projects / GitHub / MotorolaMobilityLLC / kernel-slsi.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] uninline capable()
[GitHub/MotorolaMobilityLLC/kernel-slsi.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7#include <linux/config.h>
8#include <linux/module.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/smp_lock.h>
13#include <linux/notifier.h>
14#include <linux/reboot.h>
15#include <linux/prctl.h>
16#include <linux/init.h>
17#include <linux/highuid.h>
18#include <linux/fs.h>
dc009d92
EB		 19#include <linux/kernel.h>
20#include <linux/kexec.h>
1da177e4
LT		 21#include <linux/workqueue.h>
22#include <linux/device.h>
23#include <linux/key.h>
24#include <linux/times.h>
25#include <linux/posix-timers.h>
26#include <linux/security.h>
27#include <linux/dcookies.h>
28#include <linux/suspend.h>
29#include <linux/tty.h>
7ed20e1a 30#include <linux/signal.h>
9f46080c 31#include <linux/cn_proc.h>
1da177e4
LT		 32
33#include <linux/compat.h>
34#include <linux/syscalls.h>
00d7c05a 35#include <linux/kprobes.h>
1da177e4
LT		 36
37#include <asm/uaccess.h>
38#include <asm/io.h>
39#include <asm/unistd.h>
40
41#ifndef SET_UNALIGN_CTL
42# define SET_UNALIGN_CTL(a,b) (-EINVAL)
43#endif
44#ifndef GET_UNALIGN_CTL
45# define GET_UNALIGN_CTL(a,b) (-EINVAL)
46#endif
47#ifndef SET_FPEMU_CTL
48# define SET_FPEMU_CTL(a,b) (-EINVAL)
49#endif
50#ifndef GET_FPEMU_CTL
51# define GET_FPEMU_CTL(a,b) (-EINVAL)
52#endif
53#ifndef SET_FPEXC_CTL
54# define SET_FPEXC_CTL(a,b) (-EINVAL)
55#endif
56#ifndef GET_FPEXC_CTL
57# define GET_FPEXC_CTL(a,b) (-EINVAL)
58#endif
59
60/*
61 * this is where the system-wide overflow UID and GID are defined, for
62 * architectures that now have 32-bit UID/GID but didn't in the past
63 */
64
65int overflowuid = DEFAULT_OVERFLOWUID;
66int overflowgid = DEFAULT_OVERFLOWGID;
67
68#ifdef CONFIG_UID16
69EXPORT_SYMBOL(overflowuid);
70EXPORT_SYMBOL(overflowgid);
71#endif
72
73/*
74 * the same as above, but for filesystems which can only store a 16-bit
75 * UID and GID. as such, this is needed on all architectures
76 */
77
78int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
79int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
80
81EXPORT_SYMBOL(fs_overflowuid);
82EXPORT_SYMBOL(fs_overflowgid);
83
84/*
85 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
86 */
87
88int C_A_D = 1;
89int cad_pid = 1;
90
91/*
92 * Notifier list for kernel code which wants to be called
93 * at shutdown. This is used to stop any idling DMA operations
94 * and the like.
95 */
96
97static struct notifier_block *reboot_notifier_list;
98static DEFINE_RWLOCK(notifier_lock);
99
100/**
101 * notifier_chain_register - Add notifier to a notifier chain
102 * @list: Pointer to root list pointer
103 * @n: New entry in notifier chain
104 *
105 * Adds a notifier to a notifier chain.
106 *
107 * Currently always returns zero.
108 */
109
110int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
111{
112 write_lock(&notifier_lock);
113 while(*list)
114 {
115 if(n->priority > (*list)->priority)
116 break;
117 list= &((*list)->next);
118 }
119 n->next = *list;
120 *list=n;
121 write_unlock(&notifier_lock);
122 return 0;
123}
124
125EXPORT_SYMBOL(notifier_chain_register);
126
127/**
128 * notifier_chain_unregister - Remove notifier from a notifier chain
129 * @nl: Pointer to root list pointer
130 * @n: New entry in notifier chain
131 *
132 * Removes a notifier from a notifier chain.
133 *
134 * Returns zero on success, or %-ENOENT on failure.
135 */
136
137int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
138{
139 write_lock(&notifier_lock);
140 while((*nl)!=NULL)
141 {
142 if((*nl)==n)
143 {
144 *nl=n->next;
145 write_unlock(&notifier_lock);
146 return 0;
147 }
148 nl=&((*nl)->next);
149 }
150 write_unlock(&notifier_lock);
151 return -ENOENT;
152}
153
154EXPORT_SYMBOL(notifier_chain_unregister);
155
156/**
157 * notifier_call_chain - Call functions in a notifier chain
158 * @n: Pointer to root pointer of notifier chain
159 * @val: Value passed unmodified to notifier function
160 * @v: Pointer passed unmodified to notifier function
161 *
162 * Calls each function in a notifier chain in turn.
163 *
164 * If the return value of the notifier can be and'd
165 * with %NOTIFY_STOP_MASK, then notifier_call_chain
166 * will return immediately, with the return value of
167 * the notifier function which halted execution.
168 * Otherwise, the return value is the return value
169 * of the last notifier function called.
170 */
171
00d7c05a 172int __kprobes notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
1da177e4
LT		 173{
174 int ret=NOTIFY_DONE;
175 struct notifier_block *nb = *n;
176
177 while(nb)
178 {
179 ret=nb->notifier_call(nb,val,v);
180 if(ret&NOTIFY_STOP_MASK)
181 {
182 return ret;
183 }
184 nb=nb->next;
185 }
186 return ret;
187}
188
189EXPORT_SYMBOL(notifier_call_chain);
190
191/**
192 * register_reboot_notifier - Register function to be called at reboot time
193 * @nb: Info about notifier function to be called
194 *
195 * Registers a function with the list of functions
196 * to be called at reboot time.
197 *
198 * Currently always returns zero, as notifier_chain_register
199 * always returns zero.
200 */
201
202int register_reboot_notifier(struct notifier_block * nb)
203{
204 return notifier_chain_register(&reboot_notifier_list, nb);
205}
206
207EXPORT_SYMBOL(register_reboot_notifier);
208
209/**
210 * unregister_reboot_notifier - Unregister previously registered reboot notifier
211 * @nb: Hook to be unregistered
212 *
213 * Unregisters a previously registered reboot
214 * notifier function.
215 *
216 * Returns zero on success, or %-ENOENT on failure.
217 */
218
219int unregister_reboot_notifier(struct notifier_block * nb)
220{
221 return notifier_chain_unregister(&reboot_notifier_list, nb);
222}
223
224EXPORT_SYMBOL(unregister_reboot_notifier);
225
e16885c5
IM		 226#ifndef CONFIG_SECURITY
227int capable(int cap)
228{
229 if (cap_raised(current->cap_effective, cap)) {
230 current->flags |= PF_SUPERPRIV;
231 return 1;
232 }
233 return 0;
234}
235EXPORT_SYMBOL(capable);
236#endif
237
1da177e4
LT		 238static int set_one_prio(struct task_struct *p, int niceval, int error)
239{
240 int no_nice;
241
242 if (p->uid != current->euid &&
243 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
244 error = -EPERM;
245 goto out;
246 }
e43379f1 247 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
1da177e4
LT		 248 error = -EACCES;
249 goto out;
250 }
251 no_nice = security_task_setnice(p, niceval);
252 if (no_nice) {
253 error = no_nice;
254 goto out;
255 }
256 if (error == -ESRCH)
257 error = 0;
258 set_user_nice(p, niceval);
259out:
260 return error;
261}
262
263asmlinkage long sys_setpriority(int which, int who, int niceval)
264{
265 struct task_struct *g, *p;
266 struct user_struct *user;
267 int error = -EINVAL;
268
269 if (which > 2 || which < 0)
270 goto out;
271
272 /* normalize: avoid signed division (rounding problems) */
273 error = -ESRCH;
274 if (niceval < -20)
275 niceval = -20;
276 if (niceval > 19)
277 niceval = 19;
278
279 read_lock(&tasklist_lock);
280 switch (which) {
281 case PRIO_PROCESS:
282 if (!who)
283 who = current->pid;
284 p = find_task_by_pid(who);
285 if (p)
286 error = set_one_prio(p, niceval, error);
287 break;
288 case PRIO_PGRP:
289 if (!who)
290 who = process_group(current);
291 do_each_task_pid(who, PIDTYPE_PGID, p) {
292 error = set_one_prio(p, niceval, error);
293 } while_each_task_pid(who, PIDTYPE_PGID, p);
294 break;
295 case PRIO_USER:
296 user = current->user;
297 if (!who)
298 who = current->uid;
299 else
300 if ((who != current->uid) && !(user = find_user(who)))
301 goto out_unlock; /* No processes for this user */
302
303 do_each_thread(g, p)
304 if (p->uid == who)
305 error = set_one_prio(p, niceval, error);
306 while_each_thread(g, p);
307 if (who != current->uid)
308 free_uid(user); /* For find_user() */
309 break;
310 }
311out_unlock:
312 read_unlock(&tasklist_lock);
313out:
314 return error;
315}
316
317/*
318 * Ugh. To avoid negative return values, "getpriority()" will
319 * not return the normal nice-value, but a negated value that
320 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
321 * to stay compatible.
322 */
323asmlinkage long sys_getpriority(int which, int who)
324{
325 struct task_struct *g, *p;
326 struct user_struct *user;
327 long niceval, retval = -ESRCH;
328
329 if (which > 2 || which < 0)
330 return -EINVAL;
331
332 read_lock(&tasklist_lock);
333 switch (which) {
334 case PRIO_PROCESS:
335 if (!who)
336 who = current->pid;
337 p = find_task_by_pid(who);
338 if (p) {
339 niceval = 20 - task_nice(p);
340 if (niceval > retval)
341 retval = niceval;
342 }
343 break;
344 case PRIO_PGRP:
345 if (!who)
346 who = process_group(current);
347 do_each_task_pid(who, PIDTYPE_PGID, p) {
348 niceval = 20 - task_nice(p);
349 if (niceval > retval)
350 retval = niceval;
351 } while_each_task_pid(who, PIDTYPE_PGID, p);
352 break;
353 case PRIO_USER:
354 user = current->user;
355 if (!who)
356 who = current->uid;
357 else
358 if ((who != current->uid) && !(user = find_user(who)))
359 goto out_unlock; /* No processes for this user */
360
361 do_each_thread(g, p)
362 if (p->uid == who) {
363 niceval = 20 - task_nice(p);
364 if (niceval > retval)
365 retval = niceval;
366 }
367 while_each_thread(g, p);
368 if (who != current->uid)
369 free_uid(user); /* for find_user() */
370 break;
371 }
372out_unlock:
373 read_unlock(&tasklist_lock);
374
375 return retval;
376}
377
e4c94330
EB		 378/**
379 * emergency_restart - reboot the system
380 *
381 * Without shutting down any hardware or taking any locks
382 * reboot the system. This is called when we know we are in
383 * trouble so this is our best effort to reboot. This is
384 * safe to call in interrupt context.
385 */
7c903473
EB		 386void emergency_restart(void)
387{
388 machine_emergency_restart();
389}
390EXPORT_SYMBOL_GPL(emergency_restart);
391
e4c94330 392void kernel_restart_prepare(char *cmd)
4a00ea1e
EB		 393{
394 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
395 system_state = SYSTEM_RESTART;
4a00ea1e 396 device_shutdown();
e4c94330 397}
1e5d5331
RD		 398
399/**
400 * kernel_restart - reboot the system
401 * @cmd: pointer to buffer containing command to execute for restart
b8887e6e 402 * or %NULL
1e5d5331
RD		 403 *
404 * Shutdown everything and perform a clean reboot.
405 * This is not safe to call in interrupt context.
406 */
e4c94330
EB		 407void kernel_restart(char *cmd)
408{
409 kernel_restart_prepare(cmd);
4a00ea1e
EB		 410 if (!cmd) {
411 printk(KERN_EMERG "Restarting system.\n");
412 } else {
413 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
414 }
415 printk(".\n");
416 machine_restart(cmd);
417}
418EXPORT_SYMBOL_GPL(kernel_restart);
419
e4c94330
EB		 420/**
421 * kernel_kexec - reboot the system
422 *
423 * Move into place and start executing a preloaded standalone
424 * executable. If nothing was preloaded return an error.
425 */
4a00ea1e
EB		 426void kernel_kexec(void)
427{
428#ifdef CONFIG_KEXEC
429 struct kimage *image;
430 image = xchg(&kexec_image, 0);
431 if (!image) {
432 return;
433 }
e4c94330 434 kernel_restart_prepare(NULL);
4a00ea1e
EB		 435 printk(KERN_EMERG "Starting new kernel\n");
436 machine_shutdown();
437 machine_kexec(image);
438#endif
439}
440EXPORT_SYMBOL_GPL(kernel_kexec);
441
e4c94330
EB		 442/**
443 * kernel_halt - halt the system
444 *
445 * Shutdown everything and perform a clean system halt.
446 */
447void kernel_halt_prepare(void)
4a00ea1e
EB		 448{
449 notifier_call_chain(&reboot_notifier_list, SYS_HALT, NULL);
450 system_state = SYSTEM_HALT;
4a00ea1e 451 device_shutdown();
e4c94330
EB		 452}
453void kernel_halt(void)
454{
455 kernel_halt_prepare();
4a00ea1e
EB		 456 printk(KERN_EMERG "System halted.\n");
457 machine_halt();
458}
459EXPORT_SYMBOL_GPL(kernel_halt);
460
e4c94330
EB		 461/**
462 * kernel_power_off - power_off the system
463 *
464 * Shutdown everything and perform a clean system power_off.
465 */
466void kernel_power_off_prepare(void)
4a00ea1e
EB		 467{
468 notifier_call_chain(&reboot_notifier_list, SYS_POWER_OFF, NULL);
469 system_state = SYSTEM_POWER_OFF;
4a00ea1e 470 device_shutdown();
e4c94330
EB		 471}
472void kernel_power_off(void)
473{
474 kernel_power_off_prepare();
4a00ea1e
EB		 475 printk(KERN_EMERG "Power down.\n");
476 machine_power_off();
477}
478EXPORT_SYMBOL_GPL(kernel_power_off);
1da177e4
LT		 479
480/*
481 * Reboot system call: for obvious reasons only root may call it,
482 * and even root needs to set up some magic numbers in the registers
483 * so that some mistake won't make this reboot the whole machine.
484 * You can also set the meaning of the ctrl-alt-del-key here.
485 *
486 * reboot doesn't sync: do that yourself before calling this.
487 */
488asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
489{
490 char buffer[256];
491
492 /* We only trust the superuser with rebooting the system. */
493 if (!capable(CAP_SYS_BOOT))
494 return -EPERM;
495
496 /* For safety, we require "magic" arguments. */
497 if (magic1 != LINUX_REBOOT_MAGIC1 ||
498 (magic2 != LINUX_REBOOT_MAGIC2 &&
499 magic2 != LINUX_REBOOT_MAGIC2A &&
500 magic2 != LINUX_REBOOT_MAGIC2B &&
501 magic2 != LINUX_REBOOT_MAGIC2C))
502 return -EINVAL;
503
5e38291d
EB		 504 /* Instead of trying to make the power_off code look like
505 * halt when pm_power_off is not set do it the easy way.
506 */
507 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
508 cmd = LINUX_REBOOT_CMD_HALT;
509
1da177e4
LT		 510 lock_kernel();
511 switch (cmd) {
512 case LINUX_REBOOT_CMD_RESTART:
4a00ea1e 513 kernel_restart(NULL);
1da177e4
LT		 514 break;
515
516 case LINUX_REBOOT_CMD_CAD_ON:
517 C_A_D = 1;
518 break;
519
520 case LINUX_REBOOT_CMD_CAD_OFF:
521 C_A_D = 0;
522 break;
523
524 case LINUX_REBOOT_CMD_HALT:
4a00ea1e 525 kernel_halt();
1da177e4
LT		 526 unlock_kernel();
527 do_exit(0);
528 break;
529
530 case LINUX_REBOOT_CMD_POWER_OFF:
4a00ea1e 531 kernel_power_off();
1da177e4
LT		 532 unlock_kernel();
533 do_exit(0);
534 break;
535
536 case LINUX_REBOOT_CMD_RESTART2:
537 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
538 unlock_kernel();
539 return -EFAULT;
540 }
541 buffer[sizeof(buffer) - 1] = '\0';
542
4a00ea1e 543 kernel_restart(buffer);
1da177e4
LT		 544 break;
545
dc009d92 546 case LINUX_REBOOT_CMD_KEXEC:
4a00ea1e
EB		 547 kernel_kexec();
548 unlock_kernel();
549 return -EINVAL;
550
1da177e4
LT		 551#ifdef CONFIG_SOFTWARE_SUSPEND
552 case LINUX_REBOOT_CMD_SW_SUSPEND:
553 {
554 int ret = software_suspend();
555 unlock_kernel();
556 return ret;
557 }
558#endif
559
560 default:
561 unlock_kernel();
562 return -EINVAL;
563 }
564 unlock_kernel();
565 return 0;
566}
567
568static void deferred_cad(void *dummy)
569{
abcd9e51 570 kernel_restart(NULL);
1da177e4
LT		 571}
572
573/*
574 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
575 * As it's called within an interrupt, it may NOT sync: the only choice
576 * is whether to reboot at once, or just ignore the ctrl-alt-del.
577 */
578void ctrl_alt_del(void)
579{
580 static DECLARE_WORK(cad_work, deferred_cad, NULL);
581
582 if (C_A_D)
583 schedule_work(&cad_work);
584 else
585 kill_proc(cad_pid, SIGINT, 1);
586}
587
588
589/*
590 * Unprivileged users may change the real gid to the effective gid
591 * or vice versa. (BSD-style)
592 *
593 * If you set the real gid at all, or set the effective gid to a value not
594 * equal to the real gid, then the saved gid is set to the new effective gid.
595 *
596 * This makes it possible for a setgid program to completely drop its
597 * privileges, which is often a useful assertion to make when you are doing
598 * a security audit over a program.
599 *
600 * The general idea is that a program which uses just setregid() will be
601 * 100% compatible with BSD. A program which uses just setgid() will be
602 * 100% compatible with POSIX with saved IDs.
603 *
604 * SMP: There are not races, the GIDs are checked only by filesystem
605 * operations (as far as semantic preservation is concerned).
606 */
607asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
608{
609 int old_rgid = current->gid;
610 int old_egid = current->egid;
611 int new_rgid = old_rgid;
612 int new_egid = old_egid;
613 int retval;
614
615 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
616 if (retval)
617 return retval;
618
619 if (rgid != (gid_t) -1) {
620 if ((old_rgid == rgid) ||
621 (current->egid==rgid) ||
622 capable(CAP_SETGID))
623 new_rgid = rgid;
624 else
625 return -EPERM;
626 }
627 if (egid != (gid_t) -1) {
628 if ((old_rgid == egid) ||
629 (current->egid == egid) ||
630 (current->sgid == egid) ||
631 capable(CAP_SETGID))
632 new_egid = egid;
633 else {
634 return -EPERM;
635 }
636 }
637 if (new_egid != old_egid)
638 {
d6e71144 639 current->mm->dumpable = suid_dumpable;
d59dd462 640 smp_wmb();
1da177e4
LT		 641 }
642 if (rgid != (gid_t) -1 ||
643 (egid != (gid_t) -1 && egid != old_rgid))
644 current->sgid = new_egid;
645 current->fsgid = new_egid;
646 current->egid = new_egid;
647 current->gid = new_rgid;
648 key_fsgid_changed(current);
9f46080c 649 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 650 return 0;
651}
652
653/*
654 * setgid() is implemented like SysV w/ SAVED_IDS
655 *
656 * SMP: Same implicit races as above.
657 */
658asmlinkage long sys_setgid(gid_t gid)
659{
660 int old_egid = current->egid;
661 int retval;
662
663 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
664 if (retval)
665 return retval;
666
667 if (capable(CAP_SETGID))
668 {
669 if(old_egid != gid)
670 {
d6e71144 671 current->mm->dumpable = suid_dumpable;
d59dd462 672 smp_wmb();
1da177e4
LT		 673 }
674 current->gid = current->egid = current->sgid = current->fsgid = gid;
675 }
676 else if ((gid == current->gid) || (gid == current->sgid))
677 {
678 if(old_egid != gid)
679 {
d6e71144 680 current->mm->dumpable = suid_dumpable;
d59dd462 681 smp_wmb();
1da177e4
LT		 682 }
683 current->egid = current->fsgid = gid;
684 }
685 else
686 return -EPERM;
687
688 key_fsgid_changed(current);
9f46080c 689 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 690 return 0;
691}
692
693static int set_user(uid_t new_ruid, int dumpclear)
694{
695 struct user_struct *new_user;
696
697 new_user = alloc_uid(new_ruid);
698 if (!new_user)
699 return -EAGAIN;
700
701 if (atomic_read(&new_user->processes) >=
702 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
703 new_user != &root_user) {
704 free_uid(new_user);
705 return -EAGAIN;
706 }
707
708 switch_uid(new_user);
709
710 if(dumpclear)
711 {
d6e71144 712 current->mm->dumpable = suid_dumpable;
d59dd462 713 smp_wmb();
1da177e4
LT		 714 }
715 current->uid = new_ruid;
716 return 0;
717}
718
719/*
720 * Unprivileged users may change the real uid to the effective uid
721 * or vice versa. (BSD-style)
722 *
723 * If you set the real uid at all, or set the effective uid to a value not
724 * equal to the real uid, then the saved uid is set to the new effective uid.
725 *
726 * This makes it possible for a setuid program to completely drop its
727 * privileges, which is often a useful assertion to make when you are doing
728 * a security audit over a program.
729 *
730 * The general idea is that a program which uses just setreuid() will be
731 * 100% compatible with BSD. A program which uses just setuid() will be
732 * 100% compatible with POSIX with saved IDs.
733 */
734asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
735{
736 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
737 int retval;
738
739 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
740 if (retval)
741 return retval;
742
743 new_ruid = old_ruid = current->uid;
744 new_euid = old_euid = current->euid;
745 old_suid = current->suid;
746
747 if (ruid != (uid_t) -1) {
748 new_ruid = ruid;
749 if ((old_ruid != ruid) &&
750 (current->euid != ruid) &&
751 !capable(CAP_SETUID))
752 return -EPERM;
753 }
754
755 if (euid != (uid_t) -1) {
756 new_euid = euid;
757 if ((old_ruid != euid) &&
758 (current->euid != euid) &&
759 (current->suid != euid) &&
760 !capable(CAP_SETUID))
761 return -EPERM;
762 }
763
764 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
765 return -EAGAIN;
766
767 if (new_euid != old_euid)
768 {
d6e71144 769 current->mm->dumpable = suid_dumpable;
d59dd462 770 smp_wmb();
1da177e4
LT		 771 }
772 current->fsuid = current->euid = new_euid;
773 if (ruid != (uid_t) -1 ||
774 (euid != (uid_t) -1 && euid != old_ruid))
775 current->suid = current->euid;
776 current->fsuid = current->euid;
777
778 key_fsuid_changed(current);
9f46080c 779 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 780
781 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
782}
783
784
785
786/*
787 * setuid() is implemented like SysV with SAVED_IDS
788 *
789 * Note that SAVED_ID's is deficient in that a setuid root program
790 * like sendmail, for example, cannot set its uid to be a normal
791 * user and then switch back, because if you're root, setuid() sets
792 * the saved uid too. If you don't like this, blame the bright people
793 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
794 * will allow a root program to temporarily drop privileges and be able to
795 * regain them by swapping the real and effective uid.
796 */
797asmlinkage long sys_setuid(uid_t uid)
798{
799 int old_euid = current->euid;
800 int old_ruid, old_suid, new_ruid, new_suid;
801 int retval;
802
803 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
804 if (retval)
805 return retval;
806
807 old_ruid = new_ruid = current->uid;
808 old_suid = current->suid;
809 new_suid = old_suid;
810
811 if (capable(CAP_SETUID)) {
812 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
813 return -EAGAIN;
814 new_suid = uid;
815 } else if ((uid != current->uid) && (uid != new_suid))
816 return -EPERM;
817
818 if (old_euid != uid)
819 {
d6e71144 820 current->mm->dumpable = suid_dumpable;
d59dd462 821 smp_wmb();
1da177e4
LT		 822 }
823 current->fsuid = current->euid = uid;
824 current->suid = new_suid;
825
826 key_fsuid_changed(current);
9f46080c 827 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 828
829 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
830}
831
832
833/*
834 * This function implements a generic ability to update ruid, euid,
835 * and suid. This allows you to implement the 4.4 compatible seteuid().
836 */
837asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
838{
839 int old_ruid = current->uid;
840 int old_euid = current->euid;
841 int old_suid = current->suid;
842 int retval;
843
844 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
845 if (retval)
846 return retval;
847
848 if (!capable(CAP_SETUID)) {
849 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
850 (ruid != current->euid) && (ruid != current->suid))
851 return -EPERM;
852 if ((euid != (uid_t) -1) && (euid != current->uid) &&
853 (euid != current->euid) && (euid != current->suid))
854 return -EPERM;
855 if ((suid != (uid_t) -1) && (suid != current->uid) &&
856 (suid != current->euid) && (suid != current->suid))
857 return -EPERM;
858 }
859 if (ruid != (uid_t) -1) {
860 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
861 return -EAGAIN;
862 }
863 if (euid != (uid_t) -1) {
864 if (euid != current->euid)
865 {
d6e71144 866 current->mm->dumpable = suid_dumpable;
d59dd462 867 smp_wmb();
1da177e4
LT		 868 }
869 current->euid = euid;
870 }
871 current->fsuid = current->euid;
872 if (suid != (uid_t) -1)
873 current->suid = suid;
874
875 key_fsuid_changed(current);
9f46080c 876 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 877
878 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
879}
880
881asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
882{
883 int retval;
884
885 if (!(retval = put_user(current->uid, ruid)) &&
886 !(retval = put_user(current->euid, euid)))
887 retval = put_user(current->suid, suid);
888
889 return retval;
890}
891
892/*
893 * Same as above, but for rgid, egid, sgid.
894 */
895asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
896{
897 int retval;
898
899 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
900 if (retval)
901 return retval;
902
903 if (!capable(CAP_SETGID)) {
904 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
905 (rgid != current->egid) && (rgid != current->sgid))
906 return -EPERM;
907 if ((egid != (gid_t) -1) && (egid != current->gid) &&
908 (egid != current->egid) && (egid != current->sgid))
909 return -EPERM;
910 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
911 (sgid != current->egid) && (sgid != current->sgid))
912 return -EPERM;
913 }
914 if (egid != (gid_t) -1) {
915 if (egid != current->egid)
916 {
d6e71144 917 current->mm->dumpable = suid_dumpable;
d59dd462 918 smp_wmb();
1da177e4
LT		 919 }
920 current->egid = egid;
921 }
922 current->fsgid = current->egid;
923 if (rgid != (gid_t) -1)
924 current->gid = rgid;
925 if (sgid != (gid_t) -1)
926 current->sgid = sgid;
927
928 key_fsgid_changed(current);
9f46080c 929 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 930 return 0;
931}
932
933asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
934{
935 int retval;
936
937 if (!(retval = put_user(current->gid, rgid)) &&
938 !(retval = put_user(current->egid, egid)))
939 retval = put_user(current->sgid, sgid);
940
941 return retval;
942}
943
944
945/*
946 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
947 * is used for "access()" and for the NFS daemon (letting nfsd stay at
948 * whatever uid it wants to). It normally shadows "euid", except when
949 * explicitly set by setfsuid() or for access..
950 */
951asmlinkage long sys_setfsuid(uid_t uid)
952{
953 int old_fsuid;
954
955 old_fsuid = current->fsuid;
956 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
957 return old_fsuid;
958
959 if (uid == current->uid || uid == current->euid ||
960 uid == current->suid || uid == current->fsuid ||
961 capable(CAP_SETUID))
962 {
963 if (uid != old_fsuid)
964 {
d6e71144 965 current->mm->dumpable = suid_dumpable;
d59dd462 966 smp_wmb();
1da177e4
LT		 967 }
968 current->fsuid = uid;
969 }
970
971 key_fsuid_changed(current);
9f46080c 972 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 973
974 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
975
976 return old_fsuid;
977}
978
979/*
980