5 files changed, 86 insertions, 57 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index 61307f590003..0384bf95db68 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -51,10 +51,13 @@ EXPORT_SYMBOL(cap_netlink_recv);
 */
 int cap_capable(struct task_struct *tsk, int cap, int audit)
 {
+        __u32 cap_raised;
        /* Derived from include/linux/sched.h:capable. */
-        if (cap_raised(tsk->cred->cap_effective, cap))
+        rcu_read_lock();
-                return 0;
+        cap_raised = cap_raised(__task_cred(tsk)->cap_effective, cap);
-        return -EPERM;
+        rcu_read_unlock();
+        return cap_raised ? 0 : -EPERM;
 }
 int cap_settime(struct timespec *ts, struct timezone *tz)
@@ -66,34 +69,42 @@ int cap_settime(struct timespec *ts, struct timezone *tz)
 int cap_ptrace_may_access(struct task_struct *child, unsigned int mode)
 {
-        /* Derived from arch/i386/kernel/ptrace.c:sys_ptrace. */
+        int ret = 0;
-        if (cap_issubset(child->cred->cap_permitted,
-                         current->cred->cap_permitted))
+        rcu_read_lock();
-                return 0;
+        if (!cap_issubset(child->cred->cap_permitted,
-        if (capable(CAP_SYS_PTRACE))
+                          current->cred->cap_permitted) &&
-                return 0;
+            !capable(CAP_SYS_PTRACE))
-        return -EPERM;
+                ret = -EPERM;
+        rcu_read_unlock();
+        return ret;
 }
 int cap_ptrace_traceme(struct task_struct *parent)
 {
-        if (cap_issubset(current->cred->cap_permitted,
+        int ret = 0;
-                         parent->cred->cap_permitted))
-                return 0;
+        rcu_read_lock();
-        if (has_capability(parent, CAP_SYS_PTRACE))
+        if (!cap_issubset(current->cred->cap_permitted,
-                return 0;
+                         parent->cred->cap_permitted) &&
-        return -EPERM;
+            !has_capability(parent, CAP_SYS_PTRACE))
+                ret = -EPERM;
+        rcu_read_unlock();
+        return ret;
 }
 int cap_capget (struct task_struct *target, kernel_cap_t *effective,
                kernel_cap_t *inheritable, kernel_cap_t *permitted)
 {
-        struct cred *cred = target->cred;
+        const struct cred *cred;
        /* Derived from kernel/capability.c:sys_capget. */
+        rcu_read_lock();
+        cred = __task_cred(target);
        *effective   = cred->cap_effective;
        *inheritable = cred->cap_inheritable;
        *permitted   = cred->cap_permitted;
+        rcu_read_unlock();
        return 0;
 }
@@ -433,7 +444,7 @@ void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
 int cap_bprm_secureexec (struct linux_binprm *bprm)
 {
-        const struct cred *cred = current->cred;
+        const struct cred *cred = current_cred();
        if (cred->uid != 0) {
                if (bprm->cap_effective)
@@ -511,11 +522,11 @@ static inline void cap_emulate_setxuid (int old_ruid, int old_euid,
        if ((old_ruid == 0 || old_euid == 0 || old_suid == 0) &&
            (cred->uid != 0 && cred->euid != 0 && cred->suid != 0) &&
            !issecure(SECURE_KEEP_CAPS)) {
-                cap_clear (cred->cap_permitted);
+                cap_clear(cred->cap_permitted);
-                cap_clear (cred->cap_effective);
+                cap_clear(cred->cap_effective);
        }
        if (old_euid == 0 && cred->euid != 0) {
-                cap_clear (cred->cap_effective);
+                cap_clear(cred->cap_effective);
        }
        if (old_euid != 0 && cred->euid == 0) {
                cred->cap_effective = cred->cap_permitted;
@@ -582,9 +593,14 @@ int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid,
 */
 static int cap_safe_nice(struct task_struct *p)
 {
-        if (!cap_issubset(p->cred->cap_permitted,
+        int is_subset;
-                          current->cred->cap_permitted) &&
-            !capable(CAP_SYS_NICE))
+        rcu_read_lock();
+        is_subset = cap_issubset(__task_cred(p)->cap_permitted,
+                                 current_cred()->cap_permitted);
+        rcu_read_unlock();
+        if (!is_subset && !capable(CAP_SYS_NICE))
                return -EPERM;
        return 0;
 }
diff --git a/security/keys/permission.c b/security/keys/permission.c
index baf3d5f31e71..13c36164f284 100644
--- a/security/keys/permission.c
+++ b/security/keys/permission.c
@@ -22,13 +22,16 @@ int key_task_permission(const key_ref_t key_ref,
                        struct task_struct *context,
                        key_perm_t perm)
 {
-        struct cred *cred = context->cred;
+        const struct cred *cred;
        struct key *key;
        key_perm_t kperm;
        int ret;
        key = key_ref_to_ptr(key_ref);
+        rcu_read_lock();
+        cred = __task_cred(context);
        /* use the second 8-bits of permissions for keys the caller owns */
        if (key->uid == cred->fsuid) {
                kperm = key->perm >> 16;
@@ -43,10 +46,7 @@ int key_task_permission(const key_ref_t key_ref,
                        goto use_these_perms;
                }
-                spin_lock(&cred->lock);
                ret = groups_search(cred->group_info, key->gid);
-                spin_unlock(&cred->lock);
                if (ret) {
                        kperm = key->perm >> 8;
                        goto use_these_perms;
@@ -57,6 +57,8 @@ int key_task_permission(const key_ref_t key_ref,
        kperm = key->perm;
 use_these_perms:
+        rcu_read_lock();
        /* use the top 8-bits of permissions for keys the caller possesses
         * - possessor permissions are additive with other permissions
         */
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index ce8ac6073d57..212601ebaa46 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -412,10 +412,13 @@ key_ref_t search_process_keyrings(struct key_type *type,
                                  struct task_struct *context)
 {
        struct request_key_auth *rka;
+        struct cred *cred;
        key_ref_t key_ref, ret, err;
        might_sleep();
+        cred = get_task_cred(context);
        /* we want to return -EAGAIN or -ENOKEY if any of the keyrings were
         * searchable, but we failed to find a key or we found a negative key;
         * otherwise we want to return a sample error (probably -EACCES) if
@@ -428,9 +431,9 @@ key_ref_t search_process_keyrings(struct key_type *type,
        err = ERR_PTR(-EAGAIN);
        /* search the thread keyring first */
-        if (context->cred->thread_keyring) {
+        if (cred->thread_keyring) {
                key_ref = keyring_search_aux(
-                        make_key_ref(context->cred->thread_keyring, 1),
+                        make_key_ref(cred->thread_keyring, 1),
                        context, type, description, match);
                if (!IS_ERR(key_ref))
                        goto found;
@@ -495,9 +498,9 @@ key_ref_t search_process_keyrings(struct key_type *type,
                }
        }
        /* or search the user-session keyring */
-        else if (context->cred->user->session_keyring) {
+        else if (cred->user->session_keyring) {
                key_ref = keyring_search_aux(
-                        make_key_ref(context->cred->user->session_keyring, 1),
+                        make_key_ref(cred->user->session_keyring, 1),
                        context, type, description, match);
                if (!IS_ERR(key_ref))
                        goto found;
@@ -519,20 +522,20 @@ key_ref_t search_process_keyrings(struct key_type *type,
         * search the keyrings of the process mentioned there
         * - we don't permit access to request_key auth keys via this method
         */
-        if (context->cred->request_key_auth &&
+        if (cred->request_key_auth &&
            context == current &&
            type != &key_type_request_key_auth
            ) {
                /* defend against the auth key being revoked */
-                down_read(&context->cred->request_key_auth->sem);
+                down_read(&cred->request_key_auth->sem);
-                if (key_validate(context->cred->request_key_auth) == 0) {
+                if (key_validate(cred->request_key_auth) == 0) {
-                        rka = context->cred->request_key_auth->payload.data;
+                        rka = cred->request_key_auth->payload.data;
                        key_ref = search_process_keyrings(type, description,
                                                          match, rka->context);
-                        up_read(&context->cred->request_key_auth->sem);
+                        up_read(&cred->request_key_auth->sem);
                        if (!IS_ERR(key_ref))
                                goto found;
@@ -549,7 +552,7 @@ key_ref_t search_process_keyrings(struct key_type *type,
                                break;
                        }
                } else {
-                        up_read(&context->cred->request_key_auth->sem);
+                        up_read(&cred->request_key_auth->sem);
                }
        }
@@ -557,6 +560,7 @@ key_ref_t search_process_keyrings(struct key_type *type,
        key_ref = ret ? ret : err;
 found:
+        put_cred(cred);
        return key_ref;
 } /* end search_process_keyrings() */
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 10715d1330b9..c86303638235 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -95,13 +95,18 @@ extern void selnl_notify_setenforce(int val);
 static int task_has_security(struct task_struct *tsk,
                             u32 perms)
 {
-        struct task_security_struct *tsec;
+        const struct task_security_struct *tsec;
+        u32 sid = 0;
-        tsec = tsk->cred->security;
+        rcu_read_lock();
+        tsec = __task_cred(tsk)->security;
+        if (tsec)
+                sid = tsec->sid;
+        rcu_read_unlock();
        if (!tsec)
                return -EACCES;
-        return avc_has_perm(tsec->sid, SECINITSID_SECURITY,
+        return avc_has_perm(sid, SECINITSID_SECURITY,
                            SECCLASS_SECURITY, perms, NULL);
 }
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index e8a4fcb1ad04..11167fd567b9 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -30,6 +30,8 @@
 #include "smack.h"
+#define task_security(task)     (task_cred_xxx((task), security))
 /*
 * I hope these are the hokeyist lines of code in the module. Casey.
 */
@@ -1012,7 +1014,7 @@ static void smack_cred_free(struct cred *cred)
 */
 static int smack_task_setpgid(struct task_struct *p, pid_t pgid)
 {
-        return smk_curacc(p->cred->security, MAY_WRITE);
+        return smk_curacc(task_security(p), MAY_WRITE);
 }
 /**
@@ -1023,7 +1025,7 @@ static int smack_task_setpgid(struct task_struct *p, pid_t pgid)
 */
 static int smack_task_getpgid(struct task_struct *p)
 {
-        return smk_curacc(p->cred->security, MAY_READ);
+        return smk_curacc(task_security(p), MAY_READ);
 }
 /**
@@ -1034,7 +1036,7 @@ static int smack_task_getpgid(struct task_struct *p)
 */
 static int smack_task_getsid(struct task_struct *p)
 {
-        return smk_curacc(p->cred->security, MAY_READ);
+        return smk_curacc(task_security(p), MAY_READ);
 }
 /**
@@ -1046,7 +1048,7 @@ static int smack_task_getsid(struct task_struct *p)
 */
 static void smack_task_getsecid(struct task_struct *p, u32 *secid)
 {
-        *secid = smack_to_secid(p->cred->security);
+        *secid = smack_to_secid(task_security(p));
 }
 /**
@@ -1062,7 +1064,7 @@ static int smack_task_setnice(struct task_struct *p, int nice)
        rc = cap_task_setnice(p, nice);
        if (rc == 0)
-                rc = smk_curacc(p->cred->security, MAY_WRITE);
+                rc = smk_curacc(task_security(p), MAY_WRITE);
        return rc;
 }
@@ -1079,7 +1081,7 @@ static int smack_task_setioprio(struct task_struct *p, int ioprio)
        rc = cap_task_setioprio(p, ioprio);
        if (rc == 0)
-                rc = smk_curacc(p->cred->security, MAY_WRITE);
+                rc = smk_curacc(task_security(p), MAY_WRITE);
        return rc;
 }
@@ -1091,7 +1093,7 @@ static int smack_task_setioprio(struct task_struct *p, int ioprio)
 */
 static int smack_task_getioprio(struct task_struct *p)
 {
-        return smk_curacc(p->cred->security, MAY_READ);
+        return smk_curacc(task_security(p), MAY_READ);
 }
 /**
@@ -1109,7 +1111,7 @@ static int smack_task_setscheduler(struct task_struct *p, int policy,
        rc = cap_task_setscheduler(p, policy, lp);
        if (rc == 0)
-                rc = smk_curacc(p->cred->security, MAY_WRITE);
+                rc = smk_curacc(task_security(p), MAY_WRITE);
        return rc;
 }
@@ -1121,7 +1123,7 @@ static int smack_task_setscheduler(struct task_struct *p, int policy,
 */
 static int smack_task_getscheduler(struct task_struct *p)
 {
-        return smk_curacc(p->cred->security, MAY_READ);
+        return smk_curacc(task_security(p), MAY_READ);
 }
 /**
@@ -1132,7 +1134,7 @@ static int smack_task_getscheduler(struct task_struct *p)
 */
 static int smack_task_movememory(struct task_struct *p)
 {
-        return smk_curacc(p->cred->security, MAY_WRITE);
+        return smk_curacc(task_security(p), MAY_WRITE);
 }
 /**
@@ -1155,13 +1157,13 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info,
         * can write the receiver.
         */
        if (secid == 0)
-                return smk_curacc(p->cred->security, MAY_WRITE);
+                return smk_curacc(task_security(p), MAY_WRITE);
        /*
         * If the secid isn't 0 we're dealing with some USB IO
         * specific behavior. This is not clean. For one thing
         * we can't take privilege into account.
         */
-        return smk_access(smack_from_secid(secid), p->cred->security, MAY_WRITE);
+        return smk_access(smack_from_secid(secid), task_security(p), MAY_WRITE);
 }
 /**
@@ -1174,7 +1176,7 @@ static int smack_task_wait(struct task_struct *p)
 {
        int rc;
-        rc = smk_access(current->cred->security, p->cred->security, MAY_WRITE);
+        rc = smk_access(current_security(), task_security(p), MAY_WRITE);
        if (rc == 0)
                return 0;
@@ -1205,7 +1207,7 @@ static int smack_task_wait(struct task_struct *p)
 static void smack_task_to_inode(struct task_struct *p, struct inode *inode)
 {
        struct inode_smack *isp = inode->i_security;
-        isp->smk_inode = p->cred->security;
+        isp->smk_inode = task_security(p);
 }
 /*
@@ -2010,7 +2012,7 @@ static int smack_getprocattr(struct task_struct *p, char *name, char **value)
        if (strcmp(name, "current") != 0)
                return -EINVAL;
-        cp = kstrdup(p->cred->security, GFP_KERNEL);
+        cp = kstrdup(task_security(p), GFP_KERNEL);
        if (cp == NULL)
                return -ENOMEM;

diff --git a/security/commoncap.c b/security/commoncap.c index 61307f590003..0384bf95db68 100644 --- a/security/commoncap.c +++ b/security/commoncap.c
@@ -51,10 +51,13 @@ EXPORT_SYMBOL(cap_netlink_recv);
51	*/	51	*/
52	int cap_capable(struct task_struct *tsk, int cap, int audit)	52	int cap_capable(struct task_struct *tsk, int cap, int audit)
53	{	53	{
		54	__u32 cap_raised;
		55
54	/* Derived from include/linux/sched.h:capable. */	56	/* Derived from include/linux/sched.h:capable. */
55	if (cap_raised(tsk->cred->cap_effective, cap))	57	rcu_read_lock();
56	return 0;	58	cap_raised = cap_raised(__task_cred(tsk)->cap_effective, cap);
57	return -EPERM;	59	rcu_read_unlock();
		60	return cap_raised ? 0 : -EPERM;
58	}	61	}
59		62
60	int cap_settime(struct timespec ts, struct timezone tz)	63	int cap_settime(struct timespec ts, struct timezone tz)
@@ -66,34 +69,42 @@ int cap_settime(struct timespec ts, struct timezone tz)
66		69
67	int cap_ptrace_may_access(struct task_struct *child, unsigned int mode)	70	int cap_ptrace_may_access(struct task_struct *child, unsigned int mode)
68	{	71	{
69	/* Derived from arch/i386/kernel/ptrace.c:sys_ptrace. */	72	int ret = 0;
70	if (cap_issubset(child->cred->cap_permitted,	73
71	current->cred->cap_permitted))	74	rcu_read_lock();
72	return 0;	75	if (!cap_issubset(child->cred->cap_permitted,
73	if (capable(CAP_SYS_PTRACE))	76	current->cred->cap_permitted) &&
74	return 0;	77	!capable(CAP_SYS_PTRACE))
75	return -EPERM;	78	ret = -EPERM;
		79	rcu_read_unlock();
		80	return ret;
76	}	81	}
77		82
78	int cap_ptrace_traceme(struct task_struct *parent)	83	int cap_ptrace_traceme(struct task_struct *parent)
79	{	84	{
80	if (cap_issubset(current->cred->cap_permitted,	85	int ret = 0;
81	parent->cred->cap_permitted))	86
82	return 0;	87	rcu_read_lock();
83	if (has_capability(parent, CAP_SYS_PTRACE))	88	if (!cap_issubset(current->cred->cap_permitted,
84	return 0;	89	parent->cred->cap_permitted) &&
85	return -EPERM;	90	!has_capability(parent, CAP_SYS_PTRACE))
		91	ret = -EPERM;
		92	rcu_read_unlock();
		93	return ret;
86	}	94	}
87		95
88	int cap_capget (struct task_struct target, kernel_cap_t effective,	96	int cap_capget (struct task_struct target, kernel_cap_t effective,
89	kernel_cap_t inheritable, kernel_cap_t permitted)	97	kernel_cap_t inheritable, kernel_cap_t permitted)
90	{	98	{
91	struct cred *cred = target->cred;	99	const struct cred *cred;
92		100
93	/* Derived from kernel/capability.c:sys_capget. */	101	/* Derived from kernel/capability.c:sys_capget. */
		102	rcu_read_lock();
		103	cred = __task_cred(target);
94	*effective = cred->cap_effective;	104	*effective = cred->cap_effective;
95	*inheritable = cred->cap_inheritable;	105	*inheritable = cred->cap_inheritable;
96	*permitted = cred->cap_permitted;	106	*permitted = cred->cap_permitted;
		107	rcu_read_unlock();
97	return 0;	108	return 0;
98	}	109	}
99		110
@@ -433,7 +444,7 @@ void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
433		444
434	int cap_bprm_secureexec (struct linux_binprm *bprm)	445	int cap_bprm_secureexec (struct linux_binprm *bprm)
435	{	446	{
436	const struct cred *cred = current->cred;	447	const struct cred *cred = current_cred();
437		448
438	if (cred->uid != 0) {	449	if (cred->uid != 0) {
439	if (bprm->cap_effective)	450	if (bprm->cap_effective)
@@ -511,11 +522,11 @@ static inline void cap_emulate_setxuid (int old_ruid, int old_euid,
511	if ((old_ruid == 0 \|\| old_euid == 0 \|\| old_suid == 0) &&	522	if ((old_ruid == 0 \|\| old_euid == 0 \|\| old_suid == 0) &&
512	(cred->uid != 0 && cred->euid != 0 && cred->suid != 0) &&	523	(cred->uid != 0 && cred->euid != 0 && cred->suid != 0) &&
513	!issecure(SECURE_KEEP_CAPS)) {	524	!issecure(SECURE_KEEP_CAPS)) {
514	cap_clear (cred->cap_permitted);	525	cap_clear(cred->cap_permitted);
515	cap_clear (cred->cap_effective);	526	cap_clear(cred->cap_effective);
516	}	527	}
517	if (old_euid == 0 && cred->euid != 0) {	528	if (old_euid == 0 && cred->euid != 0) {
518	cap_clear (cred->cap_effective);	529	cap_clear(cred->cap_effective);
519	}	530	}
520	if (old_euid != 0 && cred->euid == 0) {	531	if (old_euid != 0 && cred->euid == 0) {
521	cred->cap_effective = cred->cap_permitted;	532	cred->cap_effective = cred->cap_permitted;
@@ -582,9 +593,14 @@ int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid,
582	*/	593	*/
583	static int cap_safe_nice(struct task_struct *p)	594	static int cap_safe_nice(struct task_struct *p)
584	{	595	{
585	if (!cap_issubset(p->cred->cap_permitted,	596	int is_subset;
586	current->cred->cap_permitted) &&	597
587	!capable(CAP_SYS_NICE))	598	rcu_read_lock();
		599	is_subset = cap_issubset(__task_cred(p)->cap_permitted,
		600	current_cred()->cap_permitted);
		601	rcu_read_unlock();
		602
		603	if (!is_subset && !capable(CAP_SYS_NICE))
588	return -EPERM;	604	return -EPERM;
589	return 0;	605	return 0;
590	}	606	}


diff --git a/security/keys/permission.c b/security/keys/permission.c index baf3d5f31e71..13c36164f284 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c
@@ -22,13 +22,16 @@ int key_task_permission(const key_ref_t key_ref,
22	struct task_struct *context,	22	struct task_struct *context,
23	key_perm_t perm)	23	key_perm_t perm)
24	{	24	{
25	struct cred *cred = context->cred;	25	const struct cred *cred;
26	struct key *key;	26	struct key *key;
27	key_perm_t kperm;	27	key_perm_t kperm;
28	int ret;	28	int ret;
29		29
30	key = key_ref_to_ptr(key_ref);	30	key = key_ref_to_ptr(key_ref);
31		31
		32	rcu_read_lock();
		33	cred = __task_cred(context);
		34
32	/* use the second 8-bits of permissions for keys the caller owns */	35	/* use the second 8-bits of permissions for keys the caller owns */
33	if (key->uid == cred->fsuid) {	36	if (key->uid == cred->fsuid) {
34	kperm = key->perm >> 16;	37	kperm = key->perm >> 16;
@@ -43,10 +46,7 @@ int key_task_permission(const key_ref_t key_ref,
43	goto use_these_perms;	46	goto use_these_perms;
44	}	47	}
45		48
46	spin_lock(&cred->lock);
47	ret = groups_search(cred->group_info, key->gid);	49	ret = groups_search(cred->group_info, key->gid);
48	spin_unlock(&cred->lock);
49
50	if (ret) {	50	if (ret) {
51	kperm = key->perm >> 8;	51	kperm = key->perm >> 8;
52	goto use_these_perms;	52	goto use_these_perms;
@@ -57,6 +57,8 @@ int key_task_permission(const key_ref_t key_ref,
57	kperm = key->perm;	57	kperm = key->perm;
58		58
59	use_these_perms:	59	use_these_perms:
		60	rcu_read_lock();
		61
60	/* use the top 8-bits of permissions for keys the caller possesses	62	/* use the top 8-bits of permissions for keys the caller possesses
61	* - possessor permissions are additive with other permissions	63	* - possessor permissions are additive with other permissions
62	*/	64	*/


diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index ce8ac6073d57..212601ebaa46 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c
@@ -412,10 +412,13 @@ key_ref_t search_process_keyrings(struct key_type *type,
412	struct task_struct *context)	412	struct task_struct *context)
413	{	413	{
414	struct request_key_auth *rka;	414	struct request_key_auth *rka;
		415	struct cred *cred;
415	key_ref_t key_ref, ret, err;	416	key_ref_t key_ref, ret, err;
416		417
417	might_sleep();	418	might_sleep();
418		419
		420	cred = get_task_cred(context);
		421
419	/* we want to return -EAGAIN or -ENOKEY if any of the keyrings were	422	/* we want to return -EAGAIN or -ENOKEY if any of the keyrings were
420	* searchable, but we failed to find a key or we found a negative key;	423	* searchable, but we failed to find a key or we found a negative key;
421	* otherwise we want to return a sample error (probably -EACCES) if	424	* otherwise we want to return a sample error (probably -EACCES) if
@@ -428,9 +431,9 @@ key_ref_t search_process_keyrings(struct key_type *type,
428	err = ERR_PTR(-EAGAIN);	431	err = ERR_PTR(-EAGAIN);
429		432
430	/* search the thread keyring first */	433	/* search the thread keyring first */
431	if (context->cred->thread_keyring) {	434	if (cred->thread_keyring) {
432	key_ref = keyring_search_aux(	435	key_ref = keyring_search_aux(
433	make_key_ref(context->cred->thread_keyring, 1),	436	make_key_ref(cred->thread_keyring, 1),
434	context, type, description, match);	437	context, type, description, match);
435	if (!IS_ERR(key_ref))	438	if (!IS_ERR(key_ref))
436	goto found;	439	goto found;
@@ -495,9 +498,9 @@ key_ref_t search_process_keyrings(struct key_type *type,
495	}	498	}
496	}	499	}
497	/* or search the user-session keyring */	500	/* or search the user-session keyring */
498	else if (context->cred->user->session_keyring) {	501	else if (cred->user->session_keyring) {
499	key_ref = keyring_search_aux(	502	key_ref = keyring_search_aux(
500	make_key_ref(context->cred->user->session_keyring, 1),	503	make_key_ref(cred->user->session_keyring, 1),
501	context, type, description, match);	504	context, type, description, match);
502	if (!IS_ERR(key_ref))	505	if (!IS_ERR(key_ref))
503	goto found;	506	goto found;
@@ -519,20 +522,20 @@ key_ref_t search_process_keyrings(struct key_type *type,
519	* search the keyrings of the process mentioned there	522	* search the keyrings of the process mentioned there
520	* - we don't permit access to request_key auth keys via this method	523	* - we don't permit access to request_key auth keys via this method
521	*/	524	*/
522	if (context->cred->request_key_auth &&	525	if (cred->request_key_auth &&
523	context == current &&	526	context == current &&
524	type != &key_type_request_key_auth	527	type != &key_type_request_key_auth
525	) {	528	) {
526	/* defend against the auth key being revoked */	529	/* defend against the auth key being revoked */
527	down_read(&context->cred->request_key_auth->sem);	530	down_read(&cred->request_key_auth->sem);
528		531
529	if (key_validate(context->cred->request_key_auth) == 0) {	532	if (key_validate(cred->request_key_auth) == 0) {
530	rka = context->cred->request_key_auth->payload.data;	533	rka = cred->request_key_auth->payload.data;
531		534
532	key_ref = search_process_keyrings(type, description,	535	key_ref = search_process_keyrings(type, description,
533	match, rka->context);	536	match, rka->context);
534		537
535	up_read(&context->cred->request_key_auth->sem);	538	up_read(&cred->request_key_auth->sem);
536		539
537	if (!IS_ERR(key_ref))	540	if (!IS_ERR(key_ref))
538	goto found;	541	goto found;
@@ -549,7 +552,7 @@ key_ref_t search_process_keyrings(struct key_type *type,
549	break;	552	break;
550	}	553	}
551	} else {	554	} else {
552	up_read(&context->cred->request_key_auth->sem);	555	up_read(&cred->request_key_auth->sem);
553	}	556	}
554	}	557	}
555		558
@@ -557,6 +560,7 @@ key_ref_t search_process_keyrings(struct key_type *type,
557	key_ref = ret ? ret : err;	560	key_ref = ret ? ret : err;
558		561
559	found:	562	found:
		563	put_cred(cred);
560	return key_ref;	564	return key_ref;
561		565
562	} /* end search_process_keyrings() */	566	} /* end search_process_keyrings() */


diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 10715d1330b9..c86303638235 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c
@@ -95,13 +95,18 @@ extern void selnl_notify_setenforce(int val);
95	static int task_has_security(struct task_struct *tsk,	95	static int task_has_security(struct task_struct *tsk,
96	u32 perms)	96	u32 perms)
97	{	97	{
98	struct task_security_struct *tsec;	98	const struct task_security_struct *tsec;
99		99	u32 sid = 0;
100	tsec = tsk->cred->security;	100
		101	rcu_read_lock();
		102	tsec = __task_cred(tsk)->security;
		103	if (tsec)
		104	sid = tsec->sid;
		105	rcu_read_unlock();
101	if (!tsec)	106	if (!tsec)
102	return -EACCES;	107	return -EACCES;
103		108
104	return avc_has_perm(tsec->sid, SECINITSID_SECURITY,	109	return avc_has_perm(sid, SECINITSID_SECURITY,
105	SECCLASS_SECURITY, perms, NULL);	110	SECCLASS_SECURITY, perms, NULL);
106	}	111	}
107		112


diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e8a4fcb1ad04..11167fd567b9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c
@@ -30,6 +30,8 @@
30		30
31	#include "smack.h"	31	#include "smack.h"
32		32
		33	#define task_security(task) (task_cred_xxx((task), security))
		34
33	/*	35	/*
34	* I hope these are the hokeyist lines of code in the module. Casey.	36	* I hope these are the hokeyist lines of code in the module. Casey.
35	*/	37	*/
@@ -1012,7 +1014,7 @@ static void smack_cred_free(struct cred *cred)
1012	*/	1014	*/
1013	static int smack_task_setpgid(struct task_struct *p, pid_t pgid)	1015	static int smack_task_setpgid(struct task_struct *p, pid_t pgid)
1014	{	1016	{
1015	return smk_curacc(p->cred->security, MAY_WRITE);	1017	return smk_curacc(task_security(p), MAY_WRITE);
1016	}	1018	}
1017		1019
1018	/**	1020	/**
@@ -1023,7 +1025,7 @@ static int smack_task_setpgid(struct task_struct *p, pid_t pgid)
1023	*/	1025	*/
1024	static int smack_task_getpgid(struct task_struct *p)	1026	static int smack_task_getpgid(struct task_struct *p)
1025	{	1027	{
1026	return smk_curacc(p->cred->security, MAY_READ);	1028	return smk_curacc(task_security(p), MAY_READ);
1027	}	1029	}
1028		1030
1029	/**	1031	/**
@@ -1034,7 +1036,7 @@ static int smack_task_getpgid(struct task_struct *p)
1034	*/	1036	*/
1035	static int smack_task_getsid(struct task_struct *p)	1037	static int smack_task_getsid(struct task_struct *p)
1036	{	1038	{
1037	return smk_curacc(p->cred->security, MAY_READ);	1039	return smk_curacc(task_security(p), MAY_READ);
1038	}	1040	}
1039		1041
1040	/**	1042	/**
@@ -1046,7 +1048,7 @@ static int smack_task_getsid(struct task_struct *p)
1046	*/	1048	*/
1047	static void smack_task_getsecid(struct task_struct p, u32 secid)	1049	static void smack_task_getsecid(struct task_struct p, u32 secid)
1048	{	1050	{
1049	*secid = smack_to_secid(p->cred->security);	1051	*secid = smack_to_secid(task_security(p));
1050	}	1052	}
1051		1053
1052	/**	1054	/**
@@ -1062,7 +1064,7 @@ static int smack_task_setnice(struct task_struct *p, int nice)
1062		1064
1063	rc = cap_task_setnice(p, nice);	1065	rc = cap_task_setnice(p, nice);
1064	if (rc == 0)	1066	if (rc == 0)
1065	rc = smk_curacc(p->cred->security, MAY_WRITE);	1067	rc = smk_curacc(task_security(p), MAY_WRITE);
1066	return rc;	1068	return rc;
1067	}	1069	}
1068		1070
@@ -1079,7 +1081,7 @@ static int smack_task_setioprio(struct task_struct *p, int ioprio)
1079		1081
1080	rc = cap_task_setioprio(p, ioprio);	1082	rc = cap_task_setioprio(p, ioprio);
1081	if (rc == 0)	1083	if (rc == 0)
1082	rc = smk_curacc(p->cred->security, MAY_WRITE);	1084	rc = smk_curacc(task_security(p), MAY_WRITE);
1083	return rc;	1085	return rc;
1084	}	1086	}
1085		1087
@@ -1091,7 +1093,7 @@ static int smack_task_setioprio(struct task_struct *p, int ioprio)
1091	*/	1093	*/
1092	static int smack_task_getioprio(struct task_struct *p)	1094	static int smack_task_getioprio(struct task_struct *p)
1093	{	1095	{
1094	return smk_curacc(p->cred->security, MAY_READ);	1096	return smk_curacc(task_security(p), MAY_READ);
1095	}	1097	}
1096		1098
1097	/**	1099	/**
@@ -1109,7 +1111,7 @@ static int smack_task_setscheduler(struct task_struct *p, int policy,
1109		1111
1110	rc = cap_task_setscheduler(p, policy, lp);	1112	rc = cap_task_setscheduler(p, policy, lp);
1111	if (rc == 0)	1113	if (rc == 0)
1112	rc = smk_curacc(p->cred->security, MAY_WRITE);	1114	rc = smk_curacc(task_security(p), MAY_WRITE);
1113	return rc;	1115	return rc;
1114	}	1116	}
1115		1117
@@ -1121,7 +1123,7 @@ static int smack_task_setscheduler(struct task_struct *p, int policy,
1121	*/	1123	*/
1122	static int smack_task_getscheduler(struct task_struct *p)	1124	static int smack_task_getscheduler(struct task_struct *p)
1123	{	1125	{
1124	return smk_curacc(p->cred->security, MAY_READ);	1126	return smk_curacc(task_security(p), MAY_READ);
1125	}	1127	}
1126		1128
1127	/**	1129	/**
@@ -1132,7 +1134,7 @@ static int smack_task_getscheduler(struct task_struct *p)
1132	*/	1134	*/
1133	static int smack_task_movememory(struct task_struct *p)	1135	static int smack_task_movememory(struct task_struct *p)
1134	{	1136	{
1135	return smk_curacc(p->cred->security, MAY_WRITE);	1137	return smk_curacc(task_security(p), MAY_WRITE);
1136	}	1138	}
1137		1139
1138	/**	1140	/**
@@ -1155,13 +1157,13 @@ static int smack_task_kill(struct task_struct p, struct siginfo info,
1155	* can write the receiver.	1157	* can write the receiver.
1156	*/	1158	*/
1157	if (secid == 0)	1159	if (secid == 0)
1158	return smk_curacc(p->cred->security, MAY_WRITE);	1160	return smk_curacc(task_security(p), MAY_WRITE);
1159	/*	1161	/*
1160	* If the secid isn't 0 we're dealing with some USB IO	1162	* If the secid isn't 0 we're dealing with some USB IO
1161	* specific behavior. This is not clean. For one thing	1163	* specific behavior. This is not clean. For one thing
1162	* we can't take privilege into account.	1164	* we can't take privilege into account.
1163	*/	1165	*/
1164	return smk_access(smack_from_secid(secid), p->cred->security, MAY_WRITE);	1166	return smk_access(smack_from_secid(secid), task_security(p), MAY_WRITE);
1165	}	1167	}
1166		1168
1167	/**	1169	/**
@@ -1174,7 +1176,7 @@ static int smack_task_wait(struct task_struct *p)
1174	{	1176	{
1175	int rc;	1177	int rc;
1176		1178
1177	rc = smk_access(current->cred->security, p->cred->security, MAY_WRITE);	1179	rc = smk_access(current_security(), task_security(p), MAY_WRITE);
1178	if (rc == 0)	1180	if (rc == 0)
1179	return 0;	1181	return 0;
1180		1182
@@ -1205,7 +1207,7 @@ static int smack_task_wait(struct task_struct *p)
1205	static void smack_task_to_inode(struct task_struct p, struct inode inode)	1207	static void smack_task_to_inode(struct task_struct p, struct inode inode)
1206	{	1208	{
1207	struct inode_smack *isp = inode->i_security;	1209	struct inode_smack *isp = inode->i_security;
1208	isp->smk_inode = p->cred->security;	1210	isp->smk_inode = task_security(p);
1209	}	1211	}
1210		1212
1211	/*	1213	/*
@@ -2010,7 +2012,7 @@ static int smack_getprocattr(struct task_struct p, char name, char **value)
2010	if (strcmp(name, "current") != 0)	2012	if (strcmp(name, "current") != 0)
2011	return -EINVAL;	2013	return -EINVAL;
2012		2014
2013	cp = kstrdup(p->cred->security, GFP_KERNEL);	2015	cp = kstrdup(task_security(p), GFP_KERNEL);
2014	if (cp == NULL)	2016	if (cp == NULL)
2015	return -ENOMEM;	2017	return -ENOMEM;
2016		2018