1
2
3
4
5
6
7#include <linux/export.h>
8#include <linux/mm.h>
9#include <linux/utsname.h>
10#include <linux/mman.h>
11#include <linux/reboot.h>
12#include <linux/prctl.h>
13#include <linux/highuid.h>
14#include <linux/fs.h>
15#include <linux/kmod.h>
16#include <linux/perf_event.h>
17#include <linux/resource.h>
18#include <linux/kernel.h>
19#include <linux/kexec.h>
20#include <linux/workqueue.h>
21#include <linux/capability.h>
22#include <linux/device.h>
23#include <linux/key.h>
24#include <linux/times.h>
25#include <linux/posix-timers.h>
26#include <linux/security.h>
27#include <linux/dcookies.h>
28#include <linux/suspend.h>
29#include <linux/tty.h>
30#include <linux/signal.h>
31#include <linux/cn_proc.h>
32#include <linux/getcpu.h>
33#include <linux/task_io_accounting_ops.h>
34#include <linux/seccomp.h>
35#include <linux/cpu.h>
36#include <linux/personality.h>
37#include <linux/ptrace.h>
38#include <linux/fs_struct.h>
39#include <linux/file.h>
40#include <linux/mount.h>
41#include <linux/gfp.h>
42#include <linux/syscore_ops.h>
43#include <linux/version.h>
44#include <linux/ctype.h>
45
46#include <linux/compat.h>
47#include <linux/syscalls.h>
48#include <linux/kprobes.h>
49#include <linux/user_namespace.h>
50#include <linux/binfmts.h>
51
52#include <linux/sched.h>
53#include <linux/rcupdate.h>
54#include <linux/uidgid.h>
55#include <linux/cred.h>
56
57#include <linux/kmsg_dump.h>
58
59#include <generated/utsrelease.h>
60
61#include <asm/uaccess.h>
62#include <asm/io.h>
63#include <asm/unistd.h>
64
65#ifndef SET_UNALIGN_CTL
66# define SET_UNALIGN_CTL(a,b) (-EINVAL)
67#endif
68#ifndef GET_UNALIGN_CTL
69# define GET_UNALIGN_CTL(a,b) (-EINVAL)
70#endif
71#ifndef SET_FPEMU_CTL
72# define SET_FPEMU_CTL(a,b) (-EINVAL)
73#endif
74#ifndef GET_FPEMU_CTL
75# define GET_FPEMU_CTL(a,b) (-EINVAL)
76#endif
77#ifndef SET_FPEXC_CTL
78# define SET_FPEXC_CTL(a,b) (-EINVAL)
79#endif
80#ifndef GET_FPEXC_CTL
81# define GET_FPEXC_CTL(a,b) (-EINVAL)
82#endif
83#ifndef GET_ENDIAN
84# define GET_ENDIAN(a,b) (-EINVAL)
85#endif
86#ifndef SET_ENDIAN
87# define SET_ENDIAN(a,b) (-EINVAL)
88#endif
89#ifndef GET_TSC_CTL
90# define GET_TSC_CTL(a) (-EINVAL)
91#endif
92#ifndef SET_TSC_CTL
93# define SET_TSC_CTL(a) (-EINVAL)
94#endif
95
96
97
98
99
100
101int overflowuid = DEFAULT_OVERFLOWUID;
102int overflowgid = DEFAULT_OVERFLOWGID;
103
104EXPORT_SYMBOL(overflowuid);
105EXPORT_SYMBOL(overflowgid);
106
107
108
109
110
111
112int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
113int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
114
115EXPORT_SYMBOL(fs_overflowuid);
116EXPORT_SYMBOL(fs_overflowgid);
117
118
119
120
121
122int C_A_D = 1;
123struct pid *cad_pid;
124EXPORT_SYMBOL(cad_pid);
125
126
127
128
129
130void (*pm_power_off_prepare)(void);
131
132
133
134
135
136
137
138static bool set_one_prio_perm(struct task_struct *p)
139{
140 const struct cred *cred = current_cred(), *pcred = __task_cred(p);
141
142 if (uid_eq(pcred->uid, cred->euid) ||
143 uid_eq(pcred->euid, cred->euid))
144 return true;
145 if (ns_capable(pcred->user_ns, CAP_SYS_NICE))
146 return true;
147 return false;
148}
149
150
151
152
153
154static int set_one_prio(struct task_struct *p, int niceval, int error)
155{
156 int no_nice;
157
158 if (!set_one_prio_perm(p)) {
159 error = -EPERM;
160 goto out;
161 }
162 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
163 error = -EACCES;
164 goto out;
165 }
166 no_nice = security_task_setnice(p, niceval);
167 if (no_nice) {
168 error = no_nice;
169 goto out;
170 }
171 if (error == -ESRCH)
172 error = 0;
173 set_user_nice(p, niceval);
174out:
175 return error;
176}
177
178SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
179{
180 struct task_struct *g, *p;
181 struct user_struct *user;
182 const struct cred *cred = current_cred();
183 int error = -EINVAL;
184 struct pid *pgrp;
185 kuid_t uid;
186
187 if (which > PRIO_USER || which < PRIO_PROCESS)
188 goto out;
189
190
191 error = -ESRCH;
192 if (niceval < -20)
193 niceval = -20;
194 if (niceval > 19)
195 niceval = 19;
196
197 rcu_read_lock();
198 read_lock(&tasklist_lock);
199 switch (which) {
200 case PRIO_PROCESS:
201 if (who)
202 p = find_task_by_vpid(who);
203 else
204 p = current;
205 if (p)
206 error = set_one_prio(p, niceval, error);
207 break;
208 case PRIO_PGRP:
209 if (who)
210 pgrp = find_vpid(who);
211 else
212 pgrp = task_pgrp(current);
213 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
214 error = set_one_prio(p, niceval, error);
215 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
216 break;
217 case PRIO_USER:
218 uid = make_kuid(cred->user_ns, who);
219 user = cred->user;
220 if (!who)
221 uid = cred->uid;
222 else if (!uid_eq(uid, cred->uid) &&
223 !(user = find_user(uid)))
224 goto out_unlock;
225
226 do_each_thread(g, p) {
227 if (uid_eq(task_uid(p), uid))
228 error = set_one_prio(p, niceval, error);
229 } while_each_thread(g, p);
230 if (!uid_eq(uid, cred->uid))
231 free_uid(user);
232 break;
233 }
234out_unlock:
235 read_unlock(&tasklist_lock);
236 rcu_read_unlock();
237out:
238 return error;
239}
240
241
242
243
244
245
246
247SYSCALL_DEFINE2(getpriority, int, which, int, who)
248{
249 struct task_struct *g, *p;
250 struct user_struct *user;
251 const struct cred *cred = current_cred();
252 long niceval, retval = -ESRCH;
253 struct pid *pgrp;
254 kuid_t uid;
255
256 if (which > PRIO_USER || which < PRIO_PROCESS)
257 return -EINVAL;
258
259 rcu_read_lock();
260 read_lock(&tasklist_lock);
261 switch (which) {
262 case PRIO_PROCESS:
263 if (who)
264 p = find_task_by_vpid(who);
265 else
266 p = current;
267 if (p) {
268 niceval = 20 - task_nice(p);
269 if (niceval > retval)
270 retval = niceval;
271 }
272 break;
273 case PRIO_PGRP:
274 if (who)
275 pgrp = find_vpid(who);
276 else
277 pgrp = task_pgrp(current);
278 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
279 niceval = 20 - task_nice(p);
280 if (niceval > retval)
281 retval = niceval;
282 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
283 break;
284 case PRIO_USER:
285 uid = make_kuid(cred->user_ns, who);
286 user = cred->user;
287 if (!who)
288 uid = cred->uid;
289 else if (!uid_eq(uid, cred->uid) &&
290 !(user = find_user(uid)))
291 goto out_unlock;
292
293 do_each_thread(g, p) {
294 if (uid_eq(task_uid(p), uid)) {
295 niceval = 20 - task_nice(p);
296 if (niceval > retval)
297 retval = niceval;
298 }
299 } while_each_thread(g, p);
300 if (!uid_eq(uid, cred->uid))
301 free_uid(user);
302 break;
303 }
304out_unlock:
305 read_unlock(&tasklist_lock);
306 rcu_read_unlock();
307
308 return retval;
309}
310
311
312
313
314
315
316
317
318
319void emergency_restart(void)
320{
321 kmsg_dump(KMSG_DUMP_EMERG);
322 machine_emergency_restart();
323}
324EXPORT_SYMBOL_GPL(emergency_restart);
325
326void kernel_restart_prepare(char *cmd)
327{
328 blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
329 system_state = SYSTEM_RESTART;
330 usermodehelper_disable();
331 device_shutdown();
332}
333
334
335
336
337
338
339
340
341
342
343
344int register_reboot_notifier(struct notifier_block *nb)
345{
346 return blocking_notifier_chain_register(&reboot_notifier_list, nb);
347}
348EXPORT_SYMBOL(register_reboot_notifier);
349
350
351
352
353
354
355
356
357
358
359int unregister_reboot_notifier(struct notifier_block *nb)
360{
361 return blocking_notifier_chain_unregister(&reboot_notifier_list, nb);
362}
363EXPORT_SYMBOL(unregister_reboot_notifier);
364
365
366#ifndef PF_NO_SETAFFINITY
367#define PF_NO_SETAFFINITY PF_THREAD_BOUND
368#endif
369
370static void migrate_to_reboot_cpu(void)
371{
372
373 int cpu = 0;
374
375 cpu_hotplug_disable();
376
377
378 if (!cpu_online(cpu))
379 cpu = cpumask_first(cpu_online_mask);
380
381
382 current->flags |= PF_NO_SETAFFINITY;
383
384
385 set_cpus_allowed_ptr(current, cpumask_of(cpu));
386}
387
388
389
390
391
392
393
394
395
396void kernel_restart(char *cmd)
397{
398 kernel_restart_prepare(cmd);
399 migrate_to_reboot_cpu();
400 syscore_shutdown();
401 if (!cmd)
402 printk(KERN_EMERG "Restarting system.\n");
403 else
404 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
405 kmsg_dump(KMSG_DUMP_RESTART);
406 machine_restart(cmd);
407}
408EXPORT_SYMBOL_GPL(kernel_restart);
409
410static void kernel_shutdown_prepare(enum system_states state)
411{
412 blocking_notifier_call_chain(&reboot_notifier_list,
413 (state == SYSTEM_HALT)?SYS_HALT:SYS_POWER_OFF, NULL);
414 system_state = state;
415 usermodehelper_disable();
416 device_shutdown();
417}
418
419
420
421
422
423void kernel_halt(void)
424{
425 kernel_shutdown_prepare(SYSTEM_HALT);
426 migrate_to_reboot_cpu();
427 syscore_shutdown();
428 printk(KERN_EMERG "System halted.\n");
429 kmsg_dump(KMSG_DUMP_HALT);
430 machine_halt();
431}
432
433EXPORT_SYMBOL_GPL(kernel_halt);
434
435
436
437
438
439
440void kernel_power_off(void)
441{
442 kernel_shutdown_prepare(SYSTEM_POWER_OFF);
443 if (pm_power_off_prepare)
444 pm_power_off_prepare();
445 migrate_to_reboot_cpu();
446 syscore_shutdown();
447 printk(KERN_EMERG "Power down.\n");
448 kmsg_dump(KMSG_DUMP_POWEROFF);
449 machine_power_off();
450}
451EXPORT_SYMBOL_GPL(kernel_power_off);
452
453static DEFINE_MUTEX(reboot_mutex);
454
455
456
457
458
459
460
461
462
463SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd,
464 void __user *, arg)
465{
466 struct pid_namespace *pid_ns = task_active_pid_ns(current);
467 char buffer[256];
468 int ret = 0;
469
470
471 if (!ns_capable(pid_ns->user_ns, CAP_SYS_BOOT))
472 return -EPERM;
473
474
475 if (magic1 != LINUX_REBOOT_MAGIC1 ||
476 (magic2 != LINUX_REBOOT_MAGIC2 &&
477 magic2 != LINUX_REBOOT_MAGIC2A &&
478 magic2 != LINUX_REBOOT_MAGIC2B &&
479 magic2 != LINUX_REBOOT_MAGIC2C))
480 return -EINVAL;
481
482
483
484
485
486
487 ret = reboot_pid_ns(pid_ns, cmd);
488 if (ret)
489 return ret;
490
491
492
493
494 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
495 cmd = LINUX_REBOOT_CMD_HALT;
496
497 mutex_lock(&reboot_mutex);
498 switch (cmd) {
499 case LINUX_REBOOT_CMD_RESTART:
500 kernel_restart(NULL);
501 break;
502
503 case LINUX_REBOOT_CMD_CAD_ON:
504 C_A_D = 1;
505 break;
506
507 case LINUX_REBOOT_CMD_CAD_OFF:
508 C_A_D = 0;
509 break;
510
511 case LINUX_REBOOT_CMD_HALT:
512 kernel_halt();
513 do_exit(0);
514 panic("cannot halt");
515
516 case LINUX_REBOOT_CMD_POWER_OFF:
517 kernel_power_off();
518 do_exit(0);
519 break;
520
521 case LINUX_REBOOT_CMD_RESTART2:
522 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
523 ret = -EFAULT;
524 break;
525 }
526 buffer[sizeof(buffer) - 1] = '\0';
527
528 kernel_restart(buffer);
529 break;
530
531#ifdef CONFIG_KEXEC
532 case LINUX_REBOOT_CMD_KEXEC:
533 ret = kernel_kexec();
534 break;
535#endif
536
537#ifdef CONFIG_HIBERNATION
538 case LINUX_REBOOT_CMD_SW_SUSPEND:
539 ret = hibernate();
540 break;
541#endif
542
543 default:
544 ret = -EINVAL;
545 break;
546 }
547 mutex_unlock(&reboot_mutex);
548 return ret;
549}
550
551static void deferred_cad(struct work_struct *dummy)
552{
553 kernel_restart(NULL);
554}
555
556
557
558
559
560
561void ctrl_alt_del(void)
562{
563 static DECLARE_WORK(cad_work, deferred_cad);
564
565 if (C_A_D)
566 schedule_work(&cad_work);
567 else
568 kill_cad_pid(SIGINT, 1);
569}
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid)
590{
591 struct user_namespace *ns = current_user_ns();
592 const struct cred *old;
593 struct cred *new;
594 int retval;
595 kgid_t krgid, kegid;
596
597 krgid = make_kgid(ns, rgid);
598 kegid = make_kgid(ns, egid);
599
600 if ((rgid != (gid_t) -1) && !gid_valid(krgid))
601 return -EINVAL;
602 if ((egid != (gid_t) -1) && !gid_valid(kegid))
603 return -EINVAL;
604
605 new = prepare_creds();
606 if (!new)
607 return -ENOMEM;
608 old = current_cred();
609
610 retval = -EPERM;
611 if (rgid != (gid_t) -1) {
612 if (gid_eq(old->gid, krgid) ||
613 gid_eq(old->egid, krgid) ||
614 nsown_capable(CAP_SETGID))
615 new->gid = krgid;
616 else
617 goto error;
618 }
619 if (egid != (gid_t) -1) {
620 if (gid_eq(old->gid, kegid) ||
621 gid_eq(old->egid, kegid) ||
622 gid_eq(old->sgid, kegid) ||
623 nsown_capable(CAP_SETGID))
624 new->egid = kegid;
625 else
626 goto error;
627 }
628
629 if (rgid != (gid_t) -1 ||
630 (egid != (gid_t) -1 && !gid_eq(kegid, old->gid)))
631 new->sgid = new->egid;
632 new->fsgid = new->egid;
633
634 return commit_creds(new);
635
636error:
637 abort_creds(new);
638 return retval;
639}
640
641
642
643
644
645
646SYSCALL_DEFINE1(setgid, gid_t, gid)
647{
648 struct user_namespace *ns = current_user_ns();
649 const struct cred *old;
650 struct cred *new;
651 int retval;
652 kgid_t kgid;
653
654 kgid = make_kgid(ns, gid);
655 if (!gid_valid(kgid))
656 return -EINVAL;
657
658 new = prepare_creds();
659 if (!new)
660 return -ENOMEM;
661 old = current_cred();
662
663 retval = -EPERM;
664 if (nsown_capable(CAP_SETGID))
665 new->gid = new->egid = new->sgid = new->fsgid = kgid;
666 else if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->sgid))
667 new->egid = new->fsgid = kgid;
668 else
669 goto error;
670
671 return commit_creds(new);
672
673error:
674 abort_creds(new);
675 return retval;
676}
677
678
679
680
681static int set_user(struct cred *new)
682{
683 struct user_struct *new_user;
684
685 new_user = alloc_uid(new->uid);
686 if (!new_user)
687 return -EAGAIN;
688
689
690
691
692
693
694
695
696 if (atomic_read(&new_user->processes) >= rlimit(RLIMIT_NPROC) &&
697 new_user != INIT_USER)
698 current->flags |= PF_NPROC_EXCEEDED;
699 else
700 current->flags &= ~PF_NPROC_EXCEEDED;
701
702 free_uid(new->user);
703 new->user = new_user;
704 return 0;
705}
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid)
723{
724 struct user_namespace *ns = current_user_ns();
725 const struct cred *old;
726 struct cred *new;
727 int retval;
728 kuid_t kruid, keuid;
729
730 kruid = make_kuid(ns, ruid);
731 keuid = make_kuid(ns, euid);
732
733 if ((ruid != (uid_t) -1) && !uid_valid(kruid))
734 return -EINVAL;
735 if ((euid != (uid_t) -1) && !uid_valid(keuid))
736 return -EINVAL;
737
738 new = prepare_creds();
739 if (!new)
740 return -ENOMEM;
741 old = current_cred();
742
743 retval = -EPERM;
744 if (ruid != (uid_t) -1) {
745 new->uid = kruid;
746 if (!uid_eq(old->uid, kruid) &&
747 !uid_eq(old->euid, kruid) &&
748 !nsown_capable(CAP_SETUID))
749 goto error;
750 }
751
752 if (euid != (uid_t) -1) {
753 new->euid = keuid;
754 if (!uid_eq(old->uid, keuid) &&
755 !uid_eq(old->euid, keuid) &&
756 !uid_eq(old->suid, keuid) &&
757 !nsown_capable(CAP_SETUID))
758 goto error;
759 }
760
761 if (!uid_eq(new->uid, old->uid)) {
762 retval = set_user(new);
763 if (retval < 0)
764 goto error;
765 }
766 if (ruid != (uid_t) -1 ||
767 (euid != (uid_t) -1 && !uid_eq(keuid, old->uid)))
768 new->suid = new->euid;
769 new->fsuid = new->euid;
770
771 retval = security_task_fix_setuid(new, old, LSM_SETID_RE);
772 if (retval < 0)
773 goto error;
774
775 return commit_creds(new);
776
777error:
778 abort_creds(new);
779 return retval;
780}
781
782
783
784
785
786
787
788
789
790
791
792
793SYSCALL_DEFINE1(setuid, uid_t, uid)
794{
795 struct user_namespace *ns = current_user_ns();
796 const struct cred *old;
797 struct cred *new;
798 int retval;
799 kuid_t kuid;
800
801 kuid = make_kuid(ns, uid);
802 if (!uid_valid(kuid))
803 return -EINVAL;
804
805 new = prepare_creds();
806 if (!new)
807 return -ENOMEM;
808 old = current_cred();
809
810 retval = -EPERM;
811 if (nsown_capable(CAP_SETUID)) {
812 new->suid = new->uid = kuid;
813 if (!uid_eq(kuid, old->uid)) {
814 retval = set_user(new);
815 if (retval < 0)
816 goto error;
817 }
818 } else if (!uid_eq(kuid, old->uid) && !uid_eq(kuid, new->suid)) {
819 goto error;
820 }
821
822 new->fsuid = new->euid = kuid;
823
824 retval = security_task_fix_setuid(new, old, LSM_SETID_ID);
825 if (retval < 0)
826 goto error;
827
828 return commit_creds(new);
829
830error:
831 abort_creds(new);
832 return retval;
833}
834
835
836
837
838
839
840SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid)
841{
842 struct user_namespace *ns = current_user_ns();
843 const struct cred *old;
844 struct cred *new;
845 int retval;
846 kuid_t kruid, keuid, ksuid;
847
848 kruid = make_kuid(ns, ruid);
849 keuid = make_kuid(ns, euid);
850 ksuid = make_kuid(ns, suid);
851
852 if ((ruid != (uid_t) -1) && !uid_valid(kruid))
853 return -EINVAL;
854
855 if ((euid != (uid_t) -1) && !uid_valid(keuid))
856 return -EINVAL;
857
858 if ((suid != (uid_t) -1) && !uid_valid(ksuid))
859 return -EINVAL;
860
861 new = prepare_creds();
862 if (!new)
863 return -ENOMEM;
864
865 old = current_cred();
866
867 retval = -EPERM;
868 if (!nsown_capable(CAP_SETUID)) {
869 if (ruid != (uid_t) -1 && !uid_eq(kruid, old->uid) &&
870 !uid_eq(kruid, old->euid) && !uid_eq(kruid, old->suid))
871 goto error;
872 if (euid != (uid_t) -1 && !uid_eq(keuid, old->uid) &&
873 !uid_eq(keuid, old->euid) && !uid_eq(keuid, old->suid))
874 goto error;
875 if (suid != (uid_t) -1 && !uid_eq(ksuid, old->uid) &&
876 !uid_eq(ksuid, old->euid) && !uid_eq(ksuid, old->suid))
877 goto error;
878 }
879
880 if (ruid != (uid_t) -1) {
881 new->uid = kruid;
882 if (!uid_eq(kruid, old->uid)) {
883 retval = set_user(new);
884 if (retval < 0)
885 goto error;
886 }
887 }
888 if (euid != (uid_t) -1)
889 new->euid = keuid;
890 if (suid != (uid_t) -1)
891 new->suid = ksuid;
892 new->fsuid = new->euid;
893
894 retval = security_task_fix_setuid(new, old, LSM_SETID_RES);
895 if (retval < 0)
896 goto error;
897
898 return commit_creds(new);
899
900error:
901 abort_creds(new);
902 return retval;
903}
904
905SYSCALL_DEFINE3(getresuid, uid_t __user *, ruidp, uid_t __user *, euidp, uid_t __user *, suidp)
906{
907 const struct cred *cred = current_cred();
908 int retval;
909 uid_t ruid, euid, suid;
910
911 ruid = from_kuid_munged(cred->user_ns, cred->uid);
912 euid = from_kuid_munged(cred->user_ns, cred->euid);
913 suid = from_kuid_munged(cred->user_ns, cred->suid);
914
915 if (!(retval = put_user(ruid, ruidp)) &&
916 !(retval = put_user(euid, euidp)))
917 retval = put_user(suid, suidp);
918
919 return retval;
920}
921
922
923
924
925SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid)
926{
927 struct user_namespace *ns = current_user_ns();
928 const struct cred *old;
929 struct cred *new;
930 int retval;
931 kgid_t krgid, kegid, ksgid;
932
933 krgid = make_kgid(ns, rgid);
934 kegid = make_kgid(ns, egid);
935 ksgid = make_kgid(ns, sgid);
936
937 if ((rgid != (gid_t) -1) && !gid_valid(krgid))
938 return -EINVAL;
939 if ((egid != (gid_t) -1) && !gid_valid(kegid))
940 return -EINVAL;
941 if ((sgid != (gid_t) -1) && !gid_valid(ksgid))
942 return -EINVAL;
943
944 new = prepare_creds();
945 if (!new)
946 return -ENOMEM;
947 old = current_cred();
948
949 retval = -EPERM;
950 if (!nsown_capable(CAP_SETGID)) {
951 if (rgid != (gid_t) -1 && !gid_eq(krgid, old->gid) &&
952 !gid_eq(krgid, old->egid) && !gid_eq(krgid, old->sgid))
953 goto error;
954 if (egid != (gid_t) -1 && !gid_eq(kegid, old->gid) &&
955 !gid_eq(kegid, old->egid) && !gid_eq(kegid, old->sgid))
956 goto error;
957 if (sgid != (gid_t) -1 && !gid_eq(ksgid, old->gid) &&
958 !gid_eq(ksgid, old->egid) && !gid_eq(ksgid, old->sgid))
959 goto error;
960 }
961
962 if (rgid != (gid_t) -1)
963 new->gid = krgid;
964 if (egid != (gid_t) -1)
965 new->egid = kegid;
966 if (sgid != (gid_t) -1)
967 new->sgid = ksgid;
968 new->fsgid = new->egid;
969
970 return commit_creds(new);
971
972error:
973 abort_creds(new);
974 return retval;
975}
976
977SYSCALL_DEFINE3(getresgid, gid_t __user *, rgidp, gid_t __user *, egidp, gid_t __user *, sgidp)
978{
979 const struct cred *cred = current_cred();
980 int retval;
981 gid_t rgid, egid, sgid;
982
983 rgid = from_kgid_munged(cred->user_ns, cred->gid);
984 egid = from_kgid_munged(cred->user_ns, cred->egid);
985 sgid = from_kgid_munged(cred->user_ns, cred->sgid);
986
987 if (!(retval = put_user(rgid, rgidp)) &&
988 !(retval = put_user(egid, egidp)))
989 retval = put_user(sgid, sgidp);
990
991 return retval;
992}
993
994
995
996
997
998
999
1000
1001SYSCALL_DEFINE1(setfsuid, uid_t, uid)
1002{
1003 const struct cred *old;
1004 struct cred *new;
1005 uid_t old_fsuid;
1006 kuid_t kuid;
1007
1008 old = current_cred();
1009 old_fsuid = from_kuid_munged(old->user_ns, old->fsuid);
1010
1011 kuid = make_kuid(old->user_ns, uid);
1012 if (!uid_valid(kuid))
1013 return old_fsuid;
1014
1015 new = prepare_creds();
1016 if (!new)
1017 return old_fsuid;
1018
1019 if (uid_eq(kuid, old->uid) || uid_eq(kuid, old->euid) ||
1020 uid_eq(kuid, old->suid) || uid_eq(kuid, old->fsuid) ||
1021 nsown_capable(CAP_SETUID)) {
1022 if (!uid_eq(kuid, old->fsuid)) {
1023 new->fsuid = kuid;
1024 if (security_task_fix_setuid(new, old, LSM_SETID_FS) == 0)
1025 goto change_okay;
1026 }
1027 }
1028
1029 abort_creds(new);
1030 return old_fsuid;
1031
1032change_okay:
1033 commit_creds(new);
1034 return old_fsuid;
1035}
1036
1037
1038
1039
1040SYSCALL_DEFINE1(setfsgid, gid_t, gid)
1041{
1042 const struct cred *old;
1043 struct cred *new;
1044 gid_t old_fsgid;
1045 kgid_t kgid;
1046
1047 old = current_cred();
1048 old_fsgid = from_kgid_munged(old->user_ns, old->fsgid);
1049
1050 kgid = make_kgid(old->user_ns, gid);
1051 if (!gid_valid(kgid))
1052 return old_fsgid;
1053
1054 new = prepare_creds();
1055 if (!new)
1056 return old_fsgid;
1057
1058 if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->egid) ||
1059 gid_eq(kgid, old->sgid) || gid_eq(kgid, old->fsgid) ||
1060 nsown_capable(CAP_SETGID)) {
1061 if (!gid_eq(kgid, old->fsgid)) {
1062 new->fsgid = kgid;
1063 goto change_okay;
1064 }
1065 }
1066
1067 abort_creds(new);
1068 return old_fsgid;
1069
1070change_okay:
1071 commit_creds(new);
1072 return old_fsgid;
1073}
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084SYSCALL_DEFINE0(getpid)
1085{
1086 return task_tgid_vnr(current);
1087}
1088
1089
1090SYSCALL_DEFINE0(gettid)
1091{
1092 return task_pid_vnr(current);
1093}
1094
1095
1096
1097
1098
1099
1100
1101SYSCALL_DEFINE0(getppid)
1102{
1103 int pid;
1104
1105 rcu_read_lock();
1106 pid = task_tgid_vnr(rcu_dereference(current->real_parent));
1107 rcu_read_unlock();
1108
1109 return pid;
1110}
1111
1112SYSCALL_DEFINE0(getuid)
1113{
1114
1115 return from_kuid_munged(current_user_ns(), current_uid());
1116}
1117
1118SYSCALL_DEFINE0(geteuid)
1119{
1120
1121 return from_kuid_munged(current_user_ns(), current_euid());
1122}
1123
1124SYSCALL_DEFINE0(getgid)
1125{
1126
1127 return from_kgid_munged(current_user_ns(), current_gid());
1128}
1129
1130SYSCALL_DEFINE0(getegid)
1131{
1132
1133 return from_kgid_munged(current_user_ns(), current_egid());
1134}
1135
1136void do_sys_times(struct tms *tms)
1137{
1138 cputime_t tgutime, tgstime, cutime, cstime;
1139
1140 spin_lock_irq(¤t->sighand->siglock);
1141 thread_group_cputime_adjusted(current, &tgutime, &tgstime);
1142 cutime = current->signal->cutime;
1143 cstime = current->signal->cstime;
1144 spin_unlock_irq(¤t->sighand->siglock);
1145 tms->tms_utime = cputime_to_clock_t(tgutime);
1146 tms->tms_stime = cputime_to_clock_t(tgstime);
1147 tms->tms_cutime = cputime_to_clock_t(cutime);
1148 tms->tms_cstime = cputime_to_clock_t(cstime);
1149}
1150
1151SYSCALL_DEFINE1(times, struct tms __user *, tbuf)
1152{
1153 if (tbuf) {
1154 struct tms tmp;
1155
1156 do_sys_times(&tmp);
1157 if (copy_to_user(tbuf, &tmp, sizeof(struct tms)))
1158 return -EFAULT;
1159 }
1160 force_successful_syscall_return();
1161 return (long) jiffies_64_to_clock_t(get_jiffies_64());
1162}
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176SYSCALL_DEFINE2(setpgid, pid_t, pid, pid_t, pgid)
1177{
1178 struct task_struct *p;
1179 struct task_struct *group_leader = current->group_leader;
1180 struct pid *pgrp;
1181 int err;
1182
1183 if (!pid)
1184 pid = task_pid_vnr(group_leader);
1185 if (!pgid)
1186 pgid = pid;
1187 if (pgid < 0)
1188 return -EINVAL;
1189 rcu_read_lock();
1190
1191
1192
1193
1194 write_lock_irq(&tasklist_lock);
1195
1196 err = -ESRCH;
1197 p = find_task_by_vpid(pid);
1198 if (!p)
1199 goto out;
1200
1201 err = -EINVAL;
1202 if (!thread_group_leader(p))
1203 goto out;
1204
1205 if (same_thread_group(p->real_parent, group_leader)) {
1206 err = -EPERM;
1207 if (task_session(p) != task_session(group_leader))
1208 goto out;
1209 err = -EACCES;
1210 if (p->did_exec)
1211 goto out;
1212 } else {
1213 err = -ESRCH;
1214 if (p != group_leader)
1215 goto out;
1216 }
1217
1218 err = -EPERM;
1219 if (p->signal->leader)
1220 goto out;
1221
1222 pgrp = task_pid(p);
1223 if (pgid != pid) {
1224 struct task_struct *g;
1225
1226 pgrp = find_vpid(pgid);
1227 g = pid_task(pgrp, PIDTYPE_PGID);
1228 if (!g || task_session(g) != task_session(group_leader))
1229 goto out;
1230 }
1231
1232 err = security_task_setpgid(p, pgid);
1233 if (err)
1234 goto out;
1235
1236 if (task_pgrp(p) != pgrp)
1237 change_pid(p, PIDTYPE_PGID, pgrp);
1238
1239 err = 0;
1240out:
1241
1242 write_unlock_irq(&tasklist_lock);
1243 rcu_read_unlock();
1244 return err;
1245}
1246
1247SYSCALL_DEFINE1(getpgid, pid_t, pid)
1248{
1249 struct task_struct *p;
1250 struct pid *grp;
1251 int retval;
1252
1253 rcu_read_lock();
1254 if (!pid)
1255 grp = task_pgrp(current);
1256 else {
1257 retval = -ESRCH;
1258 p = find_task_by_vpid(pid);
1259 if (!p)
1260 goto out;
1261 grp = task_pgrp(p);
1262 if (!grp)
1263 goto out;
1264
1265 retval = security_task_getpgid(p);
1266 if (retval)
1267 goto out;
1268 }
1269 retval = pid_vnr(grp);
1270out:
1271 rcu_read_unlock();
1272 return retval;
1273}
1274
1275#ifdef __ARCH_WANT_SYS_GETPGRP
1276
1277SYSCALL_DEFINE0(getpgrp)
1278{
1279 return sys_getpgid(0);
1280}
1281
1282#endif
1283
1284SYSCALL_DEFINE1(getsid, pid_t, pid)
1285{
1286 struct task_struct *p;
1287 struct pid *sid;
1288 int retval;
1289
1290 rcu_read_lock();
1291 if (!pid)
1292 sid = task_session(current);
1293 else {
1294 retval = -ESRCH;
1295 p = find_task_by_vpid(pid);
1296 if (!p)
1297 goto out;
1298 sid = task_session(p);
1299 if (!sid)
1300 goto out;
1301
1302 retval = security_task_getsid(p);
1303 if (retval)
1304 goto out;
1305 }
1306 retval = pid_vnr(sid);
1307out:
1308 rcu_read_unlock();
1309 return retval;
1310}
1311
1312SYSCALL_DEFINE0(setsid)
1313{
1314 struct task_struct *group_leader = current->group_leader;
1315 struct pid *sid = task_pid(group_leader);
1316 pid_t session = pid_vnr(sid);
1317 int err = -EPERM;
1318
1319 write_lock_irq(&tasklist_lock);
1320
1321 if (group_leader->signal->leader)
1322 goto out;
1323
1324
1325
1326
1327 if (pid_task(sid, PIDTYPE_PGID))
1328 goto out;
1329
1330 group_leader->signal->leader = 1;
1331 __set_special_pids(sid);
1332
1333 proc_clear_tty(group_leader);
1334
1335 err = session;
1336out:
1337 write_unlock_irq(&tasklist_lock);
1338 if (err > 0) {
1339 proc_sid_connector(group_leader);
1340 sched_autogroup_create_attach(group_leader);
1341 }
1342 return err;
1343}
1344
1345DECLARE_RWSEM(uts_sem);
1346
1347#ifdef COMPAT_UTS_MACHINE
1348#define override_architecture(name) \
1349 (personality(current->personality) == PER_LINUX32 && \
1350 copy_to_user(name->machine, COMPAT_UTS_MACHINE, \
1351 sizeof(COMPAT_UTS_MACHINE)))
1352#else
1353#define override_architecture(name) 0
1354#endif
1355
1356
1357
1358
1359
1360static int override_release(char __user *release, size_t len)
1361{
1362 int ret = 0;
1363
1364 if (current->personality & UNAME26) {
1365 const char *rest = UTS_RELEASE;
1366 char buf[65] = { 0 };
1367 int ndots = 0;
1368 unsigned v;
1369 size_t copy;
1370
1371 while (*rest) {
1372 if (*rest == '.' && ++ndots >= 3)
1373 break;
1374 if (!isdigit(*rest) && *rest != '.')
1375 break;
1376 rest++;
1377 }
1378 v = ((LINUX_VERSION_CODE >> 8) & 0xff) + 40;
1379 copy = clamp_t(size_t, len, 1, sizeof(buf));
1380 copy = scnprintf(buf, copy, "2.6.%u%s", v, rest);
1381 ret = copy_to_user(release, buf, copy + 1);
1382 }
1383 return ret;
1384}
1385
1386SYSCALL_DEFINE1(newuname, struct new_utsname __user *, name)
1387{
1388 int errno = 0;
1389
1390 down_read(&uts_sem);
1391 if (copy_to_user(name, utsname(), sizeof *name))
1392 errno = -EFAULT;
1393 up_read(&uts_sem);
1394
1395 if (!errno && override_release(name->release, sizeof(name->release)))
1396 errno = -EFAULT;
1397 if (!errno && override_architecture(name))
1398 errno = -EFAULT;
1399 return errno;
1400}
1401
1402#ifdef __ARCH_WANT_SYS_OLD_UNAME
1403
1404
1405
1406SYSCALL_DEFINE1(uname, struct old_utsname __user *, name)
1407{
1408 int error = 0;
1409
1410 if (!name)
1411 return -EFAULT;
1412
1413 down_read(&uts_sem);
1414 if (copy_to_user(name, utsname(), sizeof(*name)))
1415 error = -EFAULT;
1416 up_read(&uts_sem);
1417
1418 if (!error && override_release(name->release, sizeof(name->release)))
1419 error = -EFAULT;
1420 if (!error && override_architecture(name))
1421 error = -EFAULT;
1422 return error;
1423}
1424
1425SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name)
1426{
1427 int error;
1428
1429 if (!name)
1430 return -EFAULT;
1431 if (!access_ok(VERIFY_WRITE, name, sizeof(struct oldold_utsname)))
1432 return -EFAULT;
1433
1434 down_read(&uts_sem);
1435 error = __copy_to_user(&name->sysname, &utsname()->sysname,
1436 __OLD_UTS_LEN);
1437 error |= __put_user(0, name->sysname + __OLD_UTS_LEN);
1438 error |= __copy_to_user(&name->nodename, &utsname()->nodename,
1439 __OLD_UTS_LEN);
1440 error |= __put_user(0, name->nodename + __OLD_UTS_LEN);
1441 error |= __copy_to_user(&name->release, &utsname()->release,
1442 __OLD_UTS_LEN);
1443 error |= __put_user(0, name->release + __OLD_UTS_LEN);
1444 error |= __copy_to_user(&name->version, &utsname()->version,
1445 __OLD_UTS_LEN);
1446 error |= __put_user(0, name->version + __OLD_UTS_LEN);
1447 error |= __copy_to_user(&name->machine, &utsname()->machine,
1448 __OLD_UTS_LEN);
1449 error |= __put_user(0, name->machine + __OLD_UTS_LEN);
1450 up_read(&uts_sem);
1451
1452 if (!error && override_architecture(name))
1453 error = -EFAULT;
1454 if (!error && override_release(name->release, sizeof(name->release)))
1455 error = -EFAULT;
1456 return error ? -EFAULT : 0;
1457}
1458#endif
1459
1460SYSCALL_DEFINE2(sethostname, char __user *, name, int, len)
1461{
1462 int errno;
1463 char tmp[__NEW_UTS_LEN];
1464
1465 if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN))
1466 return -EPERM;
1467
1468 if (len < 0 || len > __NEW_UTS_LEN)
1469 return -EINVAL;
1470 down_write(&uts_sem);
1471 errno = -EFAULT;
1472 if (!copy_from_user(tmp, name, len)) {
1473 struct new_utsname *u = utsname();
1474
1475 memcpy(u->nodename, tmp, len);
1476 memset(u->nodename + len, 0, sizeof(u->nodename) - len);
1477 errno = 0;
1478 uts_proc_notify(UTS_PROC_HOSTNAME);
1479 }
1480 up_write(&uts_sem);
1481 return errno;
1482}
1483
1484#ifdef __ARCH_WANT_SYS_GETHOSTNAME
1485
1486SYSCALL_DEFINE2(gethostname, char __user *, name, int, len)
1487{
1488 int i, errno;
1489 struct new_utsname *u;
1490
1491 if (len < 0)
1492 return -EINVAL;
1493 down_read(&uts_sem);
1494 u = utsname();
1495 i = 1 + strlen(u->nodename);
1496 if (i > len)
1497 i = len;
1498 errno = 0;
1499 if (copy_to_user(name, u->nodename, i))
1500 errno = -EFAULT;
1501 up_read(&uts_sem);
1502 return errno;
1503}
1504
1505#endif
1506
1507
1508
1509
1510
1511SYSCALL_DEFINE2(setdomainname, char __user *, name, int, len)
1512{
1513 int errno;
1514 char tmp[__NEW_UTS_LEN];
1515
1516 if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN))
1517 return -EPERM;
1518 if (len < 0 || len > __NEW_UTS_LEN)
1519 return -EINVAL;
1520
1521 down_write(&uts_sem);
1522 errno = -EFAULT;
1523 if (!copy_from_user(tmp, name, len)) {
1524 struct new_utsname *u = utsname();
1525
1526 memcpy(u->domainname, tmp, len);
1527 memset(u->domainname + len, 0, sizeof(u->domainname) - len);
1528 errno = 0;
1529 uts_proc_notify(UTS_PROC_DOMAINNAME);
1530 }
1531 up_write(&uts_sem);
1532 return errno;
1533}
1534
1535SYSCALL_DEFINE2(getrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1536{
1537 struct rlimit value;
1538 int ret;
1539
1540 ret = do_prlimit(current, resource, NULL, &value);
1541 if (!ret)
1542 ret = copy_to_user(rlim, &value, sizeof(*rlim)) ? -EFAULT : 0;
1543
1544 return ret;
1545}
1546
1547#ifdef __ARCH_WANT_SYS_OLD_GETRLIMIT
1548
1549
1550
1551
1552
1553SYSCALL_DEFINE2(old_getrlimit, unsigned int, resource,
1554 struct rlimit __user *, rlim)
1555{
1556 struct rlimit x;
1557 if (resource >= RLIM_NLIMITS)
1558 return -EINVAL;
1559
1560 task_lock(current->group_leader);
1561 x = current->signal->rlim[resource];
1562 task_unlock(current->group_leader);
1563 if (x.rlim_cur > 0x7FFFFFFF)
1564 x.rlim_cur = 0x7FFFFFFF;
1565 if (x.rlim_max > 0x7FFFFFFF)
1566 x.rlim_max = 0x7FFFFFFF;
1567 return copy_to_user(rlim, &x, sizeof(x))?-EFAULT:0;
1568}
1569
1570#endif
1571
1572static inline bool rlim64_is_infinity(__u64 rlim64)
1573{
1574#if BITS_PER_LONG < 64
1575 return rlim64 >= ULONG_MAX;
1576#else
1577 return rlim64 == RLIM64_INFINITY;
1578#endif
1579}
1580
1581static void rlim_to_rlim64(const struct rlimit *rlim, struct rlimit64 *rlim64)
1582{
1583 if (rlim->rlim_cur == RLIM_INFINITY)
1584 rlim64->rlim_cur = RLIM64_INFINITY;
1585 else
1586 rlim64->rlim_cur = rlim->rlim_cur;
1587 if (rlim->rlim_max == RLIM_INFINITY)
1588 rlim64->rlim_max = RLIM64_INFINITY;
1589 else
1590 rlim64->rlim_max = rlim->rlim_max;
1591}
1592
1593static void rlim64_to_rlim(const struct rlimit64 *rlim64, struct rlimit *rlim)
1594{
1595 if (rlim64_is_infinity(rlim64->rlim_cur))
1596 rlim->rlim_cur = RLIM_INFINITY;
1597 else
1598 rlim->rlim_cur = (unsigned long)rlim64->rlim_cur;
1599 if (rlim64_is_infinity(rlim64->rlim_max))
1600 rlim->rlim_max = RLIM_INFINITY;
1601 else
1602 rlim->rlim_max = (unsigned long)rlim64->rlim_max;
1603}
1604
1605
1606int do_prlimit(struct task_struct *tsk, unsigned int resource,
1607 struct rlimit *new_rlim, struct rlimit *old_rlim)
1608{
1609 struct rlimit *rlim;
1610 int retval = 0;
1611
1612 if (resource >= RLIM_NLIMITS)
1613 return -EINVAL;
1614 if (new_rlim) {
1615 if (new_rlim->rlim_cur > new_rlim->rlim_max)
1616 return -EINVAL;
1617 if (resource == RLIMIT_NOFILE &&
1618 new_rlim->rlim_max > sysctl_nr_open)
1619 return -EPERM;
1620 }
1621
1622
1623 read_lock(&tasklist_lock);
1624 if (!tsk->sighand) {
1625 retval = -ESRCH;
1626 goto out;
1627 }
1628
1629 rlim = tsk->signal->rlim + resource;
1630 task_lock(tsk->group_leader);
1631 if (new_rlim) {
1632
1633
1634 if (new_rlim->rlim_max > rlim->rlim_max &&
1635 !capable(CAP_SYS_RESOURCE))
1636 retval = -EPERM;
1637 if (!retval)
1638 retval = security_task_setrlimit(tsk->group_leader,
1639 resource, new_rlim);
1640 if (resource == RLIMIT_CPU && new_rlim->rlim_cur == 0) {
1641
1642
1643
1644
1645
1646
1647 new_rlim->rlim_cur = 1;
1648 }
1649 }
1650 if (!retval) {
1651 if (old_rlim)
1652 *old_rlim = *rlim;
1653 if (new_rlim)
1654 *rlim = *new_rlim;
1655 }
1656 task_unlock(tsk->group_leader);
1657
1658
1659
1660
1661
1662
1663
1664 if (!retval && new_rlim && resource == RLIMIT_CPU &&
1665 new_rlim->rlim_cur != RLIM_INFINITY)
1666 update_rlimit_cpu(tsk, new_rlim->rlim_cur);
1667out:
1668 read_unlock(&tasklist_lock);
1669 return retval;
1670}
1671
1672
1673static int check_prlimit_permission(struct task_struct *task)
1674{
1675 const struct cred *cred = current_cred(), *tcred;
1676
1677 if (current == task)
1678 return 0;
1679
1680 tcred = __task_cred(task);
1681 if (uid_eq(cred->uid, tcred->euid) &&
1682 uid_eq(cred->uid, tcred->suid) &&
1683 uid_eq(cred->uid, tcred->uid) &&
1684 gid_eq(cred->gid, tcred->egid) &&
1685 gid_eq(cred->gid, tcred->sgid) &&
1686 gid_eq(cred->gid, tcred->gid))
1687 return 0;
1688 if (ns_capable(tcred->user_ns, CAP_SYS_RESOURCE))
1689 return 0;
1690
1691 return -EPERM;
1692}
1693
1694SYSCALL_DEFINE4(prlimit64, pid_t, pid, unsigned int, resource,
1695 const struct rlimit64 __user *, new_rlim,
1696 struct rlimit64 __user *, old_rlim)
1697{
1698 struct rlimit64 old64, new64;
1699 struct rlimit old, new;
1700 struct task_struct *tsk;
1701 int ret;
1702
1703 if (new_rlim) {
1704 if (copy_from_user(&new64, new_rlim, sizeof(new64)))
1705 return -EFAULT;
1706 rlim64_to_rlim(&new64, &new);
1707 }
1708
1709 rcu_read_lock();
1710 tsk = pid ? find_task_by_vpid(pid) : current;
1711 if (!tsk) {
1712 rcu_read_unlock();
1713 return -ESRCH;
1714 }
1715 ret = check_prlimit_permission(tsk);
1716 if (ret) {
1717 rcu_read_unlock();
1718 return ret;
1719 }
1720 get_task_struct(tsk);
1721 rcu_read_unlock();
1722
1723 ret = do_prlimit(tsk, resource, new_rlim ? &new : NULL,
1724 old_rlim ? &old : NULL);
1725
1726 if (!ret && old_rlim) {
1727 rlim_to_rlim64(&old, &old64);
1728 if (copy_to_user(old_rlim, &old64, sizeof(old64)))
1729 ret = -EFAULT;
1730 }
1731
1732 put_task_struct(tsk);
1733 return ret;
1734}
1735
1736SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1737{
1738 struct rlimit new_rlim;
1739
1740 if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
1741 return -EFAULT;
1742 return do_prlimit(current, resource, &new_rlim, NULL);
1743}
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778static void accumulate_thread_rusage(struct task_struct *t, struct rusage *r)
1779{
1780 r->ru_nvcsw += t->nvcsw;
1781 r->ru_nivcsw += t->nivcsw;
1782 r->ru_minflt += t->min_flt;
1783 r->ru_majflt += t->maj_flt;
1784 r->ru_inblock += task_io_get_inblock(t);
1785 r->ru_oublock += task_io_get_oublock(t);
1786}
1787
1788static void k_getrusage(struct task_struct *p, int who, struct rusage *r)
1789{
1790 struct task_struct *t;
1791 unsigned long flags;
1792 cputime_t tgutime, tgstime, utime, stime;
1793 unsigned long maxrss = 0;
1794
1795 memset((char *) r, 0, sizeof *r);
1796 utime = stime = 0;
1797
1798 if (who == RUSAGE_THREAD) {
1799 task_cputime_adjusted(current, &utime, &stime);
1800 accumulate_thread_rusage(p, r);
1801 maxrss = p->signal->maxrss;
1802 goto out;
1803 }
1804
1805 if (!lock_task_sighand(p, &flags))
1806 return;
1807
1808 switch (who) {
1809 case RUSAGE_BOTH:
1810 case RUSAGE_CHILDREN:
1811 utime = p->signal->cutime;
1812 stime = p->signal->cstime;
1813 r->ru_nvcsw = p->signal->cnvcsw;
1814 r->ru_nivcsw = p->signal->cnivcsw;
1815 r->ru_minflt = p->signal->cmin_flt;
1816 r->ru_majflt = p->signal->cmaj_flt;
1817 r->ru_inblock = p->signal->cinblock;
1818 r->ru_oublock = p->signal->coublock;
1819 maxrss = p->signal->cmaxrss;
1820
1821 if (who == RUSAGE_CHILDREN)
1822 break;
1823
1824 case RUSAGE_SELF:
1825 thread_group_cputime_adjusted(p, &tgutime, &tgstime);
1826 utime += tgutime;
1827 stime += tgstime;
1828 r->ru_nvcsw += p->signal->nvcsw;
1829 r->ru_nivcsw += p->signal->nivcsw;
1830 r->ru_minflt += p->signal->min_flt;
1831 r->ru_majflt += p->signal->maj_flt;
1832 r->ru_inblock += p->signal->inblock;
1833 r->ru_oublock += p->signal->oublock;
1834 if (maxrss < p->signal->maxrss)
1835 maxrss = p->signal->maxrss;
1836 t = p;
1837 do {
1838 accumulate_thread_rusage(t, r);
1839 t = next_thread(t);
1840 } while (t != p);
1841 break;
1842
1843 default:
1844 BUG();
1845 }
1846 unlock_task_sighand(p, &flags);
1847
1848out:
1849 cputime_to_timeval(utime, &r->ru_utime);
1850 cputime_to_timeval(stime, &r->ru_stime);
1851
1852 if (who != RUSAGE_CHILDREN) {
1853 struct mm_struct *mm = get_task_mm(p);
1854 if (mm) {
1855 setmax_mm_hiwater_rss(&maxrss, mm);
1856 mmput(mm);
1857 }
1858 }
1859 r->ru_maxrss = maxrss * (PAGE_SIZE / 1024);
1860}
1861
1862int getrusage(struct task_struct *p, int who, struct rusage __user *ru)
1863{
1864 struct rusage r;
1865 k_getrusage(p, who, &r);
1866 return copy_to_user(ru, &r, sizeof(r)) ? -EFAULT : 0;
1867}
1868
1869SYSCALL_DEFINE2(getrusage, int, who, struct rusage __user *, ru)
1870{
1871 if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN &&
1872 who != RUSAGE_THREAD)
1873 return -EINVAL;
1874 return getrusage(current, who, ru);
1875}
1876
1877#ifdef CONFIG_COMPAT
1878COMPAT_SYSCALL_DEFINE2(getrusage, int, who, struct compat_rusage __user *, ru)
1879{
1880 struct rusage r;
1881
1882 if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN &&
1883 who != RUSAGE_THREAD)
1884 return -EINVAL;
1885
1886 k_getrusage(current, who, &r);
1887 return put_compat_rusage(&r, ru);
1888}
1889#endif
1890
1891SYSCALL_DEFINE1(umask, int, mask)
1892{
1893 mask = xchg(¤t->fs->umask, mask & S_IRWXUGO);
1894 return mask;
1895}
1896
1897static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd)
1898{
1899 struct fd exe;
1900 struct inode *inode;
1901 int err;
1902
1903 exe = fdget(fd);
1904 if (!exe.file)
1905 return -EBADF;
1906
1907 inode = file_inode(exe.file);
1908
1909
1910
1911
1912
1913
1914 err = -EACCES;
1915 if (!S_ISREG(inode->i_mode) ||
1916 exe.file->f_path.mnt->mnt_flags & MNT_NOEXEC)
1917 goto exit;
1918
1919 err = inode_permission(inode, MAY_EXEC);
1920 if (err)
1921 goto exit;
1922
1923 down_write(&mm->mmap_sem);
1924
1925
1926
1927
1928 err = -EBUSY;
1929 if (mm->exe_file) {
1930 struct vm_area_struct *vma;
1931
1932 for (vma = mm->mmap; vma; vma = vma->vm_next)
1933 if (vma->vm_file &&
1934 path_equal(&vma->vm_file->f_path,
1935 &mm->exe_file->f_path))
1936 goto exit_unlock;
1937 }
1938
1939
1940
1941
1942
1943
1944
1945 err = -EPERM;
1946 if (test_and_set_bit(MMF_EXE_FILE_CHANGED, &mm->flags))
1947 goto exit_unlock;
1948
1949 err = 0;
1950 set_mm_exe_file(mm, exe.file);
1951exit_unlock:
1952 up_write(&mm->mmap_sem);
1953
1954exit:
1955 fdput(exe);
1956 return err;
1957}
1958
1959static int prctl_set_mm(int opt, unsigned long addr,
1960 unsigned long arg4, unsigned long arg5)
1961{
1962 unsigned long rlim = rlimit(RLIMIT_DATA);
1963 struct mm_struct *mm = current->mm;
1964 struct vm_area_struct *vma;
1965 int error;
1966
1967 if (arg5 || (arg4 && opt != PR_SET_MM_AUXV))
1968 return -EINVAL;
1969
1970 if (!capable(CAP_SYS_RESOURCE))
1971 return -EPERM;
1972
1973 if (opt == PR_SET_MM_EXE_FILE)
1974 return prctl_set_mm_exe_file(mm, (unsigned int)addr);
1975
1976 if (addr >= TASK_SIZE || addr < mmap_min_addr)
1977 return -EINVAL;
1978
1979 error = -EINVAL;
1980
1981 down_read(&mm->mmap_sem);
1982 vma = find_vma(mm, addr);
1983
1984 switch (opt) {
1985 case PR_SET_MM_START_CODE:
1986 mm->start_code = addr;
1987 break;
1988 case PR_SET_MM_END_CODE:
1989 mm->end_code = addr;
1990 break;
1991 case PR_SET_MM_START_DATA:
1992 mm->start_data = addr;
1993 break;
1994 case PR_SET_MM_END_DATA:
1995 mm->end_data = addr;
1996 break;
1997
1998 case PR_SET_MM_START_BRK:
1999 if (addr <= mm->end_data)
2000 goto out;
2001
2002 if (rlim < RLIM_INFINITY &&
2003 (mm->brk - addr) +
2004 (mm->end_data - mm->start_data) > rlim)
2005 goto out;
2006
2007 mm->start_brk = addr;
2008 break;
2009
2010 case PR_SET_MM_BRK:
2011 if (addr <= mm->end_data)
2012 goto out;
2013
2014 if (rlim < RLIM_INFINITY &&
2015 (addr - mm->start_brk) +
2016 (mm->end_data - mm->start_data) > rlim)
2017 goto out;
2018
2019 mm->brk = addr;
2020 break;
2021
2022
2023
2024
2025
2026
2027
2028
2029 case PR_SET_MM_START_STACK:
2030 case PR_SET_MM_ARG_START:
2031 case PR_SET_MM_ARG_END:
2032 case PR_SET_MM_ENV_START:
2033 case PR_SET_MM_ENV_END:
2034 if (!vma) {
2035 error = -EFAULT;
2036 goto out;
2037 }
2038 if (opt == PR_SET_MM_START_STACK)
2039 mm->start_stack = addr;
2040 else if (opt == PR_SET_MM_ARG_START)
2041 mm->arg_start = addr;
2042 else if (opt == PR_SET_MM_ARG_END)
2043 mm->arg_end = addr;
2044 else if (opt == PR_SET_MM_ENV_START)
2045 mm->env_start = addr;
2046 else if (opt == PR_SET_MM_ENV_END)
2047 mm->env_end = addr;
2048 break;
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058 case PR_SET_MM_AUXV: {
2059 unsigned long user_auxv[AT_VECTOR_SIZE];
2060
2061 if (arg4 > sizeof(user_auxv))
2062 goto out;
2063 up_read(&mm->mmap_sem);
2064
2065 if (copy_from_user(user_auxv, (const void __user *)addr, arg4))
2066 return -EFAULT;
2067
2068
2069 user_auxv[AT_VECTOR_SIZE - 2] = 0;
2070 user_auxv[AT_VECTOR_SIZE - 1] = 0;
2071
2072 BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->saved_auxv));
2073
2074 task_lock(current);
2075 memcpy(mm->saved_auxv, user_auxv, arg4);
2076 task_unlock(current);
2077
2078 return 0;
2079 }
2080 default:
2081 goto out;
2082 }
2083
2084 error = 0;
2085out:
2086 up_read(&mm->mmap_sem);
2087 return error;
2088}
2089
2090#ifdef CONFIG_CHECKPOINT_RESTORE
2091static int prctl_get_tid_address(struct task_struct *me, int __user **tid_addr)
2092{
2093 return put_user(me->clear_child_tid, tid_addr);
2094}
2095#else
2096static int prctl_get_tid_address(struct task_struct *me, int __user **tid_addr)
2097{
2098 return -EINVAL;
2099}
2100#endif
2101
2102SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
2103 unsigned long, arg4, unsigned long, arg5)
2104{
2105 struct task_struct *me = current;
2106 unsigned char comm[sizeof(me->comm)];
2107 long error;
2108
2109 error = security_task_prctl(option, arg2, arg3, arg4, arg5);
2110 if (error != -ENOSYS)
2111 return error;
2112
2113 error = 0;
2114 switch (option) {
2115 case PR_SET_PDEATHSIG:
2116 if (!valid_signal(arg2)) {
2117 error = -EINVAL;
2118 break;
2119 }
2120 me->pdeath_signal = arg2;
2121 break;
2122 case PR_GET_PDEATHSIG:
2123 error = put_user(me->pdeath_signal, (int __user *)arg2);
2124 break;
2125 case PR_GET_DUMPABLE:
2126 error = get_dumpable(me->mm);
2127 break;
2128 case PR_SET_DUMPABLE:
2129 if (arg2 != SUID_DUMP_DISABLE && arg2 != SUID_DUMP_USER) {
2130 error = -EINVAL;
2131 break;
2132 }
2133 set_dumpable(me->mm, arg2);
2134 break;
2135
2136 case PR_SET_UNALIGN:
2137 error = SET_UNALIGN_CTL(me, arg2);
2138 break;
2139 case PR_GET_UNALIGN:
2140 error = GET_UNALIGN_CTL(me, arg2);
2141 break;
2142 case PR_SET_FPEMU:
2143 error = SET_FPEMU_CTL(me, arg2);
2144 break;
2145 case PR_GET_FPEMU:
2146 error = GET_FPEMU_CTL(me, arg2);
2147 break;
2148 case PR_SET_FPEXC:
2149 error = SET_FPEXC_CTL(me, arg2);
2150 break;
2151 case PR_GET_FPEXC:
2152 error = GET_FPEXC_CTL(me, arg2);
2153 break;
2154 case PR_GET_TIMING:
2155 error = PR_TIMING_STATISTICAL;
2156 break;
2157 case PR_SET_TIMING:
2158 if (arg2 != PR_TIMING_STATISTICAL)
2159 error = -EINVAL;
2160 break;
2161 case PR_SET_NAME:
2162 comm[sizeof(me->comm) - 1] = 0;
2163 if (strncpy_from_user(comm, (char __user *)arg2,
2164 sizeof(me->comm) - 1) < 0)
2165 return -EFAULT;
2166 set_task_comm(me, comm);
2167 proc_comm_connector(me);
2168 break;
2169 case PR_GET_NAME:
2170 get_task_comm(comm, me);
2171 if (copy_to_user((char __user *)arg2, comm, sizeof(comm)))
2172 return -EFAULT;
2173 break;
2174 case PR_GET_ENDIAN:
2175 error = GET_ENDIAN(me, arg2);
2176 break;
2177 case PR_SET_ENDIAN:
2178 error = SET_ENDIAN(me, arg2);
2179 break;
2180 case PR_GET_SECCOMP:
2181 error = prctl_get_seccomp();
2182 break;
2183 case PR_SET_SECCOMP:
2184 error = prctl_set_seccomp(arg2, (char __user *)arg3);
2185 break;
2186 case PR_GET_TSC:
2187 error = GET_TSC_CTL(arg2);
2188 break;
2189 case PR_SET_TSC:
2190 error = SET_TSC_CTL(arg2);
2191 break;
2192 case PR_TASK_PERF_EVENTS_DISABLE:
2193 error = perf_event_task_disable();
2194 break;
2195 case PR_TASK_PERF_EVENTS_ENABLE:
2196 error = perf_event_task_enable();
2197 break;
2198 case PR_GET_TIMERSLACK:
2199 error = current->timer_slack_ns;
2200 break;
2201 case PR_SET_TIMERSLACK:
2202 if (arg2 <= 0)
2203 current->timer_slack_ns =
2204 current->default_timer_slack_ns;
2205 else
2206 current->timer_slack_ns = arg2;
2207 break;
2208 case PR_MCE_KILL:
2209 if (arg4 | arg5)
2210 return -EINVAL;
2211 switch (arg2) {
2212 case PR_MCE_KILL_CLEAR:
2213 if (arg3 != 0)
2214 return -EINVAL;
2215 current->flags &= ~PF_MCE_PROCESS;
2216 break;
2217 case PR_MCE_KILL_SET:
2218 current->flags |= PF_MCE_PROCESS;
2219 if (arg3 == PR_MCE_KILL_EARLY)
2220 current->flags |= PF_MCE_EARLY;
2221 else if (arg3 == PR_MCE_KILL_LATE)
2222 current->flags &= ~PF_MCE_EARLY;
2223 else if (arg3 == PR_MCE_KILL_DEFAULT)
2224 current->flags &=
2225 ~(PF_MCE_EARLY|PF_MCE_PROCESS);
2226 else
2227 return -EINVAL;
2228 break;
2229 default:
2230 return -EINVAL;
2231 }
2232 break;
2233 case PR_MCE_KILL_GET:
2234 if (arg2 | arg3 | arg4 | arg5)
2235 return -EINVAL;
2236 if (current->flags & PF_MCE_PROCESS)
2237 error = (current->flags & PF_MCE_EARLY) ?
2238 PR_MCE_KILL_EARLY : PR_MCE_KILL_LATE;
2239 else
2240 error = PR_MCE_KILL_DEFAULT;
2241 break;
2242 case PR_SET_MM:
2243 error = prctl_set_mm(arg2, arg3, arg4, arg5);
2244 break;
2245 case PR_GET_TID_ADDRESS:
2246 error = prctl_get_tid_address(me, (int __user **)arg2);
2247 break;
2248 case PR_SET_CHILD_SUBREAPER:
2249 me->signal->is_child_subreaper = !!arg2;
2250 break;
2251 case PR_GET_CHILD_SUBREAPER:
2252 error = put_user(me->signal->is_child_subreaper,
2253 (int __user *)arg2);
2254 break;
2255 case PR_SET_NO_NEW_PRIVS:
2256 if (arg2 != 1 || arg3 || arg4 || arg5)
2257 return -EINVAL;
2258
2259 current->no_new_privs = 1;
2260 break;
2261 case PR_GET_NO_NEW_PRIVS:
2262 if (arg2 || arg3 || arg4 || arg5)
2263 return -EINVAL;
2264 return current->no_new_privs ? 1 : 0;
2265 default:
2266 error = -EINVAL;
2267 break;
2268 }
2269 return error;
2270}
2271
2272SYSCALL_DEFINE3(getcpu, unsigned __user *, cpup, unsigned __user *, nodep,
2273 struct getcpu_cache __user *, unused)
2274{
2275 int err = 0;
2276 int cpu = raw_smp_processor_id();
2277 if (cpup)
2278 err |= put_user(cpu, cpup);
2279 if (nodep)
2280 err |= put_user(cpu_to_node(cpu), nodep);
2281 return err ? -EFAULT : 0;
2282}
2283
2284char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff";
2285
2286static int __orderly_poweroff(bool force)
2287{
2288 char **argv;
2289 static char *envp[] = {
2290 "HOME=/",
2291 "PATH=/sbin:/bin:/usr/sbin:/usr/bin",
2292 NULL
2293 };
2294 int ret;
2295
2296 argv = argv_split(GFP_KERNEL, poweroff_cmd, NULL);
2297 if (argv) {
2298 ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);
2299 argv_free(argv);
2300 } else {
2301 printk(KERN_WARNING "%s failed to allocate memory for \"%s\"\n",
2302 __func__, poweroff_cmd);
2303 ret = -ENOMEM;
2304 }
2305
2306 if (ret && force) {
2307 printk(KERN_WARNING "Failed to start orderly shutdown: "
2308 "forcing the issue\n");
2309
2310
2311
2312
2313
2314 emergency_sync();
2315 kernel_power_off();
2316 }
2317
2318 return ret;
2319}
2320
2321static bool poweroff_force;
2322
2323static void poweroff_work_func(struct work_struct *work)
2324{
2325 __orderly_poweroff(poweroff_force);
2326}
2327
2328static DECLARE_WORK(poweroff_work, poweroff_work_func);
2329
2330
2331
2332
2333
2334
2335
2336
2337int orderly_poweroff(bool force)
2338{
2339 if (force)
2340 poweroff_force = true;
2341 schedule_work(&poweroff_work);
2342 return 0;
2343}
2344EXPORT_SYMBOL_GPL(orderly_poweroff);
2345
2346
2347
2348
2349
2350static int do_sysinfo(struct sysinfo *info)
2351{
2352 unsigned long mem_total, sav_total;
2353 unsigned int mem_unit, bitcount;
2354 struct timespec tp;
2355
2356 memset(info, 0, sizeof(struct sysinfo));
2357
2358 ktime_get_ts(&tp);
2359 monotonic_to_bootbased(&tp);
2360 info->uptime = tp.tv_sec + (tp.tv_nsec ? 1 : 0);
2361
2362 get_avenrun(info->loads, 0, SI_LOAD_SHIFT - FSHIFT);
2363
2364 info->procs = nr_threads;
2365
2366 si_meminfo(info);
2367 si_swapinfo(info);
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378 mem_total = info->totalram + info->totalswap;
2379 if (mem_total < info->totalram || mem_total < info->totalswap)
2380 goto out;
2381 bitcount = 0;
2382 mem_unit = info->mem_unit;
2383 while (mem_unit > 1) {
2384 bitcount++;
2385 mem_unit >>= 1;
2386 sav_total = mem_total;
2387 mem_total <<= 1;
2388 if (mem_total < sav_total)
2389 goto out;
2390 }
2391
2392
2393
2394
2395
2396
2397
2398
2399 info->mem_unit = 1;
2400 info->totalram <<= bitcount;
2401 info->freeram <<= bitcount;
2402 info->sharedram <<= bitcount;
2403 info->bufferram <<= bitcount;
2404 info->totalswap <<= bitcount;
2405 info->freeswap <<= bitcount;
2406 info->totalhigh <<= bitcount;
2407 info->freehigh <<= bitcount;
2408
2409out:
2410 return 0;
2411}
2412
2413SYSCALL_DEFINE1(sysinfo, struct sysinfo __user *, info)
2414{
2415 struct sysinfo val;
2416
2417 do_sysinfo(&val);
2418
2419 if (copy_to_user(info, &val, sizeof(struct sysinfo)))
2420 return -EFAULT;
2421
2422 return 0;
2423}
2424
2425#ifdef CONFIG_COMPAT
2426struct compat_sysinfo {
2427 s32 uptime;
2428 u32 loads[3];
2429 u32 totalram;
2430 u32 freeram;
2431 u32 sharedram;
2432 u32 bufferram;
2433 u32 totalswap;
2434 u32 freeswap;
2435 u16 procs;
2436 u16 pad;
2437 u32 totalhigh;
2438 u32 freehigh;
2439 u32 mem_unit;
2440 char _f[20-2*sizeof(u32)-sizeof(int)];
2441};
2442
2443COMPAT_SYSCALL_DEFINE1(sysinfo, struct compat_sysinfo __user *, info)
2444{
2445 struct sysinfo s;
2446
2447 do_sysinfo(&s);
2448
2449
2450
2451
2452 if ((s.totalram >> 32) || (s.totalswap >> 32)) {
2453 int bitcount = 0;
2454
2455 while (s.mem_unit < PAGE_SIZE) {
2456 s.mem_unit <<= 1;
2457 bitcount++;
2458 }
2459
2460 s.totalram >>= bitcount;
2461 s.freeram >>= bitcount;
2462 s.sharedram >>= bitcount;
2463 s.bufferram >>= bitcount;
2464 s.totalswap >>= bitcount;
2465 s.freeswap >>= bitcount;
2466 s.totalhigh >>= bitcount;
2467 s.freehigh >>= bitcount;
2468 }
2469
2470 if (!access_ok(VERIFY_WRITE, info, sizeof(struct compat_sysinfo)) ||
2471 __put_user(s.uptime, &info->uptime) ||
2472 __put_user(s.loads[0], &info->loads[0]) ||
2473 __put_user(s.loads[1], &info->loads[1]) ||
2474 __put_user(s.loads[2], &info->loads[2]) ||
2475 __put_user(s.totalram, &info->totalram) ||
2476 __put_user(s.freeram, &info->freeram) ||
2477 __put_user(s.sharedram, &info->sharedram) ||
2478 __put_user(s.bufferram, &info->bufferram) ||
2479 __put_user(s.totalswap, &info->totalswap) ||
2480 __put_user(s.freeswap, &info->freeswap) ||
2481 __put_user(s.procs, &info->procs) ||
2482 __put_user(s.totalhigh, &info->totalhigh) ||
2483 __put_user(s.freehigh, &info->freehigh) ||
2484 __put_user(s.mem_unit, &info->mem_unit))
2485 return -EFAULT;
2486
2487 return 0;
2488}
2489#endif
2490