diff options
author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:16 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:16 -0500 |
commit | b6dff3ec5e116e3af6f537d4caedcad6b9e5082a (patch) | |
tree | 9e76f972eb7ce9b84e0146c8e4126a3f86acb428 /include/linux/cred.h | |
parent | 15a2460ed0af7538ca8e6c610fe607a2cd9da142 (diff) |
CRED: Separate task security context from task_struct
Separate the task security context from task_struct. At this point, the
security data is temporarily embedded in the task_struct with two pointers
pointing to it.
Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in
entry.S via asm-offsets.
With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux/cred.h')
-rw-r--r-- | include/linux/cred.h | 155 |
1 files changed, 133 insertions, 22 deletions
diff --git a/include/linux/cred.h b/include/linux/cred.h index b69222cc1fd..3e65587a72e 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h | |||
@@ -12,39 +12,150 @@ | |||
12 | #ifndef _LINUX_CRED_H | 12 | #ifndef _LINUX_CRED_H |
13 | #define _LINUX_CRED_H | 13 | #define _LINUX_CRED_H |
14 | 14 | ||
15 | #define get_current_user() (get_uid(current->user)) | 15 | #include <linux/capability.h> |
16 | 16 | #include <linux/key.h> | |
17 | #define task_uid(task) ((task)->uid) | 17 | #include <asm/atomic.h> |
18 | #define task_gid(task) ((task)->gid) | 18 | |
19 | #define task_euid(task) ((task)->euid) | 19 | struct user_struct; |
20 | #define task_egid(task) ((task)->egid) | 20 | struct cred; |
21 | 21 | ||
22 | #define current_uid() (current->uid) | 22 | /* |
23 | #define current_gid() (current->gid) | 23 | * COW Supplementary groups list |
24 | #define current_euid() (current->euid) | 24 | */ |
25 | #define current_egid() (current->egid) | 25 | #define NGROUPS_SMALL 32 |
26 | #define current_suid() (current->suid) | 26 | #define NGROUPS_PER_BLOCK ((unsigned int)(PAGE_SIZE / sizeof(gid_t))) |
27 | #define current_sgid() (current->sgid) | 27 | |
28 | #define current_fsuid() (current->fsuid) | 28 | struct group_info { |
29 | #define current_fsgid() (current->fsgid) | 29 | atomic_t usage; |
30 | #define current_cap() (current->cap_effective) | 30 | int ngroups; |
31 | int nblocks; | ||
32 | gid_t small_block[NGROUPS_SMALL]; | ||
33 | gid_t *blocks[0]; | ||
34 | }; | ||
35 | |||
36 | /** | ||
37 | * get_group_info - Get a reference to a group info structure | ||
38 | * @group_info: The group info to reference | ||
39 | * | ||
40 | * This must be called with the owning task locked (via task_lock()) when task | ||
41 | * != current. The reason being that the vast majority of callers are looking | ||
42 | * at current->group_info, which can not be changed except by the current task. | ||
43 | * Changing current->group_info requires the task lock, too. | ||
44 | */ | ||
45 | #define get_group_info(group_info) \ | ||
46 | do { \ | ||
47 | atomic_inc(&(group_info)->usage); \ | ||
48 | } while (0) | ||
49 | |||
50 | /** | ||
51 | * put_group_info - Release a reference to a group info structure | ||
52 | * @group_info: The group info to release | ||
53 | */ | ||
54 | #define put_group_info(group_info) \ | ||
55 | do { \ | ||
56 | if (atomic_dec_and_test(&(group_info)->usage)) \ | ||
57 | groups_free(group_info); \ | ||
58 | } while (0) | ||
59 | |||
60 | extern struct group_info *groups_alloc(int); | ||
61 | extern void groups_free(struct group_info *); | ||
62 | extern int set_current_groups(struct group_info *); | ||
63 | extern int set_groups(struct cred *, struct group_info *); | ||
64 | extern int groups_search(struct group_info *, gid_t); | ||
65 | |||
66 | /* access the groups "array" with this macro */ | ||
67 | #define GROUP_AT(gi, i) \ | ||
68 | ((gi)->blocks[(i) / NGROUPS_PER_BLOCK][(i) % NGROUPS_PER_BLOCK]) | ||
69 | |||
70 | extern int in_group_p(gid_t); | ||
71 | extern int in_egroup_p(gid_t); | ||
72 | |||
73 | /* | ||
74 | * The security context of a task | ||
75 | * | ||
76 | * The parts of the context break down into two categories: | ||
77 | * | ||
78 | * (1) The objective context of a task. These parts are used when some other | ||
79 | * task is attempting to affect this one. | ||
80 | * | ||
81 | * (2) The subjective context. These details are used when the task is acting | ||
82 | * upon another object, be that a file, a task, a key or whatever. | ||
83 | * | ||
84 | * Note that some members of this structure belong to both categories - the | ||
85 | * LSM security pointer for instance. | ||
86 | * | ||
87 | * A task has two security pointers. task->real_cred points to the objective | ||
88 | * context that defines that task's actual details. The objective part of this | ||
89 | * context is used whenever that task is acted upon. | ||
90 | * | ||
91 | * task->cred points to the subjective context that defines the details of how | ||
92 | * that task is going to act upon another object. This may be overridden | ||
93 | * temporarily to point to another security context, but normally points to the | ||
94 | * same context as task->real_cred. | ||
95 | */ | ||
96 | struct cred { | ||
97 | atomic_t usage; | ||
98 | uid_t uid; /* real UID of the task */ | ||
99 | gid_t gid; /* real GID of the task */ | ||
100 | uid_t suid; /* saved UID of the task */ | ||
101 | gid_t sgid; /* saved GID of the task */ | ||
102 | uid_t euid; /* effective UID of the task */ | ||
103 | gid_t egid; /* effective GID of the task */ | ||
104 | uid_t fsuid; /* UID for VFS ops */ | ||
105 | gid_t fsgid; /* GID for VFS ops */ | ||
106 | unsigned securebits; /* SUID-less security management */ | ||
107 | kernel_cap_t cap_inheritable; /* caps our children can inherit */ | ||
108 | kernel_cap_t cap_permitted; /* caps we're permitted */ | ||
109 | kernel_cap_t cap_effective; /* caps we can actually use */ | ||
110 | kernel_cap_t cap_bset; /* capability bounding set */ | ||
111 | #ifdef CONFIG_KEYS | ||
112 | unsigned char jit_keyring; /* default keyring to attach requested | ||
113 | * keys to */ | ||
114 | struct key *thread_keyring; /* keyring private to this thread */ | ||
115 | struct key *request_key_auth; /* assumed request_key authority */ | ||
116 | #endif | ||
117 | #ifdef CONFIG_SECURITY | ||
118 | void *security; /* subjective LSM security */ | ||
119 | #endif | ||
120 | struct user_struct *user; /* real user ID subscription */ | ||
121 | struct group_info *group_info; /* supplementary groups for euid/fsgid */ | ||
122 | struct rcu_head rcu; /* RCU deletion hook */ | ||
123 | spinlock_t lock; /* lock for pointer changes */ | ||
124 | }; | ||
125 | |||
126 | #define get_current_user() (get_uid(current->cred->user)) | ||
127 | |||
128 | #define task_uid(task) ((task)->cred->uid) | ||
129 | #define task_gid(task) ((task)->cred->gid) | ||
130 | #define task_euid(task) ((task)->cred->euid) | ||
131 | #define task_egid(task) ((task)->cred->egid) | ||
132 | |||
133 | #define current_uid() (current->cred->uid) | ||
134 | #define current_gid() (current->cred->gid) | ||
135 | #define current_euid() (current->cred->euid) | ||
136 | #define current_egid() (current->cred->egid) | ||
137 | #define current_suid() (current->cred->suid) | ||
138 | #define current_sgid() (current->cred->sgid) | ||
139 | #define current_fsuid() (current->cred->fsuid) | ||
140 | #define current_fsgid() (current->cred->fsgid) | ||
141 | #define current_cap() (current->cred->cap_effective) | ||
31 | 142 | ||
32 | #define current_uid_gid(_uid, _gid) \ | 143 | #define current_uid_gid(_uid, _gid) \ |
33 | do { \ | 144 | do { \ |
34 | *(_uid) = current->uid; \ | 145 | *(_uid) = current->cred->uid; \ |
35 | *(_gid) = current->gid; \ | 146 | *(_gid) = current->cred->gid; \ |
36 | } while(0) | 147 | } while(0) |
37 | 148 | ||
38 | #define current_euid_egid(_uid, _gid) \ | 149 | #define current_euid_egid(_uid, _gid) \ |
39 | do { \ | 150 | do { \ |
40 | *(_uid) = current->euid; \ | 151 | *(_uid) = current->cred->euid; \ |
41 | *(_gid) = current->egid; \ | 152 | *(_gid) = current->cred->egid; \ |
42 | } while(0) | 153 | } while(0) |
43 | 154 | ||
44 | #define current_fsuid_fsgid(_uid, _gid) \ | 155 | #define current_fsuid_fsgid(_uid, _gid) \ |
45 | do { \ | 156 | do { \ |
46 | *(_uid) = current->fsuid; \ | 157 | *(_uid) = current->cred->fsuid; \ |
47 | *(_gid) = current->fsgid; \ | 158 | *(_gid) = current->cred->fsgid; \ |
48 | } while(0) | 159 | } while(0) |
49 | 160 | ||
50 | #endif /* _LINUX_CRED_H */ | 161 | #endif /* _LINUX_CRED_H */ |