[PATCH v2 0/2] get rid of cred_transfer
Jann Horn
jannh at google.com
Mon Aug 5 11:54:22 UTC 2024
This is the approach I proposed at
<https://lore.kernel.org/all/CAG48ez2bnvuX8i-D=5DxmfzEOKTWAf-DkgQq6aNC4WzSGoEGHg@mail.gmail.com/>
to get rid of the cred_transfer stuff.
What do you think? Synchronously waiting for task work is a bit ugly,
but at least this condenses the uglyness in the keys subsystem instead
of making the rest of the security subsystem deal with this stuff.
Another approach to simplify things further would be to try to move
the session keyring out of the creds entirely and just let the child
update it directly with appropriate locking, but I don't know enough
about the keys subsystem to know if that would maybe break stuff
that relies on override_creds() also overriding the keyrings, or
something like that.
Signed-off-by: Jann Horn <jannh at google.com>
---
Changes in v2:
- use interruptible wait instead of killable
- split into two patches (Jarkko)
- Link to v1: https://lore.kernel.org/r/20240802-remove-cred-transfer-v1-1-b3fef1ef2ade@google.com
---
Jann Horn (2):
KEYS: use synchronous task work for changing parent credentials
security: remove unused cred_alloc_blank/cred_transfer helpers
include/linux/cred.h | 1 -
include/linux/lsm_hook_defs.h | 3 --
include/linux/security.h | 12 -----
kernel/cred.c | 23 ---------
security/apparmor/lsm.c | 19 --------
security/keys/internal.h | 8 ++++
security/keys/keyctl.c | 107 +++++++++++++-----------------------------
security/keys/process_keys.c | 86 +++++++++++++++++----------------
security/landlock/cred.c | 11 +----
security/security.c | 35 --------------
security/selinux/hooks.c | 12 -----
security/smack/smack_lsm.c | 32 -------------
12 files changed, 89 insertions(+), 260 deletions(-)
---
base-commit: c0ecd6388360d930440cc5554026818895199923
change-id: 20240802-remove-cred-transfer-493a3b696da2
--
Jann Horn <jannh at google.com>
More information about the Linux-security-module-archive
mailing list