diff options
author | Oleg Nesterov <oleg@redhat.com> | 2010-05-26 14:43:01 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-05-27 09:12:45 -0700 |
commit | c70a626d3eba373514c72287c93588b6974a0059 (patch) | |
tree | c23b890cbbeb824e52e1eaee6812bc88496a246d | |
parent | 685bfd2c48bb3284d31e73ff3151c957d76deda9 (diff) | |
download | kernel-crypto-c70a626d3eba373514c72287c93588b6974a0059.tar.gz kernel-crypto-c70a626d3eba373514c72287c93588b6974a0059.tar.xz kernel-crypto-c70a626d3eba373514c72287c93588b6974a0059.zip |
umh: creds: kill subprocess_info->cred logic
Now that nobody ever changes subprocess_info->cred we can kill this member
and related code. ____call_usermodehelper() always runs in the context of
freshly forked kernel thread, it has the proper ->cred copied from its
parent kthread, keventd.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | include/linux/cred.h | 1 | ||||
-rw-r--r-- | include/linux/kmod.h | 1 | ||||
-rw-r--r-- | kernel/cred.c | 60 | ||||
-rw-r--r-- | kernel/kmod.c | 19 |
4 files changed, 0 insertions, 81 deletions
diff --git a/include/linux/cred.h b/include/linux/cred.h index 52507c3e138..75c0fa88130 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -156,7 +156,6 @@ extern int copy_creds(struct task_struct *, unsigned long); extern struct cred *cred_alloc_blank(void); extern struct cred *prepare_creds(void); extern struct cred *prepare_exec_creds(void); -extern struct cred *prepare_usermodehelper_creds(void); extern int commit_creds(struct cred *); extern void abort_creds(struct cred *); extern const struct cred *override_creds(const struct cred *); diff --git a/include/linux/kmod.h b/include/linux/kmod.h index d876dce217f..6efd7a78de6 100644 --- a/include/linux/kmod.h +++ b/include/linux/kmod.h @@ -56,7 +56,6 @@ enum umh_wait { struct subprocess_info { struct work_struct work; struct completion *complete; - struct cred *cred; char *path; char **argv; char **envp; diff --git a/kernel/cred.c b/kernel/cred.c index 2c24870c55d..a2d5504fbcc 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -347,66 +347,6 @@ struct cred *prepare_exec_creds(void) } /* - * prepare new credentials for the usermode helper dispatcher - */ -struct cred *prepare_usermodehelper_creds(void) -{ -#ifdef CONFIG_KEYS - struct thread_group_cred *tgcred = NULL; -#endif - struct cred *new; - -#ifdef CONFIG_KEYS - tgcred = kzalloc(sizeof(*new->tgcred), GFP_ATOMIC); - if (!tgcred) - return NULL; -#endif - - new = kmem_cache_alloc(cred_jar, GFP_ATOMIC); - if (!new) - goto free_tgcred; - - kdebug("prepare_usermodehelper_creds() alloc %p", new); - - memcpy(new, &init_cred, sizeof(struct cred)); - - atomic_set(&new->usage, 1); - set_cred_subscribers(new, 0); - get_group_info(new->group_info); - get_uid(new->user); - -#ifdef CONFIG_KEYS - new->thread_keyring = NULL; - new->request_key_auth = NULL; - new->jit_keyring = KEY_REQKEY_DEFL_DEFAULT; - - atomic_set(&tgcred->usage, 1); - spin_lock_init(&tgcred->lock); - new->tgcred = tgcred; -#endif - -#ifdef CONFIG_SECURITY - new->security = NULL; -#endif - if (security_prepare_creds(new, &init_cred, GFP_ATOMIC) < 0) - goto error; - validate_creds(new); - - BUG_ON(atomic_read(&new->usage) != 1); - return new; - -error: - put_cred(new); - return NULL; - -free_tgcred: -#ifdef CONFIG_KEYS - kfree(tgcred); -#endif - return NULL; -} - -/* * Copy credentials for the new process created by fork() * * We share if we can, but under some circumstances we have to generate a new diff --git a/kernel/kmod.c b/kernel/kmod.c index 743d3883517..6194ec2f737 100644 --- a/kernel/kmod.c +++ b/kernel/kmod.c @@ -134,8 +134,6 @@ static int ____call_usermodehelper(void *data) struct subprocess_info *sub_info = data; int retval; - BUG_ON(atomic_read(&sub_info->cred->usage) != 1); - /* Unblock all signals */ spin_lock_irq(¤t->sighand->siglock); flush_signal_handlers(current, 1); @@ -143,10 +141,6 @@ static int ____call_usermodehelper(void *data) recalc_sigpending(); spin_unlock_irq(¤t->sighand->siglock); - /* Install the credentials */ - commit_creds(sub_info->cred); - sub_info->cred = NULL; - /* We can run anywhere, unlike our parent keventd(). */ set_cpus_allowed_ptr(current, cpu_all_mask); @@ -174,8 +168,6 @@ void call_usermodehelper_freeinfo(struct subprocess_info *info) { if (info->cleanup) (*info->cleanup)(info); - if (info->cred) - put_cred(info->cred); kfree(info); } EXPORT_SYMBOL(call_usermodehelper_freeinfo); @@ -231,8 +223,6 @@ static void __call_usermodehelper(struct work_struct *work) pid_t pid; enum umh_wait wait = sub_info->wait; - BUG_ON(atomic_read(&sub_info->cred->usage) != 1); - /* CLONE_VFORK: wait until the usermode helper has execve'd * successfully We need the data structures to stay around * until that is done. */ @@ -355,12 +345,6 @@ struct subprocess_info *call_usermodehelper_setup(char *path, char **argv, sub_info->path = path; sub_info->argv = argv; sub_info->envp = envp; - sub_info->cred = prepare_usermodehelper_creds(); - if (!sub_info->cred) { - kfree(sub_info); - return NULL; - } - out: return sub_info; } @@ -411,9 +395,6 @@ int call_usermodehelper_exec(struct subprocess_info *sub_info, DECLARE_COMPLETION_ONSTACK(done); int retval = 0; - BUG_ON(atomic_read(&sub_info->cred->usage) != 1); - validate_creds(sub_info->cred); - helper_lock(); if (sub_info->path[0] == '\0') goto out; |