aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
Diffstat (limited to 'fs')
-rw-r--r--fs/9p/fid.c2
-rw-r--r--fs/9p/vfs_inode.c4
-rw-r--r--fs/9p/vfs_super.c4
-rw-r--r--fs/affs/inode.c4
-rw-r--r--fs/affs/super.c4
-rw-r--r--fs/anon_inodes.c4
-rw-r--r--fs/attr.c4
-rw-r--r--fs/autofs/inode.c4
-rw-r--r--fs/autofs4/dev-ioctl.c3
-rw-r--r--fs/autofs4/inode.c4
-rw-r--r--fs/autofs4/waitq.c4
-rw-r--r--fs/bfs/dir.c4
-rw-r--r--fs/binfmt_aout.c2
-rw-r--r--fs/binfmt_elf.c20
-rw-r--r--fs/binfmt_elf_fdpic.c19
-rw-r--r--fs/binfmt_flat.c2
-rw-r--r--fs/binfmt_som.c2
-rw-r--r--fs/cifs/cifs_fs_sb.h2
-rw-r--r--fs/cifs/cifsproto.h2
-rw-r--r--fs/cifs/connect.c4
-rw-r--r--fs/cifs/dir.c12
-rw-r--r--fs/cifs/inode.c8
-rw-r--r--fs/cifs/ioctl.c2
-rw-r--r--fs/cifs/misc.c4
-rw-r--r--fs/coda/cache.c6
-rw-r--r--fs/coda/file.c3
-rw-r--r--fs/coda/upcall.c2
-rw-r--r--fs/compat.c42
-rw-r--r--fs/devpts/inode.c4
-rw-r--r--fs/dquot.c4
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h3
-rw-r--r--fs/ecryptfs/kthread.c9
-rw-r--r--fs/ecryptfs/main.c3
-rw-r--r--fs/ecryptfs/messaging.c27
-rw-r--r--fs/ecryptfs/miscdev.c27
-rw-r--r--fs/exec.c183
-rw-r--r--fs/exportfs/expfs.c4
-rw-r--r--fs/ext2/balloc.c2
-rw-r--r--fs/ext2/ialloc.c4
-rw-r--r--fs/ext3/balloc.c2
-rw-r--r--fs/ext3/ialloc.c4
-rw-r--r--fs/ext4/balloc.c2
-rw-r--r--fs/ext4/ialloc.c4
-rw-r--r--fs/fat/file.c2
-rw-r--r--fs/fat/inode.c4
-rw-r--r--fs/fcntl.c18
-rw-r--r--fs/file_table.c10
-rw-r--r--fs/fuse/dev.c4
-rw-r--r--fs/fuse/dir.c23
-rw-r--r--fs/gfs2/inode.c10
-rw-r--r--fs/hfs/inode.c4
-rw-r--r--fs/hfs/super.c4
-rw-r--r--fs/hfsplus/inode.c4
-rw-r--r--fs/hfsplus/options.c4
-rw-r--r--fs/hpfs/namei.c24
-rw-r--r--fs/hpfs/super.c4
-rw-r--r--fs/hppfs/hppfs.c6
-rw-r--r--fs/hugetlbfs/inode.c21
-rw-r--r--fs/inotify_user.c2
-rw-r--r--fs/internal.h6
-rw-r--r--fs/ioprio.c18
-rw-r--r--fs/jfs/jfs_inode.c4
-rw-r--r--fs/locks.c2
-rw-r--r--fs/minix/bitmap.c4
-rw-r--r--fs/namei.c10
-rw-r--r--fs/namespace.c2
-rw-r--r--fs/ncpfs/ioctl.c91
-rw-r--r--fs/nfsctl.c5
-rw-r--r--fs/nfsd/auth.c95
-rw-r--r--fs/nfsd/nfs4recover.c72
-rw-r--r--fs/nfsd/nfsfh.c11
-rw-r--r--fs/nfsd/vfs.c9
-rw-r--r--fs/ocfs2/dlm/dlmfs.c8
-rw-r--r--fs/ocfs2/namei.c4
-rw-r--r--fs/omfs/inode.c8
-rw-r--r--fs/open.c59
-rw-r--r--fs/pipe.c4
-rw-r--r--fs/posix_acl.c4
-rw-r--r--fs/proc/array.c32
-rw-r--r--fs/proc/base.c32
-rw-r--r--fs/quota.c4
-rw-r--r--fs/ramfs/inode.c4
-rw-r--r--fs/reiserfs/namei.c4
-rw-r--r--fs/smbfs/dir.c3
-rw-r--r--fs/smbfs/inode.c2
-rw-r--r--fs/smbfs/proc.c2
-rw-r--r--fs/sysv/ialloc.c4
-rw-r--r--fs/ubifs/budget.c2
-rw-r--r--fs/ubifs/dir.c4
-rw-r--r--fs/udf/ialloc.c4
-rw-r--r--fs/udf/namei.c2
-rw-r--r--fs/ufs/ialloc.c4
-rw-r--r--fs/xfs/linux-2.6/xfs_cred.h6
-rw-r--r--fs/xfs/linux-2.6/xfs_globals.h2
-rw-r--r--fs/xfs/linux-2.6/xfs_ioctl.c5
-rw-r--r--fs/xfs/xfs_acl.c6
-rw-r--r--fs/xfs/xfs_inode.h2
-rw-r--r--fs/xfs/xfs_vnodeops.h10
98 files changed, 652 insertions, 501 deletions
diff --git a/fs/9p/fid.c b/fs/9p/fid.c
index 3031e3233dd6..a43e4ab7c6c3 100644
--- a/fs/9p/fid.c
+++ b/fs/9p/fid.c
@@ -120,7 +120,7 @@ struct p9_fid *v9fs_fid_lookup(struct dentry *dentry)
120 switch (access) { 120 switch (access) {
121 case V9FS_ACCESS_SINGLE: 121 case V9FS_ACCESS_SINGLE:
122 case V9FS_ACCESS_USER: 122 case V9FS_ACCESS_USER:
123 uid = current->fsuid; 123 uid = current_fsuid();
124 any = 0; 124 any = 0;
125 break; 125 break;
126 126
diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c
index 8314d3f43b71..8fddfe86a0dc 100644
--- a/fs/9p/vfs_inode.c
+++ b/fs/9p/vfs_inode.c
@@ -215,8 +215,8 @@ struct inode *v9fs_get_inode(struct super_block *sb, int mode)
215 inode = new_inode(sb); 215 inode = new_inode(sb);
216 if (inode) { 216 if (inode) {
217 inode->i_mode = mode; 217 inode->i_mode = mode;
218 inode->i_uid = current->fsuid; 218 inode->i_uid = current_fsuid();
219 inode->i_gid = current->fsgid; 219 inode->i_gid = current_fsgid();
220 inode->i_blocks = 0; 220 inode->i_blocks = 0;
221 inode->i_rdev = 0; 221 inode->i_rdev = 0;
222 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 222 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
diff --git a/fs/9p/vfs_super.c b/fs/9p/vfs_super.c
index d6cb1a0ca724..93212e40221a 100644
--- a/fs/9p/vfs_super.c
+++ b/fs/9p/vfs_super.c
@@ -113,8 +113,8 @@ static int v9fs_get_sb(struct file_system_type *fs_type, int flags,
113 struct v9fs_session_info *v9ses = NULL; 113 struct v9fs_session_info *v9ses = NULL;
114 struct p9_wstat *st = NULL; 114 struct p9_wstat *st = NULL;
115 int mode = S_IRWXUGO | S_ISVTX; 115 int mode = S_IRWXUGO | S_ISVTX;
116 uid_t uid = current->fsuid; 116 uid_t uid = current_fsuid();
117 gid_t gid = current->fsgid; 117 gid_t gid = current_fsgid();
118 struct p9_fid *fid; 118 struct p9_fid *fid;
119 int retval = 0; 119 int retval = 0;
120 120
diff --git a/fs/affs/inode.c b/fs/affs/inode.c
index a13b334a3910..415d9c67ac16 100644
--- a/fs/affs/inode.c
+++ b/fs/affs/inode.c
@@ -293,8 +293,8 @@ affs_new_inode(struct inode *dir)
293 mark_buffer_dirty_inode(bh, inode); 293 mark_buffer_dirty_inode(bh, inode);
294 affs_brelse(bh); 294 affs_brelse(bh);
295 295
296 inode->i_uid = current->fsuid; 296 inode->i_uid = current_fsuid();
297 inode->i_gid = current->fsgid; 297 inode->i_gid = current_fsgid();
298 inode->i_ino = block; 298 inode->i_ino = block;
299 inode->i_nlink = 1; 299 inode->i_nlink = 1;
300 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC; 300 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
diff --git a/fs/affs/super.c b/fs/affs/super.c
index 8989c93193ed..a19d64b582aa 100644
--- a/fs/affs/super.c
+++ b/fs/affs/super.c
@@ -163,8 +163,8 @@ parse_options(char *options, uid_t *uid, gid_t *gid, int *mode, int *reserved, s
163 163
164 /* Fill in defaults */ 164 /* Fill in defaults */
165 165
166 *uid = current->uid; 166 *uid = current_uid();
167 *gid = current->gid; 167 *gid = current_gid();
168 *reserved = 2; 168 *reserved = 2;
169 *root = -1; 169 *root = -1;
170 *blocksize = -1; 170 *blocksize = -1;
diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
index 3662dd44896b..c16d9be1b017 100644
--- a/fs/anon_inodes.c
+++ b/fs/anon_inodes.c
@@ -154,8 +154,8 @@ static struct inode *anon_inode_mkinode(void)
154 */ 154 */
155 inode->i_state = I_DIRTY; 155 inode->i_state = I_DIRTY;
156 inode->i_mode = S_IRUSR | S_IWUSR; 156 inode->i_mode = S_IRUSR | S_IWUSR;
157 inode->i_uid = current->fsuid; 157 inode->i_uid = current_fsuid();
158 inode->i_gid = current->fsgid; 158 inode->i_gid = current_fsgid();
159 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 159 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
160 return inode; 160 return inode;
161} 161}
diff --git a/fs/attr.c b/fs/attr.c
index 7a83819f6ba2..f4360192a938 100644
--- a/fs/attr.c
+++ b/fs/attr.c
@@ -29,13 +29,13 @@ int inode_change_ok(struct inode *inode, struct iattr *attr)
29 29
30 /* Make sure a caller can chown. */ 30 /* Make sure a caller can chown. */
31 if ((ia_valid & ATTR_UID) && 31 if ((ia_valid & ATTR_UID) &&
32 (current->fsuid != inode->i_uid || 32 (current_fsuid() != inode->i_uid ||
33 attr->ia_uid != inode->i_uid) && !capable(CAP_CHOWN)) 33 attr->ia_uid != inode->i_uid) && !capable(CAP_CHOWN))
34 goto error; 34 goto error;
35 35
36 /* Make sure caller can chgrp. */ 36 /* Make sure caller can chgrp. */
37 if ((ia_valid & ATTR_GID) && 37 if ((ia_valid & ATTR_GID) &&
38 (current->fsuid != inode->i_uid || 38 (current_fsuid() != inode->i_uid ||
39 (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) && 39 (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) &&
40 !capable(CAP_CHOWN)) 40 !capable(CAP_CHOWN))
41 goto error; 41 goto error;
diff --git a/fs/autofs/inode.c b/fs/autofs/inode.c
index b70eea1e8c59..c773680d5c60 100644
--- a/fs/autofs/inode.c
+++ b/fs/autofs/inode.c
@@ -76,8 +76,8 @@ static int parse_options(char *options, int *pipefd, uid_t *uid, gid_t *gid,
76 substring_t args[MAX_OPT_ARGS]; 76 substring_t args[MAX_OPT_ARGS];
77 int option; 77 int option;
78 78
79 *uid = current->uid; 79 *uid = current_uid();
80 *gid = current->gid; 80 *gid = current_gid();
81 *pgrp = task_pgrp_nr(current); 81 *pgrp = task_pgrp_nr(current);
82 82
83 *minproto = *maxproto = AUTOFS_PROTO_VERSION; 83 *minproto = *maxproto = AUTOFS_PROTO_VERSION;
diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c
index 33bf8cbfd051..63b7c7afe8df 100644
--- a/fs/autofs4/dev-ioctl.c
+++ b/fs/autofs4/dev-ioctl.c
@@ -308,7 +308,8 @@ static int autofs_dev_ioctl_open_mountpoint(const char *path, dev_t devid)
308 goto out; 308 goto out;
309 } 309 }
310 310
311 filp = dentry_open(nd.path.dentry, nd.path.mnt, O_RDONLY); 311 filp = dentry_open(nd.path.dentry, nd.path.mnt, O_RDONLY,
312 current_cred());
312 if (IS_ERR(filp)) { 313 if (IS_ERR(filp)) {
313 err = PTR_ERR(filp); 314 err = PTR_ERR(filp);
314 goto out; 315 goto out;
diff --git a/fs/autofs4/inode.c b/fs/autofs4/inode.c
index c7e65bb30ba0..7b19802cfef4 100644
--- a/fs/autofs4/inode.c
+++ b/fs/autofs4/inode.c
@@ -235,8 +235,8 @@ static int parse_options(char *options, int *pipefd, uid_t *uid, gid_t *gid,
235 substring_t args[MAX_OPT_ARGS]; 235 substring_t args[MAX_OPT_ARGS];
236 int option; 236 int option;
237 237
238 *uid = current->uid; 238 *uid = current_uid();
239 *gid = current->gid; 239 *gid = current_gid();
240 *pgrp = task_pgrp_nr(current); 240 *pgrp = task_pgrp_nr(current);
241 241
242 *minproto = AUTOFS_MIN_PROTO_VERSION; 242 *minproto = AUTOFS_MIN_PROTO_VERSION;
diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c
index 4b67c2a2d77c..e02cc8ae5eb3 100644
--- a/fs/autofs4/waitq.c
+++ b/fs/autofs4/waitq.c
@@ -391,8 +391,8 @@ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry,
391 memcpy(&wq->name, &qstr, sizeof(struct qstr)); 391 memcpy(&wq->name, &qstr, sizeof(struct qstr));
392 wq->dev = autofs4_get_dev(sbi); 392 wq->dev = autofs4_get_dev(sbi);
393 wq->ino = autofs4_get_ino(sbi); 393 wq->ino = autofs4_get_ino(sbi);
394 wq->uid = current->uid; 394 wq->uid = current_uid();
395 wq->gid = current->gid; 395 wq->gid = current_gid();
396 wq->pid = current->pid; 396 wq->pid = current->pid;
397 wq->tgid = current->tgid; 397 wq->tgid = current->tgid;
398 wq->status = -EINTR; /* Status return if interrupted */ 398 wq->status = -EINTR; /* Status return if interrupted */
diff --git a/fs/bfs/dir.c b/fs/bfs/dir.c
index daae463068e4..4dd1b623f937 100644
--- a/fs/bfs/dir.c
+++ b/fs/bfs/dir.c
@@ -106,8 +106,8 @@ static int bfs_create(struct inode *dir, struct dentry *dentry, int mode,
106 } 106 }
107 set_bit(ino, info->si_imap); 107 set_bit(ino, info->si_imap);
108 info->si_freei--; 108 info->si_freei--;
109 inode->i_uid = current->fsuid; 109 inode->i_uid = current_fsuid();
110 inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current->fsgid; 110 inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current_fsgid();
111 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC; 111 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
112 inode->i_blocks = 0; 112 inode->i_blocks = 0;
113 inode->i_op = &bfs_file_inops; 113 inode->i_op = &bfs_file_inops;
diff --git a/fs/binfmt_aout.c b/fs/binfmt_aout.c
index 204cfd1d7676..f1f3f4192a60 100644
--- a/fs/binfmt_aout.c
+++ b/fs/binfmt_aout.c
@@ -320,7 +320,7 @@ static int load_aout_binary(struct linux_binprm * bprm, struct pt_regs * regs)
320 current->mm->free_area_cache = current->mm->mmap_base; 320 current->mm->free_area_cache = current->mm->mmap_base;
321 current->mm->cached_hole_size = 0; 321 current->mm->cached_hole_size = 0;
322 322
323 compute_creds(bprm); 323 install_exec_creds(bprm);
324 current->flags &= ~PF_FORKNOEXEC; 324 current->flags &= ~PF_FORKNOEXEC;
325#ifdef __sparc__ 325#ifdef __sparc__
326 if (N_MAGIC(ex) == NMAGIC) { 326 if (N_MAGIC(ex) == NMAGIC) {
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 8fcfa398d350..f458c1217c5e 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -157,7 +157,7 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
157 int items; 157 int items;
158 elf_addr_t *elf_info; 158 elf_addr_t *elf_info;
159 int ei_index = 0; 159 int ei_index = 0;
160 struct task_struct *tsk = current; 160 const struct cred *cred = current_cred();
161 struct vm_area_struct *vma; 161 struct vm_area_struct *vma;
162 162
163 /* 163 /*
@@ -223,10 +223,10 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
223 NEW_AUX_ENT(AT_BASE, interp_load_addr); 223 NEW_AUX_ENT(AT_BASE, interp_load_addr);
224 NEW_AUX_ENT(AT_FLAGS, 0); 224 NEW_AUX_ENT(AT_FLAGS, 0);
225 NEW_AUX_ENT(AT_ENTRY, exec->e_entry); 225 NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
226 NEW_AUX_ENT(AT_UID, tsk->uid); 226 NEW_AUX_ENT(AT_UID, cred->uid);
227 NEW_AUX_ENT(AT_EUID, tsk->euid); 227 NEW_AUX_ENT(AT_EUID, cred->euid);
228 NEW_AUX_ENT(AT_GID, tsk->gid); 228 NEW_AUX_ENT(AT_GID, cred->gid);
229 NEW_AUX_ENT(AT_EGID, tsk->egid); 229 NEW_AUX_ENT(AT_EGID, cred->egid);
230 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm)); 230 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
231 NEW_AUX_ENT(AT_EXECFN, bprm->exec); 231 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
232 if (k_platform) { 232 if (k_platform) {
@@ -956,7 +956,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
956 } 956 }
957#endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */ 957#endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
958 958
959 compute_creds(bprm); 959 install_exec_creds(bprm);
960 current->flags &= ~PF_FORKNOEXEC; 960 current->flags &= ~PF_FORKNOEXEC;
961 retval = create_elf_tables(bprm, &loc->elf_ex, 961 retval = create_elf_tables(bprm, &loc->elf_ex,
962 load_addr, interp_load_addr); 962 load_addr, interp_load_addr);
@@ -1361,6 +1361,7 @@ static void fill_prstatus(struct elf_prstatus *prstatus,
1361static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p, 1361static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1362 struct mm_struct *mm) 1362 struct mm_struct *mm)
1363{ 1363{
1364 const struct cred *cred;
1364 unsigned int i, len; 1365 unsigned int i, len;
1365 1366
1366 /* first copy the parameters from user space */ 1367 /* first copy the parameters from user space */
@@ -1388,8 +1389,11 @@ static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1388 psinfo->pr_zomb = psinfo->pr_sname == 'Z'; 1389 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1389 psinfo->pr_nice = task_nice(p); 1390 psinfo->pr_nice = task_nice(p);
1390 psinfo->pr_flag = p->flags; 1391 psinfo->pr_flag = p->flags;
1391 SET_UID(psinfo->pr_uid, p->uid); 1392 rcu_read_lock();
1392 SET_GID(psinfo->pr_gid, p->gid); 1393 cred = __task_cred(p);
1394 SET_UID(psinfo->pr_uid, cred->uid);
1395 SET_GID(psinfo->pr_gid, cred->gid);
1396 rcu_read_unlock();
1393 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname)); 1397 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
1394 1398
1395 return 0; 1399 return 0;
diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
index 5b5424cb3391..aa5b43205e37 100644
--- a/fs/binfmt_elf_fdpic.c
+++ b/fs/binfmt_elf_fdpic.c
@@ -404,7 +404,7 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm,
404 current->mm->start_stack = current->mm->start_brk + stack_size; 404 current->mm->start_stack = current->mm->start_brk + stack_size;
405#endif 405#endif
406 406
407 compute_creds(bprm); 407 install_exec_creds(bprm);
408 current->flags &= ~PF_FORKNOEXEC; 408 current->flags &= ~PF_FORKNOEXEC;
409 if (create_elf_fdpic_tables(bprm, current->mm, 409 if (create_elf_fdpic_tables(bprm, current->mm,
410 &exec_params, &interp_params) < 0) 410 &exec_params, &interp_params) < 0)
@@ -475,6 +475,7 @@ static int create_elf_fdpic_tables(struct linux_binprm *bprm,
475 struct elf_fdpic_params *exec_params, 475 struct elf_fdpic_params *exec_params,
476 struct elf_fdpic_params *interp_params) 476 struct elf_fdpic_params *interp_params)
477{ 477{
478 const struct cred *cred = current_cred();
478 unsigned long sp, csp, nitems; 479 unsigned long sp, csp, nitems;
479 elf_caddr_t __user *argv, *envp; 480 elf_caddr_t __user *argv, *envp;
480 size_t platform_len = 0, len; 481 size_t platform_len = 0, len;
@@ -623,10 +624,10 @@ static int create_elf_fdpic_tables(struct linux_binprm *bprm,
623 NEW_AUX_ENT(AT_BASE, interp_params->elfhdr_addr); 624 NEW_AUX_ENT(AT_BASE, interp_params->elfhdr_addr);
624 NEW_AUX_ENT(AT_FLAGS, 0); 625 NEW_AUX_ENT(AT_FLAGS, 0);
625 NEW_AUX_ENT(AT_ENTRY, exec_params->entry_addr); 626 NEW_AUX_ENT(AT_ENTRY, exec_params->entry_addr);
626 NEW_AUX_ENT(AT_UID, (elf_addr_t) current->uid); 627 NEW_AUX_ENT(AT_UID, (elf_addr_t) cred->uid);
627 NEW_AUX_ENT(AT_EUID, (elf_addr_t) current->euid); 628 NEW_AUX_ENT(AT_EUID, (elf_addr_t) cred->euid);
628 NEW_AUX_ENT(AT_GID, (elf_addr_t) current->gid); 629 NEW_AUX_ENT(AT_GID, (elf_addr_t) cred->gid);
629 NEW_AUX_ENT(AT_EGID, (elf_addr_t) current->egid); 630 NEW_AUX_ENT(AT_EGID, (elf_addr_t) cred->egid);
630 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm)); 631 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
631 NEW_AUX_ENT(AT_EXECFN, bprm->exec); 632 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
632 633
@@ -1413,6 +1414,7 @@ static void fill_prstatus(struct elf_prstatus *prstatus,
1413static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p, 1414static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1414 struct mm_struct *mm) 1415 struct mm_struct *mm)
1415{ 1416{
1417 const struct cred *cred;
1416 unsigned int i, len; 1418 unsigned int i, len;
1417 1419
1418 /* first copy the parameters from user space */ 1420 /* first copy the parameters from user space */
@@ -1440,8 +1442,11 @@ static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1440 psinfo->pr_zomb = psinfo->pr_sname == 'Z'; 1442 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1441 psinfo->pr_nice = task_nice(p); 1443 psinfo->pr_nice = task_nice(p);
1442 psinfo->pr_flag = p->flags; 1444 psinfo->pr_flag = p->flags;
1443 SET_UID(psinfo->pr_uid, p->uid); 1445 rcu_read_lock();
1444 SET_GID(psinfo->pr_gid, p->gid); 1446 cred = __task_cred(p);
1447 SET_UID(psinfo->pr_uid, cred->uid);
1448 SET_GID(psinfo->pr_gid, cred->gid);
1449 rcu_read_unlock();
1445 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname)); 1450 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
1446 1451
1447 return 0; 1452 return 0;
diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c
index ccb781a6a804..7bbd5c6b3725 100644
--- a/fs/binfmt_flat.c
+++ b/fs/binfmt_flat.c
@@ -880,7 +880,7 @@ static int load_flat_binary(struct linux_binprm * bprm, struct pt_regs * regs)
880 (libinfo.lib_list[j].loaded)? 880 (libinfo.lib_list[j].loaded)?
881 libinfo.lib_list[j].start_data:UNLOADED_LIB; 881 libinfo.lib_list[j].start_data:UNLOADED_LIB;
882 882
883 compute_creds(bprm); 883 install_exec_creds(bprm);
884 current->flags &= ~PF_FORKNOEXEC; 884 current->flags &= ~PF_FORKNOEXEC;
885 885
886 set_binfmt(&flat_format); 886 set_binfmt(&flat_format);
diff --git a/fs/binfmt_som.c b/fs/binfmt_som.c
index 74e587a52796..08644a61616e 100644
--- a/fs/binfmt_som.c
+++ b/fs/binfmt_som.c
@@ -255,7 +255,7 @@ load_som_binary(struct linux_binprm * bprm, struct pt_regs * regs)
255 kfree(hpuxhdr); 255 kfree(hpuxhdr);
256 256
257 set_binfmt(&som_format); 257 set_binfmt(&som_format);
258 compute_creds(bprm); 258 install_exec_creds(bprm);
259 setup_arg_pages(bprm, STACK_TOP, EXSTACK_DEFAULT); 259 setup_arg_pages(bprm, STACK_TOP, EXSTACK_DEFAULT);
260 260
261 create_som_tables(bprm); 261 create_som_tables(bprm);
diff --git a/fs/cifs/cifs_fs_sb.h b/fs/cifs/cifs_fs_sb.h
index 877c85409f1f..1e7b87497f26 100644
--- a/fs/cifs/cifs_fs_sb.h
+++ b/fs/cifs/cifs_fs_sb.h
@@ -19,7 +19,7 @@
19#define _CIFS_FS_SB_H 19#define _CIFS_FS_SB_H
20 20
21#define CIFS_MOUNT_NO_PERM 1 /* do not do client vfs_perm check */ 21#define CIFS_MOUNT_NO_PERM 1 /* do not do client vfs_perm check */
22#define CIFS_MOUNT_SET_UID 2 /* set current->euid in create etc. */ 22#define CIFS_MOUNT_SET_UID 2 /* set current's euid in create etc. */
23#define CIFS_MOUNT_SERVER_INUM 4 /* inode numbers from uniqueid from server */ 23#define CIFS_MOUNT_SERVER_INUM 4 /* inode numbers from uniqueid from server */
24#define CIFS_MOUNT_DIRECT_IO 8 /* do not write nor read through page cache */ 24#define CIFS_MOUNT_DIRECT_IO 8 /* do not write nor read through page cache */
25#define CIFS_MOUNT_NO_XATTR 0x10 /* if set - disable xattr support */ 25#define CIFS_MOUNT_NO_XATTR 0x10 /* if set - disable xattr support */
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h
index 6f21ecb85ce5..9d8b978137ad 100644
--- a/fs/cifs/cifsproto.h
+++ b/fs/cifs/cifsproto.h
@@ -39,7 +39,7 @@ extern int smb_send(struct socket *, struct smb_hdr *,
39 unsigned int /* length */ , struct sockaddr *, bool); 39 unsigned int /* length */ , struct sockaddr *, bool);
40extern unsigned int _GetXid(void); 40extern unsigned int _GetXid(void);
41extern void _FreeXid(unsigned int); 41extern void _FreeXid(unsigned int);
42#define GetXid() (int)_GetXid(); cFYI(1,("CIFS VFS: in %s as Xid: %d with uid: %d",__func__, xid,current->fsuid)); 42#define GetXid() (int)_GetXid(); cFYI(1,("CIFS VFS: in %s as Xid: %d with uid: %d",__func__, xid,current_fsuid()));
43#define FreeXid(curr_xid) {_FreeXid(curr_xid); cFYI(1,("CIFS VFS: leaving %s (xid = %d) rc = %d",__func__,curr_xid,(int)rc));} 43#define FreeXid(curr_xid) {_FreeXid(curr_xid); cFYI(1,("CIFS VFS: leaving %s (xid = %d) rc = %d",__func__,curr_xid,(int)rc));}
44extern char *build_path_from_dentry(struct dentry *); 44extern char *build_path_from_dentry(struct dentry *);
45extern char *build_wildcard_path_from_dentry(struct dentry *direntry); 45extern char *build_wildcard_path_from_dentry(struct dentry *direntry);
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index c7d341714586..683dee4d2f76 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -836,8 +836,8 @@ cifs_parse_mount_options(char *options, const char *devname,
836 /* null target name indicates to use *SMBSERVR default called name 836 /* null target name indicates to use *SMBSERVR default called name
837 if we end up sending RFC1001 session initialize */ 837 if we end up sending RFC1001 session initialize */
838 vol->target_rfc1001_name[0] = 0; 838 vol->target_rfc1001_name[0] = 0;
839 vol->linux_uid = current->uid; /* current->euid instead? */ 839 vol->linux_uid = current_uid(); /* use current_euid() instead? */
840 vol->linux_gid = current->gid; 840 vol->linux_gid = current_gid();
841 vol->dir_mode = S_IRWXUGO; 841 vol->dir_mode = S_IRWXUGO;
842 /* 2767 perms indicate mandatory locking support */ 842 /* 2767 perms indicate mandatory locking support */
843 vol->file_mode = (S_IRWXUGO | S_ISGID) & (~S_IXGRP); 843 vol->file_mode = (S_IRWXUGO | S_ISGID) & (~S_IXGRP);
diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
index e962e75e6f7b..2f02c52db666 100644
--- a/fs/cifs/dir.c
+++ b/fs/cifs/dir.c
@@ -235,11 +235,11 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode,
235 }; 235 };
236 236
237 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) { 237 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
238 args.uid = (__u64) current->fsuid; 238 args.uid = (__u64) current_fsuid();
239 if (inode->i_mode & S_ISGID) 239 if (inode->i_mode & S_ISGID)
240 args.gid = (__u64) inode->i_gid; 240 args.gid = (__u64) inode->i_gid;
241 else 241 else
242 args.gid = (__u64) current->fsgid; 242 args.gid = (__u64) current_fsgid();
243 } else { 243 } else {
244 args.uid = NO_CHANGE_64; 244 args.uid = NO_CHANGE_64;
245 args.gid = NO_CHANGE_64; 245 args.gid = NO_CHANGE_64;
@@ -271,13 +271,13 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode,
271 if ((oplock & CIFS_CREATE_ACTION) && 271 if ((oplock & CIFS_CREATE_ACTION) &&
272 (cifs_sb->mnt_cifs_flags & 272 (cifs_sb->mnt_cifs_flags &
273 CIFS_MOUNT_SET_UID)) { 273 CIFS_MOUNT_SET_UID)) {
274 newinode->i_uid = current->fsuid; 274 newinode->i_uid = current_fsuid();
275 if (inode->i_mode & S_ISGID) 275 if (inode->i_mode & S_ISGID)
276 newinode->i_gid = 276 newinode->i_gid =
277 inode->i_gid; 277 inode->i_gid;
278 else 278 else
279 newinode->i_gid = 279 newinode->i_gid =
280 current->fsgid; 280 current_fsgid();
281 } 281 }
282 } 282 }
283 } 283 }
@@ -375,8 +375,8 @@ int cifs_mknod(struct inode *inode, struct dentry *direntry, int mode,
375 .device = device_number, 375 .device = device_number,
376 }; 376 };
377 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) { 377 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
378 args.uid = (__u64) current->fsuid; 378 args.uid = (__u64) current_fsuid();
379 args.gid = (__u64) current->fsgid; 379 args.gid = (__u64) current_fsgid();
380 } else { 380 } else {
381 args.uid = NO_CHANGE_64; 381 args.uid = NO_CHANGE_64;
382 args.gid = NO_CHANGE_64; 382 args.gid = NO_CHANGE_64;
diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c
index ff8c68de4a92..8b7305e73d7e 100644
--- a/fs/cifs/inode.c
+++ b/fs/cifs/inode.c
@@ -1143,11 +1143,11 @@ mkdir_get_info:
1143 .device = 0, 1143 .device = 0,
1144 }; 1144 };
1145 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) { 1145 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
1146 args.uid = (__u64)current->fsuid; 1146 args.uid = (__u64)current_fsuid();
1147 if (inode->i_mode & S_ISGID) 1147 if (inode->i_mode & S_ISGID)
1148 args.gid = (__u64)inode->i_gid; 1148 args.gid = (__u64)inode->i_gid;
1149 else 1149 else
1150 args.gid = (__u64)current->fsgid; 1150 args.gid = (__u64)current_fsgid();
1151 } else { 1151 } else {
1152 args.uid = NO_CHANGE_64; 1152 args.uid = NO_CHANGE_64;
1153 args.gid = NO_CHANGE_64; 1153 args.gid = NO_CHANGE_64;
@@ -1184,13 +1184,13 @@ mkdir_get_info:
1184 if (cifs_sb->mnt_cifs_flags & 1184 if (cifs_sb->mnt_cifs_flags &
1185 CIFS_MOUNT_SET_UID) { 1185 CIFS_MOUNT_SET_UID) {
1186 direntry->d_inode->i_uid = 1186 direntry->d_inode->i_uid =
1187 current->fsuid; 1187 current_fsuid();
1188 if (inode->i_mode & S_ISGID) 1188 if (inode->i_mode & S_ISGID)
1189 direntry->d_inode->i_gid = 1189 direntry->d_inode->i_gid =
1190 inode->i_gid; 1190 inode->i_gid;
1191 else 1191 else
1192 direntry->d_inode->i_gid = 1192 direntry->d_inode->i_gid =
1193 current->fsgid; 1193 current_fsgid();
1194 } 1194 }
1195 } 1195 }
1196 } 1196 }
diff --git a/fs/cifs/ioctl.c b/fs/cifs/ioctl.c
index 0088a5b52564..f94650683a00 100644
--- a/fs/cifs/ioctl.c
+++ b/fs/cifs/ioctl.c
@@ -65,7 +65,7 @@ long cifs_ioctl(struct file *filep, unsigned int command, unsigned long arg)
65 switch (command) { 65 switch (command) {
66 case CIFS_IOC_CHECKUMOUNT: 66 case CIFS_IOC_CHECKUMOUNT:
67 cFYI(1, ("User unmount attempted")); 67 cFYI(1, ("User unmount attempted"));
68 if (cifs_sb->mnt_uid == current->uid) 68 if (cifs_sb->mnt_uid == current_uid())
69 rc = 0; 69 rc = 0;
70 else { 70 else {
71 rc = -EACCES; 71 rc = -EACCES;
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index 9ee3f689c2b0..8a82d076450b 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -338,13 +338,13 @@ header_assemble(struct smb_hdr *buffer, char smb_command /* command */ ,
338 /* BB Add support for establishing new tCon and SMB Session */ 338 /* BB Add support for establishing new tCon and SMB Session */
339 /* with userid/password pairs found on the smb session */ 339 /* with userid/password pairs found on the smb session */
340 /* for other target tcp/ip addresses BB */ 340 /* for other target tcp/ip addresses BB */
341 if (current->fsuid != treeCon->ses->linux_uid) { 341 if (current_fsuid() != treeCon->ses->linux_uid) {
342 cFYI(1, ("Multiuser mode and UID " 342 cFYI(1, ("Multiuser mode and UID "
343 "did not match tcon uid")); 343 "did not match tcon uid"));
344 read_lock(&cifs_tcp_ses_lock); 344 read_lock(&cifs_tcp_ses_lock);
345 list_for_each(temp_item, &treeCon->ses->server->smb_ses_list) { 345 list_for_each(temp_item, &treeCon->ses->server->smb_ses_list) {
346 ses = list_entry(temp_item, struct cifsSesInfo, smb_ses_list); 346 ses = list_entry(temp_item, struct cifsSesInfo, smb_ses_list);
347 if (ses->linux_uid == current->fsuid) { 347 if (ses->linux_uid == current_fsuid()) {
348 if (ses->server == treeCon->ses->server) { 348 if (ses->server == treeCon->ses->server) {
349 cFYI(1, ("found matching uid substitute right smb_uid")); 349 cFYI(1, ("found matching uid substitute right smb_uid"));
350 buffer->Uid = ses->Suid; 350 buffer->Uid = ses->Suid;
diff --git a/fs/coda/cache.c b/fs/coda/cache.c
index 8a2370341c7a..a5bf5771a22a 100644
--- a/fs/coda/cache.c
+++ b/fs/coda/cache.c
@@ -32,8 +32,8 @@ void coda_cache_enter(struct inode *inode, int mask)
32 struct coda_inode_info *cii = ITOC(inode); 32 struct coda_inode_info *cii = ITOC(inode);
33 33
34 cii->c_cached_epoch = atomic_read(&permission_epoch); 34 cii->c_cached_epoch = atomic_read(&permission_epoch);
35 if (cii->c_uid != current->fsuid) { 35 if (cii->c_uid != current_fsuid()) {
36 cii->c_uid = current->fsuid; 36 cii->c_uid = current_fsuid();
37 cii->c_cached_perm = mask; 37 cii->c_cached_perm = mask;
38 } else 38 } else
39 cii->c_cached_perm |= mask; 39 cii->c_cached_perm |= mask;
@@ -60,7 +60,7 @@ int coda_cache_check(struct inode *inode, int mask)
60 int hit; 60 int hit;
61 61
62 hit = (mask & cii->c_cached_perm) == mask && 62 hit = (mask & cii->c_cached_perm) == mask &&
63 cii->c_uid == current->fsuid && 63 cii->c_uid == current_fsuid() &&
64 cii->c_cached_epoch == atomic_read(&permission_epoch); 64 cii->c_cached_epoch == atomic_read(&permission_epoch);
65 65
66 return hit; 66 return hit;
diff --git a/fs/coda/file.c b/fs/coda/file.c
index 29137ff3ca67..466303db2df6 100644
--- a/fs/coda/file.c
+++ b/fs/coda/file.c
@@ -13,6 +13,7 @@
13#include <linux/file.h> 13#include <linux/file.h>
14#include <linux/fs.h> 14#include <linux/fs.h>
15#include <linux/stat.h> 15#include <linux/stat.h>
16#include <linux/cred.h>
16#include <linux/errno.h> 17#include <linux/errno.h>
17#include <linux/smp_lock.h> 18#include <linux/smp_lock.h>
18#include <linux/string.h> 19#include <linux/string.h>
@@ -174,7 +175,7 @@ int coda_release(struct inode *coda_inode, struct file *coda_file)
174 BUG_ON(!cfi || cfi->cfi_magic != CODA_MAGIC); 175 BUG_ON(!cfi || cfi->cfi_magic != CODA_MAGIC);
175 176
176 err = venus_close(coda_inode->i_sb, coda_i2f(coda_inode), 177 err = venus_close(coda_inode->i_sb, coda_i2f(coda_inode),
177 coda_flags, coda_file->f_uid); 178 coda_flags, coda_file->f_cred->fsuid);
178 179
179 host_inode = cfi->cfi_container->f_path.dentry->d_inode; 180 host_inode = cfi->cfi_container->f_path.dentry->d_inode;
180 cii = ITOC(coda_inode); 181 cii = ITOC(coda_inode);
diff --git a/fs/coda/upcall.c b/fs/coda/upcall.c
index ce432bca95d1..c274d949179d 100644
--- a/fs/coda/upcall.c
+++ b/fs/coda/upcall.c
@@ -52,7 +52,7 @@ static void *alloc_upcall(int opcode, int size)
52 inp->ih.opcode = opcode; 52 inp->ih.opcode = opcode;
53 inp->ih.pid = current->pid; 53 inp->ih.pid = current->pid;
54 inp->ih.pgid = task_pgrp_nr(current); 54 inp->ih.pgid = task_pgrp_nr(current);
55 inp->ih.uid = current->fsuid; 55 inp->ih.uid = current_fsuid();
56 56
57 return (void*)inp; 57 return (void*)inp;
58} 58}
diff --git a/fs/compat.c b/fs/compat.c
index e5f49f538502..d1ece79b6411 100644
--- a/fs/compat.c
+++ b/fs/compat.c
@@ -1393,10 +1393,20 @@ int compat_do_execve(char * filename,
1393 if (!bprm) 1393 if (!bprm)
1394 goto out_ret; 1394 goto out_ret;
1395 1395
1396 retval = mutex_lock_interruptible(&current->cred_exec_mutex);
1397 if (retval < 0)
1398 goto out_free;
1399
1400 retval = -ENOMEM;
1401 bprm->cred = prepare_exec_creds();
1402 if (!bprm->cred)
1403 goto out_unlock;
1404 check_unsafe_exec(bprm);
1405
1396 file = open_exec(filename); 1406 file = open_exec(filename);
1397 retval = PTR_ERR(file); 1407 retval = PTR_ERR(file);
1398 if (IS_ERR(file)) 1408 if (IS_ERR(file))
1399 goto out_kfree; 1409 goto out_unlock;
1400 1410
1401 sched_exec(); 1411 sched_exec();
1402 1412
@@ -1410,14 +1420,10 @@ int compat_do_execve(char * filename,
1410 1420
1411 bprm->argc = compat_count(argv, MAX_ARG_STRINGS); 1421 bprm->argc = compat_count(argv, MAX_ARG_STRINGS);
1412 if ((retval = bprm->argc) < 0) 1422 if ((retval = bprm->argc) < 0)
1413 goto out_mm; 1423 goto out;
1414 1424
1415 bprm->envc = compat_count(envp, MAX_ARG_STRINGS); 1425 bprm->envc = compat_count(envp, MAX_ARG_STRINGS);
1416 if ((retval = bprm->envc) < 0) 1426 if ((retval = bprm->envc) < 0)
1417 goto out_mm;
1418
1419 retval = security_bprm_alloc(bprm);
1420 if (retval)
1421 goto out; 1427 goto out;
1422 1428
1423 retval = prepare_binprm(bprm); 1429 retval = prepare_binprm(bprm);
@@ -1438,19 +1444,16 @@ int compat_do_execve(char * filename,
1438 goto out; 1444 goto out;
1439 1445
1440 retval = search_binary_handler(bprm, regs); 1446 retval = search_binary_handler(bprm, regs);
1441 if (retval >= 0) { 1447 if (retval < 0)
1442 /* execve success */ 1448 goto out;
1443 security_bprm_free(bprm);
1444 acct_update_integrals(current);
1445 free_bprm(bprm);
1446 return retval;
1447 }
1448 1449
1449out: 1450 /* execve succeeded */
1450 if (bprm->security) 1451 mutex_unlock(&current->cred_exec_mutex);
1451 security_bprm_free(bprm); 1452 acct_update_integrals(current);
1453 free_bprm(bprm);
1454 return retval;
1452 1455
1453out_mm: 1456out:
1454 if (bprm->mm) 1457 if (bprm->mm)
1455 mmput(bprm->mm); 1458 mmput(bprm->mm);
1456 1459
@@ -1460,7 +1463,10 @@ out_file:
1460 fput(bprm->file); 1463 fput(bprm->file);
1461 } 1464 }
1462 1465
1463out_kfree: 1466out_unlock:
1467 mutex_unlock(&current->cred_exec_mutex);
1468
1469out_free:
1464 free_bprm(bprm); 1470 free_bprm(bprm);
1465 1471
1466out_ret: 1472out_ret:
diff --git a/fs/devpts/inode.c b/fs/devpts/inode.c
index 4a714f6c1bed..5d61b7c06e13 100644
--- a/fs/devpts/inode.c
+++ b/fs/devpts/inode.c
@@ -222,8 +222,8 @@ int devpts_pty_new(struct inode *ptmx_inode, struct tty_struct *tty)
222 return -ENOMEM; 222 return -ENOMEM;
223 223
224 inode->i_ino = number+2; 224 inode->i_ino = number+2;
225 inode->i_uid = config.setuid ? config.uid : current->fsuid; 225 inode->i_uid = config.setuid ? config.uid : current_fsuid();
226 inode->i_gid = config.setgid ? config.gid : current->fsgid; 226 inode->i_gid = config.setgid ? config.gid : current_fsgid();
227 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; 227 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
228 init_special_inode(inode, S_IFCHR|config.mode, device); 228 init_special_inode(inode, S_IFCHR|config.mode, device);
229 inode->i_private = tty; 229 inode->i_private = tty;
diff --git a/fs/dquot.c b/fs/dquot.c
index 5e95261005b2..c237ccc8581c 100644
--- a/fs/dquot.c
+++ b/fs/dquot.c
@@ -874,7 +874,7 @@ static inline int need_print_warning(struct dquot *dquot)
874 874
875 switch (dquot->dq_type) { 875 switch (dquot->dq_type) {
876 case USRQUOTA: 876 case USRQUOTA:
877 return current->fsuid == dquot->dq_id; 877 return current_fsuid() == dquot->dq_id;
878 case GRPQUOTA: 878 case GRPQUOTA:
879 return in_group_p(dquot->dq_id); 879 return in_group_p(dquot->dq_id);
880 } 880 }
@@ -981,7 +981,7 @@ static void send_warning(const struct dquot *dquot, const char warntype)
981 MINOR(dquot->dq_sb->s_dev)); 981 MINOR(dquot->dq_sb->s_dev));
982 if (ret) 982 if (ret)
983 goto attr_err_out; 983 goto attr_err_out;
984 ret = nla_put_u64(skb, QUOTA_NL_A_CAUSED_ID, current->user->uid); 984 ret = nla_put_u64(skb, QUOTA_NL_A_CAUSED_ID, current_uid());
985 if (ret) 985 if (ret)
986 goto attr_err_out; 986 goto attr_err_out;
987 genlmsg_end(skb, msg_head); 987 genlmsg_end(skb, msg_head);
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 3504cf9df358..a75026d35d16 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -691,7 +691,8 @@ int ecryptfs_init_kthread(void);
691void ecryptfs_destroy_kthread(void); 691void ecryptfs_destroy_kthread(void);
692int ecryptfs_privileged_open(struct file **lower_file, 692int ecryptfs_privileged_open(struct file **lower_file,
693 struct dentry *lower_dentry, 693 struct dentry *lower_dentry,
694 struct vfsmount *lower_mnt); 694 struct vfsmount *lower_mnt,
695 const struct cred *cred);
695int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry); 696int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry);
696 697
697#endif /* #ifndef ECRYPTFS_KERNEL_H */ 698#endif /* #ifndef ECRYPTFS_KERNEL_H */
diff --git a/fs/ecryptfs/kthread.c b/fs/ecryptfs/kthread.c
index c440c6b58b2d..c6d7a4d748a0 100644
--- a/fs/ecryptfs/kthread.c
+++ b/fs/ecryptfs/kthread.c
@@ -73,7 +73,7 @@ static int ecryptfs_threadfn(void *ignored)
73 mntget(req->lower_mnt); 73 mntget(req->lower_mnt);
74 (*req->lower_file) = dentry_open( 74 (*req->lower_file) = dentry_open(
75 req->lower_dentry, req->lower_mnt, 75 req->lower_dentry, req->lower_mnt,
76 (O_RDWR | O_LARGEFILE)); 76 (O_RDWR | O_LARGEFILE), current_cred());
77 req->flags |= ECRYPTFS_REQ_PROCESSED; 77 req->flags |= ECRYPTFS_REQ_PROCESSED;
78 } 78 }
79 wake_up(&req->wait); 79 wake_up(&req->wait);
@@ -132,7 +132,8 @@ void ecryptfs_destroy_kthread(void)
132 */ 132 */
133int ecryptfs_privileged_open(struct file **lower_file, 133int ecryptfs_privileged_open(struct file **lower_file,
134 struct dentry *lower_dentry, 134 struct dentry *lower_dentry,
135 struct vfsmount *lower_mnt) 135 struct vfsmount *lower_mnt,
136 const struct cred *cred)
136{ 137{
137 struct ecryptfs_open_req *req; 138 struct ecryptfs_open_req *req;
138 int rc = 0; 139 int rc = 0;
@@ -143,7 +144,7 @@ int ecryptfs_privileged_open(struct file **lower_file,
143 dget(lower_dentry); 144 dget(lower_dentry);
144 mntget(lower_mnt); 145 mntget(lower_mnt);
145 (*lower_file) = dentry_open(lower_dentry, lower_mnt, 146 (*lower_file) = dentry_open(lower_dentry, lower_mnt,
146 (O_RDWR | O_LARGEFILE)); 147 (O_RDWR | O_LARGEFILE), cred);
147 if (!IS_ERR(*lower_file)) 148 if (!IS_ERR(*lower_file))
148 goto out; 149 goto out;
149 req = kmem_cache_alloc(ecryptfs_open_req_cache, GFP_KERNEL); 150 req = kmem_cache_alloc(ecryptfs_open_req_cache, GFP_KERNEL);
@@ -184,7 +185,7 @@ int ecryptfs_privileged_open(struct file **lower_file,
184 dget(lower_dentry); 185 dget(lower_dentry);
185 mntget(lower_mnt); 186 mntget(lower_mnt);
186 (*lower_file) = dentry_open(lower_dentry, lower_mnt, 187 (*lower_file) = dentry_open(lower_dentry, lower_mnt,
187 (O_RDONLY | O_LARGEFILE)); 188 (O_RDONLY | O_LARGEFILE), cred);
188 if (IS_ERR(*lower_file)) { 189 if (IS_ERR(*lower_file)) {
189 rc = PTR_ERR(*req->lower_file); 190 rc = PTR_ERR(*req->lower_file);
190 (*lower_file) = NULL; 191 (*lower_file) = NULL;
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index 64d2ba980df4..fd630713c5c7 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -115,6 +115,7 @@ void __ecryptfs_printk(const char *fmt, ...)
115 */ 115 */
116int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry) 116int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
117{ 117{
118 const struct cred *cred = current_cred();
118 struct ecryptfs_inode_info *inode_info = 119 struct ecryptfs_inode_info *inode_info =
119 ecryptfs_inode_to_private(ecryptfs_dentry->d_inode); 120 ecryptfs_inode_to_private(ecryptfs_dentry->d_inode);
120 int rc = 0; 121 int rc = 0;
@@ -127,7 +128,7 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
127 128
128 lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry); 129 lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry);
129 rc = ecryptfs_privileged_open(&inode_info->lower_file, 130 rc = ecryptfs_privileged_open(&inode_info->lower_file,
130 lower_dentry, lower_mnt); 131 lower_dentry, lower_mnt, cred);
131 if (rc || IS_ERR(inode_info->lower_file)) { 132 if (rc || IS_ERR(inode_info->lower_file)) {
132 printk(KERN_ERR "Error opening lower persistent file " 133 printk(KERN_ERR "Error opening lower persistent file "
133 "for lower_dentry [0x%p] and lower_mnt [0x%p]; " 134 "for lower_dentry [0x%p] and lower_mnt [0x%p]; "
diff --git a/fs/ecryptfs/messaging.c b/fs/ecryptfs/messaging.c
index c6983978a31e..6913f727624d 100644
--- a/fs/ecryptfs/messaging.c
+++ b/fs/ecryptfs/messaging.c
@@ -360,7 +360,8 @@ int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid,
360 struct ecryptfs_msg_ctx *msg_ctx; 360 struct ecryptfs_msg_ctx *msg_ctx;
361 size_t msg_size; 361 size_t msg_size;
362 struct nsproxy *nsproxy; 362 struct nsproxy *nsproxy;
363 struct user_namespace *current_user_ns; 363 struct user_namespace *tsk_user_ns;
364 uid_t ctx_euid;
364 int rc; 365 int rc;
365 366
366 if (msg->index >= ecryptfs_message_buf_len) { 367 if (msg->index >= ecryptfs_message_buf_len) {
@@ -384,9 +385,9 @@ int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid,
384 mutex_unlock(&ecryptfs_daemon_hash_mux); 385 mutex_unlock(&ecryptfs_daemon_hash_mux);
385 goto wake_up; 386 goto wake_up;
386 } 387 }
387 current_user_ns = nsproxy->user_ns; 388 tsk_user_ns = __task_cred(msg_ctx->task)->user->user_ns;
388 rc = ecryptfs_find_daemon_by_euid(&daemon, msg_ctx->task->euid, 389 ctx_euid = task_euid(msg_ctx->task);
389 current_user_ns); 390 rc = ecryptfs_find_daemon_by_euid(&daemon, ctx_euid, tsk_user_ns);
390 rcu_read_unlock(); 391 rcu_read_unlock();
391 mutex_unlock(&ecryptfs_daemon_hash_mux); 392 mutex_unlock(&ecryptfs_daemon_hash_mux);
392 if (rc) { 393 if (rc) {
@@ -394,28 +395,28 @@ int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid,
394 printk(KERN_WARNING "%s: User [%d] received a " 395 printk(KERN_WARNING "%s: User [%d] received a "
395 "message response from process [0x%p] but does " 396 "message response from process [0x%p] but does "
396 "not have a registered daemon\n", __func__, 397 "not have a registered daemon\n", __func__,
397 msg_ctx->task->euid, pid); 398 ctx_euid, pid);
398 goto wake_up; 399 goto wake_up;
399 } 400 }
400 if (msg_ctx->task->euid != euid) { 401 if (ctx_euid != euid) {
401 rc = -EBADMSG; 402 rc = -EBADMSG;
402 printk(KERN_WARNING "%s: Received message from user " 403 printk(KERN_WARNING "%s: Received message from user "
403 "[%d]; expected message from user [%d]\n", __func__, 404 "[%d]; expected message from user [%d]\n", __func__,
404 euid, msg_ctx->task->euid); 405 euid, ctx_euid);
405 goto unlock; 406 goto unlock;
406 } 407 }
407 if (current_user_ns != user_ns) { 408 if (tsk_user_ns != user_ns) {
408 rc = -EBADMSG; 409 rc = -EBADMSG;
409 printk(KERN_WARNING "%s: Received message from user_ns " 410 printk(KERN_WARNING "%s: Received message from user_ns "
410 "[0x%p]; expected message from user_ns [0x%p]\n", 411 "[0x%p]; expected message from user_ns [0x%p]\n",
411 __func__, user_ns, nsproxy->user_ns); 412 __func__, user_ns, tsk_user_ns);
412 goto unlock; 413 goto unlock;
413 } 414 }
414 if (daemon->pid != pid) { 415 if (daemon->pid != pid) {
415 rc = -EBADMSG; 416 rc = -EBADMSG;
416 printk(KERN_ERR "%s: User [%d] sent a message response " 417 printk(KERN_ERR "%s: User [%d] sent a message response "
417 "from an unrecognized process [0x%p]\n", 418 "from an unrecognized process [0x%p]\n",
418 __func__, msg_ctx->task->euid, pid); 419 __func__, ctx_euid, pid);
419 goto unlock; 420 goto unlock;
420 } 421 }
421 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) { 422 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) {
@@ -464,14 +465,14 @@ ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type,
464 struct ecryptfs_msg_ctx **msg_ctx) 465 struct ecryptfs_msg_ctx **msg_ctx)
465{ 466{
466 struct ecryptfs_daemon *daemon; 467 struct ecryptfs_daemon *daemon;
468 uid_t euid = current_euid();
467 int rc; 469 int rc;
468 470
469 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 471 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
470 current->nsproxy->user_ns);
471 if (rc || !daemon) { 472 if (rc || !daemon) {
472 rc = -ENOTCONN; 473 rc = -ENOTCONN;
473 printk(KERN_ERR "%s: User [%d] does not have a daemon " 474 printk(KERN_ERR "%s: User [%d] does not have a daemon "
474 "registered\n", __func__, current->euid); 475 "registered\n", __func__, euid);
475 goto out; 476 goto out;
476 } 477 }
477 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 478 mutex_lock(&ecryptfs_msg_ctx_lists_mux);
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c
index b484792a0996..efd95a0ed1ea 100644
--- a/fs/ecryptfs/miscdev.c
+++ b/fs/ecryptfs/miscdev.c
@@ -42,12 +42,12 @@ ecryptfs_miscdev_poll(struct file *file, poll_table *pt)
42{ 42{
43 struct ecryptfs_daemon *daemon; 43 struct ecryptfs_daemon *daemon;
44 unsigned int mask = 0; 44 unsigned int mask = 0;
45 uid_t euid = current_euid();
45 int rc; 46 int rc;
46 47
47 mutex_lock(&ecryptfs_daemon_hash_mux); 48 mutex_lock(&ecryptfs_daemon_hash_mux);
48 /* TODO: Just use file->private_data? */ 49 /* TODO: Just use file->private_data? */
49 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 50 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
50 current->nsproxy->user_ns);
51 BUG_ON(rc || !daemon); 51 BUG_ON(rc || !daemon);
52 mutex_lock(&daemon->mux); 52 mutex_lock(&daemon->mux);
53 mutex_unlock(&ecryptfs_daemon_hash_mux); 53 mutex_unlock(&ecryptfs_daemon_hash_mux);
@@ -83,6 +83,7 @@ static int
83ecryptfs_miscdev_open(struct inode *inode, struct file *file) 83ecryptfs_miscdev_open(struct inode *inode, struct file *file)
84{ 84{
85 struct ecryptfs_daemon *daemon = NULL; 85 struct ecryptfs_daemon *daemon = NULL;
86 uid_t euid = current_euid();
86 int rc; 87 int rc;
87 88
88 mutex_lock(&ecryptfs_daemon_hash_mux); 89 mutex_lock(&ecryptfs_daemon_hash_mux);
@@ -93,11 +94,9 @@ ecryptfs_miscdev_open(struct inode *inode, struct file *file)
93 "count; rc = [%d]\n", __func__, rc); 94 "count; rc = [%d]\n", __func__, rc);
94 goto out_unlock_daemon_list; 95 goto out_unlock_daemon_list;
95 } 96 }
96 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 97 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
97 current->nsproxy->user_ns);
98 if (rc || !daemon) { 98 if (rc || !daemon) {
99 rc = ecryptfs_spawn_daemon(&daemon, current->euid, 99 rc = ecryptfs_spawn_daemon(&daemon, euid, current_user_ns(),
100 current->nsproxy->user_ns,
101 task_pid(current)); 100 task_pid(current));
102 if (rc) { 101 if (rc) {
103 printk(KERN_ERR "%s: Error attempting to spawn daemon; " 102 printk(KERN_ERR "%s: Error attempting to spawn daemon; "
@@ -147,11 +146,11 @@ static int
147ecryptfs_miscdev_release(struct inode *inode, struct file *file) 146ecryptfs_miscdev_release(struct inode *inode, struct file *file)
148{ 147{
149 struct ecryptfs_daemon *daemon = NULL; 148 struct ecryptfs_daemon *daemon = NULL;
149 uid_t euid = current_euid();
150 int rc; 150 int rc;
151 151
152 mutex_lock(&ecryptfs_daemon_hash_mux); 152 mutex_lock(&ecryptfs_daemon_hash_mux);
153 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 153 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
154 current->nsproxy->user_ns);
155 BUG_ON(rc || !daemon); 154 BUG_ON(rc || !daemon);
156 mutex_lock(&daemon->mux); 155 mutex_lock(&daemon->mux);
157 BUG_ON(daemon->pid != task_pid(current)); 156 BUG_ON(daemon->pid != task_pid(current));
@@ -246,12 +245,12 @@ ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count,
246 char packet_length[3]; 245 char packet_length[3];
247 size_t i; 246 size_t i;
248 size_t total_length; 247 size_t total_length;
248 uid_t euid = current_euid();
249 int rc; 249 int rc;
250 250
251 mutex_lock(&ecryptfs_daemon_hash_mux); 251 mutex_lock(&ecryptfs_daemon_hash_mux);
252 /* TODO: Just use file->private_data? */ 252 /* TODO: Just use file->private_data? */
253 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 253 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
254 current->nsproxy->user_ns);
255 BUG_ON(rc || !daemon); 254 BUG_ON(rc || !daemon);
256 mutex_lock(&daemon->mux); 255 mutex_lock(&daemon->mux);
257 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 256 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) {
@@ -290,8 +289,8 @@ check_list:
290 * message from the queue; try again */ 289 * message from the queue; try again */
291 goto check_list; 290 goto check_list;
292 } 291 }
293 BUG_ON(current->euid != daemon->euid); 292 BUG_ON(euid != daemon->euid);
294 BUG_ON(current->nsproxy->user_ns != daemon->user_ns); 293 BUG_ON(current_user_ns() != daemon->user_ns);
295 BUG_ON(task_pid(current) != daemon->pid); 294 BUG_ON(task_pid(current) != daemon->pid);
296 msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, 295 msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue,
297 struct ecryptfs_msg_ctx, daemon_out_list); 296 struct ecryptfs_msg_ctx, daemon_out_list);
@@ -414,6 +413,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf,
414 size_t packet_size, packet_size_length, i; 413 size_t packet_size, packet_size_length, i;
415 ssize_t sz = 0; 414 ssize_t sz = 0;
416 char *data; 415 char *data;
416 uid_t euid = current_euid();
417 int rc; 417 int rc;
418 418
419 if (count == 0) 419 if (count == 0)
@@ -463,8 +463,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf,
463 goto out_free; 463 goto out_free;
464 } 464 }
465 rc = ecryptfs_miscdev_response(&data[i], packet_size, 465 rc = ecryptfs_miscdev_response(&data[i], packet_size,
466 current->euid, 466 euid, current_user_ns(),
467 current->nsproxy->user_ns,
468 task_pid(current), seq); 467 task_pid(current), seq);
469 if (rc) 468 if (rc)
470 printk(KERN_WARNING "%s: Failed to deliver miscdev " 469 printk(KERN_WARNING "%s: Failed to deliver miscdev "
diff --git a/fs/exec.c b/fs/exec.c
index 4e834f16d9da..32f13e299417 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -55,6 +55,7 @@
55#include <asm/uaccess.h> 55#include <asm/uaccess.h>
56#include <asm/mmu_context.h> 56#include <asm/mmu_context.h>
57#include <asm/tlb.h> 57#include <asm/tlb.h>
58#include "internal.h"
58 59
59#ifdef __alpha__ 60#ifdef __alpha__
60/* for /sbin/loader handling in search_binary_handler() */ 61/* for /sbin/loader handling in search_binary_handler() */
@@ -980,7 +981,7 @@ int flush_old_exec(struct linux_binprm * bprm)
980 /* This is the point of no return */ 981 /* This is the point of no return */
981 current->sas_ss_sp = current->sas_ss_size = 0; 982 current->sas_ss_sp = current->sas_ss_size = 0;
982 983
983 if (current->euid == current->uid && current->egid == current->gid) 984 if (current_euid() == current_uid() && current_egid() == current_gid())
984 set_dumpable(current->mm, 1); 985 set_dumpable(current->mm, 1);
985 else 986 else
986 set_dumpable(current->mm, suid_dumpable); 987 set_dumpable(current->mm, suid_dumpable);
@@ -1007,16 +1008,17 @@ int flush_old_exec(struct linux_binprm * bprm)
1007 */ 1008 */
1008 current->mm->task_size = TASK_SIZE; 1009 current->mm->task_size = TASK_SIZE;
1009 1010
1010 if (bprm->e_uid != current->euid || bprm->e_gid != current->egid) { 1011 /* install the new credentials */
1011 suid_keys(current); 1012 if (bprm->cred->uid != current_euid() ||
1012 set_dumpable(current->mm, suid_dumpable); 1013 bprm->cred->gid != current_egid()) {
1013 current->pdeath_signal = 0; 1014 current->pdeath_signal = 0;
1014 } else if (file_permission(bprm->file, MAY_READ) || 1015 } else if (file_permission(bprm->file, MAY_READ) ||
1015 (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)) { 1016 bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP) {
1016 suid_keys(current);
1017 set_dumpable(current->mm, suid_dumpable); 1017 set_dumpable(current->mm, suid_dumpable);
1018 } 1018 }
1019 1019
1020 current->personality &= ~bprm->per_clear;
1021
1020 /* An exec changes our domain. We are no longer part of the thread 1022 /* An exec changes our domain. We are no longer part of the thread
1021 group */ 1023 group */
1022 1024
@@ -1033,13 +1035,50 @@ out:
1033 1035
1034EXPORT_SYMBOL(flush_old_exec); 1036EXPORT_SYMBOL(flush_old_exec);
1035 1037
1038/*
1039 * install the new credentials for this executable
1040 */
1041void install_exec_creds(struct linux_binprm *bprm)
1042{
1043 security_bprm_committing_creds(bprm);
1044
1045 commit_creds(bprm->cred);
1046 bprm->cred = NULL;
1047
1048 /* cred_exec_mutex must be held at least to this point to prevent
1049 * ptrace_attach() from altering our determination of the task's
1050 * credentials; any time after this it may be unlocked */
1051
1052 security_bprm_committed_creds(bprm);
1053}
1054EXPORT_SYMBOL(install_exec_creds);
1055
1056/*
1057 * determine how safe it is to execute the proposed program
1058 * - the caller must hold current->cred_exec_mutex to protect against
1059 * PTRACE_ATTACH
1060 */
1061void check_unsafe_exec(struct linux_binprm *bprm)
1062{
1063 struct task_struct *p = current;
1064
1065 bprm->unsafe = tracehook_unsafe_exec(p);
1066
1067 if (atomic_read(&p->fs->count) > 1 ||
1068 atomic_read(&p->files->count) > 1 ||
1069 atomic_read(&p->sighand->count) > 1)
1070 bprm->unsafe |= LSM_UNSAFE_SHARE;
1071}
1072
1036/* 1073/*
1037 * Fill the binprm structure from the inode. 1074 * Fill the binprm structure from the inode.
1038 * Check permissions, then read the first 128 (BINPRM_BUF_SIZE) bytes 1075 * Check permissions, then read the first 128 (BINPRM_BUF_SIZE) bytes
1076 *
1077 * This may be called multiple times for binary chains (scripts for example).
1039 */ 1078 */
1040int prepare_binprm(struct linux_binprm *bprm) 1079int prepare_binprm(struct linux_binprm *bprm)
1041{ 1080{
1042 int mode; 1081 umode_t mode;
1043 struct inode * inode = bprm->file->f_path.dentry->d_inode; 1082 struct inode * inode = bprm->file->f_path.dentry->d_inode;
1044 int retval; 1083 int retval;
1045 1084
@@ -1047,14 +1086,15 @@ int prepare_binprm(struct linux_binprm *bprm)
1047 if (bprm->file->f_op == NULL) 1086 if (bprm->file->f_op == NULL)
1048 return -EACCES; 1087 return -EACCES;
1049 1088
1050 bprm->e_uid = current->euid; 1089 /* clear any previous set[ug]id data from a previous binary */
1051 bprm->e_gid = current->egid; 1090 bprm->cred->euid = current_euid();
1091 bprm->cred->egid = current_egid();
1052 1092
1053 if(!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)) { 1093 if (!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)) {
1054 /* Set-uid? */ 1094 /* Set-uid? */
1055 if (mode & S_ISUID) { 1095 if (mode & S_ISUID) {
1056 current->personality &= ~PER_CLEAR_ON_SETID; 1096 bprm->per_clear |= PER_CLEAR_ON_SETID;
1057 bprm->e_uid = inode->i_uid; 1097 bprm->cred->euid = inode->i_uid;
1058 } 1098 }
1059 1099
1060 /* Set-gid? */ 1100 /* Set-gid? */
@@ -1064,52 +1104,23 @@ int prepare_binprm(struct linux_binprm *bprm)
1064 * executable. 1104 * executable.
1065 */ 1105 */
1066 if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { 1106 if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1067 current->personality &= ~PER_CLEAR_ON_SETID; 1107 bprm->per_clear |= PER_CLEAR_ON_SETID;
1068 bprm->e_gid = inode->i_gid; 1108 bprm->cred->egid = inode->i_gid;
1069 } 1109 }
1070 } 1110 }
1071 1111
1072 /* fill in binprm security blob */ 1112 /* fill in binprm security blob */
1073 retval = security_bprm_set(bprm); 1113 retval = security_bprm_set_creds(bprm);
1074 if (retval) 1114 if (retval)
1075 return retval; 1115 return retval;
1116 bprm->cred_prepared = 1;
1076 1117
1077 memset(bprm->buf,0,BINPRM_BUF_SIZE); 1118 memset(bprm->buf, 0, BINPRM_BUF_SIZE);
1078 return kernel_read(bprm->file,0,bprm->buf,BINPRM_BUF_SIZE); 1119 return kernel_read(bprm->file, 0, bprm->buf, BINPRM_BUF_SIZE);
1079} 1120}
1080 1121
1081EXPORT_SYMBOL(prepare_binprm); 1122EXPORT_SYMBOL(prepare_binprm);
1082 1123
1083static int unsafe_exec(struct task_struct *p)
1084{
1085 int unsafe = tracehook_unsafe_exec(p);
1086
1087 if (atomic_read(&p->fs->count) > 1 ||
1088 atomic_read(&p->files->count) > 1 ||
1089 atomic_read(&p->sighand->count) > 1)
1090 unsafe |= LSM_UNSAFE_SHARE;
1091
1092 return unsafe;
1093}
1094
1095void compute_creds(struct linux_binprm *bprm)
1096{
1097 int unsafe;
1098
1099 if (bprm->e_uid != current->uid) {
1100 suid_keys(current);
1101 current->pdeath_signal = 0;
1102 }
1103 exec_keys(current);
1104
1105 task_lock(current);
1106 unsafe = unsafe_exec(current);
1107 security_bprm_apply_creds(bprm, unsafe);
1108 task_unlock(current);
1109 security_bprm_post_apply_creds(bprm);
1110}
1111EXPORT_SYMBOL(compute_creds);
1112
1113/* 1124/*
1114 * Arguments are '\0' separated strings found at the location bprm->p 1125 * Arguments are '\0' separated strings found at the location bprm->p
1115 * points to; chop off the first by relocating brpm->p to right after 1126 * points to; chop off the first by relocating brpm->p to right after
@@ -1262,6 +1273,8 @@ EXPORT_SYMBOL(search_binary_handler);
1262void free_bprm(struct linux_binprm *bprm) 1273void free_bprm(struct linux_binprm *bprm)
1263{ 1274{
1264 free_arg_pages(bprm); 1275 free_arg_pages(bprm);
1276 if (bprm->cred)
1277 abort_creds(bprm->cred);
1265 kfree(bprm); 1278 kfree(bprm);
1266} 1279}
1267 1280
@@ -1287,10 +1300,20 @@ int do_execve(char * filename,
1287 if (!bprm) 1300 if (!bprm)
1288 goto out_files; 1301 goto out_files;
1289 1302
1303 retval = mutex_lock_interruptible(&current->cred_exec_mutex);
1304 if (retval < 0)
1305 goto out_free;
1306
1307 retval = -ENOMEM;
1308 bprm->cred = prepare_exec_creds();
1309 if (!bprm->cred)
1310 goto out_unlock;
1311 check_unsafe_exec(bprm);
1312
1290 file = open_exec(filename); 1313 file = open_exec(filename);
1291 retval = PTR_ERR(file); 1314 retval = PTR_ERR(file);
1292 if (IS_ERR(file)) 1315 if (IS_ERR(file))
1293 goto out_kfree; 1316 goto out_unlock;
1294 1317
1295 sched_exec(); 1318 sched_exec();
1296 1319
@@ -1304,14 +1327,10 @@ int do_execve(char * filename,
1304 1327
1305 bprm->argc = count(argv, MAX_ARG_STRINGS); 1328 bprm->argc = count(argv, MAX_ARG_STRINGS);
1306 if ((retval = bprm->argc) < 0) 1329 if ((retval = bprm->argc) < 0)
1307 goto out_mm; 1330 goto out;
1308 1331
1309 bprm->envc = count(envp, MAX_ARG_STRINGS); 1332 bprm->envc = count(envp, MAX_ARG_STRINGS);
1310 if ((retval = bprm->envc) < 0) 1333 if ((retval = bprm->envc) < 0)
1311 goto out_mm;
1312
1313 retval = security_bprm_alloc(bprm);
1314 if (retval)
1315 goto out; 1334 goto out;
1316 1335
1317 retval = prepare_binprm(bprm); 1336 retval = prepare_binprm(bprm);
@@ -1333,21 +1352,18 @@ int do_execve(char * filename,
1333 1352
1334 current->flags &= ~PF_KTHREAD; 1353 current->flags &= ~PF_KTHREAD;
1335 retval = search_binary_handler(bprm,regs); 1354 retval = search_binary_handler(bprm,regs);
1336 if (retval >= 0) { 1355 if (retval < 0)
1337 /* execve success */ 1356 goto out;
1338 security_bprm_free(bprm);
1339 acct_update_integrals(current);
1340 free_bprm(bprm);
1341 if (displaced)
1342 put_files_struct(displaced);
1343 return retval;
1344 }
1345 1357
1346out: 1358 /* execve succeeded */
1347 if (bprm->security) 1359 mutex_unlock(&current->cred_exec_mutex);
1348 security_bprm_free(bprm); 1360 acct_update_integrals(current);
1361 free_bprm(bprm);
1362 if (displaced)
1363 put_files_struct(displaced);
1364 return retval;
1349 1365
1350out_mm: 1366out:
1351 if (bprm->mm) 1367 if (bprm->mm)
1352 mmput (bprm->mm); 1368 mmput (bprm->mm);
1353 1369
@@ -1356,7 +1372,11 @@ out_file:
1356 allow_write_access(bprm->file); 1372 allow_write_access(bprm->file);
1357 fput(bprm->file); 1373 fput(bprm->file);
1358 } 1374 }
1359out_kfree: 1375
1376out_unlock:
1377 mutex_unlock(&current->cred_exec_mutex);
1378
1379out_free:
1360 free_bprm(bprm); 1380 free_bprm(bprm);
1361 1381
1362out_files: 1382out_files:
@@ -1388,6 +1408,7 @@ EXPORT_SYMBOL(set_binfmt);
1388 */ 1408 */
1389static int format_corename(char *corename, long signr) 1409static int format_corename(char *corename, long signr)
1390{ 1410{
1411 const struct cred *cred = current_cred();
1391 const char *pat_ptr = core_pattern; 1412 const char *pat_ptr = core_pattern;
1392 int ispipe = (*pat_ptr == '|'); 1413 int ispipe = (*pat_ptr == '|');
1393 char *out_ptr = corename; 1414 char *out_ptr = corename;
@@ -1424,7 +1445,7 @@ static int format_corename(char *corename, long signr)
1424 /* uid */ 1445 /* uid */
1425 case 'u': 1446 case 'u':
1426 rc = snprintf(out_ptr, out_end - out_ptr, 1447 rc = snprintf(out_ptr, out_end - out_ptr,
1427 "%d", current->uid); 1448 "%d", cred->uid);
1428 if (rc > out_end - out_ptr) 1449 if (rc > out_end - out_ptr)
1429 goto out; 1450 goto out;
1430 out_ptr += rc; 1451 out_ptr += rc;
@@ -1432,7 +1453,7 @@ static int format_corename(char *corename, long signr)
1432 /* gid */ 1453 /* gid */
1433 case 'g': 1454 case 'g':
1434 rc = snprintf(out_ptr, out_end - out_ptr, 1455 rc = snprintf(out_ptr, out_end - out_ptr,
1435 "%d", current->gid); 1456 "%d", cred->gid);
1436 if (rc > out_end - out_ptr) 1457 if (rc > out_end - out_ptr)
1437 goto out; 1458 goto out;
1438 out_ptr += rc; 1459 out_ptr += rc;
@@ -1708,8 +1729,9 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
1708 struct linux_binfmt * binfmt; 1729 struct linux_binfmt * binfmt;
1709 struct inode * inode; 1730 struct inode * inode;
1710 struct file * file; 1731 struct file * file;
1732 const struct cred *old_cred;
1733 struct cred *cred;
1711 int retval = 0; 1734 int retval = 0;
1712 int fsuid = current->fsuid;
1713 int flag = 0; 1735 int flag = 0;
1714 int ispipe = 0; 1736 int ispipe = 0;
1715 unsigned long core_limit = current->signal->rlim[RLIMIT_CORE].rlim_cur; 1737 unsigned long core_limit = current->signal->rlim[RLIMIT_CORE].rlim_cur;
@@ -1722,12 +1744,20 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
1722 binfmt = current->binfmt; 1744 binfmt = current->binfmt;
1723 if (!binfmt || !binfmt->core_dump) 1745 if (!binfmt || !binfmt->core_dump)
1724 goto fail; 1746 goto fail;
1747
1748 cred = prepare_creds();
1749 if (!cred) {
1750 retval = -ENOMEM;
1751 goto fail;
1752 }
1753
1725 down_write(&mm->mmap_sem); 1754 down_write(&mm->mmap_sem);
1726 /* 1755 /*
1727 * If another thread got here first, or we are not dumpable, bail out. 1756 * If another thread got here first, or we are not dumpable, bail out.
1728 */ 1757 */
1729 if (mm->core_state || !get_dumpable(mm)) { 1758 if (mm->core_state || !get_dumpable(mm)) {
1730 up_write(&mm->mmap_sem); 1759 up_write(&mm->mmap_sem);
1760 put_cred(cred);
1731 goto fail; 1761 goto fail;
1732 } 1762 }
1733 1763
@@ -1738,12 +1768,16 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
1738 */ 1768 */
1739 if (get_dumpable(mm) == 2) { /* Setuid core dump mode */ 1769 if (get_dumpable(mm) == 2) { /* Setuid core dump mode */
1740 flag = O_EXCL; /* Stop rewrite attacks */ 1770 flag = O_EXCL; /* Stop rewrite attacks */
1741 current->fsuid = 0; /* Dump root private */ 1771 cred->fsuid = 0; /* Dump root private */
1742 } 1772 }
1743 1773
1744 retval = coredump_wait(exit_code, &core_state); 1774 retval = coredump_wait(exit_code, &core_state);
1745 if (retval < 0) 1775 if (retval < 0) {
1776 put_cred(cred);
1746 goto fail; 1777 goto fail;
1778 }
1779
1780 old_cred = override_creds(cred);
1747 1781
1748 /* 1782 /*
1749 * Clear any false indication of pending signals that might 1783 * Clear any false indication of pending signals that might
@@ -1815,7 +1849,7 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
1815 * Dont allow local users get cute and trick others to coredump 1849 * Dont allow local users get cute and trick others to coredump
1816 * into their pre-created files: 1850 * into their pre-created files:
1817 */ 1851 */
1818 if (inode->i_uid != current->fsuid) 1852 if (inode->i_uid != current_fsuid())
1819 goto close_fail; 1853 goto close_fail;
1820 if (!file->f_op) 1854 if (!file->f_op)
1821 goto close_fail; 1855 goto close_fail;
@@ -1834,7 +1868,8 @@ fail_unlock:
1834 if (helper_argv) 1868 if (helper_argv)
1835 argv_free(helper_argv); 1869 argv_free(helper_argv);
1836 1870
1837 current->fsuid = fsuid; 1871 revert_creds(old_cred);
1872 put_cred(cred);
1838 coredump_finish(mm); 1873 coredump_finish(mm);
1839fail: 1874fail:
1840 return retval; 1875 return retval;
diff --git a/fs/exportfs/expfs.c b/fs/exportfs/expfs.c
index 80246bad1b7f..ec1fb918200f 100644
--- a/fs/exportfs/expfs.c
+++ b/fs/exportfs/expfs.c
@@ -14,6 +14,7 @@
14#include <linux/module.h> 14#include <linux/module.h>
15#include <linux/mount.h> 15#include <linux/mount.h>
16#include <linux/namei.h> 16#include <linux/namei.h>
17#include <linux/sched.h>
17 18
18#define dprintk(fmt, args...) do{}while(0) 19#define dprintk(fmt, args...) do{}while(0)
19 20
@@ -249,6 +250,7 @@ static int filldir_one(void * __buf, const char * name, int len,
249static int get_name(struct vfsmount *mnt, struct dentry *dentry, 250static int get_name(struct vfsmount *mnt, struct dentry *dentry,
250 char *name, struct dentry *child) 251 char *name, struct dentry *child)
251{ 252{
253 const struct cred *cred = current_cred();
252 struct inode *dir = dentry->d_inode; 254 struct inode *dir = dentry->d_inode;
253 int error; 255 int error;
254 struct file *file; 256 struct file *file;
@@ -263,7 +265,7 @@ static int get_name(struct vfsmount *mnt, struct dentry *dentry,
263 /* 265 /*
264 * Open the directory ... 266 * Open the directory ...
265 */ 267 */
266 file = dentry_open(dget(dentry), mntget(mnt), O_RDONLY); 268 file = dentry_open(dget(dentry), mntget(mnt), O_RDONLY, cred);
267 error = PTR_ERR(file); 269 error = PTR_ERR(file);
268 if (IS_ERR(file)) 270 if (IS_ERR(file))
269 goto out; 271 goto out;
diff --git a/fs/ext2/balloc.c b/fs/ext2/balloc.c
index 6dac7ba2d22d..4a29d6376081 100644
--- a/fs/ext2/balloc.c
+++ b/fs/ext2/balloc.c
@@ -1193,7 +1193,7 @@ static int ext2_has_free_blocks(struct ext2_sb_info *sbi)
1193 free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter); 1193 free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter);
1194 root_blocks = le32_to_cpu(sbi->s_es->s_r_blocks_count); 1194 root_blocks = le32_to_cpu(sbi->s_es->s_r_blocks_count);
1195 if (free_blocks < root_blocks + 1 && !capable(CAP_SYS_RESOURCE) && 1195 if (free_blocks < root_blocks + 1 && !capable(CAP_SYS_RESOURCE) &&
1196 sbi->s_resuid != current->fsuid && 1196 sbi->s_resuid != current_fsuid() &&
1197 (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) { 1197 (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) {
1198 return 0; 1198 return 0;
1199 } 1199 }
diff --git a/fs/ext2/ialloc.c b/fs/ext2/ialloc.c
index f59741346760..8d0add625870 100644
--- a/fs/ext2/ialloc.c
+++ b/fs/ext2/ialloc.c
@@ -550,7 +550,7 @@ got:
550 550
551 sb->s_dirt = 1; 551 sb->s_dirt = 1;
552 mark_buffer_dirty(bh2); 552 mark_buffer_dirty(bh2);
553 inode->i_uid = current->fsuid; 553 inode->i_uid = current_fsuid();
554 if (test_opt (sb, GRPID)) 554 if (test_opt (sb, GRPID))
555 inode->i_gid = dir->i_gid; 555 inode->i_gid = dir->i_gid;
556 else if (dir->i_mode & S_ISGID) { 556 else if (dir->i_mode & S_ISGID) {
@@ -558,7 +558,7 @@ got:
558 if (S_ISDIR(mode)) 558 if (S_ISDIR(mode))
559 mode |= S_ISGID; 559 mode |= S_ISGID;
560 } else 560 } else
561 inode->i_gid = current->fsgid; 561 inode->i_gid = current_fsgid();
562 inode->i_mode = mode; 562 inode->i_mode = mode;
563 563
564 inode->i_ino = ino; 564 inode->i_ino = ino;
diff --git a/fs/ext3/balloc.c b/fs/ext3/balloc.c
index f5b57a2ca35a..0dbf1c048475 100644
--- a/fs/ext3/balloc.c
+++ b/fs/ext3/balloc.c
@@ -1422,7 +1422,7 @@ static int ext3_has_free_blocks(struct ext3_sb_info *sbi)
1422 free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter); 1422 free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter);
1423 root_blocks = le32_to_cpu(sbi->s_es->s_r_blocks_count); 1423 root_blocks = le32_to_cpu(sbi->s_es->s_r_blocks_count);
1424 if (free_blocks < root_blocks + 1 && !capable(CAP_SYS_RESOURCE) && 1424 if (free_blocks < root_blocks + 1 && !capable(CAP_SYS_RESOURCE) &&
1425 sbi->s_resuid != current->fsuid && 1425 sbi->s_resuid != current_fsuid() &&
1426 (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) { 1426 (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) {
1427 return 0; 1427 return 0;
1428 } 1428 }
diff --git a/fs/ext3/ialloc.c b/fs/ext3/ialloc.c
index 47b678d73e7a..490bd0ed7896 100644
--- a/fs/ext3/ialloc.c
+++ b/fs/ext3/ialloc.c
@@ -539,7 +539,7 @@ got:
539 percpu_counter_inc(&sbi->s_dirs_counter); 539 percpu_counter_inc(&sbi->s_dirs_counter);
540 sb->s_dirt = 1; 540 sb->s_dirt = 1;
541 541
542 inode->i_uid = current->fsuid; 542 inode->i_uid = current_fsuid();
543 if (test_opt (sb, GRPID)) 543 if (test_opt (sb, GRPID))
544 inode->i_gid = dir->i_gid; 544 inode->i_gid = dir->i_gid;
545 else if (dir->i_mode & S_ISGID) { 545 else if (dir->i_mode & S_ISGID) {
@@ -547,7 +547,7 @@ got:
547 if (S_ISDIR(mode)) 547 if (S_ISDIR(mode))
548 mode |= S_ISGID; 548 mode |= S_ISGID;
549 } else 549 } else
550 inode->i_gid = current->fsgid; 550 inode->i_gid = current_fsgid();
551 inode->i_mode = mode; 551 inode->i_mode = mode;
552 552
553 inode->i_ino = ino; 553 inode->i_ino = ino;
diff --git a/fs/ext4/balloc.c b/fs/ext4/balloc.c
index d2003cdc36aa..a932b9a29240 100644
--- a/fs/ext4/balloc.c
+++ b/fs/ext4/balloc.c
@@ -624,7 +624,7 @@ int ext4_has_free_blocks(struct ext4_sb_info *sbi, s64 nblocks)
624 return 1; 624 return 1;
625 625
626 /* Hm, nope. Are (enough) root reserved blocks available? */ 626 /* Hm, nope. Are (enough) root reserved blocks available? */
627 if (sbi->s_resuid == current->fsuid || 627 if (sbi->s_resuid == current_fsuid() ||
628 ((sbi->s_resgid != 0) && in_group_p(sbi->s_resgid)) || 628 ((sbi->s_resgid != 0) && in_group_p(sbi->s_resgid)) ||
629 capable(CAP_SYS_RESOURCE)) { 629 capable(CAP_SYS_RESOURCE)) {
630 if (free_blocks >= (nblocks + dirty_blocks)) 630 if (free_blocks >= (nblocks + dirty_blocks))
diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c
index 2a117e286e54..08cac9fcace2 100644
--- a/fs/ext4/ialloc.c
+++ b/fs/ext4/ialloc.c
@@ -787,7 +787,7 @@ got:
787 spin_unlock(sb_bgl_lock(sbi, flex_group)); 787 spin_unlock(sb_bgl_lock(sbi, flex_group));
788 } 788 }
789 789
790 inode->i_uid = current->fsuid; 790 inode->i_uid = current_fsuid();
791 if (test_opt(sb, GRPID)) 791 if (test_opt(sb, GRPID))
792 inode->i_gid = dir->i_gid; 792 inode->i_gid = dir->i_gid;
793 else if (dir->i_mode & S_ISGID) { 793 else if (dir->i_mode & S_ISGID) {
@@ -795,7 +795,7 @@ got:
795 if (S_ISDIR(mode)) 795 if (S_ISDIR(mode))
796 mode |= S_ISGID; 796 mode |= S_ISGID;
797 } else 797 } else
798 inode->i_gid = current->fsgid; 798 inode->i_gid = current_fsgid();
799 inode->i_mode = mode; 799 inode->i_mode = mode;
800 800
801 inode->i_ino = ino + group * EXT4_INODES_PER_GROUP(sb); 801 inode->i_ino = ino + group * EXT4_INODES_PER_GROUP(sb);
diff --git a/fs/fat/file.c b/fs/fat/file.c
index f06a4e525ece..0a7f4a9918b3 100644
--- a/fs/fat/file.c
+++ b/fs/fat/file.c
@@ -304,7 +304,7 @@ static int fat_allow_set_time(struct msdos_sb_info *sbi, struct inode *inode)
304{ 304{
305 mode_t allow_utime = sbi->options.allow_utime; 305 mode_t allow_utime = sbi->options.allow_utime;
306 306
307 if (current->fsuid != inode->i_uid) { 307 if (current_fsuid() != inode->i_uid) {
308 if (in_group_p(inode->i_gid)) 308 if (in_group_p(inode->i_gid))
309 allow_utime >>= 3; 309 allow_utime >>= 3;
310 if (allow_utime & MAY_WRITE) 310 if (allow_utime & MAY_WRITE)
diff --git a/fs/fat/inode.c b/fs/fat/inode.c
index bdd8fb7be2ca..d937aaf77374 100644
--- a/fs/fat/inode.c
+++ b/fs/fat/inode.c
@@ -926,8 +926,8 @@ static int parse_options(char *options, int is_vfat, int silent, int *debug,
926 926
927 opts->isvfat = is_vfat; 927 opts->isvfat = is_vfat;
928 928
929 opts->fs_uid = current->uid; 929 opts->fs_uid = current_uid();
930 opts->fs_gid = current->gid; 930 opts->fs_gid = current_gid();
931 opts->fs_fmask = opts->fs_dmask = current->fs->umask; 931 opts->fs_fmask = opts->fs_dmask = current->fs->umask;
932 opts->allow_utime = -1; 932 opts->allow_utime = -1;
933 opts->codepage = fat_default_codepage; 933 opts->codepage = fat_default_codepage;
diff --git a/fs/fcntl.c b/fs/fcntl.c
index ac4f7db9f134..87c39f1f0817 100644
--- a/fs/fcntl.c
+++ b/fs/fcntl.c
@@ -205,13 +205,14 @@ static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
205int __f_setown(struct file *filp, struct pid *pid, enum pid_type type, 205int __f_setown(struct file *filp, struct pid *pid, enum pid_type type,
206 int force) 206 int force)
207{ 207{
208 const struct cred *cred = current_cred();
208 int err; 209 int err;
209 210
210 err = security_file_set_fowner(filp); 211 err = security_file_set_fowner(filp);
211 if (err) 212 if (err)
212 return err; 213 return err;
213 214
214 f_modown(filp, pid, type, current->uid, current->euid, force); 215 f_modown(filp, pid, type, cred->uid, cred->euid, force);
215 return 0; 216 return 0;
216} 217}
217EXPORT_SYMBOL(__f_setown); 218EXPORT_SYMBOL(__f_setown);
@@ -400,10 +401,17 @@ static const long band_table[NSIGPOLL] = {
400static inline int sigio_perm(struct task_struct *p, 401static inline int sigio_perm(struct task_struct *p,
401 struct fown_struct *fown, int sig) 402 struct fown_struct *fown, int sig)
402{ 403{
403 return (((fown->euid == 0) || 404 const struct cred *cred;
404 (fown->euid == p->suid) || (fown->euid == p->uid) || 405 int ret;
405 (fown->uid == p->suid) || (fown->uid == p->uid)) && 406
406 !security_file_send_sigiotask(p, fown, sig)); 407 rcu_read_lock();
408 cred = __task_cred(p);
409 ret = ((fown->euid == 0 ||
410 fown->euid == cred->suid || fown->euid == cred->uid ||
411 fown->uid == cred->suid || fown->uid == cred->uid) &&
412 !security_file_send_sigiotask(p, fown, sig));
413 rcu_read_unlock();
414 return ret;
407} 415}
408 416
409static void send_sigio_to_task(struct task_struct *p, 417static void send_sigio_to_task(struct task_struct *p,
diff --git a/fs/file_table.c b/fs/file_table.c
index 5ad0eca6eea2..0fbcacc3ea75 100644
--- a/fs/file_table.c
+++ b/fs/file_table.c
@@ -36,7 +36,9 @@ static struct percpu_counter nr_files __cacheline_aligned_in_smp;
36 36
37static inline void file_free_rcu(struct rcu_head *head) 37static inline void file_free_rcu(struct rcu_head *head)
38{ 38{
39 struct file *f = container_of(head, struct file, f_u.fu_rcuhead); 39 struct file *f = container_of(head, struct file, f_u.fu_rcuhead);
40
41 put_cred(f->f_cred);
40 kmem_cache_free(filp_cachep, f); 42 kmem_cache_free(filp_cachep, f);
41} 43}
42 44
@@ -94,7 +96,7 @@ int proc_nr_files(ctl_table *table, int write, struct file *filp,
94 */ 96 */
95struct file *get_empty_filp(void) 97struct file *get_empty_filp(void)
96{ 98{
97 struct task_struct *tsk; 99 const struct cred *cred = current_cred();
98 static int old_max; 100 static int old_max;
99 struct file * f; 101 struct file * f;
100 102
@@ -118,12 +120,10 @@ struct file *get_empty_filp(void)
118 if (security_file_alloc(f)) 120 if (security_file_alloc(f))
119 goto fail_sec; 121 goto fail_sec;
120 122
121 tsk = current;
122 INIT_LIST_HEAD(&f->f_u.fu_list); 123 INIT_LIST_HEAD(&f->f_u.fu_list);
123 atomic_long_set(&f->f_count, 1); 124 atomic_long_set(&f->f_count, 1);
124 rwlock_init(&f->f_owner.lock); 125 rwlock_init(&f->f_owner.lock);
125 f->f_uid = tsk->fsuid; 126 f->f_cred = get_cred(cred);
126 f->f_gid = tsk->fsgid;
127 eventpoll_init_file(f); 127 eventpoll_init_file(f);
128 /* f->f_version: 0 */ 128 /* f->f_version: 0 */
129 return f; 129 return f;
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index b72361479be2..fba571648a8e 100644
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -87,8 +87,8 @@ static void __fuse_put_request(struct fuse_req *req)
87 87
88static void fuse_req_init_context(struct fuse_req *req) 88static void fuse_req_init_context(struct fuse_req *req)
89{ 89{
90 req->in.h.uid = current->fsuid; 90 req->in.h.uid = current_fsuid();
91 req->in.h.gid = current->fsgid; 91 req->in.h.gid = current_fsgid();
92 req->in.h.pid = current->pid; 92 req->in.h.pid = current->pid;
93} 93}
94 94
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index fd03330cadeb..95bc22bdd060 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -869,18 +869,25 @@ int fuse_update_attributes(struct inode *inode, struct kstat *stat,
869 */ 869 */
870int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) 870int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
871{ 871{
872 const struct cred *cred;
873 int ret;
874
872 if (fc->flags & FUSE_ALLOW_OTHER) 875 if (fc->flags & FUSE_ALLOW_OTHER)
873 return 1; 876 return 1;
874 877
875 if (task->euid == fc->user_id && 878 rcu_read_lock();
876 task->suid == fc->user_id && 879 ret = 0;
877 task->uid == fc->user_id && 880 cred = __task_cred(task);
878 task->egid == fc->group_id && 881 if (cred->euid == fc->user_id &&
879 task->sgid == fc->group_id && 882 cred->suid == fc->user_id &&
880 task->gid == fc->group_id) 883 cred->uid == fc->user_id &&
881 return 1; 884 cred->egid == fc->group_id &&
885 cred->sgid == fc->group_id &&
886 cred->gid == fc->group_id)
887 ret = 1;
888 rcu_read_unlock();
882 889
883 return 0; 890 return ret;
884} 891}
885 892
886static int fuse_access(struct inode *inode, int mask) 893static int fuse_access(struct inode *inode, int mask)
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c
index 7cee695fa441..d57616840e89 100644
--- a/fs/gfs2/inode.c
+++ b/fs/gfs2/inode.c
@@ -705,18 +705,18 @@ static void munge_mode_uid_gid(struct gfs2_inode *dip, unsigned int *mode,
705 (dip->i_inode.i_mode & S_ISUID) && dip->i_inode.i_uid) { 705 (dip->i_inode.i_mode & S_ISUID) && dip->i_inode.i_uid) {
706 if (S_ISDIR(*mode)) 706 if (S_ISDIR(*mode))
707 *mode |= S_ISUID; 707 *mode |= S_ISUID;
708 else if (dip->i_inode.i_uid != current->fsuid) 708 else if (dip->i_inode.i_uid != current_fsuid())
709 *mode &= ~07111; 709 *mode &= ~07111;
710 *uid = dip->i_inode.i_uid; 710 *uid = dip->i_inode.i_uid;
711 } else 711 } else
712 *uid = current->fsuid; 712 *uid = current_fsuid();
713 713
714 if (dip->i_inode.i_mode & S_ISGID) { 714 if (dip->i_inode.i_mode & S_ISGID) {
715 if (S_ISDIR(*mode)) 715 if (S_ISDIR(*mode))
716 *mode |= S_ISGID; 716 *mode |= S_ISGID;
717 *gid = dip->i_inode.i_gid; 717 *gid = dip->i_inode.i_gid;
718 } else 718 } else
719 *gid = current->fsgid; 719 *gid = current_fsgid();
720} 720}
721 721
722static int alloc_dinode(struct gfs2_inode *dip, u64 *no_addr, u64 *generation) 722static int alloc_dinode(struct gfs2_inode *dip, u64 *no_addr, u64 *generation)
@@ -1124,8 +1124,8 @@ int gfs2_unlink_ok(struct gfs2_inode *dip, const struct qstr *name,
1124 return -EPERM; 1124 return -EPERM;
1125 1125
1126 if ((dip->i_inode.i_mode & S_ISVTX) && 1126 if ((dip->i_inode.i_mode & S_ISVTX) &&
1127 dip->i_inode.i_uid != current->fsuid && 1127 dip->i_inode.i_uid != current_fsuid() &&
1128 ip->i_inode.i_uid != current->fsuid && !capable(CAP_FOWNER)) 1128 ip->i_inode.i_uid != current_fsuid() && !capable(CAP_FOWNER))
1129 return -EPERM; 1129 return -EPERM;
1130 1130
1131 if (IS_APPEND(&dip->i_inode)) 1131 if (IS_APPEND(&dip->i_inode))
diff --git a/fs/hfs/inode.c b/fs/hfs/inode.c
index c69b7ac75bf7..9435dda8f1e0 100644
--- a/fs/hfs/inode.c
+++ b/fs/hfs/inode.c
@@ -155,8 +155,8 @@ struct inode *hfs_new_inode(struct inode *dir, struct qstr *name, int mode)
155 hfs_cat_build_key(sb, (btree_key *)&HFS_I(inode)->cat_key, dir->i_ino, name); 155 hfs_cat_build_key(sb, (btree_key *)&HFS_I(inode)->cat_key, dir->i_ino, name);
156 inode->i_ino = HFS_SB(sb)->next_id++; 156 inode->i_ino = HFS_SB(sb)->next_id++;
157 inode->i_mode = mode; 157 inode->i_mode = mode;
158 inode->i_uid = current->fsuid; 158 inode->i_uid = current_fsuid();
159 inode->i_gid = current->fsgid; 159 inode->i_gid = current_fsgid();
160 inode->i_nlink = 1; 160 inode->i_nlink = 1;
161 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC; 161 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
162 HFS_I(inode)->flags = 0; 162 HFS_I(inode)->flags = 0;
diff --git a/fs/hfs/super.c b/fs/hfs/super.c
index 3c7c7637719c..c8b5acf4b0b7 100644
--- a/fs/hfs/super.c
+++ b/fs/hfs/super.c
@@ -210,8 +210,8 @@ static int parse_options(char *options, struct hfs_sb_info *hsb)
210 int tmp, token; 210 int tmp, token;
211 211
212 /* initialize the sb with defaults */ 212 /* initialize the sb with defaults */
213 hsb->s_uid = current->uid; 213 hsb->s_uid = current_uid();
214 hsb->s_gid = current->gid; 214 hsb->s_gid = current_gid();
215 hsb->s_file_umask = 0133; 215 hsb->s_file_umask = 0133;
216 hsb->s_dir_umask = 0022; 216 hsb->s_dir_umask = 0022;
217 hsb->s_type = hsb->s_creator = cpu_to_be32(0x3f3f3f3f); /* == '????' */ 217 hsb->s_type = hsb->s_creator = cpu_to_be32(0x3f3f3f3f); /* == '????' */
diff --git a/fs/hfsplus/inode.c b/fs/hfsplus/inode.c
index b207f0e6fc22..f105ee9e1cc4 100644
--- a/fs/hfsplus/inode.c
+++ b/fs/hfsplus/inode.c
@@ -296,8 +296,8 @@ struct inode *hfsplus_new_inode(struct super_block *sb, int mode)
296 296
297 inode->i_ino = HFSPLUS_SB(sb).next_cnid++; 297 inode->i_ino = HFSPLUS_SB(sb).next_cnid++;
298 inode->i_mode = mode; 298 inode->i_mode = mode;
299 inode->i_uid = current->fsuid; 299 inode->i_uid = current_fsuid();
300 inode->i_gid = current->fsgid; 300 inode->i_gid = current_fsgid();
301 inode->i_nlink = 1; 301 inode->i_nlink = 1;
302 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC; 302 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
303 INIT_LIST_HEAD(&HFSPLUS_I(inode).open_dir_list); 303 INIT_LIST_HEAD(&HFSPLUS_I(inode).open_dir_list);
diff --git a/fs/hfsplus/options.c b/fs/hfsplus/options.c
index 9699c56d323f..bab7f8d1bdfa 100644
--- a/fs/hfsplus/options.c
+++ b/fs/hfsplus/options.c
@@ -49,8 +49,8 @@ void hfsplus_fill_defaults(struct hfsplus_sb_info *opts)
49 opts->creator = HFSPLUS_DEF_CR_TYPE; 49 opts->creator = HFSPLUS_DEF_CR_TYPE;
50 opts->type = HFSPLUS_DEF_CR_TYPE; 50 opts->type = HFSPLUS_DEF_CR_TYPE;
51 opts->umask = current->fs->umask; 51 opts->umask = current->fs->umask;
52 opts->uid = current->uid; 52 opts->uid = current_uid();
53 opts->gid = current->gid; 53 opts->gid = current_gid();
54 opts->part = -1; 54 opts->part = -1;
55 opts->session = -1; 55 opts->session = -1;
56} 56}
diff --git a/fs/hpfs/namei.c b/fs/hpfs/namei.c
index 10783f3d265a..b649232dde97 100644
--- a/fs/hpfs/namei.c
+++ b/fs/hpfs/namei.c
@@ -92,11 +92,11 @@ static int hpfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
92 inc_nlink(dir); 92 inc_nlink(dir);
93 insert_inode_hash(result); 93 insert_inode_hash(result);
94 94
95 if (result->i_uid != current->fsuid || 95 if (result->i_uid != current_fsuid() ||
96 result->i_gid != current->fsgid || 96 result->i_gid != current_fsgid() ||
97 result->i_mode != (mode | S_IFDIR)) { 97 result->i_mode != (mode | S_IFDIR)) {
98 result->i_uid = current->fsuid; 98 result->i_uid = current_fsuid();
99 result->i_gid = current->fsgid; 99 result->i_gid = current_fsgid();
100 result->i_mode = mode | S_IFDIR; 100 result->i_mode = mode | S_IFDIR;
101 hpfs_write_inode_nolock(result); 101 hpfs_write_inode_nolock(result);
102 } 102 }
@@ -184,11 +184,11 @@ static int hpfs_create(struct inode *dir, struct dentry *dentry, int mode, struc
184 184
185 insert_inode_hash(result); 185 insert_inode_hash(result);
186 186
187 if (result->i_uid != current->fsuid || 187 if (result->i_uid != current_fsuid() ||
188 result->i_gid != current->fsgid || 188 result->i_gid != current_fsgid() ||
189 result->i_mode != (mode | S_IFREG)) { 189 result->i_mode != (mode | S_IFREG)) {
190 result->i_uid = current->fsuid; 190 result->i_uid = current_fsuid();
191 result->i_gid = current->fsgid; 191 result->i_gid = current_fsgid();
192 result->i_mode = mode | S_IFREG; 192 result->i_mode = mode | S_IFREG;
193 hpfs_write_inode_nolock(result); 193 hpfs_write_inode_nolock(result);
194 } 194 }
@@ -247,8 +247,8 @@ static int hpfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t
247 result->i_mtime.tv_nsec = 0; 247 result->i_mtime.tv_nsec = 0;
248 result->i_atime.tv_nsec = 0; 248 result->i_atime.tv_nsec = 0;
249 hpfs_i(result)->i_ea_size = 0; 249 hpfs_i(result)->i_ea_size = 0;
250 result->i_uid = current->fsuid; 250 result->i_uid = current_fsuid();
251 result->i_gid = current->fsgid; 251 result->i_gid = current_fsgid();
252 result->i_nlink = 1; 252 result->i_nlink = 1;
253 result->i_size = 0; 253 result->i_size = 0;
254 result->i_blocks = 1; 254 result->i_blocks = 1;
@@ -325,8 +325,8 @@ static int hpfs_symlink(struct inode *dir, struct dentry *dentry, const char *sy
325 result->i_atime.tv_nsec = 0; 325 result->i_atime.tv_nsec = 0;
326 hpfs_i(result)->i_ea_size = 0; 326 hpfs_i(result)->i_ea_size = 0;
327 result->i_mode = S_IFLNK | 0777; 327 result->i_mode = S_IFLNK | 0777;
328 result->i_uid = current->fsuid; 328 result->i_uid = current_fsuid();
329 result->i_gid = current->fsgid; 329 result->i_gid = current_fsgid();
330 result->i_blocks = 1; 330 result->i_blocks = 1;
331 result->i_nlink = 1; 331 result->i_nlink = 1;
332 result->i_size = strlen(symlink); 332 result->i_size = strlen(symlink);
diff --git a/fs/hpfs/super.c b/fs/hpfs/super.c
index 29ad461d568f..0d049b8919c4 100644
--- a/fs/hpfs/super.c
+++ b/fs/hpfs/super.c
@@ -475,8 +475,8 @@ static int hpfs_fill_super(struct super_block *s, void *options, int silent)
475 475
476 init_MUTEX(&sbi->hpfs_creation_de); 476 init_MUTEX(&sbi->hpfs_creation_de);
477 477
478 uid = current->uid; 478 uid = current_uid();
479 gid = current->gid; 479 gid = current_gid();
480 umask = current->fs->umask; 480 umask = current->fs->umask;
481 lowercase = 0; 481 lowercase = 0;
482 conv = CONV_BINARY; 482 conv = CONV_BINARY;
diff --git a/fs/hppfs/hppfs.c b/fs/hppfs/hppfs.c
index 2b3d1828db99..b278f7f52024 100644
--- a/fs/hppfs/hppfs.c
+++ b/fs/hppfs/hppfs.c
@@ -426,6 +426,7 @@ static int file_mode(int fmode)
426 426
427static int hppfs_open(struct inode *inode, struct file *file) 427static int hppfs_open(struct inode *inode, struct file *file)
428{ 428{
429 const struct cred *cred = file->f_cred;
429 struct hppfs_private *data; 430 struct hppfs_private *data;
430 struct vfsmount *proc_mnt; 431 struct vfsmount *proc_mnt;
431 struct dentry *proc_dentry; 432 struct dentry *proc_dentry;
@@ -446,7 +447,7 @@ static int hppfs_open(struct inode *inode, struct file *file)
446 447
447 /* XXX This isn't closed anywhere */ 448 /* XXX This isn't closed anywhere */
448 data->proc_file = dentry_open(dget(proc_dentry), mntget(proc_mnt), 449 data->proc_file = dentry_open(dget(proc_dentry), mntget(proc_mnt),
449 file_mode(file->f_mode)); 450 file_mode(file->f_mode), cred);
450 err = PTR_ERR(data->proc_file); 451 err = PTR_ERR(data->proc_file);
451 if (IS_ERR(data->proc_file)) 452 if (IS_ERR(data->proc_file))
452 goto out_free1; 453 goto out_free1;
@@ -489,6 +490,7 @@ static int hppfs_open(struct inode *inode, struct file *file)
489 490
490static int hppfs_dir_open(struct inode *inode, struct file *file) 491static int hppfs_dir_open(struct inode *inode, struct file *file)
491{ 492{
493 const struct cred *cred = file->f_cred;
492 struct hppfs_private *data; 494 struct hppfs_private *data;
493 struct vfsmount *proc_mnt; 495 struct vfsmount *proc_mnt;
494 struct dentry *proc_dentry; 496 struct dentry *proc_dentry;
@@ -502,7 +504,7 @@ static int hppfs_dir_open(struct inode *inode, struct file *file)
502 proc_dentry = HPPFS_I(inode)->proc_dentry; 504 proc_dentry = HPPFS_I(inode)->proc_dentry;
503 proc_mnt = inode->i_sb->s_fs_info; 505 proc_mnt = inode->i_sb->s_fs_info;
504 data->proc_file = dentry_open(dget(proc_dentry), mntget(proc_mnt), 506 data->proc_file = dentry_open(dget(proc_dentry), mntget(proc_mnt),
505 file_mode(file->f_mode)); 507 file_mode(file->f_mode), cred);
506 err = PTR_ERR(data->proc_file); 508 err = PTR_ERR(data->proc_file);
507 if (IS_ERR(data->proc_file)) 509 if (IS_ERR(data->proc_file))
508 goto out_free; 510 goto out_free;
diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c
index 61edc701b0e6..7d479ce3aceb 100644
--- a/fs/hugetlbfs/inode.c
+++ b/fs/hugetlbfs/inode.c
@@ -551,9 +551,9 @@ static int hugetlbfs_mknod(struct inode *dir,
551 if (S_ISDIR(mode)) 551 if (S_ISDIR(mode))
552 mode |= S_ISGID; 552 mode |= S_ISGID;
553 } else { 553 } else {
554 gid = current->fsgid; 554 gid = current_fsgid();
555 } 555 }
556 inode = hugetlbfs_get_inode(dir->i_sb, current->fsuid, gid, mode, dev); 556 inode = hugetlbfs_get_inode(dir->i_sb, current_fsuid(), gid, mode, dev);
557 if (inode) { 557 if (inode) {
558 dir->i_ctime = dir->i_mtime = CURRENT_TIME; 558 dir->i_ctime = dir->i_mtime = CURRENT_TIME;
559 d_instantiate(dentry, inode); 559 d_instantiate(dentry, inode);
@@ -586,9 +586,9 @@ static int hugetlbfs_symlink(struct inode *dir,
586 if (dir->i_mode & S_ISGID) 586 if (dir->i_mode & S_ISGID)
587 gid = dir->i_gid; 587 gid = dir->i_gid;
588 else 588 else
589 gid = current->fsgid; 589 gid = current_fsgid();
590 590
591 inode = hugetlbfs_get_inode(dir->i_sb, current->fsuid, 591 inode = hugetlbfs_get_inode(dir->i_sb, current_fsuid(),
592 gid, S_IFLNK|S_IRWXUGO, 0); 592 gid, S_IFLNK|S_IRWXUGO, 0);
593 if (inode) { 593 if (inode) {
594 int l = strlen(symname)+1; 594 int l = strlen(symname)+1;
@@ -854,8 +854,8 @@ hugetlbfs_fill_super(struct super_block *sb, void *data, int silent)
854 854
855 config.nr_blocks = -1; /* No limit on size by default */ 855 config.nr_blocks = -1; /* No limit on size by default */
856 config.nr_inodes = -1; /* No limit on number of inodes by default */ 856 config.nr_inodes = -1; /* No limit on number of inodes by default */
857 config.uid = current->fsuid; 857 config.uid = current_fsuid();
858 config.gid = current->fsgid; 858 config.gid = current_fsgid();
859 config.mode = 0755; 859 config.mode = 0755;
860 config.hstate = &default_hstate; 860 config.hstate = &default_hstate;
861 ret = hugetlbfs_parse_options(data, &config); 861 ret = hugetlbfs_parse_options(data, &config);
@@ -951,6 +951,7 @@ struct file *hugetlb_file_setup(const char *name, size_t size)
951 struct inode *inode; 951 struct inode *inode;
952 struct dentry *dentry, *root; 952 struct dentry *dentry, *root;
953 struct qstr quick_string; 953 struct qstr quick_string;
954 struct user_struct *user = current_user();
954 955
955 if (!hugetlbfs_vfsmount) 956 if (!hugetlbfs_vfsmount)
956 return ERR_PTR(-ENOENT); 957 return ERR_PTR(-ENOENT);
@@ -958,7 +959,7 @@ struct file *hugetlb_file_setup(const char *name, size_t size)
958 if (!can_do_hugetlb_shm()) 959 if (!can_do_hugetlb_shm())
959 return ERR_PTR(-EPERM); 960 return ERR_PTR(-EPERM);
960 961
961 if (!user_shm_lock(size, current->user)) 962 if (!user_shm_lock(size, user))
962 return ERR_PTR(-ENOMEM); 963 return ERR_PTR(-ENOMEM);
963 964
964 root = hugetlbfs_vfsmount->mnt_root; 965 root = hugetlbfs_vfsmount->mnt_root;
@@ -970,8 +971,8 @@ struct file *hugetlb_file_setup(const char *name, size_t size)
970 goto out_shm_unlock; 971 goto out_shm_unlock;
971 972
972 error = -ENOSPC; 973 error = -ENOSPC;
973 inode = hugetlbfs_get_inode(root->d_sb, current->fsuid, 974 inode = hugetlbfs_get_inode(root->d_sb, current_fsuid(),
974 current->fsgid, S_IFREG | S_IRWXUGO, 0); 975 current_fsgid(), S_IFREG | S_IRWXUGO, 0);
975 if (!inode) 976 if (!inode)
976 goto out_dentry; 977 goto out_dentry;
977 978
@@ -998,7 +999,7 @@ out_inode:
998out_dentry: 999out_dentry:
999 dput(dentry); 1000 dput(dentry);
1000out_shm_unlock: 1001out_shm_unlock:
1001 user_shm_unlock(size, current->user); 1002 user_shm_unlock(size, user);
1002 return ERR_PTR(error); 1003 return ERR_PTR(error);
1003} 1004}
1004 1005
diff --git a/fs/inotify_user.c b/fs/inotify_user.c
index d367e9b92862..e2425bbd871f 100644
--- a/fs/inotify_user.c
+++ b/fs/inotify_user.c
@@ -601,7 +601,7 @@ asmlinkage long sys_inotify_init1(int flags)
601 goto out_put_fd; 601 goto out_put_fd;
602 } 602 }
603 603
604 user = get_uid(current->user); 604 user = get_current_user();
605 if (unlikely(atomic_read(&user->inotify_devs) >= 605 if (unlikely(atomic_read(&user->inotify_devs) >=
606 inotify_max_user_instances)) { 606 inotify_max_user_instances)) {
607 ret = -EMFILE; 607 ret = -EMFILE;
diff --git a/fs/internal.h b/fs/internal.h
index 80aa9a023372..53af885f1732 100644
--- a/fs/internal.h
+++ b/fs/internal.h
@@ -10,6 +10,7 @@
10 */ 10 */
11 11
12struct super_block; 12struct super_block;
13struct linux_binprm;
13 14
14/* 15/*
15 * block_dev.c 16 * block_dev.c
@@ -40,6 +41,11 @@ static inline int sb_is_blkdev_sb(struct super_block *sb)
40extern void __init chrdev_init(void); 41extern void __init chrdev_init(void);
41 42
42/* 43/*
44 * exec.c
45 */
46extern void check_unsafe_exec(struct linux_binprm *);
47
48/*
43 * namespace.c 49 * namespace.c
44 */ 50 */
45extern int copy_mount_options(const void __user *, unsigned long *); 51extern int copy_mount_options(const void __user *, unsigned long *);
diff --git a/fs/ioprio.c b/fs/ioprio.c
index da3cc460d4df..3569e0ad86a2 100644
--- a/fs/ioprio.c
+++ b/fs/ioprio.c
@@ -31,10 +31,16 @@ static int set_task_ioprio(struct task_struct *task, int ioprio)
31{ 31{
32 int err; 32 int err;
33 struct io_context *ioc; 33 struct io_context *ioc;
34 const struct cred *cred = current_cred(), *tcred;
34 35
35 if (task->uid != current->euid && 36 rcu_read_lock();
36 task->uid != current->uid && !capable(CAP_SYS_NICE)) 37 tcred = __task_cred(task);
38 if (tcred->uid != cred->euid &&
39 tcred->uid != cred->uid && !capable(CAP_SYS_NICE)) {
40 rcu_read_unlock();
37 return -EPERM; 41 return -EPERM;
42 }
43 rcu_read_unlock();
38 44
39 err = security_task_setioprio(task, ioprio); 45 err = security_task_setioprio(task, ioprio);
40 if (err) 46 if (err)
@@ -123,7 +129,7 @@ asmlinkage long sys_ioprio_set(int which, int who, int ioprio)
123 break; 129 break;
124 case IOPRIO_WHO_USER: 130 case IOPRIO_WHO_USER:
125 if (!who) 131 if (!who)
126 user = current->user; 132 user = current_user();
127 else 133 else
128 user = find_user(who); 134 user = find_user(who);
129 135
@@ -131,7 +137,7 @@ asmlinkage long sys_ioprio_set(int which, int who, int ioprio)
131 break; 137 break;
132 138
133 do_each_thread(g, p) { 139 do_each_thread(g, p) {
134 if (p->uid != who) 140 if (__task_cred(p)->uid != who)
135 continue; 141 continue;
136 ret = set_task_ioprio(p, ioprio); 142 ret = set_task_ioprio(p, ioprio);
137 if (ret) 143 if (ret)
@@ -216,7 +222,7 @@ asmlinkage long sys_ioprio_get(int which, int who)
216 break; 222 break;
217 case IOPRIO_WHO_USER: 223 case IOPRIO_WHO_USER:
218 if (!who) 224 if (!who)
219 user = current->user; 225 user = current_user();
220 else 226 else
221 user = find_user(who); 227 user = find_user(who);
222 228
@@ -224,7 +230,7 @@ asmlinkage long sys_ioprio_get(int which, int who)
224 break; 230 break;
225 231
226 do_each_thread(g, p) { 232 do_each_thread(g, p) {
227 if (p->uid != user->uid) 233 if (__task_cred(p)->uid != user->uid)
228 continue; 234 continue;
229 tmpio = get_task_ioprio(p); 235 tmpio = get_task_ioprio(p);
230 if (tmpio < 0) 236 if (tmpio < 0)
diff --git a/fs/jfs/jfs_inode.c b/fs/jfs/jfs_inode.c
index ed6574bee51a..70022fd1c539 100644
--- a/fs/jfs/jfs_inode.c
+++ b/fs/jfs/jfs_inode.c
@@ -93,13 +93,13 @@ struct inode *ialloc(struct inode *parent, umode_t mode)
93 return ERR_PTR(rc); 93 return ERR_PTR(rc);
94 } 94 }
95 95
96 inode->i_uid = current->fsuid; 96 inode->i_uid = current_fsuid();
97 if (parent->i_mode & S_ISGID) { 97 if (parent->i_mode & S_ISGID) {
98 inode->i_gid = parent->i_gid; 98 inode->i_gid = parent->i_gid;
99 if (S_ISDIR(mode)) 99 if (S_ISDIR(mode))
100 mode |= S_ISGID; 100 mode |= S_ISGID;
101 } else 101 } else
102 inode->i_gid = current->fsgid; 102 inode->i_gid = current_fsgid();
103 103
104 /* 104 /*
105 * New inodes need to save sane values on disk when 105 * New inodes need to save sane values on disk when
diff --git a/fs/locks.c b/fs/locks.c
index 09062e3ff104..46a2e12f7d42 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -1349,7 +1349,7 @@ int generic_setlease(struct file *filp, long arg, struct file_lock **flp)
1349 struct inode *inode = dentry->d_inode; 1349 struct inode *inode = dentry->d_inode;
1350 int error, rdlease_count = 0, wrlease_count = 0; 1350 int error, rdlease_count = 0, wrlease_count = 0;
1351 1351
1352 if ((current->fsuid != inode->i_uid) && !capable(CAP_LEASE)) 1352 if ((current_fsuid() != inode->i_uid) && !capable(CAP_LEASE))
1353 return -EACCES; 1353 return -EACCES;
1354 if (!S_ISREG(inode->i_mode)) 1354 if (!S_ISREG(inode->i_mode))
1355 return -EINVAL; 1355 return -EINVAL;
diff --git a/fs/minix/bitmap.c b/fs/minix/bitmap.c
index 703cc35e04b9..3aebe322271a 100644
--- a/fs/minix/bitmap.c
+++ b/fs/minix/bitmap.c
@@ -262,8 +262,8 @@ struct inode * minix_new_inode(const struct inode * dir, int * error)
262 iput(inode); 262 iput(inode);
263 return NULL; 263 return NULL;
264 } 264 }
265 inode->i_uid = current->fsuid; 265 inode->i_uid = current_fsuid();
266 inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current->fsgid; 266 inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current_fsgid();
267 inode->i_ino = j; 267 inode->i_ino = j;
268 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC; 268 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
269 inode->i_blocks = 0; 269 inode->i_blocks = 0;
diff --git a/fs/namei.c b/fs/namei.c
index d34e0f9681c6..af3783fff1de 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -186,7 +186,7 @@ int generic_permission(struct inode *inode, int mask,
186 186
187 mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 187 mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
188 188
189 if (current->fsuid == inode->i_uid) 189 if (current_fsuid() == inode->i_uid)
190 mode >>= 6; 190 mode >>= 6;
191 else { 191 else {
192 if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) { 192 if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) {
@@ -441,7 +441,7 @@ static int exec_permission_lite(struct inode *inode)
441 if (inode->i_op && inode->i_op->permission) 441 if (inode->i_op && inode->i_op->permission)
442 return -EAGAIN; 442 return -EAGAIN;
443 443
444 if (current->fsuid == inode->i_uid) 444 if (current_fsuid() == inode->i_uid)
445 mode >>= 6; 445 mode >>= 6;
446 else if (in_group_p(inode->i_gid)) 446 else if (in_group_p(inode->i_gid))
447 mode >>= 3; 447 mode >>= 3;
@@ -1334,11 +1334,13 @@ static int user_path_parent(int dfd, const char __user *path,
1334 */ 1334 */
1335static inline int check_sticky(struct inode *dir, struct inode *inode) 1335static inline int check_sticky(struct inode *dir, struct inode *inode)
1336{ 1336{
1337 uid_t fsuid = current_fsuid();
1338
1337 if (!(dir->i_mode & S_ISVTX)) 1339 if (!(dir->i_mode & S_ISVTX))
1338 return 0; 1340 return 0;
1339 if (inode->i_uid == current->fsuid) 1341 if (inode->i_uid == fsuid)
1340 return 0; 1342 return 0;
1341 if (dir->i_uid == current->fsuid) 1343 if (dir->i_uid == fsuid)
1342 return 0; 1344 return 0;
1343 return !capable(CAP_FOWNER); 1345 return !capable(CAP_FOWNER);
1344} 1346}
diff --git a/fs/namespace.c b/fs/namespace.c
index 65b3dc844c87..1c09cab8f7cf 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1176,7 +1176,7 @@ static int mount_is_safe(struct path *path)
1176 if (S_ISLNK(path->dentry->d_inode->i_mode)) 1176 if (S_ISLNK(path->dentry->d_inode->i_mode))
1177 return -EPERM; 1177 return -EPERM;
1178 if (path->dentry->d_inode->i_mode & S_ISVTX) { 1178 if (path->dentry->d_inode->i_mode & S_ISVTX) {
1179 if (current->uid != path->dentry->d_inode->i_uid) 1179 if (current_uid() != path->dentry->d_inode->i_uid)
1180 return -EPERM; 1180 return -EPERM;
1181 } 1181 }
1182 if (inode_permission(path->dentry->d_inode, MAY_WRITE)) 1182 if (inode_permission(path->dentry->d_inode, MAY_WRITE))
diff --git a/fs/ncpfs/ioctl.c b/fs/ncpfs/ioctl.c
index 3a97c95e1ca2..6d04e050c74e 100644
--- a/fs/ncpfs/ioctl.c
+++ b/fs/ncpfs/ioctl.c
@@ -40,10 +40,10 @@ ncp_get_fs_info(struct ncp_server * server, struct file *file,
40 struct inode *inode = file->f_path.dentry->d_inode; 40 struct inode *inode = file->f_path.dentry->d_inode;
41 struct ncp_fs_info info; 41 struct ncp_fs_info info;
42 42
43 if ((file_permission(file, MAY_WRITE) != 0) 43 if (file_permission(file, MAY_WRITE) != 0
44 && (current->uid != server->m.mounted_uid)) { 44 && current_uid() != server->m.mounted_uid)
45 return -EACCES; 45 return -EACCES;
46 } 46
47 if (copy_from_user(&info, arg, sizeof(info))) 47 if (copy_from_user(&info, arg, sizeof(info)))
48 return -EFAULT; 48 return -EFAULT;
49 49
@@ -70,10 +70,10 @@ ncp_get_fs_info_v2(struct ncp_server * server, struct file *file,
70 struct inode *inode = file->f_path.dentry->d_inode; 70 struct inode *inode = file->f_path.dentry->d_inode;
71 struct ncp_fs_info_v2 info2; 71 struct ncp_fs_info_v2 info2;
72 72
73 if ((file_permission(file, MAY_WRITE) != 0) 73 if (file_permission(file, MAY_WRITE) != 0
74 && (current->uid != server->m.mounted_uid)) { 74 && current_uid() != server->m.mounted_uid)
75 return -EACCES; 75 return -EACCES;
76 } 76
77 if (copy_from_user(&info2, arg, sizeof(info2))) 77 if (copy_from_user(&info2, arg, sizeof(info2)))
78 return -EFAULT; 78 return -EFAULT;
79 79
@@ -141,10 +141,10 @@ ncp_get_compat_fs_info_v2(struct ncp_server * server, struct file *file,
141 struct inode *inode = file->f_path.dentry->d_inode; 141 struct inode *inode = file->f_path.dentry->d_inode;
142 struct compat_ncp_fs_info_v2 info2; 142 struct compat_ncp_fs_info_v2 info2;
143 143
144 if ((file_permission(file, MAY_WRITE) != 0) 144 if (file_permission(file, MAY_WRITE) != 0
145 && (current->uid != server->m.mounted_uid)) { 145 && current_uid() != server->m.mounted_uid)
146 return -EACCES; 146 return -EACCES;
147 } 147
148 if (copy_from_user(&info2, arg, sizeof(info2))) 148 if (copy_from_user(&info2, arg, sizeof(info2)))
149 return -EFAULT; 149 return -EFAULT;
150 150
@@ -270,16 +270,17 @@ static int __ncp_ioctl(struct inode *inode, struct file *filp,
270 struct ncp_ioctl_request request; 270 struct ncp_ioctl_request request;
271 char* bouncebuffer; 271 char* bouncebuffer;
272 void __user *argp = (void __user *)arg; 272 void __user *argp = (void __user *)arg;
273 uid_t uid = current_uid();
273 274
274 switch (cmd) { 275 switch (cmd) {
275#ifdef CONFIG_COMPAT 276#ifdef CONFIG_COMPAT
276 case NCP_IOC_NCPREQUEST_32: 277 case NCP_IOC_NCPREQUEST_32:
277#endif 278#endif
278 case NCP_IOC_NCPREQUEST: 279 case NCP_IOC_NCPREQUEST:
279 if ((file_permission(filp, MAY_WRITE) != 0) 280 if (file_permission(filp, MAY_WRITE) != 0
280 && (current->uid != server->m.mounted_uid)) { 281 && uid != server->m.mounted_uid)
281 return -EACCES; 282 return -EACCES;
282 } 283
283#ifdef CONFIG_COMPAT 284#ifdef CONFIG_COMPAT
284 if (cmd == NCP_IOC_NCPREQUEST_32) { 285 if (cmd == NCP_IOC_NCPREQUEST_32) {
285 struct compat_ncp_ioctl_request request32; 286 struct compat_ncp_ioctl_request request32;
@@ -356,10 +357,10 @@ static int __ncp_ioctl(struct inode *inode, struct file *filp,
356 case NCP_IOC_GETMOUNTUID16: 357 case NCP_IOC_GETMOUNTUID16:
357 case NCP_IOC_GETMOUNTUID32: 358 case NCP_IOC_GETMOUNTUID32:
358 case NCP_IOC_GETMOUNTUID64: 359 case NCP_IOC_GETMOUNTUID64:
359 if ((file_permission(filp, MAY_READ) != 0) 360 if (file_permission(filp, MAY_READ) != 0
360 && (current->uid != server->m.mounted_uid)) { 361 && uid != server->m.mounted_uid)
361 return -EACCES; 362 return -EACCES;
362 } 363
363 if (cmd == NCP_IOC_GETMOUNTUID16) { 364 if (cmd == NCP_IOC_GETMOUNTUID16) {
364 u16 uid; 365 u16 uid;
365 SET_UID(uid, server->m.mounted_uid); 366 SET_UID(uid, server->m.mounted_uid);
@@ -380,11 +381,10 @@ static int __ncp_ioctl(struct inode *inode, struct file *filp,
380 { 381 {
381 struct ncp_setroot_ioctl sr; 382 struct ncp_setroot_ioctl sr;
382 383
383 if ((file_permission(filp, MAY_READ) != 0) 384 if (file_permission(filp, MAY_READ) != 0
384 && (current->uid != server->m.mounted_uid)) 385 && uid != server->m.mounted_uid)
385 {
386 return -EACCES; 386 return -EACCES;
387 } 387
388 if (server->m.mounted_vol[0]) { 388 if (server->m.mounted_vol[0]) {
389 struct dentry* dentry = inode->i_sb->s_root; 389 struct dentry* dentry = inode->i_sb->s_root;
390 390
@@ -408,6 +408,7 @@ static int __ncp_ioctl(struct inode *inode, struct file *filp,
408 return -EFAULT; 408 return -EFAULT;
409 return 0; 409 return 0;
410 } 410 }
411
411 case NCP_IOC_SETROOT: 412 case NCP_IOC_SETROOT:
412 { 413 {
413 struct ncp_setroot_ioctl sr; 414 struct ncp_setroot_ioctl sr;
@@ -455,11 +456,10 @@ static int __ncp_ioctl(struct inode *inode, struct file *filp,
455 456
456#ifdef CONFIG_NCPFS_PACKET_SIGNING 457#ifdef CONFIG_NCPFS_PACKET_SIGNING
457 case NCP_IOC_SIGN_INIT: 458 case NCP_IOC_SIGN_INIT:
458 if ((file_permission(filp, MAY_WRITE) != 0) 459 if (file_permission(filp, MAY_WRITE) != 0
459 && (current->uid != server->m.mounted_uid)) 460 && uid != server->m.mounted_uid)
460 {
461 return -EACCES; 461 return -EACCES;
462 } 462
463 if (argp) { 463 if (argp) {
464 if (server->sign_wanted) 464 if (server->sign_wanted)
465 { 465 {
@@ -478,24 +478,22 @@ static int __ncp_ioctl(struct inode *inode, struct file *filp,
478 return 0; 478 return 0;
479 479
480 case NCP_IOC_SIGN_WANTED: 480 case NCP_IOC_SIGN_WANTED:
481 if ((file_permission(filp, MAY_READ) != 0) 481 if (file_permission(filp, MAY_READ) != 0
482 && (current->uid != server->m.mounted_uid)) 482 && uid != server->m.mounted_uid)
483 {
484 return -EACCES; 483 return -EACCES;
485 }
486 484
487 if (put_user(server->sign_wanted, (int __user *)argp)) 485 if (put_user(server->sign_wanted, (int __user *)argp))
488 return -EFAULT; 486 return -EFAULT;
489 return 0; 487 return 0;
488
490 case NCP_IOC_SET_SIGN_WANTED: 489 case NCP_IOC_SET_SIGN_WANTED:
491 { 490 {
492 int newstate; 491 int newstate;
493 492
494 if ((file_permission(filp, MAY_WRITE) != 0) 493 if (file_permission(filp, MAY_WRITE) != 0
495 && (current->uid != server->m.mounted_uid)) 494 && uid != server->m.mounted_uid)
496 {
497 return -EACCES; 495 return -EACCES;
498 } 496
499 /* get only low 8 bits... */ 497 /* get only low 8 bits... */
500 if (get_user(newstate, (unsigned char __user *)argp)) 498 if (get_user(newstate, (unsigned char __user *)argp))
501 return -EFAULT; 499 return -EFAULT;
@@ -512,11 +510,10 @@ static int __ncp_ioctl(struct inode *inode, struct file *filp,
512 510
513#ifdef CONFIG_NCPFS_IOCTL_LOCKING 511#ifdef CONFIG_NCPFS_IOCTL_LOCKING
514 case NCP_IOC_LOCKUNLOCK: 512 case NCP_IOC_LOCKUNLOCK:
515 if ((file_permission(filp, MAY_WRITE) != 0) 513 if (file_permission(filp, MAY_WRITE) != 0
516 && (current->uid != server->m.mounted_uid)) 514 && uid != server->m.mounted_uid)
517 {
518 return -EACCES; 515 return -EACCES;
519 } 516
520 { 517 {
521 struct ncp_lock_ioctl rqdata; 518 struct ncp_lock_ioctl rqdata;
522 519
@@ -585,9 +582,8 @@ outrel:
585 582
586#ifdef CONFIG_COMPAT 583#ifdef CONFIG_COMPAT
587 case NCP_IOC_GETOBJECTNAME_32: 584 case NCP_IOC_GETOBJECTNAME_32:
588 if (current->uid != server->m.mounted_uid) { 585 if (uid != server->m.mounted_uid)
589 return -EACCES; 586 return -EACCES;
590 }
591 { 587 {
592 struct compat_ncp_objectname_ioctl user; 588 struct compat_ncp_objectname_ioctl user;
593 size_t outl; 589 size_t outl;
@@ -609,10 +605,10 @@ outrel:
609 return 0; 605 return 0;
610 } 606 }
611#endif 607#endif
608
612 case NCP_IOC_GETOBJECTNAME: 609 case NCP_IOC_GETOBJECTNAME:
613 if (current->uid != server->m.mounted_uid) { 610 if (uid != server->m.mounted_uid)
614 return -EACCES; 611 return -EACCES;
615 }
616 { 612 {
617 struct ncp_objectname_ioctl user; 613 struct ncp_objectname_ioctl user;
618 size_t outl; 614 size_t outl;
@@ -633,13 +629,13 @@ outrel:
633 return -EFAULT; 629 return -EFAULT;
634 return 0; 630 return 0;
635 } 631 }
632
636#ifdef CONFIG_COMPAT 633#ifdef CONFIG_COMPAT
637 case NCP_IOC_SETOBJECTNAME_32: 634 case NCP_IOC_SETOBJECTNAME_32:
638#endif 635#endif
639 case NCP_IOC_SETOBJECTNAME: 636 case NCP_IOC_SETOBJECTNAME:
640 if (current->uid != server->m.mounted_uid) { 637 if (uid != server->m.mounted_uid)
641 return -EACCES; 638 return -EACCES;
642 }
643 { 639 {
644 struct ncp_objectname_ioctl user; 640 struct ncp_objectname_ioctl user;
645 void* newname; 641 void* newname;
@@ -691,13 +687,13 @@ outrel:
691 kfree(oldname); 687 kfree(oldname);
692 return 0; 688 return 0;
693 } 689 }
690
694#ifdef CONFIG_COMPAT 691#ifdef CONFIG_COMPAT
695 case NCP_IOC_GETPRIVATEDATA_32: 692 case NCP_IOC_GETPRIVATEDATA_32:
696#endif 693#endif
697 case NCP_IOC_GETPRIVATEDATA: 694 case NCP_IOC_GETPRIVATEDATA:
698 if (current->uid != server->m.mounted_uid) { 695 if (uid != server->m.mounted_uid)
699 return -EACCES; 696 return -EACCES;
700 }
701 { 697 {
702 struct ncp_privatedata_ioctl user; 698 struct ncp_privatedata_ioctl user;
703 size_t outl; 699 size_t outl;
@@ -736,13 +732,13 @@ outrel:
736 732
737 return 0; 733 return 0;
738 } 734 }
735
739#ifdef CONFIG_COMPAT 736#ifdef CONFIG_COMPAT
740 case NCP_IOC_SETPRIVATEDATA_32: 737 case NCP_IOC_SETPRIVATEDATA_32:
741#endif 738#endif
742 case NCP_IOC_SETPRIVATEDATA: 739 case NCP_IOC_SETPRIVATEDATA:
743 if (current->uid != server->m.mounted_uid) { 740 if (uid != server->m.mounted_uid)
744 return -EACCES; 741 return -EACCES;
745 }
746 { 742 {
747 struct ncp_privatedata_ioctl user; 743 struct ncp_privatedata_ioctl user;
748 void* new; 744 void* new;
@@ -794,9 +790,10 @@ outrel:
794#endif /* CONFIG_NCPFS_NLS */ 790#endif /* CONFIG_NCPFS_NLS */
795 791
796 case NCP_IOC_SETDENTRYTTL: 792 case NCP_IOC_SETDENTRYTTL:
797 if ((file_permission(filp, MAY_WRITE) != 0) && 793 if (file_permission(filp, MAY_WRITE) != 0 &&
798 (current->uid != server->m.mounted_uid)) 794 uid != server->m.mounted_uid)
799 return -EACCES; 795 return -EACCES;
796
800 { 797 {
801 u_int32_t user; 798 u_int32_t user;
802 799
diff --git a/fs/nfsctl.c b/fs/nfsctl.c
index aed8145d9087..b1acbd6ab6fb 100644
--- a/fs/nfsctl.c
+++ b/fs/nfsctl.c
@@ -10,6 +10,8 @@
10#include <linux/sunrpc/svc.h> 10#include <linux/sunrpc/svc.h>
11#include <linux/nfsd/nfsd.h> 11#include <linux/nfsd/nfsd.h>
12#include <linux/nfsd/syscall.h> 12#include <linux/nfsd/syscall.h>
13#include <linux/cred.h>
14#include <linux/sched.h>
13#include <linux/linkage.h> 15#include <linux/linkage.h>
14#include <linux/namei.h> 16#include <linux/namei.h>
15#include <linux/mount.h> 17#include <linux/mount.h>
@@ -41,7 +43,8 @@ static struct file *do_open(char *name, int flags)
41 error = may_open(&nd, MAY_WRITE, FMODE_WRITE); 43 error = may_open(&nd, MAY_WRITE, FMODE_WRITE);
42 44
43 if (!error) 45 if (!error)
44 return dentry_open(nd.path.dentry, nd.path.mnt, flags); 46 return dentry_open(nd.path.dentry, nd.path.mnt, flags,
47 current_cred());
45 48
46 path_put(&nd.path); 49 path_put(&nd.path);
47 return ERR_PTR(error); 50 return ERR_PTR(error);
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
index 294992e9bf69..0184fe9b514c 100644
--- a/fs/nfsd/auth.c
+++ b/fs/nfsd/auth.c
@@ -27,53 +27,70 @@ int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
27 27
28int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) 28int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
29{ 29{
30 struct svc_cred cred = rqstp->rq_cred; 30 struct group_info *rqgi;
31 struct group_info *gi;
32 struct cred *new;
31 int i; 33 int i;
32 int flags = nfsexp_flags(rqstp, exp); 34 int flags = nfsexp_flags(rqstp, exp);
33 int ret; 35 int ret;
34 36
37 /* discard any old override before preparing the new set */
38 revert_creds(get_cred(current->real_cred));
39 new = prepare_creds();
40 if (!new)
41 return -ENOMEM;
42
43 new->fsuid = rqstp->rq_cred.cr_uid;
44 new->fsgid = rqstp->rq_cred.cr_gid;
45
46 rqgi = rqstp->rq_cred.cr_group_info;
47
35 if (flags & NFSEXP_ALLSQUASH) { 48 if (flags & NFSEXP_ALLSQUASH) {
36 cred.cr_uid = exp->ex_anon_uid; 49 new->fsuid = exp->ex_anon_uid;
37 cred.cr_gid = exp->ex_anon_gid; 50 new->fsgid = exp->ex_anon_gid;
38 cred.cr_group_info = groups_alloc(0); 51 gi = groups_alloc(0);
39 } else if (flags & NFSEXP_ROOTSQUASH) { 52 } else if (flags & NFSEXP_ROOTSQUASH) {
40 struct group_info *gi; 53 if (!new->fsuid)
41 if (!cred.cr_uid) 54 new->fsuid = exp->ex_anon_uid;
42 cred.cr_uid = exp->ex_anon_uid; 55 if (!new->fsgid)
43 if (!cred.cr_gid) 56 new->fsgid = exp->ex_anon_gid;
44 cred.cr_gid = exp->ex_anon_gid;
45 gi = groups_alloc(cred.cr_group_info->ngroups);
46 if (gi)
47 for (i = 0; i < cred.cr_group_info->ngroups; i++) {
48 if (!GROUP_AT(cred.cr_group_info, i))
49 GROUP_AT(gi, i) = exp->ex_anon_gid;
50 else
51 GROUP_AT(gi, i) = GROUP_AT(cred.cr_group_info, i);
52 }
53 cred.cr_group_info = gi;
54 } else
55 get_group_info(cred.cr_group_info);
56
57 if (cred.cr_uid != (uid_t) -1)
58 current->fsuid = cred.cr_uid;
59 else
60 current->fsuid = exp->ex_anon_uid;
61 if (cred.cr_gid != (gid_t) -1)
62 current->fsgid = cred.cr_gid;
63 else
64 current->fsgid = exp->ex_anon_gid;
65 57
66 if (!cred.cr_group_info) 58 gi = groups_alloc(rqgi->ngroups);
67 return -ENOMEM; 59 if (!gi)
68 ret = set_current_groups(cred.cr_group_info); 60 goto oom;
69 put_group_info(cred.cr_group_info); 61
70 if ((cred.cr_uid)) { 62 for (i = 0; i < rqgi->ngroups; i++) {
71 current->cap_effective = 63 if (!GROUP_AT(rqgi, i))
72 cap_drop_nfsd_set(current->cap_effective); 64 GROUP_AT(gi, i) = exp->ex_anon_gid;
65 else
66 GROUP_AT(gi, i) = GROUP_AT(rqgi, i);
67 }
73 } else { 68 } else {
74 current->cap_effective = 69 gi = get_group_info(rqgi);
75 cap_raise_nfsd_set(current->cap_effective,
76 current->cap_permitted);
77 } 70 }
71
72 if (new->fsuid == (uid_t) -1)
73 new->fsuid = exp->ex_anon_uid;
74 if (new->fsgid == (gid_t) -1)
75 new->fsgid = exp->ex_anon_gid;
76
77 ret = set_groups(new, gi);
78 put_group_info(gi);
79 if (!ret)
80 goto error;
81
82 if (new->uid)
83 new->cap_effective = cap_drop_nfsd_set(new->cap_effective);
84 else
85 new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
86 new->cap_permitted);
87 put_cred(override_creds(new));
88 return 0;
89
90oom:
91 ret = -ENOMEM;
92error:
93 abort_creds(new);
78 return ret; 94 return ret;
79} 95}
96
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index b79ec930d9f1..0f9d6efaa62b 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -54,20 +54,26 @@
54static struct path rec_dir; 54static struct path rec_dir;
55static int rec_dir_init = 0; 55static int rec_dir_init = 0;
56 56
57static void 57static int
58nfs4_save_user(uid_t *saveuid, gid_t *savegid) 58nfs4_save_creds(const struct cred **original_creds)
59{ 59{
60 *saveuid = current->fsuid; 60 struct cred *new;
61 *savegid = current->fsgid; 61
62 current->fsuid = 0; 62 new = prepare_creds();
63 current->fsgid = 0; 63 if (!new)
64 return -ENOMEM;
65
66 new->fsuid = 0;
67 new->fsgid = 0;
68 *original_creds = override_creds(new);
69 put_cred(new);
70 return 0;
64} 71}
65 72
66static void 73static void
67nfs4_reset_user(uid_t saveuid, gid_t savegid) 74nfs4_reset_creds(const struct cred *original)
68{ 75{
69 current->fsuid = saveuid; 76 revert_creds(original);
70 current->fsgid = savegid;
71} 77}
72 78
73static void 79static void
@@ -129,10 +135,9 @@ nfsd4_sync_rec_dir(void)
129int 135int
130nfsd4_create_clid_dir(struct nfs4_client *clp) 136nfsd4_create_clid_dir(struct nfs4_client *clp)
131{ 137{
138 const struct cred *original_cred;
132 char *dname = clp->cl_recdir; 139 char *dname = clp->cl_recdir;
133 struct dentry *dentry; 140 struct dentry *dentry;
134 uid_t uid;
135 gid_t gid;
136 int status; 141 int status;
137 142
138 dprintk("NFSD: nfsd4_create_clid_dir for \"%s\"\n", dname); 143 dprintk("NFSD: nfsd4_create_clid_dir for \"%s\"\n", dname);
@@ -140,7 +145,9 @@ nfsd4_create_clid_dir(struct nfs4_client *clp)
140 if (!rec_dir_init || clp->cl_firststate) 145 if (!rec_dir_init || clp->cl_firststate)
141 return 0; 146 return 0;
142 147
143 nfs4_save_user(&uid, &gid); 148 status = nfs4_save_creds(&original_cred);
149 if (status < 0)
150 return status;
144 151
145 /* lock the parent */ 152 /* lock the parent */
146 mutex_lock(&rec_dir.dentry->d_inode->i_mutex); 153 mutex_lock(&rec_dir.dentry->d_inode->i_mutex);
@@ -168,7 +175,7 @@ out_unlock:
168 clp->cl_firststate = 1; 175 clp->cl_firststate = 1;
169 nfsd4_sync_rec_dir(); 176 nfsd4_sync_rec_dir();
170 } 177 }
171 nfs4_reset_user(uid, gid); 178 nfs4_reset_creds(original_cred);
172 dprintk("NFSD: nfsd4_create_clid_dir returns %d\n", status); 179 dprintk("NFSD: nfsd4_create_clid_dir returns %d\n", status);
173 return status; 180 return status;
174} 181}
@@ -211,26 +218,29 @@ nfsd4_build_dentrylist(void *arg, const char *name, int namlen,
211static int 218static int
212nfsd4_list_rec_dir(struct dentry *dir, recdir_func *f) 219nfsd4_list_rec_dir(struct dentry *dir, recdir_func *f)
213{ 220{
221 const struct cred *original_cred;
214 struct file *filp; 222 struct file *filp;
215 struct dentry_list_arg dla = { 223 struct dentry_list_arg dla = {
216 .parent = dir, 224 .parent = dir,
217 }; 225 };
218 struct list_head *dentries = &dla.dentries; 226 struct list_head *dentries = &dla.dentries;
219 struct dentry_list *child; 227 struct dentry_list *child;
220 uid_t uid;
221 gid_t gid;
222 int status; 228 int status;
223 229
224 if (!rec_dir_init) 230 if (!rec_dir_init)
225 return 0; 231 return 0;
226 232
227 nfs4_save_user(&uid, &gid); 233 status = nfs4_save_creds(&original_cred);
234 if (status < 0)
235 return status;
228 INIT_LIST_HEAD(dentries); 236 INIT_LIST_HEAD(dentries);
229 237
230 filp = dentry_open(dget(dir), mntget(rec_dir.mnt), O_RDONLY); 238 filp = dentry_open(dget(dir), mntget(rec_dir.mnt), O_RDONLY,
239 current_cred());
231 status = PTR_ERR(filp); 240 status = PTR_ERR(filp);
232 if (IS_ERR(filp)) 241 if (IS_ERR(filp))
233 goto out; 242 goto out;
243 INIT_LIST_HEAD(dentries);
234 status = vfs_readdir(filp, nfsd4_build_dentrylist, &dla); 244 status = vfs_readdir(filp, nfsd4_build_dentrylist, &dla);
235 fput(filp); 245 fput(filp);
236 while (!list_empty(dentries)) { 246 while (!list_empty(dentries)) {
@@ -249,7 +259,7 @@ out:
249 dput(child->dentry); 259 dput(child->dentry);
250 kfree(child); 260 kfree(child);
251 } 261 }
252 nfs4_reset_user(uid, gid); 262 nfs4_reset_creds(original_cred);
253 return status; 263 return status;
254} 264}
255 265
@@ -311,8 +321,7 @@ out:
311void 321void
312nfsd4_remove_clid_dir(struct nfs4_client *clp) 322nfsd4_remove_clid_dir(struct nfs4_client *clp)
313{ 323{
314 uid_t uid; 324 const struct cred *original_cred;
315 gid_t gid;
316 int status; 325 int status;
317 326
318 if (!rec_dir_init || !clp->cl_firststate) 327 if (!rec_dir_init || !clp->cl_firststate)
@@ -322,9 +331,13 @@ nfsd4_remove_clid_dir(struct nfs4_client *clp)
322 if (status) 331 if (status)
323 goto out; 332 goto out;
324 clp->cl_firststate = 0; 333 clp->cl_firststate = 0;
325 nfs4_save_user(&uid, &gid); 334
335 status = nfs4_save_creds(&original_cred);
336 if (status < 0)
337 goto out;
338
326 status = nfsd4_unlink_clid_dir(clp->cl_recdir, HEXDIR_LEN-1); 339 status = nfsd4_unlink_clid_dir(clp->cl_recdir, HEXDIR_LEN-1);
327 nfs4_reset_user(uid, gid); 340 nfs4_reset_creds(original_cred);
328 if (status == 0) 341 if (status == 0)
329 nfsd4_sync_rec_dir(); 342 nfsd4_sync_rec_dir();
330 mnt_drop_write(rec_dir.mnt); 343 mnt_drop_write(rec_dir.mnt);
@@ -401,16 +414,21 @@ nfsd4_recdir_load(void) {
401void 414void
402nfsd4_init_recdir(char *rec_dirname) 415nfsd4_init_recdir(char *rec_dirname)
403{ 416{
404 uid_t uid = 0; 417 const struct cred *original_cred;
405 gid_t gid = 0; 418 int status;
406 int status;
407 419
408 printk("NFSD: Using %s as the NFSv4 state recovery directory\n", 420 printk("NFSD: Using %s as the NFSv4 state recovery directory\n",
409 rec_dirname); 421 rec_dirname);
410 422
411 BUG_ON(rec_dir_init); 423 BUG_ON(rec_dir_init);
412 424
413 nfs4_save_user(&uid, &gid); 425 status = nfs4_save_creds(&original_cred);
426 if (status < 0) {
427 printk("NFSD: Unable to change credentials to find recovery"
428 " directory: error %d\n",
429 status);
430 return;
431 }
414 432
415 status = kern_path(rec_dirname, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, 433 status = kern_path(rec_dirname, LOOKUP_FOLLOW | LOOKUP_DIRECTORY,
416 &rec_dir); 434 &rec_dir);
@@ -420,7 +438,7 @@ nfsd4_init_recdir(char *rec_dirname)
420 438
421 if (!status) 439 if (!status)
422 rec_dir_init = 1; 440 rec_dir_init = 1;
423 nfs4_reset_user(uid, gid); 441 nfs4_reset_creds(original_cred);
424} 442}
425 443
426void 444void
diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index cd25d91895a1..f0da7d9c3a92 100644
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -186,9 +186,14 @@ static __be32 nfsd_set_fh_dentry(struct svc_rqst *rqstp, struct svc_fh *fhp)
186 * access control settings being in effect, we cannot 186 * access control settings being in effect, we cannot
187 * fix that case easily. 187 * fix that case easily.
188 */ 188 */
189 current->cap_effective = 189 struct cred *new = prepare_creds();
190 cap_raise_nfsd_set(current->cap_effective, 190 if (!new)
191 current->cap_permitted); 191 return nfserrno(-ENOMEM);
192 new->cap_effective =
193 cap_raise_nfsd_set(new->cap_effective,
194 new->cap_permitted);
195 put_cred(override_creds(new));
196 put_cred(new);
192 } else { 197 } else {
193 error = nfsd_setuser_and_check_port(rqstp, exp); 198 error = nfsd_setuser_and_check_port(rqstp, exp);
194 if (error) 199 if (error)
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index 4433c8f00163..d1c5f787b365 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -671,6 +671,7 @@ __be32
671nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, 671nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type,
672 int access, struct file **filp) 672 int access, struct file **filp)
673{ 673{
674 const struct cred *cred = current_cred();
674 struct dentry *dentry; 675 struct dentry *dentry;
675 struct inode *inode; 676 struct inode *inode;
676 int flags = O_RDONLY|O_LARGEFILE; 677 int flags = O_RDONLY|O_LARGEFILE;
@@ -725,7 +726,7 @@ nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type,
725 DQUOT_INIT(inode); 726 DQUOT_INIT(inode);
726 } 727 }
727 *filp = dentry_open(dget(dentry), mntget(fhp->fh_export->ex_path.mnt), 728 *filp = dentry_open(dget(dentry), mntget(fhp->fh_export->ex_path.mnt),
728 flags); 729 flags, cred);
729 if (IS_ERR(*filp)) 730 if (IS_ERR(*filp))
730 host_err = PTR_ERR(*filp); 731 host_err = PTR_ERR(*filp);
731out_nfserr: 732out_nfserr:
@@ -1169,7 +1170,7 @@ nfsd_create_setattr(struct svc_rqst *rqstp, struct svc_fh *resfhp,
1169 * send along the gid on create when it tries to implement 1170 * send along the gid on create when it tries to implement
1170 * setgid directories via NFS: 1171 * setgid directories via NFS:
1171 */ 1172 */
1172 if (current->fsuid != 0) 1173 if (current_fsuid() != 0)
1173 iap->ia_valid &= ~(ATTR_UID|ATTR_GID); 1174 iap->ia_valid &= ~(ATTR_UID|ATTR_GID);
1174 if (iap->ia_valid) 1175 if (iap->ia_valid)
1175 return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0); 1176 return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);
@@ -2001,7 +2002,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp,
2001 IS_APPEND(inode)? " append" : "", 2002 IS_APPEND(inode)? " append" : "",
2002 __mnt_is_readonly(exp->ex_path.mnt)? " ro" : ""); 2003 __mnt_is_readonly(exp->ex_path.mnt)? " ro" : "");
2003 dprintk(" owner %d/%d user %d/%d\n", 2004 dprintk(" owner %d/%d user %d/%d\n",
2004 inode->i_uid, inode->i_gid, current->fsuid, current->fsgid); 2005 inode->i_uid, inode->i_gid, current_fsuid(), current_fsgid());
2005#endif 2006#endif
2006 2007
2007 /* Normally we reject any write/sattr etc access on a read-only file 2008 /* Normally we reject any write/sattr etc access on a read-only file
@@ -2044,7 +2045,7 @@ nfsd_permission(struct svc_rqst *rqstp, struct svc_export *exp,
2044 * with NFSv3. 2045 * with NFSv3.
2045 */ 2046 */
2046 if ((acc & NFSD_MAY_OWNER_OVERRIDE) && 2047 if ((acc & NFSD_MAY_OWNER_OVERRIDE) &&
2047 inode->i_uid == current->fsuid) 2048 inode->i_uid == current_fsuid())
2048 return 0; 2049 return 0;
2049 2050
2050 /* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */ 2051 /* This assumes NFSD_MAY_{READ,WRITE,EXEC} == MAY_{READ,WRITE,EXEC} */
diff --git a/fs/ocfs2/dlm/dlmfs.c b/fs/ocfs2/dlm/dlmfs.c
index ba962d71b34d..6f7a77d54020 100644
--- a/fs/ocfs2/dlm/dlmfs.c
+++ b/fs/ocfs2/dlm/dlmfs.c
@@ -339,8 +339,8 @@ static struct inode *dlmfs_get_root_inode(struct super_block *sb)
339 ip = DLMFS_I(inode); 339 ip = DLMFS_I(inode);
340 340
341 inode->i_mode = mode; 341 inode->i_mode = mode;
342 inode->i_uid = current->fsuid; 342 inode->i_uid = current_fsuid();
343 inode->i_gid = current->fsgid; 343 inode->i_gid = current_fsgid();
344 inode->i_blocks = 0; 344 inode->i_blocks = 0;
345 inode->i_mapping->backing_dev_info = &dlmfs_backing_dev_info; 345 inode->i_mapping->backing_dev_info = &dlmfs_backing_dev_info;
346 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 346 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
@@ -365,8 +365,8 @@ static struct inode *dlmfs_get_inode(struct inode *parent,
365 return NULL; 365 return NULL;
366 366
367 inode->i_mode = mode; 367 inode->i_mode = mode;
368 inode->i_uid = current->fsuid; 368 inode->i_uid = current_fsuid();
369 inode->i_gid = current->fsgid; 369 inode->i_gid = current_fsgid();
370 inode->i_blocks = 0; 370 inode->i_blocks = 0;
371 inode->i_mapping->backing_dev_info = &dlmfs_backing_dev_info; 371 inode->i_mapping->backing_dev_info = &dlmfs_backing_dev_info;
372 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 372 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
index f4967e634ffd..2545e7402efe 100644
--- a/fs/ocfs2/namei.c
+++ b/fs/ocfs2/namei.c
@@ -421,13 +421,13 @@ static int ocfs2_mknod_locked(struct ocfs2_super *osb,
421 fe->i_blkno = cpu_to_le64(fe_blkno); 421 fe->i_blkno = cpu_to_le64(fe_blkno);
422 fe->i_suballoc_bit = cpu_to_le16(suballoc_bit); 422 fe->i_suballoc_bit = cpu_to_le16(suballoc_bit);
423 fe->i_suballoc_slot = cpu_to_le16(inode_ac->ac_alloc_slot); 423 fe->i_suballoc_slot = cpu_to_le16(inode_ac->ac_alloc_slot);
424 fe->i_uid = cpu_to_le32(current->fsuid); 424 fe->i_uid = cpu_to_le32(current_fsuid());
425 if (dir->i_mode & S_ISGID) { 425 if (dir->i_mode & S_ISGID) {
426 fe->i_gid = cpu_to_le32(dir->i_gid); 426 fe->i_gid = cpu_to_le32(dir->i_gid);
427 if (S_ISDIR(mode)) 427 if (S_ISDIR(mode))
428 mode |= S_ISGID; 428 mode |= S_ISGID;
429 } else 429 } else
430 fe->i_gid = cpu_to_le32(current->fsgid); 430 fe->i_gid = cpu_to_le32(current_fsgid());
431 fe->i_mode = cpu_to_le16(mode); 431 fe->i_mode = cpu_to_le16(mode);
432 if (S_ISCHR(mode) || S_ISBLK(mode)) 432 if (S_ISCHR(mode) || S_ISBLK(mode))
433 fe->id1.dev1.i_rdev = cpu_to_le64(huge_encode_dev(dev)); 433 fe->id1.dev1.i_rdev = cpu_to_le64(huge_encode_dev(dev));
diff --git a/fs/omfs/inode.c b/fs/omfs/inode.c
index cbf047a847c5..6afe57c84f84 100644
--- a/fs/omfs/inode.c
+++ b/fs/omfs/inode.c
@@ -37,8 +37,8 @@ struct inode *omfs_new_inode(struct inode *dir, int mode)
37 37
38 inode->i_ino = new_block; 38 inode->i_ino = new_block;
39 inode->i_mode = mode; 39 inode->i_mode = mode;
40 inode->i_uid = current->fsuid; 40 inode->i_uid = current_fsuid();
41 inode->i_gid = current->fsgid; 41 inode->i_gid = current_fsgid();
42 inode->i_blocks = 0; 42 inode->i_blocks = 0;
43 inode->i_mapping->a_ops = &omfs_aops; 43 inode->i_mapping->a_ops = &omfs_aops;
44 44
@@ -420,8 +420,8 @@ static int omfs_fill_super(struct super_block *sb, void *data, int silent)
420 420
421 sb->s_fs_info = sbi; 421 sb->s_fs_info = sbi;
422 422
423 sbi->s_uid = current->uid; 423 sbi->s_uid = current_uid();
424 sbi->s_gid = current->gid; 424 sbi->s_gid = current_gid();
425 sbi->s_dmask = sbi->s_fmask = current->fs->umask; 425 sbi->s_dmask = sbi->s_fmask = current->fs->umask;
426 426
427 if (!parse_options((char *) data, sbi)) 427 if (!parse_options((char *) data, sbi))
diff --git a/fs/open.c b/fs/open.c
index 83cdb9dee0c1..c0a426d5766c 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -425,39 +425,33 @@ out:
425 */ 425 */
426asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode) 426asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
427{ 427{
428 const struct cred *old_cred;
429 struct cred *override_cred;
428 struct path path; 430 struct path path;
429 struct inode *inode; 431 struct inode *inode;
430 int old_fsuid, old_fsgid;
431 kernel_cap_t uninitialized_var(old_cap); /* !SECURE_NO_SETUID_FIXUP */
432 int res; 432 int res;
433 433
434 if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */ 434 if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */
435 return -EINVAL; 435 return -EINVAL;
436 436
437 old_fsuid = current->fsuid; 437 override_cred = prepare_creds();
438 old_fsgid = current->fsgid; 438 if (!override_cred)
439 return -ENOMEM;
439 440
440 current->fsuid = current->uid; 441 override_cred->fsuid = override_cred->uid;
441 current->fsgid = current->gid; 442 override_cred->fsgid = override_cred->gid;
442 443
443 if (!issecure(SECURE_NO_SETUID_FIXUP)) { 444 if (!issecure(SECURE_NO_SETUID_FIXUP)) {
444 /* 445 /* Clear the capabilities if we switch to a non-root user */
445 * Clear the capabilities if we switch to a non-root user 446 if (override_cred->uid)
446 */ 447 cap_clear(override_cred->cap_effective);
447#ifndef CONFIG_SECURITY_FILE_CAPABILITIES
448 /*
449 * FIXME: There is a race here against sys_capset. The
450 * capabilities can change yet we will restore the old
451 * value below. We should hold task_capabilities_lock,
452 * but we cannot because user_path_at can sleep.
453 */
454#endif /* ndef CONFIG_SECURITY_FILE_CAPABILITIES */
455 if (current->uid)
456 old_cap = cap_set_effective(__cap_empty_set);
457 else 448 else
458 old_cap = cap_set_effective(current->cap_permitted); 449 override_cred->cap_effective =
450 override_cred->cap_permitted;
459 } 451 }
460 452
453 old_cred = override_creds(override_cred);
454
461 res = user_path_at(dfd, filename, LOOKUP_FOLLOW, &path); 455 res = user_path_at(dfd, filename, LOOKUP_FOLLOW, &path);
462 if (res) 456 if (res)
463 goto out; 457 goto out;
@@ -494,12 +488,8 @@ asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
494out_path_release: 488out_path_release:
495 path_put(&path); 489 path_put(&path);
496out: 490out:
497 current->fsuid = old_fsuid; 491 revert_creds(old_cred);
498 current->fsgid = old_fsgid; 492 put_cred(override_cred);
499
500 if (!issecure(SECURE_NO_SETUID_FIXUP))
501 cap_set_effective(old_cap);
502
503 return res; 493 return res;
504} 494}
505 495
@@ -792,7 +782,8 @@ static inline int __get_file_write_access(struct inode *inode,
792 782
793static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt, 783static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt,
794 int flags, struct file *f, 784 int flags, struct file *f,
795 int (*open)(struct inode *, struct file *)) 785 int (*open)(struct inode *, struct file *),
786 const struct cred *cred)
796{ 787{
797 struct inode *inode; 788 struct inode *inode;
798 int error; 789 int error;
@@ -816,7 +807,7 @@ static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt,
816 f->f_op = fops_get(inode->i_fop); 807 f->f_op = fops_get(inode->i_fop);
817 file_move(f, &inode->i_sb->s_files); 808 file_move(f, &inode->i_sb->s_files);
818 809
819 error = security_dentry_open(f); 810 error = security_dentry_open(f, cred);
820 if (error) 811 if (error)
821 goto cleanup_all; 812 goto cleanup_all;
822 813
@@ -891,6 +882,8 @@ cleanup_file:
891struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry, 882struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry,
892 int (*open)(struct inode *, struct file *)) 883 int (*open)(struct inode *, struct file *))
893{ 884{
885 const struct cred *cred = current_cred();
886
894 if (IS_ERR(nd->intent.open.file)) 887 if (IS_ERR(nd->intent.open.file))
895 goto out; 888 goto out;
896 if (IS_ERR(dentry)) 889 if (IS_ERR(dentry))
@@ -898,7 +891,7 @@ struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry
898 nd->intent.open.file = __dentry_open(dget(dentry), mntget(nd->path.mnt), 891 nd->intent.open.file = __dentry_open(dget(dentry), mntget(nd->path.mnt),
899 nd->intent.open.flags - 1, 892 nd->intent.open.flags - 1,
900 nd->intent.open.file, 893 nd->intent.open.file,
901 open); 894 open, cred);
902out: 895out:
903 return nd->intent.open.file; 896 return nd->intent.open.file;
904out_err: 897out_err:
@@ -917,6 +910,7 @@ EXPORT_SYMBOL_GPL(lookup_instantiate_filp);
917 */ 910 */
918struct file *nameidata_to_filp(struct nameidata *nd, int flags) 911struct file *nameidata_to_filp(struct nameidata *nd, int flags)
919{ 912{
913 const struct cred *cred = current_cred();
920 struct file *filp; 914 struct file *filp;
921 915
922 /* Pick up the filp from the open intent */ 916 /* Pick up the filp from the open intent */
@@ -924,7 +918,7 @@ struct file *nameidata_to_filp(struct nameidata *nd, int flags)
924 /* Has the filesystem initialised the file for us? */ 918 /* Has the filesystem initialised the file for us? */
925 if (filp->f_path.dentry == NULL) 919 if (filp->f_path.dentry == NULL)
926 filp = __dentry_open(nd->path.dentry, nd->path.mnt, flags, filp, 920 filp = __dentry_open(nd->path.dentry, nd->path.mnt, flags, filp,
927 NULL); 921 NULL, cred);
928 else 922 else
929 path_put(&nd->path); 923 path_put(&nd->path);
930 return filp; 924 return filp;
@@ -934,7 +928,8 @@ struct file *nameidata_to_filp(struct nameidata *nd, int flags)
934 * dentry_open() will have done dput(dentry) and mntput(mnt) if it returns an 928 * dentry_open() will have done dput(dentry) and mntput(mnt) if it returns an
935 * error. 929 * error.
936 */ 930 */
937struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags) 931struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags,
932 const struct cred *cred)
938{ 933{
939 int error; 934 int error;
940 struct file *f; 935 struct file *f;
@@ -959,7 +954,7 @@ struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags)
959 return ERR_PTR(error); 954 return ERR_PTR(error);
960 } 955 }
961 956
962 return __dentry_open(dentry, mnt, flags, f, NULL); 957 return __dentry_open(dentry, mnt, flags, f, NULL, cred);
963} 958}
964EXPORT_SYMBOL(dentry_open); 959EXPORT_SYMBOL(dentry_open);
965 960
diff --git a/fs/pipe.c b/fs/pipe.c
index 7aea8b89baac..aaf797bd57b9 100644
--- a/fs/pipe.c
+++ b/fs/pipe.c
@@ -899,8 +899,8 @@ static struct inode * get_pipe_inode(void)
899 */ 899 */
900 inode->i_state = I_DIRTY; 900 inode->i_state = I_DIRTY;
901 inode->i_mode = S_IFIFO | S_IRUSR | S_IWUSR; 901 inode->i_mode = S_IFIFO | S_IRUSR | S_IWUSR;
902 inode->i_uid = current->fsuid; 902 inode->i_uid = current_fsuid();
903 inode->i_gid = current->fsgid; 903 inode->i_gid = current_fsgid();
904 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 904 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
905 905
906 return inode; 906 return inode;
diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index aec931e09973..39df95a0ec25 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -217,11 +217,11 @@ posix_acl_permission(struct inode *inode, const struct posix_acl *acl, int want)
217 switch(pa->e_tag) { 217 switch(pa->e_tag) {
218 case ACL_USER_OBJ: 218 case ACL_USER_OBJ:
219 /* (May have been checked already) */ 219 /* (May have been checked already) */
220 if (inode->i_uid == current->fsuid) 220 if (inode->i_uid == current_fsuid())
221 goto check_perm; 221 goto check_perm;
222 break; 222 break;
223 case ACL_USER: 223 case ACL_USER:
224 if (pa->e_id == current->fsuid) 224 if (pa->e_id == current_fsuid())
225 goto mask; 225 goto mask;
226 break; 226 break;
227 case ACL_GROUP_OBJ: 227 case ACL_GROUP_OBJ:
diff --git a/fs/proc/array.c b/fs/proc/array.c
index 6af7fba7abb1..7e4877d9dcb5 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -159,6 +159,7 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
159 struct group_info *group_info; 159 struct group_info *group_info;
160 int g; 160 int g;
161 struct fdtable *fdt = NULL; 161 struct fdtable *fdt = NULL;
162 const struct cred *cred;
162 pid_t ppid, tpid; 163 pid_t ppid, tpid;
163 164
164 rcu_read_lock(); 165 rcu_read_lock();
@@ -170,6 +171,7 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
170 if (tracer) 171 if (tracer)
171 tpid = task_pid_nr_ns(tracer, ns); 172 tpid = task_pid_nr_ns(tracer, ns);
172 } 173 }
174 cred = get_cred((struct cred *) __task_cred(p));
173 seq_printf(m, 175 seq_printf(m,
174 "State:\t%s\n" 176 "State:\t%s\n"
175 "Tgid:\t%d\n" 177 "Tgid:\t%d\n"
@@ -182,8 +184,8 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
182 task_tgid_nr_ns(p, ns), 184 task_tgid_nr_ns(p, ns),
183 pid_nr_ns(pid, ns), 185 pid_nr_ns(pid, ns),
184 ppid, tpid, 186 ppid, tpid,
185 p->uid, p->euid, p->suid, p->fsuid, 187 cred->uid, cred->euid, cred->suid, cred->fsuid,
186 p->gid, p->egid, p->sgid, p->fsgid); 188 cred->gid, cred->egid, cred->sgid, cred->fsgid);
187 189
188 task_lock(p); 190 task_lock(p);
189 if (p->files) 191 if (p->files)
@@ -194,13 +196,12 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
194 fdt ? fdt->max_fds : 0); 196 fdt ? fdt->max_fds : 0);
195 rcu_read_unlock(); 197 rcu_read_unlock();
196 198
197 group_info = p->group_info; 199 group_info = cred->group_info;
198 get_group_info(group_info);
199 task_unlock(p); 200 task_unlock(p);
200 201
201 for (g = 0; g < min(group_info->ngroups, NGROUPS_SMALL); g++) 202 for (g = 0; g < min(group_info->ngroups, NGROUPS_SMALL); g++)
202 seq_printf(m, "%d ", GROUP_AT(group_info, g)); 203 seq_printf(m, "%d ", GROUP_AT(group_info, g));
203 put_group_info(group_info); 204 put_cred(cred);
204 205
205 seq_printf(m, "\n"); 206 seq_printf(m, "\n");
206} 207}
@@ -262,7 +263,7 @@ static inline void task_sig(struct seq_file *m, struct task_struct *p)
262 blocked = p->blocked; 263 blocked = p->blocked;
263 collect_sigign_sigcatch(p, &ignored, &caught); 264 collect_sigign_sigcatch(p, &ignored, &caught);
264 num_threads = atomic_read(&p->signal->count); 265 num_threads = atomic_read(&p->signal->count);
265 qsize = atomic_read(&p->user->sigpending); 266 qsize = atomic_read(&__task_cred(p)->user->sigpending);
266 qlim = p->signal->rlim[RLIMIT_SIGPENDING].rlim_cur; 267 qlim = p->signal->rlim[RLIMIT_SIGPENDING].rlim_cur;
267 unlock_task_sighand(p, &flags); 268 unlock_task_sighand(p, &flags);
268 } 269 }
@@ -293,10 +294,21 @@ static void render_cap_t(struct seq_file *m, const char *header,
293 294
294static inline void task_cap(struct seq_file *m, struct task_struct *p) 295static inline void task_cap(struct seq_file *m, struct task_struct *p)
295{ 296{
296 render_cap_t(m, "CapInh:\t", &p->cap_inheritable); 297 const struct cred *cred;
297 render_cap_t(m, "CapPrm:\t", &p->cap_permitted); 298 kernel_cap_t cap_inheritable, cap_permitted, cap_effective, cap_bset;
298 render_cap_t(m, "CapEff:\t", &p->cap_effective); 299
299 render_cap_t(m, "CapBnd:\t", &p->cap_bset); 300 rcu_read_lock();
301 cred = __task_cred(p);
302 cap_inheritable = cred->cap_inheritable;
303 cap_permitted = cred->cap_permitted;
304 cap_effective = cred->cap_effective;
305 cap_bset = cred->cap_bset;
306 rcu_read_unlock();
307
308 render_cap_t(m, "CapInh:\t", &cap_inheritable);
309 render_cap_t(m, "CapPrm:\t", &cap_permitted);
310 render_cap_t(m, "CapEff:\t", &cap_effective);
311 render_cap_t(m, "CapBnd:\t", &cap_bset);
300} 312}
301 313
302static inline void task_context_switch_counts(struct seq_file *m, 314static inline void task_context_switch_counts(struct seq_file *m,
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 486cf3fe7139..cf42c42cbfbb 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1406,6 +1406,7 @@ static struct inode *proc_pid_make_inode(struct super_block * sb, struct task_st
1406{ 1406{
1407 struct inode * inode; 1407 struct inode * inode;
1408 struct proc_inode *ei; 1408 struct proc_inode *ei;
1409 const struct cred *cred;
1409 1410
1410 /* We need a new inode */ 1411 /* We need a new inode */
1411 1412
@@ -1428,8 +1429,11 @@ static struct inode *proc_pid_make_inode(struct super_block * sb, struct task_st
1428 inode->i_uid = 0; 1429 inode->i_uid = 0;
1429 inode->i_gid = 0; 1430 inode->i_gid = 0;
1430 if (task_dumpable(task)) { 1431 if (task_dumpable(task)) {
1431 inode->i_uid = task->euid; 1432 rcu_read_lock();
1432 inode->i_gid = task->egid; 1433 cred = __task_cred(task);
1434 inode->i_uid = cred->euid;
1435 inode->i_gid = cred->egid;
1436 rcu_read_unlock();
1433 } 1437 }
1434 security_task_to_inode(task, inode); 1438 security_task_to_inode(task, inode);
1435 1439
@@ -1445,6 +1449,8 @@ static int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat
1445{ 1449{
1446 struct inode *inode = dentry->d_inode; 1450 struct inode *inode = dentry->d_inode;
1447 struct task_struct *task; 1451 struct task_struct *task;
1452 const struct cred *cred;
1453
1448 generic_fillattr(inode, stat); 1454 generic_fillattr(inode, stat);
1449 1455
1450 rcu_read_lock(); 1456 rcu_read_lock();
@@ -1454,8 +1460,9 @@ static int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat
1454 if (task) { 1460 if (task) {
1455 if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) || 1461 if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
1456 task_dumpable(task)) { 1462 task_dumpable(task)) {
1457 stat->uid = task->euid; 1463 cred = __task_cred(task);
1458 stat->gid = task->egid; 1464 stat->uid = cred->euid;
1465 stat->gid = cred->egid;
1459 } 1466 }
1460 } 1467 }
1461 rcu_read_unlock(); 1468 rcu_read_unlock();
@@ -1483,11 +1490,16 @@ static int pid_revalidate(struct dentry *dentry, struct nameidata *nd)
1483{ 1490{
1484 struct inode *inode = dentry->d_inode; 1491 struct inode *inode = dentry->d_inode;
1485 struct task_struct *task = get_proc_task(inode); 1492 struct task_struct *task = get_proc_task(inode);
1493 const struct cred *cred;
1494
1486 if (task) { 1495 if (task) {
1487 if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) || 1496 if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
1488 task_dumpable(task)) { 1497 task_dumpable(task)) {
1489 inode->i_uid = task->euid; 1498 rcu_read_lock();
1490 inode->i_gid = task->egid; 1499 cred = __task_cred(task);
1500 inode->i_uid = cred->euid;
1501 inode->i_gid = cred->egid;
1502 rcu_read_unlock();
1491 } else { 1503 } else {
1492 inode->i_uid = 0; 1504 inode->i_uid = 0;
1493 inode->i_gid = 0; 1505 inode->i_gid = 0;
@@ -1649,6 +1661,7 @@ static int tid_fd_revalidate(struct dentry *dentry, struct nameidata *nd)
1649 struct task_struct *task = get_proc_task(inode); 1661 struct task_struct *task = get_proc_task(inode);
1650 int fd = proc_fd(inode); 1662 int fd = proc_fd(inode);
1651 struct files_struct *files; 1663 struct files_struct *files;
1664 const struct cred *cred;
1652 1665
1653 if (task) { 1666 if (task) {
1654 files = get_files_struct(task); 1667 files = get_files_struct(task);
@@ -1658,8 +1671,11 @@ static int tid_fd_revalidate(struct dentry *dentry, struct nameidata *nd)
1658 rcu_read_unlock(); 1671 rcu_read_unlock();
1659 put_files_struct(files); 1672 put_files_struct(files);
1660 if (task_dumpable(task)) { 1673 if (task_dumpable(task)) {
1661 inode->i_uid = task->euid; 1674 rcu_read_lock();
1662 inode->i_gid = task->egid; 1675 cred = __task_cred(task);
1676 inode->i_uid = cred->euid;
1677 inode->i_gid = cred->egid;
1678 rcu_read_unlock();
1663 } else { 1679 } else {
1664 inode->i_uid = 0; 1680 inode->i_uid = 0;
1665 inode->i_gid = 0; 1681 inode->i_gid = 0;
diff --git a/fs/quota.c b/fs/quota.c
index 7f4386ebc23a..b7fe44e01618 100644
--- a/fs/quota.c
+++ b/fs/quota.c
@@ -79,7 +79,7 @@ static int generic_quotactl_valid(struct super_block *sb, int type, int cmd, qid
79 79
80 /* Check privileges */ 80 /* Check privileges */
81 if (cmd == Q_GETQUOTA) { 81 if (cmd == Q_GETQUOTA) {
82 if (((type == USRQUOTA && current->euid != id) || 82 if (((type == USRQUOTA && current_euid() != id) ||
83 (type == GRPQUOTA && !in_egroup_p(id))) && 83 (type == GRPQUOTA && !in_egroup_p(id))) &&
84 !capable(CAP_SYS_ADMIN)) 84 !capable(CAP_SYS_ADMIN))
85 return -EPERM; 85 return -EPERM;
@@ -130,7 +130,7 @@ static int xqm_quotactl_valid(struct super_block *sb, int type, int cmd, qid_t i
130 130
131 /* Check privileges */ 131 /* Check privileges */
132 if (cmd == Q_XGETQUOTA) { 132 if (cmd == Q_XGETQUOTA) {
133 if (((type == XQM_USRQUOTA && current->euid != id) || 133 if (((type == XQM_USRQUOTA && current_euid() != id) ||
134 (type == XQM_GRPQUOTA && !in_egroup_p(id))) && 134 (type == XQM_GRPQUOTA && !in_egroup_p(id))) &&
135 !capable(CAP_SYS_ADMIN)) 135 !capable(CAP_SYS_ADMIN))
136 return -EPERM; 136 return -EPERM;
diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c
index f031d1c925f0..a83a3518ae33 100644
--- a/fs/ramfs/inode.c
+++ b/fs/ramfs/inode.c
@@ -55,8 +55,8 @@ struct inode *ramfs_get_inode(struct super_block *sb, int mode, dev_t dev)
55 55
56 if (inode) { 56 if (inode) {
57 inode->i_mode = mode; 57 inode->i_mode = mode;
58 inode->i_uid = current->fsuid; 58 inode->i_uid = current_fsuid();
59 inode->i_gid = current->fsgid; 59 inode->i_gid = current_fsgid();
60 inode->i_blocks = 0; 60 inode->i_blocks = 0;
61 inode->i_mapping->a_ops = &ramfs_aops; 61 inode->i_mapping->a_ops = &ramfs_aops;
62 inode->i_mapping->backing_dev_info = &ramfs_backing_dev_info; 62 inode->i_mapping->backing_dev_info = &ramfs_backing_dev_info;
diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c
index f89ebb943f3f..4f322e5ed840 100644
--- a/fs/reiserfs/namei.c
+++ b/fs/reiserfs/namei.c
@@ -573,7 +573,7 @@ static int new_inode_init(struct inode *inode, struct inode *dir, int mode)
573 /* the quota init calls have to know who to charge the quota to, so 573 /* the quota init calls have to know who to charge the quota to, so
574 ** we have to set uid and gid here 574 ** we have to set uid and gid here
575 */ 575 */
576 inode->i_uid = current->fsuid; 576 inode->i_uid = current_fsuid();
577 inode->i_mode = mode; 577 inode->i_mode = mode;
578 /* Make inode invalid - just in case we are going to drop it before 578 /* Make inode invalid - just in case we are going to drop it before
579 * the initialization happens */ 579 * the initialization happens */
@@ -584,7 +584,7 @@ static int new_inode_init(struct inode *inode, struct inode *dir, int mode)
584 if (S_ISDIR(mode)) 584 if (S_ISDIR(mode))
585 inode->i_mode |= S_ISGID; 585 inode->i_mode |= S_ISGID;
586 } else { 586 } else {
587 inode->i_gid = current->fsgid; 587 inode->i_gid = current_fsgid();
588 } 588 }
589 DQUOT_INIT(inode); 589 DQUOT_INIT(inode);
590 return 0; 590 return 0;
diff --git a/fs/smbfs/dir.c b/fs/smbfs/dir.c
index 48da4fa6b7d4..e7ddd0328ddc 100644
--- a/fs/smbfs/dir.c
+++ b/fs/smbfs/dir.c
@@ -667,8 +667,7 @@ smb_make_node(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
667 667
668 attr.ia_valid = ATTR_MODE | ATTR_UID | ATTR_GID; 668 attr.ia_valid = ATTR_MODE | ATTR_UID | ATTR_GID;
669 attr.ia_mode = mode; 669 attr.ia_mode = mode;
670 attr.ia_uid = current->euid; 670 current_euid_egid(&attr.ia_uid, &attr.ia_gid);
671 attr.ia_gid = current->egid;
672 671
673 if (!new_valid_dev(dev)) 672 if (!new_valid_dev(dev))
674 return -EINVAL; 673 return -EINVAL;
diff --git a/fs/smbfs/inode.c b/fs/smbfs/inode.c
index 3528f40ffb0f..fc27fbfc5397 100644
--- a/fs/smbfs/inode.c
+++ b/fs/smbfs/inode.c
@@ -586,7 +586,7 @@ static int smb_fill_super(struct super_block *sb, void *raw_data, int silent)
586 if (parse_options(mnt, raw_data)) 586 if (parse_options(mnt, raw_data))
587 goto out_bad_option; 587 goto out_bad_option;
588 } 588 }
589 mnt->mounted_uid = current->uid; 589 mnt->mounted_uid = current_uid();
590 smb_setcodepage(server, &mnt->codepage); 590 smb_setcodepage(server, &mnt->codepage);
591 591
592 /* 592 /*
diff --git a/fs/smbfs/proc.c b/fs/smbfs/proc.c
index ee536e8a649a..9468168b9af5 100644
--- a/fs/smbfs/proc.c
+++ b/fs/smbfs/proc.c
@@ -864,7 +864,7 @@ smb_newconn(struct smb_sb_info *server, struct smb_conn_opt *opt)
864 goto out; 864 goto out;
865 865
866 error = -EACCES; 866 error = -EACCES;
867 if (current->uid != server->mnt->mounted_uid && 867 if (current_uid() != server->mnt->mounted_uid &&
868 !capable(CAP_SYS_ADMIN)) 868 !capable(CAP_SYS_ADMIN))
869 goto out; 869 goto out;
870 870
diff --git a/fs/sysv/ialloc.c b/fs/sysv/ialloc.c
index 115ab0d6f4bc..241e9765cfad 100644
--- a/fs/sysv/ialloc.c
+++ b/fs/sysv/ialloc.c
@@ -165,9 +165,9 @@ struct inode * sysv_new_inode(const struct inode * dir, mode_t mode)
165 if (S_ISDIR(mode)) 165 if (S_ISDIR(mode))
166 mode |= S_ISGID; 166 mode |= S_ISGID;
167 } else 167 } else
168 inode->i_gid = current->fsgid; 168 inode->i_gid = current_fsgid();
169 169
170 inode->i_uid = current->fsuid; 170 inode->i_uid = current_fsuid();
171 inode->i_ino = fs16_to_cpu(sbi, ino); 171 inode->i_ino = fs16_to_cpu(sbi, ino);
172 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC; 172 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
173 inode->i_blocks = 0; 173 inode->i_blocks = 0;
diff --git a/fs/ubifs/budget.c b/fs/ubifs/budget.c
index 1a4973e10664..4a18f084cc42 100644
--- a/fs/ubifs/budget.c
+++ b/fs/ubifs/budget.c
@@ -363,7 +363,7 @@ long long ubifs_calc_available(const struct ubifs_info *c, int min_idx_lebs)
363 */ 363 */
364static int can_use_rp(struct ubifs_info *c) 364static int can_use_rp(struct ubifs_info *c)
365{ 365{
366 if (current->fsuid == c->rp_uid || capable(CAP_SYS_RESOURCE) || 366 if (current_fsuid() == c->rp_uid || capable(CAP_SYS_RESOURCE) ||
367 (c->rp_gid != 0 && in_group_p(c->rp_gid))) 367 (c->rp_gid != 0 && in_group_p(c->rp_gid)))
368 return 1; 368 return 1;
369 return 0; 369 return 0;
diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
index 0422c98e1793..f448ab1f9c38 100644
--- a/fs/ubifs/dir.c
+++ b/fs/ubifs/dir.c
@@ -104,13 +104,13 @@ struct inode *ubifs_new_inode(struct ubifs_info *c, const struct inode *dir,
104 */ 104 */
105 inode->i_flags |= (S_NOCMTIME); 105 inode->i_flags |= (S_NOCMTIME);
106 106
107 inode->i_uid = current->fsuid; 107 inode->i_uid = current_fsuid();
108 if (dir->i_mode & S_ISGID) { 108 if (dir->i_mode & S_ISGID) {
109 inode->i_gid = dir->i_gid; 109 inode->i_gid = dir->i_gid;
110 if (S_ISDIR(mode)) 110 if (S_ISDIR(mode))
111 mode |= S_ISGID; 111 mode |= S_ISGID;
112 } else 112 } else
113 inode->i_gid = current->fsgid; 113 inode->i_gid = current_fsgid();
114 inode->i_mode = mode; 114 inode->i_mode = mode;
115 inode->i_mtime = inode->i_atime = inode->i_ctime = 115 inode->i_mtime = inode->i_atime = inode->i_ctime =
116 ubifs_current_time(inode); 116 ubifs_current_time(inode);
diff --git a/fs/udf/ialloc.c b/fs/udf/ialloc.c
index a4f2b3ce45b0..31fc84297ddb 100644
--- a/fs/udf/ialloc.c
+++ b/fs/udf/ialloc.c
@@ -126,13 +126,13 @@ struct inode *udf_new_inode(struct inode *dir, int mode, int *err)
126 } 126 }
127 mutex_unlock(&sbi->s_alloc_mutex); 127 mutex_unlock(&sbi->s_alloc_mutex);
128 inode->i_mode = mode; 128 inode->i_mode = mode;
129 inode->i_uid = current->fsuid; 129 inode->i_uid = current_fsuid();
130 if (dir->i_mode & S_ISGID) { 130 if (dir->i_mode & S_ISGID) {
131 inode->i_gid = dir->i_gid; 131 inode->i_gid = dir->i_gid;
132 if (S_ISDIR(mode)) 132 if (S_ISDIR(mode))
133 mode |= S_ISGID; 133 mode |= S_ISGID;
134 } else { 134 } else {
135 inode->i_gid = current->fsgid; 135 inode->i_gid = current_fsgid();
136 } 136 }
137 137
138 iinfo->i_location.logicalBlockNum = block; 138 iinfo->i_location.logicalBlockNum = block;
diff --git a/fs/udf/namei.c b/fs/udf/namei.c
index 082409cd4b8a..f84bfaa8d941 100644
--- a/fs/udf/namei.c
+++ b/fs/udf/namei.c
@@ -604,7 +604,7 @@ static int udf_mknod(struct inode *dir, struct dentry *dentry, int mode,
604 goto out; 604 goto out;
605 605
606 iinfo = UDF_I(inode); 606 iinfo = UDF_I(inode);
607 inode->i_uid = current->fsuid; 607 inode->i_uid = current_fsuid();
608 init_special_inode(inode, mode, rdev); 608 init_special_inode(inode, mode, rdev);
609 fi = udf_add_entry(dir, dentry, &fibh, &cfi, &err); 609 fi = udf_add_entry(dir, dentry, &fibh, &cfi, &err);
610 if (!fi) { 610 if (!fi) {
diff --git a/fs/ufs/ialloc.c b/fs/ufs/ialloc.c
index ac181f6806a3..6f5dcf006096 100644
--- a/fs/ufs/ialloc.c
+++ b/fs/ufs/ialloc.c
@@ -304,13 +304,13 @@ cg_found:
304 304
305 inode->i_ino = cg * uspi->s_ipg + bit; 305 inode->i_ino = cg * uspi->s_ipg + bit;
306 inode->i_mode = mode; 306 inode->i_mode = mode;
307 inode->i_uid = current->fsuid; 307 inode->i_uid = current_fsuid();
308 if (dir->i_mode & S_ISGID) { 308 if (dir->i_mode & S_ISGID) {
309 inode->i_gid = dir->i_gid; 309 inode->i_gid = dir->i_gid;
310 if (S_ISDIR(mode)) 310 if (S_ISDIR(mode))
311 inode->i_mode |= S_ISGID; 311 inode->i_mode |= S_ISGID;
312 } else 312 } else
313 inode->i_gid = current->fsgid; 313 inode->i_gid = current_fsgid();
314 314
315 inode->i_blocks = 0; 315 inode->i_blocks = 0;
316 inode->i_generation = 0; 316 inode->i_generation = 0;
diff --git a/fs/xfs/linux-2.6/xfs_cred.h b/fs/xfs/linux-2.6/xfs_cred.h
index 652721ce0ea5..8c022cd0ad67 100644
--- a/fs/xfs/linux-2.6/xfs_cred.h
+++ b/fs/xfs/linux-2.6/xfs_cred.h
@@ -23,11 +23,9 @@
23/* 23/*
24 * Credentials 24 * Credentials
25 */ 25 */
26typedef struct cred { 26typedef const struct cred cred_t;
27 /* EMPTY */
28} cred_t;
29 27
30extern struct cred *sys_cred; 28extern cred_t *sys_cred;
31 29
32/* this is a hack.. (assumes sys_cred is the only cred_t in the system) */ 30/* this is a hack.. (assumes sys_cred is the only cred_t in the system) */
33static inline int capable_cred(cred_t *cr, int cid) 31static inline int capable_cred(cred_t *cr, int cid)
diff --git a/fs/xfs/linux-2.6/xfs_globals.h b/fs/xfs/linux-2.6/xfs_globals.h
index 2770b0085ee8..6eda8a3eb6f1 100644
--- a/fs/xfs/linux-2.6/xfs_globals.h
+++ b/fs/xfs/linux-2.6/xfs_globals.h
@@ -19,6 +19,6 @@
19#define __XFS_GLOBALS_H__ 19#define __XFS_GLOBALS_H__
20 20
21extern uint64_t xfs_panic_mask; /* set to cause more panics */ 21extern uint64_t xfs_panic_mask; /* set to cause more panics */
22extern struct cred *sys_cred; 22extern cred_t *sys_cred;
23 23
24#endif /* __XFS_GLOBALS_H__ */ 24#endif /* __XFS_GLOBALS_H__ */
diff --git a/fs/xfs/linux-2.6/xfs_ioctl.c b/fs/xfs/linux-2.6/xfs_ioctl.c
index d3438c72dcaf..281cbd5a25cf 100644
--- a/fs/xfs/linux-2.6/xfs_ioctl.c
+++ b/fs/xfs/linux-2.6/xfs_ioctl.c
@@ -256,6 +256,7 @@ xfs_open_by_handle(
256 struct file *parfilp, 256 struct file *parfilp,
257 struct inode *parinode) 257 struct inode *parinode)
258{ 258{
259 const struct cred *cred = current_cred();
259 int error; 260 int error;
260 int new_fd; 261 int new_fd;
261 int permflag; 262 int permflag;
@@ -321,7 +322,7 @@ xfs_open_by_handle(
321 mntget(parfilp->f_path.mnt); 322 mntget(parfilp->f_path.mnt);
322 323
323 /* Create file pointer. */ 324 /* Create file pointer. */
324 filp = dentry_open(dentry, parfilp->f_path.mnt, hreq.oflags); 325 filp = dentry_open(dentry, parfilp->f_path.mnt, hreq.oflags, cred);
325 if (IS_ERR(filp)) { 326 if (IS_ERR(filp)) {
326 put_unused_fd(new_fd); 327 put_unused_fd(new_fd);
327 return -XFS_ERROR(-PTR_ERR(filp)); 328 return -XFS_ERROR(-PTR_ERR(filp));
@@ -1007,7 +1008,7 @@ xfs_ioctl_setattr(
1007 * to the file owner ID, except in cases where the 1008 * to the file owner ID, except in cases where the
1008 * CAP_FSETID capability is applicable. 1009 * CAP_FSETID capability is applicable.
1009 */ 1010 */
1010 if (current->fsuid != ip->i_d.di_uid && !capable(CAP_FOWNER)) { 1011 if (current_fsuid() != ip->i_d.di_uid && !capable(CAP_FOWNER)) {
1011 code = XFS_ERROR(EPERM); 1012 code = XFS_ERROR(EPERM);
1012 goto error_return; 1013 goto error_return;
1013 } 1014 }
diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c
index b2f639a1416f..91d69338d3b2 100644
--- a/fs/xfs/xfs_acl.c
+++ b/fs/xfs/xfs_acl.c
@@ -366,7 +366,7 @@ xfs_acl_allow_set(
366 return ENOTDIR; 366 return ENOTDIR;
367 if (vp->i_sb->s_flags & MS_RDONLY) 367 if (vp->i_sb->s_flags & MS_RDONLY)
368 return EROFS; 368 return EROFS;
369 if (XFS_I(vp)->i_d.di_uid != current->fsuid && !capable(CAP_FOWNER)) 369 if (XFS_I(vp)->i_d.di_uid != current_fsuid() && !capable(CAP_FOWNER))
370 return EPERM; 370 return EPERM;
371 return 0; 371 return 0;
372} 372}
@@ -413,13 +413,13 @@ xfs_acl_access(
413 switch (fap->acl_entry[i].ae_tag) { 413 switch (fap->acl_entry[i].ae_tag) {
414 case ACL_USER_OBJ: 414 case ACL_USER_OBJ:
415 seen_userobj = 1; 415 seen_userobj = 1;
416 if (fuid != current->fsuid) 416 if (fuid != current_fsuid())
417 continue; 417 continue;
418 matched.ae_tag = ACL_USER_OBJ; 418 matched.ae_tag = ACL_USER_OBJ;
419 matched.ae_perm = allows; 419 matched.ae_perm = allows;
420 break; 420 break;
421 case ACL_USER: 421 case ACL_USER:
422 if (fap->acl_entry[i].ae_id != current->fsuid) 422 if (fap->acl_entry[i].ae_id != current_fsuid())
423 continue; 423 continue;
424 matched.ae_tag = ACL_USER; 424 matched.ae_tag = ACL_USER;
425 matched.ae_perm = allows; 425 matched.ae_perm = allows;
diff --git a/fs/xfs/xfs_inode.h b/fs/xfs/xfs_inode.h
index 1420c49674d7..6be310d41daf 100644
--- a/fs/xfs/xfs_inode.h
+++ b/fs/xfs/xfs_inode.h
@@ -497,7 +497,7 @@ int xfs_iread(struct xfs_mount *, struct xfs_trans *, xfs_ino_t,
497 xfs_inode_t **, xfs_daddr_t, uint); 497 xfs_inode_t **, xfs_daddr_t, uint);
498int xfs_iread_extents(struct xfs_trans *, xfs_inode_t *, int); 498int xfs_iread_extents(struct xfs_trans *, xfs_inode_t *, int);
499int xfs_ialloc(struct xfs_trans *, xfs_inode_t *, mode_t, 499int xfs_ialloc(struct xfs_trans *, xfs_inode_t *, mode_t,
500 xfs_nlink_t, xfs_dev_t, struct cred *, xfs_prid_t, 500 xfs_nlink_t, xfs_dev_t, cred_t *, xfs_prid_t,
501 int, struct xfs_buf **, boolean_t *, xfs_inode_t **); 501 int, struct xfs_buf **, boolean_t *, xfs_inode_t **);
502void xfs_dinode_from_disk(struct xfs_icdinode *, 502void xfs_dinode_from_disk(struct xfs_icdinode *,
503 struct xfs_dinode_core *); 503 struct xfs_dinode_core *);
diff --git a/fs/xfs/xfs_vnodeops.h b/fs/xfs/xfs_vnodeops.h
index e932a96bec54..7b0c2ab88333 100644
--- a/fs/xfs/xfs_vnodeops.h
+++ b/fs/xfs/xfs_vnodeops.h
@@ -16,7 +16,7 @@ struct xfs_iomap;
16 16
17int xfs_open(struct xfs_inode *ip); 17int xfs_open(struct xfs_inode *ip);
18int xfs_setattr(struct xfs_inode *ip, struct iattr *vap, int flags, 18int xfs_setattr(struct xfs_inode *ip, struct iattr *vap, int flags,
19 struct cred *credp); 19 cred_t *credp);
20#define XFS_ATTR_DMI 0x01 /* invocation from a DMI function */ 20#define XFS_ATTR_DMI 0x01 /* invocation from a DMI function */
21#define XFS_ATTR_NONBLOCK 0x02 /* return EAGAIN if operation would block */ 21#define XFS_ATTR_NONBLOCK 0x02 /* return EAGAIN if operation would block */
22#define XFS_ATTR_NOLOCK 0x04 /* Don't grab any conflicting locks */ 22#define XFS_ATTR_NOLOCK 0x04 /* Don't grab any conflicting locks */
@@ -28,24 +28,24 @@ int xfs_inactive(struct xfs_inode *ip);
28int xfs_lookup(struct xfs_inode *dp, struct xfs_name *name, 28int xfs_lookup(struct xfs_inode *dp, struct xfs_name *name,
29 struct xfs_inode **ipp, struct xfs_name *ci_name); 29 struct xfs_inode **ipp, struct xfs_name *ci_name);
30int xfs_create(struct xfs_inode *dp, struct xfs_name *name, mode_t mode, 30int xfs_create(struct xfs_inode *dp, struct xfs_name *name, mode_t mode,
31 xfs_dev_t rdev, struct xfs_inode **ipp, struct cred *credp); 31 xfs_dev_t rdev, struct xfs_inode **ipp, cred_t *credp);
32int xfs_remove(struct xfs_inode *dp, struct xfs_name *name, 32int xfs_remove(struct xfs_inode *dp, struct xfs_name *name,
33 struct xfs_inode *ip); 33 struct xfs_inode *ip);
34int xfs_link(struct xfs_inode *tdp, struct xfs_inode *sip, 34int xfs_link(struct xfs_inode *tdp, struct xfs_inode *sip,
35 struct xfs_name *target_name); 35 struct xfs_name *target_name);
36int xfs_mkdir(struct xfs_inode *dp, struct xfs_name *dir_name, 36int xfs_mkdir(struct xfs_inode *dp, struct xfs_name *dir_name,
37 mode_t mode, struct xfs_inode **ipp, struct cred *credp); 37 mode_t mode, struct xfs_inode **ipp, cred_t *credp);
38int xfs_readdir(struct xfs_inode *dp, void *dirent, size_t bufsize, 38int xfs_readdir(struct xfs_inode *dp, void *dirent, size_t bufsize,
39 xfs_off_t *offset, filldir_t filldir); 39 xfs_off_t *offset, filldir_t filldir);
40int xfs_symlink(struct xfs_inode *dp, struct xfs_name *link_name, 40int xfs_symlink(struct xfs_inode *dp, struct xfs_name *link_name,
41 const char *target_path, mode_t mode, struct xfs_inode **ipp, 41 const char *target_path, mode_t mode, struct xfs_inode **ipp,
42 struct cred *credp); 42 cred_t *credp);
43int xfs_inode_flush(struct xfs_inode *ip, int flags); 43int xfs_inode_flush(struct xfs_inode *ip, int flags);
44int xfs_set_dmattrs(struct xfs_inode *ip, u_int evmask, u_int16_t state); 44int xfs_set_dmattrs(struct xfs_inode *ip, u_int evmask, u_int16_t state);
45int xfs_reclaim(struct xfs_inode *ip); 45int xfs_reclaim(struct xfs_inode *ip);
46int xfs_change_file_space(struct xfs_inode *ip, int cmd, 46int xfs_change_file_space(struct xfs_inode *ip, int cmd,
47 xfs_flock64_t *bf, xfs_off_t offset, 47 xfs_flock64_t *bf, xfs_off_t offset,
48 struct cred *credp, int attr_flags); 48 cred_t *credp, int attr_flags);
49int xfs_rename(struct xfs_inode *src_dp, struct xfs_name *src_name, 49int xfs_rename(struct xfs_inode *src_dp, struct xfs_name *src_name,
50 struct xfs_inode *src_ip, struct xfs_inode *target_dp, 50 struct xfs_inode *src_ip, struct xfs_inode *target_dp,
51 struct xfs_name *target_name, struct xfs_inode *target_ip); 51 struct xfs_name *target_name, struct xfs_inode *target_ip);