diff -urN v2.5.23/arch/ia64/kernel/perfmon.c cred-v2.5.23/arch/ia64/kernel/perfmon.c --- v2.5.23/arch/ia64/kernel/perfmon.c Tue Jun 18 23:22:21 2002 +++ cred-v2.5.23/arch/ia64/kernel/perfmon.c Tue Jun 18 23:22:46 2002 @@ -715,10 +715,11 @@ * XXX: may have to refine this test * Check against address space limit. * - * if ((mm->total_vm << PAGE_SHIFT) + len> current->rlim[RLIMIT_AS].rlim_cur) + * if ((mm->total_vm << PAGE_SHIFT) + len> current->cred->cr_rlim[RLIMIT_AS].rlim_cur) * return -ENOMEM; */ - if (size > current->rlim[RLIMIT_MEMLOCK].rlim_cur) return -EAGAIN; + if (size > current->cred->cr_rlim[RLIMIT_MEMLOCK].rlim_cur) + return -EAGAIN; /* * We do the easy to undo allocations first. diff -urN v2.5.23/arch/ia64/kernel/sys_ia64.c cred-v2.5.23/arch/ia64/kernel/sys_ia64.c --- v2.5.23/arch/ia64/kernel/sys_ia64.c Thu Jun 6 00:35:33 2002 +++ cred-v2.5.23/arch/ia64/kernel/sys_ia64.c Tue Jun 18 23:22:46 2002 @@ -130,7 +130,7 @@ goto out; /* Check against rlimit.. */ - rlim = current->rlim[RLIMIT_DATA].rlim_cur; + rlim = current->cred->cr_rlim[RLIMIT_DATA].rlim_cur; if (rlim < RLIM_INFINITY && brk - mm->start_data > rlim) goto out; diff -urN v2.5.23/arch/ia64/mm/fault.c cred-v2.5.23/arch/ia64/mm/fault.c --- v2.5.23/arch/ia64/mm/fault.c Thu Jun 6 00:35:39 2002 +++ cred-v2.5.23/arch/ia64/mm/fault.c Tue Jun 18 23:22:46 2002 @@ -33,8 +33,8 @@ unsigned long grow; grow = PAGE_SIZE >> PAGE_SHIFT; - if (address - vma->vm_start > current->rlim[RLIMIT_STACK].rlim_cur - || (((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) > current->rlim[RLIMIT_AS].rlim_cur)) + if (address - vma->vm_start > current->cred->cr_rlim[RLIMIT_STACK].rlim_cur + || (((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) > current->cred->cr_rlim[RLIMIT_AS].rlim_cur)) return -ENOMEM; vma->vm_end += PAGE_SIZE; vma->vm_mm->total_vm += grow; diff -urN v2.5.23/arch/mips/kernel/irixelf.c cred-v2.5.23/arch/mips/kernel/irixelf.c --- v2.5.23/arch/mips/kernel/irixelf.c Mon Mar 19 15:35:09 2001 +++ cred-v2.5.23/arch/mips/kernel/irixelf.c Tue Jun 18 23:22:46 2002 @@ -1058,7 +1058,7 @@ struct vm_area_struct *vma; struct elfhdr elf; off_t offset = 0, dataoff; - int limit = current->rlim[RLIMIT_CORE].rlim_cur; + int limit = current->cred->cr_rlim[RLIMIT_CORE].rlim_cur; int numnote = 4; struct memelfnote notes[4]; struct elf_prstatus prstatus; /* NT_PRSTATUS */ diff -urN v2.5.23/arch/mips/kernel/sysirix.c cred-v2.5.23/arch/mips/kernel/sysirix.c --- v2.5.23/arch/mips/kernel/sysirix.c Mon Jun 10 21:41:10 2002 +++ cred-v2.5.23/arch/mips/kernel/sysirix.c Tue Jun 18 23:22:46 2002 @@ -121,16 +121,16 @@ if (value > RLIM_INFINITY) value = RLIM_INFINITY; if (capable(CAP_SYS_ADMIN)) { - current->rlim[RLIMIT_STACK].rlim_max = - current->rlim[RLIMIT_STACK].rlim_cur = value; + current->cred->cr_rlim[RLIMIT_STACK].rlim_max = + current->cred->cr_rlim[RLIMIT_STACK].rlim_cur = value; error = value; break; } - if (value > current->rlim[RLIMIT_STACK].rlim_max) { + if (value > current->cred->cr_rlim[RLIMIT_STACK].rlim_max) { error = -EINVAL; break; } - current->rlim[RLIMIT_STACK].rlim_cur = value; + current->cred->cr_rlim[RLIMIT_STACK].rlim_cur = value; error = value; break; } @@ -138,7 +138,7 @@ case PR_GETSTACKSIZE: printk("irix_prctl[%s:%d]: Wants PR_GETSTACKSIZE\n", current->comm, current->pid); - error = current->rlim[RLIMIT_STACK].rlim_cur; + error = current->cred->cr_rlim[RLIMIT_STACK].rlim_cur; break; case PR_MAXPPROCS: @@ -560,7 +560,7 @@ /* * Check against rlimit and stack.. */ - rlim = current->rlim[RLIMIT_DATA].rlim_cur; + rlim = current->cred->cr_rlim[RLIMIT_DATA].rlim_cur; if (rlim >= RLIM_INFINITY) rlim = ~0; if (brk - mm->end_code > rlim) { @@ -2141,7 +2141,7 @@ retval = -EINVAL; goto out; #endif - retval = current->rlim[RLIMIT_NOFILE].rlim_cur; + retval = current->cred->cr_rlim[RLIMIT_NOFILE].rlim_cur; goto out; case 5: diff -urN v2.5.23/arch/parisc/mm/fault.c cred-v2.5.23/arch/parisc/mm/fault.c --- v2.5.23/arch/parisc/mm/fault.c Mon Mar 19 15:37:16 2001 +++ cred-v2.5.23/arch/parisc/mm/fault.c Tue Jun 18 23:22:46 2002 @@ -125,8 +125,8 @@ address += 4 + PAGE_SIZE - 1; address &= PAGE_MASK; grow = (address - vma->vm_end) >> PAGE_SHIFT; - if (address - vma->vm_start > current->rlim[RLIMIT_STACK].rlim_cur || - ((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) > current->rlim[RLIMIT_AS].rlim_cur) + if (address - vma->vm_start > current->cred->cr_rlim[RLIMIT_STACK].rlim_cur || + ((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) > current->cred->cr_rlim[RLIMIT_AS].rlim_cur) return -ENOMEM; vma->vm_end = address; vma->vm_mm->total_vm += grow; diff -urN v2.5.23/arch/ppc64/kernel/sys_ppc32.c cred-v2.5.23/arch/ppc64/kernel/sys_ppc32.c --- v2.5.23/arch/ppc64/kernel/sys_ppc32.c Tue Jun 18 23:22:21 2002 +++ cred-v2.5.23/arch/ppc64/kernel/sys_ppc32.c Tue Jun 18 23:22:46 2002 @@ -2056,7 +2056,7 @@ return -EINVAL; } - memcpy(&x, current->rlim+resource, sizeof(struct rlimit)); + memcpy(&x, current->cred->cr_rlim+resource, sizeof(struct rlimit)); if(x.rlim_cur > RLIM_INFINITY32) x32.rlim_cur = RLIM_INFINITY32; diff -urN v2.5.23/arch/sparc/kernel/sys_sunos.c cred-v2.5.23/arch/sparc/kernel/sys_sunos.c --- v2.5.23/arch/sparc/kernel/sys_sunos.c Thu Jun 6 00:36:01 2002 +++ cred-v2.5.23/arch/sparc/kernel/sys_sunos.c Tue Jun 18 23:22:46 2002 @@ -175,7 +175,7 @@ * Check against rlimit and stack.. */ retval = -ENOMEM; - rlim = current->rlim[RLIMIT_DATA].rlim_cur; + rlim = current->cred->cr_rlim[RLIMIT_DATA].rlim_cur; if (rlim >= RLIM_INFINITY) rlim = ~0; if (brk - current->mm->end_code > rlim) diff -urN v2.5.23/arch/sparc64/kernel/binfmt_aout32.c cred-v2.5.23/arch/sparc64/kernel/binfmt_aout32.c --- v2.5.23/arch/sparc64/kernel/binfmt_aout32.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/arch/sparc64/kernel/binfmt_aout32.c Tue Jun 18 23:22:46 2002 @@ -102,12 +102,12 @@ /* If the size of the dump file exceeds the rlimit, then see what would happen if we wrote the stack, but not the data area. */ if ((dump.u_dsize+dump.u_ssize) > - current->rlim[RLIMIT_CORE].rlim_cur) + current->cred->cr_rlim[RLIMIT_CORE].rlim_cur) dump.u_dsize = 0; /* Make sure we have enough room to write the stack and data areas. */ if ((dump.u_ssize) > - current->rlim[RLIMIT_CORE].rlim_cur) + current->cred->cr_rlim[RLIMIT_CORE].rlim_cur) dump.u_ssize = 0; /* make sure we actually have a data and stack area to dump */ @@ -218,7 +218,7 @@ * size limits imposed on them by creating programs with large * arrays in the data or bss. */ - rlim = current->rlim[RLIMIT_DATA].rlim_cur; + rlim = current->cred->cr_rlim[RLIMIT_DATA].rlim_cur; if (rlim >= RLIM_INFINITY) rlim = ~0; if (ex.a_data + ex.a_bss > rlim) diff -urN v2.5.23/arch/sparc64/kernel/sys_sunos32.c cred-v2.5.23/arch/sparc64/kernel/sys_sunos32.c --- v2.5.23/arch/sparc64/kernel/sys_sunos32.c Mon Jun 17 15:41:15 2002 +++ cred-v2.5.23/arch/sparc64/kernel/sys_sunos32.c Tue Jun 18 23:22:46 2002 @@ -144,7 +144,7 @@ } /* Check against rlimit and stack.. */ retval = -ENOMEM; - rlim = current->rlim[RLIMIT_DATA].rlim_cur; + rlim = current->cred->cr_rlim[RLIMIT_DATA].rlim_cur; if (rlim >= RLIM_INFINITY) rlim = ~0; if (brk - current->mm->end_code > rlim) diff -urN v2.5.23/arch/sparc64/solaris/fs.c cred-v2.5.23/arch/sparc64/solaris/fs.c --- v2.5.23/arch/sparc64/solaris/fs.c Mon Jun 17 15:41:15 2002 +++ cred-v2.5.23/arch/sparc64/solaris/fs.c Tue Jun 18 23:22:46 2002 @@ -632,23 +632,23 @@ { switch (cmd) { case 1: /* UL_GETFSIZE - in 512B chunks */ - return current->rlim[RLIMIT_FSIZE].rlim_cur >> 9; + return current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur >> 9; case 2: /* UL_SETFSIZE */ if ((unsigned long)val > (LONG_MAX>>9)) return -ERANGE; val <<= 9; lock_kernel(); - if (val > current->rlim[RLIMIT_FSIZE].rlim_max) { + if (val > current->cred->cr_rlim[RLIMIT_FSIZE].rlim_max) { if (!capable(CAP_SYS_RESOURCE)) { unlock_kernel(); return -EPERM; } - current->rlim[RLIMIT_FSIZE].rlim_max = val; + current->cred->cr_rlim[RLIMIT_FSIZE].rlim_max = val; } - current->rlim[RLIMIT_FSIZE].rlim_cur = val; + current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur = val; unlock_kernel(); return 0; case 3: /* UL_GMEMLIM */ - return current->rlim[RLIMIT_DATA].rlim_cur; + return current->cred->cr_rlim[RLIMIT_DATA].rlim_cur; case 4: /* UL_GDESLIM */ return NR_OPEN; } diff -urN v2.5.23/drivers/block/loop.c cred-v2.5.23/drivers/block/loop.c --- v2.5.23/drivers/block/loop.c Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/drivers/block/loop.c Tue Jun 18 23:22:46 2002 @@ -799,7 +799,8 @@ int err; unsigned int type; - if (lo->lo_encrypt_key_size && lo->lo_key_owner != current->uid && + if (lo->lo_encrypt_key_size && + lo->lo_key_owner != current->cred->cr_uid && !capable(CAP_SYS_ADMIN)) return -EPERM; if (lo->lo_state != Lo_bound) @@ -830,7 +831,7 @@ if (info.lo_encrypt_key_size) { memcpy(lo->lo_encrypt_key, info.lo_encrypt_key, info.lo_encrypt_key_size); - lo->lo_key_owner = current->uid; + lo->lo_key_owner = current->cred->cr_uid; } figure_loop_size(lo); return 0; diff -urN v2.5.23/drivers/char/tty_io.c cred-v2.5.23/drivers/char/tty_io.c --- v2.5.23/drivers/char/tty_io.c Thu Jun 6 00:36:01 2002 +++ cred-v2.5.23/drivers/char/tty_io.c Tue Jun 18 23:22:46 2002 @@ -1459,8 +1459,8 @@ tty->minimum_to_wake = 1; if (filp->f_owner.pid == 0) { filp->f_owner.pid = (-tty->pgrp) ? : current->pid; - filp->f_owner.uid = current->uid; - filp->f_owner.euid = current->euid; + filp->f_owner.uid = current->cred->cr_uid; + filp->f_owner.euid = current->cred->cr_euid; } } else { if (!tty->fasync && !waitqueue_active(&tty->read_wait)) diff -urN v2.5.23/fs/affs/inode.c cred-v2.5.23/fs/affs/inode.c --- v2.5.23/fs/affs/inode.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/affs/inode.c Tue Jun 18 23:22:46 2002 @@ -325,8 +325,8 @@ mark_buffer_dirty_inode(bh, inode); affs_brelse(bh); - inode->i_uid = current->fsuid; - inode->i_gid = current->fsgid; + inode->i_uid = current->cred->cr_fsuid; + inode->i_gid = current->cred->cr_fsgid; inode->i_ino = block; inode->i_nlink = 1; inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; diff -urN v2.5.23/fs/affs/super.c cred-v2.5.23/fs/affs/super.c --- v2.5.23/fs/affs/super.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/affs/super.c Tue Jun 18 23:22:46 2002 @@ -152,8 +152,8 @@ /* Fill in defaults */ - *uid = current->uid; - *gid = current->gid; + *uid = current->cred->cr_uid; + *gid = current->cred->cr_gid; *reserved = 2; *root = -1; *blocksize = -1; diff -urN v2.5.23/fs/attr.c cred-v2.5.23/fs/attr.c --- v2.5.23/fs/attr.c Thu Jun 6 00:35:45 2002 +++ cred-v2.5.23/fs/attr.c Tue Jun 18 23:22:46 2002 @@ -29,7 +29,7 @@ /* Make sure a caller can chown. */ if ((ia_valid & ATTR_UID) && - (current->fsuid != inode->i_uid || + (current->cred->cr_fsuid != inode->i_uid || attr->ia_uid != inode->i_uid) && !capable(CAP_CHOWN)) goto error; @@ -41,7 +41,7 @@ /* Make sure a caller can chmod. */ if (ia_valid & ATTR_MODE) { - if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) + if ((current->cred->cr_fsuid != inode->i_uid) && !capable(CAP_FOWNER)) goto error; /* Also check the setgid bit! */ if (!in_group_p((ia_valid & ATTR_GID) ? attr->ia_gid : @@ -51,7 +51,7 @@ /* Check for setting the inode time. */ if (ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET)) { - if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER)) + if (current->cred->cr_fsuid != inode->i_uid && !capable(CAP_FOWNER)) goto error; } fine: diff -urN v2.5.23/fs/autofs/inode.c cred-v2.5.23/fs/autofs/inode.c --- v2.5.23/fs/autofs/inode.c Thu Jun 6 00:35:52 2002 +++ cred-v2.5.23/fs/autofs/inode.c Tue Jun 18 23:22:46 2002 @@ -50,8 +50,8 @@ { char *this_char, *value; - *uid = current->uid; - *gid = current->gid; + *uid = current->cred->cr_uid; + *gid = current->cred->cr_gid; *pgrp = current->pgrp; *minproto = *maxproto = AUTOFS_PROTO_VERSION; diff -urN v2.5.23/fs/autofs4/inode.c cred-v2.5.23/fs/autofs4/inode.c --- v2.5.23/fs/autofs4/inode.c Thu Jun 6 00:35:52 2002 +++ cred-v2.5.23/fs/autofs4/inode.c Tue Jun 18 23:22:46 2002 @@ -100,8 +100,8 @@ { char *this_char, *value; - *uid = current->uid; - *gid = current->gid; + *uid = current->cred->cr_uid; + *gid = current->cred->cr_gid; *pgrp = current->pgrp; *minproto = AUTOFS_MIN_PROTO_VERSION; diff -urN v2.5.23/fs/bfs/dir.c cred-v2.5.23/fs/bfs/dir.c --- v2.5.23/fs/bfs/dir.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/bfs/dir.c Tue Jun 18 23:22:46 2002 @@ -98,8 +98,8 @@ } set_bit(ino, info->si_imap); info->si_freei--; - inode->i_uid = current->fsuid; - inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current->fsgid; + inode->i_uid = current->cred->cr_fsuid; + inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current->cred->cr_fsgid; inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; inode->i_blocks = inode->i_blksize = 0; inode->i_op = &bfs_file_inops; diff -urN v2.5.23/fs/binfmt_aout.c cred-v2.5.23/fs/binfmt_aout.c --- v2.5.23/fs/binfmt_aout.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/binfmt_aout.c Tue Jun 18 23:22:46 2002 @@ -119,22 +119,22 @@ if we wrote the stack, but not the data area. */ #ifdef __sparc__ if ((dump.u_dsize+dump.u_ssize) > - current->rlim[RLIMIT_CORE].rlim_cur) + current->cred->cr_rlim[RLIMIT_CORE].rlim_cur) dump.u_dsize = 0; #else if ((dump.u_dsize+dump.u_ssize+1) * PAGE_SIZE > - current->rlim[RLIMIT_CORE].rlim_cur) + current->cred->cr_rlim[RLIMIT_CORE].rlim_cur) dump.u_dsize = 0; #endif /* Make sure we have enough room to write the stack and data areas. */ #ifdef __sparc__ if ((dump.u_ssize) > - current->rlim[RLIMIT_CORE].rlim_cur) + current->cred->cr_rlim[RLIMIT_CORE].rlim_cur) dump.u_ssize = 0; #else if ((dump.u_ssize+1) * PAGE_SIZE > - current->rlim[RLIMIT_CORE].rlim_cur) + current->cred->cr_rlim[RLIMIT_CORE].rlim_cur) dump.u_ssize = 0; #endif @@ -278,7 +278,7 @@ * size limits imposed on them by creating programs with large * arrays in the data or bss. */ - rlim = current->rlim[RLIMIT_DATA].rlim_cur; + rlim = current->cred->cr_rlim[RLIMIT_DATA].rlim_cur; if (rlim >= RLIM_INFINITY) rlim = ~0; if (ex.a_data + ex.a_bss > rlim) diff -urN v2.5.23/fs/binfmt_elf.c cred-v2.5.23/fs/binfmt_elf.c --- v2.5.23/fs/binfmt_elf.c Thu Jun 6 00:36:03 2002 +++ cred-v2.5.23/fs/binfmt_elf.c Tue Jun 18 23:22:46 2002 @@ -195,10 +195,10 @@ NEW_AUX_ENT( 6, AT_BASE, interp_load_addr); NEW_AUX_ENT( 7, AT_FLAGS, 0); NEW_AUX_ENT( 8, AT_ENTRY, load_bias + exec->e_entry); - NEW_AUX_ENT( 9, AT_UID, (elf_addr_t) current->uid); - NEW_AUX_ENT(10, AT_EUID, (elf_addr_t) current->euid); - NEW_AUX_ENT(11, AT_GID, (elf_addr_t) current->gid); - NEW_AUX_ENT(12, AT_EGID, (elf_addr_t) current->egid); + NEW_AUX_ENT( 9, AT_UID, (elf_addr_t) current->cred->cr_uid); + NEW_AUX_ENT(10, AT_EUID, (elf_addr_t) current->cred->cr_euid); + NEW_AUX_ENT(11, AT_GID, (elf_addr_t) current->cred->cr_gid); + NEW_AUX_ENT(12, AT_EGID, (elf_addr_t) current->cred->cr_egid); #ifdef ARCH_DLINFO /* * ARCH_DLINFO must come last so platform specific code can enforce @@ -1028,7 +1028,7 @@ struct vm_area_struct *vma; struct elfhdr elf; off_t offset = 0, dataoff; - unsigned long limit = current->rlim[RLIMIT_CORE].rlim_cur; + unsigned long limit = current->cred->cr_rlim[RLIMIT_CORE].rlim_cur; int numnote = 4; struct memelfnote notes[4]; struct elf_prstatus prstatus; /* NT_PRSTATUS */ @@ -1148,8 +1148,8 @@ psinfo.pr_zomb = psinfo.pr_sname == 'Z'; psinfo.pr_nice = task_nice(current); psinfo.pr_flag = current->flags; - psinfo.pr_uid = NEW_TO_OLD_UID(current->uid); - psinfo.pr_gid = NEW_TO_OLD_GID(current->gid); + psinfo.pr_uid = NEW_TO_OLD_UID(current->cred->cr_uid); + psinfo.pr_gid = NEW_TO_OLD_GID(current->cred->cr_gid); strncpy(psinfo.pr_fname, current->comm, sizeof(psinfo.pr_fname)); notes[2].name = "CORE"; diff -urN v2.5.23/fs/buffer.c cred-v2.5.23/fs/buffer.c --- v2.5.23/fs/buffer.c Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/fs/buffer.c Tue Jun 18 23:22:46 2002 @@ -1890,7 +1890,7 @@ int err; err = -EFBIG; - limit = current->rlim[RLIMIT_FSIZE].rlim_cur; + limit = current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur; if (limit != RLIM_INFINITY && size > (loff_t)limit) { send_sig(SIGXFSZ, current, 0); goto out; diff -urN v2.5.23/fs/coda/coda_linux.c cred-v2.5.23/fs/coda/coda_linux.c --- v2.5.23/fs/coda/coda_linux.c Thu Jun 6 00:35:52 2002 +++ cred-v2.5.23/fs/coda/coda_linux.c Tue Jun 18 23:22:46 2002 @@ -63,20 +63,20 @@ /* put the current process credentials in the cred */ void coda_load_creds(struct coda_cred *cred) { - cred->cr_uid = (vuid_t) current->uid; - cred->cr_euid = (vuid_t) current->euid; - cred->cr_suid = (vuid_t) current->suid; - cred->cr_fsuid = (vuid_t) current->fsuid; + cred->cr_uid = (vuid_t) current->cred->cr_uid; + cred->cr_euid = (vuid_t) current->cred->cr_euid; + cred->cr_suid = (vuid_t) current->cred->cr_suid; + cred->cr_fsuid = (vuid_t) current->cred->cr_fsuid; - cred->cr_groupid = (vgid_t) current->gid; - cred->cr_egid = (vgid_t) current->egid; - cred->cr_sgid = (vgid_t) current->sgid; - cred->cr_fsgid = (vgid_t) current->fsgid; + cred->cr_groupid = (vgid_t) current->cred->cr_gid; + cred->cr_egid = (vgid_t) current->cred->cr_egid; + cred->cr_sgid = (vgid_t) current->cred->cr_sgid; + cred->cr_fsgid = (vgid_t) current->cred->cr_fsgid; } int coda_cred_ok(struct coda_cred *cred) { - return(current->fsuid == cred->cr_fsuid); + return(current->cred->cr_fsuid == cred->cr_fsuid); } int coda_cred_eq(struct coda_cred *cred1, struct coda_cred *cred2) diff -urN v2.5.23/fs/devpts/inode.c cred-v2.5.23/fs/devpts/inode.c --- v2.5.23/fs/devpts/inode.c Thu Jun 6 00:35:52 2002 +++ cred-v2.5.23/fs/devpts/inode.c Tue Jun 18 23:22:46 2002 @@ -198,8 +198,8 @@ inode->i_ino = number+2; inode->i_blocks = 0; inode->i_blksize = 1024; - inode->i_uid = sbi->setuid ? sbi->uid : current->fsuid; - inode->i_gid = sbi->setgid ? sbi->gid : current->fsgid; + inode->i_uid = sbi->setuid ? sbi->uid : current->cred->cr_fsuid; + inode->i_gid = sbi->setgid ? sbi->gid : current->cred->cr_fsgid; inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; init_special_inode(inode, S_IFCHR|sbi->mode, kdev_t_to_nr(device)); diff -urN v2.5.23/fs/dnotify.c cred-v2.5.23/fs/dnotify.c --- v2.5.23/fs/dnotify.c Thu Jun 6 00:35:52 2002 +++ cred-v2.5.23/fs/dnotify.c Tue Jun 18 23:22:46 2002 @@ -94,8 +94,8 @@ prev = &odn->dn_next; } filp->f_owner.pid = current->pid; - filp->f_owner.uid = current->uid; - filp->f_owner.euid = current->euid; + filp->f_owner.uid = current->cred->cr_uid; + filp->f_owner.euid = current->cred->cr_euid; dn->dn_mask = arg; dn->dn_fd = fd; dn->dn_filp = filp; diff -urN v2.5.23/fs/dquot.c cred-v2.5.23/fs/dquot.c --- v2.5.23/fs/dquot.c Mon Jun 17 15:41:35 2002 +++ cred-v2.5.23/fs/dquot.c Tue Jun 18 23:22:46 2002 @@ -785,7 +785,8 @@ { switch (dquot->dq_type) { case USRQUOTA: - return current->fsuid == dquot->dq_id && !(dquot->dq_flags & flag); + return current->cred->cr_fsuid == dquot->dq_id && + !(dquot->dq_flags & flag); case GRPQUOTA: return in_group_p(dquot->dq_id) && !(dquot->dq_flags & flag); } diff -urN v2.5.23/fs/driverfs/inode.c cred-v2.5.23/fs/driverfs/inode.c --- v2.5.23/fs/driverfs/inode.c Mon Jun 10 21:41:10 2002 +++ cred-v2.5.23/fs/driverfs/inode.c Tue Jun 18 23:22:46 2002 @@ -102,8 +102,8 @@ if (inode) { inode->i_mode = mode; - inode->i_uid = current->fsuid; - inode->i_gid = current->fsgid; + inode->i_uid = current->cred->cr_fsuid; + inode->i_gid = current->cred->cr_fsgid; inode->i_blksize = PAGE_CACHE_SIZE; inode->i_blocks = 0; inode->i_rdev = NODEV; diff -urN v2.5.23/fs/exec.c cred-v2.5.23/fs/exec.c --- v2.5.23/fs/exec.c Thu Jun 6 00:35:55 2002 +++ cred-v2.5.23/fs/exec.c Tue Jun 18 23:22:46 2002 @@ -519,7 +519,7 @@ info.si_errno = 0; info.si_code = SI_DETHREAD; info.si_pid = current->pid; - info.si_uid = current->uid; + info.si_uid = current->cred->cr_uid; head = tsk->thread_group.next; list_del_init(&tsk->thread_group); @@ -562,7 +562,8 @@ current->sas_ss_sp = current->sas_ss_size = 0; - if (current->euid == current->uid && current->egid == current->gid) + if (current->cred->cr_euid == current->cred->cr_uid && + current->cred->cr_egid == current->cred->cr_gid) current->mm->dumpable = 1; name = bprm->filename; for (i=0; (ch = *(name++)) != '\0';) { @@ -579,7 +580,7 @@ if (!list_empty(¤t->thread_group)) de_thread(current); - if (bprm->e_uid != current->euid || bprm->e_gid != current->egid || + if (bprm->e_uid != current->cred->cr_euid || bprm->e_gid != current->cred->cr_egid || permission(bprm->file->f_dentry->d_inode,MAY_READ)) current->mm->dumpable = 0; @@ -632,8 +633,8 @@ if (bprm->file->f_op == NULL) return -EACCES; - bprm->e_uid = current->euid; - bprm->e_gid = current->egid; + bprm->e_uid = current->cred->cr_euid; + bprm->e_gid = current->cred->cr_egid; if(!(bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID)) { /* Set-uid? */ @@ -664,7 +665,7 @@ */ if (!issecure(SECURE_NOROOT)) { - if (bprm->e_uid == 0 || current->uid == 0) { + if (bprm->e_uid == 0 || current->cred->cr_uid == 0) { cap_set_full(bprm->cap_inheritable); cap_set_full(bprm->cap_permitted); } @@ -698,11 +699,11 @@ new_permitted = cap_intersect(bprm->cap_permitted, cap_bset); working = cap_intersect(bprm->cap_inheritable, - current->cap_inheritable); + current->cred->cr_cap_inheritable); new_permitted = cap_combine(new_permitted, working); - if (bprm->e_uid != current->uid || bprm->e_gid != current->gid || - !cap_issubset(new_permitted, current->cap_permitted)) { + if (bprm->e_uid != current->cred->cr_uid || bprm->e_gid != current->cred->cr_gid || + !cap_issubset(new_permitted, current->cred->cr_cap_permitted)) { current->mm->dumpable = 0; lock_kernel(); @@ -711,12 +712,12 @@ || atomic_read(¤t->files->count) > 1 || atomic_read(¤t->sig->count) > 1) { if(!capable(CAP_SETUID)) { - bprm->e_uid = current->uid; - bprm->e_gid = current->gid; + bprm->e_uid = current->cred->cr_uid; + bprm->e_gid = current->cred->cr_gid; } if(!capable(CAP_SETPCAP)) { new_permitted = cap_intersect(new_permitted, - current->cap_permitted); + current->cred->cr_cap_permitted); } } do_unlock = 1; @@ -727,19 +728,19 @@ * in the init_task struct. Thus we skip the usual * capability rules */ if (current->pid != 1) { - current->cap_permitted = new_permitted; - current->cap_effective = + current->cred->cr_cap_permitted = new_permitted; + current->cred->cr_cap_effective = cap_intersect(new_permitted, bprm->cap_effective); } - /* AUD: Audit candidate if current->cap_effective is set */ + /* AUD: Audit candidate if current->cred->cr_cap_effective is set */ - current->suid = current->euid = current->fsuid = bprm->e_uid; - current->sgid = current->egid = current->fsgid = bprm->e_gid; + current->cred->cr_suid = current->cred->cr_euid = current->cred->cr_fsuid = bprm->e_uid; + current->cred->cr_sgid = current->cred->cr_egid = current->cred->cr_fsgid = bprm->e_gid; if(do_unlock) unlock_kernel(); - current->keep_capabilities = 0; + current->cred->cr_keep_capabilities = 0; } @@ -969,7 +970,7 @@ if (!current->mm->dumpable) goto fail; current->mm->dumpable = 0; - if (current->rlim[RLIMIT_CORE].rlim_cur < binfmt->min_coredump) + if (current->cred->cr_rlim[RLIMIT_CORE].rlim_cur < binfmt->min_coredump) goto fail; memcpy(corename,"core", 5); /* include trailing \0 */ diff -urN v2.5.23/fs/ext2/balloc.c cred-v2.5.23/fs/ext2/balloc.c --- v2.5.23/fs/ext2/balloc.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/ext2/balloc.c Tue Jun 18 23:22:46 2002 @@ -178,7 +178,7 @@ count = free_blocks; if (free_blocks < root_blocks + count && !capable(CAP_SYS_RESOURCE) && - sbi->s_resuid != current->fsuid && + sbi->s_resuid != current->cred->cr_fsuid && (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) { /* * We are too close to reserve and we are not privileged. diff -urN v2.5.23/fs/ext2/ialloc.c cred-v2.5.23/fs/ext2/ialloc.c --- v2.5.23/fs/ext2/ialloc.c Thu Jun 6 00:35:55 2002 +++ cred-v2.5.23/fs/ext2/ialloc.c Tue Jun 18 23:22:46 2002 @@ -410,7 +410,7 @@ cpu_to_le32(le32_to_cpu(es->s_free_inodes_count) - 1); mark_buffer_dirty(EXT2_SB(sb)->s_sbh); sb->s_dirt = 1; - inode->i_uid = current->fsuid; + inode->i_uid = current->cred->cr_fsuid; if (test_opt (sb, GRPID)) inode->i_gid = dir->i_gid; else if (dir->i_mode & S_ISGID) { @@ -418,7 +418,7 @@ if (S_ISDIR(mode)) mode |= S_ISGID; } else - inode->i_gid = current->fsgid; + inode->i_gid = current->cred->cr_fsgid; inode->i_mode = mode; inode->i_ino = ino; diff -urN v2.5.23/fs/ext2/ioctl.c cred-v2.5.23/fs/ext2/ioctl.c --- v2.5.23/fs/ext2/ioctl.c Thu Jun 6 00:35:55 2002 +++ cred-v2.5.23/fs/ext2/ioctl.c Tue Jun 18 23:22:46 2002 @@ -30,7 +30,7 @@ if (IS_RDONLY(inode)) return -EROFS; - if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) + if ((current->cred->cr_fsuid != inode->i_uid) && !capable(CAP_FOWNER)) return -EPERM; if (get_user(flags, (int *) arg)) @@ -79,7 +79,7 @@ case EXT2_IOC_GETVERSION: return put_user(inode->i_generation, (int *) arg); case EXT2_IOC_SETVERSION: - if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) + if ((current->cred->cr_fsuid != inode->i_uid) && !capable(CAP_FOWNER)) return -EPERM; if (IS_RDONLY(inode)) return -EROFS; diff -urN v2.5.23/fs/ext3/balloc.c cred-v2.5.23/fs/ext3/balloc.c --- v2.5.23/fs/ext3/balloc.c Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/fs/ext3/balloc.c Tue Jun 18 23:22:46 2002 @@ -568,7 +568,7 @@ es = sb->u.ext3_sb.s_es; if (le32_to_cpu(es->s_free_blocks_count) <= le32_to_cpu(es->s_r_blocks_count) && - ((sb->u.ext3_sb.s_resuid != current->fsuid) && + ((sb->u.ext3_sb.s_resuid != current->cred->cr_fsuid) && (sb->u.ext3_sb.s_resgid == 0 || !in_group_p (sb->u.ext3_sb.s_resgid)) && !capable(CAP_SYS_RESOURCE))) diff -urN v2.5.23/fs/ext3/ialloc.c cred-v2.5.23/fs/ext3/ialloc.c --- v2.5.23/fs/ext3/ialloc.c Mon Jun 17 15:41:35 2002 +++ cred-v2.5.23/fs/ext3/ialloc.c Tue Jun 18 23:22:46 2002 @@ -464,7 +464,7 @@ sb->s_dirt = 1; if (err) goto fail; - inode->i_uid = current->fsuid; + inode->i_uid = current->cred->cr_fsuid; if (test_opt (sb, GRPID)) inode->i_gid = dir->i_gid; else if (dir->i_mode & S_ISGID) { @@ -472,7 +472,7 @@ if (S_ISDIR(mode)) mode |= S_ISGID; } else - inode->i_gid = current->fsgid; + inode->i_gid = current->cred->cr_fsgid; inode->i_mode = mode; inode->i_ino = j; diff -urN v2.5.23/fs/ext3/ioctl.c cred-v2.5.23/fs/ext3/ioctl.c --- v2.5.23/fs/ext3/ioctl.c Thu Jun 6 00:35:55 2002 +++ cred-v2.5.23/fs/ext3/ioctl.c Tue Jun 18 23:22:46 2002 @@ -37,7 +37,7 @@ if (IS_RDONLY(inode)) return -EROFS; - if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) + if ((current->cred->cr_fsuid != inode->i_uid) && !capable(CAP_FOWNER)) return -EPERM; if (get_user(flags, (int *) arg)) @@ -123,7 +123,7 @@ __u32 generation; int err; - if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) + if ((current->cred->cr_fsuid != inode->i_uid) && !capable(CAP_FOWNER)) return -EPERM; if (IS_RDONLY(inode)) return -EROFS; diff -urN v2.5.23/fs/fat/inode.c cred-v2.5.23/fs/fat/inode.c --- v2.5.23/fs/fat/inode.c Thu Jun 6 00:35:55 2002 +++ cred-v2.5.23/fs/fat/inode.c Tue Jun 18 23:22:46 2002 @@ -212,8 +212,8 @@ opts->name_check = 'n'; opts->conversion = 'b'; - opts->fs_uid = current->uid; - opts->fs_gid = current->gid; + opts->fs_uid = current->cred->cr_uid; + opts->fs_gid = current->cred->cr_gid; opts->fs_umask = current->fs->umask; opts->quiet = opts->sys_immutable = opts->dotsOK = opts->showexec = 0; opts->codepage = 0; diff -urN v2.5.23/fs/fcntl.c cred-v2.5.23/fs/fcntl.c --- v2.5.23/fs/fcntl.c Mon Jun 10 21:41:10 2002 +++ cred-v2.5.23/fs/fcntl.c Tue Jun 18 23:22:46 2002 @@ -89,7 +89,7 @@ write_lock(&files->file_lock); error = -EINVAL; - if (orig_start >= current->rlim[RLIMIT_NOFILE].rlim_cur) + if (orig_start >= current->cred->cr_rlim[RLIMIT_NOFILE].rlim_cur) goto out; repeat: @@ -108,7 +108,7 @@ } error = -EMFILE; - if (newfd >= current->rlim[RLIMIT_NOFILE].rlim_cur) + if (newfd >= current->cred->cr_rlim[RLIMIT_NOFILE].rlim_cur) goto out; error = expand_files(files, newfd); @@ -170,7 +170,7 @@ if (newfd == oldfd) goto out_unlock; err = -EBADF; - if (newfd >= current->rlim[RLIMIT_NOFILE].rlim_cur) + if (newfd >= current->cred->cr_rlim[RLIMIT_NOFILE].rlim_cur) goto out_unlock; get_file(file); /* We are now finished with oldfd */ @@ -319,8 +319,8 @@ case F_SETOWN: lock_kernel(); filp->f_owner.pid = arg; - filp->f_owner.uid = current->uid; - filp->f_owner.euid = current->euid; + filp->f_owner.uid = current->cred->cr_uid; + filp->f_owner.euid = current->cred->cr_euid; err = 0; if (S_ISSOCK (filp->f_dentry->d_inode->i_mode)) err = sock_fcntl (filp, F_SETOWN, arg); @@ -419,8 +419,8 @@ int reason) { if ((fown->euid != 0) && - (fown->euid ^ p->suid) && (fown->euid ^ p->uid) && - (fown->uid ^ p->suid) && (fown->uid ^ p->uid)) + (fown->euid ^ p->cred->cr_suid) && (fown->euid ^ p->cred->cr_uid) && + (fown->uid ^ p->cred->cr_suid) && (fown->uid ^ p->cred->cr_uid)) return; switch (fown->signum) { siginfo_t si; diff -urN v2.5.23/fs/file_table.c cred-v2.5.23/fs/file_table.c --- v2.5.23/fs/file_table.c Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/fs/file_table.c Tue Jun 18 23:22:46 2002 @@ -45,8 +45,8 @@ memset(f, 0, sizeof(*f)); atomic_set(&f->f_count,1); f->f_version = ++event; - f->f_uid = current->fsuid; - f->f_gid = current->fsgid; + f->f_uid = current->cred->cr_fsuid; + f->f_gid = current->cred->cr_fsgid; list_add(&f->f_list, &anon_list); file_list_unlock(); return f; @@ -54,7 +54,7 @@ /* * Use a reserved one if we're the superuser */ - if (files_stat.nr_free_files && !current->euid) + if (files_stat.nr_free_files && !current->cred->cr_euid) goto used_one; /* * Allocate a new one if we're below the limit. @@ -89,8 +89,8 @@ filp->f_mode = mode; atomic_set(&filp->f_count, 1); filp->f_dentry = dentry; - filp->f_uid = current->fsuid; - filp->f_gid = current->fsgid; + filp->f_uid = current->cred->cr_fsuid; + filp->f_gid = current->cred->cr_fsgid; filp->f_op = dentry->d_inode->i_fop; if (filp->f_op->open) return filp->f_op->open(dentry->d_inode, filp); diff -urN v2.5.23/fs/hfs/super.c cred-v2.5.23/fs/hfs/super.c --- v2.5.23/fs/hfs/super.c Thu Jun 6 00:35:37 2002 +++ cred-v2.5.23/fs/hfs/super.c Tue Jun 18 23:22:46 2002 @@ -224,8 +224,8 @@ /* initialize the sb with defaults */ memset(hsb, 0, sizeof(*hsb)); hsb->magic = HFS_SB_MAGIC; - hsb->s_uid = current->uid; - hsb->s_gid = current->gid; + hsb->s_uid = current->cred->cr_uid; + hsb->s_gid = current->cred->cr_gid; hsb->s_umask = current->fs->umask; hsb->s_type = 0x3f3f3f3f; /* == '????' */ hsb->s_creator = 0x3f3f3f3f; /* == '????' */ diff -urN v2.5.23/fs/hpfs/namei.c cred-v2.5.23/fs/hpfs/namei.c --- v2.5.23/fs/hpfs/namei.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/hpfs/namei.c Tue Jun 18 23:22:46 2002 @@ -77,11 +77,11 @@ result->i_ctime = result->i_mtime = result->i_atime = local_to_gmt(dir->i_sb, dee.creation_date); hpfs_i(result)->i_ea_size = 0; if (dee.read_only) result->i_mode &= ~0222; - if (result->i_uid != current->fsuid || - result->i_gid != current->fsgid || + if (result->i_uid != current->cred->cr_fsuid || + result->i_gid != current->cred->cr_fsgid || result->i_mode != (mode | S_IFDIR)) { - result->i_uid = current->fsuid; - result->i_gid = current->fsgid; + result->i_uid = current->cred->cr_fsuid; + result->i_gid = current->cred->cr_fsgid; result->i_mode = mode | S_IFDIR; hpfs_write_inode_nolock(result); } @@ -152,11 +152,11 @@ result->i_data.a_ops = &hpfs_aops; hpfs_i(result)->mmu_private = 0; } - if (result->i_uid != current->fsuid || - result->i_gid != current->fsgid || + if (result->i_uid != current->cred->cr_fsuid || + result->i_gid != current->cred->cr_fsgid || result->i_mode != (mode | S_IFREG)) { - result->i_uid = current->fsuid; - result->i_gid = current->fsgid; + result->i_uid = current->cred->cr_fsuid; + result->i_gid = current->cred->cr_fsgid; result->i_mode = mode | S_IFREG; hpfs_write_inode_nolock(result); } @@ -217,8 +217,8 @@ hpfs_i(result)->i_ea_size = 0; /*if (result->i_blocks == -1) result->i_blocks = 1; if (result->i_size == -1) result->i_size = 0;*/ - result->i_uid = current->fsuid; - result->i_gid = current->fsgid; + result->i_uid = current->cred->cr_fsuid; + result->i_gid = current->cred->cr_fsgid; result->i_nlink = 1; result->i_size = 0; result->i_blocks = 1; @@ -288,8 +288,8 @@ /*if (result->i_blocks == -1) result->i_blocks = 1; if (result->i_size == -1) result->i_size = 0;*/ result->i_mode = S_IFLNK | 0777; - result->i_uid = current->fsuid; - result->i_gid = current->fsgid; + result->i_uid = current->cred->cr_fsuid; + result->i_gid = current->cred->cr_fsgid; result->i_blocks = 1; result->i_size = strlen(symlink); result->i_op = &page_symlink_inode_operations; diff -urN v2.5.23/fs/hpfs/super.c cred-v2.5.23/fs/hpfs/super.c --- v2.5.23/fs/hpfs/super.c Thu Jun 6 00:36:03 2002 +++ cred-v2.5.23/fs/hpfs/super.c Tue Jun 18 23:22:46 2002 @@ -433,8 +433,8 @@ init_MUTEX(&s->u.hpfs_sb.hpfs_creation_de); init_waitqueue_head(&s->s_hpfs_iget_q); - uid = current->uid; - gid = current->gid; + uid = current->cred->cr_uid; + gid = current->cred->cr_gid; umask = current->fs->umask; lowercase = 0; conv = CONV_BINARY; diff -urN v2.5.23/fs/jfs/jfs_inode.c cred-v2.5.23/fs/jfs/jfs_inode.c --- v2.5.23/fs/jfs/jfs_inode.c Thu Jun 6 00:35:32 2002 +++ cred-v2.5.23/fs/jfs/jfs_inode.c Tue Jun 18 23:22:46 2002 @@ -52,13 +52,13 @@ return NULL; } - inode->i_uid = current->fsuid; + inode->i_uid = current->cred->cr_fsuid; if (parent->i_mode & S_ISGID) { inode->i_gid = parent->i_gid; if (S_ISDIR(mode)) mode |= S_ISGID; } else - inode->i_gid = current->fsgid; + inode->i_gid = current->cred->cr_fsgid; inode->i_mode = mode; if (S_ISDIR(mode)) diff -urN v2.5.23/fs/lockd/host.c cred-v2.5.23/fs/lockd/host.c --- v2.5.23/fs/lockd/host.c Mon Oct 1 16:45:47 2001 +++ cred-v2.5.23/fs/lockd/host.c Tue Jun 18 23:22:46 2002 @@ -187,15 +187,15 @@ host->h_nextrebind - jiffies); } } else { - uid_t saved_fsuid = current->fsuid; - kernel_cap_t saved_cap = current->cap_effective; + uid_t saved_fsuid = current->cred->cr_fsuid; + kernel_cap_t saved_cap = current->cred->cr_cap_effective; /* Create RPC socket as root user so we get a priv port */ - current->fsuid = 0; - cap_raise (current->cap_effective, CAP_NET_BIND_SERVICE); + current->cred->cr_fsuid = 0; + cap_raise (current->cred->cr_cap_effective, CAP_NET_BIND_SERVICE); xprt = xprt_create_proto(host->h_proto, &host->h_addr, NULL); - current->fsuid = saved_fsuid; - current->cap_effective = saved_cap; + current->cred->cr_fsuid = saved_fsuid; + current->cred->cr_cap_effective = saved_cap; if (xprt == NULL) goto forgetit; diff -urN v2.5.23/fs/locks.c cred-v2.5.23/fs/locks.c --- v2.5.23/fs/locks.c Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/fs/locks.c Tue Jun 18 23:22:46 2002 @@ -145,7 +145,7 @@ static struct file_lock *locks_alloc_lock(int account) { struct file_lock *fl; - if (account && current->locks >= current->rlim[RLIMIT_LOCKS].rlim_cur) + if (account && current->locks >= current->cred->cr_rlim[RLIMIT_LOCKS].rlim_cur) return NULL; fl = kmem_cache_alloc(filelock_cache, SLAB_KERNEL); if (fl) @@ -1238,7 +1238,7 @@ dentry = filp->f_dentry; inode = dentry->d_inode; - if ((current->fsuid != inode->i_uid) && !capable(CAP_LEASE)) + if ((current->cred->cr_fsuid != inode->i_uid) && !capable(CAP_LEASE)) return -EACCES; if (!S_ISREG(inode->i_mode)) return -EINVAL; @@ -1310,8 +1310,8 @@ *before = fl; list_add(&fl->fl_link, &file_lock_list); filp->f_owner.pid = current->pid; - filp->f_owner.uid = current->uid; - filp->f_owner.euid = current->euid; + filp->f_owner.uid = current->cred->cr_uid; + filp->f_owner.euid = current->cred->cr_euid; out_unlock: unlock_kernel(); return error; diff -urN v2.5.23/fs/minix/bitmap.c cred-v2.5.23/fs/minix/bitmap.c --- v2.5.23/fs/minix/bitmap.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/minix/bitmap.c Tue Jun 18 23:22:46 2002 @@ -247,8 +247,8 @@ iput(inode); return NULL; } - inode->i_uid = current->fsuid; - inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current->fsgid; + inode->i_uid = current->cred->cr_fsuid; + inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current->cred->cr_fsgid; inode->i_ino = j; inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; inode->i_blocks = inode->i_blksize = 0; diff -urN v2.5.23/fs/namei.c cred-v2.5.23/fs/namei.c --- v2.5.23/fs/namei.c Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/fs/namei.c Tue Jun 18 23:22:46 2002 @@ -173,7 +173,7 @@ return -EACCES; } - if (current->fsuid == inode->i_uid) + if (current->cred->cr_fsuid == inode->i_uid) mode >>= 6; else if (in_group_p(inode->i_gid)) mode >>= 3; @@ -312,7 +312,7 @@ if ((inode->i_op && inode->i_op->permission)) return -EAGAIN; - if (current->fsuid == inode->i_uid) + if (current->cred->cr_fsuid == inode->i_uid) mode >>= 6; else if (in_group_p(inode->i_gid)) mode >>= 3; @@ -963,9 +963,9 @@ { if (!(dir->i_mode & S_ISVTX)) return 0; - if (inode->i_uid == current->fsuid) + if (inode->i_uid == current->cred->cr_fsuid) return 0; - if (dir->i_uid == current->fsuid) + if (dir->i_uid == current->cred->cr_fsuid) return 0; return !capable(CAP_FOWNER); } diff -urN v2.5.23/fs/ncpfs/ioctl.c cred-v2.5.23/fs/ncpfs/ioctl.c --- v2.5.23/fs/ncpfs/ioctl.c Thu Jun 6 00:35:16 2002 +++ cred-v2.5.23/fs/ncpfs/ioctl.c Tue Jun 18 23:22:46 2002 @@ -41,7 +41,7 @@ case NCP_IOC_NCPREQUEST: if ((permission(inode, MAY_WRITE) != 0) - && (current->uid != server->m.mounted_uid)) { + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } if (copy_from_user(&request, (struct ncp_ioctl_request *) arg, @@ -100,7 +100,7 @@ struct ncp_fs_info info; if ((permission(inode, MAY_WRITE) != 0) - && (current->uid != server->m.mounted_uid)) { + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } if (copy_from_user(&info, (struct ncp_fs_info *) arg, @@ -128,7 +128,7 @@ struct ncp_fs_info_v2 info2; if ((permission(inode, MAY_WRITE) != 0) - && (current->uid != server->m.mounted_uid)) { + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } if (copy_from_user(&info2, (struct ncp_fs_info_v2 *) arg, @@ -156,7 +156,7 @@ unsigned long tmp = server->m.mounted_uid; if ( (permission(inode, MAY_READ) != 0) - && (current->uid != server->m.mounted_uid)) + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } @@ -170,7 +170,7 @@ struct ncp_setroot_ioctl sr; if ( (permission(inode, MAY_READ) != 0) - && (current->uid != server->m.mounted_uid)) + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } @@ -244,7 +244,7 @@ #ifdef CONFIG_NCPFS_PACKET_SIGNING case NCP_IOC_SIGN_INIT: if ((permission(inode, MAY_WRITE) != 0) - && (current->uid != server->m.mounted_uid)) + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } @@ -267,7 +267,7 @@ case NCP_IOC_SIGN_WANTED: if ( (permission(inode, MAY_READ) != 0) - && (current->uid != server->m.mounted_uid)) + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } @@ -280,7 +280,7 @@ int newstate; if ( (permission(inode, MAY_WRITE) != 0) - && (current->uid != server->m.mounted_uid)) + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } @@ -301,7 +301,7 @@ #ifdef CONFIG_NCPFS_IOCTL_LOCKING case NCP_IOC_LOCKUNLOCK: if ( (permission(inode, MAY_WRITE) != 0) - && (current->uid != server->m.mounted_uid)) + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } @@ -373,7 +373,7 @@ #endif /* CONFIG_NCPFS_IOCTL_LOCKING */ case NCP_IOC_GETOBJECTNAME: - if (current->uid != server->m.mounted_uid) { + if (current->cred->cr_uid != server->m.mounted_uid) { return -EACCES; } { @@ -399,7 +399,7 @@ return 0; } case NCP_IOC_SETOBJECTNAME: - if (current->uid != server->m.mounted_uid) { + if (current->cred->cr_uid != server->m.mounted_uid) { return -EACCES; } { @@ -443,7 +443,7 @@ return 0; } case NCP_IOC_GETPRIVATEDATA: - if (current->uid != server->m.mounted_uid) { + if (current->cred->cr_uid != server->m.mounted_uid) { return -EACCES; } { @@ -467,7 +467,7 @@ return 0; } case NCP_IOC_SETPRIVATEDATA: - if (current->uid != server->m.mounted_uid) { + if (current->cred->cr_uid != server->m.mounted_uid) { return -EACCES; } { @@ -603,7 +603,7 @@ #endif /* CONFIG_NCPFS_NLS */ case NCP_IOC_SETDENTRYTTL: if ((permission(inode, MAY_WRITE) != 0) && - (current->uid != server->m.mounted_uid)) + (current->cred->cr_uid != server->m.mounted_uid)) return -EACCES; { u_int32_t user; @@ -632,7 +632,7 @@ so we have this out of switch */ if (cmd == NCP_IOC_GETMOUNTUID) { if ((permission(inode, MAY_READ) != 0) - && (current->uid != server->m.mounted_uid)) { + && (current->cred->cr_uid != server->m.mounted_uid)) { return -EACCES; } if (put_user(NEW_TO_OLD_UID(server->m.mounted_uid), (__kernel_uid_t *) arg)) diff -urN v2.5.23/fs/nfs/dir.c cred-v2.5.23/fs/nfs/dir.c --- v2.5.23/fs/nfs/dir.c Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/fs/nfs/dir.c Tue Jun 18 23:22:46 2002 @@ -1119,7 +1119,7 @@ * 2) When root squashing may be involved * 3) When ACLs may overturn a negative answer */ if (!capable(CAP_DAC_OVERRIDE) && !capable(CAP_DAC_READ_SEARCH) - && (current->fsuid != 0) && (current->fsgid != 0) + && (current->cred->cr_fsuid != 0) && (current->cred->cr_fsgid != 0) && error != -EACCES) goto out; @@ -1128,8 +1128,9 @@ error = NFS_PROTO(inode)->access(inode, mask, 0); if (error == -EACCES && NFS_CLIENT(inode)->cl_droppriv && - current->uid != 0 && current->gid != 0 && - (current->fsuid != current->uid || current->fsgid != current->gid)) + current->cred->cr_uid != 0 && current->cred->cr_gid != 0 && + (current->cred->cr_fsuid != current->cred->cr_uid || + current->cred->cr_fsgid != current->cred->cr_gid)) error = NFS_PROTO(inode)->access(inode, mask, 1); unlock_kernel(); diff -urN v2.5.23/fs/nfsd/auth.c cred-v2.5.23/fs/nfsd/auth.c --- v2.5.23/fs/nfsd/auth.c Mon Jul 24 02:04:10 2000 +++ cred-v2.5.23/fs/nfsd/auth.c Tue Jun 18 23:22:46 2002 @@ -35,26 +35,26 @@ } if (cred->cr_uid != (uid_t) -1) - current->fsuid = cred->cr_uid; + current->cred->cr_fsuid = cred->cr_uid; else - current->fsuid = exp->ex_anon_uid; + current->cred->cr_fsuid = exp->ex_anon_uid; if (cred->cr_gid != (gid_t) -1) - current->fsgid = cred->cr_gid; + current->cred->cr_fsgid = cred->cr_gid; else - current->fsgid = exp->ex_anon_gid; + current->cred->cr_fsgid = exp->ex_anon_gid; for (i = 0; i < NGROUPS; i++) { gid_t group = cred->cr_groups[i]; if (group == (gid_t) NOGROUP) break; - current->groups[i] = group; + current->cred->cr_groups[i] = group; } - current->ngroups = i; + current->cred->cr_ngroups = i; if ((cred->cr_uid)) { - cap_t(current->cap_effective) &= ~CAP_NFSD_MASK; + cap_t(current->cred->cr_cap_effective) &= ~CAP_NFSD_MASK; } else { - cap_t(current->cap_effective) |= (CAP_NFSD_MASK & - current->cap_permitted); + cap_t(current->cred->cr_cap_effective) |= (CAP_NFSD_MASK & + current->cred->cr_cap_permitted); } rqstp->rq_userset = 1; diff -urN v2.5.23/fs/nfsd/nfssvc.c cred-v2.5.23/fs/nfsd/nfssvc.c --- v2.5.23/fs/nfsd/nfssvc.c Thu Jun 6 00:35:49 2002 +++ cred-v2.5.23/fs/nfsd/nfssvc.c Tue Jun 18 23:22:46 2002 @@ -169,7 +169,7 @@ lock_kernel(); daemonize(); sprintf(current->comm, "nfsd"); - current->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; + current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; nfsdstats.th_cnt++; /* Let svc_process check client's authentication. */ diff -urN v2.5.23/fs/nfsd/vfs.c cred-v2.5.23/fs/nfsd/vfs.c --- v2.5.23/fs/nfsd/vfs.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/nfsd/vfs.c Tue Jun 18 23:22:46 2002 @@ -1465,7 +1465,8 @@ IS_APPEND(inode)? " append" : "", IS_RDONLY(inode)? " ro" : ""); dprintk(" owner %d/%d user %d/%d\n", - inode->i_uid, inode->i_gid, current->fsuid, current->fsgid); + inode->i_uid, inode->i_gid, + current->cred->cr_fsuid, current->cred->cr_fsgid); #endif /* only care about readonly exports for files and @@ -1507,7 +1508,7 @@ * with NFSv3. */ if ((acc & MAY_OWNER_OVERRIDE) && - inode->i_uid == current->fsuid) + inode->i_uid == current->cred->cr_fsuid) return 0; acc &= ~ MAY_OWNER_OVERRIDE; /* This bit is no longer needed, diff -urN v2.5.23/fs/open.c cred-v2.5.23/fs/open.c --- v2.5.23/fs/open.c Mon Jun 17 15:41:37 2002 +++ cred-v2.5.23/fs/open.c Tue Jun 18 23:22:46 2002 @@ -257,7 +257,7 @@ newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET; } else { - if (current->fsuid != inode->i_uid && + if (current->cred->cr_fsuid != inode->i_uid && (error = permission(inode,MAY_WRITE)) != 0) goto dput_and_out; } @@ -304,7 +304,7 @@ newattrs.ia_mtime = times[1].tv_sec; newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET; } else { - if (current->fsuid != inode->i_uid && + if (current->cred->cr_fsuid != inode->i_uid && (error = permission(inode,MAY_WRITE)) != 0) goto dput_and_out; } @@ -332,12 +332,12 @@ if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */ return -EINVAL; - old_fsuid = current->fsuid; - old_fsgid = current->fsgid; - old_cap = current->cap_effective; + old_fsuid = current->cred->cr_fsuid; + old_fsgid = current->cred->cr_fsgid; + old_cap = current->cred->cr_cap_effective; - current->fsuid = current->uid; - current->fsgid = current->gid; + current->cred->cr_fsuid = current->cred->cr_uid; + current->cred->cr_fsgid = current->cred->cr_gid; /* * Clear the capabilities if we switch to a non-root user @@ -347,10 +347,10 @@ * value below. We should hold task_capabilities_lock, * but we cannot because user_path_walk can sleep. */ - if (current->uid) - cap_clear(current->cap_effective); + if (current->cred->cr_uid) + cap_clear(current->cred->cr_cap_effective); else - current->cap_effective = current->cap_permitted; + current->cred->cr_cap_effective = current->cred->cr_cap_permitted; res = user_path_walk(filename, &nd); if (!res) { @@ -362,9 +362,9 @@ path_release(&nd); } - current->fsuid = old_fsuid; - current->fsgid = old_fsgid; - current->cap_effective = old_cap; + current->cred->cr_fsuid = old_fsuid; + current->cred->cr_fsgid = old_fsgid; + current->cred->cr_cap_effective = old_cap; return res; } @@ -704,7 +704,7 @@ * N.B. For clone tasks sharing a files structure, this test * will limit the total number of files that can be opened. */ - if (fd >= current->rlim[RLIMIT_NOFILE].rlim_cur) + if (fd >= current->cred->cr_rlim[RLIMIT_NOFILE].rlim_cur) goto out; /* Do we need to expand the fdset array? */ diff -urN v2.5.23/fs/pipe.c cred-v2.5.23/fs/pipe.c --- v2.5.23/fs/pipe.c Mon Jun 17 15:41:37 2002 +++ cred-v2.5.23/fs/pipe.c Tue Jun 18 23:22:46 2002 @@ -564,8 +564,8 @@ */ inode->i_state = I_DIRTY; inode->i_mode = S_IFIFO | S_IRUSR | S_IWUSR; - inode->i_uid = current->fsuid; - inode->i_gid = current->fsgid; + inode->i_uid = current->cred->cr_fsuid; + inode->i_gid = current->cred->cr_fsgid; inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; inode->i_blksize = PAGE_SIZE; return inode; diff -urN v2.5.23/fs/proc/array.c cred-v2.5.23/fs/proc/array.c --- v2.5.23/fs/proc/array.c Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/fs/proc/array.c Tue Jun 18 23:22:46 2002 @@ -160,8 +160,8 @@ "Gid:\t%d\t%d\t%d\t%d\n", get_task_state(p), p->tgid, p->pid, p->pid ? p->real_parent->pid : 0, 0, - p->uid, p->euid, p->suid, p->fsuid, - p->gid, p->egid, p->sgid, p->fsgid); + p->cred->cr_uid, p->cred->cr_euid, p->cred->cr_suid, p->cred->cr_fsuid, + p->cred->cr_gid, p->cred->cr_egid, p->cred->cr_sgid, p->cred->cr_fsgid); read_unlock(&tasklist_lock); task_lock(p); buffer += sprintf(buffer, @@ -170,8 +170,8 @@ p->files ? p->files->max_fds : 0); task_unlock(p); - for (g = 0; g < p->ngroups; g++) - buffer += sprintf(buffer, "%d ", p->groups[g]); + for (g = 0; g < p->cred->cr_ngroups; g++) + buffer += sprintf(buffer, "%d ", p->cred->cr_groups[g]); buffer += sprintf(buffer, "\n"); return buffer; @@ -267,9 +267,9 @@ return buffer + sprintf(buffer, "CapInh:\t%016x\n" "CapPrm:\t%016x\n" "CapEff:\t%016x\n", - cap_t(p->cap_inheritable), - cap_t(p->cap_permitted), - cap_t(p->cap_effective)); + cap_t(p->cred->cr_cap_inheritable), + cap_t(p->cred->cr_cap_permitted), + cap_t(p->cred->cr_cap_effective)); } @@ -371,7 +371,7 @@ task->start_time, vsize, mm ? mm->rss : 0, /* you might want to shift this left 3 */ - task->rlim[RLIMIT_RSS].rlim_cur, + task->cred->cr_rlim[RLIMIT_RSS].rlim_cur, mm ? mm->start_code : 0, mm ? mm->end_code : 0, mm ? mm->start_stack : 0, diff -urN v2.5.23/fs/proc/base.c cred-v2.5.23/fs/proc/base.c --- v2.5.23/fs/proc/base.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/proc/base.c Tue Jun 18 23:22:46 2002 @@ -533,7 +533,7 @@ /* We don't need a base pointer in the /proc filesystem */ path_release(nd); - if (current->fsuid != inode->i_uid && !capable(CAP_DAC_OVERRIDE)) + if (current->cred->cr_fsuid != inode->i_uid && !capable(CAP_DAC_OVERRIDE)) goto out; error = proc_check_root(inode); if (error) @@ -575,7 +575,7 @@ lock_kernel(); - if (current->fsuid != inode->i_uid && !capable(CAP_DAC_OVERRIDE)) + if (current->cred->cr_fsuid != inode->i_uid && !capable(CAP_DAC_OVERRIDE)) goto out; error = proc_check_root(inode); if (error) @@ -760,8 +760,8 @@ inode->i_uid = 0; inode->i_gid = 0; if (ino == PROC_PID_INO || task_dumpable(task)) { - inode->i_uid = task->euid; - inode->i_gid = task->egid; + inode->i_uid = task->cred->cr_euid; + inode->i_gid = task->cred->cr_egid; } out: diff -urN v2.5.23/fs/proc/inode.c cred-v2.5.23/fs/proc/inode.c --- v2.5.23/fs/proc/inode.c Mon Jun 10 21:41:10 2002 +++ cred-v2.5.23/fs/proc/inode.c Tue Jun 18 23:22:46 2002 @@ -130,8 +130,8 @@ { char *this_char,*value; - *uid = current->uid; - *gid = current->gid; + *uid = current->cred->cr_uid; + *gid = current->cred->cr_gid; if (!options) return 1; while ((this_char = strsep(&options,",")) != NULL) { diff -urN v2.5.23/fs/quota.c cred-v2.5.23/fs/quota.c --- v2.5.23/fs/quota.c Mon Jun 17 15:41:37 2002 +++ cred-v2.5.23/fs/quota.c Tue Jun 18 23:22:46 2002 @@ -88,7 +88,7 @@ } /* Check privileges */ if (cmd == Q_GETQUOTA || cmd == Q_XGETQUOTA) { - if (((type == USRQUOTA && current->euid != id) || + if (((type == USRQUOTA && current->cred->cr_euid != id) || (type == GRPQUOTA && !in_egroup_p(id))) && !capable(CAP_SYS_ADMIN)) return -EPERM; diff -urN v2.5.23/fs/ramfs/inode.c cred-v2.5.23/fs/ramfs/inode.c --- v2.5.23/fs/ramfs/inode.c Mon Jun 17 15:41:37 2002 +++ cred-v2.5.23/fs/ramfs/inode.c Tue Jun 18 23:22:46 2002 @@ -85,8 +85,8 @@ if (inode) { inode->i_mode = mode; - inode->i_uid = current->fsuid; - inode->i_gid = current->fsgid; + inode->i_uid = current->cred->cr_fsuid; + inode->i_gid = current->cred->cr_fsgid; inode->i_blksize = PAGE_CACHE_SIZE; inode->i_blocks = 0; inode->i_rdev = NODEV; diff -urN v2.5.23/fs/reiserfs/namei.c cred-v2.5.23/fs/reiserfs/namei.c --- v2.5.23/fs/reiserfs/namei.c Mon Jun 17 15:41:37 2002 +++ cred-v2.5.23/fs/reiserfs/namei.c Tue Jun 18 23:22:46 2002 @@ -545,7 +545,7 @@ /* the quota init calls have to know who to charge the quota to, so ** we have to set uid and gid here */ - inode->i_uid = current->fsuid; + inode->i_uid = current->cred->cr_fsuid; inode->i_mode = mode; if (dir->i_mode & S_ISGID) { @@ -553,7 +553,7 @@ if (S_ISDIR(mode)) inode->i_mode |= S_ISGID; } else { - inode->i_gid = current->fsgid; + inode->i_gid = current->cred->cr_fsgid; } return 0 ; } diff -urN v2.5.23/fs/smbfs/inode.c cred-v2.5.23/fs/smbfs/inode.c --- v2.5.23/fs/smbfs/inode.c Mon Jun 10 21:41:10 2002 +++ cred-v2.5.23/fs/smbfs/inode.c Tue Jun 18 23:22:46 2002 @@ -549,7 +549,7 @@ if (parse_options(mnt, raw_data)) goto out_bad_option; - mnt->mounted_uid = current->uid; + mnt->mounted_uid = current->cred->cr_uid; } smb_setcodepage(server, &mnt->codepage); diff -urN v2.5.23/fs/smbfs/proc.c cred-v2.5.23/fs/smbfs/proc.c --- v2.5.23/fs/smbfs/proc.c Thu Jun 6 00:35:43 2002 +++ cred-v2.5.23/fs/smbfs/proc.c Tue Jun 18 23:22:46 2002 @@ -918,7 +918,7 @@ goto out; error = -EACCES; - if (current->uid != server->mnt->mounted_uid && + if (current->cred->cr_uid != server->mnt->mounted_uid && !capable(CAP_SYS_ADMIN)) goto out; diff -urN v2.5.23/fs/smbfs/sock.c cred-v2.5.23/fs/smbfs/sock.c --- v2.5.23/fs/smbfs/sock.c Thu Jun 6 00:35:20 2002 +++ cred-v2.5.23/fs/smbfs/sock.c Tue Jun 18 23:22:47 2002 @@ -24,6 +24,7 @@ #include #include #include +#include #include diff -urN v2.5.23/fs/sysv/ialloc.c cred-v2.5.23/fs/sysv/ialloc.c --- v2.5.23/fs/sysv/ialloc.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/sysv/ialloc.c Tue Jun 18 23:22:47 2002 @@ -165,9 +165,9 @@ if (S_ISDIR(mode)) mode |= S_ISGID; } else - inode->i_gid = current->fsgid; + inode->i_gid = current->cred->cr_fsgid; - inode->i_uid = current->fsuid; + inode->i_uid = current->cred->cr_fsuid; inode->i_ino = fs16_to_cpu(sbi, ino); inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; inode->i_blocks = inode->i_blksize = 0; diff -urN v2.5.23/fs/udf/ialloc.c cred-v2.5.23/fs/udf/ialloc.c --- v2.5.23/fs/udf/ialloc.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/udf/ialloc.c Tue Jun 18 23:22:47 2002 @@ -118,7 +118,7 @@ mark_buffer_dirty(UDF_SB_LVIDBH(sb)); } inode->i_mode = mode; - inode->i_uid = current->fsuid; + inode->i_uid = current->cred->cr_fsuid; if (dir->i_mode & S_ISGID) { inode->i_gid = dir->i_gid; @@ -126,7 +126,7 @@ mode |= S_ISGID; } else - inode->i_gid = current->fsgid; + inode->i_gid = current->cred->cr_fsgid; UDF_I_LOCATION(inode).logicalBlockNum = block; UDF_I_LOCATION(inode).partitionReferenceNum = UDF_I_LOCATION(dir).partitionReferenceNum; diff -urN v2.5.23/fs/udf/namei.c cred-v2.5.23/fs/udf/namei.c --- v2.5.23/fs/udf/namei.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/udf/namei.c Tue Jun 18 23:22:47 2002 @@ -687,7 +687,7 @@ if (!inode) goto out; - inode->i_uid = current->fsuid; + inode->i_uid = current->cred->cr_fsuid; init_special_inode(inode, mode, rdev); if (!(fi = udf_add_entry(dir, dentry, &fibh, &cfi, &err))) { diff -urN v2.5.23/fs/ufs/ialloc.c cred-v2.5.23/fs/ufs/ialloc.c --- v2.5.23/fs/ufs/ialloc.c Thu Jun 6 00:35:53 2002 +++ cred-v2.5.23/fs/ufs/ialloc.c Tue Jun 18 23:22:47 2002 @@ -252,13 +252,13 @@ sb->s_dirt = 1; inode->i_mode = mode; - inode->i_uid = current->fsuid; + inode->i_uid = current->cred->cr_fsuid; if (dir->i_mode & S_ISGID) { inode->i_gid = dir->i_gid; if (S_ISDIR(mode)) inode->i_mode |= S_ISGID; } else - inode->i_gid = current->fsgid; + inode->i_gid = current->cred->cr_fsgid; inode->i_ino = cg * uspi->s_ipg + bit; inode->i_blksize = PAGE_SIZE; /* This is the optimal IO size (for stat), not the fs block size */ diff -urN v2.5.23/include/linux/init_task.h cred-v2.5.23/include/linux/init_task.h --- v2.5.23/include/linux/init_task.h Thu Jun 6 00:35:50 2002 +++ cred-v2.5.23/include/linux/init_task.h Tue Jun 18 23:22:47 2002 @@ -63,12 +63,7 @@ real_timer: { \ function: it_real_fn \ }, \ - cap_effective: CAP_INIT_EFF_SET, \ - cap_inheritable: CAP_INIT_INH_SET, \ - cap_permitted: CAP_FULL_SET, \ - keep_capabilities: 0, \ - rlim: INIT_RLIMITS, \ - user: INIT_USER, \ + cred: &init_cred, \ comm: "swapper", \ thread: INIT_THREAD, \ fs: &init_fs, \ diff -urN v2.5.23/include/linux/mm.h cred-v2.5.23/include/linux/mm.h --- v2.5.23/include/linux/mm.h Thu Jun 6 00:35:56 2002 +++ cred-v2.5.23/include/linux/mm.h Tue Jun 18 23:22:47 2002 @@ -468,8 +468,8 @@ */ address &= PAGE_MASK; grow = (vma->vm_start - address) >> PAGE_SHIFT; - if (vma->vm_end - address > current->rlim[RLIMIT_STACK].rlim_cur || - ((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) > current->rlim[RLIMIT_AS].rlim_cur) + if (vma->vm_end - address > current->cred->cr_rlim[RLIMIT_STACK].rlim_cur || + ((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) > current->cred->cr_rlim[RLIMIT_AS].rlim_cur) return -ENOMEM; spin_lock(&vma->vm_mm->page_table_lock); vma->vm_start = address; diff -urN v2.5.23/include/linux/sched.h cred-v2.5.23/include/linux/sched.h --- v2.5.23/include/linux/sched.h Tue Jun 18 23:22:22 2002 +++ cred-v2.5.23/include/linux/sched.h Tue Jun 18 23:22:47 2002 @@ -46,6 +46,7 @@ #define CLONE_THREAD 0x00010000 /* Same thread group? */ #define CLONE_NEWNS 0x00020000 /* New namespace group? */ #define CLONE_SYSVSEM 0x00040000 /* share system V SEM_UNDO semantics */ +#define CLONE_CRED 0x00080000 /* share credentials */ #define CLONE_SIGNAL (CLONE_SIGHAND | CLONE_THREAD) @@ -245,6 +246,25 @@ extern struct user_struct root_user; #define INIT_USER (&root_user) +struct cred { + atomic_t cr_users; + + /* process credentials */ + uid_t cr_uid, cr_euid, cr_suid, cr_fsuid; + gid_t cr_gid, cr_egid, cr_sgid, cr_fsgid; + int cr_ngroups; + gid_t cr_groups[NGROUPS]; + kernel_cap_t cr_cap_effective, cr_cap_inheritable, cr_cap_permitted; + int cr_keep_capabilities:1; + struct user_struct *cr_user; + + /* limits */ + struct rlimit cr_rlim[RLIM_NLIMITS]; +}; + +#define get_cred(cred) atomic_inc(&(cred)->cr_users) +extern void put_cred(struct cred *cred); + typedef struct prio_array prio_array_t; struct task_struct { @@ -316,16 +336,7 @@ /* mm fault and swap info: this can arguably be seen as either mm-specific or thread-specific */ unsigned long min_flt, maj_flt, nswap, cmin_flt, cmaj_flt, cnswap; int swappable:1; -/* process credentials */ - uid_t uid,euid,suid,fsuid; - gid_t gid,egid,sgid,fsgid; - int ngroups; - gid_t groups[NGROUPS]; - kernel_cap_t cap_effective, cap_inheritable, cap_permitted; - int keep_capabilities:1; - struct user_struct *user; -/* limits */ - struct rlimit rlim[RLIM_NLIMITS]; + struct cred *cred; unsigned short used_math; char comm[16]; /* file system info */ @@ -437,6 +448,7 @@ extern union thread_union init_thread_union; extern struct task_struct init_task; +extern struct cred init_cred; extern struct mm_struct init_mm; extern struct task_struct *init_tasks[NR_CPUS]; @@ -593,7 +605,7 @@ */ static inline int capable(int cap) { - if (cap_raised(current->cap_effective, cap)) { + if (cap_raised(current->cred->cr_cap_effective, cap)) { current->flags |= PF_SUPERPRIV; return 1; } diff -urN v2.5.23/include/net/scm.h cred-v2.5.23/include/net/scm.h --- v2.5.23/include/net/scm.h Thu Jun 6 00:35:16 2002 +++ cred-v2.5.23/include/net/scm.h Tue Jun 18 23:22:47 2002 @@ -36,8 +36,8 @@ struct scm_cookie *scm) { memset(scm, 0, sizeof(*scm)); - scm->creds.uid = current->uid; - scm->creds.gid = current->gid; + scm->creds.uid = current->cred->cr_uid; + scm->creds.gid = current->cred->cr_gid; scm->creds.pid = current->pid; if (msg->msg_controllen <= 0) return 0; diff -urN v2.5.23/ipc/msg.c cred-v2.5.23/ipc/msg.c --- v2.5.23/ipc/msg.c Fri Sep 14 17:17:00 2001 +++ cred-v2.5.23/ipc/msg.c Tue Jun 18 23:22:47 2002 @@ -531,8 +531,8 @@ goto out_unlock_up; ipcp = &msq->q_perm; err = -EPERM; - if (current->euid != ipcp->cuid && - current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) + if (current->cred->cr_euid != ipcp->cuid && + current->cred->cr_euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) /* We _could_ check for CAP_CHOWN above, but we don't */ goto out_unlock_up; diff -urN v2.5.23/ipc/sem.c cred-v2.5.23/ipc/sem.c --- v2.5.23/ipc/sem.c Thu Jun 6 00:35:57 2002 +++ cred-v2.5.23/ipc/sem.c Tue Jun 18 23:22:47 2002 @@ -721,8 +721,8 @@ } ipcp = &sma->sem_perm; - if (current->euid != ipcp->cuid && - current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) { + if (current->cred->cr_euid != ipcp->cuid && + current->cred->cr_euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) { err=-EPERM; goto out_unlock; } diff -urN v2.5.23/ipc/shm.c cred-v2.5.23/ipc/shm.c --- v2.5.23/ipc/shm.c Thu Jun 6 00:35:32 2002 +++ cred-v2.5.23/ipc/shm.c Tue Jun 18 23:22:47 2002 @@ -503,8 +503,8 @@ err = shm_checkid(shp, shmid); if(err) goto out_unlock_up; - if (current->euid != shp->shm_perm.uid && - current->euid != shp->shm_perm.cuid && + if (current->cred->cr_euid != shp->shm_perm.uid && + current->cred->cr_euid != shp->shm_perm.cuid && !capable(CAP_SYS_ADMIN)) { err=-EPERM; goto out_unlock_up; @@ -535,8 +535,8 @@ if(err) goto out_unlock_up; err=-EPERM; - if (current->euid != shp->shm_perm.uid && - current->euid != shp->shm_perm.cuid && + if (current->cred->cr_euid != shp->shm_perm.uid && + current->cred->cr_euid != shp->shm_perm.cuid && !capable(CAP_SYS_ADMIN)) { goto out_unlock_up; } diff -urN v2.5.23/ipc/util.c cred-v2.5.23/ipc/util.c --- v2.5.23/ipc/util.c Thu Jun 6 00:35:37 2002 +++ cred-v2.5.23/ipc/util.c Tue Jun 18 23:22:47 2002 @@ -158,8 +158,8 @@ if (id > ids->max_id) ids->max_id = id; - new->cuid = new->uid = current->euid; - new->gid = new->cgid = current->egid; + new->cuid = new->uid = current->cred->cr_euid; + new->gid = new->cgid = current->cred->cr_egid; new->seq = ids->seq++; if(ids->seq > ids->seq_max) @@ -254,7 +254,8 @@ requested_mode = (flag >> 6) | (flag >> 3) | flag; granted_mode = ipcp->mode; - if (current->euid == ipcp->cuid || current->euid == ipcp->uid) + if (current->cred->cr_euid == ipcp->cuid || + current->cred->cr_euid == ipcp->uid) granted_mode >>= 6; else if (in_group_p(ipcp->cgid) || in_group_p(ipcp->gid)) granted_mode >>= 3; diff -urN v2.5.23/kernel/acct.c cred-v2.5.23/kernel/acct.c --- v2.5.23/kernel/acct.c Thu Jun 6 00:35:45 2002 +++ cred-v2.5.23/kernel/acct.c Tue Jun 18 23:22:47 2002 @@ -364,11 +364,11 @@ /* * Accounting records are not subject to resource limits. */ - flim = current->rlim[RLIMIT_FSIZE].rlim_cur; - current->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; + flim = current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur; + current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; file->f_op->write(file, (char *)&ac, sizeof(struct acct), &file->f_pos); - current->rlim[RLIMIT_FSIZE].rlim_cur = flim; + current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur = flim; set_fs(fs); } diff -urN v2.5.23/kernel/capability.c cred-v2.5.23/kernel/capability.c --- v2.5.23/kernel/capability.c Mon Jun 10 21:41:10 2002 +++ cred-v2.5.23/kernel/capability.c Tue Jun 18 23:22:47 2002 @@ -14,7 +14,8 @@ kernel_cap_t cap_bset = CAP_INIT_EFF_SET; /* - * This global lock protects task->cap_* for all tasks including current. + * This global lock protects task->cred->cr_cap_* for all tasks + * including current. * Locking rule: acquire this prior to tasklist_lock. */ spinlock_t task_capability_lock = SPIN_LOCK_UNLOCKED; @@ -60,9 +61,9 @@ goto out; } - data.permitted = cap_t(target->cap_permitted); - data.inheritable = cap_t(target->cap_inheritable); - data.effective = cap_t(target->cap_effective); + data.permitted = cap_t(target->cred->cr_cap_permitted); + data.inheritable = cap_t(target->cred->cr_cap_inheritable); + data.effective = cap_t(target->cred->cr_cap_effective); out: read_unlock(&tasklist_lock); @@ -87,9 +88,9 @@ for_each_task(target) { if (target->pgrp != pgrp) continue; - target->cap_effective = *effective; - target->cap_inheritable = *inheritable; - target->cap_permitted = *permitted; + target->cred->cr_cap_effective = *effective; + target->cred->cr_cap_inheritable = *inheritable; + target->cred->cr_cap_permitted = *permitted; } } @@ -106,9 +107,9 @@ for_each_task(target) { if (target == current || target->pid == 1) continue; - target->cap_effective = *effective; - target->cap_inheritable = *inheritable; - target->cap_permitted = *permitted; + target->cred->cr_cap_effective = *effective; + target->cred->cr_cap_inheritable = *inheritable; + target->cred->cr_cap_permitted = *permitted; } } @@ -167,13 +168,13 @@ ret = -EPERM; /* verify restrictions on target's new Inheritable set */ - if (!cap_issubset(inheritable, cap_combine(target->cap_inheritable, - current->cap_permitted))) + if (!cap_issubset(inheritable, cap_combine(target->cred->cr_cap_inheritable, + current->cred->cr_cap_permitted))) goto out; /* verify restrictions on target's new Permitted set */ - if (!cap_issubset(permitted, cap_combine(target->cap_permitted, - current->cap_permitted))) + if (!cap_issubset(permitted, cap_combine(target->cred->cr_cap_permitted, + current->cred->cr_cap_permitted))) goto out; /* verify the _new_Effective_ is a subset of the _new_Permitted_ */ @@ -189,9 +190,9 @@ else /* all procs in process group */ cap_set_pg(-pid, &effective, &inheritable, &permitted); } else { - target->cap_effective = effective; - target->cap_inheritable = inheritable; - target->cap_permitted = permitted; + target->cred->cr_cap_effective = effective; + target->cred->cr_cap_inheritable = inheritable; + target->cred->cr_cap_permitted = permitted; } out: diff -urN v2.5.23/kernel/exit.c cred-v2.5.23/kernel/exit.c --- v2.5.23/kernel/exit.c Thu Jun 6 00:35:57 2002 +++ cred-v2.5.23/kernel/exit.c Tue Jun 18 23:22:47 2002 @@ -60,8 +60,8 @@ #ifdef CONFIG_SMP wait_task_inactive(p); #endif - atomic_dec(&p->user->processes); - free_uid(p->user); + atomic_dec(&p->cred->cr_user->processes); + free_uid(p->cred->cr_user); unhash_process(p); release_thread(p); @@ -69,6 +69,7 @@ current->cmaj_flt += p->maj_flt + p->cmaj_flt; current->cnswap += p->nswap + p->cnswap; sched_exit(p); + put_cred(p->cred); put_task_struct(p); } @@ -187,12 +188,12 @@ /* cpus_allowed? */ /* rt_priority? */ /* signals? */ - current->cap_effective = CAP_INIT_EFF_SET; - current->cap_inheritable = CAP_INIT_INH_SET; - current->cap_permitted = CAP_FULL_SET; - current->keep_capabilities = 0; - memcpy(current->rlim, init_task.rlim, sizeof(*(current->rlim))); - current->user = INIT_USER; + current->cred->cr_cap_effective = CAP_INIT_EFF_SET; + current->cred->cr_cap_inheritable = CAP_INIT_INH_SET; + current->cred->cr_cap_permitted = CAP_FULL_SET; + current->cred->cr_keep_capabilities = 0; + memcpy(current->cred->cr_rlim, init_cred.cr_rlim, sizeof(*(current->cred->cr_rlim))); + current->cred->cr_user = INIT_USER; write_unlock_irq(&tasklist_lock); } diff -urN v2.5.23/kernel/fork.c cred-v2.5.23/kernel/fork.c --- v2.5.23/kernel/fork.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/kernel/fork.c Tue Jun 18 23:22:47 2002 @@ -25,6 +25,7 @@ #include #include #include +#include #include #include @@ -33,7 +34,18 @@ #include #include +struct cred init_cred = { + cr_users: ATOMIC_INIT(1), + cr_rlim: INIT_RLIMITS, + cr_user: INIT_USER, + cr_cap_effective: CAP_INIT_EFF_SET, + cr_cap_inheritable: CAP_INIT_INH_SET, + cr_cap_permitted: CAP_FULL_SET, + cr_keep_capabilities: 0, +}; + static kmem_cache_t *task_struct_cachep; +static kmem_cache_t *cred_struct_cachep; extern int copy_semundo(unsigned long clone_flags, struct task_struct *tsk); extern void exit_semundo(struct task_struct *tsk); @@ -88,6 +100,14 @@ if (!task_struct_cachep) panic("fork_init(): cannot create task_struct SLAB cache"); + /* cred struct */ + cred_struct_cachep = + kmem_cache_create("cred_struct", + sizeof(struct cred),0, + SLAB_HWCACHE_ALIGN, NULL, NULL); + if (!task_struct_cachep) + panic("fork_init(): cannot create task_struct SLAB cache"); + /* * The default maximum number of threads is set to a safe * value: the thread structures can take up at most half @@ -95,8 +115,8 @@ */ max_threads = mempages / (THREAD_SIZE/PAGE_SIZE) / 8; - init_task.rlim[RLIMIT_NPROC].rlim_cur = max_threads/2; - init_task.rlim[RLIMIT_NPROC].rlim_max = max_threads/2; + init_cred.cr_rlim[RLIMIT_NPROC].rlim_cur = max_threads/2; + init_cred.cr_rlim[RLIMIT_NPROC].rlim_max = max_threads/2; } struct task_struct *dup_task_struct(struct task_struct *orig) @@ -122,8 +142,16 @@ return tsk; } +void put_cred(struct cred *cred) +{ + if (atomic_dec_and_test(&cred->cr_users)) + kmem_cache_free(cred_struct_cachep, cred); +} + void __put_task_struct(struct task_struct *tsk) { + if (tsk->cred) + put_cred(tsk->cred); free_thread_info(tsk->thread_info); kmem_cache_free(task_struct_cachep,tsk); } @@ -627,14 +655,23 @@ if (!p) goto fork_out; + if (!(clone_flags & CLONE_CRED)) { + p->cred = kmem_cache_alloc(cred_struct_cachep, GFP_KERNEL); + if (!p->cred) + goto bad_fork_free; + *p->cred = *current->cred; + atomic_set(&p->cred->cr_users, 1); + } else + get_cred(p->cred); + retval = -EAGAIN; - if (atomic_read(&p->user->processes) >= p->rlim[RLIMIT_NPROC].rlim_cur) { + if (atomic_read(&p->cred->cr_user->processes) >= p->cred->cr_rlim[RLIMIT_NPROC].rlim_cur) { if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE)) goto bad_fork_free; } - atomic_inc(&p->user->__count); - atomic_inc(&p->user->processes); + atomic_inc(&p->cred->cr_user->__count); + atomic_inc(&p->cred->cr_user->processes); /* * Counter increases are protected by @@ -821,8 +858,8 @@ if (p->binfmt && p->binfmt->module) __MOD_DEC_USE_COUNT(p->binfmt->module); bad_fork_cleanup_count: - atomic_dec(&p->user->processes); - free_uid(p->user); + atomic_dec(&p->cred->cr_user->processes); + free_uid(p->cred->cr_user); bad_fork_free: put_task_struct(p); goto fork_out; diff -urN v2.5.23/kernel/kmod.c cred-v2.5.23/kernel/kmod.c --- v2.5.23/kernel/kmod.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/kernel/kmod.c Tue Jun 18 23:22:47 2002 @@ -123,8 +123,8 @@ /* Drop the "current user" thing */ { - struct user_struct *user = curtask->user; - curtask->user = INIT_USER; + struct user_struct *user = curtask->cred->cr_user; + curtask->cred->cr_user = INIT_USER; atomic_inc(&INIT_USER->__count); atomic_inc(&INIT_USER->processes); atomic_dec(&user->processes); @@ -132,9 +132,9 @@ } /* Give kmod all effective privileges.. */ - curtask->euid = curtask->fsuid = 0; - curtask->egid = curtask->fsgid = 0; - cap_set_full(curtask->cap_effective); + curtask->cred->cr_euid = curtask->cred->cr_fsuid = 0; + curtask->cred->cr_egid = curtask->cred->cr_fsgid = 0; + cap_set_full(curtask->cred->cr_cap_effective); /* Allow execve args to be in kernel space. */ set_fs(KERNEL_DS); diff -urN v2.5.23/kernel/ptrace.c cred-v2.5.23/kernel/ptrace.c --- v2.5.23/kernel/ptrace.c Thu Jun 6 00:35:49 2002 +++ cred-v2.5.23/kernel/ptrace.c Tue Jun 18 23:22:47 2002 @@ -48,13 +48,14 @@ goto bad; if (!task->mm) goto bad; - if(((current->uid != task->euid) || - (current->uid != task->suid) || - (current->uid != task->uid) || - (current->gid != task->egid) || - (current->gid != task->sgid) || - (!cap_issubset(task->cap_permitted, current->cap_permitted)) || - (current->gid != task->gid)) && !capable(CAP_SYS_PTRACE)) + if(((current->cred->cr_uid != task->cred->cr_euid) || + (current->cred->cr_uid != task->cred->cr_suid) || + (current->cred->cr_uid != task->cred->cr_uid) || + (current->cred->cr_gid != task->cred->cr_egid) || + (current->cred->cr_gid != task->cred->cr_sgid) || + (!cap_issubset(task->cred->cr_cap_permitted, current->cred->cr_cap_permitted)) || + (current->cred->cr_gid != task->cred->cr_gid)) && + !capable(CAP_SYS_PTRACE)) goto bad; rmb(); if (!task->mm->dumpable && !capable(CAP_SYS_PTRACE)) diff -urN v2.5.23/kernel/sched.c cred-v2.5.23/kernel/sched.c --- v2.5.23/kernel/sched.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/kernel/sched.c Tue Jun 18 23:22:47 2002 @@ -1224,7 +1224,8 @@ if ((policy == SCHED_FIFO || policy == SCHED_RR) && !capable(CAP_SYS_NICE)) goto out_unlock; - if ((current->euid != p->euid) && (current->euid != p->uid) && + if ((current->cred->cr_euid != p->cred->cr_euid) && + (current->cred->cr_euid != p->cred->cr_uid) && !capable(CAP_SYS_NICE)) goto out_unlock; @@ -1319,6 +1320,7 @@ asmlinkage int sys_sched_setaffinity(pid_t pid, unsigned int len, unsigned long *user_mask_ptr) { +#if 0 unsigned long new_mask; int retval; task_t *p; @@ -1360,6 +1362,8 @@ out_unlock: put_task_struct(p); return retval; +#endif + return -ENOSYS; } /** @@ -1371,6 +1375,7 @@ asmlinkage int sys_sched_getaffinity(pid_t pid, unsigned int len, unsigned long *user_mask_ptr) { +#if 0 unsigned int real_len; unsigned long mask; int retval; @@ -1397,6 +1402,8 @@ if (copy_to_user(user_mask_ptr, &mask, real_len)) return -EFAULT; return real_len; +#endif + return -ENOSYS; } asmlinkage long sys_sched_yield(void) diff -urN v2.5.23/kernel/signal.c cred-v2.5.23/kernel/signal.c --- v2.5.23/kernel/signal.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/kernel/signal.c Tue Jun 18 23:22:47 2002 @@ -342,8 +342,10 @@ { return (!info || ((unsigned long)info != 1 && SI_FROMUSER(info))) && ((sig != SIGCONT) || (current->session != t->session)) - && (current->euid ^ t->suid) && (current->euid ^ t->uid) - && (current->uid ^ t->suid) && (current->uid ^ t->uid) + && (current->cred->cr_euid ^ t->cred->cr_suid) + && (current->cred->cr_euid ^ t->cred->cr_uid) + && (current->cred->cr_uid ^ t->cred->cr_suid) + && (current->cred->cr_uid ^ t->cred->cr_uid) && !capable(CAP_KILL); } @@ -459,7 +461,7 @@ q->info.si_errno = 0; q->info.si_code = SI_USER; q->info.si_pid = current->pid; - q->info.si_uid = current->uid; + q->info.si_uid = current->cred->cr_uid; break; case 1: q->info.si_signo = sig; @@ -776,7 +778,7 @@ info.si_signo = sig; info.si_errno = 0; info.si_pid = tsk->pid; - info.si_uid = tsk->uid; + info.si_uid = tsk->cred->cr_uid; /* FIXME: find out whether or not this is supposed to be c*time. */ info.si_utime = tsk->times.tms_utime; @@ -865,7 +867,7 @@ info->si_errno = 0; info->si_code = SI_USER; info->si_pid = current->parent->pid; - info->si_uid = current->parent->uid; + info->si_uid = current->parent->cred->cr_uid; } /* If the (new) signal is now blocked, requeue it. */ @@ -1183,7 +1185,7 @@ info.si_errno = 0; info.si_code = SI_USER; info.si_pid = current->pid; - info.si_uid = current->uid; + info.si_uid = current->cred->cr_uid; return kill_something_info(sig, &info, pid); } @@ -1206,7 +1208,7 @@ info.si_errno = 0; info.si_code = SI_TKILL; info.si_pid = current->pid; - info.si_uid = current->uid; + info.si_uid = current->cred->cr_uid; read_lock(&tasklist_lock); p = find_task_by_pid(pid); diff -urN v2.5.23/kernel/sys.c cred-v2.5.23/kernel/sys.c --- v2.5.23/kernel/sys.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/kernel/sys.c Tue Jun 18 23:22:47 2002 @@ -209,8 +209,8 @@ return(p->pgrp == who); case PRIO_USER: if (!who) - who = current->uid; - return(p->uid == who); + who = current->cred->cr_uid; + return(p->cred->cr_uid == who); } } return 0; @@ -235,8 +235,8 @@ for_each_task(p) { if (!proc_sel(p, which, who)) continue; - if (p->uid != current->euid && - p->uid != current->uid && !capable(CAP_SYS_NICE)) { + if (p->cred->cr_uid != current->cred->cr_euid && + p->cred->cr_uid != current->cred->cr_uid && !capable(CAP_SYS_NICE)) { error = -EPERM; continue; } @@ -411,14 +411,14 @@ */ asmlinkage long sys_setregid(gid_t rgid, gid_t egid) { - int old_rgid = current->gid; - int old_egid = current->egid; + int old_rgid = current->cred->cr_gid; + int old_egid = current->cred->cr_egid; int new_rgid = old_rgid; int new_egid = old_egid; if (rgid != (gid_t) -1) { if ((old_rgid == rgid) || - (current->egid==rgid) || + (current->cred->cr_egid==rgid) || capable(CAP_SETGID)) new_rgid = rgid; else @@ -426,8 +426,8 @@ } if (egid != (gid_t) -1) { if ((old_rgid == egid) || - (current->egid == egid) || - (current->sgid == egid) || + (current->cred->cr_egid == egid) || + (current->cred->cr_sgid == egid) || capable(CAP_SETGID)) new_egid = egid; else { @@ -441,10 +441,10 @@ } if (rgid != (gid_t) -1 || (egid != (gid_t) -1 && egid != old_rgid)) - current->sgid = new_egid; - current->fsgid = new_egid; - current->egid = new_egid; - current->gid = new_rgid; + current->cred->cr_sgid = new_egid; + current->cred->cr_fsgid = new_egid; + current->cred->cr_egid = new_egid; + current->cred->cr_gid = new_rgid; return 0; } @@ -455,7 +455,7 @@ */ asmlinkage long sys_setgid(gid_t gid) { - int old_egid = current->egid; + int old_egid = current->cred->cr_egid; if (capable(CAP_SETGID)) { @@ -464,16 +464,16 @@ current->mm->dumpable=0; wmb(); } - current->gid = current->egid = current->sgid = current->fsgid = gid; + current->cred->cr_gid = current->cred->cr_egid = current->cred->cr_sgid = current->cred->cr_fsgid = gid; } - else if ((gid == current->gid) || (gid == current->sgid)) + else if ((gid == current->cred->cr_gid) || (gid == current->cred->cr_sgid)) { if(old_egid != gid) { current->mm->dumpable=0; wmb(); } - current->egid = current->fsgid = gid; + current->cred->cr_egid = current->cred->cr_fsgid = gid; } else return -EPERM; @@ -513,16 +513,16 @@ int old_suid) { if ((old_ruid == 0 || old_euid == 0 || old_suid == 0) && - (current->uid != 0 && current->euid != 0 && current->suid != 0) && - !current->keep_capabilities) { - cap_clear(current->cap_permitted); - cap_clear(current->cap_effective); + (current->cred->cr_uid != 0 && current->cred->cr_euid != 0 && current->cred->cr_suid != 0) && + !current->cred->cr_keep_capabilities) { + cap_clear(current->cred->cr_cap_permitted); + cap_clear(current->cred->cr_cap_effective); } - if (old_euid == 0 && current->euid != 0) { - cap_clear(current->cap_effective); + if (old_euid == 0 && current->cred->cr_euid != 0) { + cap_clear(current->cred->cr_cap_effective); } - if (old_euid != 0 && current->euid == 0) { - current->cap_effective = current->cap_permitted; + if (old_euid != 0 && current->cred->cr_euid == 0) { + current->cred->cr_cap_effective = current->cred->cr_cap_permitted; } } @@ -538,7 +538,7 @@ new_user = alloc_uid(new_ruid); if (!new_user) return -EAGAIN; - old_user = current->user; + old_user = current->cred->cr_user; atomic_dec(&old_user->processes); atomic_inc(&new_user->processes); @@ -547,8 +547,8 @@ current->mm->dumpable = 0; wmb(); } - current->uid = new_ruid; - current->user = new_user; + current->cred->cr_uid = new_ruid; + current->cred->cr_user = new_user; free_uid(old_user); return 0; } @@ -572,14 +572,14 @@ { int old_ruid, old_euid, old_suid, new_ruid, new_euid; - new_ruid = old_ruid = current->uid; - new_euid = old_euid = current->euid; - old_suid = current->suid; + new_ruid = old_ruid = current->cred->cr_uid; + new_euid = old_euid = current->cred->cr_euid; + old_suid = current->cred->cr_suid; if (ruid != (uid_t) -1) { new_ruid = ruid; if ((old_ruid != ruid) && - (current->euid != ruid) && + (current->cred->cr_euid != ruid) && !capable(CAP_SETUID)) return -EPERM; } @@ -587,8 +587,8 @@ if (euid != (uid_t) -1) { new_euid = euid; if ((old_ruid != euid) && - (current->euid != euid) && - (current->suid != euid) && + (current->cred->cr_euid != euid) && + (current->cred->cr_suid != euid) && !capable(CAP_SETUID)) return -EPERM; } @@ -601,11 +601,11 @@ current->mm->dumpable=0; wmb(); } - current->fsuid = current->euid = new_euid; + current->cred->cr_fsuid = current->cred->cr_euid = new_euid; if (ruid != (uid_t) -1 || (euid != (uid_t) -1 && euid != old_ruid)) - current->suid = current->euid; - current->fsuid = current->euid; + current->cred->cr_suid = current->cred->cr_euid; + current->cred->cr_fsuid = current->cred->cr_euid; if (!issecure(SECURE_NO_SETUID_FIXUP)) { cap_emulate_setxuid(old_ruid, old_euid, old_suid); @@ -629,18 +629,18 @@ */ asmlinkage long sys_setuid(uid_t uid) { - int old_euid = current->euid; + int old_euid = current->cred->cr_euid; int old_ruid, old_suid, new_ruid, new_suid; - old_ruid = new_ruid = current->uid; - old_suid = current->suid; + old_ruid = new_ruid = current->cred->cr_uid; + old_suid = current->cred->cr_suid; new_suid = old_suid; if (capable(CAP_SETUID)) { if (uid != old_ruid && set_user(uid, old_euid != uid) < 0) return -EAGAIN; new_suid = uid; - } else if ((uid != current->uid) && (uid != new_suid)) + } else if ((uid != current->cred->cr_uid) && (uid != new_suid)) return -EPERM; if (old_euid != uid) @@ -648,8 +648,8 @@ current->mm->dumpable = 0; wmb(); } - current->fsuid = current->euid = uid; - current->suid = new_suid; + current->cred->cr_fsuid = current->cred->cr_euid = uid; + current->cred->cr_suid = new_suid; if (!issecure(SECURE_NO_SETUID_FIXUP)) { cap_emulate_setxuid(old_ruid, old_euid, old_suid); @@ -665,36 +665,36 @@ */ asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) { - int old_ruid = current->uid; - int old_euid = current->euid; - int old_suid = current->suid; + int old_ruid = current->cred->cr_uid; + int old_euid = current->cred->cr_euid; + int old_suid = current->cred->cr_suid; if (!capable(CAP_SETUID)) { - if ((ruid != (uid_t) -1) && (ruid != current->uid) && - (ruid != current->euid) && (ruid != current->suid)) + if ((ruid != (uid_t) -1) && (ruid != current->cred->cr_uid) && + (ruid != current->cred->cr_euid) && (ruid != current->cred->cr_suid)) return -EPERM; - if ((euid != (uid_t) -1) && (euid != current->uid) && - (euid != current->euid) && (euid != current->suid)) + if ((euid != (uid_t) -1) && (euid != current->cred->cr_uid) && + (euid != current->cred->cr_euid) && (euid != current->cred->cr_suid)) return -EPERM; - if ((suid != (uid_t) -1) && (suid != current->uid) && - (suid != current->euid) && (suid != current->suid)) + if ((suid != (uid_t) -1) && (suid != current->cred->cr_uid) && + (suid != current->cred->cr_euid) && (suid != current->cred->cr_suid)) return -EPERM; } if (ruid != (uid_t) -1) { - if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0) + if (ruid != current->cred->cr_uid && set_user(ruid, euid != current->cred->cr_euid) < 0) return -EAGAIN; } if (euid != (uid_t) -1) { - if (euid != current->euid) + if (euid != current->cred->cr_euid) { current->mm->dumpable = 0; wmb(); } - current->euid = euid; + current->cred->cr_euid = euid; } - current->fsuid = current->euid; + current->cred->cr_fsuid = current->cred->cr_euid; if (suid != (uid_t) -1) - current->suid = suid; + current->cred->cr_suid = suid; if (!issecure(SECURE_NO_SETUID_FIXUP)) { cap_emulate_setxuid(old_ruid, old_euid, old_suid); @@ -707,9 +707,9 @@ { int retval; - if (!(retval = put_user(current->uid, ruid)) && - !(retval = put_user(current->euid, euid))) - retval = put_user(current->suid, suid); + if (!(retval = put_user(current->cred->cr_uid, ruid)) && + !(retval = put_user(current->cred->cr_euid, euid))) + retval = put_user(current->cred->cr_suid, suid); return retval; } @@ -720,29 +720,29 @@ asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid) { if (!capable(CAP_SETGID)) { - if ((rgid != (gid_t) -1) && (rgid != current->gid) && - (rgid != current->egid) && (rgid != current->sgid)) + if ((rgid != (gid_t) -1) && (rgid != current->cred->cr_gid) && + (rgid != current->cred->cr_egid) && (rgid != current->cred->cr_sgid)) return -EPERM; - if ((egid != (gid_t) -1) && (egid != current->gid) && - (egid != current->egid) && (egid != current->sgid)) + if ((egid != (gid_t) -1) && (egid != current->cred->cr_gid) && + (egid != current->cred->cr_egid) && (egid != current->cred->cr_sgid)) return -EPERM; - if ((sgid != (gid_t) -1) && (sgid != current->gid) && - (sgid != current->egid) && (sgid != current->sgid)) + if ((sgid != (gid_t) -1) && (sgid != current->cred->cr_gid) && + (sgid != current->cred->cr_egid) && (sgid != current->cred->cr_sgid)) return -EPERM; } if (egid != (gid_t) -1) { - if (egid != current->egid) + if (egid != current->cred->cr_egid) { current->mm->dumpable = 0; wmb(); } - current->egid = egid; + current->cred->cr_egid = egid; } - current->fsgid = current->egid; + current->cred->cr_fsgid = current->cred->cr_egid; if (rgid != (gid_t) -1) - current->gid = rgid; + current->cred->cr_gid = rgid; if (sgid != (gid_t) -1) - current->sgid = sgid; + current->cred->cr_sgid = sgid; return 0; } @@ -750,9 +750,9 @@ { int retval; - if (!(retval = put_user(current->gid, rgid)) && - !(retval = put_user(current->egid, egid))) - retval = put_user(current->sgid, sgid); + if (!(retval = put_user(current->cred->cr_gid, rgid)) && + !(retval = put_user(current->cred->cr_egid, egid))) + retval = put_user(current->cred->cr_sgid, sgid); return retval; } @@ -768,9 +768,9 @@ { int old_fsuid; - old_fsuid = current->fsuid; - if (uid == current->uid || uid == current->euid || - uid == current->suid || uid == current->fsuid || + old_fsuid = current->cred->cr_fsuid; + if (uid == current->cred->cr_uid || uid == current->cred->cr_euid || + uid == current->cred->cr_suid || uid == current->cred->cr_fsuid || capable(CAP_SETUID)) { if (uid != old_fsuid) @@ -778,7 +778,7 @@ current->mm->dumpable = 0; wmb(); } - current->fsuid = uid; + current->cred->cr_fsuid = uid; } /* We emulate fsuid by essentially doing a scaled-down version @@ -791,12 +791,12 @@ */ if (!issecure(SECURE_NO_SETUID_FIXUP)) { - if (old_fsuid == 0 && current->fsuid != 0) { - cap_t(current->cap_effective) &= ~CAP_FS_MASK; + if (old_fsuid == 0 && current->cred->cr_fsuid != 0) { + cap_t(current->cred->cr_cap_effective) &= ~CAP_FS_MASK; } - if (old_fsuid != 0 && current->fsuid == 0) { - cap_t(current->cap_effective) |= - (cap_t(current->cap_permitted) & CAP_FS_MASK); + if (old_fsuid != 0 && current->cred->cr_fsuid == 0) { + cap_t(current->cred->cr_cap_effective) |= + (cap_t(current->cred->cr_cap_permitted) & CAP_FS_MASK); } } @@ -810,9 +810,9 @@ { int old_fsgid; - old_fsgid = current->fsgid; - if (gid == current->gid || gid == current->egid || - gid == current->sgid || gid == current->fsgid || + old_fsgid = current->cred->cr_fsgid; + if (gid == current->cred->cr_gid || gid == current->cred->cr_egid || + gid == current->cred->cr_sgid || gid == current->cred->cr_fsgid || capable(CAP_SETGID)) { if (gid != old_fsgid) @@ -820,7 +820,7 @@ current->mm->dumpable = 0; wmb(); } - current->fsgid = gid; + current->cred->cr_fsgid = gid; } return old_fsgid; } @@ -984,11 +984,11 @@ if (gidsetsize < 0) return -EINVAL; - i = current->ngroups; + i = current->cred->cr_ngroups; if (gidsetsize) { if (i > gidsetsize) return -EINVAL; - if (copy_to_user(grouplist, current->groups, sizeof(gid_t)*i)) + if (copy_to_user(grouplist, current->cred->cr_groups, sizeof(gid_t)*i)) return -EFAULT; } return i; @@ -1005,18 +1005,18 @@ return -EPERM; if ((unsigned) gidsetsize > NGROUPS) return -EINVAL; - if(copy_from_user(current->groups, grouplist, gidsetsize * sizeof(gid_t))) + if(copy_from_user(current->cred->cr_groups, grouplist, gidsetsize * sizeof(gid_t))) return -EFAULT; - current->ngroups = gidsetsize; + current->cred->cr_ngroups = gidsetsize; return 0; } static int supplemental_group_member(gid_t grp) { - int i = current->ngroups; + int i = current->cred->cr_ngroups; if (i) { - gid_t *groups = current->groups; + gid_t *groups = current->cred->cr_groups; do { if (*groups == grp) return 1; @@ -1033,7 +1033,7 @@ int in_group_p(gid_t grp) { int retval = 1; - if (grp != current->fsgid) + if (grp != current->cred->cr_fsgid) retval = supplemental_group_member(grp); return retval; } @@ -1041,7 +1041,7 @@ int in_egroup_p(gid_t grp) { int retval = 1; - if (grp != current->egid) + if (grp != current->cred->cr_egid) retval = supplemental_group_member(grp); return retval; } @@ -1122,7 +1122,7 @@ if (resource >= RLIM_NLIMITS) return -EINVAL; else - return copy_to_user(rlim, current->rlim + resource, sizeof(*rlim)) + return copy_to_user(rlim, current->cred->cr_rlim + resource, sizeof(*rlim)) ? -EFAULT : 0; } @@ -1138,7 +1138,7 @@ if (resource >= RLIM_NLIMITS) return -EINVAL; - memcpy(&x, current->rlim + resource, sizeof(*rlim)); + memcpy(&x, current->cred->cr_rlim + resource, sizeof(*rlim)); if(x.rlim_cur > 0x7FFFFFFF) x.rlim_cur = 0x7FFFFFFF; if(x.rlim_max > 0x7FFFFFFF) @@ -1156,7 +1156,7 @@ return -EINVAL; if(copy_from_user(&new_rlim, rlim, sizeof(*rlim))) return -EFAULT; - old_rlim = current->rlim + resource; + old_rlim = current->cred->cr_rlim + resource; if (((new_rlim.rlim_cur > old_rlim->rlim_max) || (new_rlim.rlim_max > old_rlim->rlim_max)) && !capable(CAP_SYS_RESOURCE)) @@ -1280,7 +1280,7 @@ break; case PR_GET_KEEPCAPS: - if (current->keep_capabilities) + if (current->cred->cr_keep_capabilities) error = 1; break; case PR_SET_KEEPCAPS: @@ -1288,7 +1288,7 @@ error = -EINVAL; break; } - current->keep_capabilities = arg2; + current->cred->cr_keep_capabilities = arg2; break; default: error = -EINVAL; diff -urN v2.5.23/kernel/sysctl.c cred-v2.5.23/kernel/sysctl.c --- v2.5.23/kernel/sysctl.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/kernel/sysctl.c Tue Jun 18 23:22:47 2002 @@ -380,7 +380,7 @@ static int test_perm(int mode, int op) { - if (!current->euid) + if (!current->cred->cr_euid) mode >>= 6; else if (in_egroup_p(0)) mode >>= 3; diff -urN v2.5.23/kernel/timer.c cred-v2.5.23/kernel/timer.c --- v2.5.23/kernel/timer.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/kernel/timer.c Tue Jun 18 23:22:47 2002 @@ -529,12 +529,12 @@ psecs = (p->times.tms_utime += user); psecs += (p->times.tms_stime += system); - if (psecs / HZ > p->rlim[RLIMIT_CPU].rlim_cur) { + if (psecs / HZ > p->cred->cr_rlim[RLIMIT_CPU].rlim_cur) { /* Send SIGXCPU every second.. */ if (!(psecs % HZ)) send_sig(SIGXCPU, p, 1); /* and SIGKILL when we go over max.. */ - if (psecs / HZ > p->rlim[RLIMIT_CPU].rlim_max) + if (psecs / HZ > p->cred->cr_rlim[RLIMIT_CPU].rlim_max) send_sig(SIGKILL, p, 1); } } @@ -763,25 +763,25 @@ asmlinkage long sys_getuid(void) { /* Only we change this so SMP safe */ - return current->uid; + return current->cred->cr_uid; } asmlinkage long sys_geteuid(void) { /* Only we change this so SMP safe */ - return current->euid; + return current->cred->cr_euid; } asmlinkage long sys_getgid(void) { /* Only we change this so SMP safe */ - return current->gid; + return current->cred->cr_gid; } asmlinkage long sys_getegid(void) { /* Only we change this so SMP safe */ - return current->egid; + return current->cred->cr_egid; } #endif diff -urN v2.5.23/kernel/uid16.c cred-v2.5.23/kernel/uid16.c --- v2.5.23/kernel/uid16.c Mon Jan 10 21:40:26 2000 +++ cred-v2.5.23/kernel/uid16.c Tue Jun 18 23:22:47 2002 @@ -72,9 +72,9 @@ { int retval; - if (!(retval = put_user(high2lowuid(current->uid), ruid)) && - !(retval = put_user(high2lowuid(current->euid), euid))) - retval = put_user(high2lowuid(current->suid), suid); + if (!(retval = put_user(high2lowuid(current->cred->cr_uid), ruid)) && + !(retval = put_user(high2lowuid(current->cred->cr_euid), euid))) + retval = put_user(high2lowuid(current->cred->cr_suid), suid); return retval; } @@ -89,9 +89,9 @@ { int retval; - if (!(retval = put_user(high2lowgid(current->gid), rgid)) && - !(retval = put_user(high2lowgid(current->egid), egid))) - retval = put_user(high2lowgid(current->sgid), sgid); + if (!(retval = put_user(high2lowgid(current->cred->cr_gid), rgid)) && + !(retval = put_user(high2lowgid(current->cred->cr_egid), egid))) + retval = put_user(high2lowgid(current->cred->cr_sgid), sgid); return retval; } @@ -113,12 +113,12 @@ if (gidsetsize < 0) return -EINVAL; - i = current->ngroups; + i = current->cred->cr_ngroups; if (gidsetsize) { if (i > gidsetsize) return -EINVAL; for(j=0;jgroups[j]; + groups[j] = current->cred->cr_groups[j]; if (copy_to_user(grouplist, groups, sizeof(old_gid_t)*i)) return -EFAULT; } @@ -137,27 +137,27 @@ if (copy_from_user(groups, grouplist, gidsetsize * sizeof(old_gid_t))) return -EFAULT; for (i = 0 ; i < gidsetsize ; i++) - current->groups[i] = (gid_t)groups[i]; - current->ngroups = gidsetsize; + current->cred->cr_groups[i] = (gid_t)groups[i]; + current->cred->cr_ngroups = gidsetsize; return 0; } asmlinkage long sys_getuid16(void) { - return high2lowuid(current->uid); + return high2lowuid(current->cred->cr_uid); } asmlinkage long sys_geteuid16(void) { - return high2lowuid(current->euid); + return high2lowuid(current->cred->cr_euid); } asmlinkage long sys_getgid16(void) { - return high2lowgid(current->gid); + return high2lowgid(current->cred->cr_gid); } asmlinkage long sys_getegid16(void) { - return high2lowgid(current->egid); + return high2lowgid(current->cred->cr_egid); } diff -urN v2.5.23/mm/filemap.c cred-v2.5.23/mm/filemap.c --- v2.5.23/mm/filemap.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/mm/filemap.c Tue Jun 18 23:22:47 2002 @@ -1779,7 +1779,7 @@ /* Make sure this doesn't exceed the process's max rss. */ error = -EIO; - rlim_rss = current->rlim ? current->rlim[RLIMIT_RSS].rlim_cur : + rlim_rss = current->cred->cr_rlim ? current->cred->cr_rlim[RLIMIT_RSS].rlim_cur : LONG_MAX; /* default: see resource.h */ if ((vma->vm_mm->rss + (end - start)) > rlim_rss) return error; @@ -2073,7 +2073,7 @@ struct address_space * mapping = file->f_dentry->d_inode->i_mapping; struct address_space_operations *a_ops = mapping->a_ops; struct inode *inode = mapping->host; - unsigned long limit = current->rlim[RLIMIT_FSIZE].rlim_cur; + unsigned long limit = current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur; long status = 0; loff_t pos; struct page *page; diff -urN v2.5.23/mm/memory.c cred-v2.5.23/mm/memory.c --- v2.5.23/mm/memory.c Mon Jun 17 15:41:42 2002 +++ cred-v2.5.23/mm/memory.c Tue Jun 18 23:22:47 2002 @@ -1078,7 +1078,7 @@ goto out_truncate; do_expand: - limit = current->rlim[RLIMIT_FSIZE].rlim_cur; + limit = current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur; if (limit != RLIM_INFINITY) { if (inode->i_size >= limit) { send_sig(SIGXFSZ, current, 0); diff -urN v2.5.23/mm/mlock.c cred-v2.5.23/mm/mlock.c --- v2.5.23/mm/mlock.c Mon Sep 17 18:30:23 2001 +++ cred-v2.5.23/mm/mlock.c Tue Jun 18 23:22:47 2002 @@ -205,7 +205,7 @@ locked = len >> PAGE_SHIFT; locked += current->mm->locked_vm; - lock_limit = current->rlim[RLIMIT_MEMLOCK].rlim_cur; + lock_limit = current->cred->cr_rlim[RLIMIT_MEMLOCK].rlim_cur; lock_limit >>= PAGE_SHIFT; /* check against resource limits */ @@ -272,7 +272,7 @@ if (!flags || (flags & ~(MCL_CURRENT | MCL_FUTURE))) goto out; - lock_limit = current->rlim[RLIMIT_MEMLOCK].rlim_cur; + lock_limit = current->cred->cr_rlim[RLIMIT_MEMLOCK].rlim_cur; lock_limit >>= PAGE_SHIFT; ret = -ENOMEM; diff -urN v2.5.23/mm/mmap.c cred-v2.5.23/mm/mmap.c --- v2.5.23/mm/mmap.c Mon Jun 17 15:41:42 2002 +++ cred-v2.5.23/mm/mmap.c Tue Jun 18 23:22:47 2002 @@ -168,7 +168,7 @@ } /* Check against rlimit.. */ - rlim = current->rlim[RLIMIT_DATA].rlim_cur; + rlim = current->cred->cr_rlim[RLIMIT_DATA].rlim_cur; if (rlim < RLIM_INFINITY && brk - mm->start_data > rlim) goto out; @@ -431,7 +431,7 @@ if (vm_flags & VM_LOCKED) { unsigned long locked = mm->locked_vm << PAGE_SHIFT; locked += len; - if (locked > current->rlim[RLIMIT_MEMLOCK].rlim_cur) + if (locked > current->cred->cr_rlim[RLIMIT_MEMLOCK].rlim_cur) return -EAGAIN; } @@ -487,7 +487,7 @@ /* Check against address space limit. */ if ((mm->total_vm << PAGE_SHIFT) + len - > current->rlim[RLIMIT_AS].rlim_cur) + > current->cred->cr_rlim[RLIMIT_AS].rlim_cur) return -ENOMEM; /* Private writable mapping? Check memory availability.. */ @@ -1020,7 +1020,7 @@ if (mm->def_flags & VM_LOCKED) { unsigned long locked = mm->locked_vm << PAGE_SHIFT; locked += len; - if (locked > current->rlim[RLIMIT_MEMLOCK].rlim_cur) + if (locked > current->cred->cr_rlim[RLIMIT_MEMLOCK].rlim_cur) return -EAGAIN; } @@ -1037,7 +1037,7 @@ /* Check against address space limits *after* clearing old maps... */ if ((mm->total_vm << PAGE_SHIFT) + len - > current->rlim[RLIMIT_AS].rlim_cur) + > current->cred->cr_rlim[RLIMIT_AS].rlim_cur) return -ENOMEM; if (mm->map_count > MAX_MAP_COUNT) diff -urN v2.5.23/mm/mremap.c cred-v2.5.23/mm/mremap.c --- v2.5.23/mm/mremap.c Thu Jun 6 00:35:40 2002 +++ cred-v2.5.23/mm/mremap.c Tue Jun 18 23:22:47 2002 @@ -290,12 +290,12 @@ unsigned long locked = current->mm->locked_vm << PAGE_SHIFT; locked += new_len - old_len; ret = -EAGAIN; - if (locked > current->rlim[RLIMIT_MEMLOCK].rlim_cur) + if (locked > current->cred->cr_rlim[RLIMIT_MEMLOCK].rlim_cur) goto out; } ret = -ENOMEM; if ((current->mm->total_vm << PAGE_SHIFT) + (new_len - old_len) - > current->rlim[RLIMIT_AS].rlim_cur) + > current->cred->cr_rlim[RLIMIT_AS].rlim_cur) goto out; /* Private writable mapping? Check memory availability.. */ if ((vma->vm_flags & (VM_SHARED | VM_WRITE)) == VM_WRITE && diff -urN v2.5.23/mm/oom_kill.c cred-v2.5.23/mm/oom_kill.c --- v2.5.23/mm/oom_kill.c Thu Jun 6 00:35:20 2002 +++ cred-v2.5.23/mm/oom_kill.c Tue Jun 18 23:22:47 2002 @@ -89,8 +89,8 @@ * Superuser processes are usually more important, so we make it * less likely that we kill those. */ - if (cap_t(p->cap_effective) & CAP_TO_MASK(CAP_SYS_ADMIN) || - p->uid == 0 || p->euid == 0) + if (cap_t(p->cred->cr_cap_effective) & CAP_TO_MASK(CAP_SYS_ADMIN) || + p->cred->cr_uid == 0 || p->cred->cr_euid == 0) points /= 4; /* @@ -99,7 +99,7 @@ * tend to only have this flag set on applications they think * of as important. */ - if (cap_t(p->cap_effective) & CAP_TO_MASK(CAP_SYS_RAWIO)) + if (cap_t(p->cred->cr_cap_effective) & CAP_TO_MASK(CAP_SYS_RAWIO)) points /= 4; #ifdef DEBUG printk(KERN_DEBUG "OOMkill: task %d (%s) got %d points\n", @@ -150,7 +150,7 @@ p->flags |= PF_MEMALLOC | PF_MEMDIE; /* This process has hardware access, be more careful. */ - if (cap_t(p->cap_effective) & CAP_TO_MASK(CAP_SYS_RAWIO)) { + if (cap_t(p->cred->cr_cap_effective) & CAP_TO_MASK(CAP_SYS_RAWIO)) { force_sig(SIGTERM, p); } else { force_sig(SIGKILL, p); diff -urN v2.5.23/mm/shmem.c cred-v2.5.23/mm/shmem.c --- v2.5.23/mm/shmem.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/mm/shmem.c Tue Jun 18 23:22:47 2002 @@ -751,8 +751,8 @@ inode = new_inode(sb); if (inode) { inode->i_mode = mode; - inode->i_uid = current->fsuid; - inode->i_gid = current->fsgid; + inode->i_uid = current->cred->cr_fsuid; + inode->i_gid = current->cred->cr_fsgid; inode->i_blksize = PAGE_CACHE_SIZE; inode->i_blocks = 0; inode->i_rdev = NODEV; @@ -823,7 +823,7 @@ { struct inode *inode = file->f_dentry->d_inode; struct shmem_inode_info *info; - unsigned long limit = current->rlim[RLIMIT_FSIZE].rlim_cur; + unsigned long limit = current->cred->cr_rlim[RLIMIT_FSIZE].rlim_cur; loff_t pos; struct page *page; unsigned long written; @@ -1359,8 +1359,8 @@ struct dentry * root; unsigned long blocks, inodes; int mode = S_IRWXUGO | S_ISVTX; - uid_t uid = current->fsuid; - gid_t gid = current->fsgid; + uid_t uid = current->cred->cr_fsuid; + gid_t gid = current->cred->cr_fsgid; struct shmem_sb_info *sbinfo; struct sysinfo si; int err; diff -urN v2.5.23/net/core/scm.c cred-v2.5.23/net/core/scm.c --- v2.5.23/net/core/scm.c Thu Jun 6 00:35:15 2002 +++ cred-v2.5.23/net/core/scm.c Tue Jun 18 23:22:47 2002 @@ -40,10 +40,10 @@ static __inline__ int scm_check_creds(struct ucred *creds) { if ((creds->pid == current->pid || capable(CAP_SYS_ADMIN)) && - ((creds->uid == current->uid || creds->uid == current->euid || - creds->uid == current->suid) || capable(CAP_SETUID)) && - ((creds->gid == current->gid || creds->gid == current->egid || - creds->gid == current->sgid) || capable(CAP_SETGID))) { + ((creds->uid == current->cred->cr_uid || creds->uid == current->cred->cr_euid || + creds->uid == current->cred->cr_suid) || capable(CAP_SETUID)) && + ((creds->gid == current->cred->cr_gid || creds->gid == current->cred->cr_egid || + creds->gid == current->cred->cr_sgid) || capable(CAP_SETGID))) { return 0; } return -EPERM; diff -urN v2.5.23/net/netlink/af_netlink.c cred-v2.5.23/net/netlink/af_netlink.c --- v2.5.23/net/netlink/af_netlink.c Thu Jun 6 00:35:20 2002 +++ cred-v2.5.23/net/netlink/af_netlink.c Tue Jun 18 23:22:47 2002 @@ -612,7 +612,7 @@ check them, when this message will be delivered to corresponding kernel module. --ANK (980802) */ - NETLINK_CB(skb).eff_cap = current->cap_effective; + NETLINK_CB(skb).eff_cap = current->cred->cr_cap_effective; err = -EFAULT; if (memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len)) { diff -urN v2.5.23/net/socket.c cred-v2.5.23/net/socket.c --- v2.5.23/net/socket.c Tue Jun 18 23:22:23 2002 +++ cred-v2.5.23/net/socket.c Tue Jun 18 23:22:47 2002 @@ -470,8 +470,8 @@ inode->i_mode = S_IFSOCK|S_IRWXUGO; inode->i_sock = 1; - inode->i_uid = current->fsuid; - inode->i_gid = current->fsgid; + inode->i_uid = current->cred->cr_fsuid; + inode->i_gid = current->cred->cr_fsgid; sockets_in_use[smp_processor_id()].counter++; return sock; diff -urN v2.5.23/net/sunrpc/auth.c cred-v2.5.23/net/sunrpc/auth.c --- v2.5.23/net/sunrpc/auth.c Fri Sep 21 14:24:50 2001 +++ cred-v2.5.23/net/sunrpc/auth.c Tue Jun 18 23:22:47 2002 @@ -195,7 +195,7 @@ int nr = 0; if (!(taskflags & RPC_TASK_ROOTCREDS)) - nr = current->uid & RPC_CREDCACHE_MASK; + nr = current->cred->cr_uid & RPC_CREDCACHE_MASK; if (time_before(auth->au_nextgc, jiffies)) rpcauth_gc_credcache(auth); diff -urN v2.5.23/net/sunrpc/auth_null.c cred-v2.5.23/net/sunrpc/auth_null.c --- v2.5.23/net/sunrpc/auth_null.c Thu Jun 6 00:35:13 2002 +++ cred-v2.5.23/net/sunrpc/auth_null.c Tue Jun 18 23:22:47 2002 @@ -56,7 +56,7 @@ return NULL; atomic_set(&cred->cr_count, 0); cred->cr_flags = RPCAUTH_CRED_UPTODATE; - cred->cr_uid = current->uid; + cred->cr_uid = current->cred->cr_uid; cred->cr_ops = &null_credops; return cred; diff -urN v2.5.23/net/sunrpc/auth_unix.c cred-v2.5.23/net/sunrpc/auth_unix.c --- v2.5.23/net/sunrpc/auth_unix.c Thu Jun 6 00:35:13 2002 +++ cred-v2.5.23/net/sunrpc/auth_unix.c Tue Jun 18 23:22:47 2002 @@ -68,7 +68,7 @@ int i; dprintk("RPC: allocating UNIX cred for uid %d gid %d\n", - current->uid, current->gid); + current->cred->cr_uid, current->cred->cr_gid); if (!(cred = (struct unx_cred *) rpc_allocate(flags, sizeof(*cred)))) return NULL; @@ -80,16 +80,16 @@ cred->uc_gid = cred->uc_fsgid = 0; cred->uc_gids[0] = NOGROUP; } else { - int groups = current->ngroups; + int groups = current->cred->cr_ngroups; if (groups > NFS_NGROUPS) groups = NFS_NGROUPS; - cred->uc_uid = current->uid; - cred->uc_gid = current->gid; - cred->uc_fsuid = current->fsuid; - cred->uc_fsgid = current->fsgid; + cred->uc_uid = current->cred->cr_uid; + cred->uc_gid = current->cred->cr_gid; + cred->uc_fsuid = current->cred->cr_fsuid; + cred->uc_fsgid = current->cred->cr_fsgid; for (i = 0; i < groups; i++) - cred->uc_gids[i] = (gid_t) current->groups[i]; + cred->uc_gids[i] = (gid_t) current->cred->cr_groups[i]; if (i < NFS_NGROUPS) cred->uc_gids[i] = NOGROUP; } @@ -140,17 +140,17 @@ if (!(taskflags & RPC_TASK_ROOTCREDS)) { int groups; - if (cred->uc_uid != current->uid - || cred->uc_gid != current->gid - || cred->uc_fsuid != current->fsuid - || cred->uc_fsgid != current->fsgid) + if (cred->uc_uid != current->cred->cr_uid + || cred->uc_gid != current->cred->cr_gid + || cred->uc_fsuid != current->cred->cr_fsuid + || cred->uc_fsgid != current->cred->cr_fsgid) return 0; - groups = current->ngroups; + groups = current->cred->cr_ngroups; if (groups > NFS_NGROUPS) groups = NFS_NGROUPS; for (i = 0; i < groups ; i++) - if (cred->uc_gids[i] != (gid_t) current->groups[i]) + if (cred->uc_gids[i] != (gid_t) current->cred->cr_groups[i]) return 0; return 1; } diff -urN v2.5.23/net/sunrpc/sched.c cred-v2.5.23/net/sunrpc/sched.c --- v2.5.23/net/sunrpc/sched.c Thu Jun 6 00:35:47 2002 +++ cred-v2.5.23/net/sunrpc/sched.c Tue Jun 18 23:22:47 2002 @@ -808,7 +808,8 @@ task->tk_flags = flags; task->tk_exit = callback; init_waitqueue_head(&task->tk_wait); - if (current->uid != current->fsuid || current->gid != current->fsgid) + if (current->cred->cr_uid != current->cred->cr_fsuid || + current->cred->cr_gid != current->cred->cr_fsgid) task->tk_flags |= RPC_TASK_SETUID; /* Initialize retry counters */ diff -urN v2.5.23/net/unix/af_unix.c cred-v2.5.23/net/unix/af_unix.c --- v2.5.23/net/unix/af_unix.c Thu Jun 6 00:35:54 2002 +++ cred-v2.5.23/net/unix/af_unix.c Tue Jun 18 23:22:47 2002 @@ -457,8 +457,8 @@ sk->state=TCP_LISTEN; /* set credentials so connect can copy them */ sk->peercred.pid = current->pid; - sk->peercred.uid = current->euid; - sk->peercred.gid = current->egid; + sk->peercred.uid = current->cred->cr_euid; + sk->peercred.gid = current->cred->cr_egid; err = 0; out_unlock: @@ -976,8 +976,8 @@ newsk->state=TCP_ESTABLISHED; newsk->type=SOCK_STREAM; newsk->peercred.pid = current->pid; - newsk->peercred.uid = current->euid; - newsk->peercred.gid = current->egid; + newsk->peercred.uid = current->cred->cr_euid; + newsk->peercred.gid = current->cred->cr_egid; newu = unix_sk(newsk); newsk->sleep = &newu->peer_wait; otheru = unix_sk(other); @@ -1038,8 +1038,8 @@ unix_peer(ska)=skb; unix_peer(skb)=ska; ska->peercred.pid = skb->peercred.pid = current->pid; - ska->peercred.uid = skb->peercred.uid = current->euid; - ska->peercred.gid = skb->peercred.gid = current->egid; + ska->peercred.uid = skb->peercred.uid = current->cred->cr_euid; + ska->peercred.gid = skb->peercred.gid = current->cred->cr_egid; if (ska->type != SOCK_DGRAM) {