Commit c70a626d3eba373514c72287c93588b6974a0059
Committed by
Linus Torvalds
Linus Torvalds
1 parent
685bfd2c48
Exists in
master
and in
7 other branches
umh: creds: kill subprocess_info->cred logic
Now that nobody ever changes subprocess_info->cred we can kill this member and related code. ____call_usermodehelper() always runs in the context of freshly forked kernel thread, it has the proper ->cred copied from its parent kthread, keventd. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Showing 4 changed files with 0 additions and 81 deletions Side-by-side Diff
include/linux/cred.h
| ... | ... | @@ -156,7 +156,6 @@ |
| 156 | 156 | extern struct cred *cred_alloc_blank(void); |
| 157 | 157 | extern struct cred *prepare_creds(void); |
| 158 | 158 | extern struct cred *prepare_exec_creds(void); |
| 159 | -extern struct cred *prepare_usermodehelper_creds(void); | |
| 160 | 159 | extern int commit_creds(struct cred *); |
| 161 | 160 | extern void abort_creds(struct cred *); |
| 162 | 161 | extern const struct cred *override_creds(const struct cred *); |
include/linux/kmod.h
kernel/cred.c
| ... | ... | @@ -347,66 +347,6 @@ |
| 347 | 347 | } |
| 348 | 348 | |
| 349 | 349 | /* |
| 350 | - * prepare new credentials for the usermode helper dispatcher | |
| 351 | - */ | |
| 352 | -struct cred *prepare_usermodehelper_creds(void) | |
| 353 | -{ | |
| 354 | -#ifdef CONFIG_KEYS | |
| 355 | - struct thread_group_cred *tgcred = NULL; | |
| 356 | -#endif | |
| 357 | - struct cred *new; | |
| 358 | - | |
| 359 | -#ifdef CONFIG_KEYS | |
| 360 | - tgcred = kzalloc(sizeof(*new->tgcred), GFP_ATOMIC); | |
| 361 | - if (!tgcred) | |
| 362 | - return NULL; | |
| 363 | -#endif | |
| 364 | - | |
| 365 | - new = kmem_cache_alloc(cred_jar, GFP_ATOMIC); | |
| 366 | - if (!new) | |
| 367 | - goto free_tgcred; | |
| 368 | - | |
| 369 | - kdebug("prepare_usermodehelper_creds() alloc %p", new); | |
| 370 | - | |
| 371 | - memcpy(new, &init_cred, sizeof(struct cred)); | |
| 372 | - | |
| 373 | - atomic_set(&new->usage, 1); | |
| 374 | - set_cred_subscribers(new, 0); | |
| 375 | - get_group_info(new->group_info); | |
| 376 | - get_uid(new->user); | |
| 377 | - | |
| 378 | -#ifdef CONFIG_KEYS | |
| 379 | - new->thread_keyring = NULL; | |
| 380 | - new->request_key_auth = NULL; | |
| 381 | - new->jit_keyring = KEY_REQKEY_DEFL_DEFAULT; | |
| 382 | - | |
| 383 | - atomic_set(&tgcred->usage, 1); | |
| 384 | - spin_lock_init(&tgcred->lock); | |
| 385 | - new->tgcred = tgcred; | |
| 386 | -#endif | |
| 387 | - | |
| 388 | -#ifdef CONFIG_SECURITY | |
| 389 | - new->security = NULL; | |
| 390 | -#endif | |
| 391 | - if (security_prepare_creds(new, &init_cred, GFP_ATOMIC) < 0) | |
| 392 | - goto error; | |
| 393 | - validate_creds(new); | |
| 394 | - | |
| 395 | - BUG_ON(atomic_read(&new->usage) != 1); | |
| 396 | - return new; | |
| 397 | - | |
| 398 | -error: | |
| 399 | - put_cred(new); | |
| 400 | - return NULL; | |
| 401 | - | |
| 402 | -free_tgcred: | |
| 403 | -#ifdef CONFIG_KEYS | |
| 404 | - kfree(tgcred); | |
| 405 | -#endif | |
| 406 | - return NULL; | |
| 407 | -} | |
| 408 | - | |
| 409 | -/* | |
| 410 | 350 | * Copy credentials for the new process created by fork() |
| 411 | 351 | * |
| 412 | 352 | * We share if we can, but under some circumstances we have to generate a new |
kernel/kmod.c
| ... | ... | @@ -134,8 +134,6 @@ |
| 134 | 134 | struct subprocess_info *sub_info = data; |
| 135 | 135 | int retval; |
| 136 | 136 | |
| 137 | - BUG_ON(atomic_read(&sub_info->cred->usage) != 1); | |
| 138 | - | |
| 139 | 137 | /* Unblock all signals */ |
| 140 | 138 | spin_lock_irq(¤t->sighand->siglock); |
| 141 | 139 | flush_signal_handlers(current, 1); |
| ... | ... | @@ -143,10 +141,6 @@ |
| 143 | 141 | recalc_sigpending(); |
| 144 | 142 | spin_unlock_irq(¤t->sighand->siglock); |
| 145 | 143 | |
| 146 | - /* Install the credentials */ | |
| 147 | - commit_creds(sub_info->cred); | |
| 148 | - sub_info->cred = NULL; | |
| 149 | - | |
| 150 | 144 | /* We can run anywhere, unlike our parent keventd(). */ |
| 151 | 145 | set_cpus_allowed_ptr(current, cpu_all_mask); |
| 152 | 146 | |
| ... | ... | @@ -174,8 +168,6 @@ |
| 174 | 168 | { |
| 175 | 169 | if (info->cleanup) |
| 176 | 170 | (*info->cleanup)(info); |
| 177 | - if (info->cred) | |
| 178 | - put_cred(info->cred); | |
| 179 | 171 | kfree(info); |
| 180 | 172 | } |
| 181 | 173 | EXPORT_SYMBOL(call_usermodehelper_freeinfo); |
| ... | ... | @@ -231,8 +223,6 @@ |
| 231 | 223 | pid_t pid; |
| 232 | 224 | enum umh_wait wait = sub_info->wait; |
| 233 | 225 | |
| 234 | - BUG_ON(atomic_read(&sub_info->cred->usage) != 1); | |
| 235 | - | |
| 236 | 226 | /* CLONE_VFORK: wait until the usermode helper has execve'd |
| 237 | 227 | * successfully We need the data structures to stay around |
| 238 | 228 | * until that is done. */ |
| ... | ... | @@ -355,12 +345,6 @@ |
| 355 | 345 | sub_info->path = path; |
| 356 | 346 | sub_info->argv = argv; |
| 357 | 347 | sub_info->envp = envp; |
| 358 | - sub_info->cred = prepare_usermodehelper_creds(); | |
| 359 | - if (!sub_info->cred) { | |
| 360 | - kfree(sub_info); | |
| 361 | - return NULL; | |
| 362 | - } | |
| 363 | - | |
| 364 | 348 | out: |
| 365 | 349 | return sub_info; |
| 366 | 350 | } |
| ... | ... | @@ -410,9 +394,6 @@ |
| 410 | 394 | { |
| 411 | 395 | DECLARE_COMPLETION_ONSTACK(done); |
| 412 | 396 | int retval = 0; |
| 413 | - | |
| 414 | - BUG_ON(atomic_read(&sub_info->cred->usage) != 1); | |
| 415 | - validate_creds(sub_info->cred); | |
| 416 | 397 | |
| 417 | 398 | helper_lock(); |
| 418 | 399 | if (sub_info->path[0] == '\0') |