aboutsummaryrefslogtreecommitdiff
path: root/kernel/cred.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2009-09-23 15:18:57 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2009-09-23 15:18:57 -0700
commitc82ffab9a857f8286ed2b559624b7005a367b638 (patch)
treea5d0895a0b55c2db1bf36f517ca273e7e0abdf71 /kernel/cred.c
parenta724eada8c2a7b62463b73ccf73fd0bb6e928aeb (diff)
parent5224ee086321fec78970e2f2805892d2b34e8957 (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: SELinux: do not destroy the avc_cache_nodep KEYS: Have the garbage collector set its timer for live expired keys tpm-fixup-pcrs-sysfs-file-update creds_are_invalid() needs to be exported for use by modules: include/linux/cred.h: fix build Fix trivial BUILD_BUG_ON-induced conflicts in drivers/char/tpm/tpm.c
Diffstat (limited to 'kernel/cred.c')
-rw-r--r--kernel/cred.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/kernel/cred.c b/kernel/cred.c
index d7f7a01082e..dd76cfe5f5b 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -782,6 +782,25 @@ EXPORT_SYMBOL(set_create_files_as);
#ifdef CONFIG_DEBUG_CREDENTIALS
+bool creds_are_invalid(const struct cred *cred)
+{
+ if (cred->magic != CRED_MAGIC)
+ return true;
+ if (atomic_read(&cred->usage) < atomic_read(&cred->subscribers))
+ return true;
+#ifdef CONFIG_SECURITY_SELINUX
+ if (selinux_is_enabled()) {
+ if ((unsigned long) cred->security < PAGE_SIZE)
+ return true;
+ if ((*(u32 *)cred->security & 0xffffff00) ==
+ (POISON_FREE << 24 | POISON_FREE << 16 | POISON_FREE << 8))
+ return true;
+ }
+#endif
+ return false;
+}
+EXPORT_SYMBOL(creds_are_invalid);
+
/*
* dump invalid credentials
*/