aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys/process_keys.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/keys/process_keys.c')
-rw-r--r--security/keys/process_keys.c23
1 files changed, 5 insertions, 18 deletions
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 504bdd2452bd..ea55cf9acf36 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -38,7 +38,6 @@ struct key_user root_key_user = {
38 .user_ns = &init_user_ns, 38 .user_ns = &init_user_ns,
39}; 39};
40 40
41/*****************************************************************************/
42/* 41/*
43 * install user and user session keyrings for a particular UID 42 * install user and user session keyrings for a particular UID
44 */ 43 */
@@ -275,7 +274,6 @@ static int install_session_keyring(struct key *keyring)
275 return commit_creds(new); 274 return commit_creds(new);
276} 275}
277 276
278/*****************************************************************************/
279/* 277/*
280 * the filesystem user ID changed 278 * the filesystem user ID changed
281 */ 279 */
@@ -288,10 +286,8 @@ void key_fsuid_changed(struct task_struct *tsk)
288 tsk->cred->thread_keyring->uid = tsk->cred->fsuid; 286 tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
289 up_write(&tsk->cred->thread_keyring->sem); 287 up_write(&tsk->cred->thread_keyring->sem);
290 } 288 }
289}
291 290
292} /* end key_fsuid_changed() */
293
294/*****************************************************************************/
295/* 291/*
296 * the filesystem group ID changed 292 * the filesystem group ID changed
297 */ 293 */
@@ -304,10 +300,8 @@ void key_fsgid_changed(struct task_struct *tsk)
304 tsk->cred->thread_keyring->gid = tsk->cred->fsgid; 300 tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
305 up_write(&tsk->cred->thread_keyring->sem); 301 up_write(&tsk->cred->thread_keyring->sem);
306 } 302 }
303}
307 304
308} /* end key_fsgid_changed() */
309
310/*****************************************************************************/
311/* 305/*
312 * search only my process keyrings for the first matching key 306 * search only my process keyrings for the first matching key
313 * - we use the supplied match function to see if the description (or other 307 * - we use the supplied match function to see if the description (or other
@@ -428,7 +422,6 @@ found:
428 return key_ref; 422 return key_ref;
429} 423}
430 424
431/*****************************************************************************/
432/* 425/*
433 * search the process keyrings for the first matching key 426 * search the process keyrings for the first matching key
434 * - we use the supplied match function to see if the description (or other 427 * - we use the supplied match function to see if the description (or other
@@ -489,20 +482,16 @@ key_ref_t search_process_keyrings(struct key_type *type,
489 482
490found: 483found:
491 return key_ref; 484 return key_ref;
485}
492 486
493} /* end search_process_keyrings() */
494
495/*****************************************************************************/
496/* 487/*
497 * see if the key we're looking at is the target key 488 * see if the key we're looking at is the target key
498 */ 489 */
499int lookup_user_key_possessed(const struct key *key, const void *target) 490int lookup_user_key_possessed(const struct key *key, const void *target)
500{ 491{
501 return key == target; 492 return key == target;
493}
502 494
503} /* end lookup_user_key_possessed() */
504
505/*****************************************************************************/
506/* 495/*
507 * lookup a key given a key ID from userspace with a given permissions mask 496 * lookup a key given a key ID from userspace with a given permissions mask
508 * - don't create special keyrings unless so requested 497 * - don't create special keyrings unless so requested
@@ -711,10 +700,8 @@ invalid_key:
711reget_creds: 700reget_creds:
712 put_cred(cred); 701 put_cred(cred);
713 goto try_again; 702 goto try_again;
703}
714 704
715} /* end lookup_user_key() */
716
717/*****************************************************************************/
718/* 705/*
719 * join the named keyring as the session keyring if possible, or attempt to 706 * join the named keyring as the session keyring if possible, or attempt to
720 * create a new one of that name if not 707 * create a new one of that name if not