CRED: Differentiate objective and effective subjective credentials on a task

	int flags = nfsexp_flags(rqstp, exp);

	int ret;

	/* discard any old override before preparing the new set */

	revert_creds(get_cred(current->real_cred));

	new = prepare_creds();

	if (!new)

		return -ENOMEM;

	else

		new->cap_effective = cap_raise_nfsd_set(new->cap_effective,

							new->cap_permitted);

	return commit_creds(new);

	put_cred(override_creds(new));

	return 0;

oom:

	ret = -ENOMEM;

extern struct cred *prepare_usermodehelper_creds(void);

extern int commit_creds(struct cred *);

extern void abort_creds(struct cred *);

extern const struct cred *override_creds(const struct cred *) __deprecated;

extern void revert_creds(const struct cred *) __deprecated;

extern const struct cred *override_creds(const struct cred *);

extern void revert_creds(const struct cred *);

extern void __init cred_init(void);

/**

}

/**

 * current_cred - Access the current task's credentials

 * current_cred - Access the current task's subjective credentials

 *

 * Access the credentials of the current task.

 * Access the subjective credentials of the current task.

 */

#define current_cred() \

	(current->cred)

/**

 * __task_cred - Access another task's credentials

 * __task_cred - Access a task's objective credentials

 * @task: The task to query

 *

 * Access the credentials of another task.  The caller must hold the

 * RCU readlock.

 * Access the objective credentials of a task.  The caller must hold the RCU

 * readlock.

 *

 * The caller must make sure task doesn't go away, either by holding a ref on

 * task or by holding tasklist_lock to prevent it from being unlinked.

 */

#define __task_cred(task) \

	((const struct cred *)(rcu_dereference((task)->cred)))

	((const struct cred *)(rcu_dereference((task)->real_cred)))

/**

 * get_task_cred - Get another task's credentials

 * get_task_cred - Get another task's objective credentials

 * @task: The task to query

 *

 * Get the credentials of a task, pinning them so that they can't go away.

 * Accessing a task's credentials directly is not permitted.

 * Get the objective credentials of a task, pinning them so that they can't go

 * away.  Accessing a task's credentials directly is not permitted.

 *

 * The caller must make sure task doesn't go away, either by holding a ref on

 * task or by holding tasklist_lock to prevent it from being unlinked.

})

/**

 * get_current_cred - Get the current task's credentials

 * get_current_cred - Get the current task's subjective credentials

 *

 * Get the credentials of the current task, pinning them so that they can't go

 * away.  Accessing the current task's credentials directly is not permitted.

 * Get the subjective credentials of the current task, pinning them so that

 * they can't go away.  Accessing the current task's credentials directly is

 * not permitted.

 */

#define get_current_cred()				\

	(get_cred(current_cred()))

	.children	= LIST_HEAD_INIT(tsk.children),			\

	.sibling	= LIST_HEAD_INIT(tsk.sibling),			\

	.group_leader	= &tsk,						\

	.real_cred	= &init_cred,					\

	.cred		= &init_cred,					\

	.cred_exec_mutex =						\

		 __MUTEX_INITIALIZER(tsk.cred_exec_mutex),		\

	struct list_head cpu_timers[3];

/* process credentials */

	const struct cred *cred;	/* actual/objective task credentials (COW) */

	const struct cred *real_cred;	/* objective and real subjective task

					 * credentials (COW) */

	const struct cred *cred;	/* effective (overridable) subjective task

					 * credentials (COW) */

	struct mutex cred_exec_mutex;	/* execve vs ptrace cred calculation mutex */

	char comm[TASK_COMM_LEN]; /* executable name excluding path

 * The initial credentials for the initial task

 */

struct cred init_cred = {

	.usage			= ATOMIC_INIT(3),

	.usage			= ATOMIC_INIT(4),

	.securebits		= SECUREBITS_DEFAULT,

	.cap_inheritable	= CAP_INIT_INH_SET,

	.cap_permitted		= CAP_FULL_SET,

 * prepare a new copy, which the caller then modifies and then commits by

 * calling commit_creds().

 *

 * Preparation involves making a copy of the objective creds for modification.

 *

 * Returns a pointer to the new creds-to-be if successful, NULL otherwise.

 *

 * Call commit_creds() or abort_creds() to clean up.

	const struct cred *old;

	struct cred *new;

	BUG_ON(atomic_read(&task->cred->usage) < 1);

	BUG_ON(atomic_read(&task->real_cred->usage) < 1);

	new = kmem_cache_alloc(cred_jar, GFP_KERNEL);

	if (!new)

 *

 * We share if we can, but under some circumstances we have to generate a new

 * set.

 *

 * The new process gets the current process's subjective credentials as its

 * objective and subjective credentials

 */

int copy_creds(struct task_struct *p, unsigned long clone_flags)

{

#endif

		clone_flags & CLONE_THREAD

	    ) {

		p->real_cred = get_cred(p->cred);

		get_cred(p->cred);

		atomic_inc(&p->cred->user->processes);

		return 0;

#endif

	atomic_inc(&new->user->processes);

	p->cred = new;

	p->cred = p->real_cred = get_cred(new);

	return 0;

}

 * @new: The credentials to be assigned

 *

 * Install a new set of credentials to the current task, using RCU to replace

 * the old set.

 * the old set.  Both the objective and the subjective credentials pointers are

 * updated.  This function may not be called if the subjective credentials are

 * in an overridden state.

 *

 * This function eats the caller's reference to the new credentials.

 *

	struct task_struct *task = current;

	const struct cred *old;

	BUG_ON(task->cred != task->real_cred);

	BUG_ON(atomic_read(&task->real_cred->usage) < 2);

	BUG_ON(atomic_read(&new->usage) < 1);

	BUG_ON(atomic_read(&task->cred->usage) < 1);

	old = task->cred;

	old = task->real_cred;

	security_commit_creds(new, old);

	get_cred(new); /* we will require a ref for the subj creds too */

	/* dumpability changes */

	if (old->euid != new->euid ||

	    old->egid != new->egid ||

	 */

	if (new->user != old->user)

		atomic_inc(&new->user->processes);

	rcu_assign_pointer(task->real_cred, new);

	rcu_assign_pointer(task->cred, new);

	if (new->user != old->user)

		atomic_dec(&old->user->processes);

	    new->fsgid != old->fsgid)

		proc_id_connector(task, PROC_EVENT_GID);

	/* release the old obj and subj refs both */

	put_cred(old);

	put_cred(old);

	return 0;

}

EXPORT_SYMBOL(abort_creds);

/**

 * override_creds - Temporarily override the current process's credentials

 * override_creds - Override the current process's subjective credentials

 * @new: The credentials to be assigned

 *

 * Install a set of temporary override credentials on the current process,

 * returning the old set for later reversion.

 * Install a set of temporary override subjective credentials on the current

 * process, returning the old set for later reversion.

 */

const struct cred *override_creds(const struct cred *new)

{

EXPORT_SYMBOL(override_creds);

/**

 * revert_creds - Revert a temporary credentials override

 * revert_creds - Revert a temporary subjective credentials override

 * @old: The credentials to be restored

 *

 * Revert a temporary set of override credentials to an old set, discarding the

 * override set.

 * Revert a temporary set of override subjective credentials to an old set,

 * discarding the override set.

 */

void revert_creds(const struct cred *old)

{