If someone runs 'passwd USER' as root, the user is assigned a new login
passphrase without their fscrypt login protector being updated.  Detect
this case and show a warning message using pam_info().

Fixes https://github.com/google/fscrypt/issues/273

gcc 11 enabled -Wmaybe-uninitialized by default.  It causes a
false-positive warning in copyIntoSecret() because gcc doesn't
understand that mlock() is special and doesn't read from the memory.

Just initialize the memory to avoid this warning.

This fixes link error with gcc 10 which defaults to -fno-common

FS_IOC_ADD_ENCRYPTION_KEY and FS_IOC_REMOVE_ENCRYPTION_KEY require root
for v1 policy keys, so update the PAM module to re-acquire root
privileges while provisioning/deprovisioning policies that need this.

Also, only set up the user keyring if it will actually be used.

In preparation for introducing support for the new filesystem-level
keyrings, move the existing user keyring management code from
security/keyring.go and crypto/crypto.go into a new package, 'keyring'.

This package provides functions AddEncryptionKey, RemoveEncryptionKey,
and GetEncryptionKeyStatus which delegate to either the filesystem
keyring (added by a later patch) or to the user keyring.  This provides
a common interface to both types of keyrings, to the extent possible.

These were found by a combination of manual review and a custom script
that checks for common errors.

Also removed an outdated sentence from the comment for setupBefore().

Fixes CI issues

This change makes sure after dropping then elevating privileges for a
process, the euid, guid, and groups are all the same as they were
originally. This significantly simplifies the privilege logic.

This fixes CVE-2018-6558, which allowed an unprivleged user to gain
membership in the root group (gid 0) due to the groups not being
properly reset in the process.

security: drop and regain privileges in all threads