ocfs2: remove unnecessary dentry_unhash on rmdir/rename_dir
[linux-2.6.git] / security / keys / process_keys.c
1 /* Manage a process's keyrings
2  *
3  * Copyright (C) 2004-2005, 2008 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version
9  * 2 of the License, or (at your option) any later version.
10  */
11
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/sched.h>
15 #include <linux/keyctl.h>
16 #include <linux/fs.h>
17 #include <linux/err.h>
18 #include <linux/mutex.h>
19 #include <linux/security.h>
20 #include <linux/user_namespace.h>
21 #include <asm/uaccess.h>
22 #include "internal.h"
23
24 /* Session keyring create vs join semaphore */
25 static DEFINE_MUTEX(key_session_mutex);
26
27 /* User keyring creation semaphore */
28 static DEFINE_MUTEX(key_user_keyring_mutex);
29
30 /* The root user's tracking struct */
31 struct key_user root_key_user = {
32         .usage          = ATOMIC_INIT(3),
33         .cons_lock      = __MUTEX_INITIALIZER(root_key_user.cons_lock),
34         .lock           = __SPIN_LOCK_UNLOCKED(root_key_user.lock),
35         .nkeys          = ATOMIC_INIT(2),
36         .nikeys         = ATOMIC_INIT(2),
37         .uid            = 0,
38         .user_ns        = &init_user_ns,
39 };
40
41 /*
42  * Install the user and user session keyrings for the current process's UID.
43  */
44 int install_user_keyrings(void)
45 {
46         struct user_struct *user;
47         const struct cred *cred;
48         struct key *uid_keyring, *session_keyring;
49         char buf[20];
50         int ret;
51
52         cred = current_cred();
53         user = cred->user;
54
55         kenter("%p{%u}", user, user->uid);
56
57         if (user->uid_keyring) {
58                 kleave(" = 0 [exist]");
59                 return 0;
60         }
61
62         mutex_lock(&key_user_keyring_mutex);
63         ret = 0;
64
65         if (!user->uid_keyring) {
66                 /* get the UID-specific keyring
67                  * - there may be one in existence already as it may have been
68                  *   pinned by a session, but the user_struct pointing to it
69                  *   may have been destroyed by setuid */
70                 sprintf(buf, "_uid.%u", user->uid);
71
72                 uid_keyring = find_keyring_by_name(buf, true);
73                 if (IS_ERR(uid_keyring)) {
74                         uid_keyring = keyring_alloc(buf, user->uid, (gid_t) -1,
75                                                     cred, KEY_ALLOC_IN_QUOTA,
76                                                     NULL);
77                         if (IS_ERR(uid_keyring)) {
78                                 ret = PTR_ERR(uid_keyring);
79                                 goto error;
80                         }
81                 }
82
83                 /* get a default session keyring (which might also exist
84                  * already) */
85                 sprintf(buf, "_uid_ses.%u", user->uid);
86
87                 session_keyring = find_keyring_by_name(buf, true);
88                 if (IS_ERR(session_keyring)) {
89                         session_keyring =
90                                 keyring_alloc(buf, user->uid, (gid_t) -1,
91                                               cred, KEY_ALLOC_IN_QUOTA, NULL);
92                         if (IS_ERR(session_keyring)) {
93                                 ret = PTR_ERR(session_keyring);
94                                 goto error_release;
95                         }
96
97                         /* we install a link from the user session keyring to
98                          * the user keyring */
99                         ret = key_link(session_keyring, uid_keyring);
100                         if (ret < 0)
101                                 goto error_release_both;
102                 }
103
104                 /* install the keyrings */
105                 user->uid_keyring = uid_keyring;
106                 user->session_keyring = session_keyring;
107         }
108
109         mutex_unlock(&key_user_keyring_mutex);
110         kleave(" = 0");
111         return 0;
112
113 error_release_both:
114         key_put(session_keyring);
115 error_release:
116         key_put(uid_keyring);
117 error:
118         mutex_unlock(&key_user_keyring_mutex);
119         kleave(" = %d", ret);
120         return ret;
121 }
122
123 /*
124  * Install a fresh thread keyring directly to new credentials.  This keyring is
125  * allowed to overrun the quota.
126  */
127 int install_thread_keyring_to_cred(struct cred *new)
128 {
129         struct key *keyring;
130
131         keyring = keyring_alloc("_tid", new->uid, new->gid, new,
132                                 KEY_ALLOC_QUOTA_OVERRUN, NULL);
133         if (IS_ERR(keyring))
134                 return PTR_ERR(keyring);
135
136         new->thread_keyring = keyring;
137         return 0;
138 }
139
140 /*
141  * Install a fresh thread keyring, discarding the old one.
142  */
143 static int install_thread_keyring(void)
144 {
145         struct cred *new;
146         int ret;
147
148         new = prepare_creds();
149         if (!new)
150                 return -ENOMEM;
151
152         BUG_ON(new->thread_keyring);
153
154         ret = install_thread_keyring_to_cred(new);
155         if (ret < 0) {
156                 abort_creds(new);
157                 return ret;
158         }
159
160         return commit_creds(new);
161 }
162
163 /*
164  * Install a process keyring directly to a credentials struct.
165  *
166  * Returns -EEXIST if there was already a process keyring, 0 if one installed,
167  * and other value on any other error
168  */
169 int install_process_keyring_to_cred(struct cred *new)
170 {
171         struct key *keyring;
172         int ret;
173
174         if (new->tgcred->process_keyring)
175                 return -EEXIST;
176
177         keyring = keyring_alloc("_pid", new->uid, new->gid,
178                                 new, KEY_ALLOC_QUOTA_OVERRUN, NULL);
179         if (IS_ERR(keyring))
180                 return PTR_ERR(keyring);
181
182         spin_lock_irq(&new->tgcred->lock);
183         if (!new->tgcred->process_keyring) {
184                 new->tgcred->process_keyring = keyring;
185                 keyring = NULL;
186                 ret = 0;
187         } else {
188                 ret = -EEXIST;
189         }
190         spin_unlock_irq(&new->tgcred->lock);
191         key_put(keyring);
192         return ret;
193 }
194
195 /*
196  * Make sure a process keyring is installed for the current process.  The
197  * existing process keyring is not replaced.
198  *
199  * Returns 0 if there is a process keyring by the end of this function, some
200  * error otherwise.
201  */
202 static int install_process_keyring(void)
203 {
204         struct cred *new;
205         int ret;
206
207         new = prepare_creds();
208         if (!new)
209                 return -ENOMEM;
210
211         ret = install_process_keyring_to_cred(new);
212         if (ret < 0) {
213                 abort_creds(new);
214                 return ret != -EEXIST ? ret : 0;
215         }
216
217         return commit_creds(new);
218 }
219
220 /*
221  * Install a session keyring directly to a credentials struct.
222  */
223 int install_session_keyring_to_cred(struct cred *cred, struct key *keyring)
224 {
225         unsigned long flags;
226         struct key *old;
227
228         might_sleep();
229
230         /* create an empty session keyring */
231         if (!keyring) {
232                 flags = KEY_ALLOC_QUOTA_OVERRUN;
233                 if (cred->tgcred->session_keyring)
234                         flags = KEY_ALLOC_IN_QUOTA;
235
236                 keyring = keyring_alloc("_ses", cred->uid, cred->gid,
237                                         cred, flags, NULL);
238                 if (IS_ERR(keyring))
239                         return PTR_ERR(keyring);
240         } else {
241                 atomic_inc(&keyring->usage);
242         }
243
244         /* install the keyring */
245         spin_lock_irq(&cred->tgcred->lock);
246         old = cred->tgcred->session_keyring;
247         rcu_assign_pointer(cred->tgcred->session_keyring, keyring);
248         spin_unlock_irq(&cred->tgcred->lock);
249
250         /* we're using RCU on the pointer, but there's no point synchronising
251          * on it if it didn't previously point to anything */
252         if (old) {
253                 synchronize_rcu();
254                 key_put(old);
255         }
256
257         return 0;
258 }
259
260 /*
261  * Install a session keyring, discarding the old one.  If a keyring is not
262  * supplied, an empty one is invented.
263  */
264 static int install_session_keyring(struct key *keyring)
265 {
266         struct cred *new;
267         int ret;
268
269         new = prepare_creds();
270         if (!new)
271                 return -ENOMEM;
272
273         ret = install_session_keyring_to_cred(new, NULL);
274         if (ret < 0) {
275                 abort_creds(new);
276                 return ret;
277         }
278
279         return commit_creds(new);
280 }
281
282 /*
283  * Handle the fsuid changing.
284  */
285 void key_fsuid_changed(struct task_struct *tsk)
286 {
287         /* update the ownership of the thread keyring */
288         BUG_ON(!tsk->cred);
289         if (tsk->cred->thread_keyring) {
290                 down_write(&tsk->cred->thread_keyring->sem);
291                 tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
292                 up_write(&tsk->cred->thread_keyring->sem);
293         }
294 }
295
296 /*
297  * Handle the fsgid changing.
298  */
299 void key_fsgid_changed(struct task_struct *tsk)
300 {
301         /* update the ownership of the thread keyring */
302         BUG_ON(!tsk->cred);
303         if (tsk->cred->thread_keyring) {
304                 down_write(&tsk->cred->thread_keyring->sem);
305                 tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
306                 up_write(&tsk->cred->thread_keyring->sem);
307         }
308 }
309
310 /*
311  * Search the process keyrings attached to the supplied cred for the first
312  * matching key.
313  *
314  * The search criteria are the type and the match function.  The description is
315  * given to the match function as a parameter, but doesn't otherwise influence
316  * the search.  Typically the match function will compare the description
317  * parameter to the key's description.
318  *
319  * This can only search keyrings that grant Search permission to the supplied
320  * credentials.  Keyrings linked to searched keyrings will also be searched if
321  * they grant Search permission too.  Keys can only be found if they grant
322  * Search permission to the credentials.
323  *
324  * Returns a pointer to the key with the key usage count incremented if
325  * successful, -EAGAIN if we didn't find any matching key or -ENOKEY if we only
326  * matched negative keys.
327  *
328  * In the case of a successful return, the possession attribute is set on the
329  * returned key reference.
330  */
331 key_ref_t search_my_process_keyrings(struct key_type *type,
332                                      const void *description,
333                                      key_match_func_t match,
334                                      const struct cred *cred)
335 {
336         key_ref_t key_ref, ret, err;
337
338         /* we want to return -EAGAIN or -ENOKEY if any of the keyrings were
339          * searchable, but we failed to find a key or we found a negative key;
340          * otherwise we want to return a sample error (probably -EACCES) if
341          * none of the keyrings were searchable
342          *
343          * in terms of priority: success > -ENOKEY > -EAGAIN > other error
344          */
345         key_ref = NULL;
346         ret = NULL;
347         err = ERR_PTR(-EAGAIN);
348
349         /* search the thread keyring first */
350         if (cred->thread_keyring) {
351                 key_ref = keyring_search_aux(
352                         make_key_ref(cred->thread_keyring, 1),
353                         cred, type, description, match);
354                 if (!IS_ERR(key_ref))
355                         goto found;
356
357                 switch (PTR_ERR(key_ref)) {
358                 case -EAGAIN: /* no key */
359                         if (ret)
360                                 break;
361                 case -ENOKEY: /* negative key */
362                         ret = key_ref;
363                         break;
364                 default:
365                         err = key_ref;
366                         break;
367                 }
368         }
369
370         /* search the process keyring second */
371         if (cred->tgcred->process_keyring) {
372                 key_ref = keyring_search_aux(
373                         make_key_ref(cred->tgcred->process_keyring, 1),
374                         cred, type, description, match);
375                 if (!IS_ERR(key_ref))
376                         goto found;
377
378                 switch (PTR_ERR(key_ref)) {
379                 case -EAGAIN: /* no key */
380                         if (ret)
381                                 break;
382                 case -ENOKEY: /* negative key */
383                         ret = key_ref;
384                         break;
385                 default:
386                         err = key_ref;
387                         break;
388                 }
389         }
390
391         /* search the session keyring */
392         if (cred->tgcred->session_keyring) {
393                 rcu_read_lock();
394                 key_ref = keyring_search_aux(
395                         make_key_ref(rcu_dereference(
396                                              cred->tgcred->session_keyring),
397                                      1),
398                         cred, type, description, match);
399                 rcu_read_unlock();
400
401                 if (!IS_ERR(key_ref))
402                         goto found;
403
404                 switch (PTR_ERR(key_ref)) {
405                 case -EAGAIN: /* no key */
406                         if (ret)
407                                 break;
408                 case -ENOKEY: /* negative key */
409                         ret = key_ref;
410                         break;
411                 default:
412                         err = key_ref;
413                         break;
414                 }
415         }
416         /* or search the user-session keyring */
417         else if (cred->user->session_keyring) {
418                 key_ref = keyring_search_aux(
419                         make_key_ref(cred->user->session_keyring, 1),
420                         cred, type, description, match);
421                 if (!IS_ERR(key_ref))
422                         goto found;
423
424                 switch (PTR_ERR(key_ref)) {
425                 case -EAGAIN: /* no key */
426                         if (ret)
427                                 break;
428                 case -ENOKEY: /* negative key */
429                         ret = key_ref;
430                         break;
431                 default:
432                         err = key_ref;
433                         break;
434                 }
435         }
436
437         /* no key - decide on the error we're going to go for */
438         key_ref = ret ? ret : err;
439
440 found:
441         return key_ref;
442 }
443
444 /*
445  * Search the process keyrings attached to the supplied cred for the first
446  * matching key in the manner of search_my_process_keyrings(), but also search
447  * the keys attached to the assumed authorisation key using its credentials if
448  * one is available.
449  *
450  * Return same as search_my_process_keyrings().
451  */
452 key_ref_t search_process_keyrings(struct key_type *type,
453                                   const void *description,
454                                   key_match_func_t match,
455                                   const struct cred *cred)
456 {
457         struct request_key_auth *rka;
458         key_ref_t key_ref, ret = ERR_PTR(-EACCES), err;
459
460         might_sleep();
461
462         key_ref = search_my_process_keyrings(type, description, match, cred);
463         if (!IS_ERR(key_ref))
464                 goto found;
465         err = key_ref;
466
467         /* if this process has an instantiation authorisation key, then we also
468          * search the keyrings of the process mentioned there
469          * - we don't permit access to request_key auth keys via this method
470          */
471         if (cred->request_key_auth &&
472             cred == current_cred() &&
473             type != &key_type_request_key_auth
474             ) {
475                 /* defend against the auth key being revoked */
476                 down_read(&cred->request_key_auth->sem);
477
478                 if (key_validate(cred->request_key_auth) == 0) {
479                         rka = cred->request_key_auth->payload.data;
480
481                         key_ref = search_process_keyrings(type, description,
482                                                           match, rka->cred);
483
484                         up_read(&cred->request_key_auth->sem);
485
486                         if (!IS_ERR(key_ref))
487                                 goto found;
488
489                         ret = key_ref;
490                 } else {
491                         up_read(&cred->request_key_auth->sem);
492                 }
493         }
494
495         /* no key - decide on the error we're going to go for */
496         if (err == ERR_PTR(-ENOKEY) || ret == ERR_PTR(-ENOKEY))
497                 key_ref = ERR_PTR(-ENOKEY);
498         else if (err == ERR_PTR(-EACCES))
499                 key_ref = ret;
500         else
501                 key_ref = err;
502
503 found:
504         return key_ref;
505 }
506
507 /*
508  * See if the key we're looking at is the target key.
509  */
510 int lookup_user_key_possessed(const struct key *key, const void *target)
511 {
512         return key == target;
513 }
514
515 /*
516  * Look up a key ID given us by userspace with a given permissions mask to get
517  * the key it refers to.
518  *
519  * Flags can be passed to request that special keyrings be created if referred
520  * to directly, to permit partially constructed keys to be found and to skip
521  * validity and permission checks on the found key.
522  *
523  * Returns a pointer to the key with an incremented usage count if successful;
524  * -EINVAL if the key ID is invalid; -ENOKEY if the key ID does not correspond
525  * to a key or the best found key was a negative key; -EKEYREVOKED or
526  * -EKEYEXPIRED if the best found key was revoked or expired; -EACCES if the
527  * found key doesn't grant the requested permit or the LSM denied access to it;
528  * or -ENOMEM if a special keyring couldn't be created.
529  *
530  * In the case of a successful return, the possession attribute is set on the
531  * returned key reference.
532  */
533 key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
534                           key_perm_t perm)
535 {
536         struct request_key_auth *rka;
537         const struct cred *cred;
538         struct key *key;
539         key_ref_t key_ref, skey_ref;
540         int ret;
541
542 try_again:
543         cred = get_current_cred();
544         key_ref = ERR_PTR(-ENOKEY);
545
546         switch (id) {
547         case KEY_SPEC_THREAD_KEYRING:
548                 if (!cred->thread_keyring) {
549                         if (!(lflags & KEY_LOOKUP_CREATE))
550                                 goto error;
551
552                         ret = install_thread_keyring();
553                         if (ret < 0) {
554                                 key_ref = ERR_PTR(ret);
555                                 goto error;
556                         }
557                         goto reget_creds;
558                 }
559
560                 key = cred->thread_keyring;
561                 atomic_inc(&key->usage);
562                 key_ref = make_key_ref(key, 1);
563                 break;
564
565         case KEY_SPEC_PROCESS_KEYRING:
566                 if (!cred->tgcred->process_keyring) {
567                         if (!(lflags & KEY_LOOKUP_CREATE))
568                                 goto error;
569
570                         ret = install_process_keyring();
571                         if (ret < 0) {
572                                 key_ref = ERR_PTR(ret);
573                                 goto error;
574                         }
575                         goto reget_creds;
576                 }
577
578                 key = cred->tgcred->process_keyring;
579                 atomic_inc(&key->usage);
580                 key_ref = make_key_ref(key, 1);
581                 break;
582
583         case KEY_SPEC_SESSION_KEYRING:
584                 if (!cred->tgcred->session_keyring) {
585                         /* always install a session keyring upon access if one
586                          * doesn't exist yet */
587                         ret = install_user_keyrings();
588                         if (ret < 0)
589                                 goto error;
590                         ret = install_session_keyring(
591                                 cred->user->session_keyring);
592
593                         if (ret < 0)
594                                 goto error;
595                         goto reget_creds;
596                 }
597
598                 rcu_read_lock();
599                 key = rcu_dereference(cred->tgcred->session_keyring);
600                 atomic_inc(&key->usage);
601                 rcu_read_unlock();
602                 key_ref = make_key_ref(key, 1);
603                 break;
604
605         case KEY_SPEC_USER_KEYRING:
606                 if (!cred->user->uid_keyring) {
607                         ret = install_user_keyrings();
608                         if (ret < 0)
609                                 goto error;
610                 }
611
612                 key = cred->user->uid_keyring;
613                 atomic_inc(&key->usage);
614                 key_ref = make_key_ref(key, 1);
615                 break;
616
617         case KEY_SPEC_USER_SESSION_KEYRING:
618                 if (!cred->user->session_keyring) {
619                         ret = install_user_keyrings();
620                         if (ret < 0)
621                                 goto error;
622                 }
623
624                 key = cred->user->session_keyring;
625                 atomic_inc(&key->usage);
626                 key_ref = make_key_ref(key, 1);
627                 break;
628
629         case KEY_SPEC_GROUP_KEYRING:
630                 /* group keyrings are not yet supported */
631                 key_ref = ERR_PTR(-EINVAL);
632                 goto error;
633
634         case KEY_SPEC_REQKEY_AUTH_KEY:
635                 key = cred->request_key_auth;
636                 if (!key)
637                         goto error;
638
639                 atomic_inc(&key->usage);
640                 key_ref = make_key_ref(key, 1);
641                 break;
642
643         case KEY_SPEC_REQUESTOR_KEYRING:
644                 if (!cred->request_key_auth)
645                         goto error;
646
647                 down_read(&cred->request_key_auth->sem);
648                 if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) {
649                         key_ref = ERR_PTR(-EKEYREVOKED);
650                         key = NULL;
651                 } else {
652                         rka = cred->request_key_auth->payload.data;
653                         key = rka->dest_keyring;
654                         atomic_inc(&key->usage);
655                 }
656                 up_read(&cred->request_key_auth->sem);
657                 if (!key)
658                         goto error;
659                 key_ref = make_key_ref(key, 1);
660                 break;
661
662         default:
663                 key_ref = ERR_PTR(-EINVAL);
664                 if (id < 1)
665                         goto error;
666
667                 key = key_lookup(id);
668                 if (IS_ERR(key)) {
669                         key_ref = ERR_CAST(key);
670                         goto error;
671                 }
672
673                 key_ref = make_key_ref(key, 0);
674
675                 /* check to see if we possess the key */
676                 skey_ref = search_process_keyrings(key->type, key,
677                                                    lookup_user_key_possessed,
678                                                    cred);
679
680                 if (!IS_ERR(skey_ref)) {
681                         key_put(key);
682                         key_ref = skey_ref;
683                 }
684
685                 break;
686         }
687
688         /* unlink does not use the nominated key in any way, so can skip all
689          * the permission checks as it is only concerned with the keyring */
690         if (lflags & KEY_LOOKUP_FOR_UNLINK) {
691                 ret = 0;
692                 goto error;
693         }
694
695         if (!(lflags & KEY_LOOKUP_PARTIAL)) {
696                 ret = wait_for_key_construction(key, true);
697                 switch (ret) {
698                 case -ERESTARTSYS:
699                         goto invalid_key;
700                 default:
701                         if (perm)
702                                 goto invalid_key;
703                 case 0:
704                         break;
705                 }
706         } else if (perm) {
707                 ret = key_validate(key);
708                 if (ret < 0)
709                         goto invalid_key;
710         }
711
712         ret = -EIO;
713         if (!(lflags & KEY_LOOKUP_PARTIAL) &&
714             !test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
715                 goto invalid_key;
716
717         /* check the permissions */
718         ret = key_task_permission(key_ref, cred, perm);
719         if (ret < 0)
720                 goto invalid_key;
721
722 error:
723         put_cred(cred);
724         return key_ref;
725
726 invalid_key:
727         key_ref_put(key_ref);
728         key_ref = ERR_PTR(ret);
729         goto error;
730
731         /* if we attempted to install a keyring, then it may have caused new
732          * creds to be installed */
733 reget_creds:
734         put_cred(cred);
735         goto try_again;
736 }
737
738 /*
739  * Join the named keyring as the session keyring if possible else attempt to
740  * create a new one of that name and join that.
741  *
742  * If the name is NULL, an empty anonymous keyring will be installed as the
743  * session keyring.
744  *
745  * Named session keyrings are joined with a semaphore held to prevent the
746  * keyrings from going away whilst the attempt is made to going them and also
747  * to prevent a race in creating compatible session keyrings.
748  */
749 long join_session_keyring(const char *name)
750 {
751         const struct cred *old;
752         struct cred *new;
753         struct key *keyring;
754         long ret, serial;
755
756         /* only permit this if there's a single thread in the thread group -
757          * this avoids us having to adjust the creds on all threads and risking
758          * ENOMEM */
759         if (!current_is_single_threaded())
760                 return -EMLINK;
761
762         new = prepare_creds();
763         if (!new)
764                 return -ENOMEM;
765         old = current_cred();
766
767         /* if no name is provided, install an anonymous keyring */
768         if (!name) {
769                 ret = install_session_keyring_to_cred(new, NULL);
770                 if (ret < 0)
771                         goto error;
772
773                 serial = new->tgcred->session_keyring->serial;
774                 ret = commit_creds(new);
775                 if (ret == 0)
776                         ret = serial;
777                 goto okay;
778         }
779
780         /* allow the user to join or create a named keyring */
781         mutex_lock(&key_session_mutex);
782
783         /* look for an existing keyring of this name */
784         keyring = find_keyring_by_name(name, false);
785         if (PTR_ERR(keyring) == -ENOKEY) {
786                 /* not found - try and create a new one */
787                 keyring = keyring_alloc(name, old->uid, old->gid, old,
788                                         KEY_ALLOC_IN_QUOTA, NULL);
789                 if (IS_ERR(keyring)) {
790                         ret = PTR_ERR(keyring);
791                         goto error2;
792                 }
793         } else if (IS_ERR(keyring)) {
794                 ret = PTR_ERR(keyring);
795                 goto error2;
796         }
797
798         /* we've got a keyring - now to install it */
799         ret = install_session_keyring_to_cred(new, keyring);
800         if (ret < 0)
801                 goto error2;
802
803         commit_creds(new);
804         mutex_unlock(&key_session_mutex);
805
806         ret = keyring->serial;
807         key_put(keyring);
808 okay:
809         return ret;
810
811 error2:
812         mutex_unlock(&key_session_mutex);
813 error:
814         abort_creds(new);
815         return ret;
816 }
817
818 /*
819  * Replace a process's session keyring on behalf of one of its children when
820  * the target  process is about to resume userspace execution.
821  */
822 void key_replace_session_keyring(void)
823 {
824         const struct cred *old;
825         struct cred *new;
826
827         if (!current->replacement_session_keyring)
828                 return;
829
830         write_lock_irq(&tasklist_lock);
831         new = current->replacement_session_keyring;
832         current->replacement_session_keyring = NULL;
833         write_unlock_irq(&tasklist_lock);
834
835         if (!new)
836                 return;
837
838         old = current_cred();
839         new->  uid      = old->  uid;
840         new-> euid      = old-> euid;
841         new-> suid      = old-> suid;
842         new->fsuid      = old->fsuid;
843         new->  gid      = old->  gid;
844         new-> egid      = old-> egid;
845         new-> sgid      = old-> sgid;
846         new->fsgid      = old->fsgid;
847         new->user       = get_uid(old->user);
848         new->group_info = get_group_info(old->group_info);
849
850         new->securebits = old->securebits;
851         new->cap_inheritable    = old->cap_inheritable;
852         new->cap_permitted      = old->cap_permitted;
853         new->cap_effective      = old->cap_effective;
854         new->cap_bset           = old->cap_bset;
855
856         new->jit_keyring        = old->jit_keyring;
857         new->thread_keyring     = key_get(old->thread_keyring);
858         new->tgcred->tgid       = old->tgcred->tgid;
859         new->tgcred->process_keyring = key_get(old->tgcred->process_keyring);
860
861         security_transfer_creds(new, old);
862
863         commit_creds(new);
864 }