1 files changed, 19 insertions, 0 deletions
diff --git a/kernel/cred.c b/kernel/cred.c
index d7f7a01082eb..dd76cfe5f5b0 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -782,6 +782,25 @@ EXPORT_SYMBOL(set_create_files_as);
 #ifdef CONFIG_DEBUG_CREDENTIALS
+bool creds_are_invalid(const struct cred *cred)
+{
+        if (cred->magic != CRED_MAGIC)
+                return true;
+        if (atomic_read(&cred->usage) < atomic_read(&cred->subscribers))
+                return true;
+#ifdef CONFIG_SECURITY_SELINUX
+        if (selinux_is_enabled()) {
+                if ((unsigned long) cred->security < PAGE_SIZE)
+                        return true;
+                if ((*(u32 *)cred->security & 0xffffff00) ==
+                    (POISON_FREE << 24 | POISON_FREE << 16 | POISON_FREE << 8))
+                        return true;
+        }
+#endif
+        return false;
+}
+EXPORT_SYMBOL(creds_are_invalid);
 /*
 * dump invalid credentials
 */

diff --git a/kernel/cred.c b/kernel/cred.c index d7f7a01082eb..dd76cfe5f5b0 100644 --- a/kernel/cred.c +++ b/kernel/cred.c
@@ -782,6 +782,25 @@ EXPORT_SYMBOL(set_create_files_as);
782		782
783	#ifdef CONFIG_DEBUG_CREDENTIALS	783	#ifdef CONFIG_DEBUG_CREDENTIALS
784		784
		785	bool creds_are_invalid(const struct cred *cred)
		786	{
		787	if (cred->magic != CRED_MAGIC)
		788	return true;
		789	if (atomic_read(&cred->usage) < atomic_read(&cred->subscribers))
		790	return true;
		791	#ifdef CONFIG_SECURITY_SELINUX
		792	if (selinux_is_enabled()) {
		793	if ((unsigned long) cred->security < PAGE_SIZE)
		794	return true;
		795	if (((u32 )cred->security & 0xffffff00) ==
		796	(POISON_FREE << 24 \| POISON_FREE << 16 \| POISON_FREE << 8))
		797	return true;
		798	}
		799	#endif
		800	return false;
		801	}
		802	EXPORT_SYMBOL(creds_are_invalid);
		803
785	/*	804	/*
786	* dump invalid credentials	805	* dump invalid credentials
787	*/	806	*/