projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] uml: avoid malloc to sleep in atomic sections
[deliverable/linux.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7#include <linux/config.h>
8#include <linux/module.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/smp_lock.h>
13#include <linux/notifier.h>
14#include <linux/reboot.h>
15#include <linux/prctl.h>
16#include <linux/init.h>
17#include <linux/highuid.h>
18#include <linux/fs.h>
dc009d92
EB		 19#include <linux/kernel.h>
20#include <linux/kexec.h>
1da177e4 21#include <linux/workqueue.h>
c59ede7b 22#include <linux/capability.h>
1da177e4
LT		 23#include <linux/device.h>
24#include <linux/key.h>
25#include <linux/times.h>
26#include <linux/posix-timers.h>
27#include <linux/security.h>
28#include <linux/dcookies.h>
29#include <linux/suspend.h>
30#include <linux/tty.h>
7ed20e1a 31#include <linux/signal.h>
9f46080c 32#include <linux/cn_proc.h>
1da177e4
LT		 33
34#include <linux/compat.h>
35#include <linux/syscalls.h>
00d7c05a 36#include <linux/kprobes.h>
1da177e4
LT		 37
38#include <asm/uaccess.h>
39#include <asm/io.h>
40#include <asm/unistd.h>
41
42#ifndef SET_UNALIGN_CTL
43# define SET_UNALIGN_CTL(a,b) (-EINVAL)
44#endif
45#ifndef GET_UNALIGN_CTL
46# define GET_UNALIGN_CTL(a,b) (-EINVAL)
47#endif
48#ifndef SET_FPEMU_CTL
49# define SET_FPEMU_CTL(a,b) (-EINVAL)
50#endif
51#ifndef GET_FPEMU_CTL
52# define GET_FPEMU_CTL(a,b) (-EINVAL)
53#endif
54#ifndef SET_FPEXC_CTL
55# define SET_FPEXC_CTL(a,b) (-EINVAL)
56#endif
57#ifndef GET_FPEXC_CTL
58# define GET_FPEXC_CTL(a,b) (-EINVAL)
59#endif
60
61/*
62 * this is where the system-wide overflow UID and GID are defined, for
63 * architectures that now have 32-bit UID/GID but didn't in the past
64 */
65
66int overflowuid = DEFAULT_OVERFLOWUID;
67int overflowgid = DEFAULT_OVERFLOWGID;
68
69#ifdef CONFIG_UID16
70EXPORT_SYMBOL(overflowuid);
71EXPORT_SYMBOL(overflowgid);
72#endif
73
74/*
75 * the same as above, but for filesystems which can only store a 16-bit
76 * UID and GID. as such, this is needed on all architectures
77 */
78
79int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
80int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
81
82EXPORT_SYMBOL(fs_overflowuid);
83EXPORT_SYMBOL(fs_overflowgid);
84
85/*
86 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
87 */
88
89int C_A_D = 1;
90int cad_pid = 1;
91
92/*
93 * Notifier list for kernel code which wants to be called
94 * at shutdown. This is used to stop any idling DMA operations
95 * and the like.
96 */
97
98static struct notifier_block *reboot_notifier_list;
99static DEFINE_RWLOCK(notifier_lock);
100
101/**
102 * notifier_chain_register - Add notifier to a notifier chain
103 * @list: Pointer to root list pointer
104 * @n: New entry in notifier chain
105 *
106 * Adds a notifier to a notifier chain.
107 *
108 * Currently always returns zero.
109 */
110
111int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
112{
113 write_lock(&notifier_lock);
114 while(*list)
115 {
116 if(n->priority > (*list)->priority)
117 break;
118 list= &((*list)->next);
119 }
120 n->next = *list;
121 *list=n;
122 write_unlock(&notifier_lock);
123 return 0;
124}
125
126EXPORT_SYMBOL(notifier_chain_register);
127
128/**
129 * notifier_chain_unregister - Remove notifier from a notifier chain
130 * @nl: Pointer to root list pointer
131 * @n: New entry in notifier chain
132 *
133 * Removes a notifier from a notifier chain.
134 *
135 * Returns zero on success, or %-ENOENT on failure.
136 */
137
138int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
139{
140 write_lock(&notifier_lock);
141 while((*nl)!=NULL)
142 {
143 if((*nl)==n)
144 {
145 *nl=n->next;
146 write_unlock(&notifier_lock);
147 return 0;
148 }
149 nl=&((*nl)->next);
150 }
151 write_unlock(&notifier_lock);
152 return -ENOENT;
153}
154
155EXPORT_SYMBOL(notifier_chain_unregister);
156
157/**
158 * notifier_call_chain - Call functions in a notifier chain
159 * @n: Pointer to root pointer of notifier chain
160 * @val: Value passed unmodified to notifier function
161 * @v: Pointer passed unmodified to notifier function
162 *
163 * Calls each function in a notifier chain in turn.
164 *
165 * If the return value of the notifier can be and'd
166 * with %NOTIFY_STOP_MASK, then notifier_call_chain
167 * will return immediately, with the return value of
168 * the notifier function which halted execution.
169 * Otherwise, the return value is the return value
170 * of the last notifier function called.
171 */
172
00d7c05a 173int __kprobes notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
1da177e4
LT		 174{
175 int ret=NOTIFY_DONE;
176 struct notifier_block *nb = *n;
177
178 while(nb)
179 {
180 ret=nb->notifier_call(nb,val,v);
181 if(ret&NOTIFY_STOP_MASK)
182 {
183 return ret;
184 }
185 nb=nb->next;
186 }
187 return ret;
188}
189
190EXPORT_SYMBOL(notifier_call_chain);
191
192/**
193 * register_reboot_notifier - Register function to be called at reboot time
194 * @nb: Info about notifier function to be called
195 *
196 * Registers a function with the list of functions
197 * to be called at reboot time.
198 *
199 * Currently always returns zero, as notifier_chain_register
200 * always returns zero.
201 */
202
203int register_reboot_notifier(struct notifier_block * nb)
204{
205 return notifier_chain_register(&reboot_notifier_list, nb);
206}
207
208EXPORT_SYMBOL(register_reboot_notifier);
209
210/**
211 * unregister_reboot_notifier - Unregister previously registered reboot notifier
212 * @nb: Hook to be unregistered
213 *
214 * Unregisters a previously registered reboot
215 * notifier function.
216 *
217 * Returns zero on success, or %-ENOENT on failure.
218 */
219
220int unregister_reboot_notifier(struct notifier_block * nb)
221{
222 return notifier_chain_unregister(&reboot_notifier_list, nb);
223}
224
225EXPORT_SYMBOL(unregister_reboot_notifier);
226
e16885c5
IM		 227#ifndef CONFIG_SECURITY
228int capable(int cap)
229{
230 if (cap_raised(current->cap_effective, cap)) {
231 current->flags |= PF_SUPERPRIV;
232 return 1;
233 }
234 return 0;
235}
236EXPORT_SYMBOL(capable);
237#endif
238
1da177e4
LT		 239static int set_one_prio(struct task_struct *p, int niceval, int error)
240{
241 int no_nice;
242
243 if (p->uid != current->euid &&
244 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
245 error = -EPERM;
246 goto out;
247 }
e43379f1 248 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
1da177e4
LT		 249 error = -EACCES;
250 goto out;
251 }
252 no_nice = security_task_setnice(p, niceval);
253 if (no_nice) {
254 error = no_nice;
255 goto out;
256 }
257 if (error == -ESRCH)
258 error = 0;
259 set_user_nice(p, niceval);
260out:
261 return error;
262}
263
264asmlinkage long sys_setpriority(int which, int who, int niceval)
265{
266 struct task_struct *g, *p;
267 struct user_struct *user;
268 int error = -EINVAL;
269
270 if (which > 2 || which < 0)
271 goto out;
272
273 /* normalize: avoid signed division (rounding problems) */
274 error = -ESRCH;
275 if (niceval < -20)
276 niceval = -20;
277 if (niceval > 19)
278 niceval = 19;
279
280 read_lock(&tasklist_lock);
281 switch (which) {
282 case PRIO_PROCESS:
283 if (!who)
284 who = current->pid;
285 p = find_task_by_pid(who);
286 if (p)
287 error = set_one_prio(p, niceval, error);
288 break;
289 case PRIO_PGRP:
290 if (!who)
291 who = process_group(current);
292 do_each_task_pid(who, PIDTYPE_PGID, p) {
293 error = set_one_prio(p, niceval, error);
294 } while_each_task_pid(who, PIDTYPE_PGID, p);
295 break;
296 case PRIO_USER:
297 user = current->user;
298 if (!who)
299 who = current->uid;
300 else
301 if ((who != current->uid) && !(user = find_user(who)))
302 goto out_unlock; /* No processes for this user */
303
304 do_each_thread(g, p)
305 if (p->uid == who)
306 error = set_one_prio(p, niceval, error);
307 while_each_thread(g, p);
308 if (who != current->uid)
309 free_uid(user); /* For find_user() */
310 break;
311 }
312out_unlock:
313 read_unlock(&tasklist_lock);
314out:
315 return error;
316}
317
318/*
319 * Ugh. To avoid negative return values, "getpriority()" will
320 * not return the normal nice-value, but a negated value that
321 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
322 * to stay compatible.
323 */
324asmlinkage long sys_getpriority(int which, int who)
325{
326 struct task_struct *g, *p;
327 struct user_struct *user;
328 long niceval, retval = -ESRCH;
329
330 if (which > 2 || which < 0)
331 return -EINVAL;
332
333 read_lock(&tasklist_lock);
334 switch (which) {
335 case PRIO_PROCESS:
336 if (!who)
337 who = current->pid;
338 p = find_task_by_pid(who);
339 if (p) {
340 niceval = 20 - task_nice(p);
341 if (niceval > retval)
342 retval = niceval;
343 }
344 break;
345 case PRIO_PGRP:
346 if (!who)
347 who = process_group(current);
348 do_each_task_pid(who, PIDTYPE_PGID, p) {
349 niceval = 20 - task_nice(p);
350 if (niceval > retval)
351 retval = niceval;
352 } while_each_task_pid(who, PIDTYPE_PGID, p);
353 break;
354 case PRIO_USER:
355 user = current->user;
356 if (!who)
357 who = current->uid;
358 else
359 if ((who != current->uid) && !(user = find_user(who)))
360 goto out_unlock; /* No processes for this user */
361
362 do_each_thread(g, p)
363 if (p->uid == who) {
364 niceval = 20 - task_nice(p);
365 if (niceval > retval)
366 retval = niceval;
367 }
368 while_each_thread(g, p);
369 if (who != current->uid)
370 free_uid(user); /* for find_user() */
371 break;
372 }
373out_unlock:
374 read_unlock(&tasklist_lock);
375
376 return retval;
377}
378
e4c94330
EB		 379/**
380 * emergency_restart - reboot the system
381 *
382 * Without shutting down any hardware or taking any locks
383 * reboot the system. This is called when we know we are in
384 * trouble so this is our best effort to reboot. This is
385 * safe to call in interrupt context.
386 */
7c903473
EB		 387void emergency_restart(void)
388{
389 machine_emergency_restart();
390}
391EXPORT_SYMBOL_GPL(emergency_restart);
392
e4c94330 393void kernel_restart_prepare(char *cmd)
4a00ea1e
EB		 394{
395 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
396 system_state = SYSTEM_RESTART;
4a00ea1e 397 device_shutdown();
e4c94330 398}
1e5d5331
RD		 399
400/**
401 * kernel_restart - reboot the system
402 * @cmd: pointer to buffer containing command to execute for restart
b8887e6e 403 * or %NULL
1e5d5331
RD		 404 *
405 * Shutdown everything and perform a clean reboot.
406 * This is not safe to call in interrupt context.
407 */
e4c94330
EB		 408void kernel_restart(char *cmd)
409{
410 kernel_restart_prepare(cmd);
4a00ea1e
EB		 411 if (!cmd) {
412 printk(KERN_EMERG "Restarting system.\n");
413 } else {
414 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
415 }
416 printk(".\n");
417 machine_restart(cmd);
418}
419EXPORT_SYMBOL_GPL(kernel_restart);
420
e4c94330
EB		 421/**
422 * kernel_kexec - reboot the system
423 *
424 * Move into place and start executing a preloaded standalone
425 * executable. If nothing was preloaded return an error.
426 */
4a00ea1e
EB		 427void kernel_kexec(void)
428{
429#ifdef CONFIG_KEXEC
430 struct kimage *image;
431 image = xchg(&kexec_image, 0);
432 if (!image) {
433 return;
434 }
e4c94330 435 kernel_restart_prepare(NULL);
4a00ea1e
EB		 436 printk(KERN_EMERG "Starting new kernel\n");
437 machine_shutdown();
438 machine_kexec(image);
439#endif
440}
441EXPORT_SYMBOL_GPL(kernel_kexec);
442
e4c94330
EB		 443/**
444 * kernel_halt - halt the system
445 *
446 * Shutdown everything and perform a clean system halt.
447 */
448void kernel_halt_prepare(void)
4a00ea1e
EB		 449{
450 notifier_call_chain(&reboot_notifier_list, SYS_HALT, NULL);
451 system_state = SYSTEM_HALT;
4a00ea1e 452 device_shutdown();
e4c94330
EB		 453}
454void kernel_halt(void)
455{
456 kernel_halt_prepare();
4a00ea1e
EB		 457 printk(KERN_EMERG "System halted.\n");
458 machine_halt();
459}
460EXPORT_SYMBOL_GPL(kernel_halt);
461
e4c94330
EB		 462/**
463 * kernel_power_off - power_off the system
464 *
465 * Shutdown everything and perform a clean system power_off.
466 */
467void kernel_power_off_prepare(void)
4a00ea1e
EB		 468{
469 notifier_call_chain(&reboot_notifier_list, SYS_POWER_OFF, NULL);
470 system_state = SYSTEM_POWER_OFF;
4a00ea1e 471 device_shutdown();
e4c94330
EB		 472}
473void kernel_power_off(void)
474{
475 kernel_power_off_prepare();
4a00ea1e
EB		 476 printk(KERN_EMERG "Power down.\n");
477 machine_power_off();
478}
479EXPORT_SYMBOL_GPL(kernel_power_off);
1da177e4
LT		 480
481/*
482 * Reboot system call: for obvious reasons only root may call it,
483 * and even root needs to set up some magic numbers in the registers
484 * so that some mistake won't make this reboot the whole machine.
485 * You can also set the meaning of the ctrl-alt-del-key here.
486 *
487 * reboot doesn't sync: do that yourself before calling this.
488 */
489asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
490{
491 char buffer[256];
492
493 /* We only trust the superuser with rebooting the system. */
494 if (!capable(CAP_SYS_BOOT))
495 return -EPERM;
496
497 /* For safety, we require "magic" arguments. */
498 if (magic1 != LINUX_REBOOT_MAGIC1 ||
499 (magic2 != LINUX_REBOOT_MAGIC2 &&
500 magic2 != LINUX_REBOOT_MAGIC2A &&
501 magic2 != LINUX_REBOOT_MAGIC2B &&
502 magic2 != LINUX_REBOOT_MAGIC2C))
503 return -EINVAL;
504
5e38291d
EB		 505 /* Instead of trying to make the power_off code look like
506 * halt when pm_power_off is not set do it the easy way.
507 */
508 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
509 cmd = LINUX_REBOOT_CMD_HALT;
510
1da177e4
LT		 511 lock_kernel();
512 switch (cmd) {
513 case LINUX_REBOOT_CMD_RESTART:
4a00ea1e 514 kernel_restart(NULL);
1da177e4
LT		 515 break;
516
517 case LINUX_REBOOT_CMD_CAD_ON:
518 C_A_D = 1;
519 break;
520
521 case LINUX_REBOOT_CMD_CAD_OFF:
522 C_A_D = 0;
523 break;
524
525 case LINUX_REBOOT_CMD_HALT:
4a00ea1e 526 kernel_halt();
1da177e4
LT		 527 unlock_kernel();
528 do_exit(0);
529 break;
530
531 case LINUX_REBOOT_CMD_POWER_OFF:
4a00ea1e 532 kernel_power_off();
1da177e4
LT		 533 unlock_kernel();
534 do_exit(0);
535 break;
536
537 case LINUX_REBOOT_CMD_RESTART2:
538 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
539 unlock_kernel();
540 return -EFAULT;
541 }
542 buffer[sizeof(buffer) - 1] = '\0';
543
4a00ea1e 544 kernel_restart(buffer);
1da177e4
LT		 545 break;
546
dc009d92 547 case LINUX_REBOOT_CMD_KEXEC:
4a00ea1e
EB		 548 kernel_kexec();
549 unlock_kernel();
550 return -EINVAL;
551
1da177e4
LT		 552#ifdef CONFIG_SOFTWARE_SUSPEND
553 case LINUX_REBOOT_CMD_SW_SUSPEND:
554 {
555 int ret = software_suspend();
556 unlock_kernel();
557 return ret;
558 }
559#endif
560
561 default:
562 unlock_kernel();
563 return -EINVAL;
564 }
565 unlock_kernel();
566 return 0;
567}
568
569static void deferred_cad(void *dummy)
570{
abcd9e51 571 kernel_restart(NULL);
1da177e4
LT		 572}
573
574/*
575 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
576 * As it's called within an interrupt, it may NOT sync: the only choice
577 * is whether to reboot at once, or just ignore the ctrl-alt-del.
578 */
579void ctrl_alt_del(void)
580{
581 static DECLARE_WORK(cad_work, deferred_cad, NULL);
582
583 if (C_A_D)
584 schedule_work(&cad_work);
585 else
586 kill_proc(cad_pid, SIGINT, 1);
587}
588
589
590/*
591 * Unprivileged users may change the real gid to the effective gid
592 * or vice versa. (BSD-style)
593 *
594 * If you set the real gid at all, or set the effective gid to a value not
595 * equal to the real gid, then the saved gid is set to the new effective gid.
596 *
597 * This makes it possible for a setgid program to completely drop its
598 * privileges, which is often a useful assertion to make when you are doing
599 * a security audit over a program.
600 *
601 * The general idea is that a program which uses just setregid() will be
602 * 100% compatible with BSD. A program which uses just setgid() will be
603 * 100% compatible with POSIX with saved IDs.
604 *
605 * SMP: There are not races, the GIDs are checked only by filesystem
606 * operations (as far as semantic preservation is concerned).
607 */
608asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
609{
610 int old_rgid = current->gid;
611 int old_egid = current->egid;
612 int new_rgid = old_rgid;
613 int new_egid = old_egid;
614 int retval;
615
616 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
617 if (retval)
618 return retval;
619
620 if (rgid != (gid_t) -1) {
621 if ((old_rgid == rgid) ||
622 (current->egid==rgid) ||
623 capable(CAP_SETGID))
624 new_rgid = rgid;
625 else
626 return -EPERM;
627 }
628 if (egid != (gid_t) -1) {
629 if ((old_rgid == egid) ||
630 (current->egid == egid) ||
631 (current->sgid == egid) ||
632 capable(CAP_SETGID))
633 new_egid = egid;
634 else {
635 return -EPERM;
636 }
637 }
638 if (new_egid != old_egid)
639 {
d6e71144 640 current->mm->dumpable = suid_dumpable;
d59dd462 641 smp_wmb();
1da177e4
LT		 642 }
643 if (rgid != (gid_t) -1 ||
644 (egid != (gid_t) -1 && egid != old_rgid))
645 current->sgid = new_egid;
646 current->fsgid = new_egid;
647 current->egid = new_egid;
648 current->gid = new_rgid;
649 key_fsgid_changed(current);
9f46080c 650 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 651 return 0;
652}
653
654/*
655 * setgid() is implemented like SysV w/ SAVED_IDS
656 *
657 * SMP: Same implicit races as above.
658 */
659asmlinkage long sys_setgid(gid_t gid)
660{
661 int old_egid = current->egid;
662 int retval;
663
664 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
665 if (retval)
666 return retval;
667
668 if (capable(CAP_SETGID))
669 {
670 if(old_egid != gid)
671 {
d6e71144 672 current->mm->dumpable = suid_dumpable;
d59dd462 673 smp_wmb();
1da177e4
LT		 674 }
675 current->gid = current->egid = current->sgid = current->fsgid = gid;
676 }
677 else if ((gid == current->gid) || (gid == current->sgid))
678 {
679 if(old_egid != gid)
680 {
d6e71144 681 current->mm->dumpable = suid_dumpable;
d59dd462 682 smp_wmb();
1da177e4
LT		 683 }
684 current->egid = current->fsgid = gid;
685 }
686 else
687 return -EPERM;
688
689 key_fsgid_changed(current);
9f46080c 690 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 691 return 0;
692}
693
694static int set_user(uid_t new_ruid, int dumpclear)
695{
696 struct user_struct *new_user;
697
698 new_user = alloc_uid(new_ruid);
699 if (!new_user)
700 return -EAGAIN;
701
702 if (atomic_read(&new_user->processes) >=
703 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
704 new_user != &root_user) {
705 free_uid(new_user);
706 return -EAGAIN;
707 }
708
709 switch_uid(new_user);
710
711 if(dumpclear)
712 {
d6e71144 713 current->mm->dumpable = suid_dumpable;
d59dd462 714 smp_wmb();
1da177e4
LT		 715 }
716 current->uid = new_ruid;
717 return 0;
718}
719
720/*
721 * Unprivileged users may change the real uid to the effective uid
722 * or vice versa. (BSD-style)
723 *
724 * If you set the real uid at all, or set the effective uid to a value not
725 * equal to the real uid, then the saved uid is set to the new effective uid.
726 *
727 * This makes it possible for a setuid program to completely drop its
728 * privileges, which is often a useful assertion to make when you are doing
729 * a security audit over a program.
730 *
731 * The general idea is that a program which uses just setreuid() will be
732 * 100% compatible with BSD. A program which uses just setuid() will be
733 * 100% compatible with POSIX with saved IDs.
734 */
735asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
736{
737 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
738 int retval;
739
740 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
741 if (retval)
742 return retval;
743
744 new_ruid = old_ruid = current->uid;
745 new_euid = old_euid = current->euid;
746 old_suid = current->suid;
747
748 if (ruid != (uid_t) -1) {
749 new_ruid = ruid;
750 if ((old_ruid != ruid) &&
751 (current->euid != ruid) &&
752 !capable(CAP_SETUID))
753 return -EPERM;
754 }
755
756 if (euid != (uid_t) -1) {
757 new_euid = euid;
758 if ((old_ruid != euid) &&
759 (current->euid != euid) &&
760 (current->suid != euid) &&
761 !capable(CAP_SETUID))
762 return -EPERM;
763 }
764
765 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
766 return -EAGAIN;
767
768 if (new_euid != old_euid)
769 {
d6e71144 770 current->mm->dumpable = suid_dumpable;
d59dd462 771 smp_wmb();
1da177e4
LT		 772 }
773 current->fsuid = current->euid = new_euid;
774 if (ruid != (uid_t) -1 ||
775 (euid != (uid_t) -1 && euid != old_ruid))
776 current->suid = current->euid;
777 current->fsuid = current->euid;
778
779 key_fsuid_changed(current);
9f46080c 780 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 781
782 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
783}
784
785
786
787/*
788 * setuid() is implemented like SysV with SAVED_IDS
789 *
790 * Note that SAVED_ID's is deficient in that a setuid root program
791 * like sendmail, for example, cannot set its uid to be a normal
792 * user and then switch back, because if you're root, setuid() sets
793 * the saved uid too. If you don't like this, blame the bright people
794 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
795 * will allow a root program to temporarily drop privileges and be able to
796 * regain them by swapping the real and effective uid.
797 */
798asmlinkage long sys_setuid(uid_t uid)
799{
800 int old_euid = current->euid;
801 int old_ruid, old_suid, new_ruid, new_suid;
802 int retval;
803
804 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
805 if (retval)
806 return retval;
807
808 old_ruid = new_ruid = current->uid;
809 old_suid = current->suid;
810 new_suid = old_suid;
811
812 if (capable(CAP_SETUID)) {
813 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
814 return -EAGAIN;
815 new_suid = uid;
816 } else if ((uid != current->uid) && (uid != new_suid))
817 return -EPERM;
818
819 if (old_euid != uid)
820 {
d6e71144 821 current->mm->dumpable = suid_dumpable;
d59dd462 822 smp_wmb();
1da177e4
LT		 823 }
824 current->fsuid = current->euid = uid;
825 current->suid = new_suid;
826
827 key_fsuid_changed(current);
9f46080c 828 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 829
830 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
831}
832
833
834/*
835 * This function implements a generic ability to update ruid, euid,
836 * and suid. This allows you to implement the 4.4 compatible seteuid().
837 */
838asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
839{
840 int old_ruid = current->uid;
841 int old_euid = current->euid;
842 int old_suid = current->suid;
843 int retval;
844
845 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
846 if (retval)
847 return retval;
848
849 if (!capable(CAP_SETUID)) {
850 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
851 (ruid != current->euid) && (ruid != current->suid))
852 return -EPERM;
853 if ((euid != (uid_t) -1) && (euid != current->uid) &&
854 (euid != current->euid) && (euid != current->suid))
855 return -EPERM;
856 if ((suid != (uid_t) -1) && (suid != current->uid) &&
857 (suid != current->euid) && (suid != current->suid))
858 return -EPERM;
859 }
860 if (ruid != (uid_t) -1) {
861 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
862 return -EAGAIN;
863 }
864 if (euid != (uid_t) -1) {
865 if (euid != current->euid)
866 {
d6e71144 867 current->mm->dumpable = suid_dumpable;
d59dd462 868 smp_wmb();
1da177e4
LT		 869 }
870 current->euid = euid;
871 }
872 current->fsuid = current->euid;
873 if (suid != (uid_t) -1)
874 current->suid = suid;
875
876 key_fsuid_changed(current);
9f46080c 877 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 878
879 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
880}
881
882asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
883{
884 int retval;
885
886 if (!(retval = put_user(current->uid, ruid)) &&
887 !(retval = put_user(current->euid, euid)))
888 retval = put_user(current->suid, suid);
889
890 return retval;
891}
892
893/*
894 * Same as above, but for rgid, egid, sgid.
895 */
896asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
897{
898 int retval;
899
900 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
901 if (retval)
902 return retval;
903
904 if (!capable(CAP_SETGID)) {
905 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
906 (rgid != current->egid) && (rgid != current->sgid))
907 return -EPERM;
908 if ((egid != (gid_t) -1) && (egid != current->gid) &&
909 (egid != current->egid) && (egid != current->sgid))
910 return -EPERM;
911 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
912 (sgid != current->egid) && (sgid != current->sgid))
913 return -EPERM;
914 }
915 if (egid != (gid_t) -1) {
916 if (egid != current->egid)
917 {
d6e71144 918 current->mm->dumpable = suid_dumpable;
d59dd462 919 smp_wmb();
1da177e4
LT		 920 }
921 current->egid = egid;
922 }
923 current->fsgid = current->egid;
924 if (rgid != (gid_t) -1)
925 current->gid = rgid;
926 if (sgid != (gid_t) -1)
927 current->sgid = sgid;
928
929 key_fsgid_changed(current);
9f46080c 930 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 931 return 0;
932}
933
934asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
935{
936 int retval;
937
938 if (!(retval = put_user(current->gid, rgid)) &&
939 !(retval = put_user(current->egid, egid)))
940 retval = put_user(current->sgid, sgid);
941
942 return retval;
943}
944
945
946/*
947 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
948 * is used for "access()" and for the NFS daemon (letting nfsd stay at
949 * whatever uid it wants to). It normally shadows "euid", except when
950 * explicitly set by setfsuid() or for access..
951 */
952asmlinkage long sys_setfsuid(uid_t uid)
953{
954 int old_fsuid;
955
956 old_fsuid = current->fsuid;
957 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
958 return old_fsuid;
959
960 if (uid == current->uid || uid == current->euid ||
961 uid == current->suid || uid == current->fsuid ||
962 capable(CAP_SETUID))
963 {
964 if (uid != old_fsuid)
965 {
d6e71144 966 current->mm->dumpable = suid_dumpable;
d59dd462 967 smp_wmb();
1da177e4
LT		 968 }
969 current->fsuid = uid;
970 }
971
972 key_fsuid_changed(current);
9f46080c 973 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 974
975 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
976
977 return old_fsuid;
978}
979
980/*