aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/audit.h22
-rw-r--r--include/linux/capability.h2
-rw-r--r--include/linux/cred.h44
-rw-r--r--include/linux/init_task.h2
-rw-r--r--include/linux/key.h22
-rw-r--r--include/linux/sched.h6
-rw-r--r--include/linux/security.h178
7 files changed, 139 insertions, 137 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 6fbebac7b1b..0b2fcb698a6 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -454,8 +454,10 @@ extern int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_pr
454extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout); 454extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout);
455extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification); 455extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification);
456extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat); 456extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
457extern void __audit_log_bprm_fcaps(struct linux_binprm *bprm, kernel_cap_t *pP, kernel_cap_t *pE); 457extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
458extern int __audit_log_capset(pid_t pid, kernel_cap_t *eff, kernel_cap_t *inh, kernel_cap_t *perm); 458 const struct cred *new,
459 const struct cred *old);
460extern int __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
459 461
460static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp) 462static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp)
461{ 463{
@@ -522,16 +524,20 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
522 * 524 *
523 * -Eric 525 * -Eric
524 */ 526 */
525static inline void audit_log_bprm_fcaps(struct linux_binprm *bprm, kernel_cap_t *pP, kernel_cap_t *pE) 527static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
528 const struct cred *new,
529 const struct cred *old)
526{ 530{
527 if (unlikely(!audit_dummy_context())) 531 if (unlikely(!audit_dummy_context()))
528 __audit_log_bprm_fcaps(bprm, pP, pE); 532 return __audit_log_bprm_fcaps(bprm, new, old);
533 return 0;
529} 534}
530 535
531static inline int audit_log_capset(pid_t pid, kernel_cap_t *eff, kernel_cap_t *inh, kernel_cap_t *perm) 536static inline int audit_log_capset(pid_t pid, const struct cred *new,
537 const struct cred *old)
532{ 538{
533 if (unlikely(!audit_dummy_context())) 539 if (unlikely(!audit_dummy_context()))
534 return __audit_log_capset(pid, eff, inh, perm); 540 return __audit_log_capset(pid, new, old);
535 return 0; 541 return 0;
536} 542}
537 543
@@ -566,8 +572,8 @@ extern int audit_signals;
566#define audit_mq_timedreceive(d,l,p,t) ({ 0; }) 572#define audit_mq_timedreceive(d,l,p,t) ({ 0; })
567#define audit_mq_notify(d,n) ({ 0; }) 573#define audit_mq_notify(d,n) ({ 0; })
568#define audit_mq_getsetattr(d,s) ({ 0; }) 574#define audit_mq_getsetattr(d,s) ({ 0; })
569#define audit_log_bprm_fcaps(b, p, e) do { ; } while (0) 575#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })
570#define audit_log_capset(pid, e, i, p) ({ 0; }) 576#define audit_log_capset(pid, ncr, ocr) ({ 0; })
571#define audit_ptrace(t) ((void)0) 577#define audit_ptrace(t) ((void)0)
572#define audit_n_rules 0 578#define audit_n_rules 0
573#define audit_signals 0 579#define audit_signals 0
diff --git a/include/linux/capability.h b/include/linux/capability.h
index 7f26580a5a4..e22f48c2a46 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -519,8 +519,6 @@ extern const kernel_cap_t __cap_empty_set;
519extern const kernel_cap_t __cap_full_set; 519extern const kernel_cap_t __cap_full_set;
520extern const kernel_cap_t __cap_init_eff_set; 520extern const kernel_cap_t __cap_init_eff_set;
521 521
522kernel_cap_t cap_set_effective(const kernel_cap_t pE_new);
523
524/** 522/**
525 * has_capability - Determine if a task has a superior capability available 523 * has_capability - Determine if a task has a superior capability available
526 * @t: The task in question 524 * @t: The task in question
diff --git a/include/linux/cred.h b/include/linux/cred.h
index 62b9e532422..eaf6fa695a0 100644
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -84,6 +84,8 @@ struct thread_group_cred {
84 struct key *process_keyring; /* keyring private to this process */ 84 struct key *process_keyring; /* keyring private to this process */
85 struct rcu_head rcu; /* RCU deletion hook */ 85 struct rcu_head rcu; /* RCU deletion hook */
86}; 86};
87
88extern void release_tgcred(struct cred *cred);
87#endif 89#endif
88 90
89/* 91/*
@@ -137,11 +139,30 @@ struct cred {
137 struct user_struct *user; /* real user ID subscription */ 139 struct user_struct *user; /* real user ID subscription */
138 struct group_info *group_info; /* supplementary groups for euid/fsgid */ 140 struct group_info *group_info; /* supplementary groups for euid/fsgid */
139 struct rcu_head rcu; /* RCU deletion hook */ 141 struct rcu_head rcu; /* RCU deletion hook */
140 spinlock_t lock; /* lock for pointer changes */
141}; 142};
142 143
143extern void __put_cred(struct cred *); 144extern void __put_cred(struct cred *);
144extern int copy_creds(struct task_struct *, unsigned long); 145extern int copy_creds(struct task_struct *, unsigned long);
146extern struct cred *prepare_creds(void);
147extern struct cred *prepare_usermodehelper_creds(void);
148extern int commit_creds(struct cred *);
149extern void abort_creds(struct cred *);
150extern const struct cred *override_creds(const struct cred *) __deprecated;
151extern void revert_creds(const struct cred *) __deprecated;
152extern void __init cred_init(void);
153
154/**
155 * get_new_cred - Get a reference on a new set of credentials
156 * @cred: The new credentials to reference
157 *
158 * Get a reference on the specified set of new credentials. The caller must
159 * release the reference.
160 */
161static inline struct cred *get_new_cred(struct cred *cred)
162{
163 atomic_inc(&cred->usage);
164 return cred;
165}
145 166
146/** 167/**
147 * get_cred - Get a reference on a set of credentials 168 * get_cred - Get a reference on a set of credentials
@@ -150,10 +171,9 @@ extern int copy_creds(struct task_struct *, unsigned long);
150 * Get a reference on the specified set of credentials. The caller must 171 * Get a reference on the specified set of credentials. The caller must
151 * release the reference. 172 * release the reference.
152 */ 173 */
153static inline struct cred *get_cred(struct cred *cred) 174static inline const struct cred *get_cred(const struct cred *cred)
154{ 175{
155 atomic_inc(&cred->usage); 176 return get_new_cred((struct cred *) cred);
156 return cred;
157} 177}
158 178
159/** 179/**
@@ -166,6 +186,8 @@ static inline struct cred *get_cred(struct cred *cred)
166static inline void put_cred(const struct cred *_cred) 186static inline void put_cred(const struct cred *_cred)
167{ 187{
168 struct cred *cred = (struct cred *) _cred; 188 struct cred *cred = (struct cred *) _cred;
189
190 BUG_ON(atomic_read(&(cred)->usage) <= 0);
169 if (atomic_dec_and_test(&(cred)->usage)) 191 if (atomic_dec_and_test(&(cred)->usage))
170 __put_cred(cred); 192 __put_cred(cred);
171} 193}
@@ -250,13 +272,13 @@ static inline void put_cred(const struct cred *_cred)
250 __groups; \ 272 __groups; \
251}) 273})
252 274
253#define task_cred_xxx(task, xxx) \ 275#define task_cred_xxx(task, xxx) \
254({ \ 276({ \
255 __typeof__(task->cred->xxx) ___val; \ 277 __typeof__(((struct cred *)NULL)->xxx) ___val; \
256 rcu_read_lock(); \ 278 rcu_read_lock(); \
257 ___val = __task_cred((task))->xxx; \ 279 ___val = __task_cred((task))->xxx; \
258 rcu_read_unlock(); \ 280 rcu_read_unlock(); \
259 ___val; \ 281 ___val; \
260}) 282})
261 283
262#define task_uid(task) (task_cred_xxx((task), uid)) 284#define task_uid(task) (task_cred_xxx((task), uid))
diff --git a/include/linux/init_task.h b/include/linux/init_task.h
index 5e24c54b6df..08c3b24ad9a 100644
--- a/include/linux/init_task.h
+++ b/include/linux/init_task.h
@@ -150,6 +150,8 @@ extern struct cred init_cred;
150 .sibling = LIST_HEAD_INIT(tsk.sibling), \ 150 .sibling = LIST_HEAD_INIT(tsk.sibling), \
151 .group_leader = &tsk, \ 151 .group_leader = &tsk, \
152 .cred = &init_cred, \ 152 .cred = &init_cred, \
153 .cred_exec_mutex = \
154 __MUTEX_INITIALIZER(tsk.cred_exec_mutex), \
153 .comm = "swapper", \ 155 .comm = "swapper", \
154 .thread = INIT_THREAD, \ 156 .thread = INIT_THREAD, \
155 .fs = &init_fs, \ 157 .fs = &init_fs, \
diff --git a/include/linux/key.h b/include/linux/key.h
index 0836cc838b0..69ecf0934b0 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -73,6 +73,7 @@ struct key;
73struct seq_file; 73struct seq_file;
74struct user_struct; 74struct user_struct;
75struct signal_struct; 75struct signal_struct;
76struct cred;
76 77
77struct key_type; 78struct key_type;
78struct key_owner; 79struct key_owner;
@@ -181,7 +182,7 @@ struct key {
181extern struct key *key_alloc(struct key_type *type, 182extern struct key *key_alloc(struct key_type *type,
182 const char *desc, 183 const char *desc,
183 uid_t uid, gid_t gid, 184 uid_t uid, gid_t gid,
184 struct task_struct *ctx, 185 const struct cred *cred,
185 key_perm_t perm, 186 key_perm_t perm,
186 unsigned long flags); 187 unsigned long flags);
187 188
@@ -249,7 +250,7 @@ extern int key_unlink(struct key *keyring,
249 struct key *key); 250 struct key *key);
250 251
251extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, 252extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
252 struct task_struct *ctx, 253 const struct cred *cred,
253 unsigned long flags, 254 unsigned long flags,
254 struct key *dest); 255 struct key *dest);
255 256
@@ -276,22 +277,12 @@ extern ctl_table key_sysctls[];
276/* 277/*
277 * the userspace interface 278 * the userspace interface
278 */ 279 */
279extern void switch_uid_keyring(struct user_struct *new_user); 280extern int install_thread_keyring_to_cred(struct cred *cred);
280extern int copy_keys(unsigned long clone_flags, struct task_struct *tsk);
281extern void exit_keys(struct task_struct *tsk);
282extern int suid_keys(struct task_struct *tsk);
283extern int exec_keys(struct task_struct *tsk); 281extern int exec_keys(struct task_struct *tsk);
284extern void key_fsuid_changed(struct task_struct *tsk); 282extern void key_fsuid_changed(struct task_struct *tsk);
285extern void key_fsgid_changed(struct task_struct *tsk); 283extern void key_fsgid_changed(struct task_struct *tsk);
286extern void key_init(void); 284extern void key_init(void);
287 285
288#define __install_session_keyring(keyring) \
289({ \
290 struct key *old_session = current->cred->tgcred->session_keyring; \
291 current->cred->tgcred->session_keyring = keyring; \
292 old_session; \
293})
294
295#else /* CONFIG_KEYS */ 286#else /* CONFIG_KEYS */
296 287
297#define key_validate(k) 0 288#define key_validate(k) 0
@@ -303,11 +294,6 @@ extern void key_init(void);
303#define make_key_ref(k, p) NULL 294#define make_key_ref(k, p) NULL
304#define key_ref_to_ptr(k) NULL 295#define key_ref_to_ptr(k) NULL
305#define is_key_possessed(k) 0 296#define is_key_possessed(k) 0
306#define switch_uid_keyring(u) do { } while(0)
307#define __install_session_keyring(k) ({ NULL; })
308#define copy_keys(f,t) 0
309#define exit_keys(t) do { } while(0)
310#define suid_keys(t) do { } while(0)
311#define exec_keys(t) do { } while(0) 297#define exec_keys(t) do { } while(0)
312#define key_fsuid_changed(t) do { } while(0) 298#define key_fsuid_changed(t) do { } while(0)
313#define key_fsgid_changed(t) do { } while(0) 299#define key_fsgid_changed(t) do { } while(0)
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 2913252989b..121d655e460 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1145,7 +1145,8 @@ struct task_struct {
1145 struct list_head cpu_timers[3]; 1145 struct list_head cpu_timers[3];
1146 1146
1147/* process credentials */ 1147/* process credentials */
1148 struct cred *cred; /* actual/objective task credentials */ 1148 const struct cred *cred; /* actual/objective task credentials (COW) */
1149 struct mutex cred_exec_mutex; /* execve vs ptrace cred calculation mutex */
1149 1150
1150 char comm[TASK_COMM_LEN]; /* executable name excluding path 1151 char comm[TASK_COMM_LEN]; /* executable name excluding path
1151 - access with [gs]et_task_comm (which lock 1152 - access with [gs]et_task_comm (which lock
@@ -1720,7 +1721,6 @@ static inline struct user_struct *get_uid(struct user_struct *u)
1720 return u; 1721 return u;
1721} 1722}
1722extern void free_uid(struct user_struct *); 1723extern void free_uid(struct user_struct *);
1723extern void switch_uid(struct user_struct *);
1724extern void release_uids(struct user_namespace *ns); 1724extern void release_uids(struct user_namespace *ns);
1725 1725
1726#include <asm/current.h> 1726#include <asm/current.h>
@@ -1870,6 +1870,8 @@ static inline unsigned long wait_task_inactive(struct task_struct *p,
1870#define for_each_process(p) \ 1870#define for_each_process(p) \
1871 for (p = &init_task ; (p = next_task(p)) != &init_task ; ) 1871 for (p = &init_task ; (p = next_task(p)) != &init_task ; )
1872 1872
1873extern bool is_single_threaded(struct task_struct *);
1874
1873/* 1875/*
1874 * Careful: do_each_thread/while_each_thread is a double loop so 1876 * Careful: do_each_thread/while_each_thread is a double loop so
1875 * 'break' will not work as expected - use goto instead. 1877 * 'break' will not work as expected - use goto instead.
diff --git a/include/linux/security.h b/include/linux/security.h
index 7e9fe046a0d..68be1125144 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -53,24 +53,21 @@ extern int cap_settime(struct timespec *ts, struct timezone *tz);
53extern int cap_ptrace_may_access(struct task_struct *child, unsigned int mode); 53extern int cap_ptrace_may_access(struct task_struct *child, unsigned int mode);
54extern int cap_ptrace_traceme(struct task_struct *parent); 54extern int cap_ptrace_traceme(struct task_struct *parent);
55extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); 55extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
56extern int cap_capset_check(const kernel_cap_t *effective, 56extern int cap_capset(struct cred *new, const struct cred *old,
57 const kernel_cap_t *inheritable, 57 const kernel_cap_t *effective,
58 const kernel_cap_t *permitted); 58 const kernel_cap_t *inheritable,
59extern void cap_capset_set(const kernel_cap_t *effective, 59 const kernel_cap_t *permitted);
60 const kernel_cap_t *inheritable,
61 const kernel_cap_t *permitted);
62extern int cap_bprm_set_security(struct linux_binprm *bprm); 60extern int cap_bprm_set_security(struct linux_binprm *bprm);
63extern void cap_bprm_apply_creds(struct linux_binprm *bprm, int unsafe); 61extern int cap_bprm_apply_creds(struct linux_binprm *bprm, int unsafe);
64extern int cap_bprm_secureexec(struct linux_binprm *bprm); 62extern int cap_bprm_secureexec(struct linux_binprm *bprm);
65extern int cap_inode_setxattr(struct dentry *dentry, const char *name, 63extern int cap_inode_setxattr(struct dentry *dentry, const char *name,
66 const void *value, size_t size, int flags); 64 const void *value, size_t size, int flags);
67extern int cap_inode_removexattr(struct dentry *dentry, const char *name); 65extern int cap_inode_removexattr(struct dentry *dentry, const char *name);
68extern int cap_inode_need_killpriv(struct dentry *dentry); 66extern int cap_inode_need_killpriv(struct dentry *dentry);
69extern int cap_inode_killpriv(struct dentry *dentry); 67extern int cap_inode_killpriv(struct dentry *dentry);
70extern int cap_task_post_setuid(uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags); 68extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags);
71extern void cap_task_reparent_to_init(struct task_struct *p);
72extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, 69extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
73 unsigned long arg4, unsigned long arg5, long *rc_p); 70 unsigned long arg4, unsigned long arg5);
74extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp); 71extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp);
75extern int cap_task_setioprio(struct task_struct *p, int ioprio); 72extern int cap_task_setioprio(struct task_struct *p, int ioprio);
76extern int cap_task_setnice(struct task_struct *p, int nice); 73extern int cap_task_setnice(struct task_struct *p, int nice);
@@ -170,8 +167,8 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
170 * Compute and set the security attributes of a process being transformed 167 * Compute and set the security attributes of a process being transformed
171 * by an execve operation based on the old attributes (current->security) 168 * by an execve operation based on the old attributes (current->security)
172 * and the information saved in @bprm->security by the set_security hook. 169 * and the information saved in @bprm->security by the set_security hook.
173 * Since this hook function (and its caller) are void, this hook can not 170 * Since this function may return an error, in which case the process will
174 * return an error. However, it can leave the security attributes of the 171 * be killed. However, it can leave the security attributes of the
175 * process unchanged if an access failure occurs at this point. 172 * process unchanged if an access failure occurs at this point.
176 * bprm_apply_creds is called under task_lock. @unsafe indicates various 173 * bprm_apply_creds is called under task_lock. @unsafe indicates various
177 * reasons why it may be unsafe to change security state. 174 * reasons why it may be unsafe to change security state.
@@ -593,15 +590,18 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
593 * manual page for definitions of the @clone_flags. 590 * manual page for definitions of the @clone_flags.
594 * @clone_flags contains the flags indicating what should be shared. 591 * @clone_flags contains the flags indicating what should be shared.
595 * Return 0 if permission is granted. 592 * Return 0 if permission is granted.
596 * @cred_alloc_security:
597 * @cred contains the cred struct for child process.
598 * Allocate and attach a security structure to the cred->security field.
599 * The security field is initialized to NULL when the task structure is
600 * allocated.
601 * Return 0 if operation was successful.
602 * @cred_free: 593 * @cred_free:
603 * @cred points to the credentials. 594 * @cred points to the credentials.
604 * Deallocate and clear the cred->security field in a set of credentials. 595 * Deallocate and clear the cred->security field in a set of credentials.
596 * @cred_prepare:
597 * @new points to the new credentials.
598 * @old points to the original credentials.
599 * @gfp indicates the atomicity of any memory allocations.
600 * Prepare a new set of credentials by copying the data from the old set.
601 * @cred_commit:
602 * @new points to the new credentials.
603 * @old points to the original credentials.
604 * Install a new set of credentials.
605 * @task_setuid: 605 * @task_setuid:
606 * Check permission before setting one or more of the user identity 606 * Check permission before setting one or more of the user identity
607 * attributes of the current process. The @flags parameter indicates 607 * attributes of the current process. The @flags parameter indicates
@@ -614,15 +614,13 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
614 * @id2 contains a uid. 614 * @id2 contains a uid.
615 * @flags contains one of the LSM_SETID_* values. 615 * @flags contains one of the LSM_SETID_* values.
616 * Return 0 if permission is granted. 616 * Return 0 if permission is granted.
617 * @task_post_setuid: 617 * @task_fix_setuid:
618 * Update the module's state after setting one or more of the user 618 * Update the module's state after setting one or more of the user
619 * identity attributes of the current process. The @flags parameter 619 * identity attributes of the current process. The @flags parameter
620 * indicates which of the set*uid system calls invoked this hook. If 620 * indicates which of the set*uid system calls invoked this hook. If
621 * @flags is LSM_SETID_FS, then @old_ruid is the old fs uid and the other 621 * @new is the set of credentials that will be installed. Modifications
622 * parameters are not used. 622 * should be made to this rather than to @current->cred.
623 * @old_ruid contains the old real uid (or fs uid if LSM_SETID_FS). 623 * @old is the set of credentials that are being replaces
624 * @old_euid contains the old effective uid (or -1 if LSM_SETID_FS).
625 * @old_suid contains the old saved uid (or -1 if LSM_SETID_FS).
626 * @flags contains one of the LSM_SETID_* values. 624 * @flags contains one of the LSM_SETID_* values.
627 * Return 0 on success. 625 * Return 0 on success.
628 * @task_setgid: 626 * @task_setgid:
@@ -725,13 +723,8 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
725 * @arg3 contains a argument. 723 * @arg3 contains a argument.
726 * @arg4 contains a argument. 724 * @arg4 contains a argument.
727 * @arg5 contains a argument. 725 * @arg5 contains a argument.
728 * @rc_p contains a pointer to communicate back the forced return code 726 * Return -ENOSYS if no-one wanted to handle this op, any other value to
729 * Return 0 if permission is granted, and non-zero if the security module 727 * cause prctl() to return immediately with that value.
730 * has taken responsibility (setting *rc_p) for the prctl call.
731 * @task_reparent_to_init:
732 * Set the security attributes in @p->security for a kernel thread that
733 * is being reparented to the init task.
734 * @p contains the task_struct for the kernel thread.
735 * @task_to_inode: 728 * @task_to_inode:
736 * Set the security attributes for an inode based on an associated task's 729 * Set the security attributes for an inode based on an associated task's
737 * security attributes, e.g. for /proc/pid inodes. 730 * security attributes, e.g. for /proc/pid inodes.
@@ -1008,7 +1001,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1008 * See whether a specific operational right is granted to a process on a 1001 * See whether a specific operational right is granted to a process on a
1009 * key. 1002 * key.
1010 * @key_ref refers to the key (key pointer + possession attribute bit). 1003 * @key_ref refers to the key (key pointer + possession attribute bit).
1011 * @context points to the process to provide the context against which to 1004 * @cred points to the credentials to provide the context against which to
1012 * evaluate the security data on the key. 1005 * evaluate the security data on the key.
1013 * @perm describes the combination of permissions required of this key. 1006 * @perm describes the combination of permissions required of this key.
1014 * Return 1 if permission granted, 0 if permission denied and -ve it the 1007 * Return 1 if permission granted, 0 if permission denied and -ve it the
@@ -1170,6 +1163,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1170 * @child process. 1163 * @child process.
1171 * Security modules may also want to perform a process tracing check 1164 * Security modules may also want to perform a process tracing check
1172 * during an execve in the set_security or apply_creds hooks of 1165 * during an execve in the set_security or apply_creds hooks of
1166 * tracing check during an execve in the bprm_set_creds hook of
1173 * binprm_security_ops if the process is being traced and its security 1167 * binprm_security_ops if the process is being traced and its security
1174 * attributes would be changed by the execve. 1168 * attributes would be changed by the execve.
1175 * @child contains the task_struct structure for the target process. 1169 * @child contains the task_struct structure for the target process.
@@ -1193,19 +1187,15 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1193 * @inheritable contains the inheritable capability set. 1187 * @inheritable contains the inheritable capability set.
1194 * @permitted contains the permitted capability set. 1188 * @permitted contains the permitted capability set.
1195 * Return 0 if the capability sets were successfully obtained. 1189 * Return 0 if the capability sets were successfully obtained.
1196 * @capset_check: 1190 * @capset:
1197 * Check permission before setting the @effective, @inheritable, and
1198 * @permitted capability sets for the current process.
1199 * @effective contains the effective capability set.
1200 * @inheritable contains the inheritable capability set.
1201 * @permitted contains the permitted capability set.
1202 * Return 0 if permission is granted.
1203 * @capset_set:
1204 * Set the @effective, @inheritable, and @permitted capability sets for 1191 * Set the @effective, @inheritable, and @permitted capability sets for
1205 * the current process. 1192 * the current process.
1193 * @new contains the new credentials structure for target process.
1194 * @old contains the current credentials structure for target process.
1206 * @effective contains the effective capability set. 1195 * @effective contains the effective capability set.
1207 * @inheritable contains the inheritable capability set. 1196 * @inheritable contains the inheritable capability set.
1208 * @permitted contains the permitted capability set. 1197 * @permitted contains the permitted capability set.
1198 * Return 0 and update @new if permission is granted.
1209 * @capable: 1199 * @capable:
1210 * Check whether the @tsk process has the @cap capability. 1200 * Check whether the @tsk process has the @cap capability.
1211 * @tsk contains the task_struct for the process. 1201 * @tsk contains the task_struct for the process.
@@ -1297,12 +1287,11 @@ struct security_operations {
1297 int (*capget) (struct task_struct *target, 1287 int (*capget) (struct task_struct *target,
1298 kernel_cap_t *effective, 1288 kernel_cap_t *effective,
1299 kernel_cap_t *inheritable, kernel_cap_t *permitted); 1289 kernel_cap_t *inheritable, kernel_cap_t *permitted);
1300 int (*capset_check) (const kernel_cap_t *effective, 1290 int (*capset) (struct cred *new,
1301 const kernel_cap_t *inheritable, 1291 const struct cred *old,
1302 const kernel_cap_t *permitted); 1292 const kernel_cap_t *effective,
1303 void (*capset_set) (const kernel_cap_t *effective, 1293 const kernel_cap_t *inheritable,
1304 const kernel_cap_t *inheritable, 1294 const kernel_cap_t *permitted);
1305 const kernel_cap_t *permitted);
1306 int (*capable) (struct task_struct *tsk, int cap, int audit); 1295 int (*capable) (struct task_struct *tsk, int cap, int audit);
1307 int (*acct) (struct file *file); 1296 int (*acct) (struct file *file);
1308 int (*sysctl) (struct ctl_table *table, int op); 1297 int (*sysctl) (struct ctl_table *table, int op);
@@ -1314,7 +1303,7 @@ struct security_operations {
1314 1303
1315 int (*bprm_alloc_security) (struct linux_binprm *bprm); 1304 int (*bprm_alloc_security) (struct linux_binprm *bprm);
1316 void (*bprm_free_security) (struct linux_binprm *bprm); 1305 void (*bprm_free_security) (struct linux_binprm *bprm);
1317 void (*bprm_apply_creds) (struct linux_binprm *bprm, int unsafe); 1306 int (*bprm_apply_creds) (struct linux_binprm *bprm, int unsafe);
1318 void (*bprm_post_apply_creds) (struct linux_binprm *bprm); 1307 void (*bprm_post_apply_creds) (struct linux_binprm *bprm);
1319 int (*bprm_set_security) (struct linux_binprm *bprm); 1308 int (*bprm_set_security) (struct linux_binprm *bprm);
1320 int (*bprm_check_security) (struct linux_binprm *bprm); 1309 int (*bprm_check_security) (struct linux_binprm *bprm);
@@ -1405,11 +1394,13 @@ struct security_operations {
1405 int (*dentry_open) (struct file *file, const struct cred *cred); 1394 int (*dentry_open) (struct file *file, const struct cred *cred);
1406 1395
1407 int (*task_create) (unsigned long clone_flags); 1396 int (*task_create) (unsigned long clone_flags);
1408 int (*cred_alloc_security) (struct cred *cred);
1409 void (*cred_free) (struct cred *cred); 1397 void (*cred_free) (struct cred *cred);
1398 int (*cred_prepare)(struct cred *new, const struct cred *old,
1399 gfp_t gfp);
1400 void (*cred_commit)(struct cred *new, const struct cred *old);
1410 int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags); 1401 int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags);
1411 int (*task_post_setuid) (uid_t old_ruid /* or fsuid */ , 1402 int (*task_fix_setuid) (struct cred *new, const struct cred *old,
1412 uid_t old_euid, uid_t old_suid, int flags); 1403 int flags);
1413 int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags); 1404 int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags);
1414 int (*task_setpgid) (struct task_struct *p, pid_t pgid); 1405 int (*task_setpgid) (struct task_struct *p, pid_t pgid);
1415 int (*task_getpgid) (struct task_struct *p); 1406 int (*task_getpgid) (struct task_struct *p);
@@ -1429,8 +1420,7 @@ struct security_operations {
1429 int (*task_wait) (struct task_struct *p); 1420 int (*task_wait) (struct task_struct *p);
1430 int (*task_prctl) (int option, unsigned long arg2, 1421 int (*task_prctl) (int option, unsigned long arg2,
1431 unsigned long arg3, unsigned long arg4, 1422 unsigned long arg3, unsigned long arg4,
1432 unsigned long arg5, long *rc_p); 1423 unsigned long arg5);
1433 void (*task_reparent_to_init) (struct task_struct *p);
1434 void (*task_to_inode) (struct task_struct *p, struct inode *inode); 1424 void (*task_to_inode) (struct task_struct *p, struct inode *inode);
1435 1425
1436 int (*ipc_permission) (struct kern_ipc_perm *ipcp, short flag); 1426 int (*ipc_permission) (struct kern_ipc_perm *ipcp, short flag);
@@ -1535,10 +1525,10 @@ struct security_operations {
1535 1525
1536 /* key management security hooks */ 1526 /* key management security hooks */
1537#ifdef CONFIG_KEYS 1527#ifdef CONFIG_KEYS
1538 int (*key_alloc) (struct key *key, struct task_struct *tsk, unsigned long flags); 1528 int (*key_alloc) (struct key *key, const struct cred *cred, unsigned long flags);
1539 void (*key_free) (struct key *key); 1529 void (*key_free) (struct key *key);
1540 int (*key_permission) (key_ref_t key_ref, 1530 int (*key_permission) (key_ref_t key_ref,
1541 struct task_struct *context, 1531 const struct cred *cred,
1542 key_perm_t perm); 1532 key_perm_t perm);
1543 int (*key_getsecurity)(struct key *key, char **_buffer); 1533 int (*key_getsecurity)(struct key *key, char **_buffer);
1544#endif /* CONFIG_KEYS */ 1534#endif /* CONFIG_KEYS */
@@ -1564,12 +1554,10 @@ int security_capget(struct task_struct *target,
1564 kernel_cap_t *effective, 1554 kernel_cap_t *effective,
1565 kernel_cap_t *inheritable, 1555 kernel_cap_t *inheritable,
1566 kernel_cap_t *permitted); 1556 kernel_cap_t *permitted);
1567int security_capset_check(const kernel_cap_t *effective, 1557int security_capset(struct cred *new, const struct cred *old,
1568 const kernel_cap_t *inheritable, 1558 const kernel_cap_t *effective,
1569 const kernel_cap_t *permitted); 1559 const kernel_cap_t *inheritable,
1570void security_capset_set(const kernel_cap_t *effective, 1560 const kernel_cap_t *permitted);
1571 const kernel_cap_t *inheritable,
1572 const kernel_cap_t *permitted);
1573int security_capable(struct task_struct *tsk, int cap); 1561int security_capable(struct task_struct *tsk, int cap);
1574int security_capable_noaudit(struct task_struct *tsk, int cap); 1562int security_capable_noaudit(struct task_struct *tsk, int cap);
1575int security_acct(struct file *file); 1563int security_acct(struct file *file);
@@ -1583,7 +1571,7 @@ int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
1583int security_vm_enough_memory_kern(long pages); 1571int security_vm_enough_memory_kern(long pages);
1584int security_bprm_alloc(struct linux_binprm *bprm); 1572int security_bprm_alloc(struct linux_binprm *bprm);
1585void security_bprm_free(struct linux_binprm *bprm); 1573void security_bprm_free(struct linux_binprm *bprm);
1586void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe); 1574int security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe);
1587void security_bprm_post_apply_creds(struct linux_binprm *bprm); 1575void security_bprm_post_apply_creds(struct linux_binprm *bprm);
1588int security_bprm_set(struct linux_binprm *bprm); 1576int security_bprm_set(struct linux_binprm *bprm);
1589int security_bprm_check(struct linux_binprm *bprm); 1577int security_bprm_check(struct linux_binprm *bprm);
@@ -1660,11 +1648,12 @@ int security_file_send_sigiotask(struct task_struct *tsk,
1660int security_file_receive(struct file *file); 1648int security_file_receive(struct file *file);
1661int security_dentry_open(struct file *file, const struct cred *cred); 1649int security_dentry_open(struct file *file, const struct cred *cred);
1662int security_task_create(unsigned long clone_flags); 1650int security_task_create(unsigned long clone_flags);
1663int security_cred_alloc(struct cred *cred);
1664void security_cred_free(struct cred *cred); 1651void security_cred_free(struct cred *cred);
1652int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp);
1653void security_commit_creds(struct cred *new, const struct cred *old);
1665int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags); 1654int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags);
1666int security_task_post_setuid(uid_t old_ruid, uid_t old_euid, 1655int security_task_fix_setuid(struct cred *new, const struct cred *old,
1667 uid_t old_suid, int flags); 1656 int flags);
1668int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags); 1657int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags);
1669int security_task_setpgid(struct task_struct *p, pid_t pgid); 1658int security_task_setpgid(struct task_struct *p, pid_t pgid);
1670int security_task_getpgid(struct task_struct *p); 1659int security_task_getpgid(struct task_struct *p);
@@ -1683,8 +1672,7 @@ int security_task_kill(struct task_struct *p, struct siginfo *info,
1683 int sig, u32 secid); 1672 int sig, u32 secid);
1684int security_task_wait(struct task_struct *p); 1673int security_task_wait(struct task_struct *p);
1685int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, 1674int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
1686 unsigned long arg4, unsigned long arg5, long *rc_p); 1675 unsigned long arg4, unsigned long arg5);
1687void security_task_reparent_to_init(struct task_struct *p);
1688void security_task_to_inode(struct task_struct *p, struct inode *inode); 1676void security_task_to_inode(struct task_struct *p, struct inode *inode);
1689int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); 1677int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag);
1690void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); 1678void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid);
@@ -1759,18 +1747,13 @@ static inline int security_capget(struct task_struct *target,
1759 return cap_capget(target, effective, inheritable, permitted); 1747 return cap_capget(target, effective, inheritable, permitted);
1760} 1748}
1761 1749
1762static inline int security_capset_check(const kernel_cap_t *effective, 1750static inline int security_capset(struct cred *new,
1763 const kernel_cap_t *inheritable, 1751 const struct cred *old,
1764 const kernel_cap_t *permitted) 1752 const kernel_cap_t *effective,
1753 const kernel_cap_t *inheritable,
1754 const kernel_cap_t *permitted)
1765{ 1755{
1766 return cap_capset_check(effective, inheritable, permitted); 1756 return cap_capset(new, old, effective, inheritable, permitted);
1767}
1768
1769static inline void security_capset_set(const kernel_cap_t *effective,
1770 const kernel_cap_t *inheritable,
1771 const kernel_cap_t *permitted)
1772{
1773 cap_capset_set(effective, inheritable, permitted);
1774} 1757}
1775 1758
1776static inline int security_capable(struct task_struct *tsk, int cap) 1759static inline int security_capable(struct task_struct *tsk, int cap)
@@ -1837,9 +1820,9 @@ static inline int security_bprm_alloc(struct linux_binprm *bprm)
1837static inline void security_bprm_free(struct linux_binprm *bprm) 1820static inline void security_bprm_free(struct linux_binprm *bprm)
1838{ } 1821{ }
1839 1822
1840static inline void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe) 1823static inline int security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
1841{ 1824{
1842 cap_bprm_apply_creds(bprm, unsafe); 1825 return cap_bprm_apply_creds(bprm, unsafe);
1843} 1826}
1844 1827
1845static inline void security_bprm_post_apply_creds(struct linux_binprm *bprm) 1828static inline void security_bprm_post_apply_creds(struct linux_binprm *bprm)
@@ -2182,13 +2165,20 @@ static inline int security_task_create(unsigned long clone_flags)
2182 return 0; 2165 return 0;
2183} 2166}
2184 2167
2185static inline int security_cred_alloc(struct cred *cred) 2168static inline void security_cred_free(struct cred *cred)
2169{ }
2170
2171static inline int security_prepare_creds(struct cred *new,
2172 const struct cred *old,
2173 gfp_t gfp)
2186{ 2174{
2187 return 0; 2175 return 0;
2188} 2176}
2189 2177
2190static inline void security_cred_free(struct cred *cred) 2178static inline void security_commit_creds(struct cred *new,
2191{ } 2179 const struct cred *old)
2180{
2181}
2192 2182
2193static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, 2183static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2,
2194 int flags) 2184 int flags)
@@ -2196,10 +2186,11 @@ static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2,
2196 return 0; 2186 return 0;
2197} 2187}
2198 2188
2199static inline int security_task_post_setuid(uid_t old_ruid, uid_t old_euid, 2189static inline int security_task_fix_setuid(struct cred *new,
2200 uid_t old_suid, int flags) 2190 const struct cred *old,
2191 int flags)
2201{ 2192{
2202 return cap_task_post_setuid(old_ruid, old_euid, old_suid, flags); 2193 return cap_task_fix_setuid(new, old, flags);
2203} 2194}
2204 2195
2205static inline int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, 2196static inline int security_task_setgid(gid_t id0, gid_t id1, gid_t id2,
@@ -2286,14 +2277,9 @@ static inline int security_task_wait(struct task_struct *p)
2286static inline int security_task_prctl(int option, unsigned long arg2, 2277static inline int security_task_prctl(int option, unsigned long arg2,
2287 unsigned long arg3, 2278 unsigned long arg3,
2288 unsigned long arg4, 2279 unsigned long arg4,
2289 unsigned long arg5, long *rc_p) 2280 unsigned long arg5)
2290{
2291 return cap_task_prctl(option, arg2, arg3, arg3, arg5, rc_p);
2292}
2293
2294static inline void security_task_reparent_to_init(struct task_struct *p)
2295{ 2281{
2296 cap_task_reparent_to_init(p); 2282 return cap_task_prctl(option, arg2, arg3, arg3, arg5);
2297} 2283}
2298 2284
2299static inline void security_task_to_inode(struct task_struct *p, struct inode *inode) 2285static inline void security_task_to_inode(struct task_struct *p, struct inode *inode)
@@ -2719,16 +2705,16 @@ static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi
2719#ifdef CONFIG_KEYS 2705#ifdef CONFIG_KEYS
2720#ifdef CONFIG_SECURITY 2706#ifdef CONFIG_SECURITY
2721 2707
2722int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags); 2708int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags);
2723void security_key_free(struct key *key); 2709void security_key_free(struct key *key);
2724int security_key_permission(key_ref_t key_ref, 2710int security_key_permission(key_ref_t key_ref,
2725 struct task_struct *context, key_perm_t perm); 2711 const struct cred *cred, key_perm_t perm);
2726int security_key_getsecurity(struct key *key, char **_buffer); 2712int security_key_getsecurity(struct key *key, char **_buffer);
2727 2713
2728#else 2714#else
2729 2715
2730static inline int security_key_alloc(struct key *key, 2716static inline int security_key_alloc(struct key *key,
2731 struct task_struct *tsk, 2717 const struct cred *cred,
2732 unsigned long flags) 2718 unsigned long flags)
2733{ 2719{
2734 return 0; 2720 return 0;
@@ -2739,7 +2725,7 @@ static inline void security_key_free(struct key *key)
2739} 2725}
2740 2726
2741static inline int security_key_permission(key_ref_t key_ref, 2727static inline int security_key_permission(key_ref_t key_ref,
2742 struct task_struct *context, 2728 const struct cred *cred,
2743 key_perm_t perm) 2729 key_perm_t perm)
2744{ 2730{
2745 return 0; 2731 return 0;