diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-10-25 03:45:31 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-10-25 03:45:31 -0400 |
| commit | 36b8d186e6cc8e32cb5227f5645a58e1bc0af190 (patch) | |
| tree | 1000ad26e189e6ff2c53fb7eeff605f59c7ad94e /kernel/cred.c | |
| parent | cd85b557414fe4cd44ea6608825e96612a5fe2b2 (diff) | |
| parent | c45ed235abf1b0b6666417e3c394f18717976acd (diff) | |
Merge branch 'next' of git://selinuxproject.org/~jmorris/linux-security
* 'next' of git://selinuxproject.org/~jmorris/linux-security: (95 commits)
TOMOYO: Fix incomplete read after seek.
Smack: allow to access /smack/access as normal user
TOMOYO: Fix unused kernel config option.
Smack: fix: invalid length set for the result of /smack/access
Smack: compilation fix
Smack: fix for /smack/access output, use string instead of byte
Smack: domain transition protections (v3)
Smack: Provide information for UDS getsockopt(SO_PEERCRED)
Smack: Clean up comments
Smack: Repair processing of fcntl
Smack: Rule list lookup performance
Smack: check permissions from user space (v2)
TOMOYO: Fix quota and garbage collector.
TOMOYO: Remove redundant tasklist_lock.
TOMOYO: Fix domain transition failure warning.
TOMOYO: Remove tomoyo_policy_memory_lock spinlock.
TOMOYO: Simplify garbage collector.
TOMOYO: Fix make namespacecheck warnings.
target: check hex2bin result
encrypted-keys: check hex2bin result
...
Diffstat (limited to 'kernel/cred.c')
| -rw-r--r-- | kernel/cred.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/kernel/cred.c b/kernel/cred.c index 8ef31f53c44c..bb55d052d858 100644 --- a/kernel/cred.c +++ b/kernel/cred.c | |||
| @@ -644,6 +644,9 @@ void __init cred_init(void) | |||
| 644 | */ | 644 | */ |
| 645 | struct cred *prepare_kernel_cred(struct task_struct *daemon) | 645 | struct cred *prepare_kernel_cred(struct task_struct *daemon) |
| 646 | { | 646 | { |
| 647 | #ifdef CONFIG_KEYS | ||
| 648 | struct thread_group_cred *tgcred; | ||
| 649 | #endif | ||
| 647 | const struct cred *old; | 650 | const struct cred *old; |
| 648 | struct cred *new; | 651 | struct cred *new; |
| 649 | 652 | ||
| @@ -651,6 +654,14 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) | |||
| 651 | if (!new) | 654 | if (!new) |
| 652 | return NULL; | 655 | return NULL; |
| 653 | 656 | ||
| 657 | #ifdef CONFIG_KEYS | ||
| 658 | tgcred = kmalloc(sizeof(*tgcred), GFP_KERNEL); | ||
| 659 | if (!tgcred) { | ||
| 660 | kmem_cache_free(cred_jar, new); | ||
| 661 | return NULL; | ||
| 662 | } | ||
| 663 | #endif | ||
| 664 | |||
| 654 | kdebug("prepare_kernel_cred() alloc %p", new); | 665 | kdebug("prepare_kernel_cred() alloc %p", new); |
| 655 | 666 | ||
| 656 | if (daemon) | 667 | if (daemon) |
| @@ -667,8 +678,11 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) | |||
| 667 | get_group_info(new->group_info); | 678 | get_group_info(new->group_info); |
| 668 | 679 | ||
| 669 | #ifdef CONFIG_KEYS | 680 | #ifdef CONFIG_KEYS |
| 670 | atomic_inc(&init_tgcred.usage); | 681 | atomic_set(&tgcred->usage, 1); |
| 671 | new->tgcred = &init_tgcred; | 682 | spin_lock_init(&tgcred->lock); |
| 683 | tgcred->process_keyring = NULL; | ||
| 684 | tgcred->session_keyring = NULL; | ||
| 685 | new->tgcred = tgcred; | ||
| 672 | new->request_key_auth = NULL; | 686 | new->request_key_auth = NULL; |
| 673 | new->thread_keyring = NULL; | 687 | new->thread_keyring = NULL; |
| 674 | new->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; | 688 | new->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; |