lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

CRED: Separate task security context from task_struct

Browse Source 
Separate the task security context from task_struct.  At this point, the
security data is temporarily embedded in the task_struct with two pointers
pointing to it.

Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in
entry.S via asm-offsets.

With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com>

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
David Howells
2008-11-14 10:39:16 +11:00
committed by James Morris
parent 15a2460ed0
commit b6dff3ec5e
63 changed files with 830 additions and 675 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
security/keys/keyctl.c
View File

@@ -889,7 +889,7 @@ long keyctl_instantiate_key(key_serial_t id,
/* the appropriate instantiation authorisation key must have been
* assumed before calling this */
ret = -EPERM;
instkey = current->request_key_auth;
instkey = current->cred->request_key_auth;
if (!instkey)
goto error;
@@ -932,8 +932,8 @@ long keyctl_instantiate_key(key_serial_t id,
/* discard the assumed authority if it's just been disabled by
* instantiation of the key */
if (ret == 0) {
key_put(current->request_key_auth);
current->request_key_auth = NULL;
key_put(current->cred->request_key_auth);
current->cred->request_key_auth = NULL;
}
error2:
@@ -960,7 +960,7 @@ long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)
/* the appropriate instantiation authorisation key must have been
* assumed before calling this */
ret = -EPERM;
instkey = current->request_key_auth;
instkey = current->cred->request_key_auth;
if (!instkey)
goto error;
@@ -983,8 +983,8 @@ long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)
/* discard the assumed authority if it's just been disabled by
* instantiation of the key */
if (ret == 0) {
key_put(current->request_key_auth);
current->request_key_auth = NULL;
key_put(current->cred->request_key_auth);
current->cred->request_key_auth = NULL;
}
error:
@@ -999,6 +999,7 @@ error:
*/
long keyctl_set_reqkey_keyring(int reqkey_defl)
{
struct cred *cred = current->cred;
int ret;
switch (reqkey_defl) {
@@ -1018,10 +1019,10 @@ long keyctl_set_reqkey_keyring(int reqkey_defl)
case KEY_REQKEY_DEFL_USER_KEYRING:
case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
set:
current->jit_keyring = reqkey_defl;
cred->jit_keyring = reqkey_defl;
case KEY_REQKEY_DEFL_NO_CHANGE:
return current->jit_keyring;
return cred->jit_keyring;
case KEY_REQKEY_DEFL_GROUP_KEYRING:
default:
@@ -1086,8 +1087,8 @@ long keyctl_assume_authority(key_serial_t id)
/* we divest ourselves of authority if given an ID of 0 */
if (id == 0) {
key_put(current->request_key_auth);
current->request_key_auth = NULL;
key_put(current->cred->request_key_auth);
current->cred->request_key_auth = NULL;
ret = 0;
goto error;
}
@@ -1103,8 +1104,8 @@ long keyctl_assume_authority(key_serial_t id)
goto error;
}
key_put(current->request_key_auth);
current->request_key_auth = authkey;
key_put(current->cred->request_key_auth);
current->cred->request_key_auth = authkey;
ret = authkey->serial;
error:

11
security/keys/permission.c
View File

@@ -22,6 +22,7 @@ int key_task_permission(const key_ref_t key_ref,
struct task_struct *context,
key_perm_t perm)
{
struct cred *cred = context->cred;
struct key *key;
key_perm_t kperm;
int ret;
@@ -29,7 +30,7 @@ int key_task_permission(const key_ref_t key_ref,
key = key_ref_to_ptr(key_ref);
/* use the second 8-bits of permissions for keys the caller owns */
if (key->uid == context->fsuid) {
if (key->uid == cred->fsuid) {
kperm = key->perm >> 16;
goto use_these_perms;
}
@@ -37,14 +38,14 @@ int key_task_permission(const key_ref_t key_ref,
/* use the third 8-bits of permissions for keys the caller has a group
* membership in common with */
if (key->gid != -1 && key->perm & KEY_GRP_ALL) {
if (key->gid == context->fsgid) {
if (key->gid == cred->fsgid) {
kperm = key->perm >> 8;
goto use_these_perms;
}
task_lock(context);
ret = groups_search(context->group_info, key->gid);
task_unlock(context);
spin_lock(&cred->lock);
ret = groups_search(cred->group_info, key->gid);
spin_unlock(&cred->lock);
if (ret) {
kperm = key->perm >> 8;

98
security/keys/process_keys.c
View File

@@ -42,7 +42,7 @@ struct key_user root_key_user = {
*/
int install_user_keyrings(void)
{
struct user_struct *user = current->user;
struct user_struct *user = current->cred->user;
struct key *uid_keyring, *session_keyring;
char buf[20];
int ret;
@@ -156,7 +156,7 @@ int install_thread_keyring(void)
sprintf(buf, "_tid.%u", tsk->pid);
keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk,
keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk,
KEY_ALLOC_QUOTA_OVERRUN, NULL);
if (IS_ERR(keyring)) {
ret = PTR_ERR(keyring);
@@ -164,8 +164,8 @@ int install_thread_keyring(void)
}
task_lock(tsk);
old = tsk->thread_keyring;
tsk->thread_keyring = keyring;
old = tsk->cred->thread_keyring;
tsk->cred->thread_keyring = keyring;
task_unlock(tsk);
ret = 0;
@@ -192,7 +192,7 @@ int install_process_keyring(void)
if (!tsk->signal->process_keyring) {
sprintf(buf, "_pid.%u", tsk->tgid);
keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk,
keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk,
KEY_ALLOC_QUOTA_OVERRUN, NULL);
if (IS_ERR(keyring)) {
ret = PTR_ERR(keyring);
@@ -238,7 +238,7 @@ static int install_session_keyring(struct key *keyring)
if (tsk->signal->session_keyring)
flags = KEY_ALLOC_IN_QUOTA;
keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk,
keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk,
flags, NULL);
if (IS_ERR(keyring))
return PTR_ERR(keyring);
@@ -292,14 +292,14 @@ int copy_thread_group_keys(struct task_struct *tsk)
*/
int copy_keys(unsigned long clone_flags, struct task_struct *tsk)
{
key_check(tsk->thread_keyring);
key_check(tsk->request_key_auth);
key_check(tsk->cred->thread_keyring);
key_check(tsk->cred->request_key_auth);
/* no thread keyring yet */
tsk->thread_keyring = NULL;
tsk->cred->thread_keyring = NULL;
/* copy the request_key() authorisation for this thread */
key_get(tsk->request_key_auth);
key_get(tsk->cred->request_key_auth);
return 0;
@@ -322,8 +322,8 @@ void exit_thread_group_keys(struct signal_struct *tg)
*/
void exit_keys(struct task_struct *tsk)
{
key_put(tsk->thread_keyring);
key_put(tsk->request_key_auth);
key_put(tsk->cred->thread_keyring);
key_put(tsk->cred->request_key_auth);
} /* end exit_keys() */
@@ -337,8 +337,8 @@ int exec_keys(struct task_struct *tsk)
/* newly exec'd tasks don't get a thread keyring */
task_lock(tsk);
old = tsk->thread_keyring;
tsk->thread_keyring = NULL;
old = tsk->cred->thread_keyring;
tsk->cred->thread_keyring = NULL;
task_unlock(tsk);
key_put(old);
@@ -373,10 +373,11 @@ int suid_keys(struct task_struct *tsk)
void key_fsuid_changed(struct task_struct *tsk)
{
/* update the ownership of the thread keyring */
if (tsk->thread_keyring) {
down_write(&tsk->thread_keyring->sem);
tsk->thread_keyring->uid = tsk->fsuid;
up_write(&tsk->thread_keyring->sem);
BUG_ON(!tsk->cred);
if (tsk->cred->thread_keyring) {
down_write(&tsk->cred->thread_keyring->sem);
tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
up_write(&tsk->cred->thread_keyring->sem);
}
} /* end key_fsuid_changed() */
@@ -388,10 +389,11 @@ void key_fsuid_changed(struct task_struct *tsk)
void key_fsgid_changed(struct task_struct *tsk)
{
/* update the ownership of the thread keyring */
if (tsk->thread_keyring) {
down_write(&tsk->thread_keyring->sem);
tsk->thread_keyring->gid = tsk->fsgid;
up_write(&tsk->thread_keyring->sem);
BUG_ON(!tsk->cred);
if (tsk->cred->thread_keyring) {
down_write(&tsk->cred->thread_keyring->sem);
tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
up_write(&tsk->cred->thread_keyring->sem);
}
} /* end key_fsgid_changed() */
@@ -426,9 +428,9 @@ key_ref_t search_process_keyrings(struct key_type *type,
err = ERR_PTR(-EAGAIN);
/* search the thread keyring first */
if (context->thread_keyring) {
if (context->cred->thread_keyring) {
key_ref = keyring_search_aux(
make_key_ref(context->thread_keyring, 1),
make_key_ref(context->cred->thread_keyring, 1),
context, type, description, match);
if (!IS_ERR(key_ref))
goto found;
@@ -493,9 +495,9 @@ key_ref_t search_process_keyrings(struct key_type *type,
}
}
/* or search the user-session keyring */
else if (context->user->session_keyring) {
else if (context->cred->user->session_keyring) {
key_ref = keyring_search_aux(
make_key_ref(context->user->session_keyring, 1),
make_key_ref(context->cred->user->session_keyring, 1),
context, type, description, match);
if (!IS_ERR(key_ref))
goto found;
@@ -517,20 +519,20 @@ key_ref_t search_process_keyrings(struct key_type *type,
* search the keyrings of the process mentioned there
* - we don't permit access to request_key auth keys via this method
*/
if (context->request_key_auth &&
if (context->cred->request_key_auth &&
context == current &&
type != &key_type_request_key_auth
) {
/* defend against the auth key being revoked */
down_read(&context->request_key_auth->sem);
down_read(&context->cred->request_key_auth->sem);
if (key_validate(context->request_key_auth) == 0) {
rka = context->request_key_auth->payload.data;
if (key_validate(context->cred->request_key_auth) == 0) {
rka = context->cred->request_key_auth->payload.data;
key_ref = search_process_keyrings(type, description,
match, rka->context);
up_read(&context->request_key_auth->sem);
up_read(&context->cred->request_key_auth->sem);
if (!IS_ERR(key_ref))
goto found;
@@ -547,7 +549,7 @@ key_ref_t search_process_keyrings(struct key_type *type,
break;
}
} else {
up_read(&context->request_key_auth->sem);
up_read(&context->cred->request_key_auth->sem);
}
}
@@ -580,15 +582,16 @@ key_ref_t lookup_user_key(key_serial_t id, int create, int partial,
{
struct request_key_auth *rka;
struct task_struct *t = current;
key_ref_t key_ref, skey_ref;
struct cred *cred = t->cred;
struct key *key;
key_ref_t key_ref, skey_ref;
int ret;
key_ref = ERR_PTR(-ENOKEY);
switch (id) {
case KEY_SPEC_THREAD_KEYRING:
if (!t->thread_keyring) {
if (!cred->thread_keyring) {
if (!create)
goto error;
@@ -599,7 +602,7 @@ key_ref_t lookup_user_key(key_serial_t id, int create, int partial,
}
}
key = t->thread_keyring;
key = cred->thread_keyring;
atomic_inc(&key->usage);
key_ref = make_key_ref(key, 1);
break;
@@ -628,7 +631,8 @@ key_ref_t lookup_user_key(key_serial_t id, int create, int partial,
ret = install_user_keyrings();
if (ret < 0)
goto error;
ret = install_session_keyring(t->user->session_keyring);
ret = install_session_keyring(
cred->user->session_keyring);
if (ret < 0)
goto error;
}
@@ -641,25 +645,25 @@ key_ref_t lookup_user_key(key_serial_t id, int create, int partial,
break;
case KEY_SPEC_USER_KEYRING:
if (!t->user->uid_keyring) {
if (!cred->user->uid_keyring) {
ret = install_user_keyrings();
if (ret < 0)
goto error;
}
key = t->user->uid_keyring;
key = cred->user->uid_keyring;
atomic_inc(&key->usage);
key_ref = make_key_ref(key, 1);
break;
case KEY_SPEC_USER_SESSION_KEYRING:
if (!t->user->session_keyring) {
if (!cred->user->session_keyring) {
ret = install_user_keyrings();
if (ret < 0)
goto error;
}
key = t->user->session_keyring;
key = cred->user->session_keyring;
atomic_inc(&key->usage);
key_ref = make_key_ref(key, 1);
break;
@@ -670,7 +674,7 @@ key_ref_t lookup_user_key(key_serial_t id, int create, int partial,
goto error;
case KEY_SPEC_REQKEY_AUTH_KEY:
key = t->request_key_auth;
key = cred->request_key_auth;
if (!key)
goto error;
@@ -679,19 +683,19 @@ key_ref_t lookup_user_key(key_serial_t id, int create, int partial,
break;
case KEY_SPEC_REQUESTOR_KEYRING:
if (!t->request_key_auth)
if (!cred->request_key_auth)
goto error;
down_read(&t->request_key_auth->sem);
if (t->request_key_auth->flags & KEY_FLAG_REVOKED) {
down_read(&cred->request_key_auth->sem);
if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) {
key_ref = ERR_PTR(-EKEYREVOKED);
key = NULL;
} else {
rka = t->request_key_auth->payload.data;
rka = cred->request_key_auth->payload.data;
key = rka->dest_keyring;
atomic_inc(&key->usage);
}
up_read(&t->request_key_auth->sem);
up_read(&cred->request_key_auth->sem);
if (!key)
goto error;
key_ref = make_key_ref(key, 1);
@@ -791,7 +795,7 @@ long join_session_keyring(const char *name)
keyring = find_keyring_by_name(name, false);
if (PTR_ERR(keyring) == -ENOKEY) {
/* not found - try and create a new one */
keyring = keyring_alloc(name, tsk->uid, tsk->gid, tsk,
keyring = keyring_alloc(name, tsk->cred->uid, tsk->cred->gid, tsk,
KEY_ALLOC_IN_QUOTA, NULL);
if (IS_ERR(keyring)) {
ret = PTR_ERR(keyring);

18
security/keys/request_key.c
View File

@@ -104,7 +104,8 @@ static int call_sbin_request_key(struct key_construction *cons,
/* we specify the process's default keyrings */
sprintf(keyring_str[0], "%d",
tsk->thread_keyring ? tsk->thread_keyring->serial : 0);
tsk->cred->thread_keyring ?
tsk->cred->thread_keyring->serial : 0);
prkey = 0;
if (tsk->signal->process_keyring)
@@ -117,7 +118,7 @@ static int call_sbin_request_key(struct key_construction *cons,
sskey = rcu_dereference(tsk->signal->session_keyring)->serial;
rcu_read_unlock();
} else {
sskey = tsk->user->session_keyring->serial;
sskey = tsk->cred->user->session_keyring->serial;
}
sprintf(keyring_str[2], "%d", sskey);
@@ -232,11 +233,11 @@ static void construct_get_dest_keyring(struct key **_dest_keyring)
} else {
/* use a default keyring; falling through the cases until we
* find one that we actually have */
switch (tsk->jit_keyring) {
switch (tsk->cred->jit_keyring) {
case KEY_REQKEY_DEFL_DEFAULT:
case KEY_REQKEY_DEFL_REQUESTOR_KEYRING:
if (tsk->request_key_auth) {
authkey = tsk->request_key_auth;
if (tsk->cred->request_key_auth) {
authkey = tsk->cred->request_key_auth;
down_read(&authkey->sem);
rka = authkey->payload.data;
if (!test_bit(KEY_FLAG_REVOKED,
@@ -249,7 +250,7 @@ static void construct_get_dest_keyring(struct key **_dest_keyring)
}
case KEY_REQKEY_DEFL_THREAD_KEYRING:
dest_keyring = key_get(tsk->thread_keyring);
dest_keyring = key_get(tsk->cred->thread_keyring);
if (dest_keyring)
break;
@@ -268,11 +269,12 @@ static void construct_get_dest_keyring(struct key **_dest_keyring)
break;
case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
dest_keyring = key_get(tsk->user->session_keyring);
dest_keyring =
key_get(tsk->cred->user->session_keyring);
break;
case KEY_REQKEY_DEFL_USER_KEYRING:
dest_keyring = key_get(tsk->user->uid_keyring);
dest_keyring = key_get(tsk->cred->user->uid_keyring);
break;
case KEY_REQKEY_DEFL_GROUP_KEYRING:

12
security/keys/request_key_auth.c
View File

@@ -164,22 +164,22 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
/* see if the calling process is already servicing the key request of
* another process */
if (current->request_key_auth) {
if (current->cred->request_key_auth) {
/* it is - use that instantiation context here too */
down_read(&current->request_key_auth->sem);
down_read(&current->cred->request_key_auth->sem);
/* if the auth key has been revoked, then the key we're
* servicing is already instantiated */
if (test_bit(KEY_FLAG_REVOKED,
&current->request_key_auth->flags))
&current->cred->request_key_auth->flags))
goto auth_key_revoked;
irka = current->request_key_auth->payload.data;
irka = current->cred->request_key_auth->payload.data;
rka->context = irka->context;
rka->pid = irka->pid;
get_task_struct(rka->context);
up_read(&current->request_key_auth->sem);
up_read(&current->cred->request_key_auth->sem);
}
else {
/* it isn't - use this process as the context */
@@ -214,7 +214,7 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
return authkey;
auth_key_revoked:
up_read(&current->request_key_auth->sem);
up_read(&current->cred->request_key_auth->sem);
kfree(rka->callout_info);
kfree(rka);
kleave("= -EKEYREVOKED");