diff options
Diffstat (limited to 'kernel/cred.c')
| -rw-r--r-- | kernel/cred.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/kernel/cred.c b/kernel/cred.c index 6a1aa004e37..3a9d6dd53a6 100644 --- a/kernel/cred.c +++ b/kernel/cred.c | |||
| @@ -252,13 +252,13 @@ struct cred *cred_alloc_blank(void) | |||
| 252 | #endif | 252 | #endif |
| 253 | 253 | ||
| 254 | atomic_set(&new->usage, 1); | 254 | atomic_set(&new->usage, 1); |
| 255 | #ifdef CONFIG_DEBUG_CREDENTIALS | ||
| 256 | new->magic = CRED_MAGIC; | ||
| 257 | #endif | ||
| 255 | 258 | ||
| 256 | if (security_cred_alloc_blank(new, GFP_KERNEL) < 0) | 259 | if (security_cred_alloc_blank(new, GFP_KERNEL) < 0) |
| 257 | goto error; | 260 | goto error; |
| 258 | 261 | ||
| 259 | #ifdef CONFIG_DEBUG_CREDENTIALS | ||
| 260 | new->magic = CRED_MAGIC; | ||
| 261 | #endif | ||
| 262 | return new; | 262 | return new; |
| 263 | 263 | ||
| 264 | error: | 264 | error: |
| @@ -657,6 +657,8 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) | |||
| 657 | validate_creds(old); | 657 | validate_creds(old); |
| 658 | 658 | ||
| 659 | *new = *old; | 659 | *new = *old; |
| 660 | atomic_set(&new->usage, 1); | ||
| 661 | set_cred_subscribers(new, 0); | ||
| 660 | get_uid(new->user); | 662 | get_uid(new->user); |
| 661 | get_group_info(new->group_info); | 663 | get_group_info(new->group_info); |
| 662 | 664 | ||
| @@ -674,8 +676,6 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) | |||
| 674 | if (security_prepare_creds(new, old, GFP_KERNEL) < 0) | 676 | if (security_prepare_creds(new, old, GFP_KERNEL) < 0) |
| 675 | goto error; | 677 | goto error; |
| 676 | 678 | ||
| 677 | atomic_set(&new->usage, 1); | ||
| 678 | set_cred_subscribers(new, 0); | ||
| 679 | put_cred(old); | 679 | put_cred(old); |
| 680 | validate_creds(new); | 680 | validate_creds(new); |
| 681 | return new; | 681 | return new; |
| @@ -748,7 +748,11 @@ bool creds_are_invalid(const struct cred *cred) | |||
| 748 | if (cred->magic != CRED_MAGIC) | 748 | if (cred->magic != CRED_MAGIC) |
| 749 | return true; | 749 | return true; |
| 750 | #ifdef CONFIG_SECURITY_SELINUX | 750 | #ifdef CONFIG_SECURITY_SELINUX |
| 751 | if (selinux_is_enabled()) { | 751 | /* |
| 752 | * cred->security == NULL if security_cred_alloc_blank() or | ||
| 753 | * security_prepare_creds() returned an error. | ||
| 754 | */ | ||
| 755 | if (selinux_is_enabled() && cred->security) { | ||
| 752 | if ((unsigned long) cred->security < PAGE_SIZE) | 756 | if ((unsigned long) cred->security < PAGE_SIZE) |
| 753 | return true; | 757 | return true; |
| 754 | if ((*(u32 *)cred->security & 0xffffff00) == | 758 | if ((*(u32 *)cred->security & 0xffffff00) == |