]> bbs.cooldavid.org Git - net-next-2.6.git/blame - kernel/sys.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] Doc/hpet.txt: change to < 80 columns
[net-next-2.6.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7#include <linux/config.h>
8#include <linux/module.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/smp_lock.h>
13#include <linux/notifier.h>
14#include <linux/reboot.h>
15#include <linux/prctl.h>
16#include <linux/init.h>
17#include <linux/highuid.h>
18#include <linux/fs.h>
dc009d92
EB		 19#include <linux/kernel.h>
20#include <linux/kexec.h>
1da177e4
LT		 21#include <linux/workqueue.h>
22#include <linux/device.h>
23#include <linux/key.h>
24#include <linux/times.h>
25#include <linux/posix-timers.h>
26#include <linux/security.h>
27#include <linux/dcookies.h>
28#include <linux/suspend.h>
29#include <linux/tty.h>
7ed20e1a 30#include <linux/signal.h>
9f46080c 31#include <linux/cn_proc.h>
1da177e4
LT		 32
33#include <linux/compat.h>
34#include <linux/syscalls.h>
35
36#include <asm/uaccess.h>
37#include <asm/io.h>
38#include <asm/unistd.h>
39
40#ifndef SET_UNALIGN_CTL
41# define SET_UNALIGN_CTL(a,b) (-EINVAL)
42#endif
43#ifndef GET_UNALIGN_CTL
44# define GET_UNALIGN_CTL(a,b) (-EINVAL)
45#endif
46#ifndef SET_FPEMU_CTL
47# define SET_FPEMU_CTL(a,b) (-EINVAL)
48#endif
49#ifndef GET_FPEMU_CTL
50# define GET_FPEMU_CTL(a,b) (-EINVAL)
51#endif
52#ifndef SET_FPEXC_CTL
53# define SET_FPEXC_CTL(a,b) (-EINVAL)
54#endif
55#ifndef GET_FPEXC_CTL
56# define GET_FPEXC_CTL(a,b) (-EINVAL)
57#endif
58
59/*
60 * this is where the system-wide overflow UID and GID are defined, for
61 * architectures that now have 32-bit UID/GID but didn't in the past
62 */
63
64int overflowuid = DEFAULT_OVERFLOWUID;
65int overflowgid = DEFAULT_OVERFLOWGID;
66
67#ifdef CONFIG_UID16
68EXPORT_SYMBOL(overflowuid);
69EXPORT_SYMBOL(overflowgid);
70#endif
71
72/*
73 * the same as above, but for filesystems which can only store a 16-bit
74 * UID and GID. as such, this is needed on all architectures
75 */
76
77int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
78int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
79
80EXPORT_SYMBOL(fs_overflowuid);
81EXPORT_SYMBOL(fs_overflowgid);
82
83/*
84 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
85 */
86
87int C_A_D = 1;
88int cad_pid = 1;
89
90/*
91 * Notifier list for kernel code which wants to be called
92 * at shutdown. This is used to stop any idling DMA operations
93 * and the like.
94 */
95
96static struct notifier_block *reboot_notifier_list;
97static DEFINE_RWLOCK(notifier_lock);
98
99/**
100 * notifier_chain_register - Add notifier to a notifier chain
101 * @list: Pointer to root list pointer
102 * @n: New entry in notifier chain
103 *
104 * Adds a notifier to a notifier chain.
105 *
106 * Currently always returns zero.
107 */
108
109int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
110{
111 write_lock(&notifier_lock);
112 while(*list)
113 {
114 if(n->priority > (*list)->priority)
115 break;
116 list= &((*list)->next);
117 }
118 n->next = *list;
119 *list=n;
120 write_unlock(&notifier_lock);
121 return 0;
122}
123
124EXPORT_SYMBOL(notifier_chain_register);
125
126/**
127 * notifier_chain_unregister - Remove notifier from a notifier chain
128 * @nl: Pointer to root list pointer
129 * @n: New entry in notifier chain
130 *
131 * Removes a notifier from a notifier chain.
132 *
133 * Returns zero on success, or %-ENOENT on failure.
134 */
135
136int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
137{
138 write_lock(&notifier_lock);
139 while((*nl)!=NULL)
140 {
141 if((*nl)==n)
142 {
143 *nl=n->next;
144 write_unlock(&notifier_lock);
145 return 0;
146 }
147 nl=&((*nl)->next);
148 }
149 write_unlock(&notifier_lock);
150 return -ENOENT;
151}
152
153EXPORT_SYMBOL(notifier_chain_unregister);
154
155/**
156 * notifier_call_chain - Call functions in a notifier chain
157 * @n: Pointer to root pointer of notifier chain
158 * @val: Value passed unmodified to notifier function
159 * @v: Pointer passed unmodified to notifier function
160 *
161 * Calls each function in a notifier chain in turn.
162 *
163 * If the return value of the notifier can be and'd
164 * with %NOTIFY_STOP_MASK, then notifier_call_chain
165 * will return immediately, with the return value of
166 * the notifier function which halted execution.
167 * Otherwise, the return value is the return value
168 * of the last notifier function called.
169 */
170
171int notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
172{
173 int ret=NOTIFY_DONE;
174 struct notifier_block *nb = *n;
175
176 while(nb)
177 {
178 ret=nb->notifier_call(nb,val,v);
179 if(ret&NOTIFY_STOP_MASK)
180 {
181 return ret;
182 }
183 nb=nb->next;
184 }
185 return ret;
186}
187
188EXPORT_SYMBOL(notifier_call_chain);
189
190/**
191 * register_reboot_notifier - Register function to be called at reboot time
192 * @nb: Info about notifier function to be called
193 *
194 * Registers a function with the list of functions
195 * to be called at reboot time.
196 *
197 * Currently always returns zero, as notifier_chain_register
198 * always returns zero.
199 */
200
201int register_reboot_notifier(struct notifier_block * nb)
202{
203 return notifier_chain_register(&reboot_notifier_list, nb);
204}
205
206EXPORT_SYMBOL(register_reboot_notifier);
207
208/**
209 * unregister_reboot_notifier - Unregister previously registered reboot notifier
210 * @nb: Hook to be unregistered
211 *
212 * Unregisters a previously registered reboot
213 * notifier function.
214 *
215 * Returns zero on success, or %-ENOENT on failure.
216 */
217
218int unregister_reboot_notifier(struct notifier_block * nb)
219{
220 return notifier_chain_unregister(&reboot_notifier_list, nb);
221}
222
223EXPORT_SYMBOL(unregister_reboot_notifier);
224
225static int set_one_prio(struct task_struct *p, int niceval, int error)
226{
227 int no_nice;
228
229 if (p->uid != current->euid &&
230 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
231 error = -EPERM;
232 goto out;
233 }
e43379f1 234 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
1da177e4
LT		 235 error = -EACCES;
236 goto out;
237 }
238 no_nice = security_task_setnice(p, niceval);
239 if (no_nice) {
240 error = no_nice;
241 goto out;
242 }
243 if (error == -ESRCH)
244 error = 0;
245 set_user_nice(p, niceval);
246out:
247 return error;
248}
249
250asmlinkage long sys_setpriority(int which, int who, int niceval)
251{
252 struct task_struct *g, *p;
253 struct user_struct *user;
254 int error = -EINVAL;
255
256 if (which > 2 || which < 0)
257 goto out;
258
259 /* normalize: avoid signed division (rounding problems) */
260 error = -ESRCH;
261 if (niceval < -20)
262 niceval = -20;
263 if (niceval > 19)
264 niceval = 19;
265
266 read_lock(&tasklist_lock);
267 switch (which) {
268 case PRIO_PROCESS:
269 if (!who)
270 who = current->pid;
271 p = find_task_by_pid(who);
272 if (p)
273 error = set_one_prio(p, niceval, error);
274 break;
275 case PRIO_PGRP:
276 if (!who)
277 who = process_group(current);
278 do_each_task_pid(who, PIDTYPE_PGID, p) {
279 error = set_one_prio(p, niceval, error);
280 } while_each_task_pid(who, PIDTYPE_PGID, p);
281 break;
282 case PRIO_USER:
283 user = current->user;
284 if (!who)
285 who = current->uid;
286 else
287 if ((who != current->uid) && !(user = find_user(who)))
288 goto out_unlock; /* No processes for this user */
289
290 do_each_thread(g, p)
291 if (p->uid == who)
292 error = set_one_prio(p, niceval, error);
293 while_each_thread(g, p);
294 if (who != current->uid)
295 free_uid(user); /* For find_user() */
296 break;
297 }
298out_unlock:
299 read_unlock(&tasklist_lock);
300out:
301 return error;
302}
303
304/*
305 * Ugh. To avoid negative return values, "getpriority()" will
306 * not return the normal nice-value, but a negated value that
307 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
308 * to stay compatible.
309 */
310asmlinkage long sys_getpriority(int which, int who)
311{
312 struct task_struct *g, *p;
313 struct user_struct *user;
314 long niceval, retval = -ESRCH;
315
316 if (which > 2 || which < 0)
317 return -EINVAL;
318
319 read_lock(&tasklist_lock);
320 switch (which) {
321 case PRIO_PROCESS:
322 if (!who)
323 who = current->pid;
324 p = find_task_by_pid(who);
325 if (p) {
326 niceval = 20 - task_nice(p);
327 if (niceval > retval)
328 retval = niceval;
329 }
330 break;
331 case PRIO_PGRP:
332 if (!who)
333 who = process_group(current);
334 do_each_task_pid(who, PIDTYPE_PGID, p) {
335 niceval = 20 - task_nice(p);
336 if (niceval > retval)
337 retval = niceval;
338 } while_each_task_pid(who, PIDTYPE_PGID, p);
339 break;
340 case PRIO_USER:
341 user = current->user;
342 if (!who)
343 who = current->uid;
344 else
345 if ((who != current->uid) && !(user = find_user(who)))
346 goto out_unlock; /* No processes for this user */
347
348 do_each_thread(g, p)
349 if (p->uid == who) {
350 niceval = 20 - task_nice(p);
351 if (niceval > retval)
352 retval = niceval;
353 }
354 while_each_thread(g, p);
355 if (who != current->uid)
356 free_uid(user); /* for find_user() */
357 break;
358 }
359out_unlock:
360 read_unlock(&tasklist_lock);
361
362 return retval;
363}
364
e4c94330
EB		 365/**
366 * emergency_restart - reboot the system
367 *
368 * Without shutting down any hardware or taking any locks
369 * reboot the system. This is called when we know we are in
370 * trouble so this is our best effort to reboot. This is
371 * safe to call in interrupt context.
372 */
7c903473
EB		 373void emergency_restart(void)
374{
375 machine_emergency_restart();
376}
377EXPORT_SYMBOL_GPL(emergency_restart);
378
e4c94330
EB		 379/**
380 * kernel_restart - reboot the system
381 *
382 * Shutdown everything and perform a clean reboot.
383 * This is not safe to call in interrupt context.
384 */
385void kernel_restart_prepare(char *cmd)
4a00ea1e
EB		 386{
387 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
388 system_state = SYSTEM_RESTART;
4a00ea1e 389 device_shutdown();
e4c94330
EB		 390}
391void kernel_restart(char *cmd)
392{
393 kernel_restart_prepare(cmd);
4a00ea1e
EB		 394 if (!cmd) {
395 printk(KERN_EMERG "Restarting system.\n");
396 } else {
397 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
398 }
399 printk(".\n");
400 machine_restart(cmd);
401}
402EXPORT_SYMBOL_GPL(kernel_restart);
403
e4c94330
EB		 404/**
405 * kernel_kexec - reboot the system
406 *
407 * Move into place and start executing a preloaded standalone
408 * executable. If nothing was preloaded return an error.
409 */
4a00ea1e
EB		 410void kernel_kexec(void)
411{
412#ifdef CONFIG_KEXEC
413 struct kimage *image;
414 image = xchg(&kexec_image, 0);
415 if (!image) {
416 return;
417 }
e4c94330 418 kernel_restart_prepare(NULL);
4a00ea1e
EB		 419 printk(KERN_EMERG "Starting new kernel\n");
420 machine_shutdown();
421 machine_kexec(image);
422#endif
423}
424EXPORT_SYMBOL_GPL(kernel_kexec);
425
e4c94330
EB		 426/**
427 * kernel_halt - halt the system
428 *
429 * Shutdown everything and perform a clean system halt.
430 */
431void kernel_halt_prepare(void)
4a00ea1e
EB		 432{
433 notifier_call_chain(&reboot_notifier_list, SYS_HALT, NULL);
434 system_state = SYSTEM_HALT;
4a00ea1e 435 device_shutdown();
e4c94330
EB		 436}
437void kernel_halt(void)
438{
439 kernel_halt_prepare();
4a00ea1e
EB		 440 printk(KERN_EMERG "System halted.\n");
441 machine_halt();
442}
443EXPORT_SYMBOL_GPL(kernel_halt);
444
e4c94330
EB		 445/**
446 * kernel_power_off - power_off the system
447 *
448 * Shutdown everything and perform a clean system power_off.
449 */
450void kernel_power_off_prepare(void)
4a00ea1e
EB		 451{
452 notifier_call_chain(&reboot_notifier_list, SYS_POWER_OFF, NULL);
453 system_state = SYSTEM_POWER_OFF;
4a00ea1e 454 device_shutdown();
e4c94330
EB		 455}
456void kernel_power_off(void)
457{
458 kernel_power_off_prepare();
4a00ea1e
EB		 459 printk(KERN_EMERG "Power down.\n");
460 machine_power_off();
461}
462EXPORT_SYMBOL_GPL(kernel_power_off);
1da177e4
LT		 463
464/*
465 * Reboot system call: for obvious reasons only root may call it,
466 * and even root needs to set up some magic numbers in the registers
467 * so that some mistake won't make this reboot the whole machine.
468 * You can also set the meaning of the ctrl-alt-del-key here.
469 *
470 * reboot doesn't sync: do that yourself before calling this.
471 */
472asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
473{
474 char buffer[256];
475
476 /* We only trust the superuser with rebooting the system. */
477 if (!capable(CAP_SYS_BOOT))
478 return -EPERM;
479
480 /* For safety, we require "magic" arguments. */
481 if (magic1 != LINUX_REBOOT_MAGIC1 ||
482 (magic2 != LINUX_REBOOT_MAGIC2 &&
483 magic2 != LINUX_REBOOT_MAGIC2A &&
484 magic2 != LINUX_REBOOT_MAGIC2B &&
485 magic2 != LINUX_REBOOT_MAGIC2C))
486 return -EINVAL;
487
488 lock_kernel();
489 switch (cmd) {
490 case LINUX_REBOOT_CMD_RESTART:
4a00ea1e 491 kernel_restart(NULL);
1da177e4
LT		 492 break;
493
494 case LINUX_REBOOT_CMD_CAD_ON:
495 C_A_D = 1;
496 break;
497
498 case LINUX_REBOOT_CMD_CAD_OFF:
499 C_A_D = 0;
500 break;
501
502 case LINUX_REBOOT_CMD_HALT:
4a00ea1e 503 kernel_halt();
1da177e4
LT		 504 unlock_kernel();
505 do_exit(0);
506 break;
507
508 case LINUX_REBOOT_CMD_POWER_OFF:
4a00ea1e 509 kernel_power_off();
1da177e4
LT		 510 unlock_kernel();
511 do_exit(0);
512 break;
513
514 case LINUX_REBOOT_CMD_RESTART2:
515 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
516 unlock_kernel();
517 return -EFAULT;
518 }
519 buffer[sizeof(buffer) - 1] = '\0';
520
4a00ea1e 521 kernel_restart(buffer);
1da177e4
LT		 522 break;
523
dc009d92 524 case LINUX_REBOOT_CMD_KEXEC:
4a00ea1e
EB		 525 kernel_kexec();
526 unlock_kernel();
527 return -EINVAL;
528
1da177e4
LT		 529#ifdef CONFIG_SOFTWARE_SUSPEND
530 case LINUX_REBOOT_CMD_SW_SUSPEND:
531 {
532 int ret = software_suspend();
533 unlock_kernel();
534 return ret;
535 }
536#endif
537
538 default:
539 unlock_kernel();
540 return -EINVAL;
541 }
542 unlock_kernel();
543 return 0;
544}
545
546static void deferred_cad(void *dummy)
547{
abcd9e51 548 kernel_restart(NULL);
1da177e4
LT		 549}
550
551/*
552 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
553 * As it's called within an interrupt, it may NOT sync: the only choice
554 * is whether to reboot at once, or just ignore the ctrl-alt-del.
555 */
556void ctrl_alt_del(void)
557{
558 static DECLARE_WORK(cad_work, deferred_cad, NULL);
559
560 if (C_A_D)
561 schedule_work(&cad_work);
562 else
563 kill_proc(cad_pid, SIGINT, 1);
564}
565
566
567/*
568 * Unprivileged users may change the real gid to the effective gid
569 * or vice versa. (BSD-style)
570 *
571 * If you set the real gid at all, or set the effective gid to a value not
572 * equal to the real gid, then the saved gid is set to the new effective gid.
573 *
574 * This makes it possible for a setgid program to completely drop its
575 * privileges, which is often a useful assertion to make when you are doing
576 * a security audit over a program.
577 *
578 * The general idea is that a program which uses just setregid() will be
579 * 100% compatible with BSD. A program which uses just setgid() will be
580 * 100% compatible with POSIX with saved IDs.
581 *
582 * SMP: There are not races, the GIDs are checked only by filesystem
583 * operations (as far as semantic preservation is concerned).
584 */
585asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
586{
587 int old_rgid = current->gid;
588 int old_egid = current->egid;
589 int new_rgid = old_rgid;
590 int new_egid = old_egid;
591 int retval;
592
593 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
594 if (retval)
595 return retval;
596
597 if (rgid != (gid_t) -1) {
598 if ((old_rgid == rgid) ||
599 (current->egid==rgid) ||
600 capable(CAP_SETGID))
601 new_rgid = rgid;
602 else
603 return -EPERM;
604 }
605 if (egid != (gid_t) -1) {
606 if ((old_rgid == egid) ||
607 (current->egid == egid) ||
608 (current->sgid == egid) ||
609 capable(CAP_SETGID))
610 new_egid = egid;
611 else {
612 return -EPERM;
613 }
614 }
615 if (new_egid != old_egid)
616 {
d6e71144 617 current->mm->dumpable = suid_dumpable;
d59dd462 618 smp_wmb();
1da177e4
LT		 619 }
620 if (rgid != (gid_t) -1 ||
621 (egid != (gid_t) -1 && egid != old_rgid))
622 current->sgid = new_egid;
623 current->fsgid = new_egid;
624 current->egid = new_egid;
625 current->gid = new_rgid;
626 key_fsgid_changed(current);
9f46080c 627 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 628 return 0;
629}
630
631/*
632 * setgid() is implemented like SysV w/ SAVED_IDS
633 *
634 * SMP: Same implicit races as above.
635 */
636asmlinkage long sys_setgid(gid_t gid)
637{
638 int old_egid = current->egid;
639 int retval;
640
641 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
642 if (retval)
643 return retval;
644
645 if (capable(CAP_SETGID))
646 {
647 if(old_egid != gid)
648 {
d6e71144 649 current->mm->dumpable = suid_dumpable;
d59dd462 650 smp_wmb();
1da177e4
LT		 651 }
652 current->gid = current->egid = current->sgid = current->fsgid = gid;
653 }
654 else if ((gid == current->gid) || (gid == current->sgid))
655 {
656 if(old_egid != gid)
657 {
d6e71144 658 current->mm->dumpable = suid_dumpable;
d59dd462 659 smp_wmb();
1da177e4
LT		 660 }
661 current->egid = current->fsgid = gid;
662 }
663 else
664 return -EPERM;
665
666 key_fsgid_changed(current);
9f46080c 667 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 668 return 0;
669}
670
671static int set_user(uid_t new_ruid, int dumpclear)
672{
673 struct user_struct *new_user;
674
675 new_user = alloc_uid(new_ruid);
676 if (!new_user)
677 return -EAGAIN;
678
679 if (atomic_read(&new_user->processes) >=
680 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
681 new_user != &root_user) {
682 free_uid(new_user);
683 return -EAGAIN;
684 }
685
686 switch_uid(new_user);
687
688 if(dumpclear)
689 {
d6e71144 690 current->mm->dumpable = suid_dumpable;
d59dd462 691 smp_wmb();
1da177e4
LT		 692 }
693 current->uid = new_ruid;
694 return 0;
695}
696
697/*
698 * Unprivileged users may change the real uid to the effective uid
699 * or vice versa. (BSD-style)
700 *
701 * If you set the real uid at all, or set the effective uid to a value not
702 * equal to the real uid, then the saved uid is set to the new effective uid.
703 *
704 * This makes it possible for a setuid program to completely drop its
705 * privileges, which is often a useful assertion to make when you are doing
706 * a security audit over a program.
707 *
708 * The general idea is that a program which uses just setreuid() will be
709 * 100% compatible with BSD. A program which uses just setuid() will be
710 * 100% compatible with POSIX with saved IDs.
711 */
712asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
713{
714 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
715 int retval;
716
717 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
718 if (retval)
719 return retval;
720
721 new_ruid = old_ruid = current->uid;
722 new_euid = old_euid = current->euid;
723 old_suid = current->suid;
724
725 if (ruid != (uid_t) -1) {
726 new_ruid = ruid;
727 if ((old_ruid != ruid) &&
728 (current->euid != ruid) &&
729 !capable(CAP_SETUID))
730 return -EPERM;
731 }
732
733 if (euid != (uid_t) -1) {
734 new_euid = euid;
735 if ((old_ruid != euid) &&
736 (current->euid != euid) &&
737 (current->suid != euid) &&
738 !capable(CAP_SETUID))
739 return -EPERM;
740 }
741
742 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
743 return -EAGAIN;
744
745 if (new_euid != old_euid)
746 {
d6e71144 747 current->mm->dumpable = suid_dumpable;
d59dd462 748 smp_wmb();
1da177e4
LT		 749 }
750 current->fsuid = current->euid = new_euid;
751 if (ruid != (uid_t) -1 ||
752 (euid != (uid_t) -1 && euid != old_ruid))
753 current->suid = current->euid;
754 current->fsuid = current->euid;
755
756 key_fsuid_changed(current);
9f46080c 757 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 758
759 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
760}
761
762
763
764/*
765 * setuid() is implemented like SysV with SAVED_IDS
766 *
767 * Note that SAVED_ID's is deficient in that a setuid root program
768 * like sendmail, for example, cannot set its uid to be a normal
769 * user and then switch back, because if you're root, setuid() sets
770 * the saved uid too. If you don't like this, blame the bright people
771 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
772 * will allow a root program to temporarily drop privileges and be able to
773 * regain them by swapping the real and effective uid.
774 */
775asmlinkage long sys_setuid(uid_t uid)
776{
777 int old_euid = current->euid;
778 int old_ruid, old_suid, new_ruid, new_suid;
779 int retval;
780
781 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
782 if (retval)
783 return retval;
784
785 old_ruid = new_ruid = current->uid;
786 old_suid = current->suid;
787 new_suid = old_suid;
788
789 if (capable(CAP_SETUID)) {
790 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
791 return -EAGAIN;
792 new_suid = uid;
793 } else if ((uid != current->uid) && (uid != new_suid))
794 return -EPERM;
795
796 if (old_euid != uid)
797 {
d6e71144 798 current->mm->dumpable = suid_dumpable;
d59dd462 799 smp_wmb();
1da177e4
LT		 800 }
801 current->fsuid = current->euid = uid;
802 current->suid = new_suid;
803
804 key_fsuid_changed(current);
9f46080c 805 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 806
807 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
808}
809
810
811/*
812 * This function implements a generic ability to update ruid, euid,
813 * and suid. This allows you to implement the 4.4 compatible seteuid().
814 */
815asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
816{
817 int old_ruid = current->uid;
818 int old_euid = current->euid;
819 int old_suid = current->suid;
820 int retval;
821
822 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
823 if (retval)
824 return retval;
825
826 if (!capable(CAP_SETUID)) {
827 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
828 (ruid != current->euid) && (ruid != current->suid))
829 return -EPERM;
830 if ((euid != (uid_t) -1) && (euid != current->uid) &&
831 (euid != current->euid) && (euid != current->suid))
832 return -EPERM;
833 if ((suid != (uid_t) -1) && (suid != current->uid) &&
834 (suid != current->euid) && (suid != current->suid))
835 return -EPERM;
836 }
837 if (ruid != (uid_t) -1) {
838 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
839 return -EAGAIN;
840 }
841 if (euid != (uid_t) -1) {
842 if (euid != current->euid)
843 {
d6e71144 844 current->mm->dumpable = suid_dumpable;
d59dd462 845 smp_wmb();
1da177e4
LT		 846 }
847 current->euid = euid;
848 }
849 current->fsuid = current->euid;
850 if (suid != (uid_t) -1)
851 current->suid = suid;
852
853 key_fsuid_changed(current);
9f46080c 854 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 855
856 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
857}
858
859asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
860{
861 int retval;
862
863 if (!(retval = put_user(current->uid, ruid)) &&
864 !(retval = put_user(current->euid, euid)))
865 retval = put_user(current->suid, suid);
866
867 return retval;
868}
869
870/*
871 * Same as above, but for rgid, egid, sgid.
872 */
873asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
874{
875 int retval;
876
877 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
878 if (retval)
879 return retval;
880
881 if (!capable(CAP_SETGID)) {
882 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
883 (rgid != current->egid) && (rgid != current->sgid))
884 return -EPERM;
885 if ((egid != (gid_t) -1) && (egid != current->gid) &&
886 (egid != current->egid) && (egid != current->sgid))
887 return -EPERM;
888 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
889 (sgid != current->egid) && (sgid != current->sgid))
890 return -EPERM;
891 }
892 if (egid != (gid_t) -1) {
893 if (egid != current->egid)
894 {
d6e71144 895 current->mm->dumpable = suid_dumpable;
d59dd462 896 smp_wmb();
1da177e4
LT		 897 }
898 current->egid = egid;
899 }
900 current->fsgid = current->egid;
901 if (rgid != (gid_t) -1)
902 current->gid = rgid;
903 if (sgid != (gid_t) -1)
904 current->sgid = sgid;
905
906 key_fsgid_changed(current);
9f46080c 907 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 908 return 0;
909}
910
911asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
912{
913 int retval;
914
915 if (!(retval = put_user(current->gid, rgid)) &&
916 !(retval = put_user(current->egid, egid)))
917 retval = put_user(current->sgid, sgid);
918
919 return retval;
920}
921
922
923/*
924 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
925 * is used for "access()" and for the NFS daemon (letting nfsd stay at
926 * whatever uid it wants to). It normally shadows "euid", except when
927 * explicitly set by setfsuid() or for access..
928 */
929asmlinkage long sys_setfsuid(uid_t uid)
930{
931 int old_fsuid;
932
933 old_fsuid = current->fsuid;
934 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
935 return old_fsuid;
936
937 if (uid == current->uid || uid == current->euid ||
938 uid == current->suid || uid == current->fsuid ||
939 capable(CAP_SETUID))
940 {
941 if (uid != old_fsuid)
942 {
d6e71144 943 current->mm->dumpable = suid_dumpable;
d59dd462 944 smp_wmb();
1da177e4
LT		 945 }
946 current->fsuid = uid;
947 }
948
949 key_fsuid_changed(current);
9f46080c 950 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 951
952 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
953
954 return old_fsuid;
955}
956
957/*
958