cred: Refcount the user_ns pointed to by the cred.

	void		*security;	/* subjective LSM security */

#endif

	struct user_struct *user;	/* real user ID subscription */

	struct user_namespace *user_ns; /* cached user->user_ns */

	struct user_namespace *user_ns; /* user_ns the caps and keyrings are relative to. */

	struct group_info *group_info;	/* supplementary groups for euid/fsgid */

	struct rcu_head	rcu;		/* RCU deletion hook */

};

	if (cred->group_info)

		put_group_info(cred->group_info);

	free_uid(cred->user);

	put_user_ns(cred->user_ns);

	kmem_cache_free(cred_jar, cred);

}

	set_cred_subscribers(new, 0);

	get_group_info(new->group_info);

	get_uid(new->user);

	get_user_ns(new->user_ns);

#ifdef CONFIG_KEYS

	key_get(new->thread_keyring);

			goto error_put;

	}

	/* cache user_ns in cred.  Doesn't need a refcount because it will

	 * stay pinned by cred->user

	 */

	new->user_ns = new->user->user_ns;

#ifdef CONFIG_KEYS

	/* new threads get their own thread keyrings if their parent already

	 * had one */

	atomic_set(&new->usage, 1);

	set_cred_subscribers(new, 0);

	get_uid(new->user);

	get_user_ns(new->user_ns);

	get_group_info(new->group_info);

#ifdef CONFIG_KEYS

 */

int create_user_ns(struct cred *new)

{

	struct user_namespace *ns;

	struct user_namespace *ns, *parent_ns = new->user_ns;

	struct user_struct *root_user;

	int n;

#endif

	/* tgcred will be cleared in our caller bc CLONE_THREAD won't be set */

	/* root_user holds a reference to ns, our reference can be dropped */

	put_user_ns(ns);

	/* Leave the reference to our user_ns with the new cred */

	new->user_ns = ns;

	put_user_ns(parent_ns);

	return 0;

}

	new-> sgid	= old-> sgid;

	new->fsgid	= old->fsgid;

	new->user	= get_uid(old->user);

	new->user_ns	= new->user_ns;

	new->user_ns	= get_user_ns(new->user_ns);

	new->group_info	= get_group_info(old->group_info);

	new->securebits	= old->securebits;