asgardius/android_kernel_motorola_sm6225
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_motorola_sm6225/fs
History
Serge Hallyn 18b6e0414e User namespaces: set of cleanups (v2) 
The user_ns is moved from nsproxy to user_struct, so that a struct
cred by itself is sufficient to determine access (which it otherwise
would not be).  Corresponding ecryptfs fixes (by David Howells) are
here as well.

Fix refcounting.  The following rules now apply:
        1. The task pins the user struct.
        2. The user struct pins its user namespace.
        3. The user namespace pins the struct user which created it.

User namespaces are cloned during copy_creds().  Unsharing a new user_ns
is no longer possible.  (We could re-add that, but it'll cause code
duplication and doesn't seem useful if PAM doesn't need to clone user
namespaces).

When a user namespace is created, its first user (uid 0) gets empty
keyrings and a clean group_info.

This incorporates a previous patch by David Howells.  Here
is his original patch description:

>I suggest adding the attached incremental patch.  It makes the following
>changes:
>
> (1) Provides a current_user_ns() macro to wrap accesses to current's user
>     namespace.
>
> (2) Fixes eCryptFS.
>
> (3) Renames create_new_userns() to create_user_ns() to be more consistent
>     with the other associated functions and because the 'new' in the name is
>     superfluous.
>
> (4) Moves the argument and permission checks made for CLONE_NEWUSER to the
>     beginning of do_fork() so that they're done prior to making any attempts
>     at allocation.
>
> (5) Calls create_user_ns() after prepare_creds(), and gives it the new creds
>     to fill in rather than have it return the new root user.  I don't imagine
>     the new root user being used for anything other than filling in a cred
>     struct.
>
>     This also permits me to get rid of a get_uid() and a free_uid(), as the
>     reference the creds were holding on the old user_struct can just be
>     transferred to the new namespace's creator pointer.
>
> (6) Makes create_user_ns() reset the UIDs and GIDs of the creds under
>     preparation rather than doing it in copy_creds().
>
>David

>Signed-off-by: David Howells <dhowells@redhat.com>

Changelog:
	Oct 20: integrate dhowells comments
		1. leave thread_keyring alone
		2. use current_user_ns() in set_user()

Signed-off-by: Serge Hallyn <serue@us.ibm.com>
2008-11-24 18:57:41 -05:00
..
9p CRED: Wrap task credential accesses in 9P2000 filesystem 2008-11-14 10:38:44 +11:00
adfs vfs: Use const for kernel parser table 2008-10-13 10:10:37 -07:00
affs CRED: Wrap task credential accesses in the AFFS filesystem 2008-11-14 10:38:45 +11:00
afs [PATCH] fix ->llseek for more directories 2008-10-23 05:13:21 -04:00
autofs CRED: Wrap task credential accesses in the autofs filesystem 2008-11-14 10:38:45 +11:00
autofs4 Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
befs befs: annotate fs32 on tests for superblock endianness 2008-10-16 11:21:46 -07:00
bfs CRED: Wrap task credential accesses in the BFS filesystem 2008-11-14 10:38:47 +11:00
cifs Merge branch 'master' into next 2008-11-18 18:52:37 +11:00
coda coda: fix creds reference 2008-11-20 08:11:52 +11:00
configfs [PATCH] assorted path_lookup() -> kern_path() conversions 2008-10-23 05:12:52 -04:00
cramfs cramfs: fix named-pipe handling 2008-08-20 15:40:32 -07:00
debugfs integrity: special fs magic 2008-10-13 09:47:43 +11:00
devpts CRED: Wrap task credential accesses in the devpts filesystem 2008-11-14 10:38:49 +11:00
dlm dlm: fix shutdown cleanup 2008-11-13 13:22:34 -06:00
ecryptfs User namespaces: set of cleanups (v2) 2008-11-24 18:57:41 -05:00
efs [PATCH] switch all filesystems over to d_obtain_alias 2008-10-23 05:13:01 -04:00
exportfs CRED: Pass credentials through dentry_open() 2008-11-14 10:39:22 +11:00
ext2 CRED: Wrap task credential accesses in the Ext2 filesystem 2008-11-14 10:38:50 +11:00
ext3 Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
ext4 Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
fat Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
freevxfs fs/freevxfs/: proper externs 2008-04-29 08:06:00 -07:00
fuse CRED: Use RCU to access another task's creds and to release a task's own creds 2008-11-14 10:39:19 +11:00
gfs2 CRED: Wrap task credential accesses in the GFS2 filesystem 2008-11-14 10:38:53 +11:00
hfs CRED: Wrap task credential accesses in the HFS filesystem 2008-11-14 10:38:54 +11:00
hfsplus CRED: Wrap task credential accesses in the HFSplus filesystem 2008-11-14 10:38:54 +11:00
hostfs [PATCH] introduce fmode_t, do annotations 2008-10-21 07:47:06 -04:00
hpfs CRED: Wrap task credential accesses in the HPFS filesystem 2008-11-14 10:38:55 +11:00
hppfs CRED: Use creds in file structs 2008-11-14 10:39:25 +11:00
hugetlbfs CRED: Wrap current->cred and a few other accessors 2008-11-14 10:39:18 +11:00
isofs [PATCH] switch all filesystems over to d_obtain_alias 2008-10-23 05:13:01 -04:00
jbd jbd: don't give up looking for space so easily in __log_wait_for_space 2008-11-06 22:37:59 -05:00
jbd2 jbd2: don't give up looking for space so easily in __jbd2_log_wait_for_space 2008-11-06 22:38:07 -05:00
jffs2 Merge git://git.infradead.org/mtd-2.6 2008-11-06 15:43:13 -08:00
jfs CRED: Wrap task credential accesses in the JFS filesystem 2008-11-14 10:38:56 +11:00
lockd NLM: Set address family before calling nlm_host_rebooted() 2008-10-30 17:19:30 -04:00
minix CRED: Wrap task credential accesses in the Minix filesystem 2008-11-14 10:38:57 +11:00
ncpfs CRED: Wrap task credential accesses in the NCPFS filesystem 2008-11-14 10:38:58 +11:00
nfs NFS: Convert nfs_attr_generation_counter into an atomic_long 2008-10-28 15:21:40 -04:00
nfs_common
nfsd Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
nls remove CONFIG_KMOD from fs 2008-10-17 02:38:36 +11:00
ntfs [PATCH] switch all filesystems over to d_obtain_alias 2008-10-23 05:13:01 -04:00
ocfs2 Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
omfs CRED: Wrap task credential accesses in the OMFS filesystem 2008-11-14 10:38:59 +11:00
openpromfs [PATCH] fix ->llseek for more directories 2008-10-23 05:13:21 -04:00
partitions [PATCH] sanitize blkdev_get() and friends 2008-10-21 07:49:06 -04:00
proc Merge branch 'master' into next 2008-11-18 18:52:37 +11:00
qnx4 SL*B: drop kmem cache argument from constructor 2008-07-26 12:00:07 -07:00
ramfs CRED: Wrap task credential accesses in the RAMFS filesystem 2008-11-14 10:39:00 +11:00
reiserfs CRED: Wrap task credential accesses in the ReiserFS filesystem 2008-11-14 10:39:01 +11:00
romfs romfs_readpage: don't report errors for pages beyond i_size 2008-07-30 14:30:34 -07:00
smbfs CRED: Wrap current->cred and a few other accessors 2008-11-14 10:39:18 +11:00
sysfs [PATCH] fix ->llseek for more directories 2008-10-23 05:13:21 -04:00
sysv CRED: Wrap task credential accesses in the SYSV filesystem 2008-11-14 10:39:02 +11:00
ubifs CRED: Wrap task credential accesses in the UBIFS filesystem 2008-11-14 10:39:03 +11:00
udf CRED: Wrap task credential accesses in the UDF filesystem 2008-11-14 10:39:03 +11:00
ufs CRED: Wrap task credential accesses in the UFS filesystem 2008-11-14 10:39:04 +11:00
xfs Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
aio.c [PATCH] f_count may wrap around 2008-07-26 20:53:40 -04:00
anon_inodes.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
attr.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
bad_inode.c [PATCH] sanitize ->permission() prototype 2008-07-26 20:53:14 -04:00
binfmt_aout.c CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00
binfmt_elf.c CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00
binfmt_elf_fdpic.c CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00
binfmt_em86.c Allow recursion in binfmt_script and binfmt_misc 2008-10-16 11:21:38 -07:00
binfmt_flat.c CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00
binfmt_misc.c Allow recursion in binfmt_script and binfmt_misc 2008-10-16 11:21:38 -07:00
binfmt_script.c Allow recursion in binfmt_script and binfmt_misc 2008-10-16 11:21:38 -07:00
binfmt_som.c CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00
bio-integrity.c block: Introduce integrity data ownership flag 2008-10-09 08:56:21 +02:00
bio.c block: mark bio_split_pool static 2008-10-09 08:57:05 +02:00
block_dev.c block: fix __blkdev_get() for removable devices 2008-11-06 08:41:56 +01:00
buffer.c fs: buffer lock use lock bitops 2008-10-20 08:52:32 -07:00
char_dev.c [PATCH] tidy up chrdev_open 2008-10-23 05:12:59 -04:00
compat.c CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00
compat_binfmt_elf.c
compat_ioctl.c remove unused #include <linux/dirent.h>'s 2008-07-25 10:53:34 -07:00
dcache.c [PATCH] fs: add a sanity check in d_free 2008-10-23 05:17:12 -04:00
dcookies.c d_path: Make d_path() use a struct path 2008-02-14 21:17:09 -08:00
direct-io.c Remove Andrew Morton's old email accounts 2008-10-16 11:21:32 -07:00
dnotify.c [PATCH] split linux/file.h 2008-05-01 13:08:16 -04:00
dquot.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
drop_caches.c vfs: skip inodes without pages to free in drop_pagecache_sb() 2008-04-29 08:06:05 -07:00
eventfd.c flag parameters: check magic constants 2008-07-24 10:47:29 -07:00
eventpoll.c epoll: avoid double-inserts in case of EFAULT 2008-10-26 12:09:49 -07:00
exec.c CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00
fcntl.c CRED: Use RCU to access another task's creds and to release a task's own creds 2008-11-14 10:39:19 +11:00
fifo.c [PATCH] introduce fmode_t, do annotations 2008-10-21 07:47:06 -04:00
file.c [PATCH] merge locate_fd() and get_unused_fd() 2008-08-01 11:25:23 -04:00
file_table.c CRED: Use creds in file structs 2008-11-14 10:39:25 +11:00
filesystems.c proc: move /proc/filesystems to fs/filesystems.c 2008-10-23 14:27:09 +04:00
fs-writeback.c Remove Andrew Morton's old email accounts 2008-10-16 11:21:32 -07:00
generic_acl.c
inode.c fs/inode.c: properly init address_space->writeback_index 2008-08-15 08:35:44 -07:00
inotify.c Fix inotify watch removal/umount races 2008-11-15 12:26:44 -08:00
inotify_user.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
internal.h CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00
ioctl.c provide generic_block_fiemap() only with BLOCK=y 2008-10-12 11:44:37 -07:00
ioprio.c CRED: Use RCU to access another task's creds and to release a task's own creds 2008-11-14 10:39:19 +11:00
Kconfig [patch 1/3] FS_MBCACHE: don't needlessly make it built-in 2008-10-23 05:13:26 -04:00
Kconfig.binfmt add CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS 2008-10-20 08:52:39 -07:00
libfs.c fs: remove prepare_write/commit_write 2008-10-30 11:38:45 -07:00
locks.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
Makefile fat: move fs/vfat/* and fs/msdos/* to fs/fat 2008-11-06 15:41:20 -08:00
mbcache.c vfs: fix possible deadlock in ext2, ext3, ext4 when using xattrs 2008-04-15 19:35:41 -07:00
mpage.c Remove Andrew Morton's old email accounts 2008-10-16 11:21:32 -07:00
namei.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
namespace.c Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
nfsctl.c nfsctl: add headers for credentials 2008-11-20 08:11:55 +11:00
no-block.c
open.c CRED: Inaugurate COW credentials 2008-11-14 10:39:23 +11:00
pipe.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
pnode.c [patch 7/7] vfs: mountinfo: show dominating group id 2008-04-23 00:05:09 -04:00
pnode.h [patch 7/7] vfs: mountinfo: show dominating group id 2008-04-23 00:05:09 -04:00
posix_acl.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
quota.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
quota_v1.c quota: move function-macros from quota.h to quotaops.h 2008-07-25 10:53:35 -07:00
quota_v2.c quota: move function-macros from quota.h to quotaops.h 2008-07-25 10:53:35 -07:00
read_write.c [PATCH] generic_file_llseek tidyups 2008-10-23 05:12:59 -04:00
read_write.h
readdir.c [PATCH] prepare vfs_readdir() callers to returning filldir result 2008-10-23 05:13:10 -04:00
select.c select: deal with math overflow from borderline valid userland data 2008-10-26 11:22:08 -07:00
seq_file.c seq_file: add seq_cpumask_list(), seq_nodemask_list() 2008-10-20 08:52:39 -07:00
signalfd.c flag parameters: check magic constants 2008-07-24 10:47:29 -07:00
splice.c fs: remove prepare_write/commit_write 2008-10-30 11:38:45 -07:00
stack.c
stat.c [PATCH] sanitize __user_walk_fd() et.al. 2008-07-26 20:53:34 -04:00
super.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/viro/bdev 2008-10-23 10:23:07 -07:00
sync.c SYNC_FILE_RANGE_WRITE may and will block. Document that. 2008-07-24 10:47:17 -07:00
timerfd.c hrtimer: convert timerfd to the new hrtimer apis 2008-09-05 21:35:09 -07:00
utimes.c [PATCH] sanitize __user_walk_fd() et.al. 2008-07-26 20:53:34 -04:00
xattr.c [PATCH] sanitize __user_walk_fd() et.al. 2008-07-26 20:53:34 -04:00
xattr_acl.c