]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blame - kernel/sys.c
projects / mirror_ubuntu-jammy-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] lightweight robust futexes updates 2
[mirror_ubuntu-jammy-kernel.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7#include <linux/config.h>
8#include <linux/module.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/smp_lock.h>
13#include <linux/notifier.h>
14#include <linux/reboot.h>
15#include <linux/prctl.h>
16#include <linux/init.h>
17#include <linux/highuid.h>
18#include <linux/fs.h>
dc009d92
EB		 19#include <linux/kernel.h>
20#include <linux/kexec.h>
1da177e4 21#include <linux/workqueue.h>
c59ede7b 22#include <linux/capability.h>
1da177e4
LT		 23#include <linux/device.h>
24#include <linux/key.h>
25#include <linux/times.h>
26#include <linux/posix-timers.h>
27#include <linux/security.h>
28#include <linux/dcookies.h>
29#include <linux/suspend.h>
30#include <linux/tty.h>
7ed20e1a 31#include <linux/signal.h>
9f46080c 32#include <linux/cn_proc.h>
1da177e4
LT		 33
34#include <linux/compat.h>
35#include <linux/syscalls.h>
00d7c05a 36#include <linux/kprobes.h>
1da177e4
LT		 37
38#include <asm/uaccess.h>
39#include <asm/io.h>
40#include <asm/unistd.h>
41
42#ifndef SET_UNALIGN_CTL
43# define SET_UNALIGN_CTL(a,b) (-EINVAL)
44#endif
45#ifndef GET_UNALIGN_CTL
46# define GET_UNALIGN_CTL(a,b) (-EINVAL)
47#endif
48#ifndef SET_FPEMU_CTL
49# define SET_FPEMU_CTL(a,b) (-EINVAL)
50#endif
51#ifndef GET_FPEMU_CTL
52# define GET_FPEMU_CTL(a,b) (-EINVAL)
53#endif
54#ifndef SET_FPEXC_CTL
55# define SET_FPEXC_CTL(a,b) (-EINVAL)
56#endif
57#ifndef GET_FPEXC_CTL
58# define GET_FPEXC_CTL(a,b) (-EINVAL)
59#endif
60
61/*
62 * this is where the system-wide overflow UID and GID are defined, for
63 * architectures that now have 32-bit UID/GID but didn't in the past
64 */
65
66int overflowuid = DEFAULT_OVERFLOWUID;
67int overflowgid = DEFAULT_OVERFLOWGID;
68
69#ifdef CONFIG_UID16
70EXPORT_SYMBOL(overflowuid);
71EXPORT_SYMBOL(overflowgid);
72#endif
73
74/*
75 * the same as above, but for filesystems which can only store a 16-bit
76 * UID and GID. as such, this is needed on all architectures
77 */
78
79int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
80int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
81
82EXPORT_SYMBOL(fs_overflowuid);
83EXPORT_SYMBOL(fs_overflowgid);
84
85/*
86 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
87 */
88
89int C_A_D = 1;
90int cad_pid = 1;
91
92/*
93 * Notifier list for kernel code which wants to be called
94 * at shutdown. This is used to stop any idling DMA operations
95 * and the like.
96 */
97
98static struct notifier_block *reboot_notifier_list;
99static DEFINE_RWLOCK(notifier_lock);
100
101/**
102 * notifier_chain_register - Add notifier to a notifier chain
103 * @list: Pointer to root list pointer
104 * @n: New entry in notifier chain
105 *
106 * Adds a notifier to a notifier chain.
107 *
108 * Currently always returns zero.
109 */
110
111int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
112{
113 write_lock(&notifier_lock);
114 while(*list)
115 {
116 if(n->priority > (*list)->priority)
117 break;
118 list= &((*list)->next);
119 }
120 n->next = *list;
121 *list=n;
122 write_unlock(&notifier_lock);
123 return 0;
124}
125
126EXPORT_SYMBOL(notifier_chain_register);
127
128/**
129 * notifier_chain_unregister - Remove notifier from a notifier chain
130 * @nl: Pointer to root list pointer
131 * @n: New entry in notifier chain
132 *
133 * Removes a notifier from a notifier chain.
134 *
135 * Returns zero on success, or %-ENOENT on failure.
136 */
137
138int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
139{
140 write_lock(&notifier_lock);
141 while((*nl)!=NULL)
142 {
143 if((*nl)==n)
144 {
145 *nl=n->next;
146 write_unlock(&notifier_lock);
147 return 0;
148 }
149 nl=&((*nl)->next);
150 }
151 write_unlock(&notifier_lock);
152 return -ENOENT;
153}
154
155EXPORT_SYMBOL(notifier_chain_unregister);
156
157/**
158 * notifier_call_chain - Call functions in a notifier chain
159 * @n: Pointer to root pointer of notifier chain
160 * @val: Value passed unmodified to notifier function
161 * @v: Pointer passed unmodified to notifier function
162 *
163 * Calls each function in a notifier chain in turn.
164 *
165 * If the return value of the notifier can be and'd
166 * with %NOTIFY_STOP_MASK, then notifier_call_chain
167 * will return immediately, with the return value of
168 * the notifier function which halted execution.
169 * Otherwise, the return value is the return value
170 * of the last notifier function called.
171 */
172
00d7c05a 173int __kprobes notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
1da177e4
LT		 174{
175 int ret=NOTIFY_DONE;
176 struct notifier_block *nb = *n;
177
178 while(nb)
179 {
180 ret=nb->notifier_call(nb,val,v);
181 if(ret&NOTIFY_STOP_MASK)
182 {
183 return ret;
184 }
185 nb=nb->next;
186 }
187 return ret;
188}
189
190EXPORT_SYMBOL(notifier_call_chain);
191
192/**
193 * register_reboot_notifier - Register function to be called at reboot time
194 * @nb: Info about notifier function to be called
195 *
196 * Registers a function with the list of functions
197 * to be called at reboot time.
198 *
199 * Currently always returns zero, as notifier_chain_register
200 * always returns zero.
201 */
202
203int register_reboot_notifier(struct notifier_block * nb)
204{
205 return notifier_chain_register(&reboot_notifier_list, nb);
206}
207
208EXPORT_SYMBOL(register_reboot_notifier);
209
210/**
211 * unregister_reboot_notifier - Unregister previously registered reboot notifier
212 * @nb: Hook to be unregistered
213 *
214 * Unregisters a previously registered reboot
215 * notifier function.
216 *
217 * Returns zero on success, or %-ENOENT on failure.
218 */
219
220int unregister_reboot_notifier(struct notifier_block * nb)
221{
222 return notifier_chain_unregister(&reboot_notifier_list, nb);
223}
224
225EXPORT_SYMBOL(unregister_reboot_notifier);
226
227static int set_one_prio(struct task_struct *p, int niceval, int error)
228{
229 int no_nice;
230
231 if (p->uid != current->euid &&
232 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
233 error = -EPERM;
234 goto out;
235 }
e43379f1 236 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
1da177e4
LT		 237 error = -EACCES;
238 goto out;
239 }
240 no_nice = security_task_setnice(p, niceval);
241 if (no_nice) {
242 error = no_nice;
243 goto out;
244 }
245 if (error == -ESRCH)
246 error = 0;
247 set_user_nice(p, niceval);
248out:
249 return error;
250}
251
252asmlinkage long sys_setpriority(int which, int who, int niceval)
253{
254 struct task_struct *g, *p;
255 struct user_struct *user;
256 int error = -EINVAL;
257
258 if (which > 2 || which < 0)
259 goto out;
260
261 /* normalize: avoid signed division (rounding problems) */
262 error = -ESRCH;
263 if (niceval < -20)
264 niceval = -20;
265 if (niceval > 19)
266 niceval = 19;
267
268 read_lock(&tasklist_lock);
269 switch (which) {
270 case PRIO_PROCESS:
271 if (!who)
272 who = current->pid;
273 p = find_task_by_pid(who);
274 if (p)
275 error = set_one_prio(p, niceval, error);
276 break;
277 case PRIO_PGRP:
278 if (!who)
279 who = process_group(current);
280 do_each_task_pid(who, PIDTYPE_PGID, p) {
281 error = set_one_prio(p, niceval, error);
282 } while_each_task_pid(who, PIDTYPE_PGID, p);
283 break;
284 case PRIO_USER:
285 user = current->user;
286 if (!who)
287 who = current->uid;
288 else
289 if ((who != current->uid) && !(user = find_user(who)))
290 goto out_unlock; /* No processes for this user */
291
292 do_each_thread(g, p)
293 if (p->uid == who)
294 error = set_one_prio(p, niceval, error);
295 while_each_thread(g, p);
296 if (who != current->uid)
297 free_uid(user); /* For find_user() */
298 break;
299 }
300out_unlock:
301 read_unlock(&tasklist_lock);
302out:
303 return error;
304}
305
306/*
307 * Ugh. To avoid negative return values, "getpriority()" will
308 * not return the normal nice-value, but a negated value that
309 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
310 * to stay compatible.
311 */
312asmlinkage long sys_getpriority(int which, int who)
313{
314 struct task_struct *g, *p;
315 struct user_struct *user;
316 long niceval, retval = -ESRCH;
317
318 if (which > 2 || which < 0)
319 return -EINVAL;
320
321 read_lock(&tasklist_lock);
322 switch (which) {
323 case PRIO_PROCESS:
324 if (!who)
325 who = current->pid;
326 p = find_task_by_pid(who);
327 if (p) {
328 niceval = 20 - task_nice(p);
329 if (niceval > retval)
330 retval = niceval;
331 }
332 break;
333 case PRIO_PGRP:
334 if (!who)
335 who = process_group(current);
336 do_each_task_pid(who, PIDTYPE_PGID, p) {
337 niceval = 20 - task_nice(p);
338 if (niceval > retval)
339 retval = niceval;
340 } while_each_task_pid(who, PIDTYPE_PGID, p);
341 break;
342 case PRIO_USER:
343 user = current->user;
344 if (!who)
345 who = current->uid;
346 else
347 if ((who != current->uid) && !(user = find_user(who)))
348 goto out_unlock; /* No processes for this user */
349
350 do_each_thread(g, p)
351 if (p->uid == who) {
352 niceval = 20 - task_nice(p);
353 if (niceval > retval)
354 retval = niceval;
355 }
356 while_each_thread(g, p);
357 if (who != current->uid)
358 free_uid(user); /* for find_user() */
359 break;
360 }
361out_unlock:
362 read_unlock(&tasklist_lock);
363
364 return retval;
365}
366
e4c94330
EB		 367/**
368 * emergency_restart - reboot the system
369 *
370 * Without shutting down any hardware or taking any locks
371 * reboot the system. This is called when we know we are in
372 * trouble so this is our best effort to reboot. This is
373 * safe to call in interrupt context.
374 */
7c903473
EB		 375void emergency_restart(void)
376{
377 machine_emergency_restart();
378}
379EXPORT_SYMBOL_GPL(emergency_restart);
380
e4c94330 381void kernel_restart_prepare(char *cmd)
4a00ea1e
EB		 382{
383 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
384 system_state = SYSTEM_RESTART;
4a00ea1e 385 device_shutdown();
e4c94330 386}
1e5d5331
RD		 387
388/**
389 * kernel_restart - reboot the system
390 * @cmd: pointer to buffer containing command to execute for restart
b8887e6e 391 * or %NULL
1e5d5331
RD		 392 *
393 * Shutdown everything and perform a clean reboot.
394 * This is not safe to call in interrupt context.
395 */
e4c94330
EB		 396void kernel_restart(char *cmd)
397{
398 kernel_restart_prepare(cmd);
4a00ea1e
EB		 399 if (!cmd) {
400 printk(KERN_EMERG "Restarting system.\n");
401 } else {
402 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
403 }
404 printk(".\n");
405 machine_restart(cmd);
406}
407EXPORT_SYMBOL_GPL(kernel_restart);
408
e4c94330
EB		 409/**
410 * kernel_kexec - reboot the system
411 *
412 * Move into place and start executing a preloaded standalone
413 * executable. If nothing was preloaded return an error.
414 */
4a00ea1e
EB		 415void kernel_kexec(void)
416{
417#ifdef CONFIG_KEXEC
418 struct kimage *image;
4bb8089c 419 image = xchg(&kexec_image, NULL);
4a00ea1e
EB		 420 if (!image) {
421 return;
422 }
e4c94330 423 kernel_restart_prepare(NULL);
4a00ea1e
EB		 424 printk(KERN_EMERG "Starting new kernel\n");
425 machine_shutdown();
426 machine_kexec(image);
427#endif
428}
429EXPORT_SYMBOL_GPL(kernel_kexec);
430
729b4d4c
AS		 431void kernel_shutdown_prepare(enum system_states state)
432{
433 notifier_call_chain(&reboot_notifier_list,
434 (state == SYSTEM_HALT)?SYS_HALT:SYS_POWER_OFF, NULL);
435 system_state = state;
436 device_shutdown();
437}
e4c94330
EB		 438/**
439 * kernel_halt - halt the system
440 *
441 * Shutdown everything and perform a clean system halt.
442 */
e4c94330
EB		 443void kernel_halt(void)
444{
729b4d4c 445 kernel_shutdown_prepare(SYSTEM_HALT);
4a00ea1e
EB		 446 printk(KERN_EMERG "System halted.\n");
447 machine_halt();
448}
729b4d4c 449
4a00ea1e
EB		 450EXPORT_SYMBOL_GPL(kernel_halt);
451
e4c94330
EB		 452/**
453 * kernel_power_off - power_off the system
454 *
455 * Shutdown everything and perform a clean system power_off.
456 */
e4c94330
EB		 457void kernel_power_off(void)
458{
729b4d4c 459 kernel_shutdown_prepare(SYSTEM_POWER_OFF);
4a00ea1e
EB		 460 printk(KERN_EMERG "Power down.\n");
461 machine_power_off();
462}
463EXPORT_SYMBOL_GPL(kernel_power_off);
1da177e4
LT		 464/*
465 * Reboot system call: for obvious reasons only root may call it,
466 * and even root needs to set up some magic numbers in the registers
467 * so that some mistake won't make this reboot the whole machine.
468 * You can also set the meaning of the ctrl-alt-del-key here.
469 *
470 * reboot doesn't sync: do that yourself before calling this.
471 */
472asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
473{
474 char buffer[256];
475
476 /* We only trust the superuser with rebooting the system. */
477 if (!capable(CAP_SYS_BOOT))
478 return -EPERM;
479
480 /* For safety, we require "magic" arguments. */
481 if (magic1 != LINUX_REBOOT_MAGIC1 ||
482 (magic2 != LINUX_REBOOT_MAGIC2 &&
483 magic2 != LINUX_REBOOT_MAGIC2A &&
484 magic2 != LINUX_REBOOT_MAGIC2B &&
485 magic2 != LINUX_REBOOT_MAGIC2C))
486 return -EINVAL;
487
5e38291d
EB		 488 /* Instead of trying to make the power_off code look like
489 * halt when pm_power_off is not set do it the easy way.
490 */
491 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
492 cmd = LINUX_REBOOT_CMD_HALT;
493
1da177e4
LT		 494 lock_kernel();
495 switch (cmd) {
496 case LINUX_REBOOT_CMD_RESTART:
4a00ea1e 497 kernel_restart(NULL);
1da177e4
LT		 498 break;
499
500 case LINUX_REBOOT_CMD_CAD_ON:
501 C_A_D = 1;
502 break;
503
504 case LINUX_REBOOT_CMD_CAD_OFF:
505 C_A_D = 0;
506 break;
507
508 case LINUX_REBOOT_CMD_HALT:
4a00ea1e 509 kernel_halt();
1da177e4
LT		 510 unlock_kernel();
511 do_exit(0);
512 break;
513
514 case LINUX_REBOOT_CMD_POWER_OFF:
4a00ea1e 515 kernel_power_off();
1da177e4
LT		 516 unlock_kernel();
517 do_exit(0);
518 break;
519
520 case LINUX_REBOOT_CMD_RESTART2:
521 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
522 unlock_kernel();
523 return -EFAULT;
524 }
525 buffer[sizeof(buffer) - 1] = '\0';
526
4a00ea1e 527 kernel_restart(buffer);
1da177e4
LT		 528 break;
529
dc009d92 530 case LINUX_REBOOT_CMD_KEXEC:
4a00ea1e
EB		 531 kernel_kexec();
532 unlock_kernel();
533 return -EINVAL;
534
1da177e4
LT		 535#ifdef CONFIG_SOFTWARE_SUSPEND
536 case LINUX_REBOOT_CMD_SW_SUSPEND:
537 {
538 int ret = software_suspend();
539 unlock_kernel();
540 return ret;
541 }
542#endif
543
544 default:
545 unlock_kernel();
546 return -EINVAL;
547 }
548 unlock_kernel();
549 return 0;
550}
551
552static void deferred_cad(void *dummy)
553{
abcd9e51 554 kernel_restart(NULL);
1da177e4
LT		 555}
556
557/*
558 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
559 * As it's called within an interrupt, it may NOT sync: the only choice
560 * is whether to reboot at once, or just ignore the ctrl-alt-del.
561 */
562void ctrl_alt_del(void)
563{
564 static DECLARE_WORK(cad_work, deferred_cad, NULL);
565
566 if (C_A_D)
567 schedule_work(&cad_work);
568 else
569 kill_proc(cad_pid, SIGINT, 1);
570}
571
572
573/*
574 * Unprivileged users may change the real gid to the effective gid
575 * or vice versa. (BSD-style)
576 *
577 * If you set the real gid at all, or set the effective gid to a value not
578 * equal to the real gid, then the saved gid is set to the new effective gid.
579 *
580 * This makes it possible for a setgid program to completely drop its
581 * privileges, which is often a useful assertion to make when you are doing
582 * a security audit over a program.
583 *
584 * The general idea is that a program which uses just setregid() will be
585 * 100% compatible with BSD. A program which uses just setgid() will be
586 * 100% compatible with POSIX with saved IDs.
587 *
588 * SMP: There are not races, the GIDs are checked only by filesystem
589 * operations (as far as semantic preservation is concerned).
590 */
591asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
592{
593 int old_rgid = current->gid;
594 int old_egid = current->egid;
595 int new_rgid = old_rgid;
596 int new_egid = old_egid;
597 int retval;
598
599 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
600 if (retval)
601 return retval;
602
603 if (rgid != (gid_t) -1) {
604 if ((old_rgid == rgid) ||
605 (current->egid==rgid) ||
606 capable(CAP_SETGID))
607 new_rgid = rgid;
608 else
609 return -EPERM;
610 }
611 if (egid != (gid_t) -1) {
612 if ((old_rgid == egid) ||
613 (current->egid == egid) ||
614 (current->sgid == egid) ||
615 capable(CAP_SETGID))
616 new_egid = egid;
617 else {
618 return -EPERM;
619 }
620 }
621 if (new_egid != old_egid)
622 {
d6e71144 623 current->mm->dumpable = suid_dumpable;
d59dd462 624 smp_wmb();
1da177e4
LT		 625 }
626 if (rgid != (gid_t) -1 ||
627 (egid != (gid_t) -1 && egid != old_rgid))
628 current->sgid = new_egid;
629 current->fsgid = new_egid;
630 current->egid = new_egid;
631 current->gid = new_rgid;
632 key_fsgid_changed(current);
9f46080c 633 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 634 return 0;
635}
636
637/*
638 * setgid() is implemented like SysV w/ SAVED_IDS
639 *
640 * SMP: Same implicit races as above.
641 */
642asmlinkage long sys_setgid(gid_t gid)
643{
644 int old_egid = current->egid;
645 int retval;
646
647 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
648 if (retval)
649 return retval;
650
651 if (capable(CAP_SETGID))
652 {
653 if(old_egid != gid)
654 {
d6e71144 655 current->mm->dumpable = suid_dumpable;
d59dd462 656 smp_wmb();
1da177e4
LT		 657 }
658 current->gid = current->egid = current->sgid = current->fsgid = gid;
659 }
660 else if ((gid == current->gid) || (gid == current->sgid))
661 {
662 if(old_egid != gid)
663 {
d6e71144 664 current->mm->dumpable = suid_dumpable;
d59dd462 665 smp_wmb();
1da177e4
LT		 666 }
667 current->egid = current->fsgid = gid;
668 }
669 else
670 return -EPERM;
671
672 key_fsgid_changed(current);
9f46080c 673 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 674 return 0;
675}
676
677static int set_user(uid_t new_ruid, int dumpclear)
678{
679 struct user_struct *new_user;
680
681 new_user = alloc_uid(new_ruid);
682 if (!new_user)
683 return -EAGAIN;
684
685 if (atomic_read(&new_user->processes) >=
686 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
687 new_user != &root_user) {
688 free_uid(new_user);
689 return -EAGAIN;
690 }
691
692 switch_uid(new_user);
693
694 if(dumpclear)
695 {
d6e71144 696 current->mm->dumpable = suid_dumpable;
d59dd462 697 smp_wmb();
1da177e4
LT		 698 }
699 current->uid = new_ruid;
700 return 0;
701}
702
703/*
704 * Unprivileged users may change the real uid to the effective uid
705 * or vice versa. (BSD-style)
706 *
707 * If you set the real uid at all, or set the effective uid to a value not
708 * equal to the real uid, then the saved uid is set to the new effective uid.
709 *
710 * This makes it possible for a setuid program to completely drop its
711 * privileges, which is often a useful assertion to make when you are doing
712 * a security audit over a program.
713 *
714 * The general idea is that a program which uses just setreuid() will be
715 * 100% compatible with BSD. A program which uses just setuid() will be
716 * 100% compatible with POSIX with saved IDs.
717 */
718asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
719{
720 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
721 int retval;
722
723 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
724 if (retval)
725 return retval;
726
727 new_ruid = old_ruid = current->uid;
728 new_euid = old_euid = current->euid;
729 old_suid = current->suid;
730
731 if (ruid != (uid_t) -1) {
732 new_ruid = ruid;
733 if ((old_ruid != ruid) &&
734 (current->euid != ruid) &&
735 !capable(CAP_SETUID))
736 return -EPERM;
737 }
738
739 if (euid != (uid_t) -1) {
740 new_euid = euid;
741 if ((old_ruid != euid) &&
742 (current->euid != euid) &&
743 (current->suid != euid) &&
744 !capable(CAP_SETUID))
745 return -EPERM;
746 }
747
748 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
749 return -EAGAIN;
750
751 if (new_euid != old_euid)
752 {
d6e71144 753 current->mm->dumpable = suid_dumpable;
d59dd462 754 smp_wmb();
1da177e4
LT		 755 }
756 current->fsuid = current->euid = new_euid;
757 if (ruid != (uid_t) -1 ||
758 (euid != (uid_t) -1 && euid != old_ruid))
759 current->suid = current->euid;
760 current->fsuid = current->euid;
761
762 key_fsuid_changed(current);
9f46080c 763 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 764
765 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
766}
767
768
769
770/*
771 * setuid() is implemented like SysV with SAVED_IDS
772 *
773 * Note that SAVED_ID's is deficient in that a setuid root program
774 * like sendmail, for example, cannot set its uid to be a normal
775 * user and then switch back, because if you're root, setuid() sets
776 * the saved uid too. If you don't like this, blame the bright people
777 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
778 * will allow a root program to temporarily drop privileges and be able to
779 * regain them by swapping the real and effective uid.
780 */
781asmlinkage long sys_setuid(uid_t uid)
782{
783 int old_euid = current->euid;
784 int old_ruid, old_suid, new_ruid, new_suid;
785 int retval;
786
787 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
788 if (retval)
789 return retval;
790
791 old_ruid = new_ruid = current->uid;
792 old_suid = current->suid;
793 new_suid = old_suid;
794
795 if (capable(CAP_SETUID)) {
796 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
797 return -EAGAIN;
798 new_suid = uid;
799 } else if ((uid != current->uid) && (uid != new_suid))
800 return -EPERM;
801
802 if (old_euid != uid)
803 {
d6e71144 804 current->mm->dumpable = suid_dumpable;
d59dd462 805 smp_wmb();
1da177e4
LT		 806 }
807 current->fsuid = current->euid = uid;
808 current->suid = new_suid;
809
810 key_fsuid_changed(current);
9f46080c 811 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 812
813 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
814}
815
816
817/*
818 * This function implements a generic ability to update ruid, euid,
819 * and suid. This allows you to implement the 4.4 compatible seteuid().
820 */
821asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
822{
823 int old_ruid = current->uid;
824 int old_euid = current->euid;
825 int old_suid = current->suid;
826 int retval;
827
828 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
829 if (retval)
830 return retval;
831
832 if (!capable(CAP_SETUID)) {
833 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
834 (ruid != current->euid) && (ruid != current->suid))
835 return -EPERM;
836 if ((euid != (uid_t) -1) && (euid != current->uid) &&
837 (euid != current->euid) && (euid != current->suid))
838 return -EPERM;
839 if ((suid != (uid_t) -1) && (suid != current->uid) &&
840 (suid != current->euid) && (suid != current->suid))
841 return -EPERM;
842 }
843 if (ruid != (uid_t) -1) {
844 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
845 return -EAGAIN;
846 }
847 if (euid != (uid_t) -1) {
848 if (euid != current->euid)
849 {
d6e71144 850 current->mm->dumpable = suid_dumpable;
d59dd462 851 smp_wmb();
1da177e4
LT		 852 }
853 current->euid = euid;
854 }
855 current->fsuid = current->euid;
856 if (suid != (uid_t) -1)
857 current->suid = suid;
858
859 key_fsuid_changed(current);
9f46080c 860 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 861
862 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
863}
864
865asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
866{
867 int retval;
868
869 if (!(retval = put_user(current->uid, ruid)) &&
870 !(retval = put_user(current->euid, euid)))
871 retval = put_user(current->suid, suid);
872
873 return retval;
874}
875
876/*
877 * Same as above, but for rgid, egid, sgid.
878 */
879asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
880{
881 int retval;
882
883 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
884 if (retval)
885 return retval;
886
887 if (!capable(CAP_SETGID)) {
888 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
889 (rgid != current->egid) && (rgid != current->sgid))
890 return -EPERM;
891 if ((egid != (gid_t) -1) && (egid != current->gid) &&
892 (egid != current->egid) && (egid != current->sgid))
893 return -EPERM;
894 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
895 (sgid != current->egid) && (sgid != current->sgid))
896 return -EPERM;
897 }
898 if (egid != (gid_t) -1) {
899 if (egid != current->egid)
900 {
d6e71144 901 current->mm->dumpable = suid_dumpable;
d59dd462 902 smp_wmb();
1da177e4
LT		 903 }
904 current->egid = egid;
905 }
906 current->fsgid = current->egid;
907 if (rgid != (gid_t) -1)
908 current->gid = rgid;
909 if (sgid != (gid_t) -1)
910 current->sgid = sgid;
911
912 key_fsgid_changed(current);
9f46080c 913 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 914 return 0;
915}
916
917asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
918{
919 int retval;
920
921 if (!(retval = put_user(current->gid, rgid)) &&
922 !(retval = put_user(current->egid, egid)))
923 retval = put_user(current->sgid, sgid);
924
925 return retval;
926}
927
928
929/*
930 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
931 * is used for "access()" and for the NFS daemon (letting nfsd stay at
932 * whatever uid it wants to). It normally shadows "euid", except when
933 * explicitly set by setfsuid() or for access..
934 */
935asmlinkage long sys_setfsuid(uid_t uid)
936{
937 int old_fsuid;
938
939 old_fsuid = current->fsuid;
940 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
941 return old_fsuid;
942
943 if (uid == current->uid || uid == current->euid ||
944 uid == current->suid || uid == current->fsuid ||
945 capable(CAP_SETUID))
946 {
947 if (uid != old_fsuid)
948 {
d6e71144 949 current->mm->dumpable = suid_dumpable;
d59dd462 950 smp_wmb();
1da177e4
LT		 951 }
952 current->fsuid = uid;
953 }
954
955 key_fsuid_changed(current);
9f46080c 956 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 957
958 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
959
960 return old_fsuid;
961}
962
963/*
964