diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2011-11-17 00:52:53 -0500 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-04-07 19:55:52 -0400 |
commit | 0093ccb68f3753c0ba4d74c89d7e0f444b8d6123 (patch) | |
tree | a6fc0ea2a6dfc338fa8fc7126005f40109ef8dce | |
parent | c4a4d603796c727b9555867571f89483be9c565e (diff) |
cred: Refcount the user_ns pointed to by the cred.
struct user_struct will shortly loose it's user_ns reference
so make the cred user_ns reference a proper reference complete
with reference counting.
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
-rw-r--r-- | include/linux/cred.h | 2 | ||||
-rw-r--r-- | kernel/cred.c | 8 | ||||
-rw-r--r-- | kernel/user_namespace.c | 8 | ||||
-rw-r--r-- | security/keys/process_keys.c | 2 |
4 files changed, 10 insertions, 10 deletions
diff --git a/include/linux/cred.h b/include/linux/cred.h index d12c4e475c15..2c60ec802678 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h | |||
@@ -146,7 +146,7 @@ struct cred { | |||
146 | void *security; /* subjective LSM security */ | 146 | void *security; /* subjective LSM security */ |
147 | #endif | 147 | #endif |
148 | struct user_struct *user; /* real user ID subscription */ | 148 | struct user_struct *user; /* real user ID subscription */ |
149 | struct user_namespace *user_ns; /* cached user->user_ns */ | 149 | struct user_namespace *user_ns; /* user_ns the caps and keyrings are relative to. */ |
150 | struct group_info *group_info; /* supplementary groups for euid/fsgid */ | 150 | struct group_info *group_info; /* supplementary groups for euid/fsgid */ |
151 | struct rcu_head rcu; /* RCU deletion hook */ | 151 | struct rcu_head rcu; /* RCU deletion hook */ |
152 | }; | 152 | }; |
diff --git a/kernel/cred.c b/kernel/cred.c index 97b36eeca4c9..7a0d80669886 100644 --- a/kernel/cred.c +++ b/kernel/cred.c | |||
@@ -148,6 +148,7 @@ static void put_cred_rcu(struct rcu_head *rcu) | |||
148 | if (cred->group_info) | 148 | if (cred->group_info) |
149 | put_group_info(cred->group_info); | 149 | put_group_info(cred->group_info); |
150 | free_uid(cred->user); | 150 | free_uid(cred->user); |
151 | put_user_ns(cred->user_ns); | ||
151 | kmem_cache_free(cred_jar, cred); | 152 | kmem_cache_free(cred_jar, cred); |
152 | } | 153 | } |
153 | 154 | ||
@@ -303,6 +304,7 @@ struct cred *prepare_creds(void) | |||
303 | set_cred_subscribers(new, 0); | 304 | set_cred_subscribers(new, 0); |
304 | get_group_info(new->group_info); | 305 | get_group_info(new->group_info); |
305 | get_uid(new->user); | 306 | get_uid(new->user); |
307 | get_user_ns(new->user_ns); | ||
306 | 308 | ||
307 | #ifdef CONFIG_KEYS | 309 | #ifdef CONFIG_KEYS |
308 | key_get(new->thread_keyring); | 310 | key_get(new->thread_keyring); |
@@ -412,11 +414,6 @@ int copy_creds(struct task_struct *p, unsigned long clone_flags) | |||
412 | goto error_put; | 414 | goto error_put; |
413 | } | 415 | } |
414 | 416 | ||
415 | /* cache user_ns in cred. Doesn't need a refcount because it will | ||
416 | * stay pinned by cred->user | ||
417 | */ | ||
418 | new->user_ns = new->user->user_ns; | ||
419 | |||
420 | #ifdef CONFIG_KEYS | 417 | #ifdef CONFIG_KEYS |
421 | /* new threads get their own thread keyrings if their parent already | 418 | /* new threads get their own thread keyrings if their parent already |
422 | * had one */ | 419 | * had one */ |
@@ -676,6 +673,7 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) | |||
676 | atomic_set(&new->usage, 1); | 673 | atomic_set(&new->usage, 1); |
677 | set_cred_subscribers(new, 0); | 674 | set_cred_subscribers(new, 0); |
678 | get_uid(new->user); | 675 | get_uid(new->user); |
676 | get_user_ns(new->user_ns); | ||
679 | get_group_info(new->group_info); | 677 | get_group_info(new->group_info); |
680 | 678 | ||
681 | #ifdef CONFIG_KEYS | 679 | #ifdef CONFIG_KEYS |
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c index f084083a0fd3..58bb8781a778 100644 --- a/kernel/user_namespace.c +++ b/kernel/user_namespace.c | |||
@@ -24,7 +24,7 @@ static struct kmem_cache *user_ns_cachep __read_mostly; | |||
24 | */ | 24 | */ |
25 | int create_user_ns(struct cred *new) | 25 | int create_user_ns(struct cred *new) |
26 | { | 26 | { |
27 | struct user_namespace *ns; | 27 | struct user_namespace *ns, *parent_ns = new->user_ns; |
28 | struct user_struct *root_user; | 28 | struct user_struct *root_user; |
29 | int n; | 29 | int n; |
30 | 30 | ||
@@ -57,8 +57,10 @@ int create_user_ns(struct cred *new) | |||
57 | #endif | 57 | #endif |
58 | /* tgcred will be cleared in our caller bc CLONE_THREAD won't be set */ | 58 | /* tgcred will be cleared in our caller bc CLONE_THREAD won't be set */ |
59 | 59 | ||
60 | /* root_user holds a reference to ns, our reference can be dropped */ | 60 | /* Leave the reference to our user_ns with the new cred */ |
61 | put_user_ns(ns); | 61 | new->user_ns = ns; |
62 | |||
63 | put_user_ns(parent_ns); | ||
62 | 64 | ||
63 | return 0; | 65 | return 0; |
64 | } | 66 | } |
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index 70febff06da9..447fb7618ff3 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c | |||
@@ -858,7 +858,7 @@ void key_replace_session_keyring(void) | |||
858 | new-> sgid = old-> sgid; | 858 | new-> sgid = old-> sgid; |
859 | new->fsgid = old->fsgid; | 859 | new->fsgid = old->fsgid; |
860 | new->user = get_uid(old->user); | 860 | new->user = get_uid(old->user); |
861 | new->user_ns = new->user_ns; | 861 | new->user_ns = get_user_ns(new->user_ns); |
862 | new->group_info = get_group_info(old->group_info); | 862 | new->group_info = get_group_info(old->group_info); |
863 | 863 | ||
864 | new->securebits = old->securebits; | 864 | new->securebits = old->securebits; |