2 files changed, 19 insertions, 9 deletions

diff --git a/include/linux/key.h b/include/linux/key.h
index cbf464ad9589..8c275d12ef63 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -241,8 +241,9 @@ extern void unregister_key_type(struct key_type *ktype);
 
 extern struct key *key_alloc(struct key_type *type,
                              const char *desc,
-                             uid_t uid, gid_t gid, key_perm_t perm,
-                             int not_in_quota);
+                             uid_t uid, gid_t gid,
+                             struct task_struct *ctx,
+                             key_perm_t perm, int not_in_quota);
 extern int key_payload_reserve(struct key *key, size_t datalen);
 extern int key_instantiate_and_link(struct key *key,
                                     const void *data,
@@ -292,7 +293,9 @@ extern int key_unlink(struct key *keyring,
                       struct key *key);
 
 extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
-                                 int not_in_quota, struct key *dest);
+                                 struct task_struct *ctx,
+                                 int not_in_quota,
+                                 struct key *dest);
 
 extern int keyring_clear(struct key *keyring);
 
@@ -313,7 +316,8 @@ extern void keyring_replace_payload(struct key *key, void *replacement);
  * the userspace interface
  */
 extern struct key root_user_keyring, root_session_keyring;
-extern int alloc_uid_keyring(struct user_struct *user);
+extern int alloc_uid_keyring(struct user_struct *user,
+                             struct task_struct *ctx);
 extern void switch_uid_keyring(struct user_struct *new_user);
 extern int copy_keys(unsigned long clone_flags, struct task_struct *tsk);
 extern int copy_thread_group_keys(struct task_struct *tsk);
@@ -342,7 +346,7 @@ extern void key_init(void);
 #define make_key_ref(k)                 ({ NULL; })
 #define key_ref_to_ptr(k)               ({ NULL; })
 #define is_key_possessed(k)             0
-#define alloc_uid_keyring(u)            0
+#define alloc_uid_keyring(u,c)          0
 #define switch_uid_keyring(u)           do { } while(0)
 #define __install_session_keyring(t, k) ({ NULL; })
 #define copy_keys(f,t)                  0
@@ -355,6 +359,10 @@ extern void key_init(void);
 #define key_fsgid_changed(t)            do { } while(0)
 #define key_init()                      do { } while(0)
 
+/* Initial keyrings */
+extern struct key root_user_keyring;
+extern struct key root_session_keyring;
+
 #endif /* CONFIG_KEYS */
 #endif /* __KERNEL__ */
 #endif /* _LINUX_KEY_H */
diff --git a/include/linux/security.h b/include/linux/security.h
index 4dfb1b84a9b3..47722d355532 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1313,7 +1313,7 @@ struct security_operations {
 
         /* key management security hooks */
 #ifdef CONFIG_KEYS
-        int (*key_alloc)(struct key *key);
+        int (*key_alloc)(struct key *key, struct task_struct *tsk);
         void (*key_free)(struct key *key);
         int (*key_permission)(key_ref_t key_ref,
                               struct task_struct *context,
@@ -3008,9 +3008,10 @@ static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid
 
 #ifdef CONFIG_KEYS
 #ifdef CONFIG_SECURITY
-static inline int security_key_alloc(struct key *key)
+static inline int security_key_alloc(struct key *key,
+                                     struct task_struct *tsk)
 {
-        return security_ops->key_alloc(key);
+        return security_ops->key_alloc(key, tsk);
 }
 
 static inline void security_key_free(struct key *key)
@@ -3027,7 +3028,8 @@ static inline int security_key_permission(key_ref_t key_ref,
 
 #else
 
-static inline int security_key_alloc(struct key *key)
+static inline int security_key_alloc(struct key *key,
+                                     struct task_struct *tsk)
 {
         return 0;
 }