CRED: Detach the credentials from task_struct (f1752eec) · Commits · e / devices / android_kernel_teracube_2e

include/linux/cred.h

+29 −0

Original line number	Diff line number	Diff line
		@@ -158,4 +158,33 @@ do { \
		*(_gid) = current->cred->fsgid; \
		} while(0)

		extern void __put_cred(struct cred *);
		extern int copy_creds(struct task_struct *, unsigned long);

		/**
		* get_cred - Get a reference on a set of credentials
		* @cred: The credentials to reference
		*
		* Get a reference on the specified set of credentials. The caller must
		* release the reference.
		*/
		static inline struct cred get_cred(struct cred cred)
		{
		atomic_inc(&cred->usage);
		return cred;
		}

		/**
		* put_cred - Release a reference to a set of credentials
		* @cred: The credentials to release
		*
		* Release a reference to a set of credentials, deleting them when the last ref
		* is released.
		*/
		static inline void put_cred(struct cred *cred)
		{
		if (atomic_dec_and_test(&(cred)->usage))
		__put_cred(cred);
		}

		#endif /* _LINUX_CRED_H */

include/linux/init_task.h

+1 −15

Original line number	Diff line number	Diff line
		@@ -115,19 +115,6 @@ extern struct group_info init_groups;

		extern struct cred init_cred;

		#define INIT_CRED(p) \
		{ \
		.usage = ATOMIC_INIT(3), \
		.securebits = SECUREBITS_DEFAULT, \
		.cap_inheritable = CAP_INIT_INH_SET, \
		.cap_permitted = CAP_FULL_SET, \
		.cap_effective = CAP_INIT_EFF_SET, \
		.cap_bset = CAP_INIT_BSET, \
		.user = INIT_USER, \
		.group_info = &init_groups, \
		.lock = __SPIN_LOCK_UNLOCKED(p.lock), \
		}

		/*
		* INIT_TASK is used to set up the first task table, touch at
		* your own risk!. Base=0, limit=0x1fffff (=2MB)
		@@ -162,8 +149,7 @@ extern struct cred init_cred;
		.children = LIST_HEAD_INIT(tsk.children), \
		.sibling = LIST_HEAD_INIT(tsk.sibling), \
		.group_leader = &tsk, \
		.__temp_cred = INIT_CRED(tsk.__temp_cred), \
		.cred = &tsk.__temp_cred, \
		.cred = &init_cred, \
		.comm = "swapper", \
		.thread = INIT_THREAD, \
		.fs = &init_fs, \

include/linux/sched.h

+0 −1

Original line number	Diff line number	Diff line
		@@ -1151,7 +1151,6 @@ struct task_struct {
		struct list_head cpu_timers[3];

		/* process credentials */
		struct cred __temp_cred __deprecated; /* temporary credentials to be removed */
		struct cred cred; / actual/objective task credentials */

		char comm[TASK_COMM_LEN]; /* executable name excluding path

include/linux/security.h

+13 −13

Original line number	Diff line number	Diff line
		@@ -593,15 +593,15 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
		* manual page for definitions of the @clone_flags.
		* @clone_flags contains the flags indicating what should be shared.
		* Return 0 if permission is granted.
		* @task_alloc_security:
		* @p contains the task_struct for child process.
		* Allocate and attach a security structure to the p->security field. The
		* security field is initialized to NULL when the task structure is
		* @cred_alloc_security:
		* @cred contains the cred struct for child process.
		* Allocate and attach a security structure to the cred->security field.
		* The security field is initialized to NULL when the task structure is
		* allocated.
		* Return 0 if operation was successful.
		* @task_free_security:
		* @p contains the task_struct for process.
		* Deallocate and clear the p->security field.
		* @cred_free:
		* @cred points to the credentials.
		* Deallocate and clear the cred->security field in a set of credentials.
		* @task_setuid:
		* Check permission before setting one or more of the user identity
		* attributes of the current process. The @flags parameter indicates
		@@ -1405,8 +1405,8 @@ struct security_operations {
		int (dentry_open) (struct file file);

		int (*task_create) (unsigned long clone_flags);
		int (task_alloc_security) (struct task_struct p);
		void (task_free_security) (struct task_struct p);
		int (cred_alloc_security) (struct cred cred);
		void (cred_free) (struct cred cred);
		int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags);
		int (task_post_setuid) (uid_t old_ruid / or fsuid */ ,
		uid_t old_euid, uid_t old_suid, int flags);
		@@ -1660,8 +1660,8 @@ int security_file_send_sigiotask(struct task_struct *tsk,
		int security_file_receive(struct file *file);
		int security_dentry_open(struct file *file);
		int security_task_create(unsigned long clone_flags);
		int security_task_alloc(struct task_struct *p);
		void security_task_free(struct task_struct *p);
		int security_cred_alloc(struct cred *cred);
		void security_cred_free(struct cred *cred);
		int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags);
		int security_task_post_setuid(uid_t old_ruid, uid_t old_euid,
		uid_t old_suid, int flags);
		@@ -2181,12 +2181,12 @@ static inline int security_task_create(unsigned long clone_flags)
		return 0;
		}

		static inline int security_task_alloc(struct task_struct *p)
		static inline int security_cred_alloc(struct cred *cred)
		{
		return 0;
		}

		static inline void security_task_free(struct task_struct *p)
		static inline void security_cred_free(struct cred *cred)
		{ }

		static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2,

kernel/Makefile

+1 −1

Original line number	Diff line number	Diff line
		@@ -9,7 +9,7 @@ obj-y = sched.o fork.o exec_domain.o panic.o printk.o \
		rcupdate.o extable.o params.o posix-timers.o \
		kthread.o wait.o kfifo.o sys_ni.o posix-cpu-timers.o mutex.o \
		hrtimer.o rwsem.o nsproxy.o srcu.o semaphore.o \
		notifier.o ksysfs.o pm_qos_params.o sched_clock.o
		notifier.o ksysfs.o pm_qos_params.o sched_clock.o cred.o

		CFLAGS_REMOVE_sched.o = -mno-spe