projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] replace cad_pid by a struct pid
[deliverable/linux.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
1da177e4
LT		 7#include <linux/module.h>
8#include <linux/mm.h>
9#include <linux/utsname.h>
10#include <linux/mman.h>
11#include <linux/smp_lock.h>
12#include <linux/notifier.h>
13#include <linux/reboot.h>
14#include <linux/prctl.h>
1da177e4
LT		 15#include <linux/highuid.h>
16#include <linux/fs.h>
dc009d92
EB		 17#include <linux/kernel.h>
18#include <linux/kexec.h>
1da177e4 19#include <linux/workqueue.h>
c59ede7b 20#include <linux/capability.h>
1da177e4
LT		 21#include <linux/device.h>
22#include <linux/key.h>
23#include <linux/times.h>
24#include <linux/posix-timers.h>
25#include <linux/security.h>
26#include <linux/dcookies.h>
27#include <linux/suspend.h>
28#include <linux/tty.h>
7ed20e1a 29#include <linux/signal.h>
9f46080c 30#include <linux/cn_proc.h>
3cfc348b 31#include <linux/getcpu.h>
1da177e4
LT		 32
33#include <linux/compat.h>
34#include <linux/syscalls.h>
00d7c05a 35#include <linux/kprobes.h>
1da177e4
LT		 36
37#include <asm/uaccess.h>
38#include <asm/io.h>
39#include <asm/unistd.h>
40
41#ifndef SET_UNALIGN_CTL
42# define SET_UNALIGN_CTL(a,b) (-EINVAL)
43#endif
44#ifndef GET_UNALIGN_CTL
45# define GET_UNALIGN_CTL(a,b) (-EINVAL)
46#endif
47#ifndef SET_FPEMU_CTL
48# define SET_FPEMU_CTL(a,b) (-EINVAL)
49#endif
50#ifndef GET_FPEMU_CTL
51# define GET_FPEMU_CTL(a,b) (-EINVAL)
52#endif
53#ifndef SET_FPEXC_CTL
54# define SET_FPEXC_CTL(a,b) (-EINVAL)
55#endif
56#ifndef GET_FPEXC_CTL
57# define GET_FPEXC_CTL(a,b) (-EINVAL)
58#endif
651d765d
AB		 59#ifndef GET_ENDIAN
60# define GET_ENDIAN(a,b) (-EINVAL)
61#endif
62#ifndef SET_ENDIAN
63# define SET_ENDIAN(a,b) (-EINVAL)
64#endif
1da177e4
LT		 65
66/*
67 * this is where the system-wide overflow UID and GID are defined, for
68 * architectures that now have 32-bit UID/GID but didn't in the past
69 */
70
71int overflowuid = DEFAULT_OVERFLOWUID;
72int overflowgid = DEFAULT_OVERFLOWGID;
73
74#ifdef CONFIG_UID16
75EXPORT_SYMBOL(overflowuid);
76EXPORT_SYMBOL(overflowgid);
77#endif
78
79/*
80 * the same as above, but for filesystems which can only store a 16-bit
81 * UID and GID. as such, this is needed on all architectures
82 */
83
84int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
85int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
86
87EXPORT_SYMBOL(fs_overflowuid);
88EXPORT_SYMBOL(fs_overflowgid);
89
90/*
91 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
92 */
93
94int C_A_D = 1;
9ec52099
CLG		 95struct pid *cad_pid;
96EXPORT_SYMBOL(cad_pid);
1da177e4
LT		 97
98/*
99 * Notifier list for kernel code which wants to be called
100 * at shutdown. This is used to stop any idling DMA operations
101 * and the like.
102 */
103
e041c683
AS		 104static BLOCKING_NOTIFIER_HEAD(reboot_notifier_list);
105
106/*
107 * Notifier chain core routines. The exported routines below
108 * are layered on top of these, with appropriate locking added.
109 */
110
111static int notifier_chain_register(struct notifier_block **nl,
112 struct notifier_block *n)
113{
114 while ((*nl) != NULL) {
115 if (n->priority > (*nl)->priority)
116 break;
117 nl = &((*nl)->next);
118 }
119 n->next = *nl;
120 rcu_assign_pointer(*nl, n);
121 return 0;
122}
123
124static int notifier_chain_unregister(struct notifier_block **nl,
125 struct notifier_block *n)
126{
127 while ((*nl) != NULL) {
128 if ((*nl) == n) {
129 rcu_assign_pointer(*nl, n->next);
130 return 0;
131 }
132 nl = &((*nl)->next);
133 }
134 return -ENOENT;
135}
136
137static int __kprobes notifier_call_chain(struct notifier_block **nl,
138 unsigned long val, void *v)
139{
140 int ret = NOTIFY_DONE;
bbb1747d 141 struct notifier_block *nb, *next_nb;
e041c683
AS		 142
143 nb = rcu_dereference(*nl);
144 while (nb) {
bbb1747d 145 next_nb = rcu_dereference(nb->next);
e041c683
AS		 146 ret = nb->notifier_call(nb, val, v);
147 if ((ret & NOTIFY_STOP_MASK) == NOTIFY_STOP_MASK)
148 break;
bbb1747d 149 nb = next_nb;
e041c683
AS		 150 }
151 return ret;
152}
153
154/*
155 * Atomic notifier chain routines. Registration and unregistration
156 * use a mutex, and call_chain is synchronized by RCU (no locks).
157 */
1da177e4
LT		 158
159/**
e041c683
AS		 160 * atomic_notifier_chain_register - Add notifier to an atomic notifier chain
161 * @nh: Pointer to head of the atomic notifier chain
1da177e4
LT		 162 * @n: New entry in notifier chain
163 *
e041c683 164 * Adds a notifier to an atomic notifier chain.
1da177e4
LT		 165 *
166 * Currently always returns zero.
167 */
e041c683
AS		 168
169int atomic_notifier_chain_register(struct atomic_notifier_head *nh,
170 struct notifier_block *n)
171{
172 unsigned long flags;
173 int ret;
174
175 spin_lock_irqsave(&nh->lock, flags);
176 ret = notifier_chain_register(&nh->head, n);
177 spin_unlock_irqrestore(&nh->lock, flags);
178 return ret;
179}
180
181EXPORT_SYMBOL_GPL(atomic_notifier_chain_register);
182
183/**
184 * atomic_notifier_chain_unregister - Remove notifier from an atomic notifier chain
185 * @nh: Pointer to head of the atomic notifier chain
186 * @n: Entry to remove from notifier chain
187 *
188 * Removes a notifier from an atomic notifier chain.
189 *
190 * Returns zero on success or %-ENOENT on failure.
191 */
192int atomic_notifier_chain_unregister(struct atomic_notifier_head *nh,
193 struct notifier_block *n)
194{
195 unsigned long flags;
196 int ret;
197
198 spin_lock_irqsave(&nh->lock, flags);
199 ret = notifier_chain_unregister(&nh->head, n);
200 spin_unlock_irqrestore(&nh->lock, flags);
201 synchronize_rcu();
202 return ret;
203}
204
205EXPORT_SYMBOL_GPL(atomic_notifier_chain_unregister);
206
207/**
208 * atomic_notifier_call_chain - Call functions in an atomic notifier chain
209 * @nh: Pointer to head of the atomic notifier chain
210 * @val: Value passed unmodified to notifier function
211 * @v: Pointer passed unmodified to notifier function
212 *
213 * Calls each function in a notifier chain in turn. The functions
214 * run in an atomic context, so they must not block.
215 * This routine uses RCU to synchronize with changes to the chain.
216 *
217 * If the return value of the notifier can be and'ed
218 * with %NOTIFY_STOP_MASK then atomic_notifier_call_chain
219 * will return immediately, with the return value of
220 * the notifier function which halted execution.
221 * Otherwise the return value is the return value
222 * of the last notifier function called.
223 */
1da177e4 224
f2aa85a0 225int __kprobes atomic_notifier_call_chain(struct atomic_notifier_head *nh,
e041c683 226 unsigned long val, void *v)
1da177e4 227{
e041c683
AS		 228 int ret;
229
230 rcu_read_lock();
231 ret = notifier_call_chain(&nh->head, val, v);
232 rcu_read_unlock();
233 return ret;
1da177e4
LT		 234}
235
e041c683
AS		 236EXPORT_SYMBOL_GPL(atomic_notifier_call_chain);
237
238/*
239 * Blocking notifier chain routines. All access to the chain is
240 * synchronized by an rwsem.
241 */
1da177e4
LT		 242
243/**
e041c683
AS		 244 * blocking_notifier_chain_register - Add notifier to a blocking notifier chain
245 * @nh: Pointer to head of the blocking notifier chain
1da177e4
LT		 246 * @n: New entry in notifier chain
247 *
e041c683
AS		 248 * Adds a notifier to a blocking notifier chain.
249 * Must be called in process context.
1da177e4 250 *
e041c683 251 * Currently always returns zero.
1da177e4
LT		 252 */
253
e041c683
AS		 254int blocking_notifier_chain_register(struct blocking_notifier_head *nh,
255 struct notifier_block *n)
1da177e4 256{
e041c683
AS		 257 int ret;
258
259 /*
260 * This code gets used during boot-up, when task switching is
261 * not yet working and interrupts must remain disabled. At
262 * such times we must not call down_write().
263 */
264 if (unlikely(system_state == SYSTEM_BOOTING))
265 return notifier_chain_register(&nh->head, n);
266
267 down_write(&nh->rwsem);
268 ret = notifier_chain_register(&nh->head, n);
269 up_write(&nh->rwsem);
270 return ret;
1da177e4
LT		 271}
272
e041c683 273EXPORT_SYMBOL_GPL(blocking_notifier_chain_register);
1da177e4
LT		 274
275/**
e041c683
AS		 276 * blocking_notifier_chain_unregister - Remove notifier from a blocking notifier chain
277 * @nh: Pointer to head of the blocking notifier chain
278 * @n: Entry to remove from notifier chain
279 *
280 * Removes a notifier from a blocking notifier chain.
281 * Must be called from process context.
282 *
283 * Returns zero on success or %-ENOENT on failure.
284 */
285int blocking_notifier_chain_unregister(struct blocking_notifier_head *nh,
286 struct notifier_block *n)
287{
288 int ret;
289
290 /*
291 * This code gets used during boot-up, when task switching is
292 * not yet working and interrupts must remain disabled. At
293 * such times we must not call down_write().
294 */
295 if (unlikely(system_state == SYSTEM_BOOTING))
296 return notifier_chain_unregister(&nh->head, n);
297
298 down_write(&nh->rwsem);
299 ret = notifier_chain_unregister(&nh->head, n);
300 up_write(&nh->rwsem);
301 return ret;
302}
303
304EXPORT_SYMBOL_GPL(blocking_notifier_chain_unregister);
305
306/**
307 * blocking_notifier_call_chain - Call functions in a blocking notifier chain
308 * @nh: Pointer to head of the blocking notifier chain
1da177e4
LT		 309 * @val: Value passed unmodified to notifier function
310 * @v: Pointer passed unmodified to notifier function
311 *
e041c683
AS		 312 * Calls each function in a notifier chain in turn. The functions
313 * run in a process context, so they are allowed to block.
1da177e4 314 *
e041c683
AS		 315 * If the return value of the notifier can be and'ed
316 * with %NOTIFY_STOP_MASK then blocking_notifier_call_chain
1da177e4
LT		 317 * will return immediately, with the return value of
318 * the notifier function which halted execution.
e041c683 319 * Otherwise the return value is the return value
1da177e4
LT		 320 * of the last notifier function called.
321 */
322
e041c683
AS		 323int blocking_notifier_call_chain(struct blocking_notifier_head *nh,
324 unsigned long val, void *v)
1da177e4 325{
e041c683
AS		 326 int ret;
327
328 down_read(&nh->rwsem);
329 ret = notifier_call_chain(&nh->head, val, v);
330 up_read(&nh->rwsem);
1da177e4
LT		 331 return ret;
332}
333
e041c683
AS		 334EXPORT_SYMBOL_GPL(blocking_notifier_call_chain);
335
336/*
337 * Raw notifier chain routines. There is no protection;
338 * the caller must provide it. Use at your own risk!
339 */
340
341/**
342 * raw_notifier_chain_register - Add notifier to a raw notifier chain
343 * @nh: Pointer to head of the raw notifier chain
344 * @n: New entry in notifier chain
345 *
346 * Adds a notifier to a raw notifier chain.
347 * All locking must be provided by the caller.
348 *
349 * Currently always returns zero.
350 */
351
352int raw_notifier_chain_register(struct raw_notifier_head *nh,
353 struct notifier_block *n)
354{
355 return notifier_chain_register(&nh->head, n);
356}
357
358EXPORT_SYMBOL_GPL(raw_notifier_chain_register);
359
360/**
361 * raw_notifier_chain_unregister - Remove notifier from a raw notifier chain
362 * @nh: Pointer to head of the raw notifier chain
363 * @n: Entry to remove from notifier chain
364 *
365 * Removes a notifier from a raw notifier chain.
366 * All locking must be provided by the caller.
367 *
368 * Returns zero on success or %-ENOENT on failure.
369 */
370int raw_notifier_chain_unregister(struct raw_notifier_head *nh,
371 struct notifier_block *n)
372{
373 return notifier_chain_unregister(&nh->head, n);
374}
375
376EXPORT_SYMBOL_GPL(raw_notifier_chain_unregister);
377
378/**
379 * raw_notifier_call_chain - Call functions in a raw notifier chain
380 * @nh: Pointer to head of the raw notifier chain
381 * @val: Value passed unmodified to notifier function
382 * @v: Pointer passed unmodified to notifier function
383 *
384 * Calls each function in a notifier chain in turn. The functions
385 * run in an undefined context.
386 * All locking must be provided by the caller.
387 *
388 * If the return value of the notifier can be and'ed
389 * with %NOTIFY_STOP_MASK then raw_notifier_call_chain
390 * will return immediately, with the return value of
391 * the notifier function which halted execution.
392 * Otherwise the return value is the return value
393 * of the last notifier function called.
394 */
395
396int raw_notifier_call_chain(struct raw_notifier_head *nh,
397 unsigned long val, void *v)
398{
399 return notifier_call_chain(&nh->head, val, v);
400}
401
402EXPORT_SYMBOL_GPL(raw_notifier_call_chain);
1da177e4
LT		 403
404/**
405 * register_reboot_notifier - Register function to be called at reboot time
406 * @nb: Info about notifier function to be called
407 *
408 * Registers a function with the list of functions
409 * to be called at reboot time.
410 *
e041c683 411 * Currently always returns zero, as blocking_notifier_chain_register
1da177e4
LT		 412 * always returns zero.
413 */
414
415int register_reboot_notifier(struct notifier_block * nb)
416{
e041c683 417 return blocking_notifier_chain_register(&reboot_notifier_list, nb);
1da177e4
LT		 418}
419
420EXPORT_SYMBOL(register_reboot_notifier);
421
422/**
423 * unregister_reboot_notifier - Unregister previously registered reboot notifier
424 * @nb: Hook to be unregistered
425 *
426 * Unregisters a previously registered reboot
427 * notifier function.
428 *
429 * Returns zero on success, or %-ENOENT on failure.
430 */
431
432int unregister_reboot_notifier(struct notifier_block * nb)
433{
e041c683 434 return blocking_notifier_chain_unregister(&reboot_notifier_list, nb);
1da177e4
LT		 435}
436
437EXPORT_SYMBOL(unregister_reboot_notifier);
438
439static int set_one_prio(struct task_struct *p, int niceval, int error)
440{
441 int no_nice;
442
443 if (p->uid != current->euid &&
444 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
445 error = -EPERM;
446 goto out;
447 }
e43379f1 448 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
1da177e4
LT		 449 error = -EACCES;
450 goto out;
451 }
452 no_nice = security_task_setnice(p, niceval);
453 if (no_nice) {
454 error = no_nice;
455 goto out;
456 }
457 if (error == -ESRCH)
458 error = 0;
459 set_user_nice(p, niceval);
460out:
461 return error;
462}
463
464asmlinkage long sys_setpriority(int which, int who, int niceval)
465{
466 struct task_struct *g, *p;
467 struct user_struct *user;
468 int error = -EINVAL;
469
470 if (which > 2 || which < 0)
471 goto out;
472
473 /* normalize: avoid signed division (rounding problems) */
474 error = -ESRCH;
475 if (niceval < -20)
476 niceval = -20;
477 if (niceval > 19)
478 niceval = 19;
479
480 read_lock(&tasklist_lock);
481 switch (which) {
482 case PRIO_PROCESS:
483 if (!who)
484 who = current->pid;
485 p = find_task_by_pid(who);
486 if (p)
487 error = set_one_prio(p, niceval, error);
488 break;
489 case PRIO_PGRP:
490 if (!who)
491 who = process_group(current);
492 do_each_task_pid(who, PIDTYPE_PGID, p) {
493 error = set_one_prio(p, niceval, error);
494 } while_each_task_pid(who, PIDTYPE_PGID, p);
495 break;
496 case PRIO_USER:
497 user = current->user;
498 if (!who)
499 who = current->uid;
500 else
501 if ((who != current->uid) && !(user = find_user(who)))
502 goto out_unlock; /* No processes for this user */
503
504 do_each_thread(g, p)
505 if (p->uid == who)
506 error = set_one_prio(p, niceval, error);
507 while_each_thread(g, p);
508 if (who != current->uid)
509 free_uid(user); /* For find_user() */
510 break;
511 }
512out_unlock:
513 read_unlock(&tasklist_lock);
514out:
515 return error;
516}
517
518/*
519 * Ugh. To avoid negative return values, "getpriority()" will
520 * not return the normal nice-value, but a negated value that
521 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
522 * to stay compatible.
523 */
524asmlinkage long sys_getpriority(int which, int who)
525{
526 struct task_struct *g, *p;
527 struct user_struct *user;
528 long niceval, retval = -ESRCH;
529
530 if (which > 2 || which < 0)
531 return -EINVAL;
532
533 read_lock(&tasklist_lock);
534 switch (which) {
535 case PRIO_PROCESS:
536 if (!who)
537 who = current->pid;
538 p = find_task_by_pid(who);
539 if (p) {
540 niceval = 20 - task_nice(p);
541 if (niceval > retval)
542 retval = niceval;
543 }
544 break;
545 case PRIO_PGRP:
546 if (!who)
547 who = process_group(current);
548 do_each_task_pid(who, PIDTYPE_PGID, p) {
549 niceval = 20 - task_nice(p);
550 if (niceval > retval)
551 retval = niceval;
552 } while_each_task_pid(who, PIDTYPE_PGID, p);
553 break;
554 case PRIO_USER:
555 user = current->user;
556 if (!who)
557 who = current->uid;
558 else
559 if ((who != current->uid) && !(user = find_user(who)))
560 goto out_unlock; /* No processes for this user */
561
562 do_each_thread(g, p)
563 if (p->uid == who) {
564 niceval = 20 - task_nice(p);
565 if (niceval > retval)
566 retval = niceval;
567 }
568 while_each_thread(g, p);
569 if (who != current->uid)
570 free_uid(user); /* for find_user() */
571 break;
572 }
573out_unlock:
574 read_unlock(&tasklist_lock);
575
576 return retval;
577}
578
e4c94330
EB		 579/**
580 * emergency_restart - reboot the system
581 *
582 * Without shutting down any hardware or taking any locks
583 * reboot the system. This is called when we know we are in
584 * trouble so this is our best effort to reboot. This is
585 * safe to call in interrupt context.
586 */
7c903473
EB		 587void emergency_restart(void)
588{
589 machine_emergency_restart();
590}
591EXPORT_SYMBOL_GPL(emergency_restart);
592
83cc5ed3 593static void kernel_restart_prepare(char *cmd)
4a00ea1e 594{
e041c683 595 blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
4a00ea1e 596 system_state = SYSTEM_RESTART;
4a00ea1e 597 device_shutdown();
e4c94330 598}
1e5d5331
RD		 599
600/**
601 * kernel_restart - reboot the system
602 * @cmd: pointer to buffer containing command to execute for restart
b8887e6e 603 * or %NULL
1e5d5331
RD		 604 *
605 * Shutdown everything and perform a clean reboot.
606 * This is not safe to call in interrupt context.
607 */
e4c94330
EB		 608void kernel_restart(char *cmd)
609{
610 kernel_restart_prepare(cmd);
756184b7 611 if (!cmd)
4a00ea1e 612 printk(KERN_EMERG "Restarting system.\n");
756184b7 613 else
4a00ea1e 614 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
4a00ea1e
EB		 615 machine_restart(cmd);
616}
617EXPORT_SYMBOL_GPL(kernel_restart);
618
e4c94330
EB		 619/**
620 * kernel_kexec - reboot the system
621 *
622 * Move into place and start executing a preloaded standalone
623 * executable. If nothing was preloaded return an error.
624 */
83cc5ed3 625static void kernel_kexec(void)
4a00ea1e
EB		 626{
627#ifdef CONFIG_KEXEC
628 struct kimage *image;
4bb8089c 629 image = xchg(&kexec_image, NULL);
756184b7 630 if (!image)
4a00ea1e 631 return;
e4c94330 632 kernel_restart_prepare(NULL);
4a00ea1e
EB		 633 printk(KERN_EMERG "Starting new kernel\n");
634 machine_shutdown();
635 machine_kexec(image);
636#endif
637}
4a00ea1e 638
729b4d4c
AS		 639void kernel_shutdown_prepare(enum system_states state)
640{
e041c683 641 blocking_notifier_call_chain(&reboot_notifier_list,
729b4d4c
AS		 642 (state == SYSTEM_HALT)?SYS_HALT:SYS_POWER_OFF, NULL);
643 system_state = state;
644 device_shutdown();
645}
e4c94330
EB		 646/**
647 * kernel_halt - halt the system
648 *
649 * Shutdown everything and perform a clean system halt.
650 */
e4c94330
EB		 651void kernel_halt(void)
652{
729b4d4c 653 kernel_shutdown_prepare(SYSTEM_HALT);
4a00ea1e
EB		 654 printk(KERN_EMERG "System halted.\n");
655 machine_halt();
656}
729b4d4c 657
4a00ea1e
EB		 658EXPORT_SYMBOL_GPL(kernel_halt);
659
e4c94330
EB		 660/**
661 * kernel_power_off - power_off the system
662 *
663 * Shutdown everything and perform a clean system power_off.
664 */
e4c94330
EB		 665void kernel_power_off(void)
666{
729b4d4c 667 kernel_shutdown_prepare(SYSTEM_POWER_OFF);
4a00ea1e
EB		 668 printk(KERN_EMERG "Power down.\n");
669 machine_power_off();
670}
671EXPORT_SYMBOL_GPL(kernel_power_off);
1da177e4
LT		 672/*
673 * Reboot system call: for obvious reasons only root may call it,
674 * and even root needs to set up some magic numbers in the registers
675 * so that some mistake won't make this reboot the whole machine.
676 * You can also set the meaning of the ctrl-alt-del-key here.
677 *
678 * reboot doesn't sync: do that yourself before calling this.
679 */
680asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
681{
682 char buffer[256];
683
684 /* We only trust the superuser with rebooting the system. */
685 if (!capable(CAP_SYS_BOOT))
686 return -EPERM;
687
688 /* For safety, we require "magic" arguments. */
689 if (magic1 != LINUX_REBOOT_MAGIC1 ||
690 (magic2 != LINUX_REBOOT_MAGIC2 &&
691 magic2 != LINUX_REBOOT_MAGIC2A &&
692 magic2 != LINUX_REBOOT_MAGIC2B &&
693 magic2 != LINUX_REBOOT_MAGIC2C))
694 return -EINVAL;
695
5e38291d
EB		 696 /* Instead of trying to make the power_off code look like
697 * halt when pm_power_off is not set do it the easy way.
698 */
699 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
700 cmd = LINUX_REBOOT_CMD_HALT;
701
1da177e4
LT		 702 lock_kernel();
703 switch (cmd) {
704 case LINUX_REBOOT_CMD_RESTART:
4a00ea1e 705 kernel_restart(NULL);
1da177e4
LT		 706 break;
707
708 case LINUX_REBOOT_CMD_CAD_ON:
709 C_A_D = 1;
710 break;
711
712 case LINUX_REBOOT_CMD_CAD_OFF:
713 C_A_D = 0;
714 break;
715
716 case LINUX_REBOOT_CMD_HALT:
4a00ea1e 717 kernel_halt();
1da177e4
LT		 718 unlock_kernel();
719 do_exit(0);
720 break;
721
722 case LINUX_REBOOT_CMD_POWER_OFF:
4a00ea1e 723 kernel_power_off();
1da177e4
LT		 724 unlock_kernel();
725 do_exit(0);
726 break;
727
728 case LINUX_REBOOT_CMD_RESTART2:
729 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
730 unlock_kernel();
731 return -EFAULT;
732 }
733 buffer[sizeof(buffer) - 1] = '\0';
734
4a00ea1e 735 kernel_restart(buffer);
1da177e4
LT		 736 break;
737
dc009d92 738 case LINUX_REBOOT_CMD_KEXEC:
4a00ea1e
EB		 739 kernel_kexec();
740 unlock_kernel();
741 return -EINVAL;
742
1da177e4
LT		 743#ifdef CONFIG_SOFTWARE_SUSPEND
744 case LINUX_REBOOT_CMD_SW_SUSPEND:
745 {
746 int ret = software_suspend();
747 unlock_kernel();
748 return ret;
749 }
750#endif
751
752 default:
753 unlock_kernel();
754 return -EINVAL;
755 }
756 unlock_kernel();
757 return 0;
758}
759
760static void deferred_cad(void *dummy)
761{
abcd9e51 762 kernel_restart(NULL);
1da177e4
LT		 763}
764
765/*
766 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
767 * As it's called within an interrupt, it may NOT sync: the only choice
768 * is whether to reboot at once, or just ignore the ctrl-alt-del.
769 */
770void ctrl_alt_del(void)
771{
772 static DECLARE_WORK(cad_work, deferred_cad, NULL);
773
774 if (C_A_D)
775 schedule_work(&cad_work);
776 else
9ec52099 777 kill_cad_pid(SIGINT, 1);
1da177e4
LT		 778}
779
1da177e4
LT		 780/*
781 * Unprivileged users may change the real gid to the effective gid
782 * or vice versa. (BSD-style)
783 *
784 * If you set the real gid at all, or set the effective gid to a value not
785 * equal to the real gid, then the saved gid is set to the new effective gid.
786 *
787 * This makes it possible for a setgid program to completely drop its
788 * privileges, which is often a useful assertion to make when you are doing
789 * a security audit over a program.
790 *
791 * The general idea is that a program which uses just setregid() will be
792 * 100% compatible with BSD. A program which uses just setgid() will be
793 * 100% compatible with POSIX with saved IDs.
794 *
795 * SMP: There are not races, the GIDs are checked only by filesystem
796 * operations (as far as semantic preservation is concerned).
797 */
798asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
799{
800 int old_rgid = current->gid;
801 int old_egid = current->egid;
802 int new_rgid = old_rgid;
803 int new_egid = old_egid;
804 int retval;
805
806 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
807 if (retval)
808 return retval;
809
810 if (rgid != (gid_t) -1) {
811 if ((old_rgid == rgid) ||
812 (current->egid==rgid) ||
813 capable(CAP_SETGID))
814 new_rgid = rgid;
815 else
816 return -EPERM;
817 }
818 if (egid != (gid_t) -1) {
819 if ((old_rgid == egid) ||
820 (current->egid == egid) ||
821 (current->sgid == egid) ||
822 capable(CAP_SETGID))
823 new_egid = egid;
756184b7 824 else
1da177e4 825 return -EPERM;
1da177e4 826 }
756184b7 827 if (new_egid != old_egid) {
d6e71144 828 current->mm->dumpable = suid_dumpable;
d59dd462 829 smp_wmb();
1da177e4
LT		 830 }
831 if (rgid != (gid_t) -1 ||
832 (egid != (gid_t) -1 && egid != old_rgid))
833 current->sgid = new_egid;
834 current->fsgid = new_egid;
835 current->egid = new_egid;
836 current->gid = new_rgid;
837 key_fsgid_changed(current);
9f46080c 838 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 839 return 0;
840}
841
842/*
843 * setgid() is implemented like SysV w/ SAVED_IDS
844 *
845 * SMP: Same implicit races as above.
846 */
847asmlinkage long sys_setgid(gid_t gid)
848{
849 int old_egid = current->egid;
850 int retval;
851
852 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
853 if (retval)
854 return retval;
855
756184b7
CP		 856 if (capable(CAP_SETGID)) {
857 if (old_egid != gid) {
d6e71144 858 current->mm->dumpable = suid_dumpable;
d59dd462 859 smp_wmb();
1da177e4
LT		 860 }
861 current->gid = current->egid = current->sgid = current->fsgid = gid;
756184b7
CP		 862 } else if ((gid == current->gid) || (gid == current->sgid)) {
863 if (old_egid != gid) {
d6e71144 864 current->mm->dumpable = suid_dumpable;
d59dd462 865 smp_wmb();
1da177e4
LT		 866 }
867 current->egid = current->fsgid = gid;
868 }
869 else
870 return -EPERM;
871
872 key_fsgid_changed(current);
9f46080c 873 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 874 return 0;
875}
876
877static int set_user(uid_t new_ruid, int dumpclear)
878{
879 struct user_struct *new_user;
880
881 new_user = alloc_uid(new_ruid);
882 if (!new_user)
883 return -EAGAIN;
884
885 if (atomic_read(&new_user->processes) >=
886 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
887 new_user != &root_user) {
888 free_uid(new_user);
889 return -EAGAIN;
890 }
891
892 switch_uid(new_user);
893
756184b7 894 if (dumpclear) {
d6e71144 895 current->mm->dumpable = suid_dumpable;
d59dd462 896 smp_wmb();
1da177e4
LT		 897 }
898 current->uid = new_ruid;
899 return 0;
900}
901
902/*
903 * Unprivileged users may change the real uid to the effective uid
904 * or vice versa. (BSD-style)
905 *
906 * If you set the real uid at all, or set the effective uid to a value not
907 * equal to the real uid, then the saved uid is set to the new effective uid.
908 *
909 * This makes it possible for a setuid program to completely drop its
910 * privileges, which is often a useful assertion to make when you are doing
911 * a security audit over a program.
912 *
913 * The general idea is that a program which uses just setreuid() will be
914 * 100% compatible with BSD. A program which uses just setuid() will be
915 * 100% compatible with POSIX with saved IDs.
916 */
917asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
918{
919 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
920 int retval;
921
922 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
923 if (retval)
924 return retval;
925
926 new_ruid = old_ruid = current->uid;
927 new_euid = old_euid = current->euid;
928 old_suid = current->suid;
929
930 if (ruid != (uid_t) -1) {
931 new_ruid = ruid;
932 if ((old_ruid != ruid) &&
933 (current->euid != ruid) &&
934 !capable(CAP_SETUID))
935 return -EPERM;
936 }
937
938 if (euid != (uid_t) -1) {
939 new_euid = euid;
940 if ((old_ruid != euid) &&
941 (current->euid != euid) &&
942 (current->suid != euid) &&
943 !capable(CAP_SETUID))
944 return -EPERM;
945 }
946
947 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
948 return -EAGAIN;
949
756184b7 950 if (new_euid != old_euid) {
d6e71144 951 current->mm->dumpable = suid_dumpable;
d59dd462 952 smp_wmb();
1da177e4
LT		 953 }
954 current->fsuid = current->euid = new_euid;
955 if (ruid != (uid_t) -1 ||
956 (euid != (uid_t) -1 && euid != old_ruid))
957 current->suid = current->euid;
958 current->fsuid = current->euid;
959
960 key_fsuid_changed(current);
9f46080c 961 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 962
963 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
964}
965
966
967
968/*
969 * setuid() is implemented like SysV with SAVED_IDS
970 *
971 * Note that SAVED_ID's is deficient in that a setuid root program
972 * like sendmail, for example, cannot set its uid to be a normal
973 * user and then switch back, because if you're root, setuid() sets
974 * the saved uid too. If you don't like this, blame the bright people
975 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
976 * will allow a root program to temporarily drop privileges and be able to
977 * regain them by swapping the real and effective uid.
978 */
979asmlinkage long sys_setuid(uid_t uid)
980{
981 int old_euid = current->euid;
982 int old_ruid, old_suid, new_ruid, new_suid;
983 int retval;
984
985 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
986 if (retval)
987 return retval;
988
989 old_ruid = new_ruid = current->uid;
990 old_suid = current->suid;
991 new_suid = old_suid;
992
993 if (capable(CAP_SETUID)) {
994 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
995 return -EAGAIN;
996 new_suid = uid;
997 } else if ((uid != current->uid) && (uid != new_suid))
998 return -EPERM;
999
756184b7 1000 if (old_euid != uid) {
d6e71144 1001 current->mm->dumpable = suid_dumpable;
d59dd462 1002 smp_wmb();
1da177e4
LT		 1003 }
1004 current->fsuid = current->euid = uid;
1005 current->suid = new_suid;
1006
1007 key_fsuid_changed(current);
9f46080c 1008 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 1009
1010 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
1011}
1012
1013
1014/*
1015 * This function implements a generic ability to update ruid, euid,
1016 * and suid. This allows you to implement the 4.4 compatible seteuid().
1017 */
1018asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
1019{
1020 int old_ruid = current->uid;
1021 int old_euid = current->euid;
1022 int old_suid = current->suid;
1023 int retval;
1024
1025 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
1026 if (retval)
1027 return retval;
1028
1029 if (!capable(CAP_SETUID)) {
1030 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
1031 (ruid != current->euid) && (ruid != current->suid))
1032 return -EPERM;
1033 if ((euid != (uid_t) -1) && (euid != current->uid) &&
1034 (euid != current->euid) && (euid != current->suid))
1035 return -EPERM;
1036 if ((suid != (uid_t) -1) && (suid != current->uid) &&
1037 (suid != current->euid) && (suid != current->suid))
1038 return -EPERM;
1039 }
1040 if (ruid != (uid_t) -1) {
1041 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
1042 return -EAGAIN;
1043 }
1044 if (euid != (uid_t) -1) {
756184b7 1045 if (euid != current->euid) {
d6e71144 1046 current->mm->dumpable = suid_dumpable;
d59dd462 1047 smp_wmb();
1da177e4
LT		 1048 }
1049 current->euid = euid;
1050 }
1051 current->fsuid = current->euid;
1052 if (suid != (uid_t) -1)
1053 current->suid = suid;
1054
1055 key_fsuid_changed(current);
9f46080c 1056 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 1057
1058 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
1059}
1060
1061asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
1062{
1063 int retval;
1064
1065 if (!(retval = put_user(current->uid, ruid)) &&
1066 !(retval = put_user(current->euid, euid)))
1067 retval = put_user(current->suid, suid);
1068
1069 return retval;
1070}
1071
1072/*
1073 * Same as above, but for rgid, egid, sgid.
1074 */
1075asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
1076{
1077 int retval;
1078
1079 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
1080 if (retval)
1081 return retval;
1082
1083 if (!capable(CAP_SETGID)) {
1084 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
1085 (rgid != current->egid) && (rgid != current->sgid))
1086 return -EPERM;
1087 if ((egid != (gid_t) -1) && (egid != current->gid) &&
1088 (egid != current->egid) && (egid != current->sgid))
1089 return -EPERM;
1090 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
1091 (sgid != current->egid) && (sgid != current->sgid))
1092 return -EPERM;
1093 }
1094 if (egid != (gid_t) -1) {
756184b7 1095 if (egid != current->egid) {
d6e71144 1096 current->mm->dumpable = suid_dumpable;
d59dd462 1097 smp_wmb();
1da177e4
LT		 1098 }
1099 current->egid = egid;
1100 }
1101 current->fsgid = current->egid;
1102 if (rgid != (gid_t) -1)
1103 current->gid = rgid;
1104 if (sgid != (gid_t) -1)
1105 current->sgid = sgid;
1106
1107 key_fsgid_changed(current);
9f46080c 1108 proc_id_connector(current, PROC_EVENT_GID);
1da177e4
LT		 1109 return 0;
1110}
1111
1112asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
1113{
1114 int retval;
1115
1116 if (!(retval = put_user(current->gid, rgid)) &&
1117 !(retval = put_user(current->egid, egid)))
1118 retval = put_user(current->sgid, sgid);
1119
1120 return retval;
1121}
1122
1123
1124/*
1125 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
1126 * is used for "access()" and for the NFS daemon (letting nfsd stay at
1127 * whatever uid it wants to). It normally shadows "euid", except when
1128 * explicitly set by setfsuid() or for access..
1129 */
1130asmlinkage long sys_setfsuid(uid_t uid)
1131{
1132 int old_fsuid;
1133
1134 old_fsuid = current->fsuid;
1135 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
1136 return old_fsuid;
1137
1138 if (uid == current->uid || uid == current->euid ||
1139 uid == current->suid || uid == current->fsuid ||
756184b7
CP		 1140 capable(CAP_SETUID)) {
1141 if (uid != old_fsuid) {
d6e71144 1142 current->mm->dumpable = suid_dumpable;
d59dd462 1143 smp_wmb();
1da177e4
LT		 1144 }
1145 current->fsuid = uid;
1146 }
1147
1148 key_fsuid_changed(current);
9f46080c 1149 proc_id_connector(current, PROC_EVENT_UID);
1da177e4
LT		 1150
1151 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
1152
1153 return old_fsuid;
1154}
1155
1156/*