projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] more kernel-doc cleanups, additions
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7#include <linux/config.h>
8#include <linux/module.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/smp_lock.h>
13#include <linux/notifier.h>
14#include <linux/reboot.h>
15#include <linux/prctl.h>
16#include <linux/init.h>
17#include <linux/highuid.h>
18#include <linux/fs.h>
dc009d92
EB		 19#include <linux/kernel.h>
20#include <linux/kexec.h>
1da177e4
LT		 21#include <linux/workqueue.h>
22#include <linux/device.h>
23#include <linux/key.h>
24#include <linux/times.h>
25#include <linux/posix-timers.h>
26#include <linux/security.h>
27#include <linux/dcookies.h>
28#include <linux/suspend.h>
29#include <linux/tty.h>
7ed20e1a 30#include <linux/signal.h>
9f46080c 31#include <linux/cn_proc.h>
1da177e4
LT		 32
33#include <linux/compat.h>
34#include <linux/syscalls.h>
35
36#include <asm/uaccess.h>
37#include <asm/io.h>
38#include <asm/unistd.h>
39
40#ifndef SET_UNALIGN_CTL
41# define SET_UNALIGN_CTL(a,b) (-EINVAL)
42#endif
43#ifndef GET_UNALIGN_CTL
44# define GET_UNALIGN_CTL(a,b) (-EINVAL)
45#endif
46#ifndef SET_FPEMU_CTL
47# define SET_FPEMU_CTL(a,b) (-EINVAL)
48#endif
49#ifndef GET_FPEMU_CTL
50# define GET_FPEMU_CTL(a,b) (-EINVAL)
51#endif
52#ifndef SET_FPEXC_CTL
53# define SET_FPEXC_CTL(a,b) (-EINVAL)
54#endif
55#ifndef GET_FPEXC_CTL
56# define GET_FPEXC_CTL(a,b) (-EINVAL)
57#endif
58
59/*
60 * this is where the system-wide overflow UID and GID are defined, for
61 * architectures that now have 32-bit UID/GID but didn't in the past
62 */
63
64int overflowuid = DEFAULT_OVERFLOWUID;
65int overflowgid = DEFAULT_OVERFLOWGID;
66
67#ifdef CONFIG_UID16
68EXPORT_SYMBOL(overflowuid);
69EXPORT_SYMBOL(overflowgid);
70#endif
71
72/*
73 * the same as above, but for filesystems which can only store a 16-bit
74 * UID and GID. as such, this is needed on all architectures
75 */
76
77int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
78int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
79
80EXPORT_SYMBOL(fs_overflowuid);
81EXPORT_SYMBOL(fs_overflowgid);
82
83/*
84 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
85 */
86
87int C_A_D = 1;
88int cad_pid = 1;
89
90/*
91 * Notifier list for kernel code which wants to be called
92 * at shutdown. This is used to stop any idling DMA operations
93 * and the like.
94 */
95
96static struct notifier_block *reboot_notifier_list;
97static DEFINE_RWLOCK(notifier_lock);
98
99/**
100 * notifier_chain_register - Add notifier to a notifier chain
101 * @list: Pointer to root list pointer
102 * @n: New entry in notifier chain
103 *
104 * Adds a notifier to a notifier chain.
105 *
106 * Currently always returns zero.
107 */
108
109int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
110{
111 write_lock(&notifier_lock);
112 while(*list)
113 {
114 if(n->priority > (*list)->priority)
115 break;
116 list= &((*list)->next);
117 }
118 n->next = *list;
119 *list=n;
120 write_unlock(&notifier_lock);
121 return 0;
122}
123
124EXPORT_SYMBOL(notifier_chain_register);
125
126/**
127 * notifier_chain_unregister - Remove notifier from a notifier chain
128 * @nl: Pointer to root list pointer
129 * @n: New entry in notifier chain
130 *
131 * Removes a notifier from a notifier chain.
132 *
133 * Returns zero on success, or %-ENOENT on failure.
134 */
135
136int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
137{
138 write_lock(&notifier_lock);
139 while((*nl)!=NULL)
140 {
141 if((*nl)==n)
142 {
143 *nl=n->next;
144 write_unlock(&notifier_lock);
145 return 0;
146 }
147 nl=&((*nl)->next);
148 }
149 write_unlock(&notifier_lock);
150 return -ENOENT;
151}
152
153EXPORT_SYMBOL(notifier_chain_unregister);
154
155/**
156 * notifier_call_chain - Call functions in a notifier chain
157 * @n: Pointer to root pointer of notifier chain
158 * @val: Value passed unmodified to notifier function
159 * @v: Pointer passed unmodified to notifier function
160 *
161 * Calls each function in a notifier chain in turn.
162 *
163 * If the return value of the notifier can be and'd
164 * with %NOTIFY_STOP_MASK, then notifier_call_chain
165 * will return immediately, with the return value of
166 * the notifier function which halted execution.
167 * Otherwise, the return value is the return value
168 * of the last notifier function called.
169 */
170
171int notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
172{
173 int ret=NOTIFY_DONE;
174 struct notifier_block *nb = *n;
175
176 while(nb)
177 {
178 ret=nb->notifier_call(nb,val,v);
179 if(ret&NOTIFY_STOP_MASK)
180 {
181 return ret;
182 }
183 nb=nb->next;
184 }
185 return ret;
186}
187
188EXPORT_SYMBOL(notifier_call_chain);
189
190/**
191 * register_reboot_notifier - Register function to be called at reboot time
192 * @nb: Info about notifier function to be called
193 *
194 * Registers a function with the list of functions
195 * to be called at reboot time.
196 *
197 * Currently always returns zero, as notifier_chain_register
198 * always returns zero.
199 */
200
201int register_reboot_notifier(struct notifier_block * nb)
202{
203 return notifier_chain_register(&reboot_notifier_list, nb);
204}
205
206EXPORT_SYMBOL(register_reboot_notifier);
207
208/**
209 * unregister_reboot_notifier - Unregister previously registered reboot notifier
210 * @nb: Hook to be unregistered
211 *
212 * Unregisters a previously registered reboot
213 * notifier function.
214 *
215 * Returns zero on success, or %-ENOENT on failure.
216 */
217
218int unregister_reboot_notifier(struct notifier_block * nb)
219{
220 return notifier_chain_unregister(&reboot_notifier_list, nb);
221}
222
223EXPORT_SYMBOL(unregister_reboot_notifier);
224
225static int set_one_prio(struct task_struct *p, int niceval, int error)
226{
227 int no_nice;
228
229 if (p->uid != current->euid &&
230 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
231 error = -EPERM;
232 goto out;
233 }
e43379f1 234 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
1da177e4
LT		 235 error = -EACCES;
236 goto out;
237 }
238 no_nice = security_task_setnice(p, niceval);
239 if (no_nice) {
240 error = no_nice;
241 goto out;
242 }
243 if (error == -ESRCH)
244 error = 0;
245 set_user_nice(p, niceval);
246out:
247 return error;
248}
249
250asmlinkage long sys_setpriority(int which, int who, int niceval)
251{
252 struct task_struct *g, *p;
253 struct user_struct *user;
254 int error = -EINVAL;
255
256 if (which > 2 || which < 0)
257 goto out;
258
259 /* normalize: avoid signed division (rounding problems) */
260 error = -ESRCH;
261 if (niceval < -20)
262 niceval = -20;
263 if (niceval > 19)
264 niceval = 19;
265
266 read_lock(&tasklist_lock);
267 switch (which) {
268 case PRIO_PROCESS:
269 if (!who)
270 who = current->pid;
271 p = find_task_by_pid(who);
272 if (p)
273 error = set_one_prio(p, niceval, error);
274 break;
275 case PRIO_PGRP:
276 if (!who)
277 who = process_group(current);
278 do_each_task_pid(who, PIDTYPE_PGID, p) {
279 error = set_one_prio(p, niceval, error);
280 } while_each_task_pid(who, PIDTYPE_PGID, p);
281 break;
282 case PRIO_USER:
283 user = current->user;
284 if (!who)
285 who = current->uid;
286 else
287 if ((who != current->uid) && !(user = find_user(who)))
288 goto out_unlock; /* No processes for this user */
289
290 do_each_thread(g, p)
291 if (p->uid == who)
292 error = set_one_prio(p, niceval, error);
293 while_each_thread(g, p);
294 if (who != current->uid)
295 free_uid(user); /* For find_user() */
296 break;
297 }
298out_unlock:
299 read_unlock(&tasklist_lock);
300out:
301 return error;
302}
303
304/*
305 * Ugh. To avoid negative return values, "getpriority()" will
306 * not return the normal nice-value, but a negated value that
307 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
308 * to stay compatible.
309 */
310asmlinkage long sys_getpriority(int which, int who)
311{
312 struct task_struct *g, *p;
313 struct user_struct *user;
314 long niceval, retval = -ESRCH;
315
316 if (which > 2 || which < 0)
317 return -EINVAL;
318
319 read_lock(&tasklist_lock);
320 switch (which) {
321 case PRIO_PROCESS:
322 if (!who)
323 who = current->pid;
324 p = find_task_by_pid(who);
325 if (p) {
326 niceval = 20 - task_nice(p);
327 if (niceval > retval)
328 retval = niceval;
329 }
330 break;
331 case PRIO_PGRP:
332 if (!who)
333 who = process_group(current);
334 do_each_task_pid(who, PIDTYPE_PGID, p) {
335 niceval = 20 - task_nice(p);
336 if (niceval > retval)
337 retval = niceval;
338 } while_each_task_pid(who, PIDTYPE_PGID, p);
339 break;
340 case PRIO_USER:
341 user = current->user;
342 if (!who)
343 who = current->uid;
344 else
345 if ((who != current->uid) && !(user = find_user(who)))
346 goto out_unlock; /* No processes for this user */
347
348 do_each_thread(g, p)
349 if (p->uid == who) {
350 niceval = 20 - task_nice(p);
351 if (niceval > retval)
352 retval = niceval;
353 }
354 while_each_thread(g, p);
355 if (who != current->uid)
356 free_uid(user); /* for find_user() */
357 break;
358 }
359out_unlock:
360 read_unlock(&tasklist_lock);
361
362 return retval;
363}
364
e4c94330
EB		 365/**
366 * emergency_restart - reboot the system
367 *
368 * Without shutting down any hardware or taking any locks
369 * reboot the system. This is called when we know we are in
370 * trouble so this is our best effort to reboot. This is
371 * safe to call in interrupt context.
372 */
7c903473
EB		 373void emergency_restart(void)
374{
375 machine_emergency_restart();
376}
377EXPORT_SYMBOL_GPL(emergency_restart);
378
e4c94330 379void kernel_restart_prepare(char *cmd)
4a00ea1e
EB		 380{
381 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
382 system_state = SYSTEM_RESTART;
4a00ea1e 383 device_shutdown();
e4c94330 384}
1e5d5331
RD		 385
386/**
387 * kernel_restart - reboot the system
388 * @cmd: pointer to buffer containing command to execute for restart
389 * or NULL
390 *
391 * Shutdown everything and perform a clean reboot.
392 * This is not safe to call in interrupt context.
393 */
e4c94330
EB		 394void kernel_restart(char *cmd)
395{
396 kernel_restart_prepare(cmd);
4a00ea1e
EB		 397 if (!cmd) {
398 printk(KERN_EMERG "Restarting system.\n");
399 } else {
400 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
401 }
402 printk(".\n");
403 machine_restart(cmd);
404}
405EXPORT_SYMBOL_GPL(kernel_restart);
406
e4c94330
EB		 407/**
408 * kernel_kexec - reboot the system
409 *
410 * Move into place and start executing a preloaded standalone
411 * executable. If nothing was preloaded return an error.
412 */
4a00ea1e
EB		 413void kernel_kexec(void)
414{
415#ifdef CONFIG_KEXEC
416 struct kimage *image;
417 image = xchg(&kexec_image, 0);
418 if (!image) {
419 return;
420 }
e4c94330 421 kernel_restart_prepare(NULL);
4a00ea1e
EB		 422 printk(KERN_EMERG "Starting new kernel\n");
423 machine_shutdown();
424 machine_kexec(image);
425#endif
426}
427EXPORT_SYMBOL_GPL(kernel_kexec);
428
e4c94330
EB		 429/**
430 * kernel_halt - halt the system
431 *
432 * Shutdown everything and perform a clean system halt.
433 */
434void kernel_halt_prepare(void)
4a00ea1e
EB		 435{
436 notifier_call_chain(&reboot_notifier_list, SYS_HALT, NULL);
437 system_state = SYSTEM_HALT;
4a00ea1e 438 device_shutdown();
e4c94330
EB		 439}
440void kernel_halt(void)
441{
442 kernel_halt_prepare();
4a00ea1e
EB		 443 printk(KERN_EMERG "System halted.\n");
444 machine_halt();
445}
446EXPORT_SYMBOL_GPL(kernel_halt);
447
e4c94330
EB		 448/**
449 * kernel_power_off - power_off the system
450 *
451 * Shutdown everything and perform a clean system power_off.
452 */
453void kernel_power_off_prepare(void)
4a00ea1e
EB		 454{
455 notifier_call_chain(&reboot_notifier_list, SYS_POWER_OFF, NULL);
456 system_state = SYSTEM_POWER_OFF;
4a00ea1e 457 device_shutdown();
e4c94330
EB		 458}
459void kernel_power_off(void)
460{
461 kernel_power_off_prepare();
4a00ea1e
EB		 462 printk(KERN_EMERG "Power down.\n");
463 machine_power_off();
464}
465EXPORT_SYMBOL_GPL(kernel_power_off);
1da177e4
LT		 466
467/*
468 * Reboot system call: for obvious reasons only root may call it,
469 * and even root needs to set up some magic numbers in the registers
470 * so that some mistake won't make this reboot the whole machine.
471 * You can also set the meaning of the ctrl-alt-del-key here.
472 *
473 * reboot doesn't sync: do that yourself before calling this.
474 */
475asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
476{
477 char buffer[256];
478
479 /* We only trust the superuser with rebooting the system. */
480 if (!capable(CAP_SYS_BOOT))
481 return -EPERM;
482
483 /* For safety, we require "magic" arguments. */
484 if (magic1 != LINUX_REBOOT_MAGIC1 ||
485 (magic2 != LINUX_REBOOT_MAGIC2 &&
486 magic2 != LINUX_REBOOT_MAGIC2A &&
487 magic2 != LINUX_REBOOT_MAGIC2B &&
488 magic2 != LINUX_REBOOT_MAGIC2C))
489 return -EINVAL;
490
491 lock_kernel();
492 switch (cmd) {
493 case LINUX_REBOOT_CMD_RESTART:
4a00ea1e 494 kernel_restart(NULL);
1da177e4
LT		 495 break;
496
497 case LINUX_REBOOT_CMD_CAD_ON:
498 C_A_D = 1;
499 break;
500
501 case LINUX_REBOOT_CMD_CAD_OFF:
502 C_A_D = 0;
503 break;
504
505 case LINUX_REBOOT_CMD_HALT:
4a00ea1e 506 kernel_halt();
1da177e4
LT		 507 unlock_kernel();
508 do_exit(0);
509 break;
510
511 case LINUX_REBOOT_CMD_POWER_OFF:
4a00ea1e 512 kernel_power_off();
1da177e4
LT		 513 unlock_kernel();
514 do_exit(0);
515 break;
516
517 case LINUX_REBOOT_CMD_RESTART2:
518 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
519 unlock_kernel();
520 return -EFAULT;
521 }
522 buffer[sizeof(buffer) - 1] = '\0';
523
4a00ea1e 524 kernel_restart(buffer);
1da177e4
LT		 525 break;
526
dc009d92 527 case LINUX_REBOOT_CMD_KEXEC:
4a00ea1e
EB		 528 kernel_kexec();
529 unlock_kernel();
530 return -EINVAL;
531
1da177e4
LT		 532#ifdef CONFIG_SOFTWARE_SUSPEND
533 case LINUX_REBOOT_CMD_SW_SUSPEND:
534 {
535 int ret = software_suspend();
536 unlock_kernel();
537 return ret;
538 }
539#endif
540
541 default:
542 unlock_kernel();
543 return -EINVAL;
544 }
545 unlock_kernel();
546 return 0;
547}
548
549static void deferred_cad(void *dummy)
550{
abcd9e51 551 kernel_restart(NULL);
1da177e4
LT		 552}
553
554/*
555 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
556 * As it's called within an interrupt, it may NOT sync: the only choice
557 * is whether to reboot at once, or just ignore the ctrl-alt-del.
558 */
559void ctrl_alt_del(void)
560{
561 static DECLARE_WORK(cad_work, deferred_cad, NULL);
562
563 if (C_A_D)
564 schedule_work(&cad_work);
565 else
566 kill_proc(cad_pid, SIGINT, 1);
567}
568
569
570/*
571 * Unprivileged users may change the real gid to the effective gid
572 * or vice versa. (BSD-style)
573 *
574 * If you set the real gid at all, or set the effective gid to a value not
575 * equal to the real gid, then the saved gid is set to the new effective gid.
576 *
577 * This makes it possible for a setgid program to completely drop its
578 * privileges, which is often a useful assertion to make when you are doing
579 * a security audit over a program.
580 *
581 * The general idea is that a program which uses just setregid() will be
582 * 100% compatible with BSD. A program which uses just setgid() will be
583 * 100% compatible with POSIX with saved IDs.
584 *
585 * SMP: There are not races, the GIDs are checked only by filesystem
586 * operations (as far as semantic preservation is concerned).
587 */
588asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
589{
590 int old_rgid = current->gid;
591 int old_egid = current->egid;
592 int new_rgid = old_rgid;
593 int new_egid = old_egid;
594 int retval;
595
596 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
597 if (retval)
598 return retval;
599
600 if (rgid != (gid_t) -1) {
601 if ((old_rgid == rgid) ||
602 (current->egid==rgid) ||
603 capable(CAP_SETGID))
604 new_rgid = rgid;
605 else
606 return -EPERM;
607 }
608 if (egid != (gid_t) -1) {
609 if ((old_rgid == egid) ||
610 (current->egid == egid) ||
611 (current->sgid == egid) ||
612 capable(CAP_SETGID))
613 new_egid = egid;
614 else {
615 return -EPERM;
616 }
617 }
618 if (new_egid != old_egid)
619 {
d6e71144 620 current->mm->dumpable = suid_dumpable;
d59dd462 621 smp_wmb();
1da177e4
LT		 622 }
623 if (rgid != (gid_t) -1 ||
624 (egid != (gid_t) -1 && egid != old_rgid))
625 current->sgid = new_egid;
626 current->fsgid = new_egid;
627 current->egid = new_egid;
628 current->gid = new_rgid;
629 key_fsgid_changed(current);
9f46080c 630 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 631 return 0;
632}
633
634/*
635 * setgid() is implemented like SysV w/ SAVED_IDS
636 *
637 * SMP: Same implicit races as above.
638 */
639asmlinkage long sys_setgid(gid_t gid)
640{
641 int old_egid = current->egid;
642 int retval;
643
644 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
645 if (retval)
646 return retval;
647
648 if (capable(CAP_SETGID))
649 {
650 if(old_egid != gid)
651 {
d6e71144 652 current->mm->dumpable = suid_dumpable;
d59dd462 653 smp_wmb();
1da177e4
LT		 654 }
655 current->gid = current->egid = current->sgid = current->fsgid = gid;
656 }
657 else if ((gid == current->gid) || (gid == current->sgid))
658 {
659 if(old_egid != gid)
660 {
d6e71144 661 current->mm->dumpable = suid_dumpable;
d59dd462 662 smp_wmb();
1da177e4
LT		 663 }
664 current->egid = current->fsgid = gid;
665 }
666 else
667 return -EPERM;
668
669 key_fsgid_changed(current);
9f46080c 670 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 671 return 0;
672}
673
674static int set_user(uid_t new_ruid, int dumpclear)
675{
676 struct user_struct *new_user;
677
678 new_user = alloc_uid(new_ruid);
679 if (!new_user)
680 return -EAGAIN;
681
682 if (atomic_read(&new_user->processes) >=
683 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
684 new_user != &root_user) {
685 free_uid(new_user);
686 return -EAGAIN;
687 }
688
689 switch_uid(new_user);
690
691 if(dumpclear)
692 {
d6e71144 693 current->mm->dumpable = suid_dumpable;
d59dd462 694 smp_wmb();
1da177e4
LT		 695 }
696 current->uid = new_ruid;
697 return 0;
698}
699
700/*
701 * Unprivileged users may change the real uid to the effective uid
702 * or vice versa. (BSD-style)
703 *
704 * If you set the real uid at all, or set the effective uid to a value not
705 * equal to the real uid, then the saved uid is set to the new effective uid.
706 *
707 * This makes it possible for a setuid program to completely drop its
708 * privileges, which is often a useful assertion to make when you are doing
709 * a security audit over a program.
710 *
711 * The general idea is that a program which uses just setreuid() will be
712 * 100% compatible with BSD. A program which uses just setuid() will be
713 * 100% compatible with POSIX with saved IDs.
714 */
715asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
716{
717 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
718 int retval;
719
720 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
721 if (retval)
722 return retval;
723
724 new_ruid = old_ruid = current->uid;
725 new_euid = old_euid = current->euid;
726 old_suid = current->suid;
727
728 if (ruid != (uid_t) -1) {
729 new_ruid = ruid;
730 if ((old_ruid != ruid) &&
731 (current->euid != ruid) &&
732 !capable(CAP_SETUID))
733 return -EPERM;
734 }
735
736 if (euid != (uid_t) -1) {
737 new_euid = euid;
738 if ((old_ruid != euid) &&
739 (current->euid != euid) &&
740 (current->suid != euid) &&
741 !capable(CAP_SETUID))
742 return -EPERM;
743 }
744
745 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
746 return -EAGAIN;
747
748 if (new_euid != old_euid)
749 {
d6e71144 750 current->mm->dumpable = suid_dumpable;
d59dd462 751 smp_wmb();
1da177e4
LT		 752 }
753 current->fsuid = current->euid = new_euid;
754 if (ruid != (uid_t) -1 ||
755 (euid != (uid_t) -1 && euid != old_ruid))
756 current->suid = current->euid;
757 current->fsuid = current->euid;
758
759 key_fsuid_changed(current);
9f46080c 760 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 761
762 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
763}
764
765
766
767/*
768 * setuid() is implemented like SysV with SAVED_IDS
769 *
770 * Note that SAVED_ID's is deficient in that a setuid root program
771 * like sendmail, for example, cannot set its uid to be a normal
772 * user and then switch back, because if you're root, setuid() sets
773 * the saved uid too. If you don't like this, blame the bright people
774 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
775 * will allow a root program to temporarily drop privileges and be able to
776 * regain them by swapping the real and effective uid.
777 */
778asmlinkage long sys_setuid(uid_t uid)
779{
780 int old_euid = current->euid;
781 int old_ruid, old_suid, new_ruid, new_suid;
782 int retval;
783
784 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
785 if (retval)
786 return retval;
787
788 old_ruid = new_ruid = current->uid;
789 old_suid = current->suid;
790 new_suid = old_suid;
791
792 if (capable(CAP_SETUID)) {
793 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
794 return -EAGAIN;
795 new_suid = uid;
796 } else if ((uid != current->uid) && (uid != new_suid))
797 return -EPERM;
798
799 if (old_euid != uid)
800 {
d6e71144 801 current->mm->dumpable = suid_dumpable;
d59dd462 802 smp_wmb();
1da177e4
LT		 803 }
804 current->fsuid = current->euid = uid;
805 current->suid = new_suid;
806
807 key_fsuid_changed(current);
9f46080c 808 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 809
810 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
811}
812
813
814/*
815 * This function implements a generic ability to update ruid, euid,
816 * and suid. This allows you to implement the 4.4 compatible seteuid().
817 */
818asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
819{
820 int old_ruid = current->uid;
821 int old_euid = current->euid;
822 int old_suid = current->suid;
823 int retval;
824
825 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
826 if (retval)
827 return retval;
828
829 if (!capable(CAP_SETUID)) {
830 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
831 (ruid != current->euid) && (ruid != current->suid))
832 return -EPERM;
833 if ((euid != (uid_t) -1) && (euid != current->uid) &&
834 (euid != current->euid) && (euid != current->suid))
835 return -EPERM;
836 if ((suid != (uid_t) -1) && (suid != current->uid) &&
837 (suid != current->euid) && (suid != current->suid))
838 return -EPERM;
839 }
840 if (ruid != (uid_t) -1) {
841 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
842 return -EAGAIN;
843 }
844 if (euid != (uid_t) -1) {
845 if (euid != current->euid)
846 {
d6e71144 847 current->mm->dumpable = suid_dumpable;
d59dd462 848 smp_wmb();
1da177e4
LT		 849 }
850 current->euid = euid;
851 }
852 current->fsuid = current->euid;
853 if (suid != (uid_t) -1)
854 current->suid = suid;
855
856 key_fsuid_changed(current);
9f46080c 857 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 858
859 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
860}
861
862asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
863{
864 int retval;
865
866 if (!(retval = put_user(current->uid, ruid)) &&
867 !(retval = put_user(current->euid, euid)))
868 retval = put_user(current->suid, suid);
869
870 return retval;
871}
872
873/*
874 * Same as above, but for rgid, egid, sgid.
875 */
876asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
877{
878 int retval;
879
880 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
881 if (retval)
882 return retval;
883
884 if (!capable(CAP_SETGID)) {
885 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
886 (rgid != current->egid) && (rgid != current->sgid))
887 return -EPERM;
888 if ((egid != (gid_t) -1) && (egid != current->gid) &&
889 (egid != current->egid) && (egid != current->sgid))
890 return -EPERM;
891 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
892 (sgid != current->egid) && (sgid != current->sgid))
893 return -EPERM;
894 }
895 if (egid != (gid_t) -1) {
896 if (egid != current->egid)
897 {
d6e71144 898 current->mm->dumpable = suid_dumpable;
d59dd462 899 smp_wmb();
1da177e4
LT		 900 }
901 current->egid = egid;
902 }
903 current->fsgid = current->egid;
904 if (rgid != (gid_t) -1)
905 current->gid = rgid;
906 if (sgid != (gid_t) -1)
907 current->sgid = sgid;
908
909 key_fsgid_changed(current);
9f46080c 910 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 911 return 0;
912}
913
914asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
915{
916 int retval;
917
918 if (!(retval = put_user(current->gid, rgid)) &&
919 !(retval = put_user(current->egid, egid)))
920 retval = put_user(current->sgid, sgid);
921
922 return retval;
923}
924
925
926/*
927 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
928 * is used for "access()" and for the NFS daemon (letting nfsd stay at
929 * whatever uid it wants to). It normally shadows "euid", except when
930 * explicitly set by setfsuid() or for access..
931 */
932asmlinkage long sys_setfsuid(uid_t uid)
933{
934 int old_fsuid;
935
936 old_fsuid = current->fsuid;
937 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
938 return old_fsuid;
939
940 if (uid == current->uid || uid == current->euid ||
941 uid == current->suid || uid == current->fsuid ||
942 capable(CAP_SETUID))
943 {
944 if (uid != old_fsuid)
945 {
d6e71144 946 current->mm->dumpable = suid_dumpable;
d59dd462 947 smp_wmb();
1da177e4
LT		 948 }
949 current->fsuid = uid;
950 }
951
952 key_fsuid_changed(current);
9f46080c 953 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 954
955 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
956
957 return old_fsuid;
958}
959
960/*
961