aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/sched.h
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-13 18:39:16 -0500
committerJames Morris <jmorris@namei.org>2008-11-13 18:39:16 -0500
commitb6dff3ec5e116e3af6f537d4caedcad6b9e5082a (patch)
tree9e76f972eb7ce9b84e0146c8e4126a3f86acb428 /include/linux/sched.h
parent15a2460ed0af7538ca8e6c610fe607a2cd9da142 (diff)
CRED: Separate task security context from task_struct
Separate the task security context from task_struct. At this point, the security data is temporarily embedded in the task_struct with two pointers pointing to it. Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in entry.S via asm-offsets. With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux/sched.h')
-rw-r--r--include/linux/sched.h52
1 files changed, 4 insertions, 48 deletions
diff --git a/include/linux/sched.h b/include/linux/sched.h
index b483f39a7112..c8b92502354d 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -660,6 +660,7 @@ extern struct user_struct *find_user(uid_t);
660extern struct user_struct root_user; 660extern struct user_struct root_user;
661#define INIT_USER (&root_user) 661#define INIT_USER (&root_user)
662 662
663
663struct backing_dev_info; 664struct backing_dev_info;
664struct reclaim_state; 665struct reclaim_state;
665 666
@@ -883,38 +884,7 @@ partition_sched_domains(int ndoms_new, cpumask_t *doms_new,
883#endif /* !CONFIG_SMP */ 884#endif /* !CONFIG_SMP */
884 885
885struct io_context; /* See blkdev.h */ 886struct io_context; /* See blkdev.h */
886#define NGROUPS_SMALL 32
887#define NGROUPS_PER_BLOCK ((unsigned int)(PAGE_SIZE / sizeof(gid_t)))
888struct group_info {
889 int ngroups;
890 atomic_t usage;
891 gid_t small_block[NGROUPS_SMALL];
892 int nblocks;
893 gid_t *blocks[0];
894};
895
896/*
897 * get_group_info() must be called with the owning task locked (via task_lock())
898 * when task != current. The reason being that the vast majority of callers are
899 * looking at current->group_info, which can not be changed except by the
900 * current task. Changing current->group_info requires the task lock, too.
901 */
902#define get_group_info(group_info) do { \
903 atomic_inc(&(group_info)->usage); \
904} while (0)
905 887
906#define put_group_info(group_info) do { \
907 if (atomic_dec_and_test(&(group_info)->usage)) \
908 groups_free(group_info); \
909} while (0)
910
911extern struct group_info *groups_alloc(int gidsetsize);
912extern void groups_free(struct group_info *group_info);
913extern int set_current_groups(struct group_info *group_info);
914extern int groups_search(struct group_info *group_info, gid_t grp);
915/* access the groups "array" with this macro */
916#define GROUP_AT(gi, i) \
917 ((gi)->blocks[(i)/NGROUPS_PER_BLOCK][(i)%NGROUPS_PER_BLOCK])
918 888
919#ifdef ARCH_HAS_PREFETCH_SWITCH_STACK 889#ifdef ARCH_HAS_PREFETCH_SWITCH_STACK
920extern void prefetch_stack(struct task_struct *t); 890extern void prefetch_stack(struct task_struct *t);
@@ -1181,17 +1151,9 @@ struct task_struct {
1181 struct list_head cpu_timers[3]; 1151 struct list_head cpu_timers[3];
1182 1152
1183/* process credentials */ 1153/* process credentials */
1184 uid_t uid,euid,suid,fsuid; 1154 struct cred __temp_cred __deprecated; /* temporary credentials to be removed */
1185 gid_t gid,egid,sgid,fsgid; 1155 struct cred *cred; /* actual/objective task credentials */
1186 struct group_info *group_info; 1156
1187 kernel_cap_t cap_effective, cap_inheritable, cap_permitted, cap_bset;
1188 struct user_struct *user;
1189 unsigned securebits;
1190#ifdef CONFIG_KEYS
1191 unsigned char jit_keyring; /* default keyring to attach requested keys to */
1192 struct key *request_key_auth; /* assumed request_key authority */
1193 struct key *thread_keyring; /* keyring private to this thread */
1194#endif
1195 char comm[TASK_COMM_LEN]; /* executable name excluding path 1157 char comm[TASK_COMM_LEN]; /* executable name excluding path
1196 - access with [gs]et_task_comm (which lock 1158 - access with [gs]et_task_comm (which lock
1197 it with task_lock()) 1159 it with task_lock())
@@ -1228,9 +1190,6 @@ struct task_struct {
1228 int (*notifier)(void *priv); 1190 int (*notifier)(void *priv);
1229 void *notifier_data; 1191 void *notifier_data;
1230 sigset_t *notifier_mask; 1192 sigset_t *notifier_mask;
1231#ifdef CONFIG_SECURITY
1232 void *security;
1233#endif
1234 struct audit_context *audit_context; 1193 struct audit_context *audit_context;
1235#ifdef CONFIG_AUDITSYSCALL 1194#ifdef CONFIG_AUDITSYSCALL
1236 uid_t loginuid; 1195 uid_t loginuid;
@@ -1787,9 +1746,6 @@ extern void wake_up_new_task(struct task_struct *tsk,
1787extern void sched_fork(struct task_struct *p, int clone_flags); 1746extern void sched_fork(struct task_struct *p, int clone_flags);
1788extern void sched_dead(struct task_struct *p); 1747extern void sched_dead(struct task_struct *p);
1789 1748
1790extern int in_group_p(gid_t);
1791extern int in_egroup_p(gid_t);
1792
1793extern void proc_caches_init(void); 1749extern void proc_caches_init(void);
1794extern void flush_signals(struct task_struct *); 1750extern void flush_signals(struct task_struct *);
1795extern void ignore_signals(struct task_struct *); 1751extern void ignore_signals(struct task_struct *);