diff options
author | David Howells <dhowells@redhat.com> | 2008-11-14 10:39:20 +1100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-14 10:39:20 +1100 |
commit | bb952bb98a7e479262c7eb25d5592545a3af147d (patch) | |
tree | 9a2158c07a22a5fbddcec412944d2e7534eecc8f /include/linux/cred.h | |
parent | 275bb41e9d058fbb327e7642f077e1beaeac162e (diff) | |
download | linux-bb952bb98a7e479262c7eb25d5592545a3af147d.tar.gz linux-bb952bb98a7e479262c7eb25d5592545a3af147d.tar.bz2 linux-bb952bb98a7e479262c7eb25d5592545a3af147d.zip |
CRED: Separate per-task-group keyrings from signal_struct
Separate per-task-group keyrings from signal_struct and dangle their anchor
from the cred struct rather than the signal_struct.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux/cred.h')
-rw-r--r-- | include/linux/cred.h | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/include/linux/cred.h b/include/linux/cred.h index 166ce4ddba64..62b9e532422d 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -72,6 +72,21 @@ extern int in_group_p(gid_t); extern int in_egroup_p(gid_t); /* + * The common credentials for a thread group + * - shared by CLONE_THREAD + */ +#ifdef CONFIG_KEYS +struct thread_group_cred { + atomic_t usage; + pid_t tgid; /* thread group process ID */ + spinlock_t lock; + struct key *session_keyring; /* keyring inherited over fork */ + struct key *process_keyring; /* keyring private to this process */ + struct rcu_head rcu; /* RCU deletion hook */ +}; +#endif + +/* * The security context of a task * * The parts of the context break down into two categories: @@ -114,6 +129,7 @@ struct cred { * keys to */ struct key *thread_keyring; /* keyring private to this thread */ struct key *request_key_auth; /* assumed request_key authority */ + struct thread_group_cred *tgcred; /* thread-group shared credentials */ #endif #ifdef CONFIG_SECURITY void *security; /* subjective LSM security */ |