Revert "UBUNTU: SAUCE: cred: Add clone_cred() interface"

BugLink: http://bugs.launchpad.net/bugs/1659417

This reverts commit 30c0ff60
since the clone_cred() interface is no longer used.
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>

include/linux/cred.h

@@ -166,7 +166,6 @@ extern int commit_creds(struct cred *);
 extern void abort_creds(struct cred *);
 extern const struct cred *override_creds(const struct cred *);
 extern void revert_creds(const struct cred *);
-extern struct cred *clone_cred(const struct cred *old);
 extern struct cred *prepare_kernel_cred(struct task_struct *);
 extern int change_create_files_as(struct cred *, struct inode *);
 extern int set_security_override(struct cred *, u32);

kernel/cred.c

@@ -574,30 +574,38 @@ void __init cred_init(void)
 }
 
 /**
- * clone_cred - Create a new copy of a set of credentials
- * @old: Credentials to be copied
+ * prepare_kernel_cred - Prepare a set of credentials for a kernel service
+ * @daemon: A userspace daemon to be used as a reference
+ *
+ * Prepare a set of credentials for a kernel service.  This can then be used to
+ * override a task's own credentials so that work can be done on behalf of that
+ * task that requires a different subjective context.
+ *
+ * @daemon is used to provide a base for the security record, but can be NULL.
+ * If @daemon is supplied, then the security data will be derived from that;
+ * otherwise they'll be set to 0 and no groups, full capabilities and no keys.
  *
- * Prepare a new set of credentials that is an exact copy of @old. This can
- * optionally be modified and used to override a task's own credentials so
- * that work can be done on behalf of that task that requires a different
- * subjective context.
+ * The caller may change these controls afterwards if desired.
  *
- * Returns the new credentials or NULL if @old is NULL or if out of memory.
+ * Returns the new credentials or NULL if out of memory.
  *
  * Does not take, and does not return holding current->cred_replace_mutex.
  */
-struct cred *clone_cred(const struct cred *old)
+struct cred *prepare_kernel_cred(struct task_struct *daemon)
 {
+	const struct cred *old;
 	struct cred *new;
 
-	if (!old)
-		return NULL;
-
 	new = kmem_cache_alloc(cred_jar, GFP_KERNEL);
 	if (!new)
 		return NULL;
 
-	kdebug("clone_cred() alloc %p", new);
+	kdebug("prepare_kernel_cred() alloc %p", new);
+
+	if (daemon)
+		old = get_task_cred(daemon);
+	else
+		old = get_cred(&init_cred);
 
 	validate_creds(old);
 
@@ -622,46 +630,14 @@ struct cred *clone_cred(const struct cred *old)
 	if (security_prepare_creds(new, old, GFP_KERNEL) < 0)
 		goto error;
 
+	put_cred(old);
 	validate_creds(new);
 	return new;
 
 error:
 	put_cred(new);
-	return NULL;
-}
-EXPORT_SYMBOL(clone_cred);
-
-/**
- * prepare_kernel_cred - Prepare a set of credentials for a kernel service
- * @daemon: A userspace daemon to be used as a reference
- *
- * Prepare a set of credentials for a kernel service.  This can then be used to
- * override a task's own credentials so that work can be done on behalf of that
- * task that requires a different subjective context.
- *
- * @daemon is used to provide a base for the security record, but can be NULL.
- * If @daemon is supplied, then the security data will be derived from that;
- * otherwise they'll be set to 0 and no groups, full capabilities and no keys.
- *
- * The caller may change these controls afterwards if desired.
- *
- * Returns the new credentials or NULL if out of memory.
- *
- * Does not take, and does not return holding current->cred_replace_mutex.
- */
-struct cred *prepare_kernel_cred(struct task_struct *daemon)
-{
-	const struct cred *old;
-	struct cred *new;
-
-	if (daemon)
-		old = get_task_cred(daemon);
-	else
-		old = get_cred(&init_cred);
-
-	new = clone_cred(old);
 	put_cred(old);
-	return new;
+	return NULL;
 }
 EXPORT_SYMBOL(prepare_kernel_cred);