1
2
3
4
5
6
7
8#include <linux/export.h>
9#include <linux/mm.h>
10#include <linux/utsname.h>
11#include <linux/mman.h>
12#include <linux/reboot.h>
13#include <linux/prctl.h>
14#include <linux/highuid.h>
15#include <linux/fs.h>
16#include <linux/kmod.h>
17#include <linux/perf_event.h>
18#include <linux/resource.h>
19#include <linux/kernel.h>
20#include <linux/workqueue.h>
21#include <linux/capability.h>
22#include <linux/device.h>
23#include <linux/key.h>
24#include <linux/times.h>
25#include <linux/posix-timers.h>
26#include <linux/security.h>
27#include <linux/suspend.h>
28#include <linux/tty.h>
29#include <linux/signal.h>
30#include <linux/cn_proc.h>
31#include <linux/getcpu.h>
32#include <linux/task_io_accounting_ops.h>
33#include <linux/seccomp.h>
34#include <linux/cpu.h>
35#include <linux/personality.h>
36#include <linux/ptrace.h>
37#include <linux/fs_struct.h>
38#include <linux/file.h>
39#include <linux/mount.h>
40#include <linux/gfp.h>
41#include <linux/syscore_ops.h>
42#include <linux/version.h>
43#include <linux/ctype.h>
44#include <linux/syscall_user_dispatch.h>
45
46#include <linux/compat.h>
47#include <linux/syscalls.h>
48#include <linux/kprobes.h>
49#include <linux/user_namespace.h>
50#include <linux/time_namespace.h>
51#include <linux/binfmts.h>
52
53#include <linux/sched.h>
54#include <linux/sched/autogroup.h>
55#include <linux/sched/loadavg.h>
56#include <linux/sched/stat.h>
57#include <linux/sched/mm.h>
58#include <linux/sched/coredump.h>
59#include <linux/sched/task.h>
60#include <linux/sched/cputime.h>
61#include <linux/rcupdate.h>
62#include <linux/uidgid.h>
63#include <linux/cred.h>
64
65#include <linux/nospec.h>
66
67#include <linux/kmsg_dump.h>
68
69#include <generated/utsrelease.h>
70
71#include <linux/uaccess.h>
72#include <asm/io.h>
73#include <asm/unistd.h>
74
75#include "uid16.h"
76
77#ifndef SET_UNALIGN_CTL
78# define SET_UNALIGN_CTL(a, b) (-EINVAL)
79#endif
80#ifndef GET_UNALIGN_CTL
81# define GET_UNALIGN_CTL(a, b) (-EINVAL)
82#endif
83#ifndef SET_FPEMU_CTL
84# define SET_FPEMU_CTL(a, b) (-EINVAL)
85#endif
86#ifndef GET_FPEMU_CTL
87# define GET_FPEMU_CTL(a, b) (-EINVAL)
88#endif
89#ifndef SET_FPEXC_CTL
90# define SET_FPEXC_CTL(a, b) (-EINVAL)
91#endif
92#ifndef GET_FPEXC_CTL
93# define GET_FPEXC_CTL(a, b) (-EINVAL)
94#endif
95#ifndef GET_ENDIAN
96# define GET_ENDIAN(a, b) (-EINVAL)
97#endif
98#ifndef SET_ENDIAN
99# define SET_ENDIAN(a, b) (-EINVAL)
100#endif
101#ifndef GET_TSC_CTL
102# define GET_TSC_CTL(a) (-EINVAL)
103#endif
104#ifndef SET_TSC_CTL
105# define SET_TSC_CTL(a) (-EINVAL)
106#endif
107#ifndef GET_FP_MODE
108# define GET_FP_MODE(a) (-EINVAL)
109#endif
110#ifndef SET_FP_MODE
111# define SET_FP_MODE(a,b) (-EINVAL)
112#endif
113#ifndef SVE_SET_VL
114# define SVE_SET_VL(a) (-EINVAL)
115#endif
116#ifndef SVE_GET_VL
117# define SVE_GET_VL() (-EINVAL)
118#endif
119#ifndef PAC_RESET_KEYS
120# define PAC_RESET_KEYS(a, b) (-EINVAL)
121#endif
122#ifndef PAC_SET_ENABLED_KEYS
123# define PAC_SET_ENABLED_KEYS(a, b, c) (-EINVAL)
124#endif
125#ifndef PAC_GET_ENABLED_KEYS
126# define PAC_GET_ENABLED_KEYS(a) (-EINVAL)
127#endif
128#ifndef SET_TAGGED_ADDR_CTRL
129# define SET_TAGGED_ADDR_CTRL(a) (-EINVAL)
130#endif
131#ifndef GET_TAGGED_ADDR_CTRL
132# define GET_TAGGED_ADDR_CTRL() (-EINVAL)
133#endif
134
135
136
137
138
139
140int overflowuid = DEFAULT_OVERFLOWUID;
141int overflowgid = DEFAULT_OVERFLOWGID;
142
143EXPORT_SYMBOL(overflowuid);
144EXPORT_SYMBOL(overflowgid);
145
146
147
148
149
150
151int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
152int fs_overflowgid = DEFAULT_FS_OVERFLOWGID;
153
154EXPORT_SYMBOL(fs_overflowuid);
155EXPORT_SYMBOL(fs_overflowgid);
156
157
158
159
160
161
162
163static bool set_one_prio_perm(struct task_struct *p)
164{
165 const struct cred *cred = current_cred(), *pcred = __task_cred(p);
166
167 if (uid_eq(pcred->uid, cred->euid) ||
168 uid_eq(pcred->euid, cred->euid))
169 return true;
170 if (ns_capable(pcred->user_ns, CAP_SYS_NICE))
171 return true;
172 return false;
173}
174
175
176
177
178
179static int set_one_prio(struct task_struct *p, int niceval, int error)
180{
181 int no_nice;
182
183 if (!set_one_prio_perm(p)) {
184 error = -EPERM;
185 goto out;
186 }
187 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
188 error = -EACCES;
189 goto out;
190 }
191 no_nice = security_task_setnice(p, niceval);
192 if (no_nice) {
193 error = no_nice;
194 goto out;
195 }
196 if (error == -ESRCH)
197 error = 0;
198 set_user_nice(p, niceval);
199out:
200 return error;
201}
202
203SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
204{
205 struct task_struct *g, *p;
206 struct user_struct *user;
207 const struct cred *cred = current_cred();
208 int error = -EINVAL;
209 struct pid *pgrp;
210 kuid_t uid;
211
212 if (which > PRIO_USER || which < PRIO_PROCESS)
213 goto out;
214
215
216 error = -ESRCH;
217 if (niceval < MIN_NICE)
218 niceval = MIN_NICE;
219 if (niceval > MAX_NICE)
220 niceval = MAX_NICE;
221
222 rcu_read_lock();
223 read_lock(&tasklist_lock);
224 switch (which) {
225 case PRIO_PROCESS:
226 if (who)
227 p = find_task_by_vpid(who);
228 else
229 p = current;
230 if (p)
231 error = set_one_prio(p, niceval, error);
232 break;
233 case PRIO_PGRP:
234 if (who)
235 pgrp = find_vpid(who);
236 else
237 pgrp = task_pgrp(current);
238 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
239 error = set_one_prio(p, niceval, error);
240 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
241 break;
242 case PRIO_USER:
243 uid = make_kuid(cred->user_ns, who);
244 user = cred->user;
245 if (!who)
246 uid = cred->uid;
247 else if (!uid_eq(uid, cred->uid)) {
248 user = find_user(uid);
249 if (!user)
250 goto out_unlock;
251 }
252 do_each_thread(g, p) {
253 if (uid_eq(task_uid(p), uid) && task_pid_vnr(p))
254 error = set_one_prio(p, niceval, error);
255 } while_each_thread(g, p);
256 if (!uid_eq(uid, cred->uid))
257 free_uid(user);
258 break;
259 }
260out_unlock:
261 read_unlock(&tasklist_lock);
262 rcu_read_unlock();
263out:
264 return error;
265}
266
267
268
269
270
271
272
273SYSCALL_DEFINE2(getpriority, int, which, int, who)
274{
275 struct task_struct *g, *p;
276 struct user_struct *user;
277 const struct cred *cred = current_cred();
278 long niceval, retval = -ESRCH;
279 struct pid *pgrp;
280 kuid_t uid;
281
282 if (which > PRIO_USER || which < PRIO_PROCESS)
283 return -EINVAL;
284
285 rcu_read_lock();
286 read_lock(&tasklist_lock);
287 switch (which) {
288 case PRIO_PROCESS:
289 if (who)
290 p = find_task_by_vpid(who);
291 else
292 p = current;
293 if (p) {
294 niceval = nice_to_rlimit(task_nice(p));
295 if (niceval > retval)
296 retval = niceval;
297 }
298 break;
299 case PRIO_PGRP:
300 if (who)
301 pgrp = find_vpid(who);
302 else
303 pgrp = task_pgrp(current);
304 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
305 niceval = nice_to_rlimit(task_nice(p));
306 if (niceval > retval)
307 retval = niceval;
308 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
309 break;
310 case PRIO_USER:
311 uid = make_kuid(cred->user_ns, who);
312 user = cred->user;
313 if (!who)
314 uid = cred->uid;
315 else if (!uid_eq(uid, cred->uid)) {
316 user = find_user(uid);
317 if (!user)
318 goto out_unlock;
319 }
320 do_each_thread(g, p) {
321 if (uid_eq(task_uid(p), uid) && task_pid_vnr(p)) {
322 niceval = nice_to_rlimit(task_nice(p));
323 if (niceval > retval)
324 retval = niceval;
325 }
326 } while_each_thread(g, p);
327 if (!uid_eq(uid, cred->uid))
328 free_uid(user);
329 break;
330 }
331out_unlock:
332 read_unlock(&tasklist_lock);
333 rcu_read_unlock();
334
335 return retval;
336}
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356#ifdef CONFIG_MULTIUSER
357long __sys_setregid(gid_t rgid, gid_t egid)
358{
359 struct user_namespace *ns = current_user_ns();
360 const struct cred *old;
361 struct cred *new;
362 int retval;
363 kgid_t krgid, kegid;
364
365 krgid = make_kgid(ns, rgid);
366 kegid = make_kgid(ns, egid);
367
368 if ((rgid != (gid_t) -1) && !gid_valid(krgid))
369 return -EINVAL;
370 if ((egid != (gid_t) -1) && !gid_valid(kegid))
371 return -EINVAL;
372
373 new = prepare_creds();
374 if (!new)
375 return -ENOMEM;
376 old = current_cred();
377
378 retval = -EPERM;
379 if (rgid != (gid_t) -1) {
380 if (gid_eq(old->gid, krgid) ||
381 gid_eq(old->egid, krgid) ||
382 ns_capable_setid(old->user_ns, CAP_SETGID))
383 new->gid = krgid;
384 else
385 goto error;
386 }
387 if (egid != (gid_t) -1) {
388 if (gid_eq(old->gid, kegid) ||
389 gid_eq(old->egid, kegid) ||
390 gid_eq(old->sgid, kegid) ||
391 ns_capable_setid(old->user_ns, CAP_SETGID))
392 new->egid = kegid;
393 else
394 goto error;
395 }
396
397 if (rgid != (gid_t) -1 ||
398 (egid != (gid_t) -1 && !gid_eq(kegid, old->gid)))
399 new->sgid = new->egid;
400 new->fsgid = new->egid;
401
402 retval = security_task_fix_setgid(new, old, LSM_SETID_RE);
403 if (retval < 0)
404 goto error;
405
406 return commit_creds(new);
407
408error:
409 abort_creds(new);
410 return retval;
411}
412
413SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid)
414{
415 return __sys_setregid(rgid, egid);
416}
417
418
419
420
421
422
423long __sys_setgid(gid_t gid)
424{
425 struct user_namespace *ns = current_user_ns();
426 const struct cred *old;
427 struct cred *new;
428 int retval;
429 kgid_t kgid;
430
431 kgid = make_kgid(ns, gid);
432 if (!gid_valid(kgid))
433 return -EINVAL;
434
435 new = prepare_creds();
436 if (!new)
437 return -ENOMEM;
438 old = current_cred();
439
440 retval = -EPERM;
441 if (ns_capable_setid(old->user_ns, CAP_SETGID))
442 new->gid = new->egid = new->sgid = new->fsgid = kgid;
443 else if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->sgid))
444 new->egid = new->fsgid = kgid;
445 else
446 goto error;
447
448 retval = security_task_fix_setgid(new, old, LSM_SETID_ID);
449 if (retval < 0)
450 goto error;
451
452 return commit_creds(new);
453
454error:
455 abort_creds(new);
456 return retval;
457}
458
459SYSCALL_DEFINE1(setgid, gid_t, gid)
460{
461 return __sys_setgid(gid);
462}
463
464
465
466
467static int set_user(struct cred *new)
468{
469 struct user_struct *new_user;
470
471 new_user = alloc_uid(new->uid);
472 if (!new_user)
473 return -EAGAIN;
474
475
476
477
478
479
480
481
482 if (is_ucounts_overlimit(new->ucounts, UCOUNT_RLIMIT_NPROC, rlimit(RLIMIT_NPROC)) &&
483 new_user != INIT_USER)
484 current->flags |= PF_NPROC_EXCEEDED;
485 else
486 current->flags &= ~PF_NPROC_EXCEEDED;
487
488 free_uid(new->user);
489 new->user = new_user;
490 return 0;
491}
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508long __sys_setreuid(uid_t ruid, uid_t euid)
509{
510 struct user_namespace *ns = current_user_ns();
511 const struct cred *old;
512 struct cred *new;
513 int retval;
514 kuid_t kruid, keuid;
515
516 kruid = make_kuid(ns, ruid);
517 keuid = make_kuid(ns, euid);
518
519 if ((ruid != (uid_t) -1) && !uid_valid(kruid))
520 return -EINVAL;
521 if ((euid != (uid_t) -1) && !uid_valid(keuid))
522 return -EINVAL;
523
524 new = prepare_creds();
525 if (!new)
526 return -ENOMEM;
527 old = current_cred();
528
529 retval = -EPERM;
530 if (ruid != (uid_t) -1) {
531 new->uid = kruid;
532 if (!uid_eq(old->uid, kruid) &&
533 !uid_eq(old->euid, kruid) &&
534 !ns_capable_setid(old->user_ns, CAP_SETUID))
535 goto error;
536 }
537
538 if (euid != (uid_t) -1) {
539 new->euid = keuid;
540 if (!uid_eq(old->uid, keuid) &&
541 !uid_eq(old->euid, keuid) &&
542 !uid_eq(old->suid, keuid) &&
543 !ns_capable_setid(old->user_ns, CAP_SETUID))
544 goto error;
545 }
546
547 if (!uid_eq(new->uid, old->uid)) {
548 retval = set_user(new);
549 if (retval < 0)
550 goto error;
551 }
552 if (ruid != (uid_t) -1 ||
553 (euid != (uid_t) -1 && !uid_eq(keuid, old->uid)))
554 new->suid = new->euid;
555 new->fsuid = new->euid;
556
557 retval = security_task_fix_setuid(new, old, LSM_SETID_RE);
558 if (retval < 0)
559 goto error;
560
561 retval = set_cred_ucounts(new);
562 if (retval < 0)
563 goto error;
564
565 return commit_creds(new);
566
567error:
568 abort_creds(new);
569 return retval;
570}
571
572SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid)
573{
574 return __sys_setreuid(ruid, euid);
575}
576
577
578
579
580
581
582
583
584
585
586
587
588long __sys_setuid(uid_t uid)
589{
590 struct user_namespace *ns = current_user_ns();
591 const struct cred *old;
592 struct cred *new;
593 int retval;
594 kuid_t kuid;
595
596 kuid = make_kuid(ns, uid);
597 if (!uid_valid(kuid))
598 return -EINVAL;
599
600 new = prepare_creds();
601 if (!new)
602 return -ENOMEM;
603 old = current_cred();
604
605 retval = -EPERM;
606 if (ns_capable_setid(old->user_ns, CAP_SETUID)) {
607 new->suid = new->uid = kuid;
608 if (!uid_eq(kuid, old->uid)) {
609 retval = set_user(new);
610 if (retval < 0)
611 goto error;
612 }
613 } else if (!uid_eq(kuid, old->uid) && !uid_eq(kuid, new->suid)) {
614 goto error;
615 }
616
617 new->fsuid = new->euid = kuid;
618
619 retval = security_task_fix_setuid(new, old, LSM_SETID_ID);
620 if (retval < 0)
621 goto error;
622
623 retval = set_cred_ucounts(new);
624 if (retval < 0)
625 goto error;
626
627 return commit_creds(new);
628
629error:
630 abort_creds(new);
631 return retval;
632}
633
634SYSCALL_DEFINE1(setuid, uid_t, uid)
635{
636 return __sys_setuid(uid);
637}
638
639
640
641
642
643
644long __sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
645{
646 struct user_namespace *ns = current_user_ns();
647 const struct cred *old;
648 struct cred *new;
649 int retval;
650 kuid_t kruid, keuid, ksuid;
651
652 kruid = make_kuid(ns, ruid);
653 keuid = make_kuid(ns, euid);
654 ksuid = make_kuid(ns, suid);
655
656 if ((ruid != (uid_t) -1) && !uid_valid(kruid))
657 return -EINVAL;
658
659 if ((euid != (uid_t) -1) && !uid_valid(keuid))
660 return -EINVAL;
661
662 if ((suid != (uid_t) -1) && !uid_valid(ksuid))
663 return -EINVAL;
664
665 new = prepare_creds();
666 if (!new)
667 return -ENOMEM;
668
669 old = current_cred();
670
671 retval = -EPERM;
672 if (!ns_capable_setid(old->user_ns, CAP_SETUID)) {
673 if (ruid != (uid_t) -1 && !uid_eq(kruid, old->uid) &&
674 !uid_eq(kruid, old->euid) && !uid_eq(kruid, old->suid))
675 goto error;
676 if (euid != (uid_t) -1 && !uid_eq(keuid, old->uid) &&
677 !uid_eq(keuid, old->euid) && !uid_eq(keuid, old->suid))
678 goto error;
679 if (suid != (uid_t) -1 && !uid_eq(ksuid, old->uid) &&
680 !uid_eq(ksuid, old->euid) && !uid_eq(ksuid, old->suid))
681 goto error;
682 }
683
684 if (ruid != (uid_t) -1) {
685 new->uid = kruid;
686 if (!uid_eq(kruid, old->uid)) {
687 retval = set_user(new);
688 if (retval < 0)
689 goto error;
690 }
691 }
692 if (euid != (uid_t) -1)
693 new->euid = keuid;
694 if (suid != (uid_t) -1)
695 new->suid = ksuid;
696 new->fsuid = new->euid;
697
698 retval = security_task_fix_setuid(new, old, LSM_SETID_RES);
699 if (retval < 0)
700 goto error;
701
702 retval = set_cred_ucounts(new);
703 if (retval < 0)
704 goto error;
705
706 return commit_creds(new);
707
708error:
709 abort_creds(new);
710 return retval;
711}
712
713SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid)
714{
715 return __sys_setresuid(ruid, euid, suid);
716}
717
718SYSCALL_DEFINE3(getresuid, uid_t __user *, ruidp, uid_t __user *, euidp, uid_t __user *, suidp)
719{
720 const struct cred *cred = current_cred();
721 int retval;
722 uid_t ruid, euid, suid;
723
724 ruid = from_kuid_munged(cred->user_ns, cred->uid);
725 euid = from_kuid_munged(cred->user_ns, cred->euid);
726 suid = from_kuid_munged(cred->user_ns, cred->suid);
727
728 retval = put_user(ruid, ruidp);
729 if (!retval) {
730 retval = put_user(euid, euidp);
731 if (!retval)
732 return put_user(suid, suidp);
733 }
734 return retval;
735}
736
737
738
739
740long __sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
741{
742 struct user_namespace *ns = current_user_ns();
743 const struct cred *old;
744 struct cred *new;
745 int retval;
746 kgid_t krgid, kegid, ksgid;
747
748 krgid = make_kgid(ns, rgid);
749 kegid = make_kgid(ns, egid);
750 ksgid = make_kgid(ns, sgid);
751
752 if ((rgid != (gid_t) -1) && !gid_valid(krgid))
753 return -EINVAL;
754 if ((egid != (gid_t) -1) && !gid_valid(kegid))
755 return -EINVAL;
756 if ((sgid != (gid_t) -1) && !gid_valid(ksgid))
757 return -EINVAL;
758
759 new = prepare_creds();
760 if (!new)
761 return -ENOMEM;
762 old = current_cred();
763
764 retval = -EPERM;
765 if (!ns_capable_setid(old->user_ns, CAP_SETGID)) {
766 if (rgid != (gid_t) -1 && !gid_eq(krgid, old->gid) &&
767 !gid_eq(krgid, old->egid) && !gid_eq(krgid, old->sgid))
768 goto error;
769 if (egid != (gid_t) -1 && !gid_eq(kegid, old->gid) &&
770 !gid_eq(kegid, old->egid) && !gid_eq(kegid, old->sgid))
771 goto error;
772 if (sgid != (gid_t) -1 && !gid_eq(ksgid, old->gid) &&
773 !gid_eq(ksgid, old->egid) && !gid_eq(ksgid, old->sgid))
774 goto error;
775 }
776
777 if (rgid != (gid_t) -1)
778 new->gid = krgid;
779 if (egid != (gid_t) -1)
780 new->egid = kegid;
781 if (sgid != (gid_t) -1)
782 new->sgid = ksgid;
783 new->fsgid = new->egid;
784
785 retval = security_task_fix_setgid(new, old, LSM_SETID_RES);
786 if (retval < 0)
787 goto error;
788
789 return commit_creds(new);
790
791error:
792 abort_creds(new);
793 return retval;
794}
795
796SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid)
797{
798 return __sys_setresgid(rgid, egid, sgid);
799}
800
801SYSCALL_DEFINE3(getresgid, gid_t __user *, rgidp, gid_t __user *, egidp, gid_t __user *, sgidp)
802{
803 const struct cred *cred = current_cred();
804 int retval;
805 gid_t rgid, egid, sgid;
806
807 rgid = from_kgid_munged(cred->user_ns, cred->gid);
808 egid = from_kgid_munged(cred->user_ns, cred->egid);
809 sgid = from_kgid_munged(cred->user_ns, cred->sgid);
810
811 retval = put_user(rgid, rgidp);
812 if (!retval) {
813 retval = put_user(egid, egidp);
814 if (!retval)
815 retval = put_user(sgid, sgidp);
816 }
817
818 return retval;
819}
820
821
822
823
824
825
826
827
828long __sys_setfsuid(uid_t uid)
829{
830 const struct cred *old;
831 struct cred *new;
832 uid_t old_fsuid;
833 kuid_t kuid;
834
835 old = current_cred();
836 old_fsuid = from_kuid_munged(old->user_ns, old->fsuid);
837
838 kuid = make_kuid(old->user_ns, uid);
839 if (!uid_valid(kuid))
840 return old_fsuid;
841
842 new = prepare_creds();
843 if (!new)
844 return old_fsuid;
845
846 if (uid_eq(kuid, old->uid) || uid_eq(kuid, old->euid) ||
847 uid_eq(kuid, old->suid) || uid_eq(kuid, old->fsuid) ||
848 ns_capable_setid(old->user_ns, CAP_SETUID)) {
849 if (!uid_eq(kuid, old->fsuid)) {
850 new->fsuid = kuid;
851 if (security_task_fix_setuid(new, old, LSM_SETID_FS) == 0)
852 goto change_okay;
853 }
854 }
855
856 abort_creds(new);
857 return old_fsuid;
858
859change_okay:
860 commit_creds(new);
861 return old_fsuid;
862}
863
864SYSCALL_DEFINE1(setfsuid, uid_t, uid)
865{
866 return __sys_setfsuid(uid);
867}
868
869
870
871
872long __sys_setfsgid(gid_t gid)
873{
874 const struct cred *old;
875 struct cred *new;
876 gid_t old_fsgid;
877 kgid_t kgid;
878
879 old = current_cred();
880 old_fsgid = from_kgid_munged(old->user_ns, old->fsgid);
881
882 kgid = make_kgid(old->user_ns, gid);
883 if (!gid_valid(kgid))
884 return old_fsgid;
885
886 new = prepare_creds();
887 if (!new)
888 return old_fsgid;
889
890 if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->egid) ||
891 gid_eq(kgid, old->sgid) || gid_eq(kgid, old->fsgid) ||
892 ns_capable_setid(old->user_ns, CAP_SETGID)) {
893 if (!gid_eq(kgid, old->fsgid)) {
894 new->fsgid = kgid;
895 if (security_task_fix_setgid(new,old,LSM_SETID_FS) == 0)
896 goto change_okay;
897 }
898 }
899
900 abort_creds(new);
901 return old_fsgid;
902
903change_okay:
904 commit_creds(new);
905 return old_fsgid;
906}
907
908SYSCALL_DEFINE1(setfsgid, gid_t, gid)
909{
910 return __sys_setfsgid(gid);
911}
912#endif
913
914
915
916
917
918
919
920
921
922
923SYSCALL_DEFINE0(getpid)
924{
925 return task_tgid_vnr(current);
926}
927
928
929SYSCALL_DEFINE0(gettid)
930{
931 return task_pid_vnr(current);
932}
933
934
935
936
937
938
939
940SYSCALL_DEFINE0(getppid)
941{
942 int pid;
943
944 rcu_read_lock();
945 pid = task_tgid_vnr(rcu_dereference(current->real_parent));
946 rcu_read_unlock();
947
948 return pid;
949}
950
951SYSCALL_DEFINE0(getuid)
952{
953
954 return from_kuid_munged(current_user_ns(), current_uid());
955}
956
957SYSCALL_DEFINE0(geteuid)
958{
959
960 return from_kuid_munged(current_user_ns(), current_euid());
961}
962
963SYSCALL_DEFINE0(getgid)
964{
965
966 return from_kgid_munged(current_user_ns(), current_gid());
967}
968
969SYSCALL_DEFINE0(getegid)
970{
971
972 return from_kgid_munged(current_user_ns(), current_egid());
973}
974
975static void do_sys_times(struct tms *tms)
976{
977 u64 tgutime, tgstime, cutime, cstime;
978
979 thread_group_cputime_adjusted(current, &tgutime, &tgstime);
980 cutime = current->signal->cutime;
981 cstime = current->signal->cstime;
982 tms->tms_utime = nsec_to_clock_t(tgutime);
983 tms->tms_stime = nsec_to_clock_t(tgstime);
984 tms->tms_cutime = nsec_to_clock_t(cutime);
985 tms->tms_cstime = nsec_to_clock_t(cstime);
986}
987
988SYSCALL_DEFINE1(times, struct tms __user *, tbuf)
989{
990 if (tbuf) {
991 struct tms tmp;
992
993 do_sys_times(&tmp);
994 if (copy_to_user(tbuf, &tmp, sizeof(struct tms)))
995 return -EFAULT;
996 }
997 force_successful_syscall_return();
998 return (long) jiffies_64_to_clock_t(get_jiffies_64());
999}
1000
1001#ifdef CONFIG_COMPAT
1002static compat_clock_t clock_t_to_compat_clock_t(clock_t x)
1003{
1004 return compat_jiffies_to_clock_t(clock_t_to_jiffies(x));
1005}
1006
1007COMPAT_SYSCALL_DEFINE1(times, struct compat_tms __user *, tbuf)
1008{
1009 if (tbuf) {
1010 struct tms tms;
1011 struct compat_tms tmp;
1012
1013 do_sys_times(&tms);
1014
1015 tmp.tms_utime = clock_t_to_compat_clock_t(tms.tms_utime);
1016 tmp.tms_stime = clock_t_to_compat_clock_t(tms.tms_stime);
1017 tmp.tms_cutime = clock_t_to_compat_clock_t(tms.tms_cutime);
1018 tmp.tms_cstime = clock_t_to_compat_clock_t(tms.tms_cstime);
1019 if (copy_to_user(tbuf, &tmp, sizeof(tmp)))
1020 return -EFAULT;
1021 }
1022 force_successful_syscall_return();
1023 return compat_jiffies_to_clock_t(jiffies);
1024}
1025#endif
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038SYSCALL_DEFINE2(setpgid, pid_t, pid, pid_t, pgid)
1039{
1040 struct task_struct *p;
1041 struct task_struct *group_leader = current->group_leader;
1042 struct pid *pgrp;
1043 int err;
1044
1045 if (!pid)
1046 pid = task_pid_vnr(group_leader);
1047 if (!pgid)
1048 pgid = pid;
1049 if (pgid < 0)
1050 return -EINVAL;
1051 rcu_read_lock();
1052
1053
1054
1055
1056 write_lock_irq(&tasklist_lock);
1057
1058 err = -ESRCH;
1059 p = find_task_by_vpid(pid);
1060 if (!p)
1061 goto out;
1062
1063 err = -EINVAL;
1064 if (!thread_group_leader(p))
1065 goto out;
1066
1067 if (same_thread_group(p->real_parent, group_leader)) {
1068 err = -EPERM;
1069 if (task_session(p) != task_session(group_leader))
1070 goto out;
1071 err = -EACCES;
1072 if (!(p->flags & PF_FORKNOEXEC))
1073 goto out;
1074 } else {
1075 err = -ESRCH;
1076 if (p != group_leader)
1077 goto out;
1078 }
1079
1080 err = -EPERM;
1081 if (p->signal->leader)
1082 goto out;
1083
1084 pgrp = task_pid(p);
1085 if (pgid != pid) {
1086 struct task_struct *g;
1087
1088 pgrp = find_vpid(pgid);
1089 g = pid_task(pgrp, PIDTYPE_PGID);
1090 if (!g || task_session(g) != task_session(group_leader))
1091 goto out;
1092 }
1093
1094 err = security_task_setpgid(p, pgid);
1095 if (err)
1096 goto out;
1097
1098 if (task_pgrp(p) != pgrp)
1099 change_pid(p, PIDTYPE_PGID, pgrp);
1100
1101 err = 0;
1102out:
1103
1104 write_unlock_irq(&tasklist_lock);
1105 rcu_read_unlock();
1106 return err;
1107}
1108
1109static int do_getpgid(pid_t pid)
1110{
1111 struct task_struct *p;
1112 struct pid *grp;
1113 int retval;
1114
1115 rcu_read_lock();
1116 if (!pid)
1117 grp = task_pgrp(current);
1118 else {
1119 retval = -ESRCH;
1120 p = find_task_by_vpid(pid);
1121 if (!p)
1122 goto out;
1123 grp = task_pgrp(p);
1124 if (!grp)
1125 goto out;
1126
1127 retval = security_task_getpgid(p);
1128 if (retval)
1129 goto out;
1130 }
1131 retval = pid_vnr(grp);
1132out:
1133 rcu_read_unlock();
1134 return retval;
1135}
1136
1137SYSCALL_DEFINE1(getpgid, pid_t, pid)
1138{
1139 return do_getpgid(pid);
1140}
1141
1142#ifdef __ARCH_WANT_SYS_GETPGRP
1143
1144SYSCALL_DEFINE0(getpgrp)
1145{
1146 return do_getpgid(0);
1147}
1148
1149#endif
1150
1151SYSCALL_DEFINE1(getsid, pid_t, pid)
1152{
1153 struct task_struct *p;
1154 struct pid *sid;
1155 int retval;
1156
1157 rcu_read_lock();
1158 if (!pid)
1159 sid = task_session(current);
1160 else {
1161 retval = -ESRCH;
1162 p = find_task_by_vpid(pid);
1163 if (!p)
1164 goto out;
1165 sid = task_session(p);
1166 if (!sid)
1167 goto out;
1168
1169 retval = security_task_getsid(p);
1170 if (retval)
1171 goto out;
1172 }
1173 retval = pid_vnr(sid);
1174out:
1175 rcu_read_unlock();
1176 return retval;
1177}
1178
1179static void set_special_pids(struct pid *pid)
1180{
1181 struct task_struct *curr = current->group_leader;
1182
1183 if (task_session(curr) != pid)
1184 change_pid(curr, PIDTYPE_SID, pid);
1185
1186 if (task_pgrp(curr) != pid)
1187 change_pid(curr, PIDTYPE_PGID, pid);
1188}
1189
1190int ksys_setsid(void)
1191{
1192 struct task_struct *group_leader = current->group_leader;
1193 struct pid *sid = task_pid(group_leader);
1194 pid_t session = pid_vnr(sid);
1195 int err = -EPERM;
1196
1197 write_lock_irq(&tasklist_lock);
1198
1199 if (group_leader->signal->leader)
1200 goto out;
1201
1202
1203
1204
1205 if (pid_task(sid, PIDTYPE_PGID))
1206 goto out;
1207
1208 group_leader->signal->leader = 1;
1209 set_special_pids(sid);
1210
1211 proc_clear_tty(group_leader);
1212
1213 err = session;
1214out:
1215 write_unlock_irq(&tasklist_lock);
1216 if (err > 0) {
1217 proc_sid_connector(group_leader);
1218 sched_autogroup_create_attach(group_leader);
1219 }
1220 return err;
1221}
1222
1223SYSCALL_DEFINE0(setsid)
1224{
1225 return ksys_setsid();
1226}
1227
1228DECLARE_RWSEM(uts_sem);
1229
1230#ifdef COMPAT_UTS_MACHINE
1231#define override_architecture(name) \
1232 (personality(current->personality) == PER_LINUX32 && \
1233 copy_to_user(name->machine, COMPAT_UTS_MACHINE, \
1234 sizeof(COMPAT_UTS_MACHINE)))
1235#else
1236#define override_architecture(name) 0
1237#endif
1238
1239
1240
1241
1242
1243
1244
1245static int override_release(char __user *release, size_t len)
1246{
1247 int ret = 0;
1248
1249 if (current->personality & UNAME26) {
1250 const char *rest = UTS_RELEASE;
1251 char buf[65] = { 0 };
1252 int ndots = 0;
1253 unsigned v;
1254 size_t copy;
1255
1256 while (*rest) {
1257 if (*rest == '.' && ++ndots >= 3)
1258 break;
1259 if (!isdigit(*rest) && *rest != '.')
1260 break;
1261 rest++;
1262 }
1263 v = LINUX_VERSION_PATCHLEVEL + 60;
1264 copy = clamp_t(size_t, len, 1, sizeof(buf));
1265 copy = scnprintf(buf, copy, "2.6.%u%s", v, rest);
1266 ret = copy_to_user(release, buf, copy + 1);
1267 }
1268 return ret;
1269}
1270
1271SYSCALL_DEFINE1(newuname, struct new_utsname __user *, name)
1272{
1273 struct new_utsname tmp;
1274
1275 down_read(&uts_sem);
1276 memcpy(&tmp, utsname(), sizeof(tmp));
1277 up_read(&uts_sem);
1278 if (copy_to_user(name, &tmp, sizeof(tmp)))
1279 return -EFAULT;
1280
1281 if (override_release(name->release, sizeof(name->release)))
1282 return -EFAULT;
1283 if (override_architecture(name))
1284 return -EFAULT;
1285 return 0;
1286}
1287
1288#ifdef __ARCH_WANT_SYS_OLD_UNAME
1289
1290
1291
1292SYSCALL_DEFINE1(uname, struct old_utsname __user *, name)
1293{
1294 struct old_utsname tmp;
1295
1296 if (!name)
1297 return -EFAULT;
1298
1299 down_read(&uts_sem);
1300 memcpy(&tmp, utsname(), sizeof(tmp));
1301 up_read(&uts_sem);
1302 if (copy_to_user(name, &tmp, sizeof(tmp)))
1303 return -EFAULT;
1304
1305 if (override_release(name->release, sizeof(name->release)))
1306 return -EFAULT;
1307 if (override_architecture(name))
1308 return -EFAULT;
1309 return 0;
1310}
1311
1312SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name)
1313{
1314 struct oldold_utsname tmp;
1315
1316 if (!name)
1317 return -EFAULT;
1318
1319 memset(&tmp, 0, sizeof(tmp));
1320
1321 down_read(&uts_sem);
1322 memcpy(&tmp.sysname, &utsname()->sysname, __OLD_UTS_LEN);
1323 memcpy(&tmp.nodename, &utsname()->nodename, __OLD_UTS_LEN);
1324 memcpy(&tmp.release, &utsname()->release, __OLD_UTS_LEN);
1325 memcpy(&tmp.version, &utsname()->version, __OLD_UTS_LEN);
1326 memcpy(&tmp.machine, &utsname()->machine, __OLD_UTS_LEN);
1327 up_read(&uts_sem);
1328 if (copy_to_user(name, &tmp, sizeof(tmp)))
1329 return -EFAULT;
1330
1331 if (override_architecture(name))
1332 return -EFAULT;
1333 if (override_release(name->release, sizeof(name->release)))
1334 return -EFAULT;
1335 return 0;
1336}
1337#endif
1338
1339SYSCALL_DEFINE2(sethostname, char __user *, name, int, len)
1340{
1341 int errno;
1342 char tmp[__NEW_UTS_LEN];
1343
1344 if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN))
1345 return -EPERM;
1346
1347 if (len < 0 || len > __NEW_UTS_LEN)
1348 return -EINVAL;
1349 errno = -EFAULT;
1350 if (!copy_from_user(tmp, name, len)) {
1351 struct new_utsname *u;
1352
1353 down_write(&uts_sem);
1354 u = utsname();
1355 memcpy(u->nodename, tmp, len);
1356 memset(u->nodename + len, 0, sizeof(u->nodename) - len);
1357 errno = 0;
1358 uts_proc_notify(UTS_PROC_HOSTNAME);
1359 up_write(&uts_sem);
1360 }
1361 return errno;
1362}
1363
1364#ifdef __ARCH_WANT_SYS_GETHOSTNAME
1365
1366SYSCALL_DEFINE2(gethostname, char __user *, name, int, len)
1367{
1368 int i;
1369 struct new_utsname *u;
1370 char tmp[__NEW_UTS_LEN + 1];
1371
1372 if (len < 0)
1373 return -EINVAL;
1374 down_read(&uts_sem);
1375 u = utsname();
1376 i = 1 + strlen(u->nodename);
1377 if (i > len)
1378 i = len;
1379 memcpy(tmp, u->nodename, i);
1380 up_read(&uts_sem);
1381 if (copy_to_user(name, tmp, i))
1382 return -EFAULT;
1383 return 0;
1384}
1385
1386#endif
1387
1388
1389
1390
1391
1392SYSCALL_DEFINE2(setdomainname, char __user *, name, int, len)
1393{
1394 int errno;
1395 char tmp[__NEW_UTS_LEN];
1396
1397 if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN))
1398 return -EPERM;
1399 if (len < 0 || len > __NEW_UTS_LEN)
1400 return -EINVAL;
1401
1402 errno = -EFAULT;
1403 if (!copy_from_user(tmp, name, len)) {
1404 struct new_utsname *u;
1405
1406 down_write(&uts_sem);
1407 u = utsname();
1408 memcpy(u->domainname, tmp, len);
1409 memset(u->domainname + len, 0, sizeof(u->domainname) - len);
1410 errno = 0;
1411 uts_proc_notify(UTS_PROC_DOMAINNAME);
1412 up_write(&uts_sem);
1413 }
1414 return errno;
1415}
1416
1417SYSCALL_DEFINE2(getrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1418{
1419 struct rlimit value;
1420 int ret;
1421
1422 ret = do_prlimit(current, resource, NULL, &value);
1423 if (!ret)
1424 ret = copy_to_user(rlim, &value, sizeof(*rlim)) ? -EFAULT : 0;
1425
1426 return ret;
1427}
1428
1429#ifdef CONFIG_COMPAT
1430
1431COMPAT_SYSCALL_DEFINE2(setrlimit, unsigned int, resource,
1432 struct compat_rlimit __user *, rlim)
1433{
1434 struct rlimit r;
1435 struct compat_rlimit r32;
1436
1437 if (copy_from_user(&r32, rlim, sizeof(struct compat_rlimit)))
1438 return -EFAULT;
1439
1440 if (r32.rlim_cur == COMPAT_RLIM_INFINITY)
1441 r.rlim_cur = RLIM_INFINITY;
1442 else
1443 r.rlim_cur = r32.rlim_cur;
1444 if (r32.rlim_max == COMPAT_RLIM_INFINITY)
1445 r.rlim_max = RLIM_INFINITY;
1446 else
1447 r.rlim_max = r32.rlim_max;
1448 return do_prlimit(current, resource, &r, NULL);
1449}
1450
1451COMPAT_SYSCALL_DEFINE2(getrlimit, unsigned int, resource,
1452 struct compat_rlimit __user *, rlim)
1453{
1454 struct rlimit r;
1455 int ret;
1456
1457 ret = do_prlimit(current, resource, NULL, &r);
1458 if (!ret) {
1459 struct compat_rlimit r32;
1460 if (r.rlim_cur > COMPAT_RLIM_INFINITY)
1461 r32.rlim_cur = COMPAT_RLIM_INFINITY;
1462 else
1463 r32.rlim_cur = r.rlim_cur;
1464 if (r.rlim_max > COMPAT_RLIM_INFINITY)
1465 r32.rlim_max = COMPAT_RLIM_INFINITY;
1466 else
1467 r32.rlim_max = r.rlim_max;
1468
1469 if (copy_to_user(rlim, &r32, sizeof(struct compat_rlimit)))
1470 return -EFAULT;
1471 }
1472 return ret;
1473}
1474
1475#endif
1476
1477#ifdef __ARCH_WANT_SYS_OLD_GETRLIMIT
1478
1479
1480
1481
1482SYSCALL_DEFINE2(old_getrlimit, unsigned int, resource,
1483 struct rlimit __user *, rlim)
1484{
1485 struct rlimit x;
1486 if (resource >= RLIM_NLIMITS)
1487 return -EINVAL;
1488
1489 resource = array_index_nospec(resource, RLIM_NLIMITS);
1490 task_lock(current->group_leader);
1491 x = current->signal->rlim[resource];
1492 task_unlock(current->group_leader);
1493 if (x.rlim_cur > 0x7FFFFFFF)
1494 x.rlim_cur = 0x7FFFFFFF;
1495 if (x.rlim_max > 0x7FFFFFFF)
1496 x.rlim_max = 0x7FFFFFFF;
1497 return copy_to_user(rlim, &x, sizeof(x)) ? -EFAULT : 0;
1498}
1499
1500#ifdef CONFIG_COMPAT
1501COMPAT_SYSCALL_DEFINE2(old_getrlimit, unsigned int, resource,
1502 struct compat_rlimit __user *, rlim)
1503{
1504 struct rlimit r;
1505
1506 if (resource >= RLIM_NLIMITS)
1507 return -EINVAL;
1508
1509 resource = array_index_nospec(resource, RLIM_NLIMITS);
1510 task_lock(current->group_leader);
1511 r = current->signal->rlim[resource];
1512 task_unlock(current->group_leader);
1513 if (r.rlim_cur > 0x7FFFFFFF)
1514 r.rlim_cur = 0x7FFFFFFF;
1515 if (r.rlim_max > 0x7FFFFFFF)
1516 r.rlim_max = 0x7FFFFFFF;
1517
1518 if (put_user(r.rlim_cur, &rlim->rlim_cur) ||
1519 put_user(r.rlim_max, &rlim->rlim_max))
1520 return -EFAULT;
1521 return 0;
1522}
1523#endif
1524
1525#endif
1526
1527static inline bool rlim64_is_infinity(__u64 rlim64)
1528{
1529#if BITS_PER_LONG < 64
1530 return rlim64 >= ULONG_MAX;
1531#else
1532 return rlim64 == RLIM64_INFINITY;
1533#endif
1534}
1535
1536static void rlim_to_rlim64(const struct rlimit *rlim, struct rlimit64 *rlim64)
1537{
1538 if (rlim->rlim_cur == RLIM_INFINITY)
1539 rlim64->rlim_cur = RLIM64_INFINITY;
1540 else
1541 rlim64->rlim_cur = rlim->rlim_cur;
1542 if (rlim->rlim_max == RLIM_INFINITY)
1543 rlim64->rlim_max = RLIM64_INFINITY;
1544 else
1545 rlim64->rlim_max = rlim->rlim_max;
1546}
1547
1548static void rlim64_to_rlim(const struct rlimit64 *rlim64, struct rlimit *rlim)
1549{
1550 if (rlim64_is_infinity(rlim64->rlim_cur))
1551 rlim->rlim_cur = RLIM_INFINITY;
1552 else
1553 rlim->rlim_cur = (unsigned long)rlim64->rlim_cur;
1554 if (rlim64_is_infinity(rlim64->rlim_max))
1555 rlim->rlim_max = RLIM_INFINITY;
1556 else
1557 rlim->rlim_max = (unsigned long)rlim64->rlim_max;
1558}
1559
1560
1561int do_prlimit(struct task_struct *tsk, unsigned int resource,
1562 struct rlimit *new_rlim, struct rlimit *old_rlim)
1563{
1564 struct rlimit *rlim;
1565 int retval = 0;
1566
1567 if (resource >= RLIM_NLIMITS)
1568 return -EINVAL;
1569 if (new_rlim) {
1570 if (new_rlim->rlim_cur > new_rlim->rlim_max)
1571 return -EINVAL;
1572 if (resource == RLIMIT_NOFILE &&
1573 new_rlim->rlim_max > sysctl_nr_open)
1574 return -EPERM;
1575 }
1576
1577
1578 read_lock(&tasklist_lock);
1579 if (!tsk->sighand) {
1580 retval = -ESRCH;
1581 goto out;
1582 }
1583
1584 rlim = tsk->signal->rlim + resource;
1585 task_lock(tsk->group_leader);
1586 if (new_rlim) {
1587
1588
1589 if (new_rlim->rlim_max > rlim->rlim_max &&
1590 !capable(CAP_SYS_RESOURCE))
1591 retval = -EPERM;
1592 if (!retval)
1593 retval = security_task_setrlimit(tsk, resource, new_rlim);
1594 }
1595 if (!retval) {
1596 if (old_rlim)
1597 *old_rlim = *rlim;
1598 if (new_rlim)
1599 *rlim = *new_rlim;
1600 }
1601 task_unlock(tsk->group_leader);
1602
1603
1604
1605
1606
1607
1608 if (!retval && new_rlim && resource == RLIMIT_CPU &&
1609 new_rlim->rlim_cur != RLIM_INFINITY &&
1610 IS_ENABLED(CONFIG_POSIX_TIMERS))
1611 update_rlimit_cpu(tsk, new_rlim->rlim_cur);
1612out:
1613 read_unlock(&tasklist_lock);
1614 return retval;
1615}
1616
1617
1618static int check_prlimit_permission(struct task_struct *task,
1619 unsigned int flags)
1620{
1621 const struct cred *cred = current_cred(), *tcred;
1622 bool id_match;
1623
1624 if (current == task)
1625 return 0;
1626
1627 tcred = __task_cred(task);
1628 id_match = (uid_eq(cred->uid, tcred->euid) &&
1629 uid_eq(cred->uid, tcred->suid) &&
1630 uid_eq(cred->uid, tcred->uid) &&
1631 gid_eq(cred->gid, tcred->egid) &&
1632 gid_eq(cred->gid, tcred->sgid) &&
1633 gid_eq(cred->gid, tcred->gid));
1634 if (!id_match && !ns_capable(tcred->user_ns, CAP_SYS_RESOURCE))
1635 return -EPERM;
1636
1637 return security_task_prlimit(cred, tcred, flags);
1638}
1639
1640SYSCALL_DEFINE4(prlimit64, pid_t, pid, unsigned int, resource,
1641 const struct rlimit64 __user *, new_rlim,
1642 struct rlimit64 __user *, old_rlim)
1643{
1644 struct rlimit64 old64, new64;
1645 struct rlimit old, new;
1646 struct task_struct *tsk;
1647 unsigned int checkflags = 0;
1648 int ret;
1649
1650 if (old_rlim)
1651 checkflags |= LSM_PRLIMIT_READ;
1652
1653 if (new_rlim) {
1654 if (copy_from_user(&new64, new_rlim, sizeof(new64)))
1655 return -EFAULT;
1656 rlim64_to_rlim(&new64, &new);
1657 checkflags |= LSM_PRLIMIT_WRITE;
1658 }
1659
1660 rcu_read_lock();
1661 tsk = pid ? find_task_by_vpid(pid) : current;
1662 if (!tsk) {
1663 rcu_read_unlock();
1664 return -ESRCH;
1665 }
1666 ret = check_prlimit_permission(tsk, checkflags);
1667 if (ret) {
1668 rcu_read_unlock();
1669 return ret;
1670 }
1671 get_task_struct(tsk);
1672 rcu_read_unlock();
1673
1674 ret = do_prlimit(tsk, resource, new_rlim ? &new : NULL,
1675 old_rlim ? &old : NULL);
1676
1677 if (!ret && old_rlim) {
1678 rlim_to_rlim64(&old, &old64);
1679 if (copy_to_user(old_rlim, &old64, sizeof(old64)))
1680 ret = -EFAULT;
1681 }
1682
1683 put_task_struct(tsk);
1684 return ret;
1685}
1686
1687SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1688{
1689 struct rlimit new_rlim;
1690
1691 if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
1692 return -EFAULT;
1693 return do_prlimit(current, resource, &new_rlim, NULL);
1694}
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729static void accumulate_thread_rusage(struct task_struct *t, struct rusage *r)
1730{
1731 r->ru_nvcsw += t->nvcsw;
1732 r->ru_nivcsw += t->nivcsw;
1733 r->ru_minflt += t->min_flt;
1734 r->ru_majflt += t->maj_flt;
1735 r->ru_inblock += task_io_get_inblock(t);
1736 r->ru_oublock += task_io_get_oublock(t);
1737}
1738
1739void getrusage(struct task_struct *p, int who, struct rusage *r)
1740{
1741 struct task_struct *t;
1742 unsigned long flags;
1743 u64 tgutime, tgstime, utime, stime;
1744 unsigned long maxrss = 0;
1745
1746 memset((char *)r, 0, sizeof (*r));
1747 utime = stime = 0;
1748
1749 if (who == RUSAGE_THREAD) {
1750 task_cputime_adjusted(current, &utime, &stime);
1751 accumulate_thread_rusage(p, r);
1752 maxrss = p->signal->maxrss;
1753 goto out;
1754 }
1755
1756 if (!lock_task_sighand(p, &flags))
1757 return;
1758
1759 switch (who) {
1760 case RUSAGE_BOTH:
1761 case RUSAGE_CHILDREN:
1762 utime = p->signal->cutime;
1763 stime = p->signal->cstime;
1764 r->ru_nvcsw = p->signal->cnvcsw;
1765 r->ru_nivcsw = p->signal->cnivcsw;
1766 r->ru_minflt = p->signal->cmin_flt;
1767 r->ru_majflt = p->signal->cmaj_flt;
1768 r->ru_inblock = p->signal->cinblock;
1769 r->ru_oublock = p->signal->coublock;
1770 maxrss = p->signal->cmaxrss;
1771
1772 if (who == RUSAGE_CHILDREN)
1773 break;
1774 fallthrough;
1775
1776 case RUSAGE_SELF:
1777 thread_group_cputime_adjusted(p, &tgutime, &tgstime);
1778 utime += tgutime;
1779 stime += tgstime;
1780 r->ru_nvcsw += p->signal->nvcsw;
1781 r->ru_nivcsw += p->signal->nivcsw;
1782 r->ru_minflt += p->signal->min_flt;
1783 r->ru_majflt += p->signal->maj_flt;
1784 r->ru_inblock += p->signal->inblock;
1785 r->ru_oublock += p->signal->oublock;
1786 if (maxrss < p->signal->maxrss)
1787 maxrss = p->signal->maxrss;
1788 t = p;
1789 do {
1790 accumulate_thread_rusage(t, r);
1791 } while_each_thread(p, t);
1792 break;
1793
1794 default:
1795 BUG();
1796 }
1797 unlock_task_sighand(p, &flags);
1798
1799out:
1800 r->ru_utime = ns_to_kernel_old_timeval(utime);
1801 r->ru_stime = ns_to_kernel_old_timeval(stime);
1802
1803 if (who != RUSAGE_CHILDREN) {
1804 struct mm_struct *mm = get_task_mm(p);
1805
1806 if (mm) {
1807 setmax_mm_hiwater_rss(&maxrss, mm);
1808 mmput(mm);
1809 }
1810 }
1811 r->ru_maxrss = maxrss * (PAGE_SIZE / 1024);
1812}
1813
1814SYSCALL_DEFINE2(getrusage, int, who, struct rusage __user *, ru)
1815{
1816 struct rusage r;
1817
1818 if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN &&
1819 who != RUSAGE_THREAD)
1820 return -EINVAL;
1821
1822 getrusage(current, who, &r);
1823 return copy_to_user(ru, &r, sizeof(r)) ? -EFAULT : 0;
1824}
1825
1826#ifdef CONFIG_COMPAT
1827COMPAT_SYSCALL_DEFINE2(getrusage, int, who, struct compat_rusage __user *, ru)
1828{
1829 struct rusage r;
1830
1831 if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN &&
1832 who != RUSAGE_THREAD)
1833 return -EINVAL;
1834
1835 getrusage(current, who, &r);
1836 return put_compat_rusage(&r, ru);
1837}
1838#endif
1839
1840SYSCALL_DEFINE1(umask, int, mask)
1841{
1842 mask = xchg(¤t->fs->umask, mask & S_IRWXUGO);
1843 return mask;
1844}
1845
1846static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd)
1847{
1848 struct fd exe;
1849 struct file *old_exe, *exe_file;
1850 struct inode *inode;
1851 int err;
1852
1853 exe = fdget(fd);
1854 if (!exe.file)
1855 return -EBADF;
1856
1857 inode = file_inode(exe.file);
1858
1859
1860
1861
1862
1863
1864 err = -EACCES;
1865 if (!S_ISREG(inode->i_mode) || path_noexec(&exe.file->f_path))
1866 goto exit;
1867
1868 err = file_permission(exe.file, MAY_EXEC);
1869 if (err)
1870 goto exit;
1871
1872
1873
1874
1875 exe_file = get_mm_exe_file(mm);
1876 err = -EBUSY;
1877 if (exe_file) {
1878 struct vm_area_struct *vma;
1879
1880 mmap_read_lock(mm);
1881 for (vma = mm->mmap; vma; vma = vma->vm_next) {
1882 if (!vma->vm_file)
1883 continue;
1884 if (path_equal(&vma->vm_file->f_path,
1885 &exe_file->f_path))
1886 goto exit_err;
1887 }
1888
1889 mmap_read_unlock(mm);
1890 fput(exe_file);
1891 }
1892
1893 err = 0;
1894
1895 get_file(exe.file);
1896 old_exe = xchg(&mm->exe_file, exe.file);
1897 if (old_exe)
1898 fput(old_exe);
1899exit:
1900 fdput(exe);
1901 return err;
1902exit_err:
1903 mmap_read_unlock(mm);
1904 fput(exe_file);
1905 goto exit;
1906}
1907
1908
1909
1910
1911
1912
1913
1914static int validate_prctl_map_addr(struct prctl_mm_map *prctl_map)
1915{
1916 unsigned long mmap_max_addr = TASK_SIZE;
1917 int error = -EINVAL, i;
1918
1919 static const unsigned char offsets[] = {
1920 offsetof(struct prctl_mm_map, start_code),
1921 offsetof(struct prctl_mm_map, end_code),
1922 offsetof(struct prctl_mm_map, start_data),
1923 offsetof(struct prctl_mm_map, end_data),
1924 offsetof(struct prctl_mm_map, start_brk),
1925 offsetof(struct prctl_mm_map, brk),
1926 offsetof(struct prctl_mm_map, start_stack),
1927 offsetof(struct prctl_mm_map, arg_start),
1928 offsetof(struct prctl_mm_map, arg_end),
1929 offsetof(struct prctl_mm_map, env_start),
1930 offsetof(struct prctl_mm_map, env_end),
1931 };
1932
1933
1934
1935
1936
1937 for (i = 0; i < ARRAY_SIZE(offsets); i++) {
1938 u64 val = *(u64 *)((char *)prctl_map + offsets[i]);
1939
1940 if ((unsigned long)val >= mmap_max_addr ||
1941 (unsigned long)val < mmap_min_addr)
1942 goto out;
1943 }
1944
1945
1946
1947
1948#define __prctl_check_order(__m1, __op, __m2) \
1949 ((unsigned long)prctl_map->__m1 __op \
1950 (unsigned long)prctl_map->__m2) ? 0 : -EINVAL
1951 error = __prctl_check_order(start_code, <, end_code);
1952 error |= __prctl_check_order(start_data,<=, end_data);
1953 error |= __prctl_check_order(start_brk, <=, brk);
1954 error |= __prctl_check_order(arg_start, <=, arg_end);
1955 error |= __prctl_check_order(env_start, <=, env_end);
1956 if (error)
1957 goto out;
1958#undef __prctl_check_order
1959
1960 error = -EINVAL;
1961
1962
1963
1964
1965 if (prctl_map->start_brk <= prctl_map->end_data ||
1966 prctl_map->brk <= prctl_map->end_data)
1967 goto out;
1968
1969
1970
1971
1972 if (check_data_rlimit(rlimit(RLIMIT_DATA), prctl_map->brk,
1973 prctl_map->start_brk, prctl_map->end_data,
1974 prctl_map->start_data))
1975 goto out;
1976
1977 error = 0;
1978out:
1979 return error;
1980}
1981
1982#ifdef CONFIG_CHECKPOINT_RESTORE
1983static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data_size)
1984{
1985 struct prctl_mm_map prctl_map = { .exe_fd = (u32)-1, };
1986 unsigned long user_auxv[AT_VECTOR_SIZE];
1987 struct mm_struct *mm = current->mm;
1988 int error;
1989
1990 BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->saved_auxv));
1991 BUILD_BUG_ON(sizeof(struct prctl_mm_map) > 256);
1992
1993 if (opt == PR_SET_MM_MAP_SIZE)
1994 return put_user((unsigned int)sizeof(prctl_map),
1995 (unsigned int __user *)addr);
1996
1997 if (data_size != sizeof(prctl_map))
1998 return -EINVAL;
1999
2000 if (copy_from_user(&prctl_map, addr, sizeof(prctl_map)))
2001 return -EFAULT;
2002
2003 error = validate_prctl_map_addr(&prctl_map);
2004 if (error)
2005 return error;
2006
2007 if (prctl_map.auxv_size) {
2008
2009
2010
2011 if (!prctl_map.auxv ||
2012 prctl_map.auxv_size > sizeof(mm->saved_auxv))
2013 return -EINVAL;
2014
2015 memset(user_auxv, 0, sizeof(user_auxv));
2016 if (copy_from_user(user_auxv,
2017 (const void __user *)prctl_map.auxv,
2018 prctl_map.auxv_size))
2019 return -EFAULT;
2020
2021
2022 user_auxv[AT_VECTOR_SIZE - 2] = AT_NULL;
2023 user_auxv[AT_VECTOR_SIZE - 1] = AT_NULL;
2024 }
2025
2026 if (prctl_map.exe_fd != (u32)-1) {
2027
2028
2029
2030
2031
2032
2033
2034
2035 if (!checkpoint_restore_ns_capable(current_user_ns()))
2036 return -EPERM;
2037
2038 error = prctl_set_mm_exe_file(mm, prctl_map.exe_fd);
2039 if (error)
2040 return error;
2041 }
2042
2043
2044
2045
2046
2047 mmap_read_lock(mm);
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061 spin_lock(&mm->arg_lock);
2062 mm->start_code = prctl_map.start_code;
2063 mm->end_code = prctl_map.end_code;
2064 mm->start_data = prctl_map.start_data;
2065 mm->end_data = prctl_map.end_data;
2066 mm->start_brk = prctl_map.start_brk;
2067 mm->brk = prctl_map.brk;
2068 mm->start_stack = prctl_map.start_stack;
2069 mm->arg_start = prctl_map.arg_start;
2070 mm->arg_end = prctl_map.arg_end;
2071 mm->env_start = prctl_map.env_start;
2072 mm->env_end = prctl_map.env_end;
2073 spin_unlock(&mm->arg_lock);
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083 if (prctl_map.auxv_size)
2084 memcpy(mm->saved_auxv, user_auxv, sizeof(user_auxv));
2085
2086 mmap_read_unlock(mm);
2087 return 0;
2088}
2089#endif
2090
2091static int prctl_set_auxv(struct mm_struct *mm, unsigned long addr,
2092 unsigned long len)
2093{
2094
2095
2096
2097
2098
2099
2100 unsigned long user_auxv[AT_VECTOR_SIZE] = {};
2101
2102 if (len > sizeof(user_auxv))
2103 return -EINVAL;
2104
2105 if (copy_from_user(user_auxv, (const void __user *)addr, len))
2106 return -EFAULT;
2107
2108
2109 user_auxv[AT_VECTOR_SIZE - 2] = 0;
2110 user_auxv[AT_VECTOR_SIZE - 1] = 0;
2111
2112 BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->saved_auxv));
2113
2114 task_lock(current);
2115 memcpy(mm->saved_auxv, user_auxv, len);
2116 task_unlock(current);
2117
2118 return 0;
2119}
2120
2121static int prctl_set_mm(int opt, unsigned long addr,
2122 unsigned long arg4, unsigned long arg5)
2123{
2124 struct mm_struct *mm = current->mm;
2125 struct prctl_mm_map prctl_map = {
2126 .auxv = NULL,
2127 .auxv_size = 0,
2128 .exe_fd = -1,
2129 };
2130 struct vm_area_struct *vma;
2131 int error;
2132
2133 if (arg5 || (arg4 && (opt != PR_SET_MM_AUXV &&
2134 opt != PR_SET_MM_MAP &&
2135 opt != PR_SET_MM_MAP_SIZE)))
2136 return -EINVAL;
2137
2138#ifdef CONFIG_CHECKPOINT_RESTORE
2139 if (opt == PR_SET_MM_MAP || opt == PR_SET_MM_MAP_SIZE)
2140 return prctl_set_mm_map(opt, (const void __user *)addr, arg4);
2141#endif
2142
2143 if (!capable(CAP_SYS_RESOURCE))
2144 return -EPERM;
2145
2146 if (opt == PR_SET_MM_EXE_FILE)
2147 return prctl_set_mm_exe_file(mm, (unsigned int)addr);
2148
2149 if (opt == PR_SET_MM_AUXV)
2150 return prctl_set_auxv(mm, addr, arg4);
2151
2152 if (addr >= TASK_SIZE || addr < mmap_min_addr)
2153 return -EINVAL;
2154
2155 error = -EINVAL;
2156
2157
2158
2159
2160
2161
2162 mmap_read_lock(mm);
2163 vma = find_vma(mm, addr);
2164
2165 spin_lock(&mm->arg_lock);
2166 prctl_map.start_code = mm->start_code;
2167 prctl_map.end_code = mm->end_code;
2168 prctl_map.start_data = mm->start_data;
2169 prctl_map.end_data = mm->end_data;
2170 prctl_map.start_brk = mm->start_brk;
2171 prctl_map.brk = mm->brk;
2172 prctl_map.start_stack = mm->start_stack;
2173 prctl_map.arg_start = mm->arg_start;
2174 prctl_map.arg_end = mm->arg_end;
2175 prctl_map.env_start = mm->env_start;
2176 prctl_map.env_end = mm->env_end;
2177
2178 switch (opt) {
2179 case PR_SET_MM_START_CODE:
2180 prctl_map.start_code = addr;
2181 break;
2182 case PR_SET_MM_END_CODE:
2183 prctl_map.end_code = addr;
2184 break;
2185 case PR_SET_MM_START_DATA:
2186 prctl_map.start_data = addr;
2187 break;
2188 case PR_SET_MM_END_DATA:
2189 prctl_map.end_data = addr;
2190 break;
2191 case PR_SET_MM_START_STACK:
2192 prctl_map.start_stack = addr;
2193 break;
2194 case PR_SET_MM_START_BRK:
2195 prctl_map.start_brk = addr;
2196 break;
2197 case PR_SET_MM_BRK:
2198 prctl_map.brk = addr;
2199 break;
2200 case PR_SET_MM_ARG_START:
2201 prctl_map.arg_start = addr;
2202 break;
2203 case PR_SET_MM_ARG_END:
2204 prctl_map.arg_end = addr;
2205 break;
2206 case PR_SET_MM_ENV_START:
2207 prctl_map.env_start = addr;
2208 break;
2209 case PR_SET_MM_ENV_END:
2210 prctl_map.env_end = addr;
2211 break;
2212 default:
2213 goto out;
2214 }
2215
2216 error = validate_prctl_map_addr(&prctl_map);
2217 if (error)
2218 goto out;
2219
2220 switch (opt) {
2221
2222
2223
2224
2225
2226
2227
2228 case PR_SET_MM_START_STACK:
2229 case PR_SET_MM_ARG_START:
2230 case PR_SET_MM_ARG_END:
2231 case PR_SET_MM_ENV_START:
2232 case PR_SET_MM_ENV_END:
2233 if (!vma) {
2234 error = -EFAULT;
2235 goto out;
2236 }
2237 }
2238
2239 mm->start_code = prctl_map.start_code;
2240 mm->end_code = prctl_map.end_code;
2241 mm->start_data = prctl_map.start_data;
2242 mm->end_data = prctl_map.end_data;
2243 mm->start_brk = prctl_map.start_brk;
2244 mm->brk = prctl_map.brk;
2245 mm->start_stack = prctl_map.start_stack;
2246 mm->arg_start = prctl_map.arg_start;
2247 mm->arg_end = prctl_map.arg_end;
2248 mm->env_start = prctl_map.env_start;
2249 mm->env_end = prctl_map.env_end;
2250
2251 error = 0;
2252out:
2253 spin_unlock(&mm->arg_lock);
2254 mmap_read_unlock(mm);
2255 return error;
2256}
2257
2258#ifdef CONFIG_CHECKPOINT_RESTORE
2259static int prctl_get_tid_address(struct task_struct *me, int __user * __user *tid_addr)
2260{
2261 return put_user(me->clear_child_tid, tid_addr);
2262}
2263#else
2264static int prctl_get_tid_address(struct task_struct *me, int __user * __user *tid_addr)
2265{
2266 return -EINVAL;
2267}
2268#endif
2269
2270static int propagate_has_child_subreaper(struct task_struct *p, void *data)
2271{
2272
2273
2274
2275
2276
2277
2278
2279
2280 if (p->signal->has_child_subreaper ||
2281 is_child_reaper(task_pid(p)))
2282 return 0;
2283
2284 p->signal->has_child_subreaper = 1;
2285 return 1;
2286}
2287
2288int __weak arch_prctl_spec_ctrl_get(struct task_struct *t, unsigned long which)
2289{
2290 return -EINVAL;
2291}
2292
2293int __weak arch_prctl_spec_ctrl_set(struct task_struct *t, unsigned long which,
2294 unsigned long ctrl)
2295{
2296 return -EINVAL;
2297}
2298
2299#define PR_IO_FLUSHER (PF_MEMALLOC_NOIO | PF_LOCAL_THROTTLE)
2300
2301SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
2302 unsigned long, arg4, unsigned long, arg5)
2303{
2304 struct task_struct *me = current;
2305 unsigned char comm[sizeof(me->comm)];
2306 long error;
2307
2308 error = security_task_prctl(option, arg2, arg3, arg4, arg5);
2309 if (error != -ENOSYS)
2310 return error;
2311
2312 error = 0;
2313 switch (option) {
2314 case PR_SET_PDEATHSIG:
2315 if (!valid_signal(arg2)) {
2316 error = -EINVAL;
2317 break;
2318 }
2319 me->pdeath_signal = arg2;
2320 break;
2321 case PR_GET_PDEATHSIG:
2322 error = put_user(me->pdeath_signal, (int __user *)arg2);
2323 break;
2324 case PR_GET_DUMPABLE:
2325 error = get_dumpable(me->mm);
2326 break;
2327 case PR_SET_DUMPABLE:
2328 if (arg2 != SUID_DUMP_DISABLE && arg2 != SUID_DUMP_USER) {
2329 error = -EINVAL;
2330 break;
2331 }
2332 set_dumpable(me->mm, arg2);
2333 break;
2334
2335 case PR_SET_UNALIGN:
2336 error = SET_UNALIGN_CTL(me, arg2);
2337 break;
2338 case PR_GET_UNALIGN:
2339 error = GET_UNALIGN_CTL(me, arg2);
2340 break;
2341 case PR_SET_FPEMU:
2342 error = SET_FPEMU_CTL(me, arg2);
2343 break;
2344 case PR_GET_FPEMU:
2345 error = GET_FPEMU_CTL(me, arg2);
2346 break;
2347 case PR_SET_FPEXC:
2348 error = SET_FPEXC_CTL(me, arg2);
2349 break;
2350 case PR_GET_FPEXC:
2351 error = GET_FPEXC_CTL(me, arg2);
2352 break;
2353 case PR_GET_TIMING:
2354 error = PR_TIMING_STATISTICAL;
2355 break;
2356 case PR_SET_TIMING:
2357 if (arg2 != PR_TIMING_STATISTICAL)
2358 error = -EINVAL;
2359 break;
2360 case PR_SET_NAME:
2361 comm[sizeof(me->comm) - 1] = 0;
2362 if (strncpy_from_user(comm, (char __user *)arg2,
2363 sizeof(me->comm) - 1) < 0)
2364 return -EFAULT;
2365 set_task_comm(me, comm);
2366 proc_comm_connector(me);
2367 break;
2368 case PR_GET_NAME:
2369 get_task_comm(comm, me);
2370 if (copy_to_user((char __user *)arg2, comm, sizeof(comm)))
2371 return -EFAULT;
2372 break;
2373 case PR_GET_ENDIAN:
2374 error = GET_ENDIAN(me, arg2);
2375 break;
2376 case PR_SET_ENDIAN:
2377 error = SET_ENDIAN(me, arg2);
2378 break;
2379 case PR_GET_SECCOMP:
2380 error = prctl_get_seccomp();
2381 break;
2382 case PR_SET_SECCOMP:
2383 error = prctl_set_seccomp(arg2, (char __user *)arg3);
2384 break;
2385 case PR_GET_TSC:
2386 error = GET_TSC_CTL(arg2);
2387 break;
2388 case PR_SET_TSC:
2389 error = SET_TSC_CTL(arg2);
2390 break;
2391 case PR_TASK_PERF_EVENTS_DISABLE:
2392 error = perf_event_task_disable();
2393 break;
2394 case PR_TASK_PERF_EVENTS_ENABLE:
2395 error = perf_event_task_enable();
2396 break;
2397 case PR_GET_TIMERSLACK:
2398 if (current->timer_slack_ns > ULONG_MAX)
2399 error = ULONG_MAX;
2400 else
2401 error = current->timer_slack_ns;
2402 break;
2403 case PR_SET_TIMERSLACK:
2404 if (arg2 <= 0)
2405 current->timer_slack_ns =
2406 current->default_timer_slack_ns;
2407 else
2408 current->timer_slack_ns = arg2;
2409 break;
2410 case PR_MCE_KILL:
2411 if (arg4 | arg5)
2412 return -EINVAL;
2413 switch (arg2) {
2414 case PR_MCE_KILL_CLEAR:
2415 if (arg3 != 0)
2416 return -EINVAL;
2417 current->flags &= ~PF_MCE_PROCESS;
2418 break;
2419 case PR_MCE_KILL_SET:
2420 current->flags |= PF_MCE_PROCESS;
2421 if (arg3 == PR_MCE_KILL_EARLY)
2422 current->flags |= PF_MCE_EARLY;
2423 else if (arg3 == PR_MCE_KILL_LATE)
2424 current->flags &= ~PF_MCE_EARLY;
2425 else if (arg3 == PR_MCE_KILL_DEFAULT)
2426 current->flags &=
2427 ~(PF_MCE_EARLY|PF_MCE_PROCESS);
2428 else
2429 return -EINVAL;
2430 break;
2431 default:
2432 return -EINVAL;
2433 }
2434 break;
2435 case PR_MCE_KILL_GET:
2436 if (arg2 | arg3 | arg4 | arg5)
2437 return -EINVAL;
2438 if (current->flags & PF_MCE_PROCESS)
2439 error = (current->flags & PF_MCE_EARLY) ?
2440 PR_MCE_KILL_EARLY : PR_MCE_KILL_LATE;
2441 else
2442 error = PR_MCE_KILL_DEFAULT;
2443 break;
2444 case PR_SET_MM:
2445 error = prctl_set_mm(arg2, arg3, arg4, arg5);
2446 break;
2447 case PR_GET_TID_ADDRESS:
2448 error = prctl_get_tid_address(me, (int __user * __user *)arg2);
2449 break;
2450 case PR_SET_CHILD_SUBREAPER:
2451 me->signal->is_child_subreaper = !!arg2;
2452 if (!arg2)
2453 break;
2454
2455 walk_process_tree(me, propagate_has_child_subreaper, NULL);
2456 break;
2457 case PR_GET_CHILD_SUBREAPER:
2458 error = put_user(me->signal->is_child_subreaper,
2459 (int __user *)arg2);
2460 break;
2461 case PR_SET_NO_NEW_PRIVS:
2462 if (arg2 != 1 || arg3 || arg4 || arg5)
2463 return -EINVAL;
2464
2465 task_set_no_new_privs(current);
2466 break;
2467 case PR_GET_NO_NEW_PRIVS:
2468 if (arg2 || arg3 || arg4 || arg5)
2469 return -EINVAL;
2470 return task_no_new_privs(current) ? 1 : 0;
2471 case PR_GET_THP_DISABLE:
2472 if (arg2 || arg3 || arg4 || arg5)
2473 return -EINVAL;
2474 error = !!test_bit(MMF_DISABLE_THP, &me->mm->flags);
2475 break;
2476 case PR_SET_THP_DISABLE:
2477 if (arg3 || arg4 || arg5)
2478 return -EINVAL;
2479 if (mmap_write_lock_killable(me->mm))
2480 return -EINTR;
2481 if (arg2)
2482 set_bit(MMF_DISABLE_THP, &me->mm->flags);
2483 else
2484 clear_bit(MMF_DISABLE_THP, &me->mm->flags);
2485 mmap_write_unlock(me->mm);
2486 break;
2487 case PR_MPX_ENABLE_MANAGEMENT:
2488 case PR_MPX_DISABLE_MANAGEMENT:
2489
2490 return -EINVAL;
2491 case PR_SET_FP_MODE:
2492 error = SET_FP_MODE(me, arg2);
2493 break;
2494 case PR_GET_FP_MODE:
2495 error = GET_FP_MODE(me);
2496 break;
2497 case PR_SVE_SET_VL:
2498 error = SVE_SET_VL(arg2);
2499 break;
2500 case PR_SVE_GET_VL:
2501 error = SVE_GET_VL();
2502 break;
2503 case PR_GET_SPECULATION_CTRL:
2504 if (arg3 || arg4 || arg5)
2505 return -EINVAL;
2506 error = arch_prctl_spec_ctrl_get(me, arg2);
2507 break;
2508 case PR_SET_SPECULATION_CTRL:
2509 if (arg4 || arg5)
2510 return -EINVAL;
2511 error = arch_prctl_spec_ctrl_set(me, arg2, arg3);
2512 break;
2513 case PR_PAC_RESET_KEYS:
2514 if (arg3 || arg4 || arg5)
2515 return -EINVAL;
2516 error = PAC_RESET_KEYS(me, arg2);
2517 break;
2518 case PR_PAC_SET_ENABLED_KEYS:
2519 if (arg4 || arg5)
2520 return -EINVAL;
2521 error = PAC_SET_ENABLED_KEYS(me, arg2, arg3);
2522 break;
2523 case PR_PAC_GET_ENABLED_KEYS:
2524 if (arg2 || arg3 || arg4 || arg5)
2525 return -EINVAL;
2526 error = PAC_GET_ENABLED_KEYS(me);
2527 break;
2528 case PR_SET_TAGGED_ADDR_CTRL:
2529 if (arg3 || arg4 || arg5)
2530 return -EINVAL;
2531 error = SET_TAGGED_ADDR_CTRL(arg2);
2532 break;
2533 case PR_GET_TAGGED_ADDR_CTRL:
2534 if (arg2 || arg3 || arg4 || arg5)
2535 return -EINVAL;
2536 error = GET_TAGGED_ADDR_CTRL();
2537 break;
2538 case PR_SET_IO_FLUSHER:
2539 if (!capable(CAP_SYS_RESOURCE))
2540 return -EPERM;
2541
2542 if (arg3 || arg4 || arg5)
2543 return -EINVAL;
2544
2545 if (arg2 == 1)
2546 current->flags |= PR_IO_FLUSHER;
2547 else if (!arg2)
2548 current->flags &= ~PR_IO_FLUSHER;
2549 else
2550 return -EINVAL;
2551 break;
2552 case PR_GET_IO_FLUSHER:
2553 if (!capable(CAP_SYS_RESOURCE))
2554 return -EPERM;
2555
2556 if (arg2 || arg3 || arg4 || arg5)
2557 return -EINVAL;
2558
2559 error = (current->flags & PR_IO_FLUSHER) == PR_IO_FLUSHER;
2560 break;
2561 case PR_SET_SYSCALL_USER_DISPATCH:
2562 error = set_syscall_user_dispatch(arg2, arg3, arg4,
2563 (char __user *) arg5);
2564 break;
2565#ifdef CONFIG_SCHED_CORE
2566 case PR_SCHED_CORE:
2567 error = sched_core_share_pid(arg2, arg3, arg4, arg5);
2568 break;
2569#endif
2570 default:
2571 error = -EINVAL;
2572 break;
2573 }
2574 return error;
2575}
2576
2577SYSCALL_DEFINE3(getcpu, unsigned __user *, cpup, unsigned __user *, nodep,
2578 struct getcpu_cache __user *, unused)
2579{
2580 int err = 0;
2581 int cpu = raw_smp_processor_id();
2582
2583 if (cpup)
2584 err |= put_user(cpu, cpup);
2585 if (nodep)
2586 err |= put_user(cpu_to_node(cpu), nodep);
2587 return err ? -EFAULT : 0;
2588}
2589
2590
2591
2592
2593
2594static int do_sysinfo(struct sysinfo *info)
2595{
2596 unsigned long mem_total, sav_total;
2597 unsigned int mem_unit, bitcount;
2598 struct timespec64 tp;
2599
2600 memset(info, 0, sizeof(struct sysinfo));
2601
2602 ktime_get_boottime_ts64(&tp);
2603 timens_add_boottime(&tp);
2604 info->uptime = tp.tv_sec + (tp.tv_nsec ? 1 : 0);
2605
2606 get_avenrun(info->loads, 0, SI_LOAD_SHIFT - FSHIFT);
2607
2608 info->procs = nr_threads;
2609
2610 si_meminfo(info);
2611 si_swapinfo(info);
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622 mem_total = info->totalram + info->totalswap;
2623 if (mem_total < info->totalram || mem_total < info->totalswap)
2624 goto out;
2625 bitcount = 0;
2626 mem_unit = info->mem_unit;
2627 while (mem_unit > 1) {
2628 bitcount++;
2629 mem_unit >>= 1;
2630 sav_total = mem_total;
2631 mem_total <<= 1;
2632 if (mem_total < sav_total)
2633 goto out;
2634 }
2635
2636
2637
2638
2639
2640
2641
2642
2643 info->mem_unit = 1;
2644 info->totalram <<= bitcount;
2645 info->freeram <<= bitcount;
2646 info->sharedram <<= bitcount;
2647 info->bufferram <<= bitcount;
2648 info->totalswap <<= bitcount;
2649 info->freeswap <<= bitcount;
2650 info->totalhigh <<= bitcount;
2651 info->freehigh <<= bitcount;
2652
2653out:
2654 return 0;
2655}
2656
2657SYSCALL_DEFINE1(sysinfo, struct sysinfo __user *, info)
2658{
2659 struct sysinfo val;
2660
2661 do_sysinfo(&val);
2662
2663 if (copy_to_user(info, &val, sizeof(struct sysinfo)))
2664 return -EFAULT;
2665
2666 return 0;
2667}
2668
2669#ifdef CONFIG_COMPAT
2670struct compat_sysinfo {
2671 s32 uptime;
2672 u32 loads[3];
2673 u32 totalram;
2674 u32 freeram;
2675 u32 sharedram;
2676 u32 bufferram;
2677 u32 totalswap;
2678 u32 freeswap;
2679 u16 procs;
2680 u16 pad;
2681 u32 totalhigh;
2682 u32 freehigh;
2683 u32 mem_unit;
2684 char _f[20-2*sizeof(u32)-sizeof(int)];
2685};
2686
2687COMPAT_SYSCALL_DEFINE1(sysinfo, struct compat_sysinfo __user *, info)
2688{
2689 struct sysinfo s;
2690 struct compat_sysinfo s_32;
2691
2692 do_sysinfo(&s);
2693
2694
2695
2696
2697 if (upper_32_bits(s.totalram) || upper_32_bits(s.totalswap)) {
2698 int bitcount = 0;
2699
2700 while (s.mem_unit < PAGE_SIZE) {
2701 s.mem_unit <<= 1;
2702 bitcount++;
2703 }
2704
2705 s.totalram >>= bitcount;
2706 s.freeram >>= bitcount;
2707 s.sharedram >>= bitcount;
2708 s.bufferram >>= bitcount;
2709 s.totalswap >>= bitcount;
2710 s.freeswap >>= bitcount;
2711 s.totalhigh >>= bitcount;
2712 s.freehigh >>= bitcount;
2713 }
2714
2715 memset(&s_32, 0, sizeof(s_32));
2716 s_32.uptime = s.uptime;
2717 s_32.loads[0] = s.loads[0];
2718 s_32.loads[1] = s.loads[1];
2719 s_32.loads[2] = s.loads[2];
2720 s_32.totalram = s.totalram;
2721 s_32.freeram = s.freeram;
2722 s_32.sharedram = s.sharedram;
2723 s_32.bufferram = s.bufferram;
2724 s_32.totalswap = s.totalswap;
2725 s_32.freeswap = s.freeswap;
2726 s_32.procs = s.procs;
2727 s_32.totalhigh = s.totalhigh;
2728 s_32.freehigh = s.freehigh;
2729 s_32.mem_unit = s.mem_unit;
2730 if (copy_to_user(info, &s_32, sizeof(s_32)))
2731 return -EFAULT;
2732 return 0;
2733}
2734#endif
2735