Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security subsystem updates from James Morris: "Just a few bugfixes and documentation updates" * 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: seccomp: fix up grammar in comment Revert "security: inode: fix a missing check for securityfs_create_file" Yama: mark function as static security: inode: fix a missing check for securityfs_create_file keys: safe concurrent user->{session,uid}_keyring access security: don't use RCU accessors for cred->session_keyring Yama: mark local symbols as static LSM: lsm_hooks.h: fix documentation format LSM: fix documentation for the shm_* hooks LSM: fix documentation for the sem_* hooks LSM: fix documentation for the msg_queue_* hooks LSM: fix documentation for the audit_* hooks LSM: fix documentation for the path_chmod hook LSM: fix documentation for the socket_getpeersec_dgram hook LSM: fix documentation for the task_setscheduler hook LSM: fix documentation for the socket_post_create hook LSM: fix documentation for the syslog hook LSM: fix documentation for sb_copy_data hook
author: Linus Torvalds <torvalds@linux-foundation.org> 2019-05-07 11:39:54 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2019-05-07 11:39:54 -0400
commit: 78ee8b1b9b2fa1b51c51c42f3cffa0e12ad5f0ab (patch)
tree: db5df5115818521f4d70a3c3fdb994173ff81855 /include/linux/sched
parent: 9bff9dfc513bd5de72cb59f4bffb72cf0a5aa526 (diff)
parent: 6beff00b79ca0b5caf0ce6fb8e11f57311bd95f8 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/include/linux/sched/user.h b/include/linux/sched/user.h
index c7b5f86b91a1..468d2565a9fe 100644
--- a/include/linux/sched/user.h
+++ b/include/linux/sched/user.h
@@ -31,6 +31,13 @@ struct user_struct {
        atomic_long_t pipe_bufs;  /* how many pages are allocated in pipe buffers */
 #ifdef CONFIG_KEYS
+        /*
+         * These pointers can only change from NULL to a non-NULL value once.
+         * Writes are protected by key_user_keyring_mutex.
+         * Unlocked readers should use READ_ONCE() unless they know that
+         * install_user_keyrings() has been called successfully (which sets
+         * these members to non-NULL values, preventing further modifications).
+         */
        struct key *uid_keyring;        /* UID specific keyring */
        struct key *session_keyring;    /* UID's default session keyring */
 #endif
author	Linus Torvalds <torvalds@linux-foundation.org>	2019-05-07 11:39:54 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2019-05-07 11:39:54 -0400
commit	78ee8b1b9b2fa1b51c51c42f3cffa0e12ad5f0ab (patch)
tree	db5df5115818521f4d70a3c3fdb994173ff81855 /include/linux/sched
parent	9bff9dfc513bd5de72cb59f4bffb72cf0a5aa526 (diff)
parent	6beff00b79ca0b5caf0ce6fb8e11f57311bd95f8 (diff)

diff --git a/include/linux/sched/user.h b/include/linux/sched/user.h index c7b5f86b91a1..468d2565a9fe 100644 --- a/include/linux/sched/user.h +++ b/include/linux/sched/user.h
@@ -31,6 +31,13 @@ struct user_struct {
31	atomic_long_t pipe_bufs; /* how many pages are allocated in pipe buffers */	31	atomic_long_t pipe_bufs; /* how many pages are allocated in pipe buffers */
32		32
33	#ifdef CONFIG_KEYS	33	#ifdef CONFIG_KEYS
		34	/*
		35	* These pointers can only change from NULL to a non-NULL value once.
		36	* Writes are protected by key_user_keyring_mutex.
		37	* Unlocked readers should use READ_ONCE() unless they know that
		38	* install_user_keyrings() has been called successfully (which sets
		39	* these members to non-NULL values, preventing further modifications).
		40	*/
34	struct key uid_keyring; / UID specific keyring */	41	struct key uid_keyring; / UID specific keyring */
35	struct key session_keyring; / UID's default session keyring */	42	struct key session_keyring; / UID's default session keyring */
36	#endif	43	#endif