diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2012-02-08 16:53:04 +0100 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-14 03:28:02 +0200 |
commit | 9a56c2db49e7349c7963f0ce66c1ef578d44ebd3 (patch) | |
tree | de29b56483bb00efabca3ba35c7001cab2aab7be /security/keys/internal.h | |
parent | userns: Convert drm to use kuid and kgid and struct pid where appropriate (diff) | |
download | linux-9a56c2db49e7349c7963f0ce66c1ef578d44ebd3.tar.xz linux-9a56c2db49e7349c7963f0ce66c1ef578d44ebd3.zip |
userns: Convert security/keys to the new userns infrastructure
- Replace key_user ->user_ns equality checks with kuid_has_mapping checks.
- Use from_kuid to generate key descriptions
- Use kuid_t and kgid_t and the associated helpers instead of uid_t and gid_t
- Avoid potential problems with file descriptor passing by displaying
keys in the user namespace of the opener of key status proc files.
Cc: linux-security-module@vger.kernel.org
Cc: keyrings@linux-nfs.org
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'security/keys/internal.h')
-rw-r--r-- | security/keys/internal.h | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h index 22ff05269e3d..8bbefc3b55d4 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -52,8 +52,7 @@ struct key_user { atomic_t usage; /* for accessing qnkeys & qnbytes */ atomic_t nkeys; /* number of keys */ atomic_t nikeys; /* number of instantiated keys */ - uid_t uid; - struct user_namespace *user_ns; + kuid_t uid; int qnkeys; /* number of keys allocated to this user */ int qnbytes; /* number of bytes allocated to this user */ }; @@ -62,8 +61,7 @@ extern struct rb_root key_user_tree; extern spinlock_t key_user_lock; extern struct key_user root_key_user; -extern struct key_user *key_user_lookup(uid_t uid, - struct user_namespace *user_ns); +extern struct key_user *key_user_lookup(kuid_t uid); extern void key_user_put(struct key_user *user); /* |