summaryrefslogtreecommitdiff
path: root/include/linux/cred.h
diff options
context:
space:
mode:
authorJann Horn <jannh@google.com>2019-03-27 18:39:38 +0300
committerJames Morris <james.morris@microsoft.com>2019-04-10 20:28:21 +0300
commit5c7e372caa35d303e414caeb64ee2243fd3cac3d (patch)
tree0ebe3b3d6fa9becd9cfa6e5a49f42c7979be8180 /include/linux/cred.h
parent1b26fcdb748eb20a73f72900d7f5ab537b2809be (diff)
downloadlinux-5c7e372caa35d303e414caeb64ee2243fd3cac3d.tar.xz
security: don't use RCU accessors for cred->session_keyring
sparse complains that a bunch of places in kernel/cred.c access cred->session_keyring without the RCU helpers required by the __rcu annotation. cred->session_keyring is written in the following places: - prepare_kernel_cred() [in a new cred struct] - keyctl_session_to_parent() [in a new cred struct] - prepare_creds [in a new cred struct, via memcpy] - install_session_keyring_to_cred() - from install_session_keyring() on new creds - from join_session_keyring() on new creds [twice] - from umh_keys_init() - from call_usermodehelper_exec_async() on new creds All of these writes are before the creds are committed; therefore, cred->session_keyring doesn't need RCU protection. Remove the __rcu annotation and fix up all existing users that use __rcu. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: James Morris <james.morris@microsoft.com>
Diffstat (limited to 'include/linux/cred.h')
-rw-r--r--include/linux/cred.h2
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/cred.h b/include/linux/cred.h
index ddd45bb74887..efb6edf32de7 100644
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -138,7 +138,7 @@ struct cred {
#ifdef CONFIG_KEYS
unsigned char jit_keyring; /* default keyring to attach requested
* keys to */
- struct key __rcu *session_keyring; /* keyring inherited over fork */
+ struct key *session_keyring; /* keyring inherited over fork */
struct key *process_keyring; /* keyring private to this process */
struct key *thread_keyring; /* keyring private to this thread */
struct key *request_key_auth; /* assumed request_key authority */