]>
git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - kernel/cred.c
1 /* Task credentials management
3 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public Licence
8 * as published by the Free Software Foundation; either version
9 * 2 of the Licence, or (at your option) any later version.
11 #include <linux/module.h>
12 #include <linux/cred.h>
13 #include <linux/sched.h>
14 #include <linux/key.h>
15 #include <linux/keyctl.h>
16 #include <linux/init_task.h>
17 #include <linux/security.h>
20 * The initial credentials for the initial task
22 struct cred init_cred
= {
23 .usage
= ATOMIC_INIT(3),
24 .securebits
= SECUREBITS_DEFAULT
,
25 .cap_inheritable
= CAP_INIT_INH_SET
,
26 .cap_permitted
= CAP_FULL_SET
,
27 .cap_effective
= CAP_INIT_EFF_SET
,
28 .cap_bset
= CAP_INIT_BSET
,
30 .group_info
= &init_groups
,
34 * The RCU callback to actually dispose of a set of credentials
36 static void put_cred_rcu(struct rcu_head
*rcu
)
38 struct cred
*cred
= container_of(rcu
, struct cred
, rcu
);
40 BUG_ON(atomic_read(&cred
->usage
) != 0);
42 key_put(cred
->thread_keyring
);
43 key_put(cred
->request_key_auth
);
44 put_group_info(cred
->group_info
);
46 security_cred_free(cred
);
51 * __put_cred - Destroy a set of credentials
52 * @sec: The record to release
54 * Destroy a set of credentials on which no references remain.
56 void __put_cred(struct cred
*cred
)
58 call_rcu(&cred
->rcu
, put_cred_rcu
);
60 EXPORT_SYMBOL(__put_cred
);
63 * Copy credentials for the new process created by fork()
65 int copy_creds(struct task_struct
*p
, unsigned long clone_flags
)
70 pcred
= kmemdup(p
->cred
, sizeof(*p
->cred
), GFP_KERNEL
);
74 #ifdef CONFIG_SECURITY
75 pcred
->security
= NULL
;
78 ret
= security_cred_alloc(pcred
);
84 atomic_set(&pcred
->usage
, 1);
85 get_group_info(pcred
->group_info
);
87 key_get(pcred
->thread_keyring
);
88 key_get(pcred
->request_key_auth
);
90 atomic_inc(&pcred
->user
->processes
);
92 /* RCU assignment is unneeded here as no-one can have accessed this
93 * pointer yet, barring us */