diff options
| author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:16 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:16 -0500 |
| commit | b6dff3ec5e116e3af6f537d4caedcad6b9e5082a (patch) | |
| tree | 9e76f972eb7ce9b84e0146c8e4126a3f86acb428 /include/linux/init_task.h | |
| parent | 15a2460ed0af7538ca8e6c610fe607a2cd9da142 (diff) | |
CRED: Separate task security context from task_struct
Separate the task security context from task_struct. At this point, the
security data is temporarily embedded in the task_struct with two pointers
pointing to it.
Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in
entry.S via asm-offsets.
With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux/init_task.h')
| -rw-r--r-- | include/linux/init_task.h | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/include/linux/init_task.h b/include/linux/init_task.h index 23fd8909b9e5..9de41ccd67b5 100644 --- a/include/linux/init_task.h +++ b/include/linux/init_task.h | |||
| @@ -113,6 +113,21 @@ extern struct group_info init_groups; | |||
| 113 | # define CAP_INIT_BSET CAP_INIT_EFF_SET | 113 | # define CAP_INIT_BSET CAP_INIT_EFF_SET |
| 114 | #endif | 114 | #endif |
| 115 | 115 | ||
| 116 | extern struct cred init_cred; | ||
| 117 | |||
| 118 | #define INIT_CRED(p) \ | ||
| 119 | { \ | ||
| 120 | .usage = ATOMIC_INIT(3), \ | ||
| 121 | .securebits = SECUREBITS_DEFAULT, \ | ||
| 122 | .cap_inheritable = CAP_INIT_INH_SET, \ | ||
| 123 | .cap_permitted = CAP_FULL_SET, \ | ||
| 124 | .cap_effective = CAP_INIT_EFF_SET, \ | ||
| 125 | .cap_bset = CAP_INIT_BSET, \ | ||
| 126 | .user = INIT_USER, \ | ||
| 127 | .group_info = &init_groups, \ | ||
| 128 | .lock = __SPIN_LOCK_UNLOCKED(p.lock), \ | ||
| 129 | } | ||
| 130 | |||
| 116 | /* | 131 | /* |
| 117 | * INIT_TASK is used to set up the first task table, touch at | 132 | * INIT_TASK is used to set up the first task table, touch at |
| 118 | * your own risk!. Base=0, limit=0x1fffff (=2MB) | 133 | * your own risk!. Base=0, limit=0x1fffff (=2MB) |
| @@ -147,13 +162,8 @@ extern struct group_info init_groups; | |||
| 147 | .children = LIST_HEAD_INIT(tsk.children), \ | 162 | .children = LIST_HEAD_INIT(tsk.children), \ |
| 148 | .sibling = LIST_HEAD_INIT(tsk.sibling), \ | 163 | .sibling = LIST_HEAD_INIT(tsk.sibling), \ |
| 149 | .group_leader = &tsk, \ | 164 | .group_leader = &tsk, \ |
| 150 | .group_info = &init_groups, \ | 165 | .__temp_cred = INIT_CRED(tsk.__temp_cred), \ |
| 151 | .cap_effective = CAP_INIT_EFF_SET, \ | 166 | .cred = &tsk.__temp_cred, \ |
| 152 | .cap_inheritable = CAP_INIT_INH_SET, \ | ||
| 153 | .cap_permitted = CAP_FULL_SET, \ | ||
| 154 | .cap_bset = CAP_INIT_BSET, \ | ||
| 155 | .securebits = SECUREBITS_DEFAULT, \ | ||
| 156 | .user = INIT_USER, \ | ||
| 157 | .comm = "swapper", \ | 167 | .comm = "swapper", \ |
| 158 | .thread = INIT_THREAD, \ | 168 | .thread = INIT_THREAD, \ |
| 159 | .fs = &init_fs, \ | 169 | .fs = &init_fs, \ |