lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 27 Apr 2011 14:34:09 +0200
From:	Roberto Sassu <roberto.sassu@...ito.it>
To:	linux-security-module@...r.kernel.org
Cc:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	dhowells@...hat.com, jmorris@...ei.org, zohar@...ux.vnet.ibm.com,
	safford@...son.ibm.com, tyhicks@...ux.vnet.ibm.com,
	kirkland@...onical.com, ecryptfs-devel@...ts.launchpad.net,
	casey@...aufler-ca.com, eparis@...hat.com, sds@...ho.nsa.gov,
	selinux@...ho.nsa.gov, viro@...iv.linux.org.uk,
	Roberto Sassu <roberto.sassu@...ito.it>
Subject: [RFC][PATCH 1/7] fs: initialize file->f_cred with credentials provided

The 'f_cred' field of a file descriptor is initialized with the credentials
of the 'current' process except in the case they are provided to the
function dentry_open(). The get_empty_filp() function's definition has been
modified to take these credentials set as argument.

Signed-off-by: Roberto Sassu <roberto.sassu@...ito.it>
---
 fs/file_table.c |    5 ++---
 fs/internal.h   |    2 +-
 fs/namei.c      |    2 +-
 fs/open.c       |    2 +-
 4 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/fs/file_table.c b/fs/file_table.c
index 01e4c1e..c33018c 100644
--- a/fs/file_table.c
+++ b/fs/file_table.c
@@ -102,9 +102,8 @@ int proc_nr_files(ctl_table *table, int write,
  * done, you will imbalance int the mount's writer count
  * and a warning at __fput() time.
  */
-struct file *get_empty_filp(void)
+struct file *get_empty_filp(const struct cred *cred)
 {
-	const struct cred *cred = current_cred();
 	static long old_max;
 	struct file * f;
 
@@ -171,7 +170,7 @@ struct file *alloc_file(struct path *path, fmode_t mode,
 {
 	struct file *file;
 
-	file = get_empty_filp();
+	file = get_empty_filp(current_cred());
 	if (!file)
 		return NULL;
 
diff --git a/fs/internal.h b/fs/internal.h
index b29c46e..c81fc62 100644
--- a/fs/internal.h
+++ b/fs/internal.h
@@ -91,7 +91,7 @@ extern void chroot_fs_refs(struct path *, struct path *);
 extern void file_sb_list_add(struct file *f, struct super_block *sb);
 extern void file_sb_list_del(struct file *f);
 extern void mark_files_ro(struct super_block *);
-extern struct file *get_empty_filp(void);
+extern struct file *get_empty_filp(const struct cred *cred);
 
 /*
  * super.c
diff --git a/fs/namei.c b/fs/namei.c
index 54fc993..88ac2e5 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2321,7 +2321,7 @@ static struct file *path_openat(int dfd, const char *pathname,
 	struct path path;
 	int error;
 
-	filp = get_empty_filp();
+	filp = get_empty_filp(current_cred());
 	if (!filp)
 		return ERR_PTR(-ENFILE);
 
diff --git a/fs/open.c b/fs/open.c
index b52cf01..6b033e6 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -839,7 +839,7 @@ struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags,
 	BUG_ON(!mnt);
 
 	error = -ENFILE;
-	f = get_empty_filp();
+	f = get_empty_filp(cred);
 	if (f == NULL) {
 		dput(dentry);
 		mntput(mnt);
-- 
1.7.4.4


Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (2061 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ