| cred.c (f056878332a91ed984a116bad4e7d49aefff9e6e) | cred.c (74908a0009eb36054190ab80deb9671014efed96) |
|---|---|
| 1/* Task credentials management - see Documentation/credentials.txt 2 * 3 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version --- 768 unchanged lines hidden (view full) --- 777 new->fsuid = inode->i_uid; 778 new->fsgid = inode->i_gid; 779 return security_kernel_create_files_as(new, inode); 780} 781EXPORT_SYMBOL(set_create_files_as); 782 783#ifdef CONFIG_DEBUG_CREDENTIALS 784 | 1/* Task credentials management - see Documentation/credentials.txt 2 * 3 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version --- 768 unchanged lines hidden (view full) --- 777 new->fsuid = inode->i_uid; 778 new->fsgid = inode->i_gid; 779 return security_kernel_create_files_as(new, inode); 780} 781EXPORT_SYMBOL(set_create_files_as); 782 783#ifdef CONFIG_DEBUG_CREDENTIALS 784 |
| 785bool creds_are_invalid(const struct cred *cred) 786{ 787 if (cred->magic != CRED_MAGIC) 788 return true; 789 if (atomic_read(&cred->usage) < atomic_read(&cred->subscribers)) 790 return true; 791#ifdef CONFIG_SECURITY_SELINUX 792 if (selinux_is_enabled()) { 793 if ((unsigned long) cred->security < PAGE_SIZE) 794 return true; 795 if ((*(u32 *)cred->security & 0xffffff00) == 796 (POISON_FREE << 24 | POISON_FREE << 16 | POISON_FREE << 8)) 797 return true; 798 } 799#endif 800 return false; 801} 802 |
|
| 785/* 786 * dump invalid credentials 787 */ 788static void dump_invalid_creds(const struct cred *cred, const char *label, 789 const struct task_struct *tsk) 790{ 791 printk(KERN_ERR "CRED: %s credentials: %p %s%s%s\n", 792 label, cred, --- 81 unchanged lines hidden --- | 803/* 804 * dump invalid credentials 805 */ 806static void dump_invalid_creds(const struct cred *cred, const char *label, 807 const struct task_struct *tsk) 808{ 809 printk(KERN_ERR "CRED: %s credentials: %p %s%s%s\n", 810 label, cred, --- 81 unchanged lines hidden --- |