keys: Move the user and user-session keyrings to the user_namespace

#include <linux/refcount.h>

#include <linux/ratelimit.h>

struct key;

/*

 * Some day this will be a full-fledged user tracking system..

 */

	unsigned long unix_inflight;	/* How many files in flight in unix sockets */

	atomic_long_t pipe_bufs;  /* how many pages are allocated in pipe buffers */

#ifdef CONFIG_KEYS

	/*

	 * These pointers can only change from NULL to a non-NULL value once.

	 * Writes are protected by key_user_keyring_mutex.

	 * Unlocked readers should use READ_ONCE() unless they know that

	 * install_user_keyrings() has been called successfully (which sets

	 * these members to non-NULL values, preventing further modifications).

	 */

	struct key *uid_keyring;	/* UID specific keyring */

	struct key *session_keyring;	/* UID's default session keyring */

#endif

	/* Hash table maintenance information */

	struct hlist_node uidhash_node;

	kuid_t uid;

	unsigned long		flags;

#ifdef CONFIG_KEYS

	/* List of joinable keyrings in this namespace */

	/* List of joinable keyrings in this namespace.  Modification access of

	 * these pointers is controlled by keyring_sem.  Once

	 * user_keyring_register is set, it won't be changed, so it can be

	 * accessed directly with READ_ONCE().

	 */

	struct list_head	keyring_name_list;

	struct key		*user_keyring_register;

	struct rw_semaphore	keyring_sem;

#endif

	/* Register of per-UID persistent keyrings for this namespace */

#ifdef CONFIG_PERSISTENT_KEYRINGS

	struct key		*persistent_keyring_register;

	struct rw_semaphore	persistent_keyring_register_sem;

#endif

	struct work_struct	work;

#ifdef CONFIG_SYSCTL

	.flags = USERNS_INIT_FLAGS,

#ifdef CONFIG_KEYS

	.keyring_name_list = LIST_HEAD_INIT(init_user_ns.keyring_name_list),

#endif

#ifdef CONFIG_PERSISTENT_KEYRINGS

	.persistent_keyring_register_sem =

	__RWSEM_INITIALIZER(init_user_ns.persistent_keyring_register_sem),

	.keyring_sem = __RWSEM_INITIALIZER(init_user_ns.keyring_sem),

#endif

};

EXPORT_SYMBOL_GPL(init_user_ns);

{

	uid_hash_remove(up);

	spin_unlock_irqrestore(&uidhash_lock, flags);

	key_put(up->uid_keyring);

	key_put(up->session_keyring);

	kmem_cache_free(uid_cachep, up);

}

#ifdef CONFIG_KEYS

	INIT_LIST_HEAD(&ns->keyring_name_list);

#endif

#ifdef CONFIG_PERSISTENT_KEYRINGS

	init_rwsem(&ns->persistent_keyring_register_sem);

	init_rwsem(&ns->keyring_sem);

#endif

	ret = -ENOMEM;

	if (!setup_userns_sysctls(ns))

extern struct key *find_keyring_by_name(const char *name, bool uid_keyring);

extern int install_user_keyrings(void);

extern int look_up_user_keyrings(struct key **, struct key **);

extern struct key *get_user_session_keyring_rcu(const struct cred *);

extern int install_thread_keyring_to_cred(struct cred *);

extern int install_process_keyring_to_cred(struct cred *);

extern int install_session_keyring_to_cred(struct cred *, struct key *);