CRED: Detach the credentials from task_struct

Detach the credentials from task_struct, duplicating them in copy_process() and releasing them in __put_task_struct(). Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
author: David Howells <dhowells@redhat.com> 2008-11-13 18:39:17 -0500
committer: James Morris <jmorris@namei.org> 2008-11-13 18:39:17 -0500
commit: f1752eec6145c97163dbce62d17cf5d928e28a27 (patch)
tree: 16bc51166d38815092de36a461b845b0b4b522f9 /security/smack
parent: b6dff3ec5e116e3af6f537d4caedcad6b9e5082a (diff)
1 files changed, 10 insertions, 10 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 791da238d049..cc837314fb0e 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -975,8 +975,8 @@ static int smack_file_receive(struct file *file)
 */
 /**
- * smack_task_alloc_security - "allocate" a task blob
+ * smack_cred_alloc_security - "allocate" a task cred blob
- * @tsk: the task in need of a blob
+ * @cred: the task creds in need of a blob
 *
 * Smack isn't using copies of blobs. Everyone
 * points to an immutable list. No alloc required.
@@ -984,24 +984,24 @@ static int smack_file_receive(struct file *file)
 *
 * Always returns 0
 */
-static int smack_task_alloc_security(struct task_struct *tsk)
+static int smack_cred_alloc_security(struct cred *cred)
 {
-        tsk->cred->security = current->cred->security;
+        cred->security = current->cred->security;
        return 0;
 }
 /**
- * smack_task_free_security - "free" a task blob
+ * smack_cred_free - "free" task-level security credentials
- * @task: the task with the blob
+ * @cred: the credentials in question
 *
 * Smack isn't using copies of blobs. Everyone
 * points to an immutable list. The blobs never go away.
 * There is no leak here.
 */
-static void smack_task_free_security(struct task_struct *task)
+static void smack_cred_free(struct cred *cred)
 {
-        task->cred->security = NULL;
+        cred->security = NULL;
 }
 /**
@@ -2630,8 +2630,8 @@ struct security_operations smack_ops = {
        .file_send_sigiotask =          smack_file_send_sigiotask,
        .file_receive =                 smack_file_receive,
-        .task_alloc_security =          smack_task_alloc_security,
+        .cred_alloc_security =          smack_cred_alloc_security,
-        .task_free_security =           smack_task_free_security,
+        .cred_free =                    smack_cred_free,
        .task_post_setuid =             cap_task_post_setuid,
        .task_setpgid =                 smack_task_setpgid,
        .task_getpgid =                 smack_task_getpgid,
author	David Howells <dhowells@redhat.com>	2008-11-13 18:39:17 -0500
committer	James Morris <jmorris@namei.org>	2008-11-13 18:39:17 -0500
commit	f1752eec6145c97163dbce62d17cf5d928e28a27 (patch)
tree	16bc51166d38815092de36a461b845b0b4b522f9 /security/smack
parent	b6dff3ec5e116e3af6f537d4caedcad6b9e5082a (diff)

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 791da238d049..cc837314fb0e 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c
@@ -975,8 +975,8 @@ static int smack_file_receive(struct file *file)
975	*/	975	*/
976		976
977	/**	977	/**
978	* smack_task_alloc_security - "allocate" a task blob	978	* smack_cred_alloc_security - "allocate" a task cred blob
979	* @tsk: the task in need of a blob	979	* @cred: the task creds in need of a blob
980	*	980	*
981	* Smack isn't using copies of blobs. Everyone	981	* Smack isn't using copies of blobs. Everyone
982	* points to an immutable list. No alloc required.	982	* points to an immutable list. No alloc required.
@@ -984,24 +984,24 @@ static int smack_file_receive(struct file *file)
984	*	984	*
985	* Always returns 0	985	* Always returns 0
986	*/	986	*/
987	static int smack_task_alloc_security(struct task_struct *tsk)	987	static int smack_cred_alloc_security(struct cred *cred)
988	{	988	{
989	tsk->cred->security = current->cred->security;	989	cred->security = current->cred->security;
990		990
991	return 0;	991	return 0;
992	}	992	}
993		993
994	/**	994	/**
995	* smack_task_free_security - "free" a task blob	995	* smack_cred_free - "free" task-level security credentials
996	* @task: the task with the blob	996	* @cred: the credentials in question
997	*	997	*
998	* Smack isn't using copies of blobs. Everyone	998	* Smack isn't using copies of blobs. Everyone
999	* points to an immutable list. The blobs never go away.	999	* points to an immutable list. The blobs never go away.
1000	* There is no leak here.	1000	* There is no leak here.
1001	*/	1001	*/
1002	static void smack_task_free_security(struct task_struct *task)	1002	static void smack_cred_free(struct cred *cred)
1003	{	1003	{
1004	task->cred->security = NULL;	1004	cred->security = NULL;
1005	}	1005	}
1006		1006
1007	/**	1007	/**
@@ -2630,8 +2630,8 @@ struct security_operations smack_ops = {
2630	.file_send_sigiotask = smack_file_send_sigiotask,	2630	.file_send_sigiotask = smack_file_send_sigiotask,
2631	.file_receive = smack_file_receive,	2631	.file_receive = smack_file_receive,
2632		2632
2633	.task_alloc_security = smack_task_alloc_security,	2633	.cred_alloc_security = smack_cred_alloc_security,
2634	.task_free_security = smack_task_free_security,	2634	.cred_free = smack_cred_free,
2635	.task_post_setuid = cap_task_post_setuid,	2635	.task_post_setuid = cap_task_post_setuid,
2636	.task_setpgid = smack_task_setpgid,	2636	.task_setpgid = smack_task_setpgid,
2637	.task_getpgid = smack_task_getpgid,	2637	.task_getpgid = smack_task_getpgid,