ERR_PTR(-ENOKEY);
switch (id) {
case KEY_SPEC_THREAD_KEYRING:
- if (!t->thread_keyring) {
+ if (!cred->thread_keyring) {
if (!create)
goto error;
}
}
- key = t->thread_keyring;
+ key = cred->thread_keyring;
atomic_inc(&key->usage);
key_ref = make_key_ref(key, 1);
break;
ret = install_user_keyrings();
if (ret < 0)
goto error;
- ret = install_session_keyring(t->user->session_keyring);
+ ret = install_session_keyring(
+ cred->user->session_keyring);
if (ret < 0)
goto error;
}
break;
case KEY_SPEC_USER_KEYRING:
- if (!t->user->uid_keyring) {
+ if (!cred->user->uid_keyring) {
ret = install_user_keyrings();
if (ret < 0)
goto error;
}
- key = t->user->uid_keyring;
+ key = cred->user->uid_keyring;
atomic_inc(&key->usage);
key_ref = make_key_ref(key, 1);
break;
case KEY_SPEC_USER_SESSION_KEYRING:
- if (!t->user->session_keyring) {
+ if (!cred->user->session_keyring) {
ret = install_user_keyrings();
if (ret < 0)
goto error;
}
- key = t->user->session_keyring;
+ key = cred->user->session_keyring;
atomic_inc(&key->usage);
key_ref = make_key_ref(key, 1);
break;
goto error;
case KEY_SPEC_REQKEY_AUTH_KEY:
- key = t->request_key_auth;
+ key = cred->request_key_auth;
if (!key)
goto error;
break;
case KEY_SPEC_REQUESTOR_KEYRING:
- if (!t->request_key_auth)
+ if (!cred->request_key_auth)
goto error;
- down_read(&t->request_key_auth->sem);
- if (t->request_key_auth->flags & KEY_FLAG_REVOKED) {
+ down_read(&cred->request_key_auth->sem);
+ if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) {
key_ref = ERR_PTR(-EKEYREVOKED);
key = NULL;
} else {
- rka = t->request_key_auth->payload.data;
+ rka = cred->request_key_auth->payload.data;
key = rka->dest_keyring;
atomic_inc(&key->usage);
}
- up_read(&t->request_key_auth->sem);
+ up_read(&cred->request_key_auth->sem);
if (!key)
goto error;
key_ref = make_key_ref(key, 1);
keyring = find_keyring_by_name(name, false);
if (PTR_ERR(keyring) == -ENOKEY) {
/* not found - try and create a new one */
- keyring = keyring_alloc(name, tsk->uid, tsk->gid, tsk,
+ keyring = keyring_alloc(name, tsk->cred->uid, tsk->cred->gid, tsk,
KEY_ALLOC_IN_QUOTA, NULL);
if (IS_ERR(keyring)) {
ret = PTR_ERR(keyring);
/* we specify the process's default keyrings */
sprintf(keyring_str[0], "%d",
- tsk->thread_keyring ? tsk->thread_keyring->serial : 0);
+ tsk->cred->thread_keyring ?
+ tsk->cred->thread_keyring->serial : 0);
prkey = 0;
if (tsk->signal->process_keyring)
sskey = rcu_dereference(tsk->signal->session_keyring)->serial;
rcu_read_unlock();
} else {
- sskey = tsk->user->session_keyring->serial;
+ sskey = tsk->cred->user->session_keyring->serial;
}
sprintf(keyring_str[2], "%d", sskey);
} else {
/* use a default keyring; falling through the cases until we
* find one that we actually have */
- switch (tsk->jit_keyring) {
+ switch (tsk->cred->jit_keyring) {
case KEY_REQKEY_DEFL_DEFAULT:
case KEY_REQKEY_DEFL_REQUESTOR_KEYRING:
- if (tsk->request_key_auth) {
- authkey = tsk->request_key_auth;
+ if (tsk->cred->request_key_auth) {
+ authkey = tsk->cred->request_key_auth;
down_read(&authkey->sem);
rka = authkey->payload.data;
if (!test_bit(KEY_FLAG_REVOKED,
}
case KEY_REQKEY_DEFL_THREAD_KEYRING:
- dest_keyring = key_get(tsk->thread_keyring);
+ dest_keyring = key_get(tsk->cred->thread_keyring);
if (dest_keyring)
break;
break;
case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
- dest_keyring = key_get(tsk->user->session_keyring);
+ dest_keyring =
+ key_get(tsk->cred->user->session_keyring);
break;
case KEY_REQKEY_DEFL_USER_KEYRING:
- dest_keyring = key_get(tsk->user->uid_keyring);
+ dest_keyring = key_get(tsk->cred->user->uid_keyring);
break;
case KEY_REQKEY_DEFL_GROUP_KEYRING:
/* see if the calling process is already servicing the key request of
* another process */
- if (current->request_key_auth) {
+ if (current->cred->request_key_auth) {
/* it is - use that instantiation context here too */
- down_read(¤t->request_key_auth->sem);
+ down_read(¤t->cred->request_key_auth->sem);
/* if the auth key has been revoked, then the key we're
* servicing is already instantiated */
if (test_bit(KEY_FLAG_REVOKED,
- ¤t->request_key_auth->flags))
+ ¤t->cred->request_key_auth->flags))
goto auth_key_revoked;
- irka = current->request_key_auth->payload.data;
+ irka = current->cred->request_key_auth->payload.data;
rka->context = irka->context;
rka->pid = irka->pid;
get_task_struct(rka->context);
- up_read(¤t->request_key_auth->sem);
+ up_read(¤t->cred->request_key_auth->sem);
}
else {
/* it isn't - use this process as the context */
return authkey;
auth_key_revoked:
- up_read(¤t->request_key_auth->sem);
+ up_read(¤t->cred->request_key_auth->sem);
kfree(rka->callout_info);
kfree(rka);
kleave("= -EKEYREVOKED");
int selinux_secmark_relabel_packet_permission(u32 sid)
{
if (selinux_enabled) {
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
return avc_has_perm(tsec->sid, sid, SECCLASS_PACKET,
PACKET__RELABELTO, NULL);
return -ENOMEM;
tsec->osid = tsec->sid = SECINITSID_UNLABELED;
- task->security = tsec;
+ task->cred->security = tsec;
return 0;
}
static void task_free_security(struct task_struct *task)
{
- struct task_security_struct *tsec = task->security;
- task->security = NULL;
+ struct task_security_struct *tsec = task->cred->security;
+ task->cred->security = NULL;
kfree(tsec);
}
static int inode_alloc_security(struct inode *inode)
{
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
struct inode_security_struct *isec;
isec = kmem_cache_zalloc(sel_inode_cache, GFP_NOFS);
static int file_alloc_security(struct file *file)
{
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
struct file_security_struct *fsec;
fsec = kzalloc(sizeof(struct file_security_struct), GFP_KERNEL);
struct security_mnt_opts *opts)
{
int rc = 0, i;
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
struct superblock_security_struct *sbsec = sb->s_security;
const char *name = sb->s_type->name;
struct inode *inode = sbsec->sb->s_root->d_inode;
{
struct task_security_struct *tsec1, *tsec2;
- tsec1 = tsk1->security;
- tsec2 = tsk2->security;
+ tsec1 = tsk1->cred->security;
+ tsec2 = tsk2->cred->security;
return avc_has_perm(tsec1->sid, tsec2->sid,
SECCLASS_PROCESS, perms, NULL);
}
u32 av = CAP_TO_MASK(cap);
int rc;
- tsec = tsk->security;
+ tsec = tsk->cred->security;
AVC_AUDIT_DATA_INIT(&ad, CAP);
ad.tsk = tsk;
{
struct task_security_struct *tsec;
- tsec = tsk->security;
+ tsec = tsk->cred->security;
return avc_has_perm(tsec->sid, SECINITSID_KERNEL,
SECCLASS_SYSTEM, perms, NULL);
if (unlikely(IS_PRIVATE(inode)))
return 0;
- tsec = tsk->security;
+ tsec = tsk->cred->security;
isec = inode->i_security;
if (!adp) {
struct file *file,
u32 av)
{
- struct task_security_struct *tsec = tsk->security;
+ struct task_security_struct *tsec = tsk->cred->security;
struct file_security_struct *fsec = file->f_security;
struct inode *inode = file->f_path.dentry->d_inode;
struct avc_audit_data ad;
struct avc_audit_data ad;
int rc;
- tsec = current->security;
+ tsec = current->cred->security;
dsec = dir->i_security;
sbsec = dir->i_sb->s_security;
{
struct task_security_struct *tsec;
- tsec = ctx->security;
+ tsec = ctx->cred->security;
return avc_has_perm(tsec->sid, ksid, SECCLASS_KEY, KEY__CREATE, NULL);
}
u32 av;
int rc;
- tsec = current->security;
+ tsec = current->cred->security;
dsec = dir->i_security;
isec = dentry->d_inode->i_security;
int old_is_dir, new_is_dir;
int rc;
- tsec = current->security;
+ tsec = current->cred->security;
old_dsec = old_dir->i_security;
old_isec = old_dentry->d_inode->i_security;
old_is_dir = S_ISDIR(old_dentry->d_inode->i_mode);
struct task_security_struct *tsec;
struct superblock_security_struct *sbsec;
- tsec = tsk->security;
+ tsec = tsk->cred->security;
sbsec = sb->s_security;
return avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM,
perms, ad);
return rc;
if (mode == PTRACE_MODE_READ) {
- struct task_security_struct *tsec = current->security;
- struct task_security_struct *csec = child->security;
+ struct task_security_struct *tsec = current->cred->security;
+ struct task_security_struct *csec = child->cred->security;
return avc_has_perm(tsec->sid, csec->sid,
SECCLASS_FILE, FILE__READ, NULL);
}
if (rc)
return rc;
- tsec = current->security;
+ tsec = current->cred->security;
rc = selinux_sysctl_get_sid(table, (op == 0001) ?
SECCLASS_DIR : SECCLASS_FILE, &tsid);
if (bsec->set)
return 0;
- tsec = current->security;
+ tsec = current->cred->security;
isec = inode->i_security;
/* Default to the current task SID. */
static int selinux_bprm_secureexec(struct linux_binprm *bprm)
{
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
int atsecure = 0;
if (tsec->osid != tsec->sid) {
secondary_ops->bprm_apply_creds(bprm, unsafe);
- tsec = current->security;
+ tsec = current->cred->security;
bsec = bprm->security;
sid = bsec->sid;
rcu_read_lock();
tracer = tracehook_tracer_task(current);
if (likely(tracer != NULL)) {
- sec = tracer->security;
+ sec = tracer->cred->security;
ptsid = sec->sid;
}
rcu_read_unlock();
int rc, i;
unsigned long flags;
- tsec = current->security;
+ tsec = current->cred->security;
bsec = bprm->security;
if (bsec->unsafe) {
int rc;
char *namep = NULL, *context;
- tsec = current->security;
+ tsec = current->cred->security;
dsec = dir->i_security;
sbsec = dir->i_sb->s_security;
static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
const void *value, size_t size, int flags)
{
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
struct inode *inode = dentry->d_inode;
struct inode_security_struct *isec = inode->i_security;
struct superblock_security_struct *sbsec;
static int selinux_file_permission(struct file *file, int mask)
{
struct inode *inode = file->f_path.dentry->d_inode;
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
struct file_security_struct *fsec = file->f_security;
struct inode_security_struct *isec = inode->i_security;
unsigned long addr, unsigned long addr_only)
{
int rc = 0;
- u32 sid = ((struct task_security_struct *)(current->security))->sid;
+ u32 sid = ((struct task_security_struct *)
+ (current->cred->security))->sid;
if (addr < mmap_min_addr)
rc = avc_has_perm(sid, sid, SECCLASS_MEMPROTECT,
struct task_security_struct *tsec;
struct file_security_struct *fsec;
- tsec = current->security;
+ tsec = current->cred->security;
fsec = file->f_security;
fsec->fown_sid = tsec->sid;
/* struct fown_struct is never outside the context of a struct file */
file = container_of(fown, struct file, f_owner);
- tsec = tsk->security;
+ tsec = tsk->cred->security;
fsec = file->f_security;
if (!signum)
struct task_security_struct *tsec1, *tsec2;
int rc;
- tsec1 = current->security;
+ tsec1 = current->cred->security;
rc = task_alloc_security(tsk);
if (rc)
return rc;
- tsec2 = tsk->security;
+ tsec2 = tsk->cred->security;
tsec2->osid = tsec1->osid;
tsec2->sid = tsec1->sid;
static void selinux_task_getsecid(struct task_struct *p, u32 *secid)
{
- struct task_security_struct *tsec = p->security;
+ struct task_security_struct *tsec = p->cred->security;
*secid = tsec->sid;
}
perm = PROCESS__SIGNULL; /* null signal; existence test */
else
perm = signal_to_av(sig);
- tsec = p->security;
+ tsec = p->cred->security;
if (secid)
rc = avc_has_perm(secid, tsec->sid, SECCLASS_PROCESS, perm, NULL);
else
secondary_ops->task_reparent_to_init(p);
- tsec = p->security;
+ tsec = p->cred->security;
tsec->osid = tsec->sid;
tsec->sid = SECINITSID_KERNEL;
return;
static void selinux_task_to_inode(struct task_struct *p,
struct inode *inode)
{
- struct task_security_struct *tsec = p->security;
+ struct task_security_struct *tsec = p->cred->security;
struct inode_security_struct *isec = inode->i_security;
isec->sid = tsec->sid;
struct avc_audit_data ad;
int err = 0;
- tsec = task->security;
+ tsec = task->cred->security;
isec = SOCK_INODE(sock)->i_security;
if (isec->sid == SECINITSID_KERNEL)
if (kern)
goto out;
- tsec = current->security;
+ tsec = current->cred->security;
newsid = tsec->sockcreate_sid ? : tsec->sid;
err = avc_has_perm(tsec->sid, newsid,
socket_type_to_security_class(family, type,
isec = SOCK_INODE(sock)->i_security;
- tsec = current->security;
+ tsec = current->cred->security;
newsid = tsec->sockcreate_sid ? : tsec->sid;
isec->sclass = socket_type_to_security_class(family, type, protocol);
isec->sid = kern ? SECINITSID_KERNEL : newsid;
struct sock *sk = sock->sk;
u32 sid, node_perm;
- tsec = current->security;
+ tsec = current->cred->security;
isec = SOCK_INODE(sock)->i_security;
if (family == PF_INET) {
struct kern_ipc_perm *perm,
u16 sclass)
{
- struct task_security_struct *tsec = task->security;
+ struct task_security_struct *tsec = task->cred->security;
struct ipc_security_struct *isec;
isec = kzalloc(sizeof(struct ipc_security_struct), GFP_KERNEL);
struct ipc_security_struct *isec;
struct avc_audit_data ad;
- tsec = current->security;
+ tsec = current->cred->security;
isec = ipc_perms->security;
AVC_AUDIT_DATA_INIT(&ad, IPC);
if (rc)
return rc;
- tsec = current->security;
+ tsec = current->cred->security;
isec = msq->q_perm.security;
AVC_AUDIT_DATA_INIT(&ad, IPC);
struct ipc_security_struct *isec;
struct avc_audit_data ad;
- tsec = current->security;
+ tsec = current->cred->security;
isec = msq->q_perm.security;
AVC_AUDIT_DATA_INIT(&ad, IPC);
struct avc_audit_data ad;
int rc;
- tsec = current->security;
+ tsec = current->cred->security;
isec = msq->q_perm.security;
msec = msg->security;
struct avc_audit_data ad;
int rc;
- tsec = target->security;
+ tsec = target->cred->security;
isec = msq->q_perm.security;
msec = msg->security;
if (rc)
return rc;
- tsec = current->security;
+ tsec = current->cred->security;
isec = shp->shm_perm.security;
AVC_AUDIT_DATA_INIT(&ad, IPC);
struct ipc_security_struct *isec;
struct avc_audit_data ad;
- tsec = current->security;
+ tsec = current->cred->security;
isec = shp->shm_perm.security;
AVC_AUDIT_DATA_INIT(&ad, IPC);
if (rc)
return rc;
- tsec = current->security;
+ tsec = current->cred->security;
isec = sma->sem_perm.security;
AVC_AUDIT_DATA_INIT(&ad, IPC);
struct ipc_security_struct *isec;
struct avc_audit_data ad;
- tsec = current->security;
+ tsec = current->cred->security;
isec = sma->sem_perm.security;
AVC_AUDIT_DATA_INIT(&ad, IPC);
return error;
}
- tsec = p->security;
+ tsec = p->cred->security;
if (!strcmp(name, "current"))
sid = tsec->sid;
operation. See selinux_bprm_set_security for the execve
checks and may_create for the file creation checks. The
operation will then fail if the context is not permitted. */
- tsec = p->security;
+ tsec = p->cred->security;
if (!strcmp(name, "exec"))
tsec->exec_sid = sid;
else if (!strcmp(name, "fscreate"))
rcu_read_lock();
tracer = tracehook_tracer_task(p);
if (tracer != NULL) {
- struct task_security_struct *ptsec = tracer->security;
+ struct task_security_struct *ptsec =
+ tracer->cred->security;
u32 ptsid = ptsec->sid;
rcu_read_unlock();
error = avc_has_perm_noaudit(ptsid, sid,
static int selinux_key_alloc(struct key *k, struct task_struct *tsk,
unsigned long flags)
{
- struct task_security_struct *tsec = tsk->security;
+ struct task_security_struct *tsec = tsk->cred->security;
struct key_security_struct *ksec;
ksec = kzalloc(sizeof(struct key_security_struct), GFP_KERNEL);
key = key_ref_to_ptr(key_ref);
- tsec = ctx->security;
+ tsec = ctx->cred->security;
ksec = key->security;
/* if no specific permissions are requested, we skip the
/* Set the security state for the initial task. */
if (task_alloc_security(current))
panic("SELinux: Failed to initialize initial task.\n");
- tsec = current->security;
+ tsec = current->cred->security;
tsec->osid = tsec->sid = SECINITSID_KERNEL;
sel_inode_cache = kmem_cache_create("selinux_inode_security",
{
struct task_security_struct *tsec;
- tsec = tsk->security;
+ tsec = tsk->cred->security;
if (!tsec)
return -EACCES;
struct xfrm_user_sec_ctx *uctx, u32 sid)
{
int rc = 0;
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
struct xfrm_sec_ctx *ctx = NULL;
char *ctx_str = NULL;
u32 str_len;
*/
int selinux_xfrm_policy_delete(struct xfrm_sec_ctx *ctx)
{
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
int rc = 0;
if (ctx) {
*/
int selinux_xfrm_state_delete(struct xfrm_state *x)
{
- struct task_security_struct *tsec = current->security;
+ struct task_security_struct *tsec = current->cred->security;
struct xfrm_sec_ctx *ctx = x->security;
int rc = 0;
{
int rc;
- rc = smk_access(current->security, obj_label, mode);
+ rc = smk_access(current->cred->security, obj_label, mode);
if (rc == 0)
return 0;
* only one that gets privilege and current does not
* have that label.
*/
- if (smack_onlycap != NULL && smack_onlycap != current->security)
+ if (smack_onlycap != NULL && smack_onlycap != current->cred->security)
return rc;
if (capable(CAP_MAC_OVERRIDE))
if (rc != 0)
return rc;
- rc = smk_access(current->security, ctp->security, MAY_READWRITE);
+ rc = smk_access(current->cred->security, ctp->cred->security,
+ MAY_READWRITE);
if (rc != 0 && capable(CAP_MAC_OVERRIDE))
return 0;
return rc;
if (rc != 0)
return rc;
- rc = smk_access(ptp->security, current->security, MAY_READWRITE);
+ rc = smk_access(ptp->cred->security, current->cred->security,
+ MAY_READWRITE);
if (rc != 0 && has_capability(ptp, CAP_MAC_OVERRIDE))
return 0;
return rc;
static int smack_syslog(int type)
{
int rc;
- char *sp = current->security;
+ char *sp = current->cred->security;
rc = cap_syslog(type);
if (rc != 0)
*/
static int smack_inode_alloc_security(struct inode *inode)
{
- inode->i_security = new_inode_smack(current->security);
+ inode->i_security = new_inode_smack(current->cred->security);
if (inode->i_security == NULL)
return -ENOMEM;
return 0;
*/
static int smack_file_alloc_security(struct file *file)
{
- file->f_security = current->security;
+ file->f_security = current->cred->security;
return 0;
}
*/
static int smack_file_set_fowner(struct file *file)
{
- file->f_security = current->security;
+ file->f_security = current->cred->security;
return 0;
}
* struct fown_struct is never outside the context of a struct file
*/
file = container_of(fown, struct file, f_owner);
- rc = smk_access(file->f_security, tsk->security, MAY_WRITE);
+ rc = smk_access(file->f_security, tsk->cred->security, MAY_WRITE);
if (rc != 0 && has_capability(tsk, CAP_MAC_OVERRIDE))
return 0;
return rc;
*/
static int smack_task_alloc_security(struct task_struct *tsk)
{
- tsk->security = current->security;
+ tsk->cred->security = current->cred->security;
return 0;
}
*/
static void smack_task_free_security(struct task_struct *task)
{
- task->security = NULL;
+ task->cred->security = NULL;
}
/**
*/
static int smack_task_setpgid(struct task_struct *p, pid_t pgid)
{
- return smk_curacc(p->security, MAY_WRITE);
+ return smk_curacc(p->cred->security, MAY_WRITE);
}
/**
*/
static int smack_task_getpgid(struct task_struct *p)
{
- return smk_curacc(p->security, MAY_READ);
+ return smk_curacc(p->cred->security, MAY_READ);
}
/**
*/
static int smack_task_getsid(struct task_struct *p)
{
- return smk_curacc(p->security, MAY_READ);
+ return smk_curacc(p->cred->security, MAY_READ);
}
/**
*/
static void smack_task_getsecid(struct task_struct *p, u32 *secid)
{
- *secid = smack_to_secid(p->security);
+ *secid = smack_to_secid(p->cred->security);
}
/**
rc = cap_task_setnice(p, nice);
if (rc == 0)
- rc = smk_curacc(p->security, MAY_WRITE);
+ rc = smk_curacc(p->cred->security, MAY_WRITE);
return rc;
}
rc = cap_task_setioprio(p, ioprio);
if (rc == 0)
- rc = smk_curacc(p->security, MAY_WRITE);
+ rc = smk_curacc(p->cred->security, MAY_WRITE);
return rc;
}
*/
static int smack_task_getioprio(struct task_struct *p)
{
- return smk_curacc(p->security, MAY_READ);
+ return smk_curacc(p->cred->security, MAY_READ);
}
/**
rc = cap_task_setscheduler(p, policy, lp);
if (rc == 0)
- rc = smk_curacc(p->security, MAY_WRITE);
+ rc = smk_curacc(p->cred->security, MAY_WRITE);
return rc;
}
*/
static int smack_task_getscheduler(struct task_struct *p)
{
- return smk_curacc(p->security, MAY_READ);
+ return smk_curacc(p->cred->security, MAY_READ);
}
/**
*/
static int smack_task_movememory(struct task_struct *p)
{
- return smk_curacc(p->security, MAY_WRITE);
+ return smk_curacc(p->cred->security, MAY_WRITE);
}
/**
* can write the receiver.
*/
if (secid == 0)
- return smk_curacc(p->security, MAY_WRITE);
+ return smk_curacc(p->cred->security, MAY_WRITE);
/*
* If the secid isn't 0 we're dealing with some USB IO
* specific behavior. This is not clean. For one thing
* we can't take privilege into account.
*/
- return smk_access(smack_from_secid(secid), p->security, MAY_WRITE);
+ return smk_access(smack_from_secid(secid), p->cred->security, MAY_WRITE);
}
/**
{
int rc;
- rc = smk_access(current->security, p->security, MAY_WRITE);
+ rc = smk_access(current->cred->security, p->cred->security, MAY_WRITE);
if (rc == 0)
return 0;
static void smack_task_to_inode(struct task_struct *p, struct inode *inode)
{
struct inode_smack *isp = inode->i_security;
- isp->smk_inode = p->security;
+ isp->smk_inode = p->cred->security;
}
/*
*/
static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags)
{
- char *csp = current->security;
+ char *csp = current->cred->security;
struct socket_smack *ssp;
ssp = kzalloc(sizeof(struct socket_smack), gfp_flags);
*/
static int smack_msg_msg_alloc_security(struct msg_msg *msg)
{
- msg->security = current->security;
+ msg->security = current->cred->security;
return 0;
}
{
struct kern_ipc_perm *isp = &shp->shm_perm;
- isp->security = current->security;
+ isp->security = current->cred->security;
return 0;
}
{
struct kern_ipc_perm *isp = &sma->sem_perm;
- isp->security = current->security;
+ isp->security = current->cred->security;
return 0;
}
{
struct kern_ipc_perm *kisp = &msq->q_perm;
- kisp->security = current->security;
+ kisp->security = current->cred->security;
return 0;
}
struct super_block *sbp;
struct superblock_smack *sbsp;
struct inode_smack *isp;
- char *csp = current->security;
+ char *csp = current->cred->security;
char *fetched;
char *final;
struct dentry *dp;
if (strcmp(name, "current") != 0)
return -EINVAL;
- cp = kstrdup(p->security, GFP_KERNEL);
+ cp = kstrdup(p->cred->security, GFP_KERNEL);
if (cp == NULL)
return -ENOMEM;
if (newsmack == NULL)
return -EINVAL;
- p->security = newsmack;
+ p->cred->security = newsmack;
return size;
}
return;
ssp = sk->sk_security;
- ssp->smk_in = current->security;
- ssp->smk_out = current->security;
+ ssp->smk_in = current->cred->security;
+ ssp->smk_out = current->cred->security;
ssp->smk_packet[0] = '\0';
rc = smack_netlabel(sk);
static int smack_key_alloc(struct key *key, struct task_struct *tsk,
unsigned long flags)
{
- key->security = tsk->security;
+ key->security = tsk->cred->security;
return 0;
}
/*
* This should not occur
*/
- if (context->security == NULL)
+ if (context->cred->security == NULL)
return -EACCES;
- return smk_access(context->security, keyp->security, MAY_READWRITE);
+ return smk_access(context->cred->security, keyp->security,
+ MAY_READWRITE);
}
#endif /* CONFIG_KEYS */
/*
* Set the security state for the initial task.
*/
- current->security = &smack_known_floor.smk_known;
+ current->cred->security = &smack_known_floor.smk_known;
/*
* Initialize locks
audit_info.loginuid = audit_get_loginuid(current);
audit_info.sessionid = audit_get_sessionid(current);
- audit_info.secid = smack_to_secid(current->security);
+ audit_info.secid = smack_to_secid(current->cred->security);
rc = netlbl_cfg_map_del(NULL, &audit_info);
if (rc != 0)
audit_info.loginuid = audit_get_loginuid(current);
audit_info.sessionid = audit_get_sessionid(current);
- audit_info.secid = smack_to_secid(current->security);
+ audit_info.secid = smack_to_secid(current->cred->security);
if (oldambient != NULL) {
rc = netlbl_cfg_map_del(oldambient, &audit_info);
size_t count, loff_t *ppos)
{
char in[SMK_LABELLEN];
- char *sp = current->security;
+ char *sp = current->cred->security;
if (!capable(CAP_MAC_ADMIN))
return -EPERM;