|
|
|
/* Task credentials management
|
|
|
|
*
|
|
|
|
* Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
|
|
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public Licence
|
|
|
|
* as published by the Free Software Foundation; either version
|
|
|
|
* 2 of the Licence, or (at your option) any later version.
|
|
|
|
*/
|
|
|
|
#include <linux/module.h>
|
|
|
|
#include <linux/cred.h>
|
|
|
|
#include <linux/sched.h>
|
|
|
|
#include <linux/key.h>
|
|
|
|
#include <linux/keyctl.h>
|
|
|
|
#include <linux/init_task.h>
|
|
|
|
#include <linux/security.h>
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The common credentials for the initial task's thread group
|
|
|
|
*/
|
|
|
|
#ifdef CONFIG_KEYS
|
|
|
|
static struct thread_group_cred init_tgcred = {
|
|
|
|
.usage = ATOMIC_INIT(2),
|
|
|
|
.tgid = 0,
|
|
|
|
.lock = SPIN_LOCK_UNLOCKED,
|
|
|
|
};
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The initial credentials for the initial task
|
|
|
|
*/
|
|
|
|
struct cred init_cred = {
|
|
|
|
.usage = ATOMIC_INIT(3),
|
|
|
|
.securebits = SECUREBITS_DEFAULT,
|
|
|
|
.cap_inheritable = CAP_INIT_INH_SET,
|
|
|
|
.cap_permitted = CAP_FULL_SET,
|
|
|
|
.cap_effective = CAP_INIT_EFF_SET,
|
|
|
|
.cap_bset = CAP_INIT_BSET,
|
|
|
|
.user = INIT_USER,
|
|
|
|
.group_info = &init_groups,
|
|
|
|
#ifdef CONFIG_KEYS
|
|
|
|
.tgcred = &init_tgcred,
|
|
|
|
#endif
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Dispose of the shared task group credentials
|
|
|
|
*/
|
|
|
|
#ifdef CONFIG_KEYS
|
|
|
|
static void release_tgcred_rcu(struct rcu_head *rcu)
|
|
|
|
{
|
|
|
|
struct thread_group_cred *tgcred =
|
|
|
|
container_of(rcu, struct thread_group_cred, rcu);
|
|
|
|
|
|
|
|
BUG_ON(atomic_read(&tgcred->usage) != 0);
|
|
|
|
|
|
|
|
key_put(tgcred->session_keyring);
|
|
|
|
key_put(tgcred->process_keyring);
|
|
|
|
kfree(tgcred);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Release a set of thread group credentials.
|
|
|
|
*/
|
|
|
|
static void release_tgcred(struct cred *cred)
|
|
|
|
{
|
|
|
|
#ifdef CONFIG_KEYS
|
|
|
|
struct thread_group_cred *tgcred = cred->tgcred;
|
|
|
|
|
|
|
|
if (atomic_dec_and_test(&tgcred->usage))
|
|
|
|
call_rcu(&tgcred->rcu, release_tgcred_rcu);
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The RCU callback to actually dispose of a set of credentials
|
|
|
|
*/
|
|
|
|
static void put_cred_rcu(struct rcu_head *rcu)
|
|
|
|
{
|
|
|
|
struct cred *cred = container_of(rcu, struct cred, rcu);
|
|
|
|
|
|
|
|
BUG_ON(atomic_read(&cred->usage) != 0);
|
|
|
|
|
|
|
|
key_put(cred->thread_keyring);
|
|
|
|
key_put(cred->request_key_auth);
|
|
|
|
release_tgcred(cred);
|
|
|
|
put_group_info(cred->group_info);
|
|
|
|
free_uid(cred->user);
|
|
|
|
security_cred_free(cred);
|
|
|
|
kfree(cred);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* __put_cred - Destroy a set of credentials
|
|
|
|
* @sec: The record to release
|
|
|
|
*
|
|
|
|
* Destroy a set of credentials on which no references remain.
|
|
|
|
*/
|
|
|
|
void __put_cred(struct cred *cred)
|
|
|
|
{
|
|
|
|
call_rcu(&cred->rcu, put_cred_rcu);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(__put_cred);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Copy credentials for the new process created by fork()
|
|
|
|
*/
|
|
|
|
int copy_creds(struct task_struct *p, unsigned long clone_flags)
|
|
|
|
{
|
|
|
|
struct cred *pcred;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
pcred = kmemdup(p->cred, sizeof(*p->cred), GFP_KERNEL);
|
|
|
|
if (!pcred)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
#ifdef CONFIG_KEYS
|
|
|
|
if (clone_flags & CLONE_THREAD) {
|
|
|
|
atomic_inc(&pcred->tgcred->usage);
|
|
|
|
} else {
|
|
|
|
pcred->tgcred = kmalloc(sizeof(struct cred), GFP_KERNEL);
|
|
|
|
if (!pcred->tgcred) {
|
|
|
|
kfree(pcred);
|
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
atomic_set(&pcred->tgcred->usage, 1);
|
|
|
|
spin_lock_init(&pcred->tgcred->lock);
|
|
|
|
pcred->tgcred->process_keyring = NULL;
|
|
|
|
pcred->tgcred->session_keyring =
|
|
|
|
key_get(p->cred->tgcred->session_keyring);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifdef CONFIG_SECURITY
|
|
|
|
pcred->security = NULL;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
ret = security_cred_alloc(pcred);
|
|
|
|
if (ret < 0) {
|
|
|
|
release_tgcred(pcred);
|
|
|
|
kfree(pcred);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
atomic_set(&pcred->usage, 1);
|
|
|
|
get_group_info(pcred->group_info);
|
|
|
|
get_uid(pcred->user);
|
|
|
|
key_get(pcred->thread_keyring);
|
|
|
|
key_get(pcred->request_key_auth);
|
|
|
|
|
|
|
|
atomic_inc(&pcred->user->processes);
|
|
|
|
|
|
|
|
/* RCU assignment is unneeded here as no-one can have accessed this
|
|
|
|
* pointer yet, barring us */
|
|
|
|
p->cred = pcred;
|
|
|
|
return 0;
|
|
|
|
}
|