[PATCH 4/4] add task handling notifier: security keys
Signed-off-by: Jan Beulich <[EMAIL PROTECTED]> Cc: David Howells <[EMAIL PROTECTED]> --- arch/mips/kernel/kspd.c |7 +++-- include/linux/key.h |4 --- kernel/sys.c |8 -- security/keys/process_keys.c | 55 ++- 4 files changed, 39 insertions(+), 35 deletions(-) --- 2.6.24-rc5-notify-task.orig/arch/mips/kernel/kspd.c +++ 2.6.24-rc5-notify-task/arch/mips/kernel/kspd.c @@ -25,6 +25,7 @@ #include #include #include +#include #include #include @@ -177,8 +178,10 @@ static void sp_setfsuidgid( uid_t uid, g current->fsuid = uid; current->fsgid = gid; - key_fsuid_changed(current); - key_fsgid_changed(current); + blocking_notifier_call_chain(_notifier_list, +TASK_UID_CHANGE, current); + blocking_notifier_call_chain(_notifier_list, +TASK_GID_CHANGE, current); } /* --- 2.6.24-rc5-notify-task.orig/include/linux/key.h +++ 2.6.24-rc5-notify-task/include/linux/key.h @@ -272,8 +272,6 @@ extern void exit_keys(struct task_struct extern void exit_thread_group_keys(struct signal_struct *tg); extern int suid_keys(struct task_struct *tsk); extern int exec_keys(struct task_struct *tsk); -extern void key_fsuid_changed(struct task_struct *tsk); -extern void key_fsgid_changed(struct task_struct *tsk); extern void key_init(void); #define __install_session_keyring(tsk, keyring)\ @@ -302,8 +300,6 @@ extern void key_init(void); #define exit_thread_group_keys(tg) do { } while(0) #define suid_keys(t) do { } while(0) #define exec_keys(t) do { } while(0) -#define key_fsuid_changed(t) do { } while(0) -#define key_fsgid_changed(t) do { } while(0) #define key_init() do { } while(0) /* Initial keyrings */ --- 2.6.24-rc5-notify-task.orig/kernel/sys.c +++ 2.6.24-rc5-notify-task/kernel/sys.c @@ -517,7 +517,6 @@ asmlinkage long sys_setregid(gid_t rgid, current->fsgid = new_egid; current->egid = new_egid; current->gid = new_rgid; - key_fsgid_changed(current); blocking_notifier_call_chain(_notifier_list, TASK_GID_CHANGE, current); @@ -554,7 +553,6 @@ asmlinkage long sys_setgid(gid_t gid) else return -EPERM; - key_fsgid_changed(current); blocking_notifier_call_chain(_notifier_list, TASK_GID_CHANGE, current); @@ -644,7 +642,6 @@ asmlinkage long sys_setreuid(uid_t ruid, current->suid = current->euid; current->fsuid = current->euid; - key_fsuid_changed(current); blocking_notifier_call_chain(_notifier_list, TASK_UID_CHANGE, current); @@ -692,7 +689,6 @@ asmlinkage long sys_setuid(uid_t uid) current->fsuid = current->euid = uid; current->suid = new_suid; - key_fsuid_changed(current); blocking_notifier_call_chain(_notifier_list, TASK_UID_CHANGE, current); @@ -741,7 +737,6 @@ asmlinkage long sys_setresuid(uid_t ruid if (suid != (uid_t) -1) current->suid = suid; - key_fsuid_changed(current); blocking_notifier_call_chain(_notifier_list, TASK_UID_CHANGE, current); @@ -794,7 +789,6 @@ asmlinkage long sys_setresgid(gid_t rgid if (sgid != (gid_t) -1) current->sgid = sgid; - key_fsgid_changed(current); blocking_notifier_call_chain(_notifier_list, TASK_GID_CHANGE, current); return 0; @@ -836,7 +830,6 @@ asmlinkage long sys_setfsuid(uid_t uid) current->fsuid = uid; } - key_fsuid_changed(current); blocking_notifier_call_chain(_notifier_list, TASK_UID_CHANGE, current); @@ -864,7 +857,6 @@ asmlinkage long sys_setfsgid(gid_t gid) smp_wmb(); } current->fsgid = gid; - key_fsgid_changed(current); blocking_notifier_call_chain(_notifier_list, TASK_GID_CHANGE, current); } --- 2.6.24-rc5-notify-task.orig/security/keys/process_keys.c +++ 2.6.24-rc5-notify-task/security/keys/process_keys.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #include #include "internal.h" @@ -354,35 +355,47 @@ int suid_keys(struct task_struct *tsk) } /* end suid_keys() */ -/*/ -/* - * the filesystem user ID changed - */ -void key_fsuid_changed(struct task_struct *tsk) -{ - /* update the ownership of the thread keyring */ - if (tsk->thread_keyring) { +static int
[PATCH 4/4] add task handling notifier: security keys
Signed-off-by: Jan Beulich [EMAIL PROTECTED] Cc: David Howells [EMAIL PROTECTED] --- arch/mips/kernel/kspd.c |7 +++-- include/linux/key.h |4 --- kernel/sys.c |8 -- security/keys/process_keys.c | 55 ++- 4 files changed, 39 insertions(+), 35 deletions(-) --- 2.6.24-rc5-notify-task.orig/arch/mips/kernel/kspd.c +++ 2.6.24-rc5-notify-task/arch/mips/kernel/kspd.c @@ -25,6 +25,7 @@ #include linux/workqueue.h #include linux/errno.h #include linux/list.h +#include linux/notifier.h #include asm/vpe.h #include asm/rtlx.h @@ -177,8 +178,10 @@ static void sp_setfsuidgid( uid_t uid, g current-fsuid = uid; current-fsgid = gid; - key_fsuid_changed(current); - key_fsgid_changed(current); + blocking_notifier_call_chain(task_notifier_list, +TASK_UID_CHANGE, current); + blocking_notifier_call_chain(task_notifier_list, +TASK_GID_CHANGE, current); } /* --- 2.6.24-rc5-notify-task.orig/include/linux/key.h +++ 2.6.24-rc5-notify-task/include/linux/key.h @@ -272,8 +272,6 @@ extern void exit_keys(struct task_struct extern void exit_thread_group_keys(struct signal_struct *tg); extern int suid_keys(struct task_struct *tsk); extern int exec_keys(struct task_struct *tsk); -extern void key_fsuid_changed(struct task_struct *tsk); -extern void key_fsgid_changed(struct task_struct *tsk); extern void key_init(void); #define __install_session_keyring(tsk, keyring)\ @@ -302,8 +300,6 @@ extern void key_init(void); #define exit_thread_group_keys(tg) do { } while(0) #define suid_keys(t) do { } while(0) #define exec_keys(t) do { } while(0) -#define key_fsuid_changed(t) do { } while(0) -#define key_fsgid_changed(t) do { } while(0) #define key_init() do { } while(0) /* Initial keyrings */ --- 2.6.24-rc5-notify-task.orig/kernel/sys.c +++ 2.6.24-rc5-notify-task/kernel/sys.c @@ -517,7 +517,6 @@ asmlinkage long sys_setregid(gid_t rgid, current-fsgid = new_egid; current-egid = new_egid; current-gid = new_rgid; - key_fsgid_changed(current); blocking_notifier_call_chain(task_notifier_list, TASK_GID_CHANGE, current); @@ -554,7 +553,6 @@ asmlinkage long sys_setgid(gid_t gid) else return -EPERM; - key_fsgid_changed(current); blocking_notifier_call_chain(task_notifier_list, TASK_GID_CHANGE, current); @@ -644,7 +642,6 @@ asmlinkage long sys_setreuid(uid_t ruid, current-suid = current-euid; current-fsuid = current-euid; - key_fsuid_changed(current); blocking_notifier_call_chain(task_notifier_list, TASK_UID_CHANGE, current); @@ -692,7 +689,6 @@ asmlinkage long sys_setuid(uid_t uid) current-fsuid = current-euid = uid; current-suid = new_suid; - key_fsuid_changed(current); blocking_notifier_call_chain(task_notifier_list, TASK_UID_CHANGE, current); @@ -741,7 +737,6 @@ asmlinkage long sys_setresuid(uid_t ruid if (suid != (uid_t) -1) current-suid = suid; - key_fsuid_changed(current); blocking_notifier_call_chain(task_notifier_list, TASK_UID_CHANGE, current); @@ -794,7 +789,6 @@ asmlinkage long sys_setresgid(gid_t rgid if (sgid != (gid_t) -1) current-sgid = sgid; - key_fsgid_changed(current); blocking_notifier_call_chain(task_notifier_list, TASK_GID_CHANGE, current); return 0; @@ -836,7 +830,6 @@ asmlinkage long sys_setfsuid(uid_t uid) current-fsuid = uid; } - key_fsuid_changed(current); blocking_notifier_call_chain(task_notifier_list, TASK_UID_CHANGE, current); @@ -864,7 +857,6 @@ asmlinkage long sys_setfsgid(gid_t gid) smp_wmb(); } current-fsgid = gid; - key_fsgid_changed(current); blocking_notifier_call_chain(task_notifier_list, TASK_GID_CHANGE, current); } --- 2.6.24-rc5-notify-task.orig/security/keys/process_keys.c +++ 2.6.24-rc5-notify-task/security/keys/process_keys.c @@ -16,6 +16,7 @@ #include linux/keyctl.h #include linux/fs.h #include linux/err.h +#include linux/notifier.h #include linux/mutex.h #include asm/uaccess.h #include internal.h @@ -354,35 +355,47 @@ int suid_keys(struct task_struct *tsk) } /* end suid_keys() */ -/*/ -/* - * the filesystem user ID changed - */