[GitHub/mt8127/android_kernel_alcatel_ttab.git] / kernel / cred.c

/* Task credentials management
 *
 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public Licence
 * as published by the Free Software Foundation; either version
 * 2 of the Licence, or (at your option) any later version.
 */
#include <linux/module.h>
#include <linux/cred.h>
#include <linux/sched.h>
#include <linux/key.h>
#include <linux/keyctl.h>
#include <linux/init_task.h>
#include <linux/security.h>

/*
 * The initial credentials for the initial task
 */
struct cred init_cred = {
	.usage			= ATOMIC_INIT(3),
	.securebits		= SECUREBITS_DEFAULT,
	.cap_inheritable	= CAP_INIT_INH_SET,
	.cap_permitted		= CAP_FULL_SET,
	.cap_effective		= CAP_INIT_EFF_SET,
	.cap_bset		= CAP_INIT_BSET,
	.user			= INIT_USER,
	.group_info		= &init_groups,
};

/*
 * The RCU callback to actually dispose of a set of credentials
 */
static void put_cred_rcu(struct rcu_head *rcu)
{
	struct cred *cred = container_of(rcu, struct cred, rcu);

	BUG_ON(atomic_read(&cred->usage) != 0);

	key_put(cred->thread_keyring);
	key_put(cred->request_key_auth);
	put_group_info(cred->group_info);
	free_uid(cred->user);
	security_cred_free(cred);
	kfree(cred);
}

/**
 * __put_cred - Destroy a set of credentials
 * @sec: The record to release
 *
 * Destroy a set of credentials on which no references remain.
 */
void __put_cred(struct cred *cred)
{
	call_rcu(&cred->rcu, put_cred_rcu);
}
EXPORT_SYMBOL(__put_cred);

/*
 * Copy credentials for the new process created by fork()
 */
int copy_creds(struct task_struct *p, unsigned long clone_flags)
{
	struct cred *pcred;
	int ret;

	pcred = kmemdup(p->cred, sizeof(*p->cred), GFP_KERNEL);
	if (!pcred)
		return -ENOMEM;

#ifdef CONFIG_SECURITY
	pcred->security = NULL;
#endif

	ret = security_cred_alloc(pcred);
	if (ret < 0) {
		kfree(pcred);
		return ret;
	}

	atomic_set(&pcred->usage, 1);
	get_group_info(pcred->group_info);
	get_uid(pcred->user);
	key_get(pcred->thread_keyring);
	key_get(pcred->request_key_auth);

	atomic_inc(&pcred->user->processes);

	/* RCU assignment is unneeded here as no-one can have accessed this
	 * pointer yet, barring us */
	p->cred = pcred;
	return 0;
}
Commit	Line	Data
f1752eec DH	1	/* Task credentials management
	2	*
	3	* Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
	4	* Written by David Howells (dhowells@redhat.com)
	5	*
	6	* This program is free software; you can redistribute it and/or
	7	* modify it under the terms of the GNU General Public Licence
	8	* as published by the Free Software Foundation; either version
	9	* 2 of the Licence, or (at your option) any later version.
	10	*/
	11	#include <linux/module.h>
	12	#include <linux/cred.h>
	13	#include <linux/sched.h>
	14	#include <linux/key.h>
	15	#include <linux/keyctl.h>
	16	#include <linux/init_task.h>
	17	#include <linux/security.h>
	18
	19	/*
	20	* The initial credentials for the initial task
	21	*/
	22	struct cred init_cred = {
	23	.usage = ATOMIC_INIT(3),
	24	.securebits = SECUREBITS_DEFAULT,
	25	.cap_inheritable = CAP_INIT_INH_SET,
	26	.cap_permitted = CAP_FULL_SET,
	27	.cap_effective = CAP_INIT_EFF_SET,
	28	.cap_bset = CAP_INIT_BSET,
	29	.user = INIT_USER,
	30	.group_info = &init_groups,
	31	};
	32
	33	/*
	34	* The RCU callback to actually dispose of a set of credentials
	35	*/
	36	static void put_cred_rcu(struct rcu_head *rcu)
	37	{
	38	struct cred *cred = container_of(rcu, struct cred, rcu);
	39
	40	BUG_ON(atomic_read(&cred->usage) != 0);
	41
	42	key_put(cred->thread_keyring);
	43	key_put(cred->request_key_auth);
	44	put_group_info(cred->group_info);
	45	free_uid(cred->user);
	46	security_cred_free(cred);
	47	kfree(cred);
	48	}
	49
	50	/**
	51	* __put_cred - Destroy a set of credentials
	52	* @sec: The record to release
	53	*
	54	* Destroy a set of credentials on which no references remain.
	55	*/
	56	void __put_cred(struct cred *cred)
	57	{
	58	call_rcu(&cred->rcu, put_cred_rcu);
	59	}
	60	EXPORT_SYMBOL(__put_cred);
	61
	62	/*
	63	* Copy credentials for the new process created by fork()
	64	*/
65	int copy_creds(struct task_struct *p, unsigned long clone_flags)
66	{
67	struct cred *pcred;
68	int ret;
69
70	pcred = kmemdup(p->cred, sizeof(*p->cred), GFP_KERNEL);
71	if (!pcred)
72	return -ENOMEM;
73
74	#ifdef CONFIG_SECURITY
75	pcred->security = NULL;
76	#endif
77
78	ret = security_cred_alloc(pcred);
79	if (ret < 0) {
80	kfree(pcred);
81	return ret;
82	}
83
84	atomic_set(&pcred->usage, 1);
85	get_group_info(pcred->group_info);
86	get_uid(pcred->user);
87	key_get(pcred->thread_keyring);
88	key_get(pcred->request_key_auth);
89
90	atomic_inc(&pcred->user->processes);
91
92	/* RCU assignment is unneeded here as no-one can have accessed this
93	* pointer yet, barring us */
94	p->cred = pcred;
95	return 0;
96	}