diff options
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/auditsc.c | 52 | ||||
-rw-r--r-- | kernel/capability.c | 4 | ||||
-rw-r--r-- | kernel/cgroup.c | 4 | ||||
-rw-r--r-- | kernel/exit.c | 10 | ||||
-rw-r--r-- | kernel/fork.c | 24 | ||||
-rw-r--r-- | kernel/futex.c | 6 | ||||
-rw-r--r-- | kernel/futex_compat.c | 5 | ||||
-rw-r--r-- | kernel/ptrace.c | 19 | ||||
-rw-r--r-- | kernel/sched.c | 10 | ||||
-rw-r--r-- | kernel/signal.c | 16 | ||||
-rw-r--r-- | kernel/sys.c | 266 | ||||
-rw-r--r-- | kernel/trace/trace.c | 2 | ||||
-rw-r--r-- | kernel/tsacct.c | 4 | ||||
-rw-r--r-- | kernel/uid16.c | 28 | ||||
-rw-r--r-- | kernel/user.c | 4 |
15 files changed, 250 insertions, 204 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 9c7e47ae4576..2febf5165fad 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
@@ -447,6 +447,7 @@ static int audit_filter_rules(struct task_struct *tsk, | |||
447 | struct audit_names *name, | 447 | struct audit_names *name, |
448 | enum audit_state *state) | 448 | enum audit_state *state) |
449 | { | 449 | { |
450 | struct cred *cred = tsk->cred; | ||
450 | int i, j, need_sid = 1; | 451 | int i, j, need_sid = 1; |
451 | u32 sid; | 452 | u32 sid; |
452 | 453 | ||
@@ -466,28 +467,28 @@ static int audit_filter_rules(struct task_struct *tsk, | |||
466 | } | 467 | } |
467 | break; | 468 | break; |
468 | case AUDIT_UID: | 469 | case AUDIT_UID: |
469 | result = audit_comparator(tsk->uid, f->op, f->val); | 470 | result = audit_comparator(cred->uid, f->op, f->val); |
470 | break; | 471 | break; |
471 | case AUDIT_EUID: | 472 | case AUDIT_EUID: |
472 | result = audit_comparator(tsk->euid, f->op, f->val); | 473 | result = audit_comparator(cred->euid, f->op, f->val); |
473 | break; | 474 | break; |
474 | case AUDIT_SUID: | 475 | case AUDIT_SUID: |
475 | result = audit_comparator(tsk->suid, f->op, f->val); | 476 | result = audit_comparator(cred->suid, f->op, f->val); |
476 | break; | 477 | break; |
477 | case AUDIT_FSUID: | 478 | case AUDIT_FSUID: |
478 | result = audit_comparator(tsk->fsuid, f->op, f->val); | 479 | result = audit_comparator(cred->fsuid, f->op, f->val); |
479 | break; | 480 | break; |
480 | case AUDIT_GID: | 481 | case AUDIT_GID: |
481 | result = audit_comparator(tsk->gid, f->op, f->val); | 482 | result = audit_comparator(cred->gid, f->op, f->val); |
482 | break; | 483 | break; |
483 | case AUDIT_EGID: | 484 | case AUDIT_EGID: |
484 | result = audit_comparator(tsk->egid, f->op, f->val); | 485 | result = audit_comparator(cred->egid, f->op, f->val); |
485 | break; | 486 | break; |
486 | case AUDIT_SGID: | 487 | case AUDIT_SGID: |
487 | result = audit_comparator(tsk->sgid, f->op, f->val); | 488 | result = audit_comparator(cred->sgid, f->op, f->val); |
488 | break; | 489 | break; |
489 | case AUDIT_FSGID: | 490 | case AUDIT_FSGID: |
490 | result = audit_comparator(tsk->fsgid, f->op, f->val); | 491 | result = audit_comparator(cred->fsgid, f->op, f->val); |
491 | break; | 492 | break; |
492 | case AUDIT_PERS: | 493 | case AUDIT_PERS: |
493 | result = audit_comparator(tsk->personality, f->op, f->val); | 494 | result = audit_comparator(tsk->personality, f->op, f->val); |
@@ -1228,6 +1229,7 @@ static void audit_log_fcaps(struct audit_buffer *ab, struct audit_names *name) | |||
1228 | 1229 | ||
1229 | static void audit_log_exit(struct audit_context *context, struct task_struct *tsk) | 1230 | static void audit_log_exit(struct audit_context *context, struct task_struct *tsk) |
1230 | { | 1231 | { |
1232 | struct cred *cred = tsk->cred; | ||
1231 | int i, call_panic = 0; | 1233 | int i, call_panic = 0; |
1232 | struct audit_buffer *ab; | 1234 | struct audit_buffer *ab; |
1233 | struct audit_aux_data *aux; | 1235 | struct audit_aux_data *aux; |
@@ -1237,14 +1239,14 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
1237 | context->pid = tsk->pid; | 1239 | context->pid = tsk->pid; |
1238 | if (!context->ppid) | 1240 | if (!context->ppid) |
1239 | context->ppid = sys_getppid(); | 1241 | context->ppid = sys_getppid(); |
1240 | context->uid = tsk->uid; | 1242 | context->uid = cred->uid; |
1241 | context->gid = tsk->gid; | 1243 | context->gid = cred->gid; |
1242 | context->euid = tsk->euid; | 1244 | context->euid = cred->euid; |
1243 | context->suid = tsk->suid; | 1245 | context->suid = cred->suid; |
1244 | context->fsuid = tsk->fsuid; | 1246 | context->fsuid = cred->fsuid; |
1245 | context->egid = tsk->egid; | 1247 | context->egid = cred->egid; |
1246 | context->sgid = tsk->sgid; | 1248 | context->sgid = cred->sgid; |
1247 | context->fsgid = tsk->fsgid; | 1249 | context->fsgid = cred->fsgid; |
1248 | context->personality = tsk->personality; | 1250 | context->personality = tsk->personality; |
1249 | 1251 | ||
1250 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL); | 1252 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL); |
@@ -2086,7 +2088,7 @@ int audit_set_loginuid(struct task_struct *task, uid_t loginuid) | |||
2086 | audit_log_format(ab, "login pid=%d uid=%u " | 2088 | audit_log_format(ab, "login pid=%d uid=%u " |
2087 | "old auid=%u new auid=%u" | 2089 | "old auid=%u new auid=%u" |
2088 | " old ses=%u new ses=%u", | 2090 | " old ses=%u new ses=%u", |
2089 | task->pid, task->uid, | 2091 | task->pid, task->cred->uid, |
2090 | task->loginuid, loginuid, | 2092 | task->loginuid, loginuid, |
2091 | task->sessionid, sessionid); | 2093 | task->sessionid, sessionid); |
2092 | audit_log_end(ab); | 2094 | audit_log_end(ab); |
@@ -2469,7 +2471,7 @@ void __audit_ptrace(struct task_struct *t) | |||
2469 | 2471 | ||
2470 | context->target_pid = t->pid; | 2472 | context->target_pid = t->pid; |
2471 | context->target_auid = audit_get_loginuid(t); | 2473 | context->target_auid = audit_get_loginuid(t); |
2472 | context->target_uid = t->uid; | 2474 | context->target_uid = t->cred->uid; |
2473 | context->target_sessionid = audit_get_sessionid(t); | 2475 | context->target_sessionid = audit_get_sessionid(t); |
2474 | security_task_getsecid(t, &context->target_sid); | 2476 | security_task_getsecid(t, &context->target_sid); |
2475 | memcpy(context->target_comm, t->comm, TASK_COMM_LEN); | 2477 | memcpy(context->target_comm, t->comm, TASK_COMM_LEN); |
@@ -2495,7 +2497,7 @@ int __audit_signal_info(int sig, struct task_struct *t) | |||
2495 | if (tsk->loginuid != -1) | 2497 | if (tsk->loginuid != -1) |
2496 | audit_sig_uid = tsk->loginuid; | 2498 | audit_sig_uid = tsk->loginuid; |
2497 | else | 2499 | else |
2498 | audit_sig_uid = tsk->uid; | 2500 | audit_sig_uid = tsk->cred->uid; |
2499 | security_task_getsecid(tsk, &audit_sig_sid); | 2501 | security_task_getsecid(tsk, &audit_sig_sid); |
2500 | } | 2502 | } |
2501 | if (!audit_signals || audit_dummy_context()) | 2503 | if (!audit_signals || audit_dummy_context()) |
@@ -2507,7 +2509,7 @@ int __audit_signal_info(int sig, struct task_struct *t) | |||
2507 | if (!ctx->target_pid) { | 2509 | if (!ctx->target_pid) { |
2508 | ctx->target_pid = t->tgid; | 2510 | ctx->target_pid = t->tgid; |
2509 | ctx->target_auid = audit_get_loginuid(t); | 2511 | ctx->target_auid = audit_get_loginuid(t); |
2510 | ctx->target_uid = t->uid; | 2512 | ctx->target_uid = t->cred->uid; |
2511 | ctx->target_sessionid = audit_get_sessionid(t); | 2513 | ctx->target_sessionid = audit_get_sessionid(t); |
2512 | security_task_getsecid(t, &ctx->target_sid); | 2514 | security_task_getsecid(t, &ctx->target_sid); |
2513 | memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); | 2515 | memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); |
@@ -2528,7 +2530,7 @@ int __audit_signal_info(int sig, struct task_struct *t) | |||
2528 | 2530 | ||
2529 | axp->target_pid[axp->pid_count] = t->tgid; | 2531 | axp->target_pid[axp->pid_count] = t->tgid; |
2530 | axp->target_auid[axp->pid_count] = audit_get_loginuid(t); | 2532 | axp->target_auid[axp->pid_count] = audit_get_loginuid(t); |
2531 | axp->target_uid[axp->pid_count] = t->uid; | 2533 | axp->target_uid[axp->pid_count] = t->cred->uid; |
2532 | axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); | 2534 | axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); |
2533 | security_task_getsecid(t, &axp->target_sid[axp->pid_count]); | 2535 | security_task_getsecid(t, &axp->target_sid[axp->pid_count]); |
2534 | memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); | 2536 | memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); |
@@ -2575,12 +2577,12 @@ void __audit_log_bprm_fcaps(struct linux_binprm *bprm, kernel_cap_t *pP, kernel_ | |||
2575 | ax->fcap_ver = (vcaps.magic_etc & VFS_CAP_REVISION_MASK) >> VFS_CAP_REVISION_SHIFT; | 2577 | ax->fcap_ver = (vcaps.magic_etc & VFS_CAP_REVISION_MASK) >> VFS_CAP_REVISION_SHIFT; |
2576 | 2578 | ||
2577 | ax->old_pcap.permitted = *pP; | 2579 | ax->old_pcap.permitted = *pP; |
2578 | ax->old_pcap.inheritable = current->cap_inheritable; | 2580 | ax->old_pcap.inheritable = current->cred->cap_inheritable; |
2579 | ax->old_pcap.effective = *pE; | 2581 | ax->old_pcap.effective = *pE; |
2580 | 2582 | ||
2581 | ax->new_pcap.permitted = current->cap_permitted; | 2583 | ax->new_pcap.permitted = current->cred->cap_permitted; |
2582 | ax->new_pcap.inheritable = current->cap_inheritable; | 2584 | ax->new_pcap.inheritable = current->cred->cap_inheritable; |
2583 | ax->new_pcap.effective = current->cap_effective; | 2585 | ax->new_pcap.effective = current->cred->cap_effective; |
2584 | } | 2586 | } |
2585 | 2587 | ||
2586 | /** | 2588 | /** |
diff --git a/kernel/capability.c b/kernel/capability.c index 58b00519624a..a404b980b1bd 100644 --- a/kernel/capability.c +++ b/kernel/capability.c | |||
@@ -171,8 +171,8 @@ kernel_cap_t cap_set_effective(const kernel_cap_t pE_new) | |||
171 | 171 | ||
172 | spin_lock(&task_capability_lock); | 172 | spin_lock(&task_capability_lock); |
173 | 173 | ||
174 | pE_old = current->cap_effective; | 174 | pE_old = current->cred->cap_effective; |
175 | current->cap_effective = pE_new; | 175 | current->cred->cap_effective = pE_new; |
176 | 176 | ||
177 | spin_unlock(&task_capability_lock); | 177 | spin_unlock(&task_capability_lock); |
178 | 178 | ||
diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 78f9b310c4f3..e210526e6401 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c | |||
@@ -1293,7 +1293,9 @@ static int attach_task_by_pid(struct cgroup *cgrp, u64 pid) | |||
1293 | rcu_read_unlock(); | 1293 | rcu_read_unlock(); |
1294 | 1294 | ||
1295 | euid = current_euid(); | 1295 | euid = current_euid(); |
1296 | if (euid && euid != tsk->uid && euid != tsk->suid) { | 1296 | if (euid && |
1297 | euid != tsk->cred->uid && | ||
1298 | euid != tsk->cred->suid) { | ||
1297 | put_task_struct(tsk); | 1299 | put_task_struct(tsk); |
1298 | return -EACCES; | 1300 | return -EACCES; |
1299 | } | 1301 | } |
diff --git a/kernel/exit.c b/kernel/exit.c index 80137a5d9467..e0f6e1892fb9 100644 --- a/kernel/exit.c +++ b/kernel/exit.c | |||
@@ -160,7 +160,7 @@ void release_task(struct task_struct * p) | |||
160 | int zap_leader; | 160 | int zap_leader; |
161 | repeat: | 161 | repeat: |
162 | tracehook_prepare_release_task(p); | 162 | tracehook_prepare_release_task(p); |
163 | atomic_dec(&p->user->processes); | 163 | atomic_dec(&p->cred->user->processes); |
164 | proc_flush_task(p); | 164 | proc_flush_task(p); |
165 | write_lock_irq(&tasklist_lock); | 165 | write_lock_irq(&tasklist_lock); |
166 | tracehook_finish_release_task(p); | 166 | tracehook_finish_release_task(p); |
@@ -1272,7 +1272,7 @@ static int wait_task_zombie(struct task_struct *p, int options, | |||
1272 | return 0; | 1272 | return 0; |
1273 | 1273 | ||
1274 | if (unlikely(options & WNOWAIT)) { | 1274 | if (unlikely(options & WNOWAIT)) { |
1275 | uid_t uid = p->uid; | 1275 | uid_t uid = p->cred->uid; |
1276 | int exit_code = p->exit_code; | 1276 | int exit_code = p->exit_code; |
1277 | int why, status; | 1277 | int why, status; |
1278 | 1278 | ||
@@ -1393,7 +1393,7 @@ static int wait_task_zombie(struct task_struct *p, int options, | |||
1393 | if (!retval && infop) | 1393 | if (!retval && infop) |
1394 | retval = put_user(pid, &infop->si_pid); | 1394 | retval = put_user(pid, &infop->si_pid); |
1395 | if (!retval && infop) | 1395 | if (!retval && infop) |
1396 | retval = put_user(p->uid, &infop->si_uid); | 1396 | retval = put_user(p->cred->uid, &infop->si_uid); |
1397 | if (!retval) | 1397 | if (!retval) |
1398 | retval = pid; | 1398 | retval = pid; |
1399 | 1399 | ||
@@ -1458,7 +1458,7 @@ static int wait_task_stopped(int ptrace, struct task_struct *p, | |||
1458 | if (!unlikely(options & WNOWAIT)) | 1458 | if (!unlikely(options & WNOWAIT)) |
1459 | p->exit_code = 0; | 1459 | p->exit_code = 0; |
1460 | 1460 | ||
1461 | uid = p->uid; | 1461 | uid = p->cred->uid; |
1462 | unlock_sig: | 1462 | unlock_sig: |
1463 | spin_unlock_irq(&p->sighand->siglock); | 1463 | spin_unlock_irq(&p->sighand->siglock); |
1464 | if (!exit_code) | 1464 | if (!exit_code) |
@@ -1535,7 +1535,7 @@ static int wait_task_continued(struct task_struct *p, int options, | |||
1535 | spin_unlock_irq(&p->sighand->siglock); | 1535 | spin_unlock_irq(&p->sighand->siglock); |
1536 | 1536 | ||
1537 | pid = task_pid_vnr(p); | 1537 | pid = task_pid_vnr(p); |
1538 | uid = p->uid; | 1538 | uid = p->cred->uid; |
1539 | get_task_struct(p); | 1539 | get_task_struct(p); |
1540 | read_unlock(&tasklist_lock); | 1540 | read_unlock(&tasklist_lock); |
1541 | 1541 | ||
diff --git a/kernel/fork.c b/kernel/fork.c index f6083561dfe0..81fdc7733908 100644 --- a/kernel/fork.c +++ b/kernel/fork.c | |||
@@ -147,8 +147,8 @@ void __put_task_struct(struct task_struct *tsk) | |||
147 | WARN_ON(tsk == current); | 147 | WARN_ON(tsk == current); |
148 | 148 | ||
149 | security_task_free(tsk); | 149 | security_task_free(tsk); |
150 | free_uid(tsk->user); | 150 | free_uid(tsk->__temp_cred.user); |
151 | put_group_info(tsk->group_info); | 151 | put_group_info(tsk->__temp_cred.group_info); |
152 | delayacct_tsk_free(tsk); | 152 | delayacct_tsk_free(tsk); |
153 | 153 | ||
154 | if (!profile_handoff_task(tsk)) | 154 | if (!profile_handoff_task(tsk)) |
@@ -969,17 +969,18 @@ static struct task_struct *copy_process(unsigned long clone_flags, | |||
969 | DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled); | 969 | DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled); |
970 | DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); | 970 | DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); |
971 | #endif | 971 | #endif |
972 | p->cred = &p->__temp_cred; | ||
972 | retval = -EAGAIN; | 973 | retval = -EAGAIN; |
973 | if (atomic_read(&p->user->processes) >= | 974 | if (atomic_read(&p->cred->user->processes) >= |
974 | p->signal->rlim[RLIMIT_NPROC].rlim_cur) { | 975 | p->signal->rlim[RLIMIT_NPROC].rlim_cur) { |
975 | if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) && | 976 | if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) && |
976 | p->user != current->nsproxy->user_ns->root_user) | 977 | p->cred->user != current->nsproxy->user_ns->root_user) |
977 | goto bad_fork_free; | 978 | goto bad_fork_free; |
978 | } | 979 | } |
979 | 980 | ||
980 | atomic_inc(&p->user->__count); | 981 | atomic_inc(&p->cred->user->__count); |
981 | atomic_inc(&p->user->processes); | 982 | atomic_inc(&p->cred->user->processes); |
982 | get_group_info(p->group_info); | 983 | get_group_info(p->cred->group_info); |
983 | 984 | ||
984 | /* | 985 | /* |
985 | * If multiple threads are within copy_process(), then this check | 986 | * If multiple threads are within copy_process(), then this check |
@@ -1035,9 +1036,8 @@ static struct task_struct *copy_process(unsigned long clone_flags, | |||
1035 | p->real_start_time = p->start_time; | 1036 | p->real_start_time = p->start_time; |
1036 | monotonic_to_bootbased(&p->real_start_time); | 1037 | monotonic_to_bootbased(&p->real_start_time); |
1037 | #ifdef CONFIG_SECURITY | 1038 | #ifdef CONFIG_SECURITY |
1038 | p->security = NULL; | 1039 | p->cred->security = NULL; |
1039 | #endif | 1040 | #endif |
1040 | p->cap_bset = current->cap_bset; | ||
1041 | p->io_context = NULL; | 1041 | p->io_context = NULL; |
1042 | p->audit_context = NULL; | 1042 | p->audit_context = NULL; |
1043 | cgroup_fork(p); | 1043 | cgroup_fork(p); |
@@ -1298,9 +1298,9 @@ bad_fork_cleanup_cgroup: | |||
1298 | bad_fork_cleanup_put_domain: | 1298 | bad_fork_cleanup_put_domain: |
1299 | module_put(task_thread_info(p)->exec_domain->module); | 1299 | module_put(task_thread_info(p)->exec_domain->module); |
1300 | bad_fork_cleanup_count: | 1300 | bad_fork_cleanup_count: |
1301 | put_group_info(p->group_info); | 1301 | put_group_info(p->cred->group_info); |
1302 | atomic_dec(&p->user->processes); | 1302 | atomic_dec(&p->cred->user->processes); |
1303 | free_uid(p->user); | 1303 | free_uid(p->cred->user); |
1304 | bad_fork_free: | 1304 | bad_fork_free: |
1305 | free_task(p); | 1305 | free_task(p); |
1306 | fork_out: | 1306 | fork_out: |
diff --git a/kernel/futex.c b/kernel/futex.c index e06962132aaf..28421d8210b8 100644 --- a/kernel/futex.c +++ b/kernel/futex.c | |||
@@ -443,7 +443,8 @@ static struct task_struct * futex_find_get_task(pid_t pid) | |||
443 | 443 | ||
444 | rcu_read_lock(); | 444 | rcu_read_lock(); |
445 | p = find_task_by_vpid(pid); | 445 | p = find_task_by_vpid(pid); |
446 | if (!p || (euid != p->euid && euid != p->uid)) | 446 | if (!p || (euid != p->cred->euid && |
447 | euid != p->cred->uid)) | ||
447 | p = ERR_PTR(-ESRCH); | 448 | p = ERR_PTR(-ESRCH); |
448 | else | 449 | else |
449 | get_task_struct(p); | 450 | get_task_struct(p); |
@@ -1846,7 +1847,8 @@ sys_get_robust_list(int pid, struct robust_list_head __user * __user *head_ptr, | |||
1846 | if (!p) | 1847 | if (!p) |
1847 | goto err_unlock; | 1848 | goto err_unlock; |
1848 | ret = -EPERM; | 1849 | ret = -EPERM; |
1849 | if (euid != p->euid && euid != p->uid && | 1850 | if (euid != p->cred->euid && |
1851 | euid != p->cred->uid && | ||
1850 | !capable(CAP_SYS_PTRACE)) | 1852 | !capable(CAP_SYS_PTRACE)) |
1851 | goto err_unlock; | 1853 | goto err_unlock; |
1852 | head = p->robust_list; | 1854 | head = p->robust_list; |
diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c index 3254d4e41e88..2c3fd5ed34f5 100644 --- a/kernel/futex_compat.c +++ b/kernel/futex_compat.c | |||
@@ -151,8 +151,9 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, | |||
151 | if (!p) | 151 | if (!p) |
152 | goto err_unlock; | 152 | goto err_unlock; |
153 | ret = -EPERM; | 153 | ret = -EPERM; |
154 | if (euid != p->euid && euid != p->uid && | 154 | if (euid != p->cred->euid && |
155 | !capable(CAP_SYS_PTRACE)) | 155 | euid != p->cred->uid && |
156 | !capable(CAP_SYS_PTRACE)) | ||
156 | goto err_unlock; | 157 | goto err_unlock; |
157 | head = p->compat_robust_list; | 158 | head = p->compat_robust_list; |
158 | read_unlock(&tasklist_lock); | 159 | read_unlock(&tasklist_lock); |
diff --git a/kernel/ptrace.c b/kernel/ptrace.c index 937f6b5b2008..49849d12dd12 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c | |||
@@ -115,6 +115,8 @@ int ptrace_check_attach(struct task_struct *child, int kill) | |||
115 | 115 | ||
116 | int __ptrace_may_access(struct task_struct *task, unsigned int mode) | 116 | int __ptrace_may_access(struct task_struct *task, unsigned int mode) |
117 | { | 117 | { |
118 | struct cred *cred = current->cred, *tcred = task->cred; | ||
119 | |||
118 | /* May we inspect the given task? | 120 | /* May we inspect the given task? |
119 | * This check is used both for attaching with ptrace | 121 | * This check is used both for attaching with ptrace |
120 | * and for allowing access to sensitive information in /proc. | 122 | * and for allowing access to sensitive information in /proc. |
@@ -123,19 +125,18 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) | |||
123 | * because setting up the necessary parent/child relationship | 125 | * because setting up the necessary parent/child relationship |
124 | * or halting the specified task is impossible. | 126 | * or halting the specified task is impossible. |
125 | */ | 127 | */ |
126 | uid_t uid; | 128 | uid_t uid = cred->uid; |
127 | gid_t gid; | 129 | gid_t gid = cred->gid; |
128 | int dumpable = 0; | 130 | int dumpable = 0; |
129 | /* Don't let security modules deny introspection */ | 131 | /* Don't let security modules deny introspection */ |
130 | if (task == current) | 132 | if (task == current) |
131 | return 0; | 133 | return 0; |
132 | current_uid_gid(&uid, &gid); | 134 | if ((uid != tcred->euid || |
133 | if ((uid != task->euid || | 135 | uid != tcred->suid || |
134 | uid != task->suid || | 136 | uid != tcred->uid || |
135 | uid != task->uid || | 137 | gid != tcred->egid || |
136 | gid != task->egid || | 138 | gid != tcred->sgid || |
137 | gid != task->sgid || | 139 | gid != tcred->gid) && !capable(CAP_SYS_PTRACE)) |
138 | gid != task->gid) && !capable(CAP_SYS_PTRACE)) | ||
139 | return -EPERM; | 140 | return -EPERM; |
140 | smp_rmb(); | 141 | smp_rmb(); |
141 | if (task->mm) | 142 | if (task->mm) |
diff --git a/kernel/sched.c b/kernel/sched.c index c3b8b1fcde0d..733c59e645aa 100644 --- a/kernel/sched.c +++ b/kernel/sched.c | |||
@@ -345,7 +345,7 @@ static inline struct task_group *task_group(struct task_struct *p) | |||
345 | struct task_group *tg; | 345 | struct task_group *tg; |
346 | 346 | ||
347 | #ifdef CONFIG_USER_SCHED | 347 | #ifdef CONFIG_USER_SCHED |
348 | tg = p->user->tg; | 348 | tg = p->cred->user->tg; |
349 | #elif defined(CONFIG_CGROUP_SCHED) | 349 | #elif defined(CONFIG_CGROUP_SCHED) |
350 | tg = container_of(task_subsys_state(p, cpu_cgroup_subsys_id), | 350 | tg = container_of(task_subsys_state(p, cpu_cgroup_subsys_id), |
351 | struct task_group, css); | 351 | struct task_group, css); |
@@ -5182,8 +5182,8 @@ recheck: | |||
5182 | 5182 | ||
5183 | /* can't change other user's priorities */ | 5183 | /* can't change other user's priorities */ |
5184 | euid = current_euid(); | 5184 | euid = current_euid(); |
5185 | if (euid != p->euid && | 5185 | if (euid != p->cred->euid && |
5186 | euid != p->uid) | 5186 | euid != p->cred->uid) |
5187 | return -EPERM; | 5187 | return -EPERM; |
5188 | } | 5188 | } |
5189 | 5189 | ||
@@ -5417,7 +5417,9 @@ long sched_setaffinity(pid_t pid, const cpumask_t *in_mask) | |||
5417 | 5417 | ||
5418 | euid = current_euid(); | 5418 | euid = current_euid(); |
5419 | retval = -EPERM; | 5419 | retval = -EPERM; |
5420 | if (euid != p->euid && euid != p->uid && !capable(CAP_SYS_NICE)) | 5420 | if (euid != p->cred->euid && |
5421 | euid != p->cred->uid && | ||
5422 | !capable(CAP_SYS_NICE)) | ||
5421 | goto out_unlock; | 5423 | goto out_unlock; |
5422 | 5424 | ||
5423 | retval = security_task_setscheduler(p, 0, NULL); | 5425 | retval = security_task_setscheduler(p, 0, NULL); |
diff --git a/kernel/signal.c b/kernel/signal.c index 167b535fe1a9..80e8a6489f97 100644 --- a/kernel/signal.c +++ b/kernel/signal.c | |||
@@ -187,7 +187,7 @@ static struct sigqueue *__sigqueue_alloc(struct task_struct *t, gfp_t flags, | |||
187 | * In order to avoid problems with "switch_user()", we want to make | 187 | * In order to avoid problems with "switch_user()", we want to make |
188 | * sure that the compiler doesn't re-load "t->user" | 188 | * sure that the compiler doesn't re-load "t->user" |
189 | */ | 189 | */ |
190 | user = t->user; | 190 | user = t->cred->user; |
191 | barrier(); | 191 | barrier(); |
192 | atomic_inc(&user->sigpending); | 192 | atomic_inc(&user->sigpending); |
193 | if (override_rlimit || | 193 | if (override_rlimit || |
@@ -582,8 +582,8 @@ static int check_kill_permission(int sig, struct siginfo *info, | |||
582 | 582 | ||
583 | uid = current_uid(); | 583 | uid = current_uid(); |
584 | euid = current_euid(); | 584 | euid = current_euid(); |
585 | if ((euid ^ t->suid) && (euid ^ t->uid) && | 585 | if ((euid ^ t->cred->suid) && (euid ^ t->cred->uid) && |
586 | (uid ^ t->suid) && (uid ^ t->uid) && | 586 | (uid ^ t->cred->suid) && (uid ^ t->cred->uid) && |
587 | !capable(CAP_KILL)) { | 587 | !capable(CAP_KILL)) { |
588 | switch (sig) { | 588 | switch (sig) { |
589 | case SIGCONT: | 589 | case SIGCONT: |
@@ -1100,8 +1100,8 @@ int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid, | |||
1100 | goto out_unlock; | 1100 | goto out_unlock; |
1101 | } | 1101 | } |
1102 | if ((info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info))) | 1102 | if ((info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info))) |
1103 | && (euid != p->suid) && (euid != p->uid) | 1103 | && (euid != p->cred->suid) && (euid != p->cred->uid) |
1104 | && (uid != p->suid) && (uid != p->uid)) { | 1104 | && (uid != p->cred->suid) && (uid != p->cred->uid)) { |
1105 | ret = -EPERM; | 1105 | ret = -EPERM; |
1106 | goto out_unlock; | 1106 | goto out_unlock; |
1107 | } | 1107 | } |
@@ -1374,7 +1374,7 @@ int do_notify_parent(struct task_struct *tsk, int sig) | |||
1374 | info.si_pid = task_pid_nr_ns(tsk, tsk->parent->nsproxy->pid_ns); | 1374 | info.si_pid = task_pid_nr_ns(tsk, tsk->parent->nsproxy->pid_ns); |
1375 | rcu_read_unlock(); | 1375 | rcu_read_unlock(); |
1376 | 1376 | ||
1377 | info.si_uid = tsk->uid; | 1377 | info.si_uid = tsk->cred->uid; |
1378 | 1378 | ||
1379 | thread_group_cputime(tsk, &cputime); | 1379 | thread_group_cputime(tsk, &cputime); |
1380 | info.si_utime = cputime_to_jiffies(cputime.utime); | 1380 | info.si_utime = cputime_to_jiffies(cputime.utime); |
@@ -1445,7 +1445,7 @@ static void do_notify_parent_cldstop(struct task_struct *tsk, int why) | |||
1445 | info.si_pid = task_pid_nr_ns(tsk, tsk->parent->nsproxy->pid_ns); | 1445 | info.si_pid = task_pid_nr_ns(tsk, tsk->parent->nsproxy->pid_ns); |
1446 | rcu_read_unlock(); | 1446 | rcu_read_unlock(); |
1447 | 1447 | ||
1448 | info.si_uid = tsk->uid; | 1448 | info.si_uid = tsk->cred->uid; |
1449 | 1449 | ||
1450 | info.si_utime = cputime_to_clock_t(tsk->utime); | 1450 | info.si_utime = cputime_to_clock_t(tsk->utime); |
1451 | info.si_stime = cputime_to_clock_t(tsk->stime); | 1451 | info.si_stime = cputime_to_clock_t(tsk->stime); |
@@ -1713,7 +1713,7 @@ static int ptrace_signal(int signr, siginfo_t *info, | |||
1713 | info->si_errno = 0; | 1713 | info->si_errno = 0; |
1714 | info->si_code = SI_USER; | 1714 | info->si_code = SI_USER; |
1715 | info->si_pid = task_pid_vnr(current->parent); | 1715 | info->si_pid = task_pid_vnr(current->parent); |
1716 | info->si_uid = current->parent->uid; | 1716 | info->si_uid = current->parent->cred->uid; |
1717 | } | 1717 | } |
1718 | 1718 | ||
1719 | /* If the (new) signal is now blocked, requeue it. */ | 1719 | /* If the (new) signal is now blocked, requeue it. */ |
diff --git a/kernel/sys.c b/kernel/sys.c index ed5c29c748ac..5d81f07c0150 100644 --- a/kernel/sys.c +++ b/kernel/sys.c | |||
@@ -117,7 +117,9 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) | |||
117 | uid_t euid = current_euid(); | 117 | uid_t euid = current_euid(); |
118 | int no_nice; | 118 | int no_nice; |
119 | 119 | ||
120 | if (p->uid != euid && p->euid != euid && !capable(CAP_SYS_NICE)) { | 120 | if (p->cred->uid != euid && |
121 | p->cred->euid != euid && | ||
122 | !capable(CAP_SYS_NICE)) { | ||
121 | error = -EPERM; | 123 | error = -EPERM; |
122 | goto out; | 124 | goto out; |
123 | } | 125 | } |
@@ -174,7 +176,7 @@ asmlinkage long sys_setpriority(int which, int who, int niceval) | |||
174 | } while_each_pid_thread(pgrp, PIDTYPE_PGID, p); | 176 | } while_each_pid_thread(pgrp, PIDTYPE_PGID, p); |
175 | break; | 177 | break; |
176 | case PRIO_USER: | 178 | case PRIO_USER: |
177 | user = current->user; | 179 | user = current->cred->user; |
178 | if (!who) | 180 | if (!who) |
179 | who = current_uid(); | 181 | who = current_uid(); |
180 | else | 182 | else |
@@ -182,7 +184,7 @@ asmlinkage long sys_setpriority(int which, int who, int niceval) | |||
182 | goto out_unlock; /* No processes for this user */ | 184 | goto out_unlock; /* No processes for this user */ |
183 | 185 | ||
184 | do_each_thread(g, p) | 186 | do_each_thread(g, p) |
185 | if (p->uid == who) | 187 | if (p->cred->uid == who) |
186 | error = set_one_prio(p, niceval, error); | 188 | error = set_one_prio(p, niceval, error); |
187 | while_each_thread(g, p); | 189 | while_each_thread(g, p); |
188 | if (who != current_uid()) | 190 | if (who != current_uid()) |
@@ -236,7 +238,7 @@ asmlinkage long sys_getpriority(int which, int who) | |||
236 | } while_each_pid_thread(pgrp, PIDTYPE_PGID, p); | 238 | } while_each_pid_thread(pgrp, PIDTYPE_PGID, p); |
237 | break; | 239 | break; |
238 | case PRIO_USER: | 240 | case PRIO_USER: |
239 | user = current->user; | 241 | user = current->cred->user; |
240 | if (!who) | 242 | if (!who) |
241 | who = current_uid(); | 243 | who = current_uid(); |
242 | else | 244 | else |
@@ -244,7 +246,7 @@ asmlinkage long sys_getpriority(int which, int who) | |||
244 | goto out_unlock; /* No processes for this user */ | 246 | goto out_unlock; /* No processes for this user */ |
245 | 247 | ||
246 | do_each_thread(g, p) | 248 | do_each_thread(g, p) |
247 | if (p->uid == who) { | 249 | if (p->cred->uid == who) { |
248 | niceval = 20 - task_nice(p); | 250 | niceval = 20 - task_nice(p); |
249 | if (niceval > retval) | 251 | if (niceval > retval) |
250 | retval = niceval; | 252 | retval = niceval; |
@@ -472,8 +474,9 @@ void ctrl_alt_del(void) | |||
472 | */ | 474 | */ |
473 | asmlinkage long sys_setregid(gid_t rgid, gid_t egid) | 475 | asmlinkage long sys_setregid(gid_t rgid, gid_t egid) |
474 | { | 476 | { |
475 | int old_rgid = current->gid; | 477 | struct cred *cred = current->cred; |
476 | int old_egid = current->egid; | 478 | int old_rgid = cred->gid; |
479 | int old_egid = cred->egid; | ||
477 | int new_rgid = old_rgid; | 480 | int new_rgid = old_rgid; |
478 | int new_egid = old_egid; | 481 | int new_egid = old_egid; |
479 | int retval; | 482 | int retval; |
@@ -484,7 +487,7 @@ asmlinkage long sys_setregid(gid_t rgid, gid_t egid) | |||
484 | 487 | ||
485 | if (rgid != (gid_t) -1) { | 488 | if (rgid != (gid_t) -1) { |
486 | if ((old_rgid == rgid) || | 489 | if ((old_rgid == rgid) || |
487 | (current->egid==rgid) || | 490 | (cred->egid == rgid) || |
488 | capable(CAP_SETGID)) | 491 | capable(CAP_SETGID)) |
489 | new_rgid = rgid; | 492 | new_rgid = rgid; |
490 | else | 493 | else |
@@ -492,8 +495,8 @@ asmlinkage long sys_setregid(gid_t rgid, gid_t egid) | |||
492 | } | 495 | } |
493 | if (egid != (gid_t) -1) { | 496 | if (egid != (gid_t) -1) { |
494 | if ((old_rgid == egid) || | 497 | if ((old_rgid == egid) || |
495 | (current->egid == egid) || | 498 | (cred->egid == egid) || |
496 | (current->sgid == egid) || | 499 | (cred->sgid == egid) || |
497 | capable(CAP_SETGID)) | 500 | capable(CAP_SETGID)) |
498 | new_egid = egid; | 501 | new_egid = egid; |
499 | else | 502 | else |
@@ -505,10 +508,10 @@ asmlinkage long sys_setregid(gid_t rgid, gid_t egid) | |||
505 | } | 508 | } |
506 | if (rgid != (gid_t) -1 || | 509 | if (rgid != (gid_t) -1 || |
507 | (egid != (gid_t) -1 && egid != old_rgid)) | 510 | (egid != (gid_t) -1 && egid != old_rgid)) |
508 | current->sgid = new_egid; | 511 | cred->sgid = new_egid; |
509 | current->fsgid = new_egid; | 512 | cred->fsgid = new_egid; |
510 | current->egid = new_egid; | 513 | cred->egid = new_egid; |
511 | current->gid = new_rgid; | 514 | cred->gid = new_rgid; |
512 | key_fsgid_changed(current); | 515 | key_fsgid_changed(current); |
513 | proc_id_connector(current, PROC_EVENT_GID); | 516 | proc_id_connector(current, PROC_EVENT_GID); |
514 | return 0; | 517 | return 0; |
@@ -521,7 +524,8 @@ asmlinkage long sys_setregid(gid_t rgid, gid_t egid) | |||
521 | */ | 524 | */ |
522 | asmlinkage long sys_setgid(gid_t gid) | 525 | asmlinkage long sys_setgid(gid_t gid) |
523 | { | 526 | { |
524 | int old_egid = current->egid; | 527 | struct cred *cred = current->cred; |
528 | int old_egid = cred->egid; | ||
525 | int retval; | 529 | int retval; |
526 | 530 | ||
527 | retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID); | 531 | retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID); |
@@ -533,13 +537,13 @@ asmlinkage long sys_setgid(gid_t gid) | |||
533 | set_dumpable(current->mm, suid_dumpable); | 537 | set_dumpable(current->mm, suid_dumpable); |
534 | smp_wmb(); | 538 | smp_wmb(); |
535 | } | 539 | } |
536 | current->gid = current->egid = current->sgid = current->fsgid = gid; | 540 | cred->gid = cred->egid = cred->sgid = cred->fsgid = gid; |
537 | } else if ((gid == current->gid) || (gid == current->sgid)) { | 541 | } else if ((gid == cred->gid) || (gid == cred->sgid)) { |
538 | if (old_egid != gid) { | 542 | if (old_egid != gid) { |
539 | set_dumpable(current->mm, suid_dumpable); | 543 | set_dumpable(current->mm, suid_dumpable); |
540 | smp_wmb(); | 544 | smp_wmb(); |
541 | } | 545 | } |
542 | current->egid = current->fsgid = gid; | 546 | cred->egid = cred->fsgid = gid; |
543 | } | 547 | } |
544 | else | 548 | else |
545 | return -EPERM; | 549 | return -EPERM; |
@@ -570,7 +574,7 @@ static int set_user(uid_t new_ruid, int dumpclear) | |||
570 | set_dumpable(current->mm, suid_dumpable); | 574 | set_dumpable(current->mm, suid_dumpable); |
571 | smp_wmb(); | 575 | smp_wmb(); |
572 | } | 576 | } |
573 | current->uid = new_ruid; | 577 | current->cred->uid = new_ruid; |
574 | return 0; | 578 | return 0; |
575 | } | 579 | } |
576 | 580 | ||
@@ -591,6 +595,7 @@ static int set_user(uid_t new_ruid, int dumpclear) | |||
591 | */ | 595 | */ |
592 | asmlinkage long sys_setreuid(uid_t ruid, uid_t euid) | 596 | asmlinkage long sys_setreuid(uid_t ruid, uid_t euid) |
593 | { | 597 | { |
598 | struct cred *cred = current->cred; | ||
594 | int old_ruid, old_euid, old_suid, new_ruid, new_euid; | 599 | int old_ruid, old_euid, old_suid, new_ruid, new_euid; |
595 | int retval; | 600 | int retval; |
596 | 601 | ||
@@ -598,14 +603,14 @@ asmlinkage long sys_setreuid(uid_t ruid, uid_t euid) | |||
598 | if (retval) | 603 | if (retval) |
599 | return retval; | 604 | return retval; |
600 | 605 | ||
601 | new_ruid = old_ruid = current->uid; | 606 | new_ruid = old_ruid = cred->uid; |
602 | new_euid = old_euid = current->euid; | 607 | new_euid = old_euid = cred->euid; |
603 | old_suid = current->suid; | 608 | old_suid = cred->suid; |
604 | 609 | ||
605 | if (ruid != (uid_t) -1) { | 610 | if (ruid != (uid_t) -1) { |
606 | new_ruid = ruid; | 611 | new_ruid = ruid; |
607 | if ((old_ruid != ruid) && | 612 | if ((old_ruid != ruid) && |
608 | (current->euid != ruid) && | 613 | (cred->euid != ruid) && |
609 | !capable(CAP_SETUID)) | 614 | !capable(CAP_SETUID)) |
610 | return -EPERM; | 615 | return -EPERM; |
611 | } | 616 | } |
@@ -613,8 +618,8 @@ asmlinkage long sys_setreuid(uid_t ruid, uid_t euid) | |||
613 | if (euid != (uid_t) -1) { | 618 | if (euid != (uid_t) -1) { |
614 | new_euid = euid; | 619 | new_euid = euid; |
615 | if ((old_ruid != euid) && | 620 | if ((old_ruid != euid) && |
616 | (current->euid != euid) && | 621 | (cred->euid != euid) && |
617 | (current->suid != euid) && | 622 | (cred->suid != euid) && |
618 | !capable(CAP_SETUID)) | 623 | !capable(CAP_SETUID)) |
619 | return -EPERM; | 624 | return -EPERM; |
620 | } | 625 | } |
@@ -626,11 +631,11 @@ asmlinkage long sys_setreuid(uid_t ruid, uid_t euid) | |||
626 | set_dumpable(current->mm, suid_dumpable); | 631 | set_dumpable(current->mm, suid_dumpable); |
627 | smp_wmb(); | 632 | smp_wmb(); |
628 | } | 633 | } |
629 | current->fsuid = current->euid = new_euid; | 634 | cred->fsuid = cred->euid = new_euid; |
630 | if (ruid != (uid_t) -1 || | 635 | if (ruid != (uid_t) -1 || |
631 | (euid != (uid_t) -1 && euid != old_ruid)) | 636 | (euid != (uid_t) -1 && euid != old_ruid)) |
632 | current->suid = current->euid; | 637 | cred->suid = cred->euid; |
633 | current->fsuid = current->euid; | 638 | cred->fsuid = cred->euid; |
634 | 639 | ||
635 | key_fsuid_changed(current); | 640 | key_fsuid_changed(current); |
636 | proc_id_connector(current, PROC_EVENT_UID); | 641 | proc_id_connector(current, PROC_EVENT_UID); |
@@ -653,7 +658,8 @@ asmlinkage long sys_setreuid(uid_t ruid, uid_t euid) | |||
653 | */ | 658 | */ |
654 | asmlinkage long sys_setuid(uid_t uid) | 659 | asmlinkage long sys_setuid(uid_t uid) |
655 | { | 660 | { |
656 | int old_euid = current->euid; | 661 | struct cred *cred = current->cred; |
662 | int old_euid = cred->euid; | ||
657 | int old_ruid, old_suid, new_suid; | 663 | int old_ruid, old_suid, new_suid; |
658 | int retval; | 664 | int retval; |
659 | 665 | ||
@@ -661,23 +667,23 @@ asmlinkage long sys_setuid(uid_t uid) | |||
661 | if (retval) | 667 | if (retval) |
662 | return retval; | 668 | return retval; |
663 | 669 | ||
664 | old_ruid = current->uid; | 670 | old_ruid = cred->uid; |
665 | old_suid = current->suid; | 671 | old_suid = cred->suid; |
666 | new_suid = old_suid; | 672 | new_suid = old_suid; |
667 | 673 | ||
668 | if (capable(CAP_SETUID)) { | 674 | if (capable(CAP_SETUID)) { |
669 | if (uid != old_ruid && set_user(uid, old_euid != uid) < 0) | 675 | if (uid != old_ruid && set_user(uid, old_euid != uid) < 0) |
670 | return -EAGAIN; | 676 | return -EAGAIN; |
671 | new_suid = uid; | 677 | new_suid = uid; |
672 | } else if ((uid != current->uid) && (uid != new_suid)) | 678 | } else if ((uid != cred->uid) && (uid != new_suid)) |
673 | return -EPERM; | 679 | return -EPERM; |
674 | 680 | ||
675 | if (old_euid != uid) { | 681 | if (old_euid != uid) { |
676 | set_dumpable(current->mm, suid_dumpable); | 682 | set_dumpable(current->mm, suid_dumpable); |
677 | smp_wmb(); | 683 | smp_wmb(); |
678 | } | 684 | } |
679 | current->fsuid = current->euid = uid; | 685 | cred->fsuid = cred->euid = uid; |
680 | current->suid = new_suid; | 686 | cred->suid = new_suid; |
681 | 687 | ||
682 | key_fsuid_changed(current); | 688 | key_fsuid_changed(current); |
683 | proc_id_connector(current, PROC_EVENT_UID); | 689 | proc_id_connector(current, PROC_EVENT_UID); |
@@ -692,9 +698,10 @@ asmlinkage long sys_setuid(uid_t uid) | |||
692 | */ | 698 | */ |
693 | asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) | 699 | asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) |
694 | { | 700 | { |
695 | int old_ruid = current->uid; | 701 | struct cred *cred = current->cred; |
696 | int old_euid = current->euid; | 702 | int old_ruid = cred->uid; |
697 | int old_suid = current->suid; | 703 | int old_euid = cred->euid; |
704 | int old_suid = cred->suid; | ||
698 | int retval; | 705 | int retval; |
699 | 706 | ||
700 | retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES); | 707 | retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES); |
@@ -702,30 +709,31 @@ asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) | |||
702 | return retval; | 709 | return retval; |
703 | 710 | ||
704 | if (!capable(CAP_SETUID)) { | 711 | if (!capable(CAP_SETUID)) { |
705 | if ((ruid != (uid_t) -1) && (ruid != current->uid) && | 712 | if ((ruid != (uid_t) -1) && (ruid != cred->uid) && |
706 | (ruid != current->euid) && (ruid != current->suid)) | 713 | (ruid != cred->euid) && (ruid != cred->suid)) |
707 | return -EPERM; | 714 | return -EPERM; |
708 | if ((euid != (uid_t) -1) && (euid != current->uid) && | 715 | if ((euid != (uid_t) -1) && (euid != cred->uid) && |
709 | (euid != current->euid) && (euid != current->suid)) | 716 | (euid != cred->euid) && (euid != cred->suid)) |
710 | return -EPERM; | 717 | return -EPERM; |
711 | if ((suid != (uid_t) -1) && (suid != current->uid) && | 718 | if ((suid != (uid_t) -1) && (suid != cred->uid) && |
712 | (suid != current->euid) && (suid != current->suid)) | 719 | (suid != cred->euid) && (suid != cred->suid)) |
713 | return -EPERM; | 720 | return -EPERM; |
714 | } | 721 | } |
715 | if (ruid != (uid_t) -1) { | 722 | if (ruid != (uid_t) -1) { |
716 | if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0) | 723 | if (ruid != cred->uid && |
724 | set_user(ruid, euid != cred->euid) < 0) | ||
717 | return -EAGAIN; | 725 | return -EAGAIN; |
718 | } | 726 | } |
719 | if (euid != (uid_t) -1) { | 727 | if (euid != (uid_t) -1) { |
720 | if (euid != current->euid) { | 728 | if (euid != cred->euid) { |
721 | set_dumpable(current->mm, suid_dumpable); | 729 | set_dumpable(current->mm, suid_dumpable); |
722 | smp_wmb(); | 730 | smp_wmb(); |
723 | } | 731 | } |
724 | current->euid = euid; | 732 | cred->euid = euid; |
725 | } | 733 | } |
726 | current->fsuid = current->euid; | 734 | cred->fsuid = cred->euid; |
727 | if (suid != (uid_t) -1) | 735 | if (suid != (uid_t) -1) |
728 | current->suid = suid; | 736 | cred->suid = suid; |
729 | 737 | ||
730 | key_fsuid_changed(current); | 738 | key_fsuid_changed(current); |
731 | proc_id_connector(current, PROC_EVENT_UID); | 739 | proc_id_connector(current, PROC_EVENT_UID); |
@@ -735,11 +743,12 @@ asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) | |||
735 | 743 | ||
736 | asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid) | 744 | asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid) |
737 | { | 745 | { |
746 | struct cred *cred = current->cred; | ||
738 | int retval; | 747 | int retval; |
739 | 748 | ||
740 | if (!(retval = put_user(current->uid, ruid)) && | 749 | if (!(retval = put_user(cred->uid, ruid)) && |
741 | !(retval = put_user(current->euid, euid))) | 750 | !(retval = put_user(cred->euid, euid))) |
742 | retval = put_user(current->suid, suid); | 751 | retval = put_user(cred->suid, suid); |
743 | 752 | ||
744 | return retval; | 753 | return retval; |
745 | } | 754 | } |
@@ -749,6 +758,7 @@ asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __us | |||
749 | */ | 758 | */ |
750 | asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid) | 759 | asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid) |
751 | { | 760 | { |
761 | struct cred *cred = current->cred; | ||
752 | int retval; | 762 | int retval; |
753 | 763 | ||
754 | retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES); | 764 | retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES); |
@@ -756,28 +766,28 @@ asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid) | |||
756 | return retval; | 766 | return retval; |
757 | 767 | ||
758 | if (!capable(CAP_SETGID)) { | 768 | if (!capable(CAP_SETGID)) { |
759 | if ((rgid != (gid_t) -1) && (rgid != current->gid) && | 769 | if ((rgid != (gid_t) -1) && (rgid != cred->gid) && |
760 | (rgid != current->egid) && (rgid != current->sgid)) | 770 | (rgid != cred->egid) && (rgid != cred->sgid)) |
761 | return -EPERM; | 771 | return -EPERM; |
762 | if ((egid != (gid_t) -1) && (egid != current->gid) && | 772 | if ((egid != (gid_t) -1) && (egid != cred->gid) && |
763 | (egid != current->egid) && (egid != current->sgid)) | 773 | (egid != cred->egid) && (egid != cred->sgid)) |
764 | return -EPERM; | 774 | return -EPERM; |
765 | if ((sgid != (gid_t) -1) && (sgid != current->gid) && | 775 | if ((sgid != (gid_t) -1) && (sgid != cred->gid) && |
766 | (sgid != current->egid) && (sgid != current->sgid)) | 776 | (sgid != cred->egid) && (sgid != cred->sgid)) |
767 | return -EPERM; | 777 | return -EPERM; |
768 | } | 778 | } |
769 | if (egid != (gid_t) -1) { | 779 | if (egid != (gid_t) -1) { |
770 | if (egid != current->egid) { | 780 | if (egid != cred->egid) { |
771 | set_dumpable(current->mm, suid_dumpable); | 781 | set_dumpable(current->mm, suid_dumpable); |
772 | smp_wmb(); | 782 | smp_wmb(); |
773 | } | 783 | } |
774 | current->egid = egid; | 784 | cred->egid = egid; |
775 | } | 785 | } |
776 | current->fsgid = current->egid; | 786 | cred->fsgid = cred->egid; |
777 | if (rgid != (gid_t) -1) | 787 | if (rgid != (gid_t) -1) |
778 | current->gid = rgid; | 788 | cred->gid = rgid; |
779 | if (sgid != (gid_t) -1) | 789 | if (sgid != (gid_t) -1) |
780 | current->sgid = sgid; | 790 | cred->sgid = sgid; |
781 | 791 | ||
782 | key_fsgid_changed(current); | 792 | key_fsgid_changed(current); |
783 | proc_id_connector(current, PROC_EVENT_GID); | 793 | proc_id_connector(current, PROC_EVENT_GID); |
@@ -786,11 +796,12 @@ asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid) | |||
786 | 796 | ||
787 | asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid) | 797 | asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid) |
788 | { | 798 | { |
799 | struct cred *cred = current->cred; | ||
789 | int retval; | 800 | int retval; |
790 | 801 | ||
791 | if (!(retval = put_user(current->gid, rgid)) && | 802 | if (!(retval = put_user(cred->gid, rgid)) && |
792 | !(retval = put_user(current->egid, egid))) | 803 | !(retval = put_user(cred->egid, egid))) |
793 | retval = put_user(current->sgid, sgid); | 804 | retval = put_user(cred->sgid, sgid); |
794 | 805 | ||
795 | return retval; | 806 | return retval; |
796 | } | 807 | } |
@@ -804,20 +815,21 @@ asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __us | |||
804 | */ | 815 | */ |
805 | asmlinkage long sys_setfsuid(uid_t uid) | 816 | asmlinkage long sys_setfsuid(uid_t uid) |
806 | { | 817 | { |
818 | struct cred *cred = current->cred; | ||
807 | int old_fsuid; | 819 | int old_fsuid; |
808 | 820 | ||
809 | old_fsuid = current->fsuid; | 821 | old_fsuid = cred->fsuid; |
810 | if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS)) | 822 | if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS)) |
811 | return old_fsuid; | 823 | return old_fsuid; |
812 | 824 | ||
813 | if (uid == current->uid || uid == current->euid || | 825 | if (uid == cred->uid || uid == cred->euid || |
814 | uid == current->suid || uid == current->fsuid || | 826 | uid == cred->suid || uid == cred->fsuid || |
815 | capable(CAP_SETUID)) { | 827 | capable(CAP_SETUID)) { |
816 | if (uid != old_fsuid) { | 828 | if (uid != old_fsuid) { |
817 | set_dumpable(current->mm, suid_dumpable); | 829 | set_dumpable(current->mm, suid_dumpable); |
818 | smp_wmb(); | 830 | smp_wmb(); |
819 | } | 831 | } |
820 | current->fsuid = uid; | 832 | cred->fsuid = uid; |
821 | } | 833 | } |
822 | 834 | ||
823 | key_fsuid_changed(current); | 835 | key_fsuid_changed(current); |
@@ -833,20 +845,21 @@ asmlinkage long sys_setfsuid(uid_t uid) | |||
833 | */ | 845 | */ |
834 | asmlinkage long sys_setfsgid(gid_t gid) | 846 | asmlinkage long sys_setfsgid(gid_t gid) |
835 | { | 847 | { |
848 | struct cred *cred = current->cred; | ||
836 | int old_fsgid; | 849 | int old_fsgid; |
837 | 850 | ||
838 | old_fsgid = current->fsgid; | 851 | old_fsgid = cred->fsgid; |
839 | if (security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS)) | 852 | if (security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS)) |
840 | return old_fsgid; | 853 | return old_fsgid; |
841 | 854 | ||
842 | if (gid == current->gid || gid == current->egid || | 855 | if (gid == cred->gid || gid == cred->egid || |
843 | gid == current->sgid || gid == current->fsgid || | 856 | gid == cred->sgid || gid == cred->fsgid || |
844 | capable(CAP_SETGID)) { | 857 | capable(CAP_SETGID)) { |
845 | if (gid != old_fsgid) { | 858 | if (gid != old_fsgid) { |
846 | set_dumpable(current->mm, suid_dumpable); | 859 | set_dumpable(current->mm, suid_dumpable); |
847 | smp_wmb(); | 860 | smp_wmb(); |
848 | } | 861 | } |
849 | current->fsgid = gid; | 862 | cred->fsgid = gid; |
850 | key_fsgid_changed(current); | 863 | key_fsgid_changed(current); |
851 | proc_id_connector(current, PROC_EVENT_GID); | 864 | proc_id_connector(current, PROC_EVENT_GID); |
852 | } | 865 | } |
@@ -1208,8 +1221,15 @@ int groups_search(struct group_info *group_info, gid_t grp) | |||
1208 | return 0; | 1221 | return 0; |
1209 | } | 1222 | } |
1210 | 1223 | ||
1211 | /* validate and set current->group_info */ | 1224 | /** |
1212 | int set_current_groups(struct group_info *group_info) | 1225 | * set_groups - Change a group subscription in a security record |
1226 | * @sec: The security record to alter | ||
1227 | * @group_info: The group list to impose | ||
1228 | * | ||
1229 | * Validate a group subscription and, if valid, impose it upon a task security | ||
1230 | * record. | ||
1231 | */ | ||
1232 | int set_groups(struct cred *cred, struct group_info *group_info) | ||
1213 | { | 1233 | { |
1214 | int retval; | 1234 | int retval; |
1215 | struct group_info *old_info; | 1235 | struct group_info *old_info; |
@@ -1221,20 +1241,34 @@ int set_current_groups(struct group_info *group_info) | |||
1221 | groups_sort(group_info); | 1241 | groups_sort(group_info); |
1222 | get_group_info(group_info); | 1242 | get_group_info(group_info); |
1223 | 1243 | ||
1224 | task_lock(current); | 1244 | spin_lock(&cred->lock); |
1225 | old_info = current->group_info; | 1245 | old_info = cred->group_info; |
1226 | current->group_info = group_info; | 1246 | cred->group_info = group_info; |
1227 | task_unlock(current); | 1247 | spin_unlock(&cred->lock); |
1228 | 1248 | ||
1229 | put_group_info(old_info); | 1249 | put_group_info(old_info); |
1230 | |||
1231 | return 0; | 1250 | return 0; |
1232 | } | 1251 | } |
1233 | 1252 | ||
1253 | EXPORT_SYMBOL(set_groups); | ||
1254 | |||
1255 | /** | ||
1256 | * set_current_groups - Change current's group subscription | ||
1257 | * @group_info: The group list to impose | ||
1258 | * | ||
1259 | * Validate a group subscription and, if valid, impose it upon current's task | ||
1260 | * security record. | ||
1261 | */ | ||
1262 | int set_current_groups(struct group_info *group_info) | ||
1263 | { | ||
1264 | return set_groups(current->cred, group_info); | ||
1265 | } | ||
1266 | |||
1234 | EXPORT_SYMBOL(set_current_groups); | 1267 | EXPORT_SYMBOL(set_current_groups); |
1235 | 1268 | ||
1236 | asmlinkage long sys_getgroups(int gidsetsize, gid_t __user *grouplist) | 1269 | asmlinkage long sys_getgroups(int gidsetsize, gid_t __user *grouplist) |
1237 | { | 1270 | { |
1271 | struct cred *cred = current->cred; | ||
1238 | int i = 0; | 1272 | int i = 0; |
1239 | 1273 | ||
1240 | /* | 1274 | /* |
@@ -1246,13 +1280,13 @@ asmlinkage long sys_getgroups(int gidsetsize, gid_t __user *grouplist) | |||
1246 | return -EINVAL; | 1280 | return -EINVAL; |
1247 | 1281 | ||
1248 | /* no need to grab task_lock here; it cannot change */ | 1282 | /* no need to grab task_lock here; it cannot change */ |
1249 | i = current->group_info->ngroups; | 1283 | i = cred->group_info->ngroups; |
1250 | if (gidsetsize) { | 1284 | if (gidsetsize) { |
1251 | if (i > gidsetsize) { | 1285 | if (i > gidsetsize) { |
1252 | i = -EINVAL; | 1286 | i = -EINVAL; |
1253 | goto out; | 1287 | goto out; |
1254 | } | 1288 | } |
1255 | if (groups_to_user(grouplist, current->group_info)) { | 1289 | if (groups_to_user(grouplist, cred->group_info)) { |
1256 | i = -EFAULT; | 1290 | i = -EFAULT; |
1257 | goto out; | 1291 | goto out; |
1258 | } | 1292 | } |
@@ -1296,9 +1330,10 @@ asmlinkage long sys_setgroups(int gidsetsize, gid_t __user *grouplist) | |||
1296 | */ | 1330 | */ |
1297 | int in_group_p(gid_t grp) | 1331 | int in_group_p(gid_t grp) |
1298 | { | 1332 | { |
1333 | struct cred *cred = current->cred; | ||
1299 | int retval = 1; | 1334 | int retval = 1; |
1300 | if (grp != current->fsgid) | 1335 | if (grp != cred->fsgid) |
1301 | retval = groups_search(current->group_info, grp); | 1336 | retval = groups_search(cred->group_info, grp); |
1302 | return retval; | 1337 | return retval; |
1303 | } | 1338 | } |
1304 | 1339 | ||
@@ -1306,9 +1341,10 @@ EXPORT_SYMBOL(in_group_p); | |||
1306 | 1341 | ||
1307 | int in_egroup_p(gid_t grp) | 1342 | int in_egroup_p(gid_t grp) |
1308 | { | 1343 | { |
1344 | struct cred *cred = current->cred; | ||
1309 | int retval = 1; | 1345 | int retval = 1; |
1310 | if (grp != current->egid) | 1346 | if (grp != cred->egid) |
1311 | retval = groups_search(current->group_info, grp); | 1347 | retval = groups_search(cred->group_info, grp); |
1312 | return retval; | 1348 | return retval; |
1313 | } | 1349 | } |
1314 | 1350 | ||
@@ -1624,7 +1660,9 @@ asmlinkage long sys_umask(int mask) | |||
1624 | asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3, | 1660 | asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3, |
1625 | unsigned long arg4, unsigned long arg5) | 1661 | unsigned long arg4, unsigned long arg5) |
1626 | { | 1662 | { |
1627 | long error = 0; | 1663 | struct task_struct *me = current; |
1664 | unsigned char comm[sizeof(me->comm)]; | ||
1665 | long error; | ||
1628 | 1666 | ||
1629 | if (security_task_prctl(option, arg2, arg3, arg4, arg5, &error)) | 1667 | if (security_task_prctl(option, arg2, arg3, arg4, arg5, &error)) |
1630 | return error; | 1668 | return error; |
@@ -1635,39 +1673,41 @@ asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3, | |||
1635 | error = -EINVAL; | 1673 | error = -EINVAL; |
1636 | break; | 1674 | break; |
1637 | } | 1675 | } |
1638 | current->pdeath_signal = arg2; | 1676 | me->pdeath_signal = arg2; |
1677 | error = 0; | ||
1639 | break; | 1678 | break; |
1640 | case PR_GET_PDEATHSIG: | 1679 | case PR_GET_PDEATHSIG: |
1641 | error = put_user(current->pdeath_signal, (int __user *)arg2); | 1680 | error = put_user(me->pdeath_signal, (int __user *)arg2); |
1642 | break; | 1681 | break; |
1643 | case PR_GET_DUMPABLE: | 1682 | case PR_GET_DUMPABLE: |
1644 | error = get_dumpable(current->mm); | 1683 | error = get_dumpable(me->mm); |
1645 | break; | 1684 | break; |
1646 | case PR_SET_DUMPABLE: | 1685 | case PR_SET_DUMPABLE: |
1647 | if (arg2 < 0 || arg2 > 1) { | 1686 | if (arg2 < 0 || arg2 > 1) { |
1648 | error = -EINVAL; | 1687 | error = -EINVAL; |
1649 | break; | 1688 | break; |
1650 | } | 1689 | } |
1651 | set_dumpable(current->mm, arg2); | 1690 | set_dumpable(me->mm, arg2); |
1691 | error = 0; | ||
1652 | break; | 1692 | break; |
1653 | 1693 | ||
1654 | case PR_SET_UNALIGN: | 1694 | case PR_SET_UNALIGN: |
1655 | error = SET_UNALIGN_CTL(current, arg2); | 1695 | error = SET_UNALIGN_CTL(me, arg2); |
1656 | break; | 1696 | break; |
1657 | case PR_GET_UNALIGN: | 1697 | case PR_GET_UNALIGN: |
1658 | error = GET_UNALIGN_CTL(current, arg2); | 1698 | error = GET_UNALIGN_CTL(me, arg2); |
1659 | break; | 1699 | break; |
1660 | case PR_SET_FPEMU: | 1700 | case PR_SET_FPEMU: |
1661 | error = SET_FPEMU_CTL(current, arg2); | 1701 | error = SET_FPEMU_CTL(me, arg2); |
1662 | break; | 1702 | break; |
1663 | case PR_GET_FPEMU: | 1703 | case PR_GET_FPEMU: |
1664 | error = GET_FPEMU_CTL(current, arg2); | 1704 | error = GET_FPEMU_CTL(me, arg2); |
1665 | break; | 1705 | break; |
1666 | case PR_SET_FPEXC: | 1706 | case PR_SET_FPEXC: |
1667 | error = SET_FPEXC_CTL(current, arg2); | 1707 | error = SET_FPEXC_CTL(me, arg2); |
1668 | break; | 1708 | break; |
1669 | case PR_GET_FPEXC: | 1709 | case PR_GET_FPEXC: |
1670 | error = GET_FPEXC_CTL(current, arg2); | 1710 | error = GET_FPEXC_CTL(me, arg2); |
1671 | break; | 1711 | break; |
1672 | case PR_GET_TIMING: | 1712 | case PR_GET_TIMING: |
1673 | error = PR_TIMING_STATISTICAL; | 1713 | error = PR_TIMING_STATISTICAL; |
@@ -1675,33 +1715,28 @@ asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3, | |||
1675 | case PR_SET_TIMING: | 1715 | case PR_SET_TIMING: |
1676 | if (arg2 != PR_TIMING_STATISTICAL) | 1716 | if (arg2 != PR_TIMING_STATISTICAL) |
1677 | error = -EINVAL; | 1717 | error = -EINVAL; |
1718 | else | ||
1719 | error = 0; | ||
1678 | break; | 1720 | break; |
1679 | 1721 | ||
1680 | case PR_SET_NAME: { | 1722 | case PR_SET_NAME: |
1681 | struct task_struct *me = current; | 1723 | comm[sizeof(me->comm)-1] = 0; |
1682 | unsigned char ncomm[sizeof(me->comm)]; | 1724 | if (strncpy_from_user(comm, (char __user *)arg2, |
1683 | 1725 | sizeof(me->comm) - 1) < 0) | |
1684 | ncomm[sizeof(me->comm)-1] = 0; | ||
1685 | if (strncpy_from_user(ncomm, (char __user *)arg2, | ||
1686 | sizeof(me->comm)-1) < 0) | ||
1687 | return -EFAULT; | 1726 | return -EFAULT; |
1688 | set_task_comm(me, ncomm); | 1727 | set_task_comm(me, comm); |
1689 | return 0; | 1728 | return 0; |
1690 | } | 1729 | case PR_GET_NAME: |
1691 | case PR_GET_NAME: { | 1730 | get_task_comm(comm, me); |
1692 | struct task_struct *me = current; | 1731 | if (copy_to_user((char __user *)arg2, comm, |
1693 | unsigned char tcomm[sizeof(me->comm)]; | 1732 | sizeof(comm))) |
1694 | |||
1695 | get_task_comm(tcomm, me); | ||
1696 | if (copy_to_user((char __user *)arg2, tcomm, sizeof(tcomm))) | ||
1697 | return -EFAULT; | 1733 | return -EFAULT; |
1698 | return 0; | 1734 | return 0; |
1699 | } | ||
1700 | case PR_GET_ENDIAN: | 1735 | case PR_GET_ENDIAN: |
1701 | error = GET_ENDIAN(current, arg2); | 1736 | error = GET_ENDIAN(me, arg2); |
1702 | break; | 1737 | break; |
1703 | case PR_SET_ENDIAN: | 1738 | case PR_SET_ENDIAN: |
1704 | error = SET_ENDIAN(current, arg2); | 1739 | error = SET_ENDIAN(me, arg2); |
1705 | break; | 1740 | break; |
1706 | 1741 | ||
1707 | case PR_GET_SECCOMP: | 1742 | case PR_GET_SECCOMP: |
@@ -1725,6 +1760,7 @@ asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3, | |||
1725 | current->default_timer_slack_ns; | 1760 | current->default_timer_slack_ns; |
1726 | else | 1761 | else |
1727 | current->timer_slack_ns = arg2; | 1762 | current->timer_slack_ns = arg2; |
1763 | error = 0; | ||
1728 | break; | 1764 | break; |
1729 | default: | 1765 | default: |
1730 | error = -EINVAL; | 1766 | error = -EINVAL; |
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 9f3b478f9171..5c97c5b4ea8f 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c | |||
@@ -246,7 +246,7 @@ __update_max_tr(struct trace_array *tr, struct task_struct *tsk, int cpu) | |||
246 | 246 | ||
247 | memcpy(data->comm, tsk->comm, TASK_COMM_LEN); | 247 | memcpy(data->comm, tsk->comm, TASK_COMM_LEN); |
248 | data->pid = tsk->pid; | 248 | data->pid = tsk->pid; |
249 | data->uid = tsk->uid; | 249 | data->uid = task_uid(tsk); |
250 | data->nice = tsk->static_prio - 20 - MAX_RT_PRIO; | 250 | data->nice = tsk->static_prio - 20 - MAX_RT_PRIO; |
251 | data->policy = tsk->policy; | 251 | data->policy = tsk->policy; |
252 | data->rt_priority = tsk->rt_priority; | 252 | data->rt_priority = tsk->rt_priority; |
diff --git a/kernel/tsacct.c b/kernel/tsacct.c index 8ebcd8532dfb..6d1ed07bf312 100644 --- a/kernel/tsacct.c +++ b/kernel/tsacct.c | |||
@@ -53,8 +53,8 @@ void bacct_add_tsk(struct taskstats *stats, struct task_struct *tsk) | |||
53 | stats->ac_flag |= AXSIG; | 53 | stats->ac_flag |= AXSIG; |
54 | stats->ac_nice = task_nice(tsk); | 54 | stats->ac_nice = task_nice(tsk); |
55 | stats->ac_sched = tsk->policy; | 55 | stats->ac_sched = tsk->policy; |
56 | stats->ac_uid = tsk->uid; | 56 | stats->ac_uid = tsk->cred->uid; |
57 | stats->ac_gid = tsk->gid; | 57 | stats->ac_gid = tsk->cred->gid; |
58 | stats->ac_pid = tsk->pid; | 58 | stats->ac_pid = tsk->pid; |
59 | rcu_read_lock(); | 59 | rcu_read_lock(); |
60 | stats->ac_ppid = pid_alive(tsk) ? | 60 | stats->ac_ppid = pid_alive(tsk) ? |
diff --git a/kernel/uid16.c b/kernel/uid16.c index 3e41c1673e2f..71f07fc39fea 100644 --- a/kernel/uid16.c +++ b/kernel/uid16.c | |||
@@ -86,9 +86,9 @@ asmlinkage long sys_getresuid16(old_uid_t __user *ruid, old_uid_t __user *euid, | |||
86 | { | 86 | { |
87 | int retval; | 87 | int retval; |
88 | 88 | ||
89 | if (!(retval = put_user(high2lowuid(current->uid), ruid)) && | 89 | if (!(retval = put_user(high2lowuid(current->cred->uid), ruid)) && |
90 | !(retval = put_user(high2lowuid(current->euid), euid))) | 90 | !(retval = put_user(high2lowuid(current->cred->euid), euid))) |
91 | retval = put_user(high2lowuid(current->suid), suid); | 91 | retval = put_user(high2lowuid(current->cred->suid), suid); |
92 | 92 | ||
93 | return retval; | 93 | return retval; |
94 | } | 94 | } |
@@ -106,9 +106,9 @@ asmlinkage long sys_getresgid16(old_gid_t __user *rgid, old_gid_t __user *egid, | |||
106 | { | 106 | { |
107 | int retval; | 107 | int retval; |
108 | 108 | ||
109 | if (!(retval = put_user(high2lowgid(current->gid), rgid)) && | 109 | if (!(retval = put_user(high2lowgid(current->cred->gid), rgid)) && |
110 | !(retval = put_user(high2lowgid(current->egid), egid))) | 110 | !(retval = put_user(high2lowgid(current->cred->egid), egid))) |
111 | retval = put_user(high2lowgid(current->sgid), sgid); | 111 | retval = put_user(high2lowgid(current->cred->sgid), sgid); |
112 | 112 | ||
113 | return retval; | 113 | return retval; |
114 | } | 114 | } |
@@ -166,20 +166,20 @@ asmlinkage long sys_getgroups16(int gidsetsize, old_gid_t __user *grouplist) | |||
166 | if (gidsetsize < 0) | 166 | if (gidsetsize < 0) |
167 | return -EINVAL; | 167 | return -EINVAL; |
168 | 168 | ||
169 | get_group_info(current->group_info); | 169 | get_group_info(current->cred->group_info); |
170 | i = current->group_info->ngroups; | 170 | i = current->cred->group_info->ngroups; |
171 | if (gidsetsize) { | 171 | if (gidsetsize) { |
172 | if (i > gidsetsize) { | 172 | if (i > gidsetsize) { |
173 | i = -EINVAL; | 173 | i = -EINVAL; |
174 | goto out; | 174 | goto out; |
175 | } | 175 | } |
176 | if (groups16_to_user(grouplist, current->group_info)) { | 176 | if (groups16_to_user(grouplist, current->cred->group_info)) { |
177 | i = -EFAULT; | 177 | i = -EFAULT; |
178 | goto out; | 178 | goto out; |
179 | } | 179 | } |
180 | } | 180 | } |
181 | out: | 181 | out: |
182 | put_group_info(current->group_info); | 182 | put_group_info(current->cred->group_info); |
183 | return i; | 183 | return i; |
184 | } | 184 | } |
185 | 185 | ||
@@ -210,20 +210,20 @@ asmlinkage long sys_setgroups16(int gidsetsize, old_gid_t __user *grouplist) | |||
210 | 210 | ||
211 | asmlinkage long sys_getuid16(void) | 211 | asmlinkage long sys_getuid16(void) |
212 | { | 212 | { |
213 | return high2lowuid(current->uid); | 213 | return high2lowuid(current->cred->uid); |
214 | } | 214 | } |
215 | 215 | ||
216 | asmlinkage long sys_geteuid16(void) | 216 | asmlinkage long sys_geteuid16(void) |
217 | { | 217 | { |
218 | return high2lowuid(current->euid); | 218 | return high2lowuid(current->cred->euid); |
219 | } | 219 | } |
220 | 220 | ||
221 | asmlinkage long sys_getgid16(void) | 221 | asmlinkage long sys_getgid16(void) |
222 | { | 222 | { |
223 | return high2lowgid(current->gid); | 223 | return high2lowgid(current->cred->gid); |
224 | } | 224 | } |
225 | 225 | ||
226 | asmlinkage long sys_getegid16(void) | 226 | asmlinkage long sys_getegid16(void) |
227 | { | 227 | { |
228 | return high2lowgid(current->egid); | 228 | return high2lowgid(current->cred->egid); |
229 | } | 229 | } |
diff --git a/kernel/user.c b/kernel/user.c index 39d6159fae43..104d22ac84d5 100644 --- a/kernel/user.c +++ b/kernel/user.c | |||
@@ -457,11 +457,11 @@ void switch_uid(struct user_struct *new_user) | |||
457 | * cheaply with the new uid cache, so if it matters | 457 | * cheaply with the new uid cache, so if it matters |
458 | * we should be checking for it. -DaveM | 458 | * we should be checking for it. -DaveM |
459 | */ | 459 | */ |
460 | old_user = current->user; | 460 | old_user = current->cred->user; |
461 | atomic_inc(&new_user->processes); | 461 | atomic_inc(&new_user->processes); |
462 | atomic_dec(&old_user->processes); | 462 | atomic_dec(&old_user->processes); |
463 | switch_uid_keyring(new_user); | 463 | switch_uid_keyring(new_user); |
464 | current->user = new_user; | 464 | current->cred->user = new_user; |
465 | sched_switch_user(current); | 465 | sched_switch_user(current); |
466 | 466 | ||
467 | /* | 467 | /* |