]> Git Repo - linux.git/blame - kernel/sys.c
projects / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] jprobes: allow a jprobe to coexist with muliple kprobes
[linux.git] / kernel / sys.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/sys.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7#include <linux/config.h>
8#include <linux/module.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/smp_lock.h>
13#include <linux/notifier.h>
14#include <linux/reboot.h>
15#include <linux/prctl.h>
16#include <linux/init.h>
17#include <linux/highuid.h>
18#include <linux/fs.h>
19#include <linux/workqueue.h>
20#include <linux/device.h>
21#include <linux/key.h>
22#include <linux/times.h>
23#include <linux/posix-timers.h>
24#include <linux/security.h>
25#include <linux/dcookies.h>
26#include <linux/suspend.h>
27#include <linux/tty.h>
7ed20e1a 28#include <linux/signal.h>
1da177e4
LT		 29
30#include <linux/compat.h>
31#include <linux/syscalls.h>
32
33#include <asm/uaccess.h>
34#include <asm/io.h>
35#include <asm/unistd.h>
36
37#ifndef SET_UNALIGN_CTL
38# define SET_UNALIGN_CTL(a,b) (-EINVAL)
39#endif
40#ifndef GET_UNALIGN_CTL
41# define GET_UNALIGN_CTL(a,b) (-EINVAL)
42#endif
43#ifndef SET_FPEMU_CTL
44# define SET_FPEMU_CTL(a,b) (-EINVAL)
45#endif
46#ifndef GET_FPEMU_CTL
47# define GET_FPEMU_CTL(a,b) (-EINVAL)
48#endif
49#ifndef SET_FPEXC_CTL
50# define SET_FPEXC_CTL(a,b) (-EINVAL)
51#endif
52#ifndef GET_FPEXC_CTL
53# define GET_FPEXC_CTL(a,b) (-EINVAL)
54#endif
55
56/*
57 * this is where the system-wide overflow UID and GID are defined, for
58 * architectures that now have 32-bit UID/GID but didn't in the past
59 */
60
61int overflowuid = DEFAULT_OVERFLOWUID;
62int overflowgid = DEFAULT_OVERFLOWGID;
63
64#ifdef CONFIG_UID16
65EXPORT_SYMBOL(overflowuid);
66EXPORT_SYMBOL(overflowgid);
67#endif
68
69/*
70 * the same as above, but for filesystems which can only store a 16-bit
71 * UID and GID. as such, this is needed on all architectures
72 */
73
74int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
75int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
76
77EXPORT_SYMBOL(fs_overflowuid);
78EXPORT_SYMBOL(fs_overflowgid);
79
80/*
81 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
82 */
83
84int C_A_D = 1;
85int cad_pid = 1;
86
87/*
88 * Notifier list for kernel code which wants to be called
89 * at shutdown. This is used to stop any idling DMA operations
90 * and the like.
91 */
92
93static struct notifier_block *reboot_notifier_list;
94static DEFINE_RWLOCK(notifier_lock);
95
96/**
97 * notifier_chain_register - Add notifier to a notifier chain
98 * @list: Pointer to root list pointer
99 * @n: New entry in notifier chain
100 *
101 * Adds a notifier to a notifier chain.
102 *
103 * Currently always returns zero.
104 */
105
106int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
107{
108 write_lock(&notifier_lock);
109 while(*list)
110 {
111 if(n->priority > (*list)->priority)
112 break;
113 list= &((*list)->next);
114 }
115 n->next = *list;
116 *list=n;
117 write_unlock(&notifier_lock);
118 return 0;
119}
120
121EXPORT_SYMBOL(notifier_chain_register);
122
123/**
124 * notifier_chain_unregister - Remove notifier from a notifier chain
125 * @nl: Pointer to root list pointer
126 * @n: New entry in notifier chain
127 *
128 * Removes a notifier from a notifier chain.
129 *
130 * Returns zero on success, or %-ENOENT on failure.
131 */
132
133int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
134{
135 write_lock(&notifier_lock);
136 while((*nl)!=NULL)
137 {
138 if((*nl)==n)
139 {
140 *nl=n->next;
141 write_unlock(&notifier_lock);
142 return 0;
143 }
144 nl=&((*nl)->next);
145 }
146 write_unlock(&notifier_lock);
147 return -ENOENT;
148}
149
150EXPORT_SYMBOL(notifier_chain_unregister);
151
152/**
153 * notifier_call_chain - Call functions in a notifier chain
154 * @n: Pointer to root pointer of notifier chain
155 * @val: Value passed unmodified to notifier function
156 * @v: Pointer passed unmodified to notifier function
157 *
158 * Calls each function in a notifier chain in turn.
159 *
160 * If the return value of the notifier can be and'd
161 * with %NOTIFY_STOP_MASK, then notifier_call_chain
162 * will return immediately, with the return value of
163 * the notifier function which halted execution.
164 * Otherwise, the return value is the return value
165 * of the last notifier function called.
166 */
167
168int notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
169{
170 int ret=NOTIFY_DONE;
171 struct notifier_block *nb = *n;
172
173 while(nb)
174 {
175 ret=nb->notifier_call(nb,val,v);
176 if(ret&NOTIFY_STOP_MASK)
177 {
178 return ret;
179 }
180 nb=nb->next;
181 }
182 return ret;
183}
184
185EXPORT_SYMBOL(notifier_call_chain);
186
187/**
188 * register_reboot_notifier - Register function to be called at reboot time
189 * @nb: Info about notifier function to be called
190 *
191 * Registers a function with the list of functions
192 * to be called at reboot time.
193 *
194 * Currently always returns zero, as notifier_chain_register
195 * always returns zero.
196 */
197
198int register_reboot_notifier(struct notifier_block * nb)
199{
200 return notifier_chain_register(&reboot_notifier_list, nb);
201}
202
203EXPORT_SYMBOL(register_reboot_notifier);
204
205/**
206 * unregister_reboot_notifier - Unregister previously registered reboot notifier
207 * @nb: Hook to be unregistered
208 *
209 * Unregisters a previously registered reboot
210 * notifier function.
211 *
212 * Returns zero on success, or %-ENOENT on failure.
213 */
214
215int unregister_reboot_notifier(struct notifier_block * nb)
216{
217 return notifier_chain_unregister(&reboot_notifier_list, nb);
218}
219
220EXPORT_SYMBOL(unregister_reboot_notifier);
221
222static int set_one_prio(struct task_struct *p, int niceval, int error)
223{
224 int no_nice;
225
226 if (p->uid != current->euid &&
227 p->euid != current->euid && !capable(CAP_SYS_NICE)) {
228 error = -EPERM;
229 goto out;
230 }
e43379f1 231 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
1da177e4
LT		 232 error = -EACCES;
233 goto out;
234 }
235 no_nice = security_task_setnice(p, niceval);
236 if (no_nice) {
237 error = no_nice;
238 goto out;
239 }
240 if (error == -ESRCH)
241 error = 0;
242 set_user_nice(p, niceval);
243out:
244 return error;
245}
246
247asmlinkage long sys_setpriority(int which, int who, int niceval)
248{
249 struct task_struct *g, *p;
250 struct user_struct *user;
251 int error = -EINVAL;
252
253 if (which > 2 || which < 0)
254 goto out;
255
256 /* normalize: avoid signed division (rounding problems) */
257 error = -ESRCH;
258 if (niceval < -20)
259 niceval = -20;
260 if (niceval > 19)
261 niceval = 19;
262
263 read_lock(&tasklist_lock);
264 switch (which) {
265 case PRIO_PROCESS:
266 if (!who)
267 who = current->pid;
268 p = find_task_by_pid(who);
269 if (p)
270 error = set_one_prio(p, niceval, error);
271 break;
272 case PRIO_PGRP:
273 if (!who)
274 who = process_group(current);
275 do_each_task_pid(who, PIDTYPE_PGID, p) {
276 error = set_one_prio(p, niceval, error);
277 } while_each_task_pid(who, PIDTYPE_PGID, p);
278 break;
279 case PRIO_USER:
280 user = current->user;
281 if (!who)
282 who = current->uid;
283 else
284 if ((who != current->uid) && !(user = find_user(who)))
285 goto out_unlock; /* No processes for this user */
286
287 do_each_thread(g, p)
288 if (p->uid == who)
289 error = set_one_prio(p, niceval, error);
290 while_each_thread(g, p);
291 if (who != current->uid)
292 free_uid(user); /* For find_user() */
293 break;
294 }
295out_unlock:
296 read_unlock(&tasklist_lock);
297out:
298 return error;
299}
300
301/*
302 * Ugh. To avoid negative return values, "getpriority()" will
303 * not return the normal nice-value, but a negated value that
304 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
305 * to stay compatible.
306 */
307asmlinkage long sys_getpriority(int which, int who)
308{
309 struct task_struct *g, *p;
310 struct user_struct *user;
311 long niceval, retval = -ESRCH;
312
313 if (which > 2 || which < 0)
314 return -EINVAL;
315
316 read_lock(&tasklist_lock);
317 switch (which) {
318 case PRIO_PROCESS:
319 if (!who)
320 who = current->pid;
321 p = find_task_by_pid(who);
322 if (p) {
323 niceval = 20 - task_nice(p);
324 if (niceval > retval)
325 retval = niceval;
326 }
327 break;
328 case PRIO_PGRP:
329 if (!who)
330 who = process_group(current);
331 do_each_task_pid(who, PIDTYPE_PGID, p) {
332 niceval = 20 - task_nice(p);
333 if (niceval > retval)
334 retval = niceval;
335 } while_each_task_pid(who, PIDTYPE_PGID, p);
336 break;
337 case PRIO_USER:
338 user = current->user;
339 if (!who)
340 who = current->uid;
341 else
342 if ((who != current->uid) && !(user = find_user(who)))
343 goto out_unlock; /* No processes for this user */
344
345 do_each_thread(g, p)
346 if (p->uid == who) {
347 niceval = 20 - task_nice(p);
348 if (niceval > retval)
349 retval = niceval;
350 }
351 while_each_thread(g, p);
352 if (who != current->uid)
353 free_uid(user); /* for find_user() */
354 break;
355 }
356out_unlock:
357 read_unlock(&tasklist_lock);
358
359 return retval;
360}
361
362
363/*
364 * Reboot system call: for obvious reasons only root may call it,
365 * and even root needs to set up some magic numbers in the registers
366 * so that some mistake won't make this reboot the whole machine.
367 * You can also set the meaning of the ctrl-alt-del-key here.
368 *
369 * reboot doesn't sync: do that yourself before calling this.
370 */
371asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
372{
373 char buffer[256];
374
375 /* We only trust the superuser with rebooting the system. */
376 if (!capable(CAP_SYS_BOOT))
377 return -EPERM;
378
379 /* For safety, we require "magic" arguments. */
380 if (magic1 != LINUX_REBOOT_MAGIC1 ||
381 (magic2 != LINUX_REBOOT_MAGIC2 &&
382 magic2 != LINUX_REBOOT_MAGIC2A &&
383 magic2 != LINUX_REBOOT_MAGIC2B &&
384 magic2 != LINUX_REBOOT_MAGIC2C))
385 return -EINVAL;
386
387 lock_kernel();
388 switch (cmd) {
389 case LINUX_REBOOT_CMD_RESTART:
390 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
391 system_state = SYSTEM_RESTART;
392 device_shutdown();
393 printk(KERN_EMERG "Restarting system.\n");
394 machine_restart(NULL);
395 break;
396
397 case LINUX_REBOOT_CMD_CAD_ON:
398 C_A_D = 1;
399 break;
400
401 case LINUX_REBOOT_CMD_CAD_OFF:
402 C_A_D = 0;
403 break;
404
405 case LINUX_REBOOT_CMD_HALT:
406 notifier_call_chain(&reboot_notifier_list, SYS_HALT, NULL);
407 system_state = SYSTEM_HALT;
408 device_shutdown();
409 printk(KERN_EMERG "System halted.\n");
410 machine_halt();
411 unlock_kernel();
412 do_exit(0);
413 break;
414
415 case LINUX_REBOOT_CMD_POWER_OFF:
416 notifier_call_chain(&reboot_notifier_list, SYS_POWER_OFF, NULL);
417 system_state = SYSTEM_POWER_OFF;
418 device_shutdown();
419 printk(KERN_EMERG "Power down.\n");
420 machine_power_off();
421 unlock_kernel();
422 do_exit(0);
423 break;
424
425 case LINUX_REBOOT_CMD_RESTART2:
426 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
427 unlock_kernel();
428 return -EFAULT;
429 }
430 buffer[sizeof(buffer) - 1] = '\0';
431
432 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, buffer);
433 system_state = SYSTEM_RESTART;
434 device_shutdown();
435 printk(KERN_EMERG "Restarting system with command '%s'.\n", buffer);
436 machine_restart(buffer);
437 break;
438
439#ifdef CONFIG_SOFTWARE_SUSPEND
440 case LINUX_REBOOT_CMD_SW_SUSPEND:
441 {
442 int ret = software_suspend();
443 unlock_kernel();
444 return ret;
445 }
446#endif
447
448 default:
449 unlock_kernel();
450 return -EINVAL;
451 }
452 unlock_kernel();
453 return 0;
454}
455
456static void deferred_cad(void *dummy)
457{
458 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
459 machine_restart(NULL);
460}
461
462/*
463 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
464 * As it's called within an interrupt, it may NOT sync: the only choice
465 * is whether to reboot at once, or just ignore the ctrl-alt-del.
466 */
467void ctrl_alt_del(void)
468{
469 static DECLARE_WORK(cad_work, deferred_cad, NULL);
470
471 if (C_A_D)
472 schedule_work(&cad_work);
473 else
474 kill_proc(cad_pid, SIGINT, 1);
475}
476
477
478/*
479 * Unprivileged users may change the real gid to the effective gid
480 * or vice versa. (BSD-style)
481 *
482 * If you set the real gid at all, or set the effective gid to a value not
483 * equal to the real gid, then the saved gid is set to the new effective gid.
484 *
485 * This makes it possible for a setgid program to completely drop its
486 * privileges, which is often a useful assertion to make when you are doing
487 * a security audit over a program.
488 *
489 * The general idea is that a program which uses just setregid() will be
490 * 100% compatible with BSD. A program which uses just setgid() will be
491 * 100% compatible with POSIX with saved IDs.
492 *
493 * SMP: There are not races, the GIDs are checked only by filesystem
494 * operations (as far as semantic preservation is concerned).
495 */
496asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
497{
498 int old_rgid = current->gid;
499 int old_egid = current->egid;
500 int new_rgid = old_rgid;
501 int new_egid = old_egid;
502 int retval;
503
504 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
505 if (retval)
506 return retval;
507
508 if (rgid != (gid_t) -1) {
509 if ((old_rgid == rgid) ||
510 (current->egid==rgid) ||
511 capable(CAP_SETGID))
512 new_rgid = rgid;
513 else
514 return -EPERM;
515 }
516 if (egid != (gid_t) -1) {
517 if ((old_rgid == egid) ||
518 (current->egid == egid) ||
519 (current->sgid == egid) ||
520 capable(CAP_SETGID))
521 new_egid = egid;
522 else {
523 return -EPERM;
524 }
525 }
526 if (new_egid != old_egid)
527 {
528 current->mm->dumpable = 0;
d59dd462 529 smp_wmb();
1da177e4
LT		 530 }
531 if (rgid != (gid_t) -1 ||
532 (egid != (gid_t) -1 && egid != old_rgid))
533 current->sgid = new_egid;
534 current->fsgid = new_egid;
535 current->egid = new_egid;
536 current->gid = new_rgid;
537 key_fsgid_changed(current);
538 return 0;
539}
540
541/*
542 * setgid() is implemented like SysV w/ SAVED_IDS
543 *
544 * SMP: Same implicit races as above.
545 */
546asmlinkage long sys_setgid(gid_t gid)
547{
548 int old_egid = current->egid;
549 int retval;
550
551 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
552 if (retval)
553 return retval;
554
555 if (capable(CAP_SETGID))
556 {
557 if(old_egid != gid)
558 {
559 current->mm->dumpable=0;
d59dd462 560 smp_wmb();
1da177e4
LT		 561 }
562 current->gid = current->egid = current->sgid = current->fsgid = gid;
563 }
564 else if ((gid == current->gid) || (gid == current->sgid))
565 {
566 if(old_egid != gid)
567 {
568 current->mm->dumpable=0;
d59dd462 569 smp_wmb();
1da177e4
LT		 570 }
571 current->egid = current->fsgid = gid;
572 }
573 else
574 return -EPERM;
575
576 key_fsgid_changed(current);
577 return 0;
578}
579
580static int set_user(uid_t new_ruid, int dumpclear)
581{
582 struct user_struct *new_user;
583
584 new_user = alloc_uid(new_ruid);
585 if (!new_user)
586 return -EAGAIN;
587
588 if (atomic_read(&new_user->processes) >=
589 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
590 new_user != &root_user) {
591 free_uid(new_user);
592 return -EAGAIN;
593 }
594
595 switch_uid(new_user);
596
597 if(dumpclear)
598 {
599 current->mm->dumpable = 0;
d59dd462 600 smp_wmb();
1da177e4
LT		 601 }
602 current->uid = new_ruid;
603 return 0;
604}
605
606/*
607 * Unprivileged users may change the real uid to the effective uid
608 * or vice versa. (BSD-style)
609 *
610 * If you set the real uid at all, or set the effective uid to a value not
611 * equal to the real uid, then the saved uid is set to the new effective uid.
612 *
613 * This makes it possible for a setuid program to completely drop its
614 * privileges, which is often a useful assertion to make when you are doing
615 * a security audit over a program.
616 *
617 * The general idea is that a program which uses just setreuid() will be
618 * 100% compatible with BSD. A program which uses just setuid() will be
619 * 100% compatible with POSIX with saved IDs.
620 */
621asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
622{
623 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
624 int retval;
625
626 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
627 if (retval)
628 return retval;
629
630 new_ruid = old_ruid = current->uid;
631 new_euid = old_euid = current->euid;
632 old_suid = current->suid;
633
634 if (ruid != (uid_t) -1) {
635 new_ruid = ruid;
636 if ((old_ruid != ruid) &&
637 (current->euid != ruid) &&
638 !capable(CAP_SETUID))
639 return -EPERM;
640 }
641
642 if (euid != (uid_t) -1) {
643 new_euid = euid;
644 if ((old_ruid != euid) &&
645 (current->euid != euid) &&
646 (current->suid != euid) &&
647 !capable(CAP_SETUID))
648 return -EPERM;
649 }
650
651 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
652 return -EAGAIN;
653
654 if (new_euid != old_euid)
655 {
656 current->mm->dumpable=0;
d59dd462 657 smp_wmb();
1da177e4
LT		 658 }
659 current->fsuid = current->euid = new_euid;
660 if (ruid != (uid_t) -1 ||
661 (euid != (uid_t) -1 && euid != old_ruid))
662 current->suid = current->euid;
663 current->fsuid = current->euid;
664
665 key_fsuid_changed(current);
666
667 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
668}
669
670
671
672/*
673 * setuid() is implemented like SysV with SAVED_IDS
674 *
675 * Note that SAVED_ID's is deficient in that a setuid root program
676 * like sendmail, for example, cannot set its uid to be a normal
677 * user and then switch back, because if you're root, setuid() sets
678 * the saved uid too. If you don't like this, blame the bright people
679 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
680 * will allow a root program to temporarily drop privileges and be able to
681 * regain them by swapping the real and effective uid.
682 */
683asmlinkage long sys_setuid(uid_t uid)
684{
685 int old_euid = current->euid;
686 int old_ruid, old_suid, new_ruid, new_suid;
687 int retval;
688
689 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
690 if (retval)
691 return retval;
692
693 old_ruid = new_ruid = current->uid;
694 old_suid = current->suid;
695 new_suid = old_suid;
696
697 if (capable(CAP_SETUID)) {
698 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
699 return -EAGAIN;
700 new_suid = uid;
701 } else if ((uid != current->uid) && (uid != new_suid))
702 return -EPERM;
703
704 if (old_euid != uid)
705 {
706 current->mm->dumpable = 0;
d59dd462 707 smp_wmb();
1da177e4
LT		 708 }
709 current->fsuid = current->euid = uid;
710 current->suid = new_suid;
711
712 key_fsuid_changed(current);
713
714 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
715}
716
717
718/*
719 * This function implements a generic ability to update ruid, euid,
720 * and suid. This allows you to implement the 4.4 compatible seteuid().
721 */
722asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
723{
724 int old_ruid = current->uid;
725 int old_euid = current->euid;
726 int old_suid = current->suid;
727 int retval;
728
729 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
730 if (retval)
731 return retval;
732
733 if (!capable(CAP_SETUID)) {
734 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
735 (ruid != current->euid) && (ruid != current->suid))
736 return -EPERM;
737 if ((euid != (uid_t) -1) && (euid != current->uid) &&
738 (euid != current->euid) && (euid != current->suid))
739 return -EPERM;
740 if ((suid != (uid_t) -1) && (suid != current->uid) &&
741 (suid != current->euid) && (suid != current->suid))
742 return -EPERM;
743 }
744 if (ruid != (uid_t) -1) {
745 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
746 return -EAGAIN;
747 }
748 if (euid != (uid_t) -1) {
749 if (euid != current->euid)
750 {
751 current->mm->dumpable = 0;
d59dd462 752 smp_wmb();
1da177e4
LT		 753 }
754 current->euid = euid;
755 }
756 current->fsuid = current->euid;
757 if (suid != (uid_t) -1)
758 current->suid = suid;
759
760 key_fsuid_changed(current);
761
762 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
763}
764
765asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
766{
767 int retval;
768
769 if (!(retval = put_user(current->uid, ruid)) &&
770 !(retval = put_user(current->euid, euid)))
771 retval = put_user(current->suid, suid);
772
773 return retval;
774}
775
776/*
777 * Same as above, but for rgid, egid, sgid.
778 */
779asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
780{
781 int retval;
782
783 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
784 if (retval)
785 return retval;
786
787 if (!capable(CAP_SETGID)) {
788 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
789 (rgid != current->egid) && (rgid != current->sgid))
790 return -EPERM;
791 if ((egid != (gid_t) -1) && (egid != current->gid) &&
792 (egid != current->egid) && (egid != current->sgid))
793 return -EPERM;
794 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
795 (sgid != current->egid) && (sgid != current->sgid))
796 return -EPERM;
797 }
798 if (egid != (gid_t) -1) {
799 if (egid != current->egid)
800 {
801 current->mm->dumpable = 0;
d59dd462 802 smp_wmb();
1da177e4
LT		 803 }
804 current->egid = egid;
805 }
806 current->fsgid = current->egid;
807 if (rgid != (gid_t) -1)
808 current->gid = rgid;
809 if (sgid != (gid_t) -1)
810 current->sgid = sgid;
811
812 key_fsgid_changed(current);
813 return 0;
814}
815
816asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
817{
818 int retval;
819
820 if (!(retval = put_user(current->gid, rgid)) &&
821 !(retval = put_user(current->egid, egid)))
822 retval = put_user(current->sgid, sgid);
823
824 return retval;
825}
826
827
828/*
829 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
830 * is used for "access()" and for the NFS daemon (letting nfsd stay at
831 * whatever uid it wants to). It normally shadows "euid", except when
832 * explicitly set by setfsuid() or for access..
833 */
834asmlinkage long sys_setfsuid(uid_t uid)
835{
836 int old_fsuid;
837
838 old_fsuid = current->fsuid;
839 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
840 return old_fsuid;
841
842 if (uid == current->uid || uid == current->euid ||
843 uid == current->suid || uid == current->fsuid ||
844 capable(CAP_SETUID))
845 {
846 if (uid != old_fsuid)
847 {
848 current->mm->dumpable = 0;
d59dd462 849 smp_wmb();
1da177e4
LT		 850 }
851 current->fsuid = uid;
852 }
853
854 key_fsuid_changed(current);
855
856 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
857
858 return old_fsuid;
859}
860
861/*
862