]> bbs.cooldavid.org Git - net-next-2.6.git/blame - kernel/sys.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Linux-2.6.12-rc2
[net-next-2.6.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7#include <linux/config.h>
8#include <linux/module.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/smp_lock.h>
13#include <linux/notifier.h>
14#include <linux/reboot.h>
15#include <linux/prctl.h>
16#include <linux/init.h>
17#include <linux/highuid.h>
18#include <linux/fs.h>
19#include <linux/workqueue.h>
20#include <linux/device.h>
21#include <linux/key.h>
22#include <linux/times.h>
23#include <linux/posix-timers.h>
24#include <linux/security.h>
25#include <linux/dcookies.h>
26#include <linux/suspend.h>
27#include <linux/tty.h>
28
29#include <linux/compat.h>
30#include <linux/syscalls.h>
31
32#include <asm/uaccess.h>
33#include <asm/io.h>
34#include <asm/unistd.h>
35
36#ifndef SET_UNALIGN_CTL
37# define SET_UNALIGN_CTL(a,b) (-EINVAL)
38#endif
39#ifndef GET_UNALIGN_CTL
40# define GET_UNALIGN_CTL(a,b) (-EINVAL)
41#endif
42#ifndef SET_FPEMU_CTL
43# define SET_FPEMU_CTL(a,b) (-EINVAL)
44#endif
45#ifndef GET_FPEMU_CTL
46# define GET_FPEMU_CTL(a,b) (-EINVAL)
47#endif
48#ifndef SET_FPEXC_CTL
49# define SET_FPEXC_CTL(a,b) (-EINVAL)
50#endif
51#ifndef GET_FPEXC_CTL
52# define GET_FPEXC_CTL(a,b) (-EINVAL)
53#endif
54
55/*
56 * this is where the system-wide overflow UID and GID are defined, for
57 * architectures that now have 32-bit UID/GID but didn't in the past
58 */
59
60int overflowuid = DEFAULT_OVERFLOWUID;
61int overflowgid = DEFAULT_OVERFLOWGID;
62
63#ifdef CONFIG_UID16
64EXPORT_SYMBOL(overflowuid);
65EXPORT_SYMBOL(overflowgid);
66#endif
67
68/*
69 * the same as above, but for filesystems which can only store a 16-bit
70 * UID and GID. as such, this is needed on all architectures
71 */
72
73int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
74int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
75
76EXPORT_SYMBOL(fs_overflowuid);
77EXPORT_SYMBOL(fs_overflowgid);
78
79/*
80 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
81 */
82
83int C_A_D = 1;
84int cad_pid = 1;
85
86/*
87 * Notifier list for kernel code which wants to be called
88 * at shutdown. This is used to stop any idling DMA operations
89 * and the like.
90 */
91
92static struct notifier_block *reboot_notifier_list;
93static DEFINE_RWLOCK(notifier_lock);
94
95/**
96 * notifier_chain_register - Add notifier to a notifier chain
97 * @list: Pointer to root list pointer
98 * @n: New entry in notifier chain
99 *
100 * Adds a notifier to a notifier chain.
101 *
102 * Currently always returns zero.
103 */
104
105int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
106{
107 write_lock(&notifier_lock);
108 while(*list)
109 {
110 if(n->priority > (*list)->priority)
111 break;
112 list= &((*list)->next);
113 }
114 n->next = *list;
115 *list=n;
116 write_unlock(&notifier_lock);
117 return 0;
118}
119
120EXPORT_SYMBOL(notifier_chain_register);
121
122/**
123 * notifier_chain_unregister - Remove notifier from a notifier chain
124 * @nl: Pointer to root list pointer
125 * @n: New entry in notifier chain
126 *
127 * Removes a notifier from a notifier chain.
128 *
129 * Returns zero on success, or %-ENOENT on failure.
130 */
131
132int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
133{
134 write_lock(&notifier_lock);
135 while((*nl)!=NULL)
136 {
137 if((*nl)==n)
138 {
139 *nl=n->next;
140 write_unlock(&notifier_lock);
141 return 0;
142 }
143 nl=&((*nl)->next);
144 }
145 write_unlock(&notifier_lock);
146 return -ENOENT;
147}
148
149EXPORT_SYMBOL(notifier_chain_unregister);
150
151/**
152 * notifier_call_chain - Call functions in a notifier chain
153 * @n: Pointer to root pointer of notifier chain
154 * @val: Value passed unmodified to notifier function
155 * @v: Pointer passed unmodified to notifier function
156 *
157 * Calls each function in a notifier chain in turn.
158 *
159 * If the return value of the notifier can be and'd
160 * with %NOTIFY_STOP_MASK, then notifier_call_chain
161 * will return immediately, with the return value of
162 * the notifier function which halted execution.
163 * Otherwise, the return value is the return value
164 * of the last notifier function called.
165 */
166
167int notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
168{
169 int ret=NOTIFY_DONE;
170 struct notifier_block *nb = *n;
171
172 while(nb)
173 {
174 ret=nb->notifier_call(nb,val,v);
175 if(ret&NOTIFY_STOP_MASK)
176 {
177 return ret;
178 }
179 nb=nb->next;
180 }
181 return ret;
182}
183
184EXPORT_SYMBOL(notifier_call_chain);
185
186/**
187 * register_reboot_notifier - Register function to be called at reboot time
188 * @nb: Info about notifier function to be called
189 *
190 * Registers a function with the list of functions
191 * to be called at reboot time.
192 *
193 * Currently always returns zero, as notifier_chain_register
194 * always returns zero.
195 */
196
197int register_reboot_notifier(struct notifier_block * nb)
198{
199 return notifier_chain_register(&reboot_notifier_list, nb);
200}
201
202EXPORT_SYMBOL(register_reboot_notifier);
203
204/**
205 * unregister_reboot_notifier - Unregister previously registered reboot notifier
206 * @nb: Hook to be unregistered
207 *
208 * Unregisters a previously registered reboot
209 * notifier function.
210 *
211 * Returns zero on success, or %-ENOENT on failure.
212 */
213
214int unregister_reboot_notifier(struct notifier_block * nb)
215{
216 return notifier_chain_unregister(&reboot_notifier_list, nb);
217}
218
219EXPORT_SYMBOL(unregister_reboot_notifier);
220
221static int set_one_prio(struct task_struct *p, int niceval, int error)
222{
223 int no_nice;
224
225 if (p->uid != current->euid &&
226 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
227 error = -EPERM;
228 goto out;
229 }
230 if (niceval < task_nice(p) && !capable(CAP_SYS_NICE)) {
231 error = -EACCES;
232 goto out;
233 }
234 no_nice = security_task_setnice(p, niceval);
235 if (no_nice) {
236 error = no_nice;
237 goto out;
238 }
239 if (error == -ESRCH)
240 error = 0;
241 set_user_nice(p, niceval);
242out:
243 return error;
244}
245
246asmlinkage long sys_setpriority(int which, int who, int niceval)
247{
248 struct task_struct *g, *p;
249 struct user_struct *user;
250 int error = -EINVAL;
251
252 if (which > 2 || which < 0)
253 goto out;
254
255 /* normalize: avoid signed division (rounding problems) */
256 error = -ESRCH;
257 if (niceval < -20)
258 niceval = -20;
259 if (niceval > 19)
260 niceval = 19;
261
262 read_lock(&tasklist_lock);
263 switch (which) {
264 case PRIO_PROCESS:
265 if (!who)
266 who = current->pid;
267 p = find_task_by_pid(who);
268 if (p)
269 error = set_one_prio(p, niceval, error);
270 break;
271 case PRIO_PGRP:
272 if (!who)
273 who = process_group(current);
274 do_each_task_pid(who, PIDTYPE_PGID, p) {
275 error = set_one_prio(p, niceval, error);
276 } while_each_task_pid(who, PIDTYPE_PGID, p);
277 break;
278 case PRIO_USER:
279 user = current->user;
280 if (!who)
281 who = current->uid;
282 else
283 if ((who != current->uid) && !(user = find_user(who)))
284 goto out_unlock; /* No processes for this user */
285
286 do_each_thread(g, p)
287 if (p->uid == who)
288 error = set_one_prio(p, niceval, error);
289 while_each_thread(g, p);
290 if (who != current->uid)
291 free_uid(user); /* For find_user() */
292 break;
293 }
294out_unlock:
295 read_unlock(&tasklist_lock);
296out:
297 return error;
298}
299
300/*
301 * Ugh. To avoid negative return values, "getpriority()" will
302 * not return the normal nice-value, but a negated value that
303 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
304 * to stay compatible.
305 */
306asmlinkage long sys_getpriority(int which, int who)
307{
308 struct task_struct *g, *p;
309 struct user_struct *user;
310 long niceval, retval = -ESRCH;
311
312 if (which > 2 || which < 0)
313 return -EINVAL;
314
315 read_lock(&tasklist_lock);
316 switch (which) {
317 case PRIO_PROCESS:
318 if (!who)
319 who = current->pid;
320 p = find_task_by_pid(who);
321 if (p) {
322 niceval = 20 - task_nice(p);
323 if (niceval > retval)
324 retval = niceval;
325 }
326 break;
327 case PRIO_PGRP:
328 if (!who)
329 who = process_group(current);
330 do_each_task_pid(who, PIDTYPE_PGID, p) {
331 niceval = 20 - task_nice(p);
332 if (niceval > retval)
333 retval = niceval;
334 } while_each_task_pid(who, PIDTYPE_PGID, p);
335 break;
336 case PRIO_USER:
337 user = current->user;
338 if (!who)
339 who = current->uid;
340 else
341 if ((who != current->uid) && !(user = find_user(who)))
342 goto out_unlock; /* No processes for this user */
343
344 do_each_thread(g, p)
345 if (p->uid == who) {
346 niceval = 20 - task_nice(p);
347 if (niceval > retval)
348 retval = niceval;
349 }
350 while_each_thread(g, p);
351 if (who != current->uid)
352 free_uid(user); /* for find_user() */
353 break;
354 }
355out_unlock:
356 read_unlock(&tasklist_lock);
357
358 return retval;
359}
360
361
362/*
363 * Reboot system call: for obvious reasons only root may call it,
364 * and even root needs to set up some magic numbers in the registers
365 * so that some mistake won't make this reboot the whole machine.
366 * You can also set the meaning of the ctrl-alt-del-key here.
367 *
368 * reboot doesn't sync: do that yourself before calling this.
369 */
370asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
371{
372 char buffer[256];
373
374 /* We only trust the superuser with rebooting the system. */
375 if (!capable(CAP_SYS_BOOT))
376 return -EPERM;
377
378 /* For safety, we require "magic" arguments. */
379 if (magic1 != LINUX_REBOOT_MAGIC1 ||
380 (magic2 != LINUX_REBOOT_MAGIC2 &&
381 magic2 != LINUX_REBOOT_MAGIC2A &&
382 magic2 != LINUX_REBOOT_MAGIC2B &&
383 magic2 != LINUX_REBOOT_MAGIC2C))
384 return -EINVAL;
385
386 lock_kernel();
387 switch (cmd) {
388 case LINUX_REBOOT_CMD_RESTART:
389 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
390 system_state = SYSTEM_RESTART;
391 device_shutdown();
392 printk(KERN_EMERG "Restarting system.\n");
393 machine_restart(NULL);
394 break;
395
396 case LINUX_REBOOT_CMD_CAD_ON:
397 C_A_D = 1;
398 break;
399
400 case LINUX_REBOOT_CMD_CAD_OFF:
401 C_A_D = 0;
402 break;
403
404 case LINUX_REBOOT_CMD_HALT:
405 notifier_call_chain(&reboot_notifier_list, SYS_HALT, NULL);
406 system_state = SYSTEM_HALT;
407 device_shutdown();
408 printk(KERN_EMERG "System halted.\n");
409 machine_halt();
410 unlock_kernel();
411 do_exit(0);
412 break;
413
414 case LINUX_REBOOT_CMD_POWER_OFF:
415 notifier_call_chain(&reboot_notifier_list, SYS_POWER_OFF, NULL);
416 system_state = SYSTEM_POWER_OFF;
417 device_shutdown();
418 printk(KERN_EMERG "Power down.\n");
419 machine_power_off();
420 unlock_kernel();
421 do_exit(0);
422 break;
423
424 case LINUX_REBOOT_CMD_RESTART2:
425 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
426 unlock_kernel();
427 return -EFAULT;
428 }
429 buffer[sizeof(buffer) - 1] = '\0';
430
431 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, buffer);
432 system_state = SYSTEM_RESTART;
433 device_shutdown();
434 printk(KERN_EMERG "Restarting system with command '%s'.\n", buffer);
435 machine_restart(buffer);
436 break;
437
438#ifdef CONFIG_SOFTWARE_SUSPEND
439 case LINUX_REBOOT_CMD_SW_SUSPEND:
440 {
441 int ret = software_suspend();
442 unlock_kernel();
443 return ret;
444 }
445#endif
446
447 default:
448 unlock_kernel();
449 return -EINVAL;
450 }
451 unlock_kernel();
452 return 0;
453}
454
455static void deferred_cad(void *dummy)
456{
457 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
458 machine_restart(NULL);
459}
460
461/*
462 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
463 * As it's called within an interrupt, it may NOT sync: the only choice
464 * is whether to reboot at once, or just ignore the ctrl-alt-del.
465 */
466void ctrl_alt_del(void)
467{
468 static DECLARE_WORK(cad_work, deferred_cad, NULL);
469
470 if (C_A_D)
471 schedule_work(&cad_work);
472 else
473 kill_proc(cad_pid, SIGINT, 1);
474}
475
476
477/*
478 * Unprivileged users may change the real gid to the effective gid
479 * or vice versa. (BSD-style)
480 *
481 * If you set the real gid at all, or set the effective gid to a value not
482 * equal to the real gid, then the saved gid is set to the new effective gid.
483 *
484 * This makes it possible for a setgid program to completely drop its
485 * privileges, which is often a useful assertion to make when you are doing
486 * a security audit over a program.
487 *
488 * The general idea is that a program which uses just setregid() will be
489 * 100% compatible with BSD. A program which uses just setgid() will be
490 * 100% compatible with POSIX with saved IDs.
491 *
492 * SMP: There are not races, the GIDs are checked only by filesystem
493 * operations (as far as semantic preservation is concerned).
494 */
495asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
496{
497 int old_rgid = current->gid;
498 int old_egid = current->egid;
499 int new_rgid = old_rgid;
500 int new_egid = old_egid;
501 int retval;
502
503 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
504 if (retval)
505 return retval;
506
507 if (rgid != (gid_t) -1) {
508 if ((old_rgid == rgid) ||
509 (current->egid==rgid) ||
510 capable(CAP_SETGID))
511 new_rgid = rgid;
512 else
513 return -EPERM;
514 }
515 if (egid != (gid_t) -1) {
516 if ((old_rgid == egid) ||
517 (current->egid == egid) ||
518 (current->sgid == egid) ||
519 capable(CAP_SETGID))
520 new_egid = egid;
521 else {
522 return -EPERM;
523 }
524 }
525 if (new_egid != old_egid)
526 {
527 current->mm->dumpable = 0;
528 wmb();
529 }
530 if (rgid != (gid_t) -1 ||
531 (egid != (gid_t) -1 && egid != old_rgid))
532 current->sgid = new_egid;
533 current->fsgid = new_egid;
534 current->egid = new_egid;
535 current->gid = new_rgid;
536 key_fsgid_changed(current);
537 return 0;
538}
539
540/*
541 * setgid() is implemented like SysV w/ SAVED_IDS
542 *
543 * SMP: Same implicit races as above.
544 */
545asmlinkage long sys_setgid(gid_t gid)
546{
547 int old_egid = current->egid;
548 int retval;
549
550 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
551 if (retval)
552 return retval;
553
554 if (capable(CAP_SETGID))
555 {
556 if(old_egid != gid)
557 {
558 current->mm->dumpable=0;
559 wmb();
560 }
561 current->gid = current->egid = current->sgid = current->fsgid = gid;
562 }
563 else if ((gid == current->gid) || (gid == current->sgid))
564 {
565 if(old_egid != gid)
566 {
567 current->mm->dumpable=0;
568 wmb();
569 }
570 current->egid = current->fsgid = gid;
571 }
572 else
573 return -EPERM;
574
575 key_fsgid_changed(current);
576 return 0;
577}
578
579static int set_user(uid_t new_ruid, int dumpclear)
580{
581 struct user_struct *new_user;
582
583 new_user = alloc_uid(new_ruid);
584 if (!new_user)
585 return -EAGAIN;
586
587 if (atomic_read(&new_user->processes) >=
588 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
589 new_user != &root_user) {
590 free_uid(new_user);
591 return -EAGAIN;
592 }
593
594 switch_uid(new_user);
595
596 if(dumpclear)
597 {
598 current->mm->dumpable = 0;
599 wmb();
600 }
601 current->uid = new_ruid;
602 return 0;
603}
604
605/*
606 * Unprivileged users may change the real uid to the effective uid
607 * or vice versa. (BSD-style)
608 *
609 * If you set the real uid at all, or set the effective uid to a value not
610 * equal to the real uid, then the saved uid is set to the new effective uid.
611 *
612 * This makes it possible for a setuid program to completely drop its
613 * privileges, which is often a useful assertion to make when you are doing
614 * a security audit over a program.
615 *
616 * The general idea is that a program which uses just setreuid() will be
617 * 100% compatible with BSD. A program which uses just setuid() will be
618 * 100% compatible with POSIX with saved IDs.
619 */
620asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
621{
622 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
623 int retval;
624
625 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
626 if (retval)
627 return retval;
628
629 new_ruid = old_ruid = current->uid;
630 new_euid = old_euid = current->euid;
631 old_suid = current->suid;
632
633 if (ruid != (uid_t) -1) {
634 new_ruid = ruid;
635 if ((old_ruid != ruid) &&
636 (current->euid != ruid) &&
637 !capable(CAP_SETUID))
638 return -EPERM;
639 }
640
641 if (euid != (uid_t) -1) {
642 new_euid = euid;
643 if ((old_ruid != euid) &&
644 (current->euid != euid) &&
645 (current->suid != euid) &&
646 !capable(CAP_SETUID))
647 return -EPERM;
648 }
649
650 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
651 return -EAGAIN;
652
653 if (new_euid != old_euid)
654 {
655 current->mm->dumpable=0;
656 wmb();
657 }
658 current->fsuid = current->euid = new_euid;
659 if (ruid != (uid_t) -1 ||
660 (euid != (uid_t) -1 && euid != old_ruid))
661 current->suid = current->euid;
662 current->fsuid = current->euid;
663
664 key_fsuid_changed(current);
665
666 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
667}
668
669
670
671/*
672 * setuid() is implemented like SysV with SAVED_IDS
673 *
674 * Note that SAVED_ID's is deficient in that a setuid root program
675 * like sendmail, for example, cannot set its uid to be a normal
676 * user and then switch back, because if you're root, setuid() sets
677 * the saved uid too. If you don't like this, blame the bright people
678 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
679 * will allow a root program to temporarily drop privileges and be able to
680 * regain them by swapping the real and effective uid.
681 */
682asmlinkage long sys_setuid(uid_t uid)
683{
684 int old_euid = current->euid;
685 int old_ruid, old_suid, new_ruid, new_suid;
686 int retval;
687
688 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
689 if (retval)
690 return retval;
691
692 old_ruid = new_ruid = current->uid;
693 old_suid = current->suid;
694 new_suid = old_suid;
695
696 if (capable(CAP_SETUID)) {
697 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
698 return -EAGAIN;
699 new_suid = uid;
700 } else if ((uid != current->uid) && (uid != new_suid))
701 return -EPERM;
702
703 if (old_euid != uid)
704 {
705 current->mm->dumpable = 0;
706 wmb();
707 }
708 current->fsuid = current->euid = uid;
709 current->suid = new_suid;
710
711 key_fsuid_changed(current);
712
713 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
714}
715
716
717/*
718 * This function implements a generic ability to update ruid, euid,
719 * and suid. This allows you to implement the 4.4 compatible seteuid().
720 */
721asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
722{
723 int old_ruid = current->uid;
724 int old_euid = current->euid;
725 int old_suid = current->suid;
726 int retval;
727
728 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
729 if (retval)
730 return retval;
731
732 if (!capable(CAP_SETUID)) {
733 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
734 (ruid != current->euid) && (ruid != current->suid))
735 return -EPERM;
736 if ((euid != (uid_t) -1) && (euid != current->uid) &&
737 (euid != current->euid) && (euid != current->suid))
738 return -EPERM;
739 if ((suid != (uid_t) -1) && (suid != current->uid) &&
740 (suid != current->euid) && (suid != current->suid))
741 return -EPERM;
742 }
743 if (ruid != (uid_t) -1) {
744 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
745 return -EAGAIN;
746 }
747 if (euid != (uid_t) -1) {
748 if (euid != current->euid)
749 {
750 current->mm->dumpable = 0;
751 wmb();
752 }
753 current->euid = euid;
754 }
755 current->fsuid = current->euid;
756 if (suid != (uid_t) -1)
757 current->suid = suid;
758
759 key_fsuid_changed(current);
760
761 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
762}
763
764asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
765{
766 int retval;
767
768 if (!(retval = put_user(current->uid, ruid)) &&
769 !(retval = put_user(current->euid, euid)))
770 retval = put_user(current->suid, suid);
771
772 return retval;
773}
774
775/*
776 * Same as above, but for rgid, egid, sgid.
777 */
778asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
779{
780 int retval;
781
782 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
783 if (retval)
784 return retval;
785
786 if (!capable(CAP_SETGID)) {
787 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
788 (rgid != current->egid) && (rgid != current->sgid))
789 return -EPERM;
790 if ((egid != (gid_t) -1) && (egid != current->gid) &&
791 (egid != current->egid) && (egid != current->sgid))
792 return -EPERM;
793 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
794 (sgid != current->egid) && (sgid != current->sgid))
795 return -EPERM;
796 }
797 if (egid != (gid_t) -1) {
798 if (egid != current->egid)
799 {
800 current->mm->dumpable = 0;
801 wmb();
802 }
803 current->egid = egid;
804 }
805 current->fsgid = current->egid;
806 if (rgid != (gid_t) -1)
807 current->gid = rgid;
808 if (sgid != (gid_t) -1)
809 current->sgid = sgid;
810
811 key_fsgid_changed(current);
812 return 0;
813}
814
815asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
816{
817 int retval;
818
819 if (!(retval = put_user(current->gid, rgid)) &&
820 !(retval = put_user(current->egid, egid)))
821 retval = put_user(current->sgid, sgid);
822
823 return retval;
824}
825
826
827/*
828 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
829 * is used for "access()" and for the NFS daemon (letting nfsd stay at
830 * whatever uid it wants to). It normally shadows "euid", except when
831 * explicitly set by setfsuid() or for access..
832 */
833asmlinkage long sys_setfsuid(uid_t uid)
834{
835 int old_fsuid;
836
837 old_fsuid = current->fsuid;
838 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
839 return old_fsuid;
840
841 if (uid == current->uid || uid == current->euid ||
842 uid == current->suid || uid == current->fsuid ||
843 capable(CAP_SETUID))
844 {
845 if (uid != old_fsuid)
846 {
847 current->mm->dumpable = 0;
848 wmb();
849 }
850 current->fsuid = uid;
851 }
852
853 key_fsuid_changed(current);
854
855 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
856
857 return old_fsuid;
858}
859
860/*
861