KEYS: Improve /proc/keys
[linux-3.10.git] / security / keys / process_keys.c
1 /* Manage a process's keyrings
2  *
3  * Copyright (C) 2004-2005, 2008 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version
9  * 2 of the License, or (at your option) any later version.
10  */
11
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/sched.h>
15 #include <linux/keyctl.h>
16 #include <linux/fs.h>
17 #include <linux/err.h>
18 #include <linux/mutex.h>
19 #include <linux/security.h>
20 #include <linux/user_namespace.h>
21 #include <asm/uaccess.h>
22 #include "internal.h"
23
24 /* Session keyring create vs join semaphore */
25 static DEFINE_MUTEX(key_session_mutex);
26
27 /* User keyring creation semaphore */
28 static DEFINE_MUTEX(key_user_keyring_mutex);
29
30 /* The root user's tracking struct */
31 struct key_user root_key_user = {
32         .usage          = ATOMIC_INIT(3),
33         .cons_lock      = __MUTEX_INITIALIZER(root_key_user.cons_lock),
34         .lock           = __SPIN_LOCK_UNLOCKED(root_key_user.lock),
35         .nkeys          = ATOMIC_INIT(2),
36         .nikeys         = ATOMIC_INIT(2),
37         .uid            = 0,
38         .user_ns        = &init_user_ns,
39 };
40
41 /*
42  * Install the user and user session keyrings for the current process's UID.
43  */
44 int install_user_keyrings(void)
45 {
46         struct user_struct *user;
47         const struct cred *cred;
48         struct key *uid_keyring, *session_keyring;
49         char buf[20];
50         int ret;
51
52         cred = current_cred();
53         user = cred->user;
54
55         kenter("%p{%u}", user, user->uid);
56
57         if (user->uid_keyring) {
58                 kleave(" = 0 [exist]");
59                 return 0;
60         }
61
62         mutex_lock(&key_user_keyring_mutex);
63         ret = 0;
64
65         if (!user->uid_keyring) {
66                 /* get the UID-specific keyring
67                  * - there may be one in existence already as it may have been
68                  *   pinned by a session, but the user_struct pointing to it
69                  *   may have been destroyed by setuid */
70                 sprintf(buf, "_uid.%u", user->uid);
71
72                 uid_keyring = find_keyring_by_name(buf, true);
73                 if (IS_ERR(uid_keyring)) {
74                         uid_keyring = keyring_alloc(buf, user->uid, (gid_t) -1,
75                                                     cred, KEY_ALLOC_IN_QUOTA,
76                                                     NULL);
77                         if (IS_ERR(uid_keyring)) {
78                                 ret = PTR_ERR(uid_keyring);
79                                 goto error;
80                         }
81                 }
82
83                 /* get a default session keyring (which might also exist
84                  * already) */
85                 sprintf(buf, "_uid_ses.%u", user->uid);
86
87                 session_keyring = find_keyring_by_name(buf, true);
88                 if (IS_ERR(session_keyring)) {
89                         session_keyring =
90                                 keyring_alloc(buf, user->uid, (gid_t) -1,
91                                               cred, KEY_ALLOC_IN_QUOTA, NULL);
92                         if (IS_ERR(session_keyring)) {
93                                 ret = PTR_ERR(session_keyring);
94                                 goto error_release;
95                         }
96
97                         /* we install a link from the user session keyring to
98                          * the user keyring */
99                         ret = key_link(session_keyring, uid_keyring);
100                         if (ret < 0)
101                                 goto error_release_both;
102                 }
103
104                 /* install the keyrings */
105                 user->uid_keyring = uid_keyring;
106                 user->session_keyring = session_keyring;
107         }
108
109         mutex_unlock(&key_user_keyring_mutex);
110         kleave(" = 0");
111         return 0;
112
113 error_release_both:
114         key_put(session_keyring);
115 error_release:
116         key_put(uid_keyring);
117 error:
118         mutex_unlock(&key_user_keyring_mutex);
119         kleave(" = %d", ret);
120         return ret;
121 }
122
123 /*
124  * Install a fresh thread keyring directly to new credentials.  This keyring is
125  * allowed to overrun the quota.
126  */
127 int install_thread_keyring_to_cred(struct cred *new)
128 {
129         struct key *keyring;
130
131         keyring = keyring_alloc("_tid", new->uid, new->gid, new,
132                                 KEY_ALLOC_QUOTA_OVERRUN, NULL);
133         if (IS_ERR(keyring))
134                 return PTR_ERR(keyring);
135
136         new->thread_keyring = keyring;
137         return 0;
138 }
139
140 /*
141  * Install a fresh thread keyring, discarding the old one.
142  */
143 static int install_thread_keyring(void)
144 {
145         struct cred *new;
146         int ret;
147
148         new = prepare_creds();
149         if (!new)
150                 return -ENOMEM;
151
152         BUG_ON(new->thread_keyring);
153
154         ret = install_thread_keyring_to_cred(new);
155         if (ret < 0) {
156                 abort_creds(new);
157                 return ret;
158         }
159
160         return commit_creds(new);
161 }
162
163 /*
164  * Install a process keyring directly to a credentials struct.
165  *
166  * Returns -EEXIST if there was already a process keyring, 0 if one installed,
167  * and other value on any other error
168  */
169 int install_process_keyring_to_cred(struct cred *new)
170 {
171         struct key *keyring;
172         int ret;
173
174         if (new->tgcred->process_keyring)
175                 return -EEXIST;
176
177         keyring = keyring_alloc("_pid", new->uid, new->gid,
178                                 new, KEY_ALLOC_QUOTA_OVERRUN, NULL);
179         if (IS_ERR(keyring))
180                 return PTR_ERR(keyring);
181
182         spin_lock_irq(&new->tgcred->lock);
183         if (!new->tgcred->process_keyring) {
184                 new->tgcred->process_keyring = keyring;
185                 keyring = NULL;
186                 ret = 0;
187         } else {
188                 ret = -EEXIST;
189         }
190         spin_unlock_irq(&new->tgcred->lock);
191         key_put(keyring);
192         return ret;
193 }
194
195 /*
196  * Make sure a process keyring is installed for the current process.  The
197  * existing process keyring is not replaced.
198  *
199  * Returns 0 if there is a process keyring by the end of this function, some
200  * error otherwise.
201  */
202 static int install_process_keyring(void)
203 {
204         struct cred *new;
205         int ret;
206
207         new = prepare_creds();
208         if (!new)
209                 return -ENOMEM;
210
211         ret = install_process_keyring_to_cred(new);
212         if (ret < 0) {
213                 abort_creds(new);
214                 return ret != -EEXIST ? ret : 0;
215         }
216
217         return commit_creds(new);
218 }
219
220 /*
221  * Install a session keyring directly to a credentials struct.
222  */
223 int install_session_keyring_to_cred(struct cred *cred, struct key *keyring)
224 {
225         unsigned long flags;
226         struct key *old;
227
228         might_sleep();
229
230         /* create an empty session keyring */
231         if (!keyring) {
232                 flags = KEY_ALLOC_QUOTA_OVERRUN;
233                 if (cred->tgcred->session_keyring)
234                         flags = KEY_ALLOC_IN_QUOTA;
235
236                 keyring = keyring_alloc("_ses", cred->uid, cred->gid,
237                                         cred, flags, NULL);
238                 if (IS_ERR(keyring))
239                         return PTR_ERR(keyring);
240         } else {
241                 atomic_inc(&keyring->usage);
242         }
243
244         /* install the keyring */
245         spin_lock_irq(&cred->tgcred->lock);
246         old = cred->tgcred->session_keyring;
247         rcu_assign_pointer(cred->tgcred->session_keyring, keyring);
248         spin_unlock_irq(&cred->tgcred->lock);
249
250         /* we're using RCU on the pointer, but there's no point synchronising
251          * on it if it didn't previously point to anything */
252         if (old) {
253                 synchronize_rcu();
254                 key_put(old);
255         }
256
257         return 0;
258 }
259
260 /*
261  * Install a session keyring, discarding the old one.  If a keyring is not
262  * supplied, an empty one is invented.
263  */
264 static int install_session_keyring(struct key *keyring)
265 {
266         struct cred *new;
267         int ret;
268
269         new = prepare_creds();
270         if (!new)
271                 return -ENOMEM;
272
273         ret = install_session_keyring_to_cred(new, NULL);
274         if (ret < 0) {
275                 abort_creds(new);
276                 return ret;
277         }
278
279         return commit_creds(new);
280 }
281
282 /*
283  * Handle the fsuid changing.
284  */
285 void key_fsuid_changed(struct task_struct *tsk)
286 {
287         /* update the ownership of the thread keyring */
288         BUG_ON(!tsk->cred);
289         if (tsk->cred->thread_keyring) {
290                 down_write(&tsk->cred->thread_keyring->sem);
291                 tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
292                 up_write(&tsk->cred->thread_keyring->sem);
293         }
294 }
295
296 /*
297  * Handle the fsgid changing.
298  */
299 void key_fsgid_changed(struct task_struct *tsk)
300 {
301         /* update the ownership of the thread keyring */
302         BUG_ON(!tsk->cred);
303         if (tsk->cred->thread_keyring) {
304                 down_write(&tsk->cred->thread_keyring->sem);
305                 tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
306                 up_write(&tsk->cred->thread_keyring->sem);
307         }
308 }
309
310 /*
311  * Search the process keyrings attached to the supplied cred for the first
312  * matching key.
313  *
314  * The search criteria are the type and the match function.  The description is
315  * given to the match function as a parameter, but doesn't otherwise influence
316  * the search.  Typically the match function will compare the description
317  * parameter to the key's description.
318  *
319  * This can only search keyrings that grant Search permission to the supplied
320  * credentials.  Keyrings linked to searched keyrings will also be searched if
321  * they grant Search permission too.  Keys can only be found if they grant
322  * Search permission to the credentials.
323  *
324  * Returns a pointer to the key with the key usage count incremented if
325  * successful, -EAGAIN if we didn't find any matching key or -ENOKEY if we only
326  * matched negative keys.
327  *
328  * In the case of a successful return, the possession attribute is set on the
329  * returned key reference.
330  */
331 key_ref_t search_my_process_keyrings(struct key_type *type,
332                                      const void *description,
333                                      key_match_func_t match,
334                                      bool no_state_check,
335                                      const struct cred *cred)
336 {
337         key_ref_t key_ref, ret, err;
338
339         /* we want to return -EAGAIN or -ENOKEY if any of the keyrings were
340          * searchable, but we failed to find a key or we found a negative key;
341          * otherwise we want to return a sample error (probably -EACCES) if
342          * none of the keyrings were searchable
343          *
344          * in terms of priority: success > -ENOKEY > -EAGAIN > other error
345          */
346         key_ref = NULL;
347         ret = NULL;
348         err = ERR_PTR(-EAGAIN);
349
350         /* search the thread keyring first */
351         if (cred->thread_keyring) {
352                 key_ref = keyring_search_aux(
353                         make_key_ref(cred->thread_keyring, 1),
354                         cred, type, description, match, no_state_check);
355                 if (!IS_ERR(key_ref))
356                         goto found;
357
358                 switch (PTR_ERR(key_ref)) {
359                 case -EAGAIN: /* no key */
360                         if (ret)
361                                 break;
362                 case -ENOKEY: /* negative key */
363                         ret = key_ref;
364                         break;
365                 default:
366                         err = key_ref;
367                         break;
368                 }
369         }
370
371         /* search the process keyring second */
372         if (cred->tgcred->process_keyring) {
373                 key_ref = keyring_search_aux(
374                         make_key_ref(cred->tgcred->process_keyring, 1),
375                         cred, type, description, match, no_state_check);
376                 if (!IS_ERR(key_ref))
377                         goto found;
378
379                 switch (PTR_ERR(key_ref)) {
380                 case -EAGAIN: /* no key */
381                         if (ret)
382                                 break;
383                 case -ENOKEY: /* negative key */
384                         ret = key_ref;
385                         break;
386                 default:
387                         err = key_ref;
388                         break;
389                 }
390         }
391
392         /* search the session keyring */
393         if (cred->tgcred->session_keyring) {
394                 rcu_read_lock();
395                 key_ref = keyring_search_aux(
396                         make_key_ref(rcu_dereference(
397                                              cred->tgcred->session_keyring),
398                                      1),
399                         cred, type, description, match, no_state_check);
400                 rcu_read_unlock();
401
402                 if (!IS_ERR(key_ref))
403                         goto found;
404
405                 switch (PTR_ERR(key_ref)) {
406                 case -EAGAIN: /* no key */
407                         if (ret)
408                                 break;
409                 case -ENOKEY: /* negative key */
410                         ret = key_ref;
411                         break;
412                 default:
413                         err = key_ref;
414                         break;
415                 }
416         }
417         /* or search the user-session keyring */
418         else if (cred->user->session_keyring) {
419                 key_ref = keyring_search_aux(
420                         make_key_ref(cred->user->session_keyring, 1),
421                         cred, type, description, match, no_state_check);
422                 if (!IS_ERR(key_ref))
423                         goto found;
424
425                 switch (PTR_ERR(key_ref)) {
426                 case -EAGAIN: /* no key */
427                         if (ret)
428                                 break;
429                 case -ENOKEY: /* negative key */
430                         ret = key_ref;
431                         break;
432                 default:
433                         err = key_ref;
434                         break;
435                 }
436         }
437
438         /* no key - decide on the error we're going to go for */
439         key_ref = ret ? ret : err;
440
441 found:
442         return key_ref;
443 }
444
445 /*
446  * Search the process keyrings attached to the supplied cred for the first
447  * matching key in the manner of search_my_process_keyrings(), but also search
448  * the keys attached to the assumed authorisation key using its credentials if
449  * one is available.
450  *
451  * Return same as search_my_process_keyrings().
452  */
453 key_ref_t search_process_keyrings(struct key_type *type,
454                                   const void *description,
455                                   key_match_func_t match,
456                                   const struct cred *cred)
457 {
458         struct request_key_auth *rka;
459         key_ref_t key_ref, ret = ERR_PTR(-EACCES), err;
460
461         might_sleep();
462
463         key_ref = search_my_process_keyrings(type, description, match,
464                                              false, cred);
465         if (!IS_ERR(key_ref))
466                 goto found;
467         err = key_ref;
468
469         /* if this process has an instantiation authorisation key, then we also
470          * search the keyrings of the process mentioned there
471          * - we don't permit access to request_key auth keys via this method
472          */
473         if (cred->request_key_auth &&
474             cred == current_cred() &&
475             type != &key_type_request_key_auth
476             ) {
477                 /* defend against the auth key being revoked */
478                 down_read(&cred->request_key_auth->sem);
479
480                 if (key_validate(cred->request_key_auth) == 0) {
481                         rka = cred->request_key_auth->payload.data;
482
483                         key_ref = search_process_keyrings(type, description,
484                                                           match, rka->cred);
485
486                         up_read(&cred->request_key_auth->sem);
487
488                         if (!IS_ERR(key_ref))
489                                 goto found;
490
491                         ret = key_ref;
492                 } else {
493                         up_read(&cred->request_key_auth->sem);
494                 }
495         }
496
497         /* no key - decide on the error we're going to go for */
498         if (err == ERR_PTR(-ENOKEY) || ret == ERR_PTR(-ENOKEY))
499                 key_ref = ERR_PTR(-ENOKEY);
500         else if (err == ERR_PTR(-EACCES))
501                 key_ref = ret;
502         else
503                 key_ref = err;
504
505 found:
506         return key_ref;
507 }
508
509 /*
510  * See if the key we're looking at is the target key.
511  */
512 int lookup_user_key_possessed(const struct key *key, const void *target)
513 {
514         return key == target;
515 }
516
517 /*
518  * Look up a key ID given us by userspace with a given permissions mask to get
519  * the key it refers to.
520  *
521  * Flags can be passed to request that special keyrings be created if referred
522  * to directly, to permit partially constructed keys to be found and to skip
523  * validity and permission checks on the found key.
524  *
525  * Returns a pointer to the key with an incremented usage count if successful;
526  * -EINVAL if the key ID is invalid; -ENOKEY if the key ID does not correspond
527  * to a key or the best found key was a negative key; -EKEYREVOKED or
528  * -EKEYEXPIRED if the best found key was revoked or expired; -EACCES if the
529  * found key doesn't grant the requested permit or the LSM denied access to it;
530  * or -ENOMEM if a special keyring couldn't be created.
531  *
532  * In the case of a successful return, the possession attribute is set on the
533  * returned key reference.
534  */
535 key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
536                           key_perm_t perm)
537 {
538         struct request_key_auth *rka;
539         const struct cred *cred;
540         struct key *key;
541         key_ref_t key_ref, skey_ref;
542         int ret;
543
544 try_again:
545         cred = get_current_cred();
546         key_ref = ERR_PTR(-ENOKEY);
547
548         switch (id) {
549         case KEY_SPEC_THREAD_KEYRING:
550                 if (!cred->thread_keyring) {
551                         if (!(lflags & KEY_LOOKUP_CREATE))
552                                 goto error;
553
554                         ret = install_thread_keyring();
555                         if (ret < 0) {
556                                 key_ref = ERR_PTR(ret);
557                                 goto error;
558                         }
559                         goto reget_creds;
560                 }
561
562                 key = cred->thread_keyring;
563                 atomic_inc(&key->usage);
564                 key_ref = make_key_ref(key, 1);
565                 break;
566
567         case KEY_SPEC_PROCESS_KEYRING:
568                 if (!cred->tgcred->process_keyring) {
569                         if (!(lflags & KEY_LOOKUP_CREATE))
570                                 goto error;
571
572                         ret = install_process_keyring();
573                         if (ret < 0) {
574                                 key_ref = ERR_PTR(ret);
575                                 goto error;
576                         }
577                         goto reget_creds;
578                 }
579
580                 key = cred->tgcred->process_keyring;
581                 atomic_inc(&key->usage);
582                 key_ref = make_key_ref(key, 1);
583                 break;
584
585         case KEY_SPEC_SESSION_KEYRING:
586                 if (!cred->tgcred->session_keyring) {
587                         /* always install a session keyring upon access if one
588                          * doesn't exist yet */
589                         ret = install_user_keyrings();
590                         if (ret < 0)
591                                 goto error;
592                         ret = install_session_keyring(
593                                 cred->user->session_keyring);
594
595                         if (ret < 0)
596                                 goto error;
597                         goto reget_creds;
598                 }
599
600                 rcu_read_lock();
601                 key = rcu_dereference(cred->tgcred->session_keyring);
602                 atomic_inc(&key->usage);
603                 rcu_read_unlock();
604                 key_ref = make_key_ref(key, 1);
605                 break;
606
607         case KEY_SPEC_USER_KEYRING:
608                 if (!cred->user->uid_keyring) {
609                         ret = install_user_keyrings();
610                         if (ret < 0)
611                                 goto error;
612                 }
613
614                 key = cred->user->uid_keyring;
615                 atomic_inc(&key->usage);
616                 key_ref = make_key_ref(key, 1);
617                 break;
618
619         case KEY_SPEC_USER_SESSION_KEYRING:
620                 if (!cred->user->session_keyring) {
621                         ret = install_user_keyrings();
622                         if (ret < 0)
623                                 goto error;
624                 }
625
626                 key = cred->user->session_keyring;
627                 atomic_inc(&key->usage);
628                 key_ref = make_key_ref(key, 1);
629                 break;
630
631         case KEY_SPEC_GROUP_KEYRING:
632                 /* group keyrings are not yet supported */
633                 key_ref = ERR_PTR(-EINVAL);
634                 goto error;
635
636         case KEY_SPEC_REQKEY_AUTH_KEY:
637                 key = cred->request_key_auth;
638                 if (!key)
639                         goto error;
640
641                 atomic_inc(&key->usage);
642                 key_ref = make_key_ref(key, 1);
643                 break;
644
645         case KEY_SPEC_REQUESTOR_KEYRING:
646                 if (!cred->request_key_auth)
647                         goto error;
648
649                 down_read(&cred->request_key_auth->sem);
650                 if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) {
651                         key_ref = ERR_PTR(-EKEYREVOKED);
652                         key = NULL;
653                 } else {
654                         rka = cred->request_key_auth->payload.data;
655                         key = rka->dest_keyring;
656                         atomic_inc(&key->usage);
657                 }
658                 up_read(&cred->request_key_auth->sem);
659                 if (!key)
660                         goto error;
661                 key_ref = make_key_ref(key, 1);
662                 break;
663
664         default:
665                 key_ref = ERR_PTR(-EINVAL);
666                 if (id < 1)
667                         goto error;
668
669                 key = key_lookup(id);
670                 if (IS_ERR(key)) {
671                         key_ref = ERR_CAST(key);
672                         goto error;
673                 }
674
675                 key_ref = make_key_ref(key, 0);
676
677                 /* check to see if we possess the key */
678                 skey_ref = search_process_keyrings(key->type, key,
679                                                    lookup_user_key_possessed,
680                                                    cred);
681
682                 if (!IS_ERR(skey_ref)) {
683                         key_put(key);
684                         key_ref = skey_ref;
685                 }
686
687                 break;
688         }
689
690         /* unlink does not use the nominated key in any way, so can skip all
691          * the permission checks as it is only concerned with the keyring */
692         if (lflags & KEY_LOOKUP_FOR_UNLINK) {
693                 ret = 0;
694                 goto error;
695         }
696
697         if (!(lflags & KEY_LOOKUP_PARTIAL)) {
698                 ret = wait_for_key_construction(key, true);
699                 switch (ret) {
700                 case -ERESTARTSYS:
701                         goto invalid_key;
702                 default:
703                         if (perm)
704                                 goto invalid_key;
705                 case 0:
706                         break;
707                 }
708         } else if (perm) {
709                 ret = key_validate(key);
710                 if (ret < 0)
711                         goto invalid_key;
712         }
713
714         ret = -EIO;
715         if (!(lflags & KEY_LOOKUP_PARTIAL) &&
716             !test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
717                 goto invalid_key;
718
719         /* check the permissions */
720         ret = key_task_permission(key_ref, cred, perm);
721         if (ret < 0)
722                 goto invalid_key;
723
724 error:
725         put_cred(cred);
726         return key_ref;
727
728 invalid_key:
729         key_ref_put(key_ref);
730         key_ref = ERR_PTR(ret);
731         goto error;
732
733         /* if we attempted to install a keyring, then it may have caused new
734          * creds to be installed */
735 reget_creds:
736         put_cred(cred);
737         goto try_again;
738 }
739
740 /*
741  * Join the named keyring as the session keyring if possible else attempt to
742  * create a new one of that name and join that.
743  *
744  * If the name is NULL, an empty anonymous keyring will be installed as the
745  * session keyring.
746  *
747  * Named session keyrings are joined with a semaphore held to prevent the
748  * keyrings from going away whilst the attempt is made to going them and also
749  * to prevent a race in creating compatible session keyrings.
750  */
751 long join_session_keyring(const char *name)
752 {
753         const struct cred *old;
754         struct cred *new;
755         struct key *keyring;
756         long ret, serial;
757
758         /* only permit this if there's a single thread in the thread group -
759          * this avoids us having to adjust the creds on all threads and risking
760          * ENOMEM */
761         if (!current_is_single_threaded())
762                 return -EMLINK;
763
764         new = prepare_creds();
765         if (!new)
766                 return -ENOMEM;
767         old = current_cred();
768
769         /* if no name is provided, install an anonymous keyring */
770         if (!name) {
771                 ret = install_session_keyring_to_cred(new, NULL);
772                 if (ret < 0)
773                         goto error;
774
775                 serial = new->tgcred->session_keyring->serial;
776                 ret = commit_creds(new);
777                 if (ret == 0)
778                         ret = serial;
779                 goto okay;
780         }
781
782         /* allow the user to join or create a named keyring */
783         mutex_lock(&key_session_mutex);
784
785         /* look for an existing keyring of this name */
786         keyring = find_keyring_by_name(name, false);
787         if (PTR_ERR(keyring) == -ENOKEY) {
788                 /* not found - try and create a new one */
789                 keyring = keyring_alloc(name, old->uid, old->gid, old,
790                                         KEY_ALLOC_IN_QUOTA, NULL);
791                 if (IS_ERR(keyring)) {
792                         ret = PTR_ERR(keyring);
793                         goto error2;
794                 }
795         } else if (IS_ERR(keyring)) {
796                 ret = PTR_ERR(keyring);
797                 goto error2;
798         }
799
800         /* we've got a keyring - now to install it */
801         ret = install_session_keyring_to_cred(new, keyring);
802         if (ret < 0)
803                 goto error2;
804
805         commit_creds(new);
806         mutex_unlock(&key_session_mutex);
807
808         ret = keyring->serial;
809         key_put(keyring);
810 okay:
811         return ret;
812
813 error2:
814         mutex_unlock(&key_session_mutex);
815 error:
816         abort_creds(new);
817         return ret;
818 }
819
820 /*
821  * Replace a process's session keyring on behalf of one of its children when
822  * the target  process is about to resume userspace execution.
823  */
824 void key_replace_session_keyring(void)
825 {
826         const struct cred *old;
827         struct cred *new;
828
829         if (!current->replacement_session_keyring)
830                 return;
831
832         write_lock_irq(&tasklist_lock);
833         new = current->replacement_session_keyring;
834         current->replacement_session_keyring = NULL;
835         write_unlock_irq(&tasklist_lock);
836
837         if (!new)
838                 return;
839
840         old = current_cred();
841         new->  uid      = old->  uid;
842         new-> euid      = old-> euid;
843         new-> suid      = old-> suid;
844         new->fsuid      = old->fsuid;
845         new->  gid      = old->  gid;
846         new-> egid      = old-> egid;
847         new-> sgid      = old-> sgid;
848         new->fsgid      = old->fsgid;
849         new->user       = get_uid(old->user);
850         new->group_info = get_group_info(old->group_info);
851
852         new->securebits = old->securebits;
853         new->cap_inheritable    = old->cap_inheritable;
854         new->cap_permitted      = old->cap_permitted;
855         new->cap_effective      = old->cap_effective;
856         new->cap_bset           = old->cap_bset;
857
858         new->jit_keyring        = old->jit_keyring;
859         new->thread_keyring     = key_get(old->thread_keyring);
860         new->tgcred->tgid       = old->tgcred->tgid;
861         new->tgcred->process_keyring = key_get(old->tgcred->process_keyring);
862
863         security_transfer_creds(new, old);
864
865         commit_creds(new);
866 }