]> bbs.cooldavid.org Git - net-next-2.6.git/blame - kernel/sys.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] Refactor sys_reboot into reusable parts
[net-next-2.6.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7#include <linux/config.h>
8#include <linux/module.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/smp_lock.h>
13#include <linux/notifier.h>
14#include <linux/reboot.h>
15#include <linux/prctl.h>
16#include <linux/init.h>
17#include <linux/highuid.h>
18#include <linux/fs.h>
dc009d92
EB		 19#include <linux/kernel.h>
20#include <linux/kexec.h>
1da177e4
LT		 21#include <linux/workqueue.h>
22#include <linux/device.h>
23#include <linux/key.h>
24#include <linux/times.h>
25#include <linux/posix-timers.h>
26#include <linux/security.h>
27#include <linux/dcookies.h>
28#include <linux/suspend.h>
29#include <linux/tty.h>
7ed20e1a 30#include <linux/signal.h>
1da177e4
LT		 31
32#include <linux/compat.h>
33#include <linux/syscalls.h>
34
35#include <asm/uaccess.h>
36#include <asm/io.h>
37#include <asm/unistd.h>
38
39#ifndef SET_UNALIGN_CTL
40# define SET_UNALIGN_CTL(a,b) (-EINVAL)
41#endif
42#ifndef GET_UNALIGN_CTL
43# define GET_UNALIGN_CTL(a,b) (-EINVAL)
44#endif
45#ifndef SET_FPEMU_CTL
46# define SET_FPEMU_CTL(a,b) (-EINVAL)
47#endif
48#ifndef GET_FPEMU_CTL
49# define GET_FPEMU_CTL(a,b) (-EINVAL)
50#endif
51#ifndef SET_FPEXC_CTL
52# define SET_FPEXC_CTL(a,b) (-EINVAL)
53#endif
54#ifndef GET_FPEXC_CTL
55# define GET_FPEXC_CTL(a,b) (-EINVAL)
56#endif
57
58/*
59 * this is where the system-wide overflow UID and GID are defined, for
60 * architectures that now have 32-bit UID/GID but didn't in the past
61 */
62
63int overflowuid = DEFAULT_OVERFLOWUID;
64int overflowgid = DEFAULT_OVERFLOWGID;
65
66#ifdef CONFIG_UID16
67EXPORT_SYMBOL(overflowuid);
68EXPORT_SYMBOL(overflowgid);
69#endif
70
71/*
72 * the same as above, but for filesystems which can only store a 16-bit
73 * UID and GID. as such, this is needed on all architectures
74 */
75
76int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
77int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
78
79EXPORT_SYMBOL(fs_overflowuid);
80EXPORT_SYMBOL(fs_overflowgid);
81
82/*
83 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
84 */
85
86int C_A_D = 1;
87int cad_pid = 1;
88
89/*
90 * Notifier list for kernel code which wants to be called
91 * at shutdown. This is used to stop any idling DMA operations
92 * and the like.
93 */
94
95static struct notifier_block *reboot_notifier_list;
96static DEFINE_RWLOCK(notifier_lock);
97
98/**
99 * notifier_chain_register - Add notifier to a notifier chain
100 * @list: Pointer to root list pointer
101 * @n: New entry in notifier chain
102 *
103 * Adds a notifier to a notifier chain.
104 *
105 * Currently always returns zero.
106 */
107
108int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
109{
110 write_lock(&notifier_lock);
111 while(*list)
112 {
113 if(n->priority > (*list)->priority)
114 break;
115 list= &((*list)->next);
116 }
117 n->next = *list;
118 *list=n;
119 write_unlock(&notifier_lock);
120 return 0;
121}
122
123EXPORT_SYMBOL(notifier_chain_register);
124
125/**
126 * notifier_chain_unregister - Remove notifier from a notifier chain
127 * @nl: Pointer to root list pointer
128 * @n: New entry in notifier chain
129 *
130 * Removes a notifier from a notifier chain.
131 *
132 * Returns zero on success, or %-ENOENT on failure.
133 */
134
135int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
136{
137 write_lock(&notifier_lock);
138 while((*nl)!=NULL)
139 {
140 if((*nl)==n)
141 {
142 *nl=n->next;
143 write_unlock(&notifier_lock);
144 return 0;
145 }
146 nl=&((*nl)->next);
147 }
148 write_unlock(&notifier_lock);
149 return -ENOENT;
150}
151
152EXPORT_SYMBOL(notifier_chain_unregister);
153
154/**
155 * notifier_call_chain - Call functions in a notifier chain
156 * @n: Pointer to root pointer of notifier chain
157 * @val: Value passed unmodified to notifier function
158 * @v: Pointer passed unmodified to notifier function
159 *
160 * Calls each function in a notifier chain in turn.
161 *
162 * If the return value of the notifier can be and'd
163 * with %NOTIFY_STOP_MASK, then notifier_call_chain
164 * will return immediately, with the return value of
165 * the notifier function which halted execution.
166 * Otherwise, the return value is the return value
167 * of the last notifier function called.
168 */
169
170int notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
171{
172 int ret=NOTIFY_DONE;
173 struct notifier_block *nb = *n;
174
175 while(nb)
176 {
177 ret=nb->notifier_call(nb,val,v);
178 if(ret&NOTIFY_STOP_MASK)
179 {
180 return ret;
181 }
182 nb=nb->next;
183 }
184 return ret;
185}
186
187EXPORT_SYMBOL(notifier_call_chain);
188
189/**
190 * register_reboot_notifier - Register function to be called at reboot time
191 * @nb: Info about notifier function to be called
192 *
193 * Registers a function with the list of functions
194 * to be called at reboot time.
195 *
196 * Currently always returns zero, as notifier_chain_register
197 * always returns zero.
198 */
199
200int register_reboot_notifier(struct notifier_block * nb)
201{
202 return notifier_chain_register(&reboot_notifier_list, nb);
203}
204
205EXPORT_SYMBOL(register_reboot_notifier);
206
207/**
208 * unregister_reboot_notifier - Unregister previously registered reboot notifier
209 * @nb: Hook to be unregistered
210 *
211 * Unregisters a previously registered reboot
212 * notifier function.
213 *
214 * Returns zero on success, or %-ENOENT on failure.
215 */
216
217int unregister_reboot_notifier(struct notifier_block * nb)
218{
219 return notifier_chain_unregister(&reboot_notifier_list, nb);
220}
221
222EXPORT_SYMBOL(unregister_reboot_notifier);
223
224static int set_one_prio(struct task_struct *p, int niceval, int error)
225{
226 int no_nice;
227
228 if (p->uid != current->euid &&
229 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
230 error = -EPERM;
231 goto out;
232 }
e43379f1 233 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
1da177e4
LT		 234 error = -EACCES;
235 goto out;
236 }
237 no_nice = security_task_setnice(p, niceval);
238 if (no_nice) {
239 error = no_nice;
240 goto out;
241 }
242 if (error == -ESRCH)
243 error = 0;
244 set_user_nice(p, niceval);
245out:
246 return error;
247}
248
249asmlinkage long sys_setpriority(int which, int who, int niceval)
250{
251 struct task_struct *g, *p;
252 struct user_struct *user;
253 int error = -EINVAL;
254
255 if (which > 2 || which < 0)
256 goto out;
257
258 /* normalize: avoid signed division (rounding problems) */
259 error = -ESRCH;
260 if (niceval < -20)
261 niceval = -20;
262 if (niceval > 19)
263 niceval = 19;
264
265 read_lock(&tasklist_lock);
266 switch (which) {
267 case PRIO_PROCESS:
268 if (!who)
269 who = current->pid;
270 p = find_task_by_pid(who);
271 if (p)
272 error = set_one_prio(p, niceval, error);
273 break;
274 case PRIO_PGRP:
275 if (!who)
276 who = process_group(current);
277 do_each_task_pid(who, PIDTYPE_PGID, p) {
278 error = set_one_prio(p, niceval, error);
279 } while_each_task_pid(who, PIDTYPE_PGID, p);
280 break;
281 case PRIO_USER:
282 user = current->user;
283 if (!who)
284 who = current->uid;
285 else
286 if ((who != current->uid) && !(user = find_user(who)))
287 goto out_unlock; /* No processes for this user */
288
289 do_each_thread(g, p)
290 if (p->uid == who)
291 error = set_one_prio(p, niceval, error);
292 while_each_thread(g, p);
293 if (who != current->uid)
294 free_uid(user); /* For find_user() */
295 break;
296 }
297out_unlock:
298 read_unlock(&tasklist_lock);
299out:
300 return error;
301}
302
303/*
304 * Ugh. To avoid negative return values, "getpriority()" will
305 * not return the normal nice-value, but a negated value that
306 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
307 * to stay compatible.
308 */
309asmlinkage long sys_getpriority(int which, int who)
310{
311 struct task_struct *g, *p;
312 struct user_struct *user;
313 long niceval, retval = -ESRCH;
314
315 if (which > 2 || which < 0)
316 return -EINVAL;
317
318 read_lock(&tasklist_lock);
319 switch (which) {
320 case PRIO_PROCESS:
321 if (!who)
322 who = current->pid;
323 p = find_task_by_pid(who);
324 if (p) {
325 niceval = 20 - task_nice(p);
326 if (niceval > retval)
327 retval = niceval;
328 }
329 break;
330 case PRIO_PGRP:
331 if (!who)
332 who = process_group(current);
333 do_each_task_pid(who, PIDTYPE_PGID, p) {
334 niceval = 20 - task_nice(p);
335 if (niceval > retval)
336 retval = niceval;
337 } while_each_task_pid(who, PIDTYPE_PGID, p);
338 break;
339 case PRIO_USER:
340 user = current->user;
341 if (!who)
342 who = current->uid;
343 else
344 if ((who != current->uid) && !(user = find_user(who)))
345 goto out_unlock; /* No processes for this user */
346
347 do_each_thread(g, p)
348 if (p->uid == who) {
349 niceval = 20 - task_nice(p);
350 if (niceval > retval)
351 retval = niceval;
352 }
353 while_each_thread(g, p);
354 if (who != current->uid)
355 free_uid(user); /* for find_user() */
356 break;
357 }
358out_unlock:
359 read_unlock(&tasklist_lock);
360
361 return retval;
362}
363
4a00ea1e
EB		 364void kernel_restart(char *cmd)
365{
366 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
367 system_state = SYSTEM_RESTART;
368 device_suspend(PMSG_FREEZE);
369 device_shutdown();
370 if (!cmd) {
371 printk(KERN_EMERG "Restarting system.\n");
372 } else {
373 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
374 }
375 printk(".\n");
376 machine_restart(cmd);
377}
378EXPORT_SYMBOL_GPL(kernel_restart);
379
380void kernel_kexec(void)
381{
382#ifdef CONFIG_KEXEC
383 struct kimage *image;
384 image = xchg(&kexec_image, 0);
385 if (!image) {
386 return;
387 }
388 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
389 system_state = SYSTEM_RESTART;
390 device_suspend(PMSG_FREEZE);
391 device_shutdown();
392 printk(KERN_EMERG "Starting new kernel\n");
393 machine_shutdown();
394 machine_kexec(image);
395#endif
396}
397EXPORT_SYMBOL_GPL(kernel_kexec);
398
399void kernel_halt(void)
400{
401 notifier_call_chain(&reboot_notifier_list, SYS_HALT, NULL);
402 system_state = SYSTEM_HALT;
403 device_suspend(PMSG_SUSPEND);
404 device_shutdown();
405 printk(KERN_EMERG "System halted.\n");
406 machine_halt();
407}
408EXPORT_SYMBOL_GPL(kernel_halt);
409
410void kernel_power_off(void)
411{
412 notifier_call_chain(&reboot_notifier_list, SYS_POWER_OFF, NULL);
413 system_state = SYSTEM_POWER_OFF;
414 device_suspend(PMSG_SUSPEND);
415 device_shutdown();
416 printk(KERN_EMERG "Power down.\n");
417 machine_power_off();
418}
419EXPORT_SYMBOL_GPL(kernel_power_off);
1da177e4
LT		 420
421/*
422 * Reboot system call: for obvious reasons only root may call it,
423 * and even root needs to set up some magic numbers in the registers
424 * so that some mistake won't make this reboot the whole machine.
425 * You can also set the meaning of the ctrl-alt-del-key here.
426 *
427 * reboot doesn't sync: do that yourself before calling this.
428 */
429asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
430{
431 char buffer[256];
432
433 /* We only trust the superuser with rebooting the system. */
434 if (!capable(CAP_SYS_BOOT))
435 return -EPERM;
436
437 /* For safety, we require "magic" arguments. */
438 if (magic1 != LINUX_REBOOT_MAGIC1 ||
439 (magic2 != LINUX_REBOOT_MAGIC2 &&
440 magic2 != LINUX_REBOOT_MAGIC2A &&
441 magic2 != LINUX_REBOOT_MAGIC2B &&
442 magic2 != LINUX_REBOOT_MAGIC2C))
443 return -EINVAL;
444
445 lock_kernel();
446 switch (cmd) {
447 case LINUX_REBOOT_CMD_RESTART:
4a00ea1e 448 kernel_restart(NULL);
1da177e4
LT		 449 break;
450
451 case LINUX_REBOOT_CMD_CAD_ON:
452 C_A_D = 1;
453 break;
454
455 case LINUX_REBOOT_CMD_CAD_OFF:
456 C_A_D = 0;
457 break;
458
459 case LINUX_REBOOT_CMD_HALT:
4a00ea1e 460 kernel_halt();
1da177e4
LT		 461 unlock_kernel();
462 do_exit(0);
463 break;
464
465 case LINUX_REBOOT_CMD_POWER_OFF:
4a00ea1e 466 kernel_power_off();
1da177e4
LT		 467 unlock_kernel();
468 do_exit(0);
469 break;
470
471 case LINUX_REBOOT_CMD_RESTART2:
472 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
473 unlock_kernel();
474 return -EFAULT;
475 }
476 buffer[sizeof(buffer) - 1] = '\0';
477
4a00ea1e 478 kernel_restart(buffer);
1da177e4
LT		 479 break;
480
dc009d92 481 case LINUX_REBOOT_CMD_KEXEC:
4a00ea1e
EB		 482 kernel_kexec();
483 unlock_kernel();
484 return -EINVAL;
485
1da177e4
LT		 486#ifdef CONFIG_SOFTWARE_SUSPEND
487 case LINUX_REBOOT_CMD_SW_SUSPEND:
488 {
489 int ret = software_suspend();
490 unlock_kernel();
491 return ret;
492 }
493#endif
494
495 default:
496 unlock_kernel();
497 return -EINVAL;
498 }
499 unlock_kernel();
500 return 0;
501}
502
503static void deferred_cad(void *dummy)
504{
505 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
506 machine_restart(NULL);
507}
508
509/*
510 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
511 * As it's called within an interrupt, it may NOT sync: the only choice
512 * is whether to reboot at once, or just ignore the ctrl-alt-del.
513 */
514void ctrl_alt_del(void)
515{
516 static DECLARE_WORK(cad_work, deferred_cad, NULL);
517
518 if (C_A_D)
519 schedule_work(&cad_work);
520 else
521 kill_proc(cad_pid, SIGINT, 1);
522}
523
524
525/*
526 * Unprivileged users may change the real gid to the effective gid
527 * or vice versa. (BSD-style)
528 *
529 * If you set the real gid at all, or set the effective gid to a value not
530 * equal to the real gid, then the saved gid is set to the new effective gid.
531 *
532 * This makes it possible for a setgid program to completely drop its
533 * privileges, which is often a useful assertion to make when you are doing
534 * a security audit over a program.
535 *
536 * The general idea is that a program which uses just setregid() will be
537 * 100% compatible with BSD. A program which uses just setgid() will be
538 * 100% compatible with POSIX with saved IDs.
539 *
540 * SMP: There are not races, the GIDs are checked only by filesystem
541 * operations (as far as semantic preservation is concerned).
542 */
543asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
544{
545 int old_rgid = current->gid;
546 int old_egid = current->egid;
547 int new_rgid = old_rgid;
548 int new_egid = old_egid;
549 int retval;
550
551 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
552 if (retval)
553 return retval;
554
555 if (rgid != (gid_t) -1) {
556 if ((old_rgid == rgid) ||
557 (current->egid==rgid) ||
558 capable(CAP_SETGID))
559 new_rgid = rgid;
560 else
561 return -EPERM;
562 }
563 if (egid != (gid_t) -1) {
564 if ((old_rgid == egid) ||
565 (current->egid == egid) ||
566 (current->sgid == egid) ||
567 capable(CAP_SETGID))
568 new_egid = egid;
569 else {
570 return -EPERM;
571 }
572 }
573 if (new_egid != old_egid)
574 {
d6e71144 575 current->mm->dumpable = suid_dumpable;
d59dd462 576 smp_wmb();
1da177e4
LT		 577 }
578 if (rgid != (gid_t) -1 ||
579 (egid != (gid_t) -1 && egid != old_rgid))
580 current->sgid = new_egid;
581 current->fsgid = new_egid;
582 current->egid = new_egid;
583 current->gid = new_rgid;
584 key_fsgid_changed(current);
585 return 0;
586}
587
588/*
589 * setgid() is implemented like SysV w/ SAVED_IDS
590 *
591 * SMP: Same implicit races as above.
592 */
593asmlinkage long sys_setgid(gid_t gid)
594{
595 int old_egid = current->egid;
596 int retval;
597
598 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
599 if (retval)
600 return retval;
601
602 if (capable(CAP_SETGID))
603 {
604 if(old_egid != gid)
605 {
d6e71144 606 current->mm->dumpable = suid_dumpable;
d59dd462 607 smp_wmb();
1da177e4
LT		 608 }
609 current->gid = current->egid = current->sgid = current->fsgid = gid;
610 }
611 else if ((gid == current->gid) || (gid == current->sgid))
612 {
613 if(old_egid != gid)
614 {
d6e71144 615 current->mm->dumpable = suid_dumpable;
d59dd462 616 smp_wmb();
1da177e4
LT		 617 }
618 current->egid = current->fsgid = gid;
619 }
620 else
621 return -EPERM;
622
623 key_fsgid_changed(current);
624 return 0;
625}
626
627static int set_user(uid_t new_ruid, int dumpclear)
628{
629 struct user_struct *new_user;
630
631 new_user = alloc_uid(new_ruid);
632 if (!new_user)
633 return -EAGAIN;
634
635 if (atomic_read(&new_user->processes) >=
636 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
637 new_user != &root_user) {
638 free_uid(new_user);
639 return -EAGAIN;
640 }
641
642 switch_uid(new_user);
643
644 if(dumpclear)
645 {
d6e71144 646 current->mm->dumpable = suid_dumpable;
d59dd462 647 smp_wmb();
1da177e4
LT		 648 }
649 current->uid = new_ruid;
650 return 0;
651}
652
653/*
654 * Unprivileged users may change the real uid to the effective uid
655 * or vice versa. (BSD-style)
656 *
657 * If you set the real uid at all, or set the effective uid to a value not
658 * equal to the real uid, then the saved uid is set to the new effective uid.
659 *
660 * This makes it possible for a setuid program to completely drop its
661 * privileges, which is often a useful assertion to make when you are doing
662 * a security audit over a program.
663 *
664 * The general idea is that a program which uses just setreuid() will be
665 * 100% compatible with BSD. A program which uses just setuid() will be
666 * 100% compatible with POSIX with saved IDs.
667 */
668asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
669{
670 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
671 int retval;
672
673 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
674 if (retval)
675 return retval;
676
677 new_ruid = old_ruid = current->uid;
678 new_euid = old_euid = current->euid;
679 old_suid = current->suid;
680
681 if (ruid != (uid_t) -1) {
682 new_ruid = ruid;
683 if ((old_ruid != ruid) &&
684 (current->euid != ruid) &&
685 !capable(CAP_SETUID))
686 return -EPERM;
687 }
688
689 if (euid != (uid_t) -1) {
690 new_euid = euid;
691 if ((old_ruid != euid) &&
692 (current->euid != euid) &&
693 (current->suid != euid) &&
694 !capable(CAP_SETUID))
695 return -EPERM;
696 }
697
698 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
699 return -EAGAIN;
700
701 if (new_euid != old_euid)
702 {
d6e71144 703 current->mm->dumpable = suid_dumpable;
d59dd462 704 smp_wmb();
1da177e4
LT		 705 }
706 current->fsuid = current->euid = new_euid;
707 if (ruid != (uid_t) -1 ||
708 (euid != (uid_t) -1 && euid != old_ruid))
709 current->suid = current->euid;
710 current->fsuid = current->euid;
711
712 key_fsuid_changed(current);
713
714 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
715}
716
717
718
719/*
720 * setuid() is implemented like SysV with SAVED_IDS
721 *
722 * Note that SAVED_ID's is deficient in that a setuid root program
723 * like sendmail, for example, cannot set its uid to be a normal
724 * user and then switch back, because if you're root, setuid() sets
725 * the saved uid too. If you don't like this, blame the bright people
726 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
727 * will allow a root program to temporarily drop privileges and be able to
728 * regain them by swapping the real and effective uid.
729 */
730asmlinkage long sys_setuid(uid_t uid)
731{
732 int old_euid = current->euid;
733 int old_ruid, old_suid, new_ruid, new_suid;
734 int retval;
735
736 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
737 if (retval)
738 return retval;
739
740 old_ruid = new_ruid = current->uid;
741 old_suid = current->suid;
742 new_suid = old_suid;
743
744 if (capable(CAP_SETUID)) {
745 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
746 return -EAGAIN;
747 new_suid = uid;
748 } else if ((uid != current->uid) && (uid != new_suid))
749 return -EPERM;
750
751 if (old_euid != uid)
752 {
d6e71144 753 current->mm->dumpable = suid_dumpable;
d59dd462 754 smp_wmb();
1da177e4
LT		 755 }
756 current->fsuid = current->euid = uid;
757 current->suid = new_suid;
758
759 key_fsuid_changed(current);
760
761 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
762}
763
764
765/*
766 * This function implements a generic ability to update ruid, euid,
767 * and suid. This allows you to implement the 4.4 compatible seteuid().
768 */
769asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
770{
771 int old_ruid = current->uid;
772 int old_euid = current->euid;
773 int old_suid = current->suid;
774 int retval;
775
776 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
777 if (retval)
778 return retval;
779
780 if (!capable(CAP_SETUID)) {
781 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
782 (ruid != current->euid) && (ruid != current->suid))
783 return -EPERM;
784 if ((euid != (uid_t) -1) && (euid != current->uid) &&
785 (euid != current->euid) && (euid != current->suid))
786 return -EPERM;
787 if ((suid != (uid_t) -1) && (suid != current->uid) &&
788 (suid != current->euid) && (suid != current->suid))
789 return -EPERM;
790 }
791 if (ruid != (uid_t) -1) {
792 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
793 return -EAGAIN;
794 }
795 if (euid != (uid_t) -1) {
796 if (euid != current->euid)
797 {
d6e71144 798 current->mm->dumpable = suid_dumpable;
d59dd462 799 smp_wmb();
1da177e4
LT		 800 }
801 current->euid = euid;
802 }
803 current->fsuid = current->euid;
804 if (suid != (uid_t) -1)
805 current->suid = suid;
806
807 key_fsuid_changed(current);
808
809 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
810}
811
812asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
813{
814 int retval;
815
816 if (!(retval = put_user(current->uid, ruid)) &&
817 !(retval = put_user(current->euid, euid)))
818 retval = put_user(current->suid, suid);
819
820 return retval;
821}
822
823/*
824 * Same as above, but for rgid, egid, sgid.
825 */
826asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
827{
828 int retval;
829
830 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
831 if (retval)
832 return retval;
833
834 if (!capable(CAP_SETGID)) {
835 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
836 (rgid != current->egid) && (rgid != current->sgid))
837 return -EPERM;
838 if ((egid != (gid_t) -1) && (egid != current->gid) &&
839 (egid != current->egid) && (egid != current->sgid))
840 return -EPERM;
841 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
842 (sgid != current->egid) && (sgid != current->sgid))
843 return -EPERM;
844 }
845 if (egid != (gid_t) -1) {
846 if (egid != current->egid)
847 {
d6e71144 848 current->mm->dumpable = suid_dumpable;
d59dd462 849 smp_wmb();
1da177e4
LT		 850 }
851 current->egid = egid;
852 }
853 current->fsgid = current->egid;
854 if (rgid != (gid_t) -1)
855 current->gid = rgid;
856 if (sgid != (gid_t) -1)
857 current->sgid = sgid;
858
859 key_fsgid_changed(current);
860 return 0;
861}
862
863asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
864{
865 int retval;
866
867 if (!(retval = put_user(current->gid, rgid)) &&
868 !(retval = put_user(current->egid, egid)))
869 retval = put_user(current->sgid, sgid);
870
871 return retval;
872}
873
874
875/*
876 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
877 * is used for "access()" and for the NFS daemon (letting nfsd stay at
878 * whatever uid it wants to). It normally shadows "euid", except when
879 * explicitly set by setfsuid() or for access..
880 */
881asmlinkage long sys_setfsuid(uid_t uid)
882{
883 int old_fsuid;
884
885 old_fsuid = current->fsuid;
886 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
887 return old_fsuid;
888
889 if (uid == current->uid || uid == current->euid ||
890 uid == current->suid || uid == current->fsuid ||
891 capable(CAP_SETUID))
892 {
893 if (uid != old_fsuid)
894 {
d6e71144 895 current->mm->dumpable = suid_dumpable;
d59dd462 896 smp_wmb();
1da177e4
LT		 897 }
898 current->fsuid = uid;
899 }
900
901 key_fsuid_changed(current);
902
903 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
904
905 return old_fsuid;
906}
907
908/*
909