CRED: Wrap task credential accesses in the core kernel

Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.

Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().

Change some task->e?[ug]id to task_e?[ug]id().  In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-audit@redhat.com
Cc: containers@lists.linux-foundation.org
Cc: linux-mm@kvack.org
Signed-off-by: James Morris <jmorris@namei.org>

1 files changed, 9 insertions, 6 deletions

diff --git a/kernel/signal.c b/kernel/signal.c
index 4530fc654455..167b535fe1a9 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -567,6 +567,7 @@ static int check_kill_permission(int sig, struct siginfo *info,
                                  struct task_struct *t)
 {
         struct pid *sid;
+        uid_t uid, euid;
         int error;
 
         if (!valid_signal(sig))
@@ -579,8 +580,10 @@ static int check_kill_permission(int sig, struct siginfo *info,
         if (error)
                 return error;
 
-        if ((current->euid ^ t->suid) && (current->euid ^ t->uid) &&
-            (current->uid  ^ t->suid) && (current->uid  ^ t->uid) &&
+        uid = current_uid();
+        euid = current_euid();
+        if ((euid ^ t->suid) && (euid ^ t->uid) &&
+            (uid  ^ t->suid) && (uid  ^ t->uid) &&
             !capable(CAP_KILL)) {
                 switch (sig) {
                 case SIGCONT:
@@ -844,7 +847,7 @@ static int send_signal(int sig, struct siginfo *info, struct task_struct *t,
                         q->info.si_errno = 0;
                         q->info.si_code = SI_USER;
                         q->info.si_pid = task_pid_vnr(current);
-                        q->info.si_uid = current->uid;
+                        q->info.si_uid = current_uid();
                         break;
                 case (unsigned long) SEND_SIG_PRIV:
                         q->info.si_signo = sig;
@@ -1598,7 +1601,7 @@ void ptrace_notify(int exit_code)
         info.si_signo = SIGTRAP;
         info.si_code = exit_code;
         info.si_pid = task_pid_vnr(current);
-        info.si_uid = current->uid;
+        info.si_uid = current_uid();
 
         /* Let the debugger run.  */
         spin_lock_irq(&current->sighand->siglock);
@@ -2211,7 +2214,7 @@ sys_kill(pid_t pid, int sig)
         info.si_errno = 0;
         info.si_code = SI_USER;
         info.si_pid = task_tgid_vnr(current);
-        info.si_uid = current->uid;
+        info.si_uid = current_uid();
 
         return kill_something_info(sig, &info, pid);
 }
@@ -2228,7 +2231,7 @@ static int do_tkill(pid_t tgid, pid_t pid, int sig)
         info.si_errno = 0;
         info.si_code = SI_TKILL;
         info.si_pid = task_tgid_vnr(current);
-        info.si_uid = current->uid;
+        info.si_uid = current_uid();
 
         rcu_read_lock();
         p = find_task_by_vpid(pid);