1
2
3
4
5
6
7#include <linux/export.h>
8#include <linux/mm.h>
9#include <linux/utsname.h>
10#include <linux/mman.h>
11#include <linux/reboot.h>
12#include <linux/prctl.h>
13#include <linux/highuid.h>
14#include <linux/fs.h>
15#include <linux/kmod.h>
16#include <linux/perf_event.h>
17#include <linux/resource.h>
18#include <linux/kernel.h>
19#include <linux/kexec.h>
20#include <linux/workqueue.h>
21#include <linux/capability.h>
22#include <linux/device.h>
23#include <linux/key.h>
24#include <linux/times.h>
25#include <linux/posix-timers.h>
26#include <linux/security.h>
27#include <linux/dcookies.h>
28#include <linux/suspend.h>
29#include <linux/tty.h>
30#include <linux/signal.h>
31#include <linux/cn_proc.h>
32#include <linux/getcpu.h>
33#include <linux/task_io_accounting_ops.h>
34#include <linux/seccomp.h>
35#include <linux/cpu.h>
36#include <linux/personality.h>
37#include <linux/ptrace.h>
38#include <linux/fs_struct.h>
39#include <linux/file.h>
40#include <linux/mount.h>
41#include <linux/gfp.h>
42#include <linux/syscore_ops.h>
43#include <linux/version.h>
44#include <linux/ctype.h>
45
46#include <linux/compat.h>
47#include <linux/syscalls.h>
48#include <linux/kprobes.h>
49#include <linux/user_namespace.h>
50#include <linux/binfmts.h>
51
52#include <linux/sched.h>
53#include <linux/rcupdate.h>
54#include <linux/uidgid.h>
55#include <linux/cred.h>
56
57#include <linux/kmsg_dump.h>
58
59#include <generated/utsrelease.h>
60
61#include <asm/uaccess.h>
62#include <asm/io.h>
63#include <asm/unistd.h>
64
65#ifndef SET_UNALIGN_CTL
66# define SET_UNALIGN_CTL(a,b) (-EINVAL)
67#endif
68#ifndef GET_UNALIGN_CTL
69# define GET_UNALIGN_CTL(a,b) (-EINVAL)
70#endif
71#ifndef SET_FPEMU_CTL
72# define SET_FPEMU_CTL(a,b) (-EINVAL)
73#endif
74#ifndef GET_FPEMU_CTL
75# define GET_FPEMU_CTL(a,b) (-EINVAL)
76#endif
77#ifndef SET_FPEXC_CTL
78# define SET_FPEXC_CTL(a,b) (-EINVAL)
79#endif
80#ifndef GET_FPEXC_CTL
81# define GET_FPEXC_CTL(a,b) (-EINVAL)
82#endif
83#ifndef GET_ENDIAN
84# define GET_ENDIAN(a,b) (-EINVAL)
85#endif
86#ifndef SET_ENDIAN
87# define SET_ENDIAN(a,b) (-EINVAL)
88#endif
89#ifndef GET_TSC_CTL
90# define GET_TSC_CTL(a) (-EINVAL)
91#endif
92#ifndef SET_TSC_CTL
93# define SET_TSC_CTL(a) (-EINVAL)
94#endif
95
96
97
98
99
100
101int overflowuid = DEFAULT_OVERFLOWUID;
102int overflowgid = DEFAULT_OVERFLOWGID;
103
104EXPORT_SYMBOL(overflowuid);
105EXPORT_SYMBOL(overflowgid);
106
107
108
109
110
111
112int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
113int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
114
115EXPORT_SYMBOL(fs_overflowuid);
116EXPORT_SYMBOL(fs_overflowgid);
117
118
119
120
121
122
123
124static bool set_one_prio_perm(struct task_struct *p)
125{
126 const struct cred *cred = current_cred(), *pcred = __task_cred(p);
127
128 if (uid_eq(pcred->uid, cred->euid) ||
129 uid_eq(pcred->euid, cred->euid))
130 return true;
131 if (ns_capable(pcred->user_ns, CAP_SYS_NICE))
132 return true;
133 return false;
134}
135
136
137
138
139
140static int set_one_prio(struct task_struct *p, int niceval, int error)
141{
142 int no_nice;
143
144 if (!set_one_prio_perm(p)) {
145 error = -EPERM;
146 goto out;
147 }
148 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
149 error = -EACCES;
150 goto out;
151 }
152 no_nice = security_task_setnice(p, niceval);
153 if (no_nice) {
154 error = no_nice;
155 goto out;
156 }
157 if (error == -ESRCH)
158 error = 0;
159 set_user_nice(p, niceval);
160out:
161 return error;
162}
163
164SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
165{
166 struct task_struct *g, *p;
167 struct user_struct *user;
168 const struct cred *cred = current_cred();
169 int error = -EINVAL;
170 struct pid *pgrp;
171 kuid_t uid;
172
173 if (which > PRIO_USER || which < PRIO_PROCESS)
174 goto out;
175
176
177 error = -ESRCH;
178 if (niceval < -20)
179 niceval = -20;
180 if (niceval > 19)
181 niceval = 19;
182
183 rcu_read_lock();
184 read_lock(&tasklist_lock);
185 switch (which) {
186 case PRIO_PROCESS:
187 if (who)
188 p = find_task_by_vpid(who);
189 else
190 p = current;
191 if (p)
192 error = set_one_prio(p, niceval, error);
193 break;
194 case PRIO_PGRP:
195 if (who)
196 pgrp = find_vpid(who);
197 else
198 pgrp = task_pgrp(current);
199 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
200 error = set_one_prio(p, niceval, error);
201 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
202 break;
203 case PRIO_USER:
204 uid = make_kuid(cred->user_ns, who);
205 user = cred->user;
206 if (!who)
207 uid = cred->uid;
208 else if (!uid_eq(uid, cred->uid) &&
209 !(user = find_user(uid)))
210 goto out_unlock;
211
212 do_each_thread(g, p) {
213 if (uid_eq(task_uid(p), uid))
214 error = set_one_prio(p, niceval, error);
215 } while_each_thread(g, p);
216 if (!uid_eq(uid, cred->uid))
217 free_uid(user);
218 break;
219 }
220out_unlock:
221 read_unlock(&tasklist_lock);
222 rcu_read_unlock();
223out:
224 return error;
225}
226
227
228
229
230
231
232
233SYSCALL_DEFINE2(getpriority, int, which, int, who)
234{
235 struct task_struct *g, *p;
236 struct user_struct *user;
237 const struct cred *cred = current_cred();
238 long niceval, retval = -ESRCH;
239 struct pid *pgrp;
240 kuid_t uid;
241
242 if (which > PRIO_USER || which < PRIO_PROCESS)
243 return -EINVAL;
244
245 rcu_read_lock();
246 read_lock(&tasklist_lock);
247 switch (which) {
248 case PRIO_PROCESS:
249 if (who)
250 p = find_task_by_vpid(who);
251 else
252 p = current;
253 if (p) {
254 niceval = 20 - task_nice(p);
255 if (niceval > retval)
256 retval = niceval;
257 }
258 break;
259 case PRIO_PGRP:
260 if (who)
261 pgrp = find_vpid(who);
262 else
263 pgrp = task_pgrp(current);
264 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
265 niceval = 20 - task_nice(p);
266 if (niceval > retval)
267 retval = niceval;
268 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
269 break;
270 case PRIO_USER:
271 uid = make_kuid(cred->user_ns, who);
272 user = cred->user;
273 if (!who)
274 uid = cred->uid;
275 else if (!uid_eq(uid, cred->uid) &&
276 !(user = find_user(uid)))
277 goto out_unlock;
278
279 do_each_thread(g, p) {
280 if (uid_eq(task_uid(p), uid)) {
281 niceval = 20 - task_nice(p);
282 if (niceval > retval)
283 retval = niceval;
284 }
285 } while_each_thread(g, p);
286 if (!uid_eq(uid, cred->uid))
287 free_uid(user);
288 break;
289 }
290out_unlock:
291 read_unlock(&tasklist_lock);
292 rcu_read_unlock();
293
294 return retval;
295}
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid)
316{
317 struct user_namespace *ns = current_user_ns();
318 const struct cred *old;
319 struct cred *new;
320 int retval;
321 kgid_t krgid, kegid;
322
323 krgid = make_kgid(ns, rgid);
324 kegid = make_kgid(ns, egid);
325
326 if ((rgid != (gid_t) -1) && !gid_valid(krgid))
327 return -EINVAL;
328 if ((egid != (gid_t) -1) && !gid_valid(kegid))
329 return -EINVAL;
330
331 new = prepare_creds();
332 if (!new)
333 return -ENOMEM;
334 old = current_cred();
335
336 retval = -EPERM;
337 if (rgid != (gid_t) -1) {
338 if (gid_eq(old->gid, krgid) ||
339 gid_eq(old->egid, krgid) ||
340 ns_capable(old->user_ns, CAP_SETGID))
341 new->gid = krgid;
342 else
343 goto error;
344 }
345 if (egid != (gid_t) -1) {
346 if (gid_eq(old->gid, kegid) ||
347 gid_eq(old->egid, kegid) ||
348 gid_eq(old->sgid, kegid) ||
349 ns_capable(old->user_ns, CAP_SETGID))
350 new->egid = kegid;
351 else
352 goto error;
353 }
354
355 if (rgid != (gid_t) -1 ||
356 (egid != (gid_t) -1 && !gid_eq(kegid, old->gid)))
357 new->sgid = new->egid;
358 new->fsgid = new->egid;
359
360 return commit_creds(new);
361
362error:
363 abort_creds(new);
364 return retval;
365}
366
367
368
369
370
371
372SYSCALL_DEFINE1(setgid, gid_t, gid)
373{
374 struct user_namespace *ns = current_user_ns();
375 const struct cred *old;
376 struct cred *new;
377 int retval;
378 kgid_t kgid;
379
380 kgid = make_kgid(ns, gid);
381 if (!gid_valid(kgid))
382 return -EINVAL;
383
384 new = prepare_creds();
385 if (!new)
386 return -ENOMEM;
387 old = current_cred();
388
389 retval = -EPERM;
390 if (ns_capable(old->user_ns, CAP_SETGID))
391 new->gid = new->egid = new->sgid = new->fsgid = kgid;
392 else if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->sgid))
393 new->egid = new->fsgid = kgid;
394 else
395 goto error;
396
397 return commit_creds(new);
398
399error:
400 abort_creds(new);
401 return retval;
402}
403
404
405
406
407static int set_user(struct cred *new)
408{
409 struct user_struct *new_user;
410
411 new_user = alloc_uid(new->uid);
412 if (!new_user)
413 return -EAGAIN;
414
415
416
417
418
419
420
421
422 if (atomic_read(&new_user->processes) >= rlimit(RLIMIT_NPROC) &&
423 new_user != INIT_USER)
424 current->flags |= PF_NPROC_EXCEEDED;
425 else
426 current->flags &= ~PF_NPROC_EXCEEDED;
427
428 free_uid(new->user);
429 new->user = new_user;
430 return 0;
431}
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid)
449{
450 struct user_namespace *ns = current_user_ns();
451 const struct cred *old;
452 struct cred *new;
453 int retval;
454 kuid_t kruid, keuid;
455
456 kruid = make_kuid(ns, ruid);
457 keuid = make_kuid(ns, euid);
458
459 if ((ruid != (uid_t) -1) && !uid_valid(kruid))
460 return -EINVAL;
461 if ((euid != (uid_t) -1) && !uid_valid(keuid))
462 return -EINVAL;
463
464 new = prepare_creds();
465 if (!new)
466 return -ENOMEM;
467 old = current_cred();
468
469 retval = -EPERM;
470 if (ruid != (uid_t) -1) {
471 new->uid = kruid;
472 if (!uid_eq(old->uid, kruid) &&
473 !uid_eq(old->euid, kruid) &&
474 !ns_capable(old->user_ns, CAP_SETUID))
475 goto error;
476 }
477
478 if (euid != (uid_t) -1) {
479 new->euid = keuid;
480 if (!uid_eq(old->uid, keuid) &&
481 !uid_eq(old->euid, keuid) &&
482 !uid_eq(old->suid, keuid) &&
483 !ns_capable(old->user_ns, CAP_SETUID))
484 goto error;
485 }
486
487 if (!uid_eq(new->uid, old->uid)) {
488 retval = set_user(new);
489 if (retval < 0)
490 goto error;
491 }
492 if (ruid != (uid_t) -1 ||
493 (euid != (uid_t) -1 && !uid_eq(keuid, old->uid)))
494 new->suid = new->euid;
495 new->fsuid = new->euid;
496
497 retval = security_task_fix_setuid(new, old, LSM_SETID_RE);
498 if (retval < 0)
499 goto error;
500
501 return commit_creds(new);
502
503error:
504 abort_creds(new);
505 return retval;
506}
507
508
509
510
511
512
513
514
515
516
517
518
519SYSCALL_DEFINE1(setuid, uid_t, uid)
520{
521 struct user_namespace *ns = current_user_ns();
522 const struct cred *old;
523 struct cred *new;
524 int retval;
525 kuid_t kuid;
526
527 kuid = make_kuid(ns, uid);
528 if (!uid_valid(kuid))
529 return -EINVAL;
530
531 new = prepare_creds();
532 if (!new)
533 return -ENOMEM;
534 old = current_cred();
535
536 retval = -EPERM;
537 if (ns_capable(old->user_ns, CAP_SETUID)) {
538 new->suid = new->uid = kuid;
539 if (!uid_eq(kuid, old->uid)) {
540 retval = set_user(new);
541 if (retval < 0)
542 goto error;
543 }
544 } else if (!uid_eq(kuid, old->uid) && !uid_eq(kuid, new->suid)) {
545 goto error;
546 }
547
548 new->fsuid = new->euid = kuid;
549
550 retval = security_task_fix_setuid(new, old, LSM_SETID_ID);
551 if (retval < 0)
552 goto error;
553
554 return commit_creds(new);
555
556error:
557 abort_creds(new);
558 return retval;
559}
560
561
562
563
564
565
566SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid)
567{
568 struct user_namespace *ns = current_user_ns();
569 const struct cred *old;
570 struct cred *new;
571 int retval;
572 kuid_t kruid, keuid, ksuid;
573
574 kruid = make_kuid(ns, ruid);
575 keuid = make_kuid(ns, euid);
576 ksuid = make_kuid(ns, suid);
577
578 if ((ruid != (uid_t) -1) && !uid_valid(kruid))
579 return -EINVAL;
580
581 if ((euid != (uid_t) -1) && !uid_valid(keuid))
582 return -EINVAL;
583
584 if ((suid != (uid_t) -1) && !uid_valid(ksuid))
585 return -EINVAL;
586
587 new = prepare_creds();
588 if (!new)
589 return -ENOMEM;
590
591 old = current_cred();
592
593 retval = -EPERM;
594 if (!ns_capable(old->user_ns, CAP_SETUID)) {
595 if (ruid != (uid_t) -1 && !uid_eq(kruid, old->uid) &&
596 !uid_eq(kruid, old->euid) && !uid_eq(kruid, old->suid))
597 goto error;
598 if (euid != (uid_t) -1 && !uid_eq(keuid, old->uid) &&
599 !uid_eq(keuid, old->euid) && !uid_eq(keuid, old->suid))
600 goto error;
601 if (suid != (uid_t) -1 && !uid_eq(ksuid, old->uid) &&
602 !uid_eq(ksuid, old->euid) && !uid_eq(ksuid, old->suid))
603 goto error;
604 }
605
606 if (ruid != (uid_t) -1) {
607 new->uid = kruid;
608 if (!uid_eq(kruid, old->uid)) {
609 retval = set_user(new);
610 if (retval < 0)
611 goto error;
612 }
613 }
614 if (euid != (uid_t) -1)
615 new->euid = keuid;
616 if (suid != (uid_t) -1)
617 new->suid = ksuid;
618 new->fsuid = new->euid;
619
620 retval = security_task_fix_setuid(new, old, LSM_SETID_RES);
621 if (retval < 0)
622 goto error;
623
624 return commit_creds(new);
625
626error:
627 abort_creds(new);
628 return retval;
629}
630
631SYSCALL_DEFINE3(getresuid, uid_t __user *, ruidp, uid_t __user *, euidp, uid_t __user *, suidp)
632{
633 const struct cred *cred = current_cred();
634 int retval;
635 uid_t ruid, euid, suid;
636
637 ruid = from_kuid_munged(cred->user_ns, cred->uid);
638 euid = from_kuid_munged(cred->user_ns, cred->euid);
639 suid = from_kuid_munged(cred->user_ns, cred->suid);
640
641 if (!(retval = put_user(ruid, ruidp)) &&
642 !(retval = put_user(euid, euidp)))
643 retval = put_user(suid, suidp);
644
645 return retval;
646}
647
648
649
650
651SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid)
652{
653 struct user_namespace *ns = current_user_ns();
654 const struct cred *old;
655 struct cred *new;
656 int retval;
657 kgid_t krgid, kegid, ksgid;
658
659 krgid = make_kgid(ns, rgid);
660 kegid = make_kgid(ns, egid);
661 ksgid = make_kgid(ns, sgid);
662
663 if ((rgid != (gid_t) -1) && !gid_valid(krgid))
664 return -EINVAL;
665 if ((egid != (gid_t) -1) && !gid_valid(kegid))
666 return -EINVAL;
667 if ((sgid != (gid_t) -1) && !gid_valid(ksgid))
668 return -EINVAL;
669
670 new = prepare_creds();
671 if (!new)
672 return -ENOMEM;
673 old = current_cred();
674
675 retval = -EPERM;
676 if (!ns_capable(old->user_ns, CAP_SETGID)) {
677 if (rgid != (gid_t) -1 && !gid_eq(krgid, old->gid) &&
678 !gid_eq(krgid, old->egid) && !gid_eq(krgid, old->sgid))
679 goto error;
680 if (egid != (gid_t) -1 && !gid_eq(kegid, old->gid) &&
681 !gid_eq(kegid, old->egid) && !gid_eq(kegid, old->sgid))
682 goto error;
683 if (sgid != (gid_t) -1 && !gid_eq(ksgid, old->gid) &&
684 !gid_eq(ksgid, old->egid) && !gid_eq(ksgid, old->sgid))
685 goto error;
686 }
687
688 if (rgid != (gid_t) -1)
689 new->gid = krgid;
690 if (egid != (gid_t) -1)
691 new->egid = kegid;
692 if (sgid != (gid_t) -1)
693 new->sgid = ksgid;
694 new->fsgid = new->egid;
695
696 return commit_creds(new);
697
698error:
699 abort_creds(new);
700 return retval;
701}
702
703SYSCALL_DEFINE3(getresgid, gid_t __user *, rgidp, gid_t __user *, egidp, gid_t __user *, sgidp)
704{
705 const struct cred *cred = current_cred();
706 int retval;
707 gid_t rgid, egid, sgid;
708
709 rgid = from_kgid_munged(cred->user_ns, cred->gid);
710 egid = from_kgid_munged(cred->user_ns, cred->egid);
711 sgid = from_kgid_munged(cred->user_ns, cred->sgid);
712
713 if (!(retval = put_user(rgid, rgidp)) &&
714 !(retval = put_user(egid, egidp)))
715 retval = put_user(sgid, sgidp);
716
717 return retval;
718}
719
720
721
722
723
724
725
726
727SYSCALL_DEFINE1(setfsuid, uid_t, uid)
728{
729 const struct cred *old;
730 struct cred *new;
731 uid_t old_fsuid;
732 kuid_t kuid;
733
734 old = current_cred();
735 old_fsuid = from_kuid_munged(old->user_ns, old->fsuid);
736
737 kuid = make_kuid(old->user_ns, uid);
738 if (!uid_valid(kuid))
739 return old_fsuid;
740
741 new = prepare_creds();
742 if (!new)
743 return old_fsuid;
744
745 if (uid_eq(kuid, old->uid) || uid_eq(kuid, old->euid) ||
746 uid_eq(kuid, old->suid) || uid_eq(kuid, old->fsuid) ||
747 ns_capable(old->user_ns, CAP_SETUID)) {
748 if (!uid_eq(kuid, old->fsuid)) {
749 new->fsuid = kuid;
750 if (security_task_fix_setuid(new, old, LSM_SETID_FS) == 0)
751 goto change_okay;
752 }
753 }
754
755 abort_creds(new);
756 return old_fsuid;
757
758change_okay:
759 commit_creds(new);
760 return old_fsuid;
761}
762
763
764
765
766SYSCALL_DEFINE1(setfsgid, gid_t, gid)
767{
768 const struct cred *old;
769 struct cred *new;
770 gid_t old_fsgid;
771 kgid_t kgid;
772
773 old = current_cred();
774 old_fsgid = from_kgid_munged(old->user_ns, old->fsgid);
775
776 kgid = make_kgid(old->user_ns, gid);
777 if (!gid_valid(kgid))
778 return old_fsgid;
779
780 new = prepare_creds();
781 if (!new)
782 return old_fsgid;
783
784 if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->egid) ||
785 gid_eq(kgid, old->sgid) || gid_eq(kgid, old->fsgid) ||
786 ns_capable(old->user_ns, CAP_SETGID)) {
787 if (!gid_eq(kgid, old->fsgid)) {
788 new->fsgid = kgid;
789 goto change_okay;
790 }
791 }
792
793 abort_creds(new);
794 return old_fsgid;
795
796change_okay:
797 commit_creds(new);
798 return old_fsgid;
799}
800
801
802
803
804
805
806
807
808
809
810SYSCALL_DEFINE0(getpid)
811{
812 return task_tgid_vnr(current);
813}
814
815
816SYSCALL_DEFINE0(gettid)
817{
818 return task_pid_vnr(current);
819}
820
821
822
823
824
825
826
827SYSCALL_DEFINE0(getppid)
828{
829 int pid;
830
831 rcu_read_lock();
832 pid = task_tgid_vnr(rcu_dereference(current->real_parent));
833 rcu_read_unlock();
834
835 return pid;
836}
837
838SYSCALL_DEFINE0(getuid)
839{
840
841 return from_kuid_munged(current_user_ns(), current_uid());
842}
843
844SYSCALL_DEFINE0(geteuid)
845{
846
847 return from_kuid_munged(current_user_ns(), current_euid());
848}
849
850SYSCALL_DEFINE0(getgid)
851{
852
853 return from_kgid_munged(current_user_ns(), current_gid());
854}
855
856SYSCALL_DEFINE0(getegid)
857{
858
859 return from_kgid_munged(current_user_ns(), current_egid());
860}
861
862void do_sys_times(struct tms *tms)
863{
864 cputime_t tgutime, tgstime, cutime, cstime;
865
866 spin_lock_irq(¤t->sighand->siglock);
867 thread_group_cputime_adjusted(current, &tgutime, &tgstime);
868 cutime = current->signal->cutime;
869 cstime = current->signal->cstime;
870 spin_unlock_irq(¤t->sighand->siglock);
871 tms->tms_utime = cputime_to_clock_t(tgutime);
872 tms->tms_stime = cputime_to_clock_t(tgstime);
873 tms->tms_cutime = cputime_to_clock_t(cutime);
874 tms->tms_cstime = cputime_to_clock_t(cstime);
875}
876
877SYSCALL_DEFINE1(times, struct tms __user *, tbuf)
878{
879 if (tbuf) {
880 struct tms tmp;
881
882 do_sys_times(&tmp);
883 if (copy_to_user(tbuf, &tmp, sizeof(struct tms)))
884 return -EFAULT;
885 }
886 force_successful_syscall_return();
887 return (long) jiffies_64_to_clock_t(get_jiffies_64());
888}
889
890
891
892
893
894
895
896
897
898
899
900
901
902SYSCALL_DEFINE2(setpgid, pid_t, pid, pid_t, pgid)
903{
904 struct task_struct *p;
905 struct task_struct *group_leader = current->group_leader;
906 struct pid *pgrp;
907 int err;
908
909 if (!pid)
910 pid = task_pid_vnr(group_leader);
911 if (!pgid)
912 pgid = pid;
913 if (pgid < 0)
914 return -EINVAL;
915 rcu_read_lock();
916
917
918
919
920 write_lock_irq(&tasklist_lock);
921
922 err = -ESRCH;
923 p = find_task_by_vpid(pid);
924 if (!p)
925 goto out;
926
927 err = -EINVAL;
928 if (!thread_group_leader(p))
929 goto out;
930
931 if (same_thread_group(p->real_parent, group_leader)) {
932 err = -EPERM;
933 if (task_session(p) != task_session(group_leader))
934 goto out;
935 err = -EACCES;
936 if (p->did_exec)
937 goto out;
938 } else {
939 err = -ESRCH;
940 if (p != group_leader)
941 goto out;
942 }
943
944 err = -EPERM;
945 if (p->signal->leader)
946 goto out;
947
948 pgrp = task_pid(p);
949 if (pgid != pid) {
950 struct task_struct *g;
951
952 pgrp = find_vpid(pgid);
953 g = pid_task(pgrp, PIDTYPE_PGID);
954 if (!g || task_session(g) != task_session(group_leader))
955 goto out;
956 }
957
958 err = security_task_setpgid(p, pgid);
959 if (err)
960 goto out;
961
962 if (task_pgrp(p) != pgrp)
963 change_pid(p, PIDTYPE_PGID, pgrp);
964
965 err = 0;
966out:
967
968 write_unlock_irq(&tasklist_lock);
969 rcu_read_unlock();
970 return err;
971}
972
973SYSCALL_DEFINE1(getpgid, pid_t, pid)
974{
975 struct task_struct *p;
976 struct pid *grp;
977 int retval;
978
979 rcu_read_lock();
980 if (!pid)
981 grp = task_pgrp(current);
982 else {
983 retval = -ESRCH;
984 p = find_task_by_vpid(pid);
985 if (!p)
986 goto out;
987 grp = task_pgrp(p);
988 if (!grp)
989 goto out;
990
991 retval = security_task_getpgid(p);
992 if (retval)
993 goto out;
994 }
995 retval = pid_vnr(grp);
996out:
997 rcu_read_unlock();
998 return retval;
999}
1000
1001#ifdef __ARCH_WANT_SYS_GETPGRP
1002
1003SYSCALL_DEFINE0(getpgrp)
1004{
1005 return sys_getpgid(0);
1006}
1007
1008#endif
1009
1010SYSCALL_DEFINE1(getsid, pid_t, pid)
1011{
1012 struct task_struct *p;
1013 struct pid *sid;
1014 int retval;
1015
1016 rcu_read_lock();
1017 if (!pid)
1018 sid = task_session(current);
1019 else {
1020 retval = -ESRCH;
1021 p = find_task_by_vpid(pid);
1022 if (!p)
1023 goto out;
1024 sid = task_session(p);
1025 if (!sid)
1026 goto out;
1027
1028 retval = security_task_getsid(p);
1029 if (retval)
1030 goto out;
1031 }
1032 retval = pid_vnr(sid);
1033out:
1034 rcu_read_unlock();
1035 return retval;
1036}
1037
1038static void set_special_pids(struct pid *pid)
1039{
1040 struct task_struct *curr = current->group_leader;
1041
1042 if (task_session(curr) != pid)
1043 change_pid(curr, PIDTYPE_SID, pid);
1044
1045 if (task_pgrp(curr) != pid)
1046 change_pid(curr, PIDTYPE_PGID, pid);
1047}
1048
1049SYSCALL_DEFINE0(setsid)
1050{
1051 struct task_struct *group_leader = current->group_leader;
1052 struct pid *sid = task_pid(group_leader);
1053 pid_t session = pid_vnr(sid);
1054 int err = -EPERM;
1055
1056 write_lock_irq(&tasklist_lock);
1057
1058 if (group_leader->signal->leader)
1059 goto out;
1060
1061
1062
1063
1064 if (pid_task(sid, PIDTYPE_PGID))
1065 goto out;
1066
1067 group_leader->signal->leader = 1;
1068 set_special_pids(sid);
1069
1070 proc_clear_tty(group_leader);
1071
1072 err = session;
1073out:
1074 write_unlock_irq(&tasklist_lock);
1075 if (err > 0) {
1076 proc_sid_connector(group_leader);
1077 sched_autogroup_create_attach(group_leader);
1078 }
1079 return err;
1080}
1081
1082DECLARE_RWSEM(uts_sem);
1083
1084#ifdef COMPAT_UTS_MACHINE
1085#define override_architecture(name) \
1086 (personality(current->personality) == PER_LINUX32 && \
1087 copy_to_user(name->machine, COMPAT_UTS_MACHINE, \
1088 sizeof(COMPAT_UTS_MACHINE)))
1089#else
1090#define override_architecture(name) 0
1091#endif
1092
1093
1094
1095
1096
1097static int override_release(char __user *release, size_t len)
1098{
1099 int ret = 0;
1100
1101 if (current->personality & UNAME26) {
1102 const char *rest = UTS_RELEASE;
1103 char buf[65] = { 0 };
1104 int ndots = 0;
1105 unsigned v;
1106 size_t copy;
1107
1108 while (*rest) {
1109 if (*rest == '.' && ++ndots >= 3)
1110 break;
1111 if (!isdigit(*rest) && *rest != '.')
1112 break;
1113 rest++;
1114 }
1115 v = ((LINUX_VERSION_CODE >> 8) & 0xff) + 40;
1116 copy = clamp_t(size_t, len, 1, sizeof(buf));
1117 copy = scnprintf(buf, copy, "2.6.%u%s", v, rest);
1118 ret = copy_to_user(release, buf, copy + 1);
1119 }
1120 return ret;
1121}
1122
1123SYSCALL_DEFINE1(newuname, struct new_utsname __user *, name)
1124{
1125 int errno = 0;
1126
1127 down_read(&uts_sem);
1128 if (copy_to_user(name, utsname(), sizeof *name))
1129 errno = -EFAULT;
1130 up_read(&uts_sem);
1131
1132 if (!errno && override_release(name->release, sizeof(name->release)))
1133 errno = -EFAULT;
1134 if (!errno && override_architecture(name))
1135 errno = -EFAULT;
1136 return errno;
1137}
1138
1139#ifdef __ARCH_WANT_SYS_OLD_UNAME
1140
1141
1142
1143SYSCALL_DEFINE1(uname, struct old_utsname __user *, name)
1144{
1145 int error = 0;
1146
1147 if (!name)
1148 return -EFAULT;
1149
1150 down_read(&uts_sem);
1151 if (copy_to_user(name, utsname(), sizeof(*name)))
1152 error = -EFAULT;
1153 up_read(&uts_sem);
1154
1155 if (!error && override_release(name->release, sizeof(name->release)))
1156 error = -EFAULT;
1157 if (!error && override_architecture(name))
1158 error = -EFAULT;
1159 return error;
1160}
1161
1162SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name)
1163{
1164 int error;
1165
1166 if (!name)
1167 return -EFAULT;
1168 if (!access_ok(VERIFY_WRITE, name, sizeof(struct oldold_utsname)))
1169 return -EFAULT;
1170
1171 down_read(&uts_sem);
1172 error = __copy_to_user(&name->sysname, &utsname()->sysname,
1173 __OLD_UTS_LEN);
1174 error |= __put_user(0, name->sysname + __OLD_UTS_LEN);
1175 error |= __copy_to_user(&name->nodename, &utsname()->nodename,
1176 __OLD_UTS_LEN);
1177 error |= __put_user(0, name->nodename + __OLD_UTS_LEN);
1178 error |= __copy_to_user(&name->release, &utsname()->release,
1179 __OLD_UTS_LEN);
1180 error |= __put_user(0, name->release + __OLD_UTS_LEN);
1181 error |= __copy_to_user(&name->version, &utsname()->version,
1182 __OLD_UTS_LEN);
1183 error |= __put_user(0, name->version + __OLD_UTS_LEN);
1184 error |= __copy_to_user(&name->machine, &utsname()->machine,
1185 __OLD_UTS_LEN);
1186 error |= __put_user(0, name->machine + __OLD_UTS_LEN);
1187 up_read(&uts_sem);
1188
1189 if (!error && override_architecture(name))
1190 error = -EFAULT;
1191 if (!error && override_release(name->release, sizeof(name->release)))
1192 error = -EFAULT;
1193 return error ? -EFAULT : 0;
1194}
1195#endif
1196
1197SYSCALL_DEFINE2(sethostname, char __user *, name, int, len)
1198{
1199 int errno;
1200 char tmp[__NEW_UTS_LEN];
1201
1202 if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN))
1203 return -EPERM;
1204
1205 if (len < 0 || len > __NEW_UTS_LEN)
1206 return -EINVAL;
1207 down_write(&uts_sem);
1208 errno = -EFAULT;
1209 if (!copy_from_user(tmp, name, len)) {
1210 struct new_utsname *u = utsname();
1211
1212 memcpy(u->nodename, tmp, len);
1213 memset(u->nodename + len, 0, sizeof(u->nodename) - len);
1214 errno = 0;
1215 uts_proc_notify(UTS_PROC_HOSTNAME);
1216 }
1217 up_write(&uts_sem);
1218 return errno;
1219}
1220
1221#ifdef __ARCH_WANT_SYS_GETHOSTNAME
1222
1223SYSCALL_DEFINE2(gethostname, char __user *, name, int, len)
1224{
1225 int i, errno;
1226 struct new_utsname *u;
1227
1228 if (len < 0)
1229 return -EINVAL;
1230 down_read(&uts_sem);
1231 u = utsname();
1232 i = 1 + strlen(u->nodename);
1233 if (i > len)
1234 i = len;
1235 errno = 0;
1236 if (copy_to_user(name, u->nodename, i))
1237 errno = -EFAULT;
1238 up_read(&uts_sem);
1239 return errno;
1240}
1241
1242#endif
1243
1244
1245
1246
1247
1248SYSCALL_DEFINE2(setdomainname, char __user *, name, int, len)
1249{
1250 int errno;
1251 char tmp[__NEW_UTS_LEN];
1252
1253 if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN))
1254 return -EPERM;
1255 if (len < 0 || len > __NEW_UTS_LEN)
1256 return -EINVAL;
1257
1258 down_write(&uts_sem);
1259 errno = -EFAULT;
1260 if (!copy_from_user(tmp, name, len)) {
1261 struct new_utsname *u = utsname();
1262
1263 memcpy(u->domainname, tmp, len);
1264 memset(u->domainname + len, 0, sizeof(u->domainname) - len);
1265 errno = 0;
1266 uts_proc_notify(UTS_PROC_DOMAINNAME);
1267 }
1268 up_write(&uts_sem);
1269 return errno;
1270}
1271
1272SYSCALL_DEFINE2(getrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1273{
1274 struct rlimit value;
1275 int ret;
1276
1277 ret = do_prlimit(current, resource, NULL, &value);
1278 if (!ret)
1279 ret = copy_to_user(rlim, &value, sizeof(*rlim)) ? -EFAULT : 0;
1280
1281 return ret;
1282}
1283
1284#ifdef __ARCH_WANT_SYS_OLD_GETRLIMIT
1285
1286
1287
1288
1289
1290SYSCALL_DEFINE2(old_getrlimit, unsigned int, resource,
1291 struct rlimit __user *, rlim)
1292{
1293 struct rlimit x;
1294 if (resource >= RLIM_NLIMITS)
1295 return -EINVAL;
1296
1297 task_lock(current->group_leader);
1298 x = current->signal->rlim[resource];
1299 task_unlock(current->group_leader);
1300 if (x.rlim_cur > 0x7FFFFFFF)
1301 x.rlim_cur = 0x7FFFFFFF;
1302 if (x.rlim_max > 0x7FFFFFFF)
1303 x.rlim_max = 0x7FFFFFFF;
1304 return copy_to_user(rlim, &x, sizeof(x))?-EFAULT:0;
1305}
1306
1307#endif
1308
1309static inline bool rlim64_is_infinity(__u64 rlim64)
1310{
1311#if BITS_PER_LONG < 64
1312 return rlim64 >= ULONG_MAX;
1313#else
1314 return rlim64 == RLIM64_INFINITY;
1315#endif
1316}
1317
1318static void rlim_to_rlim64(const struct rlimit *rlim, struct rlimit64 *rlim64)
1319{
1320 if (rlim->rlim_cur == RLIM_INFINITY)
1321 rlim64->rlim_cur = RLIM64_INFINITY;
1322 else
1323 rlim64->rlim_cur = rlim->rlim_cur;
1324 if (rlim->rlim_max == RLIM_INFINITY)
1325 rlim64->rlim_max = RLIM64_INFINITY;
1326 else
1327 rlim64->rlim_max = rlim->rlim_max;
1328}
1329
1330static void rlim64_to_rlim(const struct rlimit64 *rlim64, struct rlimit *rlim)
1331{
1332 if (rlim64_is_infinity(rlim64->rlim_cur))
1333 rlim->rlim_cur = RLIM_INFINITY;
1334 else
1335 rlim->rlim_cur = (unsigned long)rlim64->rlim_cur;
1336 if (rlim64_is_infinity(rlim64->rlim_max))
1337 rlim->rlim_max = RLIM_INFINITY;
1338 else
1339 rlim->rlim_max = (unsigned long)rlim64->rlim_max;
1340}
1341
1342
1343int do_prlimit(struct task_struct *tsk, unsigned int resource,
1344 struct rlimit *new_rlim, struct rlimit *old_rlim)
1345{
1346 struct rlimit *rlim;
1347 int retval = 0;
1348
1349 if (resource >= RLIM_NLIMITS)
1350 return -EINVAL;
1351 if (new_rlim) {
1352 if (new_rlim->rlim_cur > new_rlim->rlim_max)
1353 return -EINVAL;
1354 if (resource == RLIMIT_NOFILE &&
1355 new_rlim->rlim_max > sysctl_nr_open)
1356 return -EPERM;
1357 }
1358
1359
1360 read_lock(&tasklist_lock);
1361 if (!tsk->sighand) {
1362 retval = -ESRCH;
1363 goto out;
1364 }
1365
1366 rlim = tsk->signal->rlim + resource;
1367 task_lock(tsk->group_leader);
1368 if (new_rlim) {
1369
1370
1371 if (new_rlim->rlim_max > rlim->rlim_max &&
1372 !capable(CAP_SYS_RESOURCE))
1373 retval = -EPERM;
1374 if (!retval)
1375 retval = security_task_setrlimit(tsk->group_leader,
1376 resource, new_rlim);
1377 if (resource == RLIMIT_CPU && new_rlim->rlim_cur == 0) {
1378
1379
1380
1381
1382
1383
1384 new_rlim->rlim_cur = 1;
1385 }
1386 }
1387 if (!retval) {
1388 if (old_rlim)
1389 *old_rlim = *rlim;
1390 if (new_rlim)
1391 *rlim = *new_rlim;
1392 }
1393 task_unlock(tsk->group_leader);
1394
1395
1396
1397
1398
1399
1400
1401 if (!retval && new_rlim && resource == RLIMIT_CPU &&
1402 new_rlim->rlim_cur != RLIM_INFINITY)
1403 update_rlimit_cpu(tsk, new_rlim->rlim_cur);
1404out:
1405 read_unlock(&tasklist_lock);
1406 return retval;
1407}
1408
1409
1410static int check_prlimit_permission(struct task_struct *task)
1411{
1412 const struct cred *cred = current_cred(), *tcred;
1413
1414 if (current == task)
1415 return 0;
1416
1417 tcred = __task_cred(task);
1418 if (uid_eq(cred->uid, tcred->euid) &&
1419 uid_eq(cred->uid, tcred->suid) &&
1420 uid_eq(cred->uid, tcred->uid) &&
1421 gid_eq(cred->gid, tcred->egid) &&
1422 gid_eq(cred->gid, tcred->sgid) &&
1423 gid_eq(cred->gid, tcred->gid))
1424 return 0;
1425 if (ns_capable(tcred->user_ns, CAP_SYS_RESOURCE))
1426 return 0;
1427
1428 return -EPERM;
1429}
1430
1431SYSCALL_DEFINE4(prlimit64, pid_t, pid, unsigned int, resource,
1432 const struct rlimit64 __user *, new_rlim,
1433 struct rlimit64 __user *, old_rlim)
1434{
1435 struct rlimit64 old64, new64;
1436 struct rlimit old, new;
1437 struct task_struct *tsk;
1438 int ret;
1439
1440 if (new_rlim) {
1441 if (copy_from_user(&new64, new_rlim, sizeof(new64)))
1442 return -EFAULT;
1443 rlim64_to_rlim(&new64, &new);
1444 }
1445
1446 rcu_read_lock();
1447 tsk = pid ? find_task_by_vpid(pid) : current;
1448 if (!tsk) {
1449 rcu_read_unlock();
1450 return -ESRCH;
1451 }
1452 ret = check_prlimit_permission(tsk);
1453 if (ret) {
1454 rcu_read_unlock();
1455 return ret;
1456 }
1457 get_task_struct(tsk);
1458 rcu_read_unlock();
1459
1460 ret = do_prlimit(tsk, resource, new_rlim ? &new : NULL,
1461 old_rlim ? &old : NULL);
1462
1463 if (!ret && old_rlim) {
1464 rlim_to_rlim64(&old, &old64);
1465 if (copy_to_user(old_rlim, &old64, sizeof(old64)))
1466 ret = -EFAULT;
1467 }
1468
1469 put_task_struct(tsk);
1470 return ret;
1471}
1472
1473SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1474{
1475 struct rlimit new_rlim;
1476
1477 if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
1478 return -EFAULT;
1479 return do_prlimit(current, resource, &new_rlim, NULL);
1480}
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515static void accumulate_thread_rusage(struct task_struct *t, struct rusage *r)
1516{
1517 r->ru_nvcsw += t->nvcsw;
1518 r->ru_nivcsw += t->nivcsw;
1519 r->ru_minflt += t->min_flt;
1520 r->ru_majflt += t->maj_flt;
1521 r->ru_inblock += task_io_get_inblock(t);
1522 r->ru_oublock += task_io_get_oublock(t);
1523}
1524
1525static void k_getrusage(struct task_struct *p, int who, struct rusage *r)
1526{
1527 struct task_struct *t;
1528 unsigned long flags;
1529 cputime_t tgutime, tgstime, utime, stime;
1530 unsigned long maxrss = 0;
1531
1532 memset((char *) r, 0, sizeof *r);
1533 utime = stime = 0;
1534
1535 if (who == RUSAGE_THREAD) {
1536 task_cputime_adjusted(current, &utime, &stime);
1537 accumulate_thread_rusage(p, r);
1538 maxrss = p->signal->maxrss;
1539 goto out;
1540 }
1541
1542 if (!lock_task_sighand(p, &flags))
1543 return;
1544
1545 switch (who) {
1546 case RUSAGE_BOTH:
1547 case RUSAGE_CHILDREN:
1548 utime = p->signal->cutime;
1549 stime = p->signal->cstime;
1550 r->ru_nvcsw = p->signal->cnvcsw;
1551 r->ru_nivcsw = p->signal->cnivcsw;
1552 r->ru_minflt = p->signal->cmin_flt;
1553 r->ru_majflt = p->signal->cmaj_flt;
1554 r->ru_inblock = p->signal->cinblock;
1555 r->ru_oublock = p->signal->coublock;
1556 maxrss = p->signal->cmaxrss;
1557
1558 if (who == RUSAGE_CHILDREN)
1559 break;
1560
1561 case RUSAGE_SELF:
1562 thread_group_cputime_adjusted(p, &tgutime, &tgstime);
1563 utime += tgutime;
1564 stime += tgstime;
1565 r->ru_nvcsw += p->signal->nvcsw;
1566 r->ru_nivcsw += p->signal->nivcsw;
1567 r->ru_minflt += p->signal->min_flt;
1568 r->ru_majflt += p->signal->maj_flt;
1569 r->ru_inblock += p->signal->inblock;
1570 r->ru_oublock += p->signal->oublock;
1571 if (maxrss < p->signal->maxrss)
1572 maxrss = p->signal->maxrss;
1573 t = p;
1574 do {
1575 accumulate_thread_rusage(t, r);
1576 t = next_thread(t);
1577 } while (t != p);
1578 break;
1579
1580 default:
1581 BUG();
1582 }
1583 unlock_task_sighand(p, &flags);
1584
1585out:
1586 cputime_to_timeval(utime, &r->ru_utime);
1587 cputime_to_timeval(stime, &r->ru_stime);
1588
1589 if (who != RUSAGE_CHILDREN) {
1590 struct mm_struct *mm = get_task_mm(p);
1591 if (mm) {
1592 setmax_mm_hiwater_rss(&maxrss, mm);
1593 mmput(mm);
1594 }
1595 }
1596 r->ru_maxrss = maxrss * (PAGE_SIZE / 1024);
1597}
1598
1599int getrusage(struct task_struct *p, int who, struct rusage __user *ru)
1600{
1601 struct rusage r;
1602 k_getrusage(p, who, &r);
1603 return copy_to_user(ru, &r, sizeof(r)) ? -EFAULT : 0;
1604}
1605
1606SYSCALL_DEFINE2(getrusage, int, who, struct rusage __user *, ru)
1607{
1608 if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN &&
1609 who != RUSAGE_THREAD)
1610 return -EINVAL;
1611 return getrusage(current, who, ru);
1612}
1613
1614#ifdef CONFIG_COMPAT
1615COMPAT_SYSCALL_DEFINE2(getrusage, int, who, struct compat_rusage __user *, ru)
1616{
1617 struct rusage r;
1618
1619 if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN &&
1620 who != RUSAGE_THREAD)
1621 return -EINVAL;
1622
1623 k_getrusage(current, who, &r);
1624 return put_compat_rusage(&r, ru);
1625}
1626#endif
1627
1628SYSCALL_DEFINE1(umask, int, mask)
1629{
1630 mask = xchg(¤t->fs->umask, mask & S_IRWXUGO);
1631 return mask;
1632}
1633
1634static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd)
1635{
1636 struct fd exe;
1637 struct inode *inode;
1638 int err;
1639
1640 exe = fdget(fd);
1641 if (!exe.file)
1642 return -EBADF;
1643
1644 inode = file_inode(exe.file);
1645
1646
1647
1648
1649
1650
1651 err = -EACCES;
1652 if (!S_ISREG(inode->i_mode) ||
1653 exe.file->f_path.mnt->mnt_flags & MNT_NOEXEC)
1654 goto exit;
1655
1656 err = inode_permission(inode, MAY_EXEC);
1657 if (err)
1658 goto exit;
1659
1660 down_write(&mm->mmap_sem);
1661
1662
1663
1664
1665 err = -EBUSY;
1666 if (mm->exe_file) {
1667 struct vm_area_struct *vma;
1668
1669 for (vma = mm->mmap; vma; vma = vma->vm_next)
1670 if (vma->vm_file &&
1671 path_equal(&vma->vm_file->f_path,
1672 &mm->exe_file->f_path))
1673 goto exit_unlock;
1674 }
1675
1676
1677
1678
1679
1680
1681
1682 err = -EPERM;
1683 if (test_and_set_bit(MMF_EXE_FILE_CHANGED, &mm->flags))
1684 goto exit_unlock;
1685
1686 err = 0;
1687 set_mm_exe_file(mm, exe.file);
1688exit_unlock:
1689 up_write(&mm->mmap_sem);
1690
1691exit:
1692 fdput(exe);
1693 return err;
1694}
1695
1696static int prctl_set_mm(int opt, unsigned long addr,
1697 unsigned long arg4, unsigned long arg5)
1698{
1699 unsigned long rlim = rlimit(RLIMIT_DATA);
1700 struct mm_struct *mm = current->mm;
1701 struct vm_area_struct *vma;
1702 int error;
1703
1704 if (arg5 || (arg4 && opt != PR_SET_MM_AUXV))
1705 return -EINVAL;
1706
1707 if (!capable(CAP_SYS_RESOURCE))
1708 return -EPERM;
1709
1710 if (opt == PR_SET_MM_EXE_FILE)
1711 return prctl_set_mm_exe_file(mm, (unsigned int)addr);
1712
1713 if (addr >= TASK_SIZE || addr < mmap_min_addr)
1714 return -EINVAL;
1715
1716 error = -EINVAL;
1717
1718 down_read(&mm->mmap_sem);
1719 vma = find_vma(mm, addr);
1720
1721 switch (opt) {
1722 case PR_SET_MM_START_CODE:
1723 mm->start_code = addr;
1724 break;
1725 case PR_SET_MM_END_CODE:
1726 mm->end_code = addr;
1727 break;
1728 case PR_SET_MM_START_DATA:
1729 mm->start_data = addr;
1730 break;
1731 case PR_SET_MM_END_DATA:
1732 mm->end_data = addr;
1733 break;
1734
1735 case PR_SET_MM_START_BRK:
1736 if (addr <= mm->end_data)
1737 goto out;
1738
1739 if (rlim < RLIM_INFINITY &&
1740 (mm->brk - addr) +
1741 (mm->end_data - mm->start_data) > rlim)
1742 goto out;
1743
1744 mm->start_brk = addr;
1745 break;
1746
1747 case PR_SET_MM_BRK:
1748 if (addr <= mm->end_data)
1749 goto out;
1750
1751 if (rlim < RLIM_INFINITY &&
1752 (addr - mm->start_brk) +
1753 (mm->end_data - mm->start_data) > rlim)
1754 goto out;
1755
1756 mm->brk = addr;
1757 break;
1758
1759
1760
1761
1762
1763
1764
1765
1766 case PR_SET_MM_START_STACK:
1767 case PR_SET_MM_ARG_START:
1768 case PR_SET_MM_ARG_END:
1769 case PR_SET_MM_ENV_START:
1770 case PR_SET_MM_ENV_END:
1771 if (!vma) {
1772 error = -EFAULT;
1773 goto out;
1774 }
1775 if (opt == PR_SET_MM_START_STACK)
1776 mm->start_stack = addr;
1777 else if (opt == PR_SET_MM_ARG_START)
1778 mm->arg_start = addr;
1779 else if (opt == PR_SET_MM_ARG_END)
1780 mm->arg_end = addr;
1781 else if (opt == PR_SET_MM_ENV_START)
1782 mm->env_start = addr;
1783 else if (opt == PR_SET_MM_ENV_END)
1784 mm->env_end = addr;
1785 break;
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795 case PR_SET_MM_AUXV: {
1796 unsigned long user_auxv[AT_VECTOR_SIZE];
1797
1798 if (arg4 > sizeof(user_auxv))
1799 goto out;
1800 up_read(&mm->mmap_sem);
1801
1802 if (copy_from_user(user_auxv, (const void __user *)addr, arg4))
1803 return -EFAULT;
1804
1805
1806 user_auxv[AT_VECTOR_SIZE - 2] = 0;
1807 user_auxv[AT_VECTOR_SIZE - 1] = 0;
1808
1809 BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->saved_auxv));
1810
1811 task_lock(current);
1812 memcpy(mm->saved_auxv, user_auxv, arg4);
1813 task_unlock(current);
1814
1815 return 0;
1816 }
1817 default:
1818 goto out;
1819 }
1820
1821 error = 0;
1822out:
1823 up_read(&mm->mmap_sem);
1824 return error;
1825}
1826
1827#ifdef CONFIG_CHECKPOINT_RESTORE
1828static int prctl_get_tid_address(struct task_struct *me, int __user **tid_addr)
1829{
1830 return put_user(me->clear_child_tid, tid_addr);
1831}
1832#else
1833static int prctl_get_tid_address(struct task_struct *me, int __user **tid_addr)
1834{
1835 return -EINVAL;
1836}
1837#endif
1838
1839SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
1840 unsigned long, arg4, unsigned long, arg5)
1841{
1842 struct task_struct *me = current;
1843 unsigned char comm[sizeof(me->comm)];
1844 long error;
1845
1846 error = security_task_prctl(option, arg2, arg3, arg4, arg5);
1847 if (error != -ENOSYS)
1848 return error;
1849
1850 error = 0;
1851 switch (option) {
1852 case PR_SET_PDEATHSIG:
1853 if (!valid_signal(arg2)) {
1854 error = -EINVAL;
1855 break;
1856 }
1857 me->pdeath_signal = arg2;
1858 break;
1859 case PR_GET_PDEATHSIG:
1860 error = put_user(me->pdeath_signal, (int __user *)arg2);
1861 break;
1862 case PR_GET_DUMPABLE:
1863 error = get_dumpable(me->mm);
1864 break;
1865 case PR_SET_DUMPABLE:
1866 if (arg2 != SUID_DUMP_DISABLE && arg2 != SUID_DUMP_USER) {
1867 error = -EINVAL;
1868 break;
1869 }
1870 set_dumpable(me->mm, arg2);
1871 break;
1872
1873 case PR_SET_UNALIGN:
1874 error = SET_UNALIGN_CTL(me, arg2);
1875 break;
1876 case PR_GET_UNALIGN:
1877 error = GET_UNALIGN_CTL(me, arg2);
1878 break;
1879 case PR_SET_FPEMU:
1880 error = SET_FPEMU_CTL(me, arg2);
1881 break;
1882 case PR_GET_FPEMU:
1883 error = GET_FPEMU_CTL(me, arg2);
1884 break;
1885 case PR_SET_FPEXC:
1886 error = SET_FPEXC_CTL(me, arg2);
1887 break;
1888 case PR_GET_FPEXC:
1889 error = GET_FPEXC_CTL(me, arg2);
1890 break;
1891 case PR_GET_TIMING:
1892 error = PR_TIMING_STATISTICAL;
1893 break;
1894 case PR_SET_TIMING:
1895 if (arg2 != PR_TIMING_STATISTICAL)
1896 error = -EINVAL;
1897 break;
1898 case PR_SET_NAME:
1899 comm[sizeof(me->comm) - 1] = 0;
1900 if (strncpy_from_user(comm, (char __user *)arg2,
1901 sizeof(me->comm) - 1) < 0)
1902 return -EFAULT;
1903 set_task_comm(me, comm);
1904 proc_comm_connector(me);
1905 break;
1906 case PR_GET_NAME:
1907 get_task_comm(comm, me);
1908 if (copy_to_user((char __user *)arg2, comm, sizeof(comm)))
1909 return -EFAULT;
1910 break;
1911 case PR_GET_ENDIAN:
1912 error = GET_ENDIAN(me, arg2);
1913 break;
1914 case PR_SET_ENDIAN:
1915 error = SET_ENDIAN(me, arg2);
1916 break;
1917 case PR_GET_SECCOMP:
1918 error = prctl_get_seccomp();
1919 break;
1920 case PR_SET_SECCOMP:
1921 error = prctl_set_seccomp(arg2, (char __user *)arg3);
1922 break;
1923 case PR_GET_TSC:
1924 error = GET_TSC_CTL(arg2);
1925 break;
1926 case PR_SET_TSC:
1927 error = SET_TSC_CTL(arg2);
1928 break;
1929 case PR_TASK_PERF_EVENTS_DISABLE:
1930 error = perf_event_task_disable();
1931 break;
1932 case PR_TASK_PERF_EVENTS_ENABLE:
1933 error = perf_event_task_enable();
1934 break;
1935 case PR_GET_TIMERSLACK:
1936 error = current->timer_slack_ns;
1937 break;
1938 case PR_SET_TIMERSLACK:
1939 if (arg2 <= 0)
1940 current->timer_slack_ns =
1941 current->default_timer_slack_ns;
1942 else
1943 current->timer_slack_ns = arg2;
1944 break;
1945 case PR_MCE_KILL:
1946 if (arg4 | arg5)
1947 return -EINVAL;
1948 switch (arg2) {
1949 case PR_MCE_KILL_CLEAR:
1950 if (arg3 != 0)
1951 return -EINVAL;
1952 current->flags &= ~PF_MCE_PROCESS;
1953 break;
1954 case PR_MCE_KILL_SET:
1955 current->flags |= PF_MCE_PROCESS;
1956 if (arg3 == PR_MCE_KILL_EARLY)
1957 current->flags |= PF_MCE_EARLY;
1958 else if (arg3 == PR_MCE_KILL_LATE)
1959 current->flags &= ~PF_MCE_EARLY;
1960 else if (arg3 == PR_MCE_KILL_DEFAULT)
1961 current->flags &=
1962 ~(PF_MCE_EARLY|PF_MCE_PROCESS);
1963 else
1964 return -EINVAL;
1965 break;
1966 default:
1967 return -EINVAL;
1968 }
1969 break;
1970 case PR_MCE_KILL_GET:
1971 if (arg2 | arg3 | arg4 | arg5)
1972 return -EINVAL;
1973 if (current->flags & PF_MCE_PROCESS)
1974 error = (current->flags & PF_MCE_EARLY) ?
1975 PR_MCE_KILL_EARLY : PR_MCE_KILL_LATE;
1976 else
1977 error = PR_MCE_KILL_DEFAULT;
1978 break;
1979 case PR_SET_MM:
1980 error = prctl_set_mm(arg2, arg3, arg4, arg5);
1981 break;
1982 case PR_GET_TID_ADDRESS:
1983 error = prctl_get_tid_address(me, (int __user **)arg2);
1984 break;
1985 case PR_SET_CHILD_SUBREAPER:
1986 me->signal->is_child_subreaper = !!arg2;
1987 break;
1988 case PR_GET_CHILD_SUBREAPER:
1989 error = put_user(me->signal->is_child_subreaper,
1990 (int __user *)arg2);
1991 break;
1992 case PR_SET_NO_NEW_PRIVS:
1993 if (arg2 != 1 || arg3 || arg4 || arg5)
1994 return -EINVAL;
1995
1996 current->no_new_privs = 1;
1997 break;
1998 case PR_GET_NO_NEW_PRIVS:
1999 if (arg2 || arg3 || arg4 || arg5)
2000 return -EINVAL;
2001 return current->no_new_privs ? 1 : 0;
2002 default:
2003 error = -EINVAL;
2004 break;
2005 }
2006 return error;
2007}
2008
2009SYSCALL_DEFINE3(getcpu, unsigned __user *, cpup, unsigned __user *, nodep,
2010 struct getcpu_cache __user *, unused)
2011{
2012 int err = 0;
2013 int cpu = raw_smp_processor_id();
2014 if (cpup)
2015 err |= put_user(cpu, cpup);
2016 if (nodep)
2017 err |= put_user(cpu_to_node(cpu), nodep);
2018 return err ? -EFAULT : 0;
2019}
2020
2021
2022
2023
2024
2025static int do_sysinfo(struct sysinfo *info)
2026{
2027 unsigned long mem_total, sav_total;
2028 unsigned int mem_unit, bitcount;
2029 struct timespec tp;
2030
2031 memset(info, 0, sizeof(struct sysinfo));
2032
2033 get_monotonic_boottime(&tp);
2034 info->uptime = tp.tv_sec + (tp.tv_nsec ? 1 : 0);
2035
2036 get_avenrun(info->loads, 0, SI_LOAD_SHIFT - FSHIFT);
2037
2038 info->procs = nr_threads;
2039
2040 si_meminfo(info);
2041 si_swapinfo(info);
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052 mem_total = info->totalram + info->totalswap;
2053 if (mem_total < info->totalram || mem_total < info->totalswap)
2054 goto out;
2055 bitcount = 0;
2056 mem_unit = info->mem_unit;
2057 while (mem_unit > 1) {
2058 bitcount++;
2059 mem_unit >>= 1;
2060 sav_total = mem_total;
2061 mem_total <<= 1;
2062 if (mem_total < sav_total)
2063 goto out;
2064 }
2065
2066
2067
2068
2069
2070
2071
2072
2073 info->mem_unit = 1;
2074 info->totalram <<= bitcount;
2075 info->freeram <<= bitcount;
2076 info->sharedram <<= bitcount;
2077 info->bufferram <<= bitcount;
2078 info->totalswap <<= bitcount;
2079 info->freeswap <<= bitcount;
2080 info->totalhigh <<= bitcount;
2081 info->freehigh <<= bitcount;
2082
2083out:
2084 return 0;
2085}
2086
2087SYSCALL_DEFINE1(sysinfo, struct sysinfo __user *, info)
2088{
2089 struct sysinfo val;
2090
2091 do_sysinfo(&val);
2092
2093 if (copy_to_user(info, &val, sizeof(struct sysinfo)))
2094 return -EFAULT;
2095
2096 return 0;
2097}
2098
2099#ifdef CONFIG_COMPAT
2100struct compat_sysinfo {
2101 s32 uptime;
2102 u32 loads[3];
2103 u32 totalram;
2104 u32 freeram;
2105 u32 sharedram;
2106 u32 bufferram;
2107 u32 totalswap;
2108 u32 freeswap;
2109 u16 procs;
2110 u16 pad;
2111 u32 totalhigh;
2112 u32 freehigh;
2113 u32 mem_unit;
2114 char _f[20-2*sizeof(u32)-sizeof(int)];
2115};
2116
2117COMPAT_SYSCALL_DEFINE1(sysinfo, struct compat_sysinfo __user *, info)
2118{
2119 struct sysinfo s;
2120
2121 do_sysinfo(&s);
2122
2123
2124
2125
2126 if ((s.totalram >> 32) || (s.totalswap >> 32)) {
2127 int bitcount = 0;
2128
2129 while (s.mem_unit < PAGE_SIZE) {
2130 s.mem_unit <<= 1;
2131 bitcount++;
2132 }
2133
2134 s.totalram >>= bitcount;
2135 s.freeram >>= bitcount;
2136 s.sharedram >>= bitcount;
2137 s.bufferram >>= bitcount;
2138 s.totalswap >>= bitcount;
2139 s.freeswap >>= bitcount;
2140 s.totalhigh >>= bitcount;
2141 s.freehigh >>= bitcount;
2142 }
2143
2144 if (!access_ok(VERIFY_WRITE, info, sizeof(struct compat_sysinfo)) ||
2145 __put_user(s.uptime, &info->uptime) ||
2146 __put_user(s.loads[0], &info->loads[0]) ||
2147 __put_user(s.loads[1], &info->loads[1]) ||
2148 __put_user(s.loads[2], &info->loads[2]) ||
2149 __put_user(s.totalram, &info->totalram) ||
2150 __put_user(s.freeram, &info->freeram) ||
2151 __put_user(s.sharedram, &info->sharedram) ||
2152 __put_user(s.bufferram, &info->bufferram) ||
2153 __put_user(s.totalswap, &info->totalswap) ||
2154 __put_user(s.freeswap, &info->freeswap) ||
2155 __put_user(s.procs, &info->procs) ||
2156 __put_user(s.totalhigh, &info->totalhigh) ||
2157 __put_user(s.freehigh, &info->freehigh) ||
2158 __put_user(s.mem_unit, &info->mem_unit))
2159 return -EFAULT;
2160
2161 return 0;
2162}
2163#endif
2164