4 * Copyright (C) 1991, 1992 Linus Torvalds
7 #include <linux/module.h>
9 #include <linux/utsname.h>
10 #include <linux/mman.h>
11 #include <linux/notifier.h>
12 #include <linux/reboot.h>
13 #include <linux/prctl.h>
14 #include <linux/highuid.h>
16 #include <linux/perf_event.h>
17 #include <linux/resource.h>
18 #include <linux/kernel.h>
19 #include <linux/kexec.h>
20 #include <linux/workqueue.h>
21 #include <linux/capability.h>
22 #include <linux/device.h>
23 #include <linux/key.h>
24 #include <linux/times.h>
25 #include <linux/posix-timers.h>
26 #include <linux/security.h>
27 #include <linux/dcookies.h>
28 #include <linux/suspend.h>
29 #include <linux/tty.h>
30 #include <linux/signal.h>
31 #include <linux/cn_proc.h>
32 #include <linux/getcpu.h>
33 #include <linux/task_io_accounting_ops.h>
34 #include <linux/seccomp.h>
35 #include <linux/cpu.h>
36 #include <linux/personality.h>
37 #include <linux/ptrace.h>
38 #include <linux/fs_struct.h>
40 #include <linux/compat.h>
41 #include <linux/syscalls.h>
42 #include <linux/kprobes.h>
43 #include <linux/user_namespace.h>
45 #include <asm/uaccess.h>
47 #include <asm/unistd.h>
49 #ifndef SET_UNALIGN_CTL
50 # define SET_UNALIGN_CTL(a,b) (-EINVAL)
52 #ifndef GET_UNALIGN_CTL
53 # define GET_UNALIGN_CTL(a,b) (-EINVAL)
56 # define SET_FPEMU_CTL(a,b) (-EINVAL)
59 # define GET_FPEMU_CTL(a,b) (-EINVAL)
62 # define SET_FPEXC_CTL(a,b) (-EINVAL)
65 # define GET_FPEXC_CTL(a,b) (-EINVAL)
68 # define GET_ENDIAN(a,b) (-EINVAL)
71 # define SET_ENDIAN(a,b) (-EINVAL)
74 # define GET_TSC_CTL(a) (-EINVAL)
77 # define SET_TSC_CTL(a) (-EINVAL)
81 * this is where the system-wide overflow UID and GID are defined, for
82 * architectures that now have 32-bit UID/GID but didn't in the past
85 int overflowuid
= DEFAULT_OVERFLOWUID
;
86 int overflowgid
= DEFAULT_OVERFLOWGID
;
89 EXPORT_SYMBOL(overflowuid
);
90 EXPORT_SYMBOL(overflowgid
);
94 * the same as above, but for filesystems which can only store a 16-bit
95 * UID and GID. as such, this is needed on all architectures
98 int fs_overflowuid
= DEFAULT_FS_OVERFLOWUID
;
99 int fs_overflowgid
= DEFAULT_FS_OVERFLOWUID
;
101 EXPORT_SYMBOL(fs_overflowuid
);
102 EXPORT_SYMBOL(fs_overflowgid
);
105 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
110 EXPORT_SYMBOL(cad_pid
);
113 * If set, this is used for preparing the system to power off.
116 void (*pm_power_off_prepare
)(void);
119 * set the priority of a task
120 * - the caller must hold the RCU read lock
122 static int set_one_prio(struct task_struct
*p
, int niceval
, int error
)
124 const struct cred
*cred
= current_cred(), *pcred
= __task_cred(p
);
127 if (pcred
->uid
!= cred
->euid
&&
128 pcred
->euid
!= cred
->euid
&& !capable(CAP_SYS_NICE
)) {
132 if (niceval
< task_nice(p
) && !can_nice(p
, niceval
)) {
136 no_nice
= security_task_setnice(p
, niceval
);
143 set_user_nice(p
, niceval
);
148 SYSCALL_DEFINE3(setpriority
, int, which
, int, who
, int, niceval
)
150 struct task_struct
*g
, *p
;
151 struct user_struct
*user
;
152 const struct cred
*cred
= current_cred();
156 if (which
> PRIO_USER
|| which
< PRIO_PROCESS
)
159 /* normalize: avoid signed division (rounding problems) */
167 read_lock(&tasklist_lock
);
171 p
= find_task_by_vpid(who
);
175 error
= set_one_prio(p
, niceval
, error
);
179 pgrp
= find_vpid(who
);
181 pgrp
= task_pgrp(current
);
182 do_each_pid_thread(pgrp
, PIDTYPE_PGID
, p
) {
183 error
= set_one_prio(p
, niceval
, error
);
184 } while_each_pid_thread(pgrp
, PIDTYPE_PGID
, p
);
187 user
= (struct user_struct
*) cred
->user
;
190 else if ((who
!= cred
->uid
) &&
191 !(user
= find_user(who
)))
192 goto out_unlock
; /* No processes for this user */
194 do_each_thread(g
, p
) {
195 if (__task_cred(p
)->uid
== who
)
196 error
= set_one_prio(p
, niceval
, error
);
197 } while_each_thread(g
, p
);
198 if (who
!= cred
->uid
)
199 free_uid(user
); /* For find_user() */
203 read_unlock(&tasklist_lock
);
210 * Ugh. To avoid negative return values, "getpriority()" will
211 * not return the normal nice-value, but a negated value that
212 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
213 * to stay compatible.
215 SYSCALL_DEFINE2(getpriority
, int, which
, int, who
)
217 struct task_struct
*g
, *p
;
218 struct user_struct
*user
;
219 const struct cred
*cred
= current_cred();
220 long niceval
, retval
= -ESRCH
;
223 if (which
> PRIO_USER
|| which
< PRIO_PROCESS
)
227 read_lock(&tasklist_lock
);
231 p
= find_task_by_vpid(who
);
235 niceval
= 20 - task_nice(p
);
236 if (niceval
> retval
)
242 pgrp
= find_vpid(who
);
244 pgrp
= task_pgrp(current
);
245 do_each_pid_thread(pgrp
, PIDTYPE_PGID
, p
) {
246 niceval
= 20 - task_nice(p
);
247 if (niceval
> retval
)
249 } while_each_pid_thread(pgrp
, PIDTYPE_PGID
, p
);
252 user
= (struct user_struct
*) cred
->user
;
255 else if ((who
!= cred
->uid
) &&
256 !(user
= find_user(who
)))
257 goto out_unlock
; /* No processes for this user */
259 do_each_thread(g
, p
) {
260 if (__task_cred(p
)->uid
== who
) {
261 niceval
= 20 - task_nice(p
);
262 if (niceval
> retval
)
265 } while_each_thread(g
, p
);
266 if (who
!= cred
->uid
)
267 free_uid(user
); /* for find_user() */
271 read_unlock(&tasklist_lock
);
278 * emergency_restart - reboot the system
280 * Without shutting down any hardware or taking any locks
281 * reboot the system. This is called when we know we are in
282 * trouble so this is our best effort to reboot. This is
283 * safe to call in interrupt context.
285 void emergency_restart(void)
287 machine_emergency_restart();
289 EXPORT_SYMBOL_GPL(emergency_restart
);
291 void kernel_restart_prepare(char *cmd
)
293 blocking_notifier_call_chain(&reboot_notifier_list
, SYS_RESTART
, cmd
);
294 system_state
= SYSTEM_RESTART
;
300 * kernel_restart - reboot the system
301 * @cmd: pointer to buffer containing command to execute for restart
304 * Shutdown everything and perform a clean reboot.
305 * This is not safe to call in interrupt context.
307 void kernel_restart(char *cmd
)
309 kernel_restart_prepare(cmd
);
311 printk(KERN_EMERG
"Restarting system.\n");
313 printk(KERN_EMERG
"Restarting system with command '%s'.\n", cmd
);
314 machine_restart(cmd
);
316 EXPORT_SYMBOL_GPL(kernel_restart
);
318 static void kernel_shutdown_prepare(enum system_states state
)
320 blocking_notifier_call_chain(&reboot_notifier_list
,
321 (state
== SYSTEM_HALT
)?SYS_HALT
:SYS_POWER_OFF
, NULL
);
322 system_state
= state
;
326 * kernel_halt - halt the system
328 * Shutdown everything and perform a clean system halt.
330 void kernel_halt(void)
332 kernel_shutdown_prepare(SYSTEM_HALT
);
334 printk(KERN_EMERG
"System halted.\n");
338 EXPORT_SYMBOL_GPL(kernel_halt
);
341 * kernel_power_off - power_off the system
343 * Shutdown everything and perform a clean system power_off.
345 void kernel_power_off(void)
347 kernel_shutdown_prepare(SYSTEM_POWER_OFF
);
348 if (pm_power_off_prepare
)
349 pm_power_off_prepare();
350 disable_nonboot_cpus();
352 printk(KERN_EMERG
"Power down.\n");
355 EXPORT_SYMBOL_GPL(kernel_power_off
);
357 static DEFINE_MUTEX(reboot_mutex
);
360 * Reboot system call: for obvious reasons only root may call it,
361 * and even root needs to set up some magic numbers in the registers
362 * so that some mistake won't make this reboot the whole machine.
363 * You can also set the meaning of the ctrl-alt-del-key here.
365 * reboot doesn't sync: do that yourself before calling this.
367 SYSCALL_DEFINE4(reboot
, int, magic1
, int, magic2
, unsigned int, cmd
,
373 /* We only trust the superuser with rebooting the system. */
374 if (!capable(CAP_SYS_BOOT
))
377 /* For safety, we require "magic" arguments. */
378 if (magic1
!= LINUX_REBOOT_MAGIC1
||
379 (magic2
!= LINUX_REBOOT_MAGIC2
&&
380 magic2
!= LINUX_REBOOT_MAGIC2A
&&
381 magic2
!= LINUX_REBOOT_MAGIC2B
&&
382 magic2
!= LINUX_REBOOT_MAGIC2C
))
385 /* Instead of trying to make the power_off code look like
386 * halt when pm_power_off is not set do it the easy way.
388 if ((cmd
== LINUX_REBOOT_CMD_POWER_OFF
) && !pm_power_off
)
389 cmd
= LINUX_REBOOT_CMD_HALT
;
391 mutex_lock(&reboot_mutex
);
393 case LINUX_REBOOT_CMD_RESTART
:
394 kernel_restart(NULL
);
397 case LINUX_REBOOT_CMD_CAD_ON
:
401 case LINUX_REBOOT_CMD_CAD_OFF
:
405 case LINUX_REBOOT_CMD_HALT
:
408 panic("cannot halt");
410 case LINUX_REBOOT_CMD_POWER_OFF
:
415 case LINUX_REBOOT_CMD_RESTART2
:
416 if (strncpy_from_user(&buffer
[0], arg
, sizeof(buffer
) - 1) < 0) {
420 buffer
[sizeof(buffer
) - 1] = '\0';
422 kernel_restart(buffer
);
426 case LINUX_REBOOT_CMD_KEXEC
:
427 ret
= kernel_kexec();
431 #ifdef CONFIG_HIBERNATION
432 case LINUX_REBOOT_CMD_SW_SUSPEND
:
441 mutex_unlock(&reboot_mutex
);
445 static void deferred_cad(struct work_struct
*dummy
)
447 kernel_restart(NULL
);
451 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
452 * As it's called within an interrupt, it may NOT sync: the only choice
453 * is whether to reboot at once, or just ignore the ctrl-alt-del.
455 void ctrl_alt_del(void)
457 static DECLARE_WORK(cad_work
, deferred_cad
);
460 schedule_work(&cad_work
);
462 kill_cad_pid(SIGINT
, 1);
466 * Unprivileged users may change the real gid to the effective gid
467 * or vice versa. (BSD-style)
469 * If you set the real gid at all, or set the effective gid to a value not
470 * equal to the real gid, then the saved gid is set to the new effective gid.
472 * This makes it possible for a setgid program to completely drop its
473 * privileges, which is often a useful assertion to make when you are doing
474 * a security audit over a program.
476 * The general idea is that a program which uses just setregid() will be
477 * 100% compatible with BSD. A program which uses just setgid() will be
478 * 100% compatible with POSIX with saved IDs.
480 * SMP: There are not races, the GIDs are checked only by filesystem
481 * operations (as far as semantic preservation is concerned).
483 SYSCALL_DEFINE2(setregid
, gid_t
, rgid
, gid_t
, egid
)
485 const struct cred
*old
;
489 new = prepare_creds();
492 old
= current_cred();
494 retval
= security_task_setgid(rgid
, egid
, (gid_t
)-1, LSM_SETID_RE
);
499 if (rgid
!= (gid_t
) -1) {
500 if (old
->gid
== rgid
||
507 if (egid
!= (gid_t
) -1) {
508 if (old
->gid
== egid
||
517 if (rgid
!= (gid_t
) -1 ||
518 (egid
!= (gid_t
) -1 && egid
!= old
->gid
))
519 new->sgid
= new->egid
;
520 new->fsgid
= new->egid
;
522 return commit_creds(new);
530 * setgid() is implemented like SysV w/ SAVED_IDS
532 * SMP: Same implicit races as above.
534 SYSCALL_DEFINE1(setgid
, gid_t
, gid
)
536 const struct cred
*old
;
540 new = prepare_creds();
543 old
= current_cred();
545 retval
= security_task_setgid(gid
, (gid_t
)-1, (gid_t
)-1, LSM_SETID_ID
);
550 if (capable(CAP_SETGID
))
551 new->gid
= new->egid
= new->sgid
= new->fsgid
= gid
;
552 else if (gid
== old
->gid
|| gid
== old
->sgid
)
553 new->egid
= new->fsgid
= gid
;
557 return commit_creds(new);
565 * change the user struct in a credentials set to match the new UID
567 static int set_user(struct cred
*new)
569 struct user_struct
*new_user
;
571 new_user
= alloc_uid(current_user_ns(), new->uid
);
575 if (atomic_read(&new_user
->processes
) >= rlimit(RLIMIT_NPROC
) &&
576 new_user
!= INIT_USER
) {
582 new->user
= new_user
;
587 * Unprivileged users may change the real uid to the effective uid
588 * or vice versa. (BSD-style)
590 * If you set the real uid at all, or set the effective uid to a value not
591 * equal to the real uid, then the saved uid is set to the new effective uid.
593 * This makes it possible for a setuid program to completely drop its
594 * privileges, which is often a useful assertion to make when you are doing
595 * a security audit over a program.
597 * The general idea is that a program which uses just setreuid() will be
598 * 100% compatible with BSD. A program which uses just setuid() will be
599 * 100% compatible with POSIX with saved IDs.
601 SYSCALL_DEFINE2(setreuid
, uid_t
, ruid
, uid_t
, euid
)
603 const struct cred
*old
;
607 new = prepare_creds();
610 old
= current_cred();
612 retval
= security_task_setuid(ruid
, euid
, (uid_t
)-1, LSM_SETID_RE
);
617 if (ruid
!= (uid_t
) -1) {
619 if (old
->uid
!= ruid
&&
621 !capable(CAP_SETUID
))
625 if (euid
!= (uid_t
) -1) {
627 if (old
->uid
!= euid
&&
630 !capable(CAP_SETUID
))
634 if (new->uid
!= old
->uid
) {
635 retval
= set_user(new);
639 if (ruid
!= (uid_t
) -1 ||
640 (euid
!= (uid_t
) -1 && euid
!= old
->uid
))
641 new->suid
= new->euid
;
642 new->fsuid
= new->euid
;
644 retval
= security_task_fix_setuid(new, old
, LSM_SETID_RE
);
648 return commit_creds(new);
656 * setuid() is implemented like SysV with SAVED_IDS
658 * Note that SAVED_ID's is deficient in that a setuid root program
659 * like sendmail, for example, cannot set its uid to be a normal
660 * user and then switch back, because if you're root, setuid() sets
661 * the saved uid too. If you don't like this, blame the bright people
662 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
663 * will allow a root program to temporarily drop privileges and be able to
664 * regain them by swapping the real and effective uid.
666 SYSCALL_DEFINE1(setuid
, uid_t
, uid
)
668 const struct cred
*old
;
672 new = prepare_creds();
675 old
= current_cred();
677 retval
= security_task_setuid(uid
, (uid_t
)-1, (uid_t
)-1, LSM_SETID_ID
);
682 if (capable(CAP_SETUID
)) {
683 new->suid
= new->uid
= uid
;
684 if (uid
!= old
->uid
) {
685 retval
= set_user(new);
689 } else if (uid
!= old
->uid
&& uid
!= new->suid
) {
693 new->fsuid
= new->euid
= uid
;
695 retval
= security_task_fix_setuid(new, old
, LSM_SETID_ID
);
699 return commit_creds(new);
708 * This function implements a generic ability to update ruid, euid,
709 * and suid. This allows you to implement the 4.4 compatible seteuid().
711 SYSCALL_DEFINE3(setresuid
, uid_t
, ruid
, uid_t
, euid
, uid_t
, suid
)
713 const struct cred
*old
;
717 new = prepare_creds();
721 retval
= security_task_setuid(ruid
, euid
, suid
, LSM_SETID_RES
);
724 old
= current_cred();
727 if (!capable(CAP_SETUID
)) {
728 if (ruid
!= (uid_t
) -1 && ruid
!= old
->uid
&&
729 ruid
!= old
->euid
&& ruid
!= old
->suid
)
731 if (euid
!= (uid_t
) -1 && euid
!= old
->uid
&&
732 euid
!= old
->euid
&& euid
!= old
->suid
)
734 if (suid
!= (uid_t
) -1 && suid
!= old
->uid
&&
735 suid
!= old
->euid
&& suid
!= old
->suid
)
739 if (ruid
!= (uid_t
) -1) {
741 if (ruid
!= old
->uid
) {
742 retval
= set_user(new);
747 if (euid
!= (uid_t
) -1)
749 if (suid
!= (uid_t
) -1)
751 new->fsuid
= new->euid
;
753 retval
= security_task_fix_setuid(new, old
, LSM_SETID_RES
);
757 return commit_creds(new);
764 SYSCALL_DEFINE3(getresuid
, uid_t __user
*, ruid
, uid_t __user
*, euid
, uid_t __user
*, suid
)
766 const struct cred
*cred
= current_cred();
769 if (!(retval
= put_user(cred
->uid
, ruid
)) &&
770 !(retval
= put_user(cred
->euid
, euid
)))
771 retval
= put_user(cred
->suid
, suid
);
777 * Same as above, but for rgid, egid, sgid.
779 SYSCALL_DEFINE3(setresgid
, gid_t
, rgid
, gid_t
, egid
, gid_t
, sgid
)
781 const struct cred
*old
;
785 new = prepare_creds();
788 old
= current_cred();
790 retval
= security_task_setgid(rgid
, egid
, sgid
, LSM_SETID_RES
);
795 if (!capable(CAP_SETGID
)) {
796 if (rgid
!= (gid_t
) -1 && rgid
!= old
->gid
&&
797 rgid
!= old
->egid
&& rgid
!= old
->sgid
)
799 if (egid
!= (gid_t
) -1 && egid
!= old
->gid
&&
800 egid
!= old
->egid
&& egid
!= old
->sgid
)
802 if (sgid
!= (gid_t
) -1 && sgid
!= old
->gid
&&
803 sgid
!= old
->egid
&& sgid
!= old
->sgid
)
807 if (rgid
!= (gid_t
) -1)
809 if (egid
!= (gid_t
) -1)
811 if (sgid
!= (gid_t
) -1)
813 new->fsgid
= new->egid
;
815 return commit_creds(new);
822 SYSCALL_DEFINE3(getresgid
, gid_t __user
*, rgid
, gid_t __user
*, egid
, gid_t __user
*, sgid
)
824 const struct cred
*cred
= current_cred();
827 if (!(retval
= put_user(cred
->gid
, rgid
)) &&
828 !(retval
= put_user(cred
->egid
, egid
)))
829 retval
= put_user(cred
->sgid
, sgid
);
836 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
837 * is used for "access()" and for the NFS daemon (letting nfsd stay at
838 * whatever uid it wants to). It normally shadows "euid", except when
839 * explicitly set by setfsuid() or for access..
841 SYSCALL_DEFINE1(setfsuid
, uid_t
, uid
)
843 const struct cred
*old
;
847 new = prepare_creds();
849 return current_fsuid();
850 old
= current_cred();
851 old_fsuid
= old
->fsuid
;
853 if (security_task_setuid(uid
, (uid_t
)-1, (uid_t
)-1, LSM_SETID_FS
) < 0)
856 if (uid
== old
->uid
|| uid
== old
->euid
||
857 uid
== old
->suid
|| uid
== old
->fsuid
||
858 capable(CAP_SETUID
)) {
859 if (uid
!= old_fsuid
) {
861 if (security_task_fix_setuid(new, old
, LSM_SETID_FS
) == 0)
876 * Samma på svenska..
878 SYSCALL_DEFINE1(setfsgid
, gid_t
, gid
)
880 const struct cred
*old
;
884 new = prepare_creds();
886 return current_fsgid();
887 old
= current_cred();
888 old_fsgid
= old
->fsgid
;
890 if (security_task_setgid(gid
, (gid_t
)-1, (gid_t
)-1, LSM_SETID_FS
))
893 if (gid
== old
->gid
|| gid
== old
->egid
||
894 gid
== old
->sgid
|| gid
== old
->fsgid
||
895 capable(CAP_SETGID
)) {
896 if (gid
!= old_fsgid
) {
911 void do_sys_times(struct tms
*tms
)
913 cputime_t tgutime
, tgstime
, cutime
, cstime
;
915 spin_lock_irq(¤t
->sighand
->siglock
);
916 thread_group_times(current
, &tgutime
, &tgstime
);
917 cutime
= current
->signal
->cutime
;
918 cstime
= current
->signal
->cstime
;
919 spin_unlock_irq(¤t
->sighand
->siglock
);
920 tms
->tms_utime
= cputime_to_clock_t(tgutime
);
921 tms
->tms_stime
= cputime_to_clock_t(tgstime
);
922 tms
->tms_cutime
= cputime_to_clock_t(cutime
);
923 tms
->tms_cstime
= cputime_to_clock_t(cstime
);
926 SYSCALL_DEFINE1(times
, struct tms __user
*, tbuf
)
932 if (copy_to_user(tbuf
, &tmp
, sizeof(struct tms
)))
935 force_successful_syscall_return();
936 return (long) jiffies_64_to_clock_t(get_jiffies_64());
940 * This needs some heavy checking ...
941 * I just haven't the stomach for it. I also don't fully
942 * understand sessions/pgrp etc. Let somebody who does explain it.
944 * OK, I think I have the protection semantics right.... this is really
945 * only important on a multi-user system anyway, to make sure one user
946 * can't send a signal to a process owned by another. -TYT, 12/12/91
948 * Auch. Had to add the 'did_exec' flag to conform completely to POSIX.
951 SYSCALL_DEFINE2(setpgid
, pid_t
, pid
, pid_t
, pgid
)
953 struct task_struct
*p
;
954 struct task_struct
*group_leader
= current
->group_leader
;
959 pid
= task_pid_vnr(group_leader
);
965 /* From this point forward we keep holding onto the tasklist lock
966 * so that our parent does not change from under us. -DaveM
968 write_lock_irq(&tasklist_lock
);
971 p
= find_task_by_vpid(pid
);
976 if (!thread_group_leader(p
))
979 if (same_thread_group(p
->real_parent
, group_leader
)) {
981 if (task_session(p
) != task_session(group_leader
))
988 if (p
!= group_leader
)
993 if (p
->signal
->leader
)
998 struct task_struct
*g
;
1000 pgrp
= find_vpid(pgid
);
1001 g
= pid_task(pgrp
, PIDTYPE_PGID
);
1002 if (!g
|| task_session(g
) != task_session(group_leader
))
1006 err
= security_task_setpgid(p
, pgid
);
1010 if (task_pgrp(p
) != pgrp
)
1011 change_pid(p
, PIDTYPE_PGID
, pgrp
);
1015 /* All paths lead to here, thus we are safe. -DaveM */
1016 write_unlock_irq(&tasklist_lock
);
1020 SYSCALL_DEFINE1(getpgid
, pid_t
, pid
)
1022 struct task_struct
*p
;
1028 grp
= task_pgrp(current
);
1031 p
= find_task_by_vpid(pid
);
1038 retval
= security_task_getpgid(p
);
1042 retval
= pid_vnr(grp
);
1048 #ifdef __ARCH_WANT_SYS_GETPGRP
1050 SYSCALL_DEFINE0(getpgrp
)
1052 return sys_getpgid(0);
1057 SYSCALL_DEFINE1(getsid
, pid_t
, pid
)
1059 struct task_struct
*p
;
1065 sid
= task_session(current
);
1068 p
= find_task_by_vpid(pid
);
1071 sid
= task_session(p
);
1075 retval
= security_task_getsid(p
);
1079 retval
= pid_vnr(sid
);
1085 SYSCALL_DEFINE0(setsid
)
1087 struct task_struct
*group_leader
= current
->group_leader
;
1088 struct pid
*sid
= task_pid(group_leader
);
1089 pid_t session
= pid_vnr(sid
);
1092 write_lock_irq(&tasklist_lock
);
1093 /* Fail if I am already a session leader */
1094 if (group_leader
->signal
->leader
)
1097 /* Fail if a process group id already exists that equals the
1098 * proposed session id.
1100 if (pid_task(sid
, PIDTYPE_PGID
))
1103 group_leader
->signal
->leader
= 1;
1104 __set_special_pids(sid
);
1106 proc_clear_tty(group_leader
);
1110 write_unlock_irq(&tasklist_lock
);
1112 proc_sid_connector(group_leader
);
1116 DECLARE_RWSEM(uts_sem
);
1118 #ifdef COMPAT_UTS_MACHINE
1119 #define override_architecture(name) \
1120 (current->personality == PER_LINUX32 && \
1121 copy_to_user(name->machine, COMPAT_UTS_MACHINE, \
1122 sizeof(COMPAT_UTS_MACHINE)))
1124 #define override_architecture(name) 0
1127 SYSCALL_DEFINE1(newuname
, struct new_utsname __user
*, name
)
1131 down_read(&uts_sem
);
1132 if (copy_to_user(name
, utsname(), sizeof *name
))
1136 if (!errno
&& override_architecture(name
))
1141 SYSCALL_DEFINE2(sethostname
, char __user
*, name
, int, len
)
1144 char tmp
[__NEW_UTS_LEN
];
1146 if (!capable(CAP_SYS_ADMIN
))
1148 if (len
< 0 || len
> __NEW_UTS_LEN
)
1150 down_write(&uts_sem
);
1152 if (!copy_from_user(tmp
, name
, len
)) {
1153 struct new_utsname
*u
= utsname();
1155 memcpy(u
->nodename
, tmp
, len
);
1156 memset(u
->nodename
+ len
, 0, sizeof(u
->nodename
) - len
);
1163 #ifdef __ARCH_WANT_SYS_GETHOSTNAME
1165 SYSCALL_DEFINE2(gethostname
, char __user
*, name
, int, len
)
1168 struct new_utsname
*u
;
1172 down_read(&uts_sem
);
1174 i
= 1 + strlen(u
->nodename
);
1178 if (copy_to_user(name
, u
->nodename
, i
))
1187 * Only setdomainname; getdomainname can be implemented by calling
1190 SYSCALL_DEFINE2(setdomainname
, char __user
*, name
, int, len
)
1193 char tmp
[__NEW_UTS_LEN
];
1195 if (!capable(CAP_SYS_ADMIN
))
1197 if (len
< 0 || len
> __NEW_UTS_LEN
)
1200 down_write(&uts_sem
);
1202 if (!copy_from_user(tmp
, name
, len
)) {
1203 struct new_utsname
*u
= utsname();
1205 memcpy(u
->domainname
, tmp
, len
);
1206 memset(u
->domainname
+ len
, 0, sizeof(u
->domainname
) - len
);
1213 SYSCALL_DEFINE2(getrlimit
, unsigned int, resource
, struct rlimit __user
*, rlim
)
1215 if (resource
>= RLIM_NLIMITS
)
1218 struct rlimit value
;
1219 task_lock(current
->group_leader
);
1220 value
= current
->signal
->rlim
[resource
];
1221 task_unlock(current
->group_leader
);
1222 return copy_to_user(rlim
, &value
, sizeof(*rlim
)) ? -EFAULT
: 0;
1226 #ifdef __ARCH_WANT_SYS_OLD_GETRLIMIT
1229 * Back compatibility for getrlimit. Needed for some apps.
1232 SYSCALL_DEFINE2(old_getrlimit
, unsigned int, resource
,
1233 struct rlimit __user
*, rlim
)
1236 if (resource
>= RLIM_NLIMITS
)
1239 task_lock(current
->group_leader
);
1240 x
= current
->signal
->rlim
[resource
];
1241 task_unlock(current
->group_leader
);
1242 if (x
.rlim_cur
> 0x7FFFFFFF)
1243 x
.rlim_cur
= 0x7FFFFFFF;
1244 if (x
.rlim_max
> 0x7FFFFFFF)
1245 x
.rlim_max
= 0x7FFFFFFF;
1246 return copy_to_user(rlim
, &x
, sizeof(x
))?-EFAULT
:0;
1251 SYSCALL_DEFINE2(setrlimit
, unsigned int, resource
, struct rlimit __user
*, rlim
)
1253 struct rlimit new_rlim
, *old_rlim
;
1256 if (resource
>= RLIM_NLIMITS
)
1258 if (copy_from_user(&new_rlim
, rlim
, sizeof(*rlim
)))
1260 if (new_rlim
.rlim_cur
> new_rlim
.rlim_max
)
1262 old_rlim
= current
->signal
->rlim
+ resource
;
1263 if ((new_rlim
.rlim_max
> old_rlim
->rlim_max
) &&
1264 !capable(CAP_SYS_RESOURCE
))
1266 if (resource
== RLIMIT_NOFILE
&& new_rlim
.rlim_max
> sysctl_nr_open
)
1269 retval
= security_task_setrlimit(resource
, &new_rlim
);
1273 if (resource
== RLIMIT_CPU
&& new_rlim
.rlim_cur
== 0) {
1275 * The caller is asking for an immediate RLIMIT_CPU
1276 * expiry. But we use the zero value to mean "it was
1277 * never set". So let's cheat and make it one second
1280 new_rlim
.rlim_cur
= 1;
1283 task_lock(current
->group_leader
);
1284 *old_rlim
= new_rlim
;
1285 task_unlock(current
->group_leader
);
1287 if (resource
!= RLIMIT_CPU
)
1291 * RLIMIT_CPU handling. Note that the kernel fails to return an error
1292 * code if it rejected the user's attempt to set RLIMIT_CPU. This is a
1293 * very long-standing error, and fixing it now risks breakage of
1294 * applications, so we live with it
1296 if (new_rlim
.rlim_cur
== RLIM_INFINITY
)
1299 update_rlimit_cpu(new_rlim
.rlim_cur
);
1305 * It would make sense to put struct rusage in the task_struct,
1306 * except that would make the task_struct be *really big*. After
1307 * task_struct gets moved into malloc'ed memory, it would
1308 * make sense to do this. It will make moving the rest of the information
1309 * a lot simpler! (Which we're not doing right now because we're not
1310 * measuring them yet).
1312 * When sampling multiple threads for RUSAGE_SELF, under SMP we might have
1313 * races with threads incrementing their own counters. But since word
1314 * reads are atomic, we either get new values or old values and we don't
1315 * care which for the sums. We always take the siglock to protect reading
1316 * the c* fields from p->signal from races with exit.c updating those
1317 * fields when reaping, so a sample either gets all the additions of a
1318 * given child after it's reaped, or none so this sample is before reaping.
1321 * We need to take the siglock for CHILDEREN, SELF and BOTH
1322 * for the cases current multithreaded, non-current single threaded
1323 * non-current multithreaded. Thread traversal is now safe with
1325 * Strictly speaking, we donot need to take the siglock if we are current and
1326 * single threaded, as no one else can take our signal_struct away, no one
1327 * else can reap the children to update signal->c* counters, and no one else
1328 * can race with the signal-> fields. If we do not take any lock, the
1329 * signal-> fields could be read out of order while another thread was just
1330 * exiting. So we should place a read memory barrier when we avoid the lock.
1331 * On the writer side, write memory barrier is implied in __exit_signal
1332 * as __exit_signal releases the siglock spinlock after updating the signal->
1333 * fields. But we don't do this yet to keep things simple.
1337 static void accumulate_thread_rusage(struct task_struct
*t
, struct rusage
*r
)
1339 r
->ru_nvcsw
+= t
->nvcsw
;
1340 r
->ru_nivcsw
+= t
->nivcsw
;
1341 r
->ru_minflt
+= t
->min_flt
;
1342 r
->ru_majflt
+= t
->maj_flt
;
1343 r
->ru_inblock
+= task_io_get_inblock(t
);
1344 r
->ru_oublock
+= task_io_get_oublock(t
);
1347 static void k_getrusage(struct task_struct
*p
, int who
, struct rusage
*r
)
1349 struct task_struct
*t
;
1350 unsigned long flags
;
1351 cputime_t tgutime
, tgstime
, utime
, stime
;
1352 unsigned long maxrss
= 0;
1354 memset((char *) r
, 0, sizeof *r
);
1355 utime
= stime
= cputime_zero
;
1357 if (who
== RUSAGE_THREAD
) {
1358 task_times(current
, &utime
, &stime
);
1359 accumulate_thread_rusage(p
, r
);
1360 maxrss
= p
->signal
->maxrss
;
1364 if (!lock_task_sighand(p
, &flags
))
1369 case RUSAGE_CHILDREN
:
1370 utime
= p
->signal
->cutime
;
1371 stime
= p
->signal
->cstime
;
1372 r
->ru_nvcsw
= p
->signal
->cnvcsw
;
1373 r
->ru_nivcsw
= p
->signal
->cnivcsw
;
1374 r
->ru_minflt
= p
->signal
->cmin_flt
;
1375 r
->ru_majflt
= p
->signal
->cmaj_flt
;
1376 r
->ru_inblock
= p
->signal
->cinblock
;
1377 r
->ru_oublock
= p
->signal
->coublock
;
1378 maxrss
= p
->signal
->cmaxrss
;
1380 if (who
== RUSAGE_CHILDREN
)
1384 thread_group_times(p
, &tgutime
, &tgstime
);
1385 utime
= cputime_add(utime
, tgutime
);
1386 stime
= cputime_add(stime
, tgstime
);
1387 r
->ru_nvcsw
+= p
->signal
->nvcsw
;
1388 r
->ru_nivcsw
+= p
->signal
->nivcsw
;
1389 r
->ru_minflt
+= p
->signal
->min_flt
;
1390 r
->ru_majflt
+= p
->signal
->maj_flt
;
1391 r
->ru_inblock
+= p
->signal
->inblock
;
1392 r
->ru_oublock
+= p
->signal
->oublock
;
1393 if (maxrss
< p
->signal
->maxrss
)
1394 maxrss
= p
->signal
->maxrss
;
1397 accumulate_thread_rusage(t
, r
);
1405 unlock_task_sighand(p
, &flags
);
1408 cputime_to_timeval(utime
, &r
->ru_utime
);
1409 cputime_to_timeval(stime
, &r
->ru_stime
);
1411 if (who
!= RUSAGE_CHILDREN
) {
1412 struct mm_struct
*mm
= get_task_mm(p
);
1414 setmax_mm_hiwater_rss(&maxrss
, mm
);
1418 r
->ru_maxrss
= maxrss
* (PAGE_SIZE
/ 1024); /* convert pages to KBs */
1421 int getrusage(struct task_struct
*p
, int who
, struct rusage __user
*ru
)
1424 k_getrusage(p
, who
, &r
);
1425 return copy_to_user(ru
, &r
, sizeof(r
)) ? -EFAULT
: 0;
1428 SYSCALL_DEFINE2(getrusage
, int, who
, struct rusage __user
*, ru
)
1430 if (who
!= RUSAGE_SELF
&& who
!= RUSAGE_CHILDREN
&&
1431 who
!= RUSAGE_THREAD
)
1433 return getrusage(current
, who
, ru
);
1436 SYSCALL_DEFINE1(umask
, int, mask
)
1438 mask
= xchg(¤t
->fs
->umask
, mask
& S_IRWXUGO
);
1442 SYSCALL_DEFINE5(prctl
, int, option
, unsigned long, arg2
, unsigned long, arg3
,
1443 unsigned long, arg4
, unsigned long, arg5
)
1445 struct task_struct
*me
= current
;
1446 unsigned char comm
[sizeof(me
->comm
)];
1449 error
= security_task_prctl(option
, arg2
, arg3
, arg4
, arg5
);
1450 if (error
!= -ENOSYS
)
1455 case PR_SET_PDEATHSIG
:
1456 if (!valid_signal(arg2
)) {
1460 me
->pdeath_signal
= arg2
;
1463 case PR_GET_PDEATHSIG
:
1464 error
= put_user(me
->pdeath_signal
, (int __user
*)arg2
);
1466 case PR_GET_DUMPABLE
:
1467 error
= get_dumpable(me
->mm
);
1469 case PR_SET_DUMPABLE
:
1470 if (arg2
< 0 || arg2
> 1) {
1474 set_dumpable(me
->mm
, arg2
);
1478 case PR_SET_UNALIGN
:
1479 error
= SET_UNALIGN_CTL(me
, arg2
);
1481 case PR_GET_UNALIGN
:
1482 error
= GET_UNALIGN_CTL(me
, arg2
);
1485 error
= SET_FPEMU_CTL(me
, arg2
);
1488 error
= GET_FPEMU_CTL(me
, arg2
);
1491 error
= SET_FPEXC_CTL(me
, arg2
);
1494 error
= GET_FPEXC_CTL(me
, arg2
);
1497 error
= PR_TIMING_STATISTICAL
;
1500 if (arg2
!= PR_TIMING_STATISTICAL
)
1507 comm
[sizeof(me
->comm
)-1] = 0;
1508 if (strncpy_from_user(comm
, (char __user
*)arg2
,
1509 sizeof(me
->comm
) - 1) < 0)
1511 set_task_comm(me
, comm
);
1514 get_task_comm(comm
, me
);
1515 if (copy_to_user((char __user
*)arg2
, comm
,
1520 error
= GET_ENDIAN(me
, arg2
);
1523 error
= SET_ENDIAN(me
, arg2
);
1526 case PR_GET_SECCOMP
:
1527 error
= prctl_get_seccomp();
1529 case PR_SET_SECCOMP
:
1530 error
= prctl_set_seccomp(arg2
);
1533 error
= GET_TSC_CTL(arg2
);
1536 error
= SET_TSC_CTL(arg2
);
1538 case PR_TASK_PERF_EVENTS_DISABLE
:
1539 error
= perf_event_task_disable();
1541 case PR_TASK_PERF_EVENTS_ENABLE
:
1542 error
= perf_event_task_enable();
1544 case PR_GET_TIMERSLACK
:
1545 error
= current
->timer_slack_ns
;
1547 case PR_SET_TIMERSLACK
:
1549 current
->timer_slack_ns
=
1550 current
->default_timer_slack_ns
;
1552 current
->timer_slack_ns
= arg2
;
1559 case PR_MCE_KILL_CLEAR
:
1562 current
->flags
&= ~PF_MCE_PROCESS
;
1564 case PR_MCE_KILL_SET
:
1565 current
->flags
|= PF_MCE_PROCESS
;
1566 if (arg3
== PR_MCE_KILL_EARLY
)
1567 current
->flags
|= PF_MCE_EARLY
;
1568 else if (arg3
== PR_MCE_KILL_LATE
)
1569 current
->flags
&= ~PF_MCE_EARLY
;
1570 else if (arg3
== PR_MCE_KILL_DEFAULT
)
1572 ~(PF_MCE_EARLY
|PF_MCE_PROCESS
);
1581 case PR_MCE_KILL_GET
:
1582 if (arg2
| arg3
| arg4
| arg5
)
1584 if (current
->flags
& PF_MCE_PROCESS
)
1585 error
= (current
->flags
& PF_MCE_EARLY
) ?
1586 PR_MCE_KILL_EARLY
: PR_MCE_KILL_LATE
;
1588 error
= PR_MCE_KILL_DEFAULT
;
1597 SYSCALL_DEFINE3(getcpu
, unsigned __user
*, cpup
, unsigned __user
*, nodep
,
1598 struct getcpu_cache __user
*, unused
)
1601 int cpu
= raw_smp_processor_id();
1603 err
|= put_user(cpu
, cpup
);
1605 err
|= put_user(cpu_to_node(cpu
), nodep
);
1606 return err
? -EFAULT
: 0;
1609 char poweroff_cmd
[POWEROFF_CMD_PATH_LEN
] = "/sbin/poweroff";
1611 static void argv_cleanup(char **argv
, char **envp
)
1617 * orderly_poweroff - Trigger an orderly system poweroff
1618 * @force: force poweroff if command execution fails
1620 * This may be called from any context to trigger a system shutdown.
1621 * If the orderly shutdown fails, it will force an immediate shutdown.
1623 int orderly_poweroff(bool force
)
1626 char **argv
= argv_split(GFP_ATOMIC
, poweroff_cmd
, &argc
);
1627 static char *envp
[] = {
1629 "PATH=/sbin:/bin:/usr/sbin:/usr/bin",
1633 struct subprocess_info
*info
;
1636 printk(KERN_WARNING
"%s failed to allocate memory for \"%s\"\n",
1637 __func__
, poweroff_cmd
);
1641 info
= call_usermodehelper_setup(argv
[0], argv
, envp
, GFP_ATOMIC
);
1647 call_usermodehelper_setcleanup(info
, argv_cleanup
);
1649 ret
= call_usermodehelper_exec(info
, UMH_NO_WAIT
);
1653 printk(KERN_WARNING
"Failed to start orderly shutdown: "
1654 "forcing the issue\n");
1656 /* I guess this should try to kick off some daemon to
1657 sync and poweroff asap. Or not even bother syncing
1658 if we're doing an emergency shutdown? */
1665 EXPORT_SYMBOL_GPL(orderly_poweroff
);