Merge remote-tracking branch 'regmap/topic/no-bus' into regmap-next
[~shefty/rdma-dev.git] / security / keys / process_keys.c
1 /* Manage a process's keyrings
2  *
3  * Copyright (C) 2004-2005, 2008 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version
9  * 2 of the License, or (at your option) any later version.
10  */
11
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/sched.h>
15 #include <linux/keyctl.h>
16 #include <linux/fs.h>
17 #include <linux/err.h>
18 #include <linux/mutex.h>
19 #include <linux/security.h>
20 #include <linux/user_namespace.h>
21 #include <asm/uaccess.h>
22 #include "internal.h"
23
24 /* Session keyring create vs join semaphore */
25 static DEFINE_MUTEX(key_session_mutex);
26
27 /* User keyring creation semaphore */
28 static DEFINE_MUTEX(key_user_keyring_mutex);
29
30 /* The root user's tracking struct */
31 struct key_user root_key_user = {
32         .usage          = ATOMIC_INIT(3),
33         .cons_lock      = __MUTEX_INITIALIZER(root_key_user.cons_lock),
34         .lock           = __SPIN_LOCK_UNLOCKED(root_key_user.lock),
35         .nkeys          = ATOMIC_INIT(2),
36         .nikeys         = ATOMIC_INIT(2),
37         .uid            = GLOBAL_ROOT_UID,
38 };
39
40 /*
41  * Install the user and user session keyrings for the current process's UID.
42  */
43 int install_user_keyrings(void)
44 {
45         struct user_struct *user;
46         const struct cred *cred;
47         struct key *uid_keyring, *session_keyring;
48         key_perm_t user_keyring_perm;
49         char buf[20];
50         int ret;
51         uid_t uid;
52
53         user_keyring_perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_ALL;
54         cred = current_cred();
55         user = cred->user;
56         uid = from_kuid(cred->user_ns, user->uid);
57
58         kenter("%p{%u}", user, uid);
59
60         if (user->uid_keyring) {
61                 kleave(" = 0 [exist]");
62                 return 0;
63         }
64
65         mutex_lock(&key_user_keyring_mutex);
66         ret = 0;
67
68         if (!user->uid_keyring) {
69                 /* get the UID-specific keyring
70                  * - there may be one in existence already as it may have been
71                  *   pinned by a session, but the user_struct pointing to it
72                  *   may have been destroyed by setuid */
73                 sprintf(buf, "_uid.%u", uid);
74
75                 uid_keyring = find_keyring_by_name(buf, true);
76                 if (IS_ERR(uid_keyring)) {
77                         uid_keyring = keyring_alloc(buf, user->uid, INVALID_GID,
78                                                     cred, user_keyring_perm,
79                                                     KEY_ALLOC_IN_QUOTA, NULL);
80                         if (IS_ERR(uid_keyring)) {
81                                 ret = PTR_ERR(uid_keyring);
82                                 goto error;
83                         }
84                 }
85
86                 /* get a default session keyring (which might also exist
87                  * already) */
88                 sprintf(buf, "_uid_ses.%u", uid);
89
90                 session_keyring = find_keyring_by_name(buf, true);
91                 if (IS_ERR(session_keyring)) {
92                         session_keyring =
93                                 keyring_alloc(buf, user->uid, INVALID_GID,
94                                               cred, user_keyring_perm,
95                                               KEY_ALLOC_IN_QUOTA, NULL);
96                         if (IS_ERR(session_keyring)) {
97                                 ret = PTR_ERR(session_keyring);
98                                 goto error_release;
99                         }
100
101                         /* we install a link from the user session keyring to
102                          * the user keyring */
103                         ret = key_link(session_keyring, uid_keyring);
104                         if (ret < 0)
105                                 goto error_release_both;
106                 }
107
108                 /* install the keyrings */
109                 user->uid_keyring = uid_keyring;
110                 user->session_keyring = session_keyring;
111         }
112
113         mutex_unlock(&key_user_keyring_mutex);
114         kleave(" = 0");
115         return 0;
116
117 error_release_both:
118         key_put(session_keyring);
119 error_release:
120         key_put(uid_keyring);
121 error:
122         mutex_unlock(&key_user_keyring_mutex);
123         kleave(" = %d", ret);
124         return ret;
125 }
126
127 /*
128  * Install a fresh thread keyring directly to new credentials.  This keyring is
129  * allowed to overrun the quota.
130  */
131 int install_thread_keyring_to_cred(struct cred *new)
132 {
133         struct key *keyring;
134
135         keyring = keyring_alloc("_tid", new->uid, new->gid, new,
136                                 KEY_POS_ALL | KEY_USR_VIEW,
137                                 KEY_ALLOC_QUOTA_OVERRUN, NULL);
138         if (IS_ERR(keyring))
139                 return PTR_ERR(keyring);
140
141         new->thread_keyring = keyring;
142         return 0;
143 }
144
145 /*
146  * Install a fresh thread keyring, discarding the old one.
147  */
148 static int install_thread_keyring(void)
149 {
150         struct cred *new;
151         int ret;
152
153         new = prepare_creds();
154         if (!new)
155                 return -ENOMEM;
156
157         BUG_ON(new->thread_keyring);
158
159         ret = install_thread_keyring_to_cred(new);
160         if (ret < 0) {
161                 abort_creds(new);
162                 return ret;
163         }
164
165         return commit_creds(new);
166 }
167
168 /*
169  * Install a process keyring directly to a credentials struct.
170  *
171  * Returns -EEXIST if there was already a process keyring, 0 if one installed,
172  * and other value on any other error
173  */
174 int install_process_keyring_to_cred(struct cred *new)
175 {
176         struct key *keyring;
177
178         if (new->process_keyring)
179                 return -EEXIST;
180
181         keyring = keyring_alloc("_pid", new->uid, new->gid, new,
182                                 KEY_POS_ALL | KEY_USR_VIEW,
183                                 KEY_ALLOC_QUOTA_OVERRUN, NULL);
184         if (IS_ERR(keyring))
185                 return PTR_ERR(keyring);
186
187         new->process_keyring = keyring;
188         return 0;
189 }
190
191 /*
192  * Make sure a process keyring is installed for the current process.  The
193  * existing process keyring is not replaced.
194  *
195  * Returns 0 if there is a process keyring by the end of this function, some
196  * error otherwise.
197  */
198 static int install_process_keyring(void)
199 {
200         struct cred *new;
201         int ret;
202
203         new = prepare_creds();
204         if (!new)
205                 return -ENOMEM;
206
207         ret = install_process_keyring_to_cred(new);
208         if (ret < 0) {
209                 abort_creds(new);
210                 return ret != -EEXIST ? ret : 0;
211         }
212
213         return commit_creds(new);
214 }
215
216 /*
217  * Install a session keyring directly to a credentials struct.
218  */
219 int install_session_keyring_to_cred(struct cred *cred, struct key *keyring)
220 {
221         unsigned long flags;
222         struct key *old;
223
224         might_sleep();
225
226         /* create an empty session keyring */
227         if (!keyring) {
228                 flags = KEY_ALLOC_QUOTA_OVERRUN;
229                 if (cred->session_keyring)
230                         flags = KEY_ALLOC_IN_QUOTA;
231
232                 keyring = keyring_alloc("_ses", cred->uid, cred->gid, cred,
233                                         KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ,
234                                         flags, NULL);
235                 if (IS_ERR(keyring))
236                         return PTR_ERR(keyring);
237         } else {
238                 atomic_inc(&keyring->usage);
239         }
240
241         /* install the keyring */
242         old = cred->session_keyring;
243         rcu_assign_pointer(cred->session_keyring, keyring);
244
245         if (old)
246                 key_put(old);
247
248         return 0;
249 }
250
251 /*
252  * Install a session keyring, discarding the old one.  If a keyring is not
253  * supplied, an empty one is invented.
254  */
255 static int install_session_keyring(struct key *keyring)
256 {
257         struct cred *new;
258         int ret;
259
260         new = prepare_creds();
261         if (!new)
262                 return -ENOMEM;
263
264         ret = install_session_keyring_to_cred(new, keyring);
265         if (ret < 0) {
266                 abort_creds(new);
267                 return ret;
268         }
269
270         return commit_creds(new);
271 }
272
273 /*
274  * Handle the fsuid changing.
275  */
276 void key_fsuid_changed(struct task_struct *tsk)
277 {
278         /* update the ownership of the thread keyring */
279         BUG_ON(!tsk->cred);
280         if (tsk->cred->thread_keyring) {
281                 down_write(&tsk->cred->thread_keyring->sem);
282                 tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
283                 up_write(&tsk->cred->thread_keyring->sem);
284         }
285 }
286
287 /*
288  * Handle the fsgid changing.
289  */
290 void key_fsgid_changed(struct task_struct *tsk)
291 {
292         /* update the ownership of the thread keyring */
293         BUG_ON(!tsk->cred);
294         if (tsk->cred->thread_keyring) {
295                 down_write(&tsk->cred->thread_keyring->sem);
296                 tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
297                 up_write(&tsk->cred->thread_keyring->sem);
298         }
299 }
300
301 /*
302  * Search the process keyrings attached to the supplied cred for the first
303  * matching key.
304  *
305  * The search criteria are the type and the match function.  The description is
306  * given to the match function as a parameter, but doesn't otherwise influence
307  * the search.  Typically the match function will compare the description
308  * parameter to the key's description.
309  *
310  * This can only search keyrings that grant Search permission to the supplied
311  * credentials.  Keyrings linked to searched keyrings will also be searched if
312  * they grant Search permission too.  Keys can only be found if they grant
313  * Search permission to the credentials.
314  *
315  * Returns a pointer to the key with the key usage count incremented if
316  * successful, -EAGAIN if we didn't find any matching key or -ENOKEY if we only
317  * matched negative keys.
318  *
319  * In the case of a successful return, the possession attribute is set on the
320  * returned key reference.
321  */
322 key_ref_t search_my_process_keyrings(struct key_type *type,
323                                      const void *description,
324                                      key_match_func_t match,
325                                      bool no_state_check,
326                                      const struct cred *cred)
327 {
328         key_ref_t key_ref, ret, err;
329
330         /* we want to return -EAGAIN or -ENOKEY if any of the keyrings were
331          * searchable, but we failed to find a key or we found a negative key;
332          * otherwise we want to return a sample error (probably -EACCES) if
333          * none of the keyrings were searchable
334          *
335          * in terms of priority: success > -ENOKEY > -EAGAIN > other error
336          */
337         key_ref = NULL;
338         ret = NULL;
339         err = ERR_PTR(-EAGAIN);
340
341         /* search the thread keyring first */
342         if (cred->thread_keyring) {
343                 key_ref = keyring_search_aux(
344                         make_key_ref(cred->thread_keyring, 1),
345                         cred, type, description, match, no_state_check);
346                 if (!IS_ERR(key_ref))
347                         goto found;
348
349                 switch (PTR_ERR(key_ref)) {
350                 case -EAGAIN: /* no key */
351                 case -ENOKEY: /* negative key */
352                         ret = key_ref;
353                         break;
354                 default:
355                         err = key_ref;
356                         break;
357                 }
358         }
359
360         /* search the process keyring second */
361         if (cred->process_keyring) {
362                 key_ref = keyring_search_aux(
363                         make_key_ref(cred->process_keyring, 1),
364                         cred, type, description, match, no_state_check);
365                 if (!IS_ERR(key_ref))
366                         goto found;
367
368                 switch (PTR_ERR(key_ref)) {
369                 case -EAGAIN: /* no key */
370                 case -ENOKEY: /* negative key */
371                         ret = key_ref;
372                         break;
373                 default:
374                         err = key_ref;
375                         break;
376                 }
377         }
378
379         /* search the session keyring */
380         if (cred->session_keyring) {
381                 rcu_read_lock();
382                 key_ref = keyring_search_aux(
383                         make_key_ref(rcu_dereference(cred->session_keyring), 1),
384                         cred, type, description, match, no_state_check);
385                 rcu_read_unlock();
386
387                 if (!IS_ERR(key_ref))
388                         goto found;
389
390                 switch (PTR_ERR(key_ref)) {
391                 case -EAGAIN: /* no key */
392                         if (ret)
393                                 break;
394                 case -ENOKEY: /* negative key */
395                         ret = key_ref;
396                         break;
397                 default:
398                         err = key_ref;
399                         break;
400                 }
401         }
402         /* or search the user-session keyring */
403         else if (cred->user->session_keyring) {
404                 key_ref = keyring_search_aux(
405                         make_key_ref(cred->user->session_keyring, 1),
406                         cred, type, description, match, no_state_check);
407                 if (!IS_ERR(key_ref))
408                         goto found;
409
410                 switch (PTR_ERR(key_ref)) {
411                 case -EAGAIN: /* no key */
412                         if (ret)
413                                 break;
414                 case -ENOKEY: /* negative key */
415                         ret = key_ref;
416                         break;
417                 default:
418                         err = key_ref;
419                         break;
420                 }
421         }
422
423         /* no key - decide on the error we're going to go for */
424         key_ref = ret ? ret : err;
425
426 found:
427         return key_ref;
428 }
429
430 /*
431  * Search the process keyrings attached to the supplied cred for the first
432  * matching key in the manner of search_my_process_keyrings(), but also search
433  * the keys attached to the assumed authorisation key using its credentials if
434  * one is available.
435  *
436  * Return same as search_my_process_keyrings().
437  */
438 key_ref_t search_process_keyrings(struct key_type *type,
439                                   const void *description,
440                                   key_match_func_t match,
441                                   const struct cred *cred)
442 {
443         struct request_key_auth *rka;
444         key_ref_t key_ref, ret = ERR_PTR(-EACCES), err;
445
446         might_sleep();
447
448         key_ref = search_my_process_keyrings(type, description, match,
449                                              false, cred);
450         if (!IS_ERR(key_ref))
451                 goto found;
452         err = key_ref;
453
454         /* if this process has an instantiation authorisation key, then we also
455          * search the keyrings of the process mentioned there
456          * - we don't permit access to request_key auth keys via this method
457          */
458         if (cred->request_key_auth &&
459             cred == current_cred() &&
460             type != &key_type_request_key_auth
461             ) {
462                 /* defend against the auth key being revoked */
463                 down_read(&cred->request_key_auth->sem);
464
465                 if (key_validate(cred->request_key_auth) == 0) {
466                         rka = cred->request_key_auth->payload.data;
467
468                         key_ref = search_process_keyrings(type, description,
469                                                           match, rka->cred);
470
471                         up_read(&cred->request_key_auth->sem);
472
473                         if (!IS_ERR(key_ref))
474                                 goto found;
475
476                         ret = key_ref;
477                 } else {
478                         up_read(&cred->request_key_auth->sem);
479                 }
480         }
481
482         /* no key - decide on the error we're going to go for */
483         if (err == ERR_PTR(-ENOKEY) || ret == ERR_PTR(-ENOKEY))
484                 key_ref = ERR_PTR(-ENOKEY);
485         else if (err == ERR_PTR(-EACCES))
486                 key_ref = ret;
487         else
488                 key_ref = err;
489
490 found:
491         return key_ref;
492 }
493
494 /*
495  * See if the key we're looking at is the target key.
496  */
497 int lookup_user_key_possessed(const struct key *key, const void *target)
498 {
499         return key == target;
500 }
501
502 /*
503  * Look up a key ID given us by userspace with a given permissions mask to get
504  * the key it refers to.
505  *
506  * Flags can be passed to request that special keyrings be created if referred
507  * to directly, to permit partially constructed keys to be found and to skip
508  * validity and permission checks on the found key.
509  *
510  * Returns a pointer to the key with an incremented usage count if successful;
511  * -EINVAL if the key ID is invalid; -ENOKEY if the key ID does not correspond
512  * to a key or the best found key was a negative key; -EKEYREVOKED or
513  * -EKEYEXPIRED if the best found key was revoked or expired; -EACCES if the
514  * found key doesn't grant the requested permit or the LSM denied access to it;
515  * or -ENOMEM if a special keyring couldn't be created.
516  *
517  * In the case of a successful return, the possession attribute is set on the
518  * returned key reference.
519  */
520 key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
521                           key_perm_t perm)
522 {
523         struct request_key_auth *rka;
524         const struct cred *cred;
525         struct key *key;
526         key_ref_t key_ref, skey_ref;
527         int ret;
528
529 try_again:
530         cred = get_current_cred();
531         key_ref = ERR_PTR(-ENOKEY);
532
533         switch (id) {
534         case KEY_SPEC_THREAD_KEYRING:
535                 if (!cred->thread_keyring) {
536                         if (!(lflags & KEY_LOOKUP_CREATE))
537                                 goto error;
538
539                         ret = install_thread_keyring();
540                         if (ret < 0) {
541                                 key_ref = ERR_PTR(ret);
542                                 goto error;
543                         }
544                         goto reget_creds;
545                 }
546
547                 key = cred->thread_keyring;
548                 atomic_inc(&key->usage);
549                 key_ref = make_key_ref(key, 1);
550                 break;
551
552         case KEY_SPEC_PROCESS_KEYRING:
553                 if (!cred->process_keyring) {
554                         if (!(lflags & KEY_LOOKUP_CREATE))
555                                 goto error;
556
557                         ret = install_process_keyring();
558                         if (ret < 0) {
559                                 key_ref = ERR_PTR(ret);
560                                 goto error;
561                         }
562                         goto reget_creds;
563                 }
564
565                 key = cred->process_keyring;
566                 atomic_inc(&key->usage);
567                 key_ref = make_key_ref(key, 1);
568                 break;
569
570         case KEY_SPEC_SESSION_KEYRING:
571                 if (!cred->session_keyring) {
572                         /* always install a session keyring upon access if one
573                          * doesn't exist yet */
574                         ret = install_user_keyrings();
575                         if (ret < 0)
576                                 goto error;
577                         if (lflags & KEY_LOOKUP_CREATE)
578                                 ret = join_session_keyring(NULL);
579                         else
580                                 ret = install_session_keyring(
581                                         cred->user->session_keyring);
582
583                         if (ret < 0)
584                                 goto error;
585                         goto reget_creds;
586                 } else if (cred->session_keyring ==
587                            cred->user->session_keyring &&
588                            lflags & KEY_LOOKUP_CREATE) {
589                         ret = join_session_keyring(NULL);
590                         if (ret < 0)
591                                 goto error;
592                         goto reget_creds;
593                 }
594
595                 rcu_read_lock();
596                 key = rcu_dereference(cred->session_keyring);
597                 atomic_inc(&key->usage);
598                 rcu_read_unlock();
599                 key_ref = make_key_ref(key, 1);
600                 break;
601
602         case KEY_SPEC_USER_KEYRING:
603                 if (!cred->user->uid_keyring) {
604                         ret = install_user_keyrings();
605                         if (ret < 0)
606                                 goto error;
607                 }
608
609                 key = cred->user->uid_keyring;
610                 atomic_inc(&key->usage);
611                 key_ref = make_key_ref(key, 1);
612                 break;
613
614         case KEY_SPEC_USER_SESSION_KEYRING:
615                 if (!cred->user->session_keyring) {
616                         ret = install_user_keyrings();
617                         if (ret < 0)
618                                 goto error;
619                 }
620
621                 key = cred->user->session_keyring;
622                 atomic_inc(&key->usage);
623                 key_ref = make_key_ref(key, 1);
624                 break;
625
626         case KEY_SPEC_GROUP_KEYRING:
627                 /* group keyrings are not yet supported */
628                 key_ref = ERR_PTR(-EINVAL);
629                 goto error;
630
631         case KEY_SPEC_REQKEY_AUTH_KEY:
632                 key = cred->request_key_auth;
633                 if (!key)
634                         goto error;
635
636                 atomic_inc(&key->usage);
637                 key_ref = make_key_ref(key, 1);
638                 break;
639
640         case KEY_SPEC_REQUESTOR_KEYRING:
641                 if (!cred->request_key_auth)
642                         goto error;
643
644                 down_read(&cred->request_key_auth->sem);
645                 if (test_bit(KEY_FLAG_REVOKED,
646                              &cred->request_key_auth->flags)) {
647                         key_ref = ERR_PTR(-EKEYREVOKED);
648                         key = NULL;
649                 } else {
650                         rka = cred->request_key_auth->payload.data;
651                         key = rka->dest_keyring;
652                         atomic_inc(&key->usage);
653                 }
654                 up_read(&cred->request_key_auth->sem);
655                 if (!key)
656                         goto error;
657                 key_ref = make_key_ref(key, 1);
658                 break;
659
660         default:
661                 key_ref = ERR_PTR(-EINVAL);
662                 if (id < 1)
663                         goto error;
664
665                 key = key_lookup(id);
666                 if (IS_ERR(key)) {
667                         key_ref = ERR_CAST(key);
668                         goto error;
669                 }
670
671                 key_ref = make_key_ref(key, 0);
672
673                 /* check to see if we possess the key */
674                 skey_ref = search_process_keyrings(key->type, key,
675                                                    lookup_user_key_possessed,
676                                                    cred);
677
678                 if (!IS_ERR(skey_ref)) {
679                         key_put(key);
680                         key_ref = skey_ref;
681                 }
682
683                 break;
684         }
685
686         /* unlink does not use the nominated key in any way, so can skip all
687          * the permission checks as it is only concerned with the keyring */
688         if (lflags & KEY_LOOKUP_FOR_UNLINK) {
689                 ret = 0;
690                 goto error;
691         }
692
693         if (!(lflags & KEY_LOOKUP_PARTIAL)) {
694                 ret = wait_for_key_construction(key, true);
695                 switch (ret) {
696                 case -ERESTARTSYS:
697                         goto invalid_key;
698                 default:
699                         if (perm)
700                                 goto invalid_key;
701                 case 0:
702                         break;
703                 }
704         } else if (perm) {
705                 ret = key_validate(key);
706                 if (ret < 0)
707                         goto invalid_key;
708         }
709
710         ret = -EIO;
711         if (!(lflags & KEY_LOOKUP_PARTIAL) &&
712             !test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
713                 goto invalid_key;
714
715         /* check the permissions */
716         ret = key_task_permission(key_ref, cred, perm);
717         if (ret < 0)
718                 goto invalid_key;
719
720         key->last_used_at = current_kernel_time().tv_sec;
721
722 error:
723         put_cred(cred);
724         return key_ref;
725
726 invalid_key:
727         key_ref_put(key_ref);
728         key_ref = ERR_PTR(ret);
729         goto error;
730
731         /* if we attempted to install a keyring, then it may have caused new
732          * creds to be installed */
733 reget_creds:
734         put_cred(cred);
735         goto try_again;
736 }
737
738 /*
739  * Join the named keyring as the session keyring if possible else attempt to
740  * create a new one of that name and join that.
741  *
742  * If the name is NULL, an empty anonymous keyring will be installed as the
743  * session keyring.
744  *
745  * Named session keyrings are joined with a semaphore held to prevent the
746  * keyrings from going away whilst the attempt is made to going them and also
747  * to prevent a race in creating compatible session keyrings.
748  */
749 long join_session_keyring(const char *name)
750 {
751         const struct cred *old;
752         struct cred *new;
753         struct key *keyring;
754         long ret, serial;
755
756         new = prepare_creds();
757         if (!new)
758                 return -ENOMEM;
759         old = current_cred();
760
761         /* if no name is provided, install an anonymous keyring */
762         if (!name) {
763                 ret = install_session_keyring_to_cred(new, NULL);
764                 if (ret < 0)
765                         goto error;
766
767                 serial = new->session_keyring->serial;
768                 ret = commit_creds(new);
769                 if (ret == 0)
770                         ret = serial;
771                 goto okay;
772         }
773
774         /* allow the user to join or create a named keyring */
775         mutex_lock(&key_session_mutex);
776
777         /* look for an existing keyring of this name */
778         keyring = find_keyring_by_name(name, false);
779         if (PTR_ERR(keyring) == -ENOKEY) {
780                 /* not found - try and create a new one */
781                 keyring = keyring_alloc(
782                         name, old->uid, old->gid, old,
783                         KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ | KEY_USR_LINK,
784                         KEY_ALLOC_IN_QUOTA, NULL);
785                 if (IS_ERR(keyring)) {
786                         ret = PTR_ERR(keyring);
787                         goto error2;
788                 }
789         } else if (IS_ERR(keyring)) {
790                 ret = PTR_ERR(keyring);
791                 goto error2;
792         } else if (keyring == new->session_keyring) {
793                 ret = 0;
794                 goto error2;
795         }
796
797         /* we've got a keyring - now to install it */
798         ret = install_session_keyring_to_cred(new, keyring);
799         if (ret < 0)
800                 goto error2;
801
802         commit_creds(new);
803         mutex_unlock(&key_session_mutex);
804
805         ret = keyring->serial;
806         key_put(keyring);
807 okay:
808         return ret;
809
810 error2:
811         mutex_unlock(&key_session_mutex);
812 error:
813         abort_creds(new);
814         return ret;
815 }
816
817 /*
818  * Replace a process's session keyring on behalf of one of its children when
819  * the target  process is about to resume userspace execution.
820  */
821 void key_change_session_keyring(struct callback_head *twork)
822 {
823         const struct cred *old = current_cred();
824         struct cred *new = container_of(twork, struct cred, rcu);
825
826         if (unlikely(current->flags & PF_EXITING)) {
827                 put_cred(new);
828                 return;
829         }
830
831         new->  uid      = old->  uid;
832         new-> euid      = old-> euid;
833         new-> suid      = old-> suid;
834         new->fsuid      = old->fsuid;
835         new->  gid      = old->  gid;
836         new-> egid      = old-> egid;
837         new-> sgid      = old-> sgid;
838         new->fsgid      = old->fsgid;
839         new->user       = get_uid(old->user);
840         new->user_ns    = get_user_ns(new->user_ns);
841         new->group_info = get_group_info(old->group_info);
842
843         new->securebits = old->securebits;
844         new->cap_inheritable    = old->cap_inheritable;
845         new->cap_permitted      = old->cap_permitted;
846         new->cap_effective      = old->cap_effective;
847         new->cap_bset           = old->cap_bset;
848
849         new->jit_keyring        = old->jit_keyring;
850         new->thread_keyring     = key_get(old->thread_keyring);
851         new->process_keyring    = key_get(old->process_keyring);
852
853         security_transfer_creds(new, old);
854
855         commit_creds(new);
856 }