4 * Copyright (C) 1991, 1992 Linus Torvalds
7 #include <linux/config.h>
8 #include <linux/module.h>
10 #include <linux/utsname.h>
11 #include <linux/mman.h>
12 #include <linux/smp_lock.h>
13 #include <linux/notifier.h>
14 #include <linux/kmod.h>
15 #include <linux/reboot.h>
16 #include <linux/prctl.h>
17 #include <linux/init.h>
18 #include <linux/highuid.h>
20 #include <linux/kernel.h>
21 #include <linux/kexec.h>
22 #include <linux/workqueue.h>
23 #include <linux/device.h>
24 #include <linux/key.h>
25 #include <linux/times.h>
26 #include <linux/security.h>
27 #include <linux/dcookies.h>
28 #include <linux/suspend.h>
29 #include <linux/tty.h>
30 #include <linux/vs_cvirt.h>
31 #include <linux/compat.h>
32 #include <linux/syscalls.h>
34 #include <asm/uaccess.h>
36 #include <asm/unistd.h>
38 #ifndef SET_UNALIGN_CTL
39 # define SET_UNALIGN_CTL(a,b) (-EINVAL)
41 #ifndef GET_UNALIGN_CTL
42 # define GET_UNALIGN_CTL(a,b) (-EINVAL)
45 # define SET_FPEMU_CTL(a,b) (-EINVAL)
48 # define GET_FPEMU_CTL(a,b) (-EINVAL)
51 # define SET_FPEXC_CTL(a,b) (-EINVAL)
54 # define GET_FPEXC_CTL(a,b) (-EINVAL)
58 * this is where the system-wide overflow UID and GID are defined, for
59 * architectures that now have 32-bit UID/GID but didn't in the past
62 int overflowuid = DEFAULT_OVERFLOWUID;
63 int overflowgid = DEFAULT_OVERFLOWGID;
66 EXPORT_SYMBOL(overflowuid);
67 EXPORT_SYMBOL(overflowgid);
71 * the same as above, but for filesystems which can only store a 16-bit
72 * UID and GID. as such, this is needed on all architectures
75 int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
76 int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
78 EXPORT_SYMBOL(fs_overflowuid);
79 EXPORT_SYMBOL(fs_overflowgid);
82 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
89 * Notifier list for kernel code which wants to be called
90 * at shutdown. This is used to stop any idling DMA operations
94 static struct notifier_block *reboot_notifier_list;
95 rwlock_t notifier_lock = RW_LOCK_UNLOCKED;
98 * notifier_chain_register - Add notifier to a notifier chain
99 * @list: Pointer to root list pointer
100 * @n: New entry in notifier chain
102 * Adds a notifier to a notifier chain.
104 * Currently always returns zero.
107 int notifier_chain_register(struct notifier_block **list, struct notifier_block *n)
109 write_lock(¬ifier_lock);
112 if(n->priority > (*list)->priority)
114 list= &((*list)->next);
118 write_unlock(¬ifier_lock);
122 EXPORT_SYMBOL(notifier_chain_register);
125 * notifier_chain_unregister - Remove notifier from a notifier chain
126 * @nl: Pointer to root list pointer
127 * @n: New entry in notifier chain
129 * Removes a notifier from a notifier chain.
131 * Returns zero on success, or %-ENOENT on failure.
134 int notifier_chain_unregister(struct notifier_block **nl, struct notifier_block *n)
136 write_lock(¬ifier_lock);
142 write_unlock(¬ifier_lock);
147 write_unlock(¬ifier_lock);
151 EXPORT_SYMBOL(notifier_chain_unregister);
154 * notifier_call_chain - Call functions in a notifier chain
155 * @n: Pointer to root pointer of notifier chain
156 * @val: Value passed unmodified to notifier function
157 * @v: Pointer passed unmodified to notifier function
159 * Calls each function in a notifier chain in turn.
161 * If the return value of the notifier can be and'd
162 * with %NOTIFY_STOP_MASK, then notifier_call_chain
163 * will return immediately, with the return value of
164 * the notifier function which halted execution.
165 * Otherwise, the return value is the return value
166 * of the last notifier function called.
169 int notifier_call_chain(struct notifier_block **n, unsigned long val, void *v)
172 struct notifier_block *nb = *n;
176 ret=nb->notifier_call(nb,val,v);
177 if(ret&NOTIFY_STOP_MASK)
186 EXPORT_SYMBOL(notifier_call_chain);
189 * register_reboot_notifier - Register function to be called at reboot time
190 * @nb: Info about notifier function to be called
192 * Registers a function with the list of functions
193 * to be called at reboot time.
195 * Currently always returns zero, as notifier_chain_register
196 * always returns zero.
199 int register_reboot_notifier(struct notifier_block * nb)
201 return notifier_chain_register(&reboot_notifier_list, nb);
204 EXPORT_SYMBOL(register_reboot_notifier);
207 * unregister_reboot_notifier - Unregister previously registered reboot notifier
208 * @nb: Hook to be unregistered
210 * Unregisters a previously registered reboot
213 * Returns zero on success, or %-ENOENT on failure.
216 int unregister_reboot_notifier(struct notifier_block * nb)
218 return notifier_chain_unregister(&reboot_notifier_list, nb);
221 EXPORT_SYMBOL(unregister_reboot_notifier);
222 static int set_one_prio(struct task_struct *p, int niceval, int error)
226 if (p->uid != current->euid &&
227 p->uid != current->uid && !capable(CAP_SYS_NICE)) {
231 if (niceval < task_nice(p) && !capable(CAP_SYS_NICE)) {
232 if (vx_flags(VXF_IGNEG_NICE, 0))
238 no_nice = security_task_setnice(p, niceval);
245 set_user_nice(p, niceval);
250 asmlinkage long sys_setpriority(int which, int who, int niceval)
252 struct task_struct *g, *p;
253 struct user_struct *user;
256 if (which > 2 || which < 0)
259 /* normalize: avoid signed division (rounding problems) */
266 read_lock(&tasklist_lock);
271 p = find_task_by_pid(who);
273 error = set_one_prio(p, niceval, error);
277 who = process_group(current);
278 do_each_task_pid(who, PIDTYPE_PGID, p) {
279 error = set_one_prio(p, niceval, error);
280 } while_each_task_pid(who, PIDTYPE_PGID, p);
283 user = current->user;
287 if ((who != current->uid) &&
288 !(user = find_user(vx_current_xid(), who)))
289 goto out_unlock; /* No processes for this user */
293 error = set_one_prio(p, niceval, error);
294 while_each_thread(g, p);
295 if (who != current->uid)
296 free_uid(user); /* For find_user() */
300 read_unlock(&tasklist_lock);
306 * Ugh. To avoid negative return values, "getpriority()" will
307 * not return the normal nice-value, but a negated value that
308 * has been offset by 20 (ie it returns 40..1 instead of -20..19)
309 * to stay compatible.
311 asmlinkage long sys_getpriority(int which, int who)
313 struct task_struct *g, *p;
314 struct user_struct *user;
315 long niceval, retval = -ESRCH;
317 if (which > 2 || which < 0)
320 read_lock(&tasklist_lock);
325 p = find_task_by_pid(who);
327 niceval = 20 - task_nice(p);
328 if (niceval > retval)
334 who = process_group(current);
335 do_each_task_pid(who, PIDTYPE_PGID, p) {
336 niceval = 20 - task_nice(p);
337 if (niceval > retval)
339 } while_each_task_pid(who, PIDTYPE_PGID, p);
342 user = current->user;
346 if ((who != current->uid) &&
347 !(user = find_user(vx_current_xid(), who)))
348 goto out_unlock; /* No processes for this user */
352 niceval = 20 - task_nice(p);
353 if (niceval > retval)
356 while_each_thread(g, p);
357 if (who != current->uid)
358 free_uid(user); /* for find_user() */
362 read_unlock(&tasklist_lock);
364 key_fsgid_changed(current);
368 long vs_reboot(unsigned int, void *);
371 * Reboot system call: for obvious reasons only root may call it,
372 * and even root needs to set up some magic numbers in the registers
373 * so that some mistake won't make this reboot the whole machine.
374 * You can also set the meaning of the ctrl-alt-del-key here.
376 * reboot doesn't sync: do that yourself before calling this.
378 asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
382 /* We only trust the superuser with rebooting the system. */
383 if (!capable(CAP_SYS_BOOT))
386 /* For safety, we require "magic" arguments. */
387 if (magic1 != LINUX_REBOOT_MAGIC1 ||
388 (magic2 != LINUX_REBOOT_MAGIC2 &&
389 magic2 != LINUX_REBOOT_MAGIC2A &&
390 magic2 != LINUX_REBOOT_MAGIC2B &&
391 magic2 != LINUX_REBOOT_MAGIC2C))
394 if (!vx_check(0, VX_ADMIN|VX_WATCH))
395 return vs_reboot(cmd, arg);
399 case LINUX_REBOOT_CMD_RESTART:
400 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
401 system_state = SYSTEM_RESTART;
403 printk(KERN_EMERG "Restarting system.\n");
404 machine_restart(NULL);
407 case LINUX_REBOOT_CMD_CAD_ON:
411 case LINUX_REBOOT_CMD_CAD_OFF:
415 case LINUX_REBOOT_CMD_HALT:
416 notifier_call_chain(&reboot_notifier_list, SYS_HALT, NULL);
417 system_state = SYSTEM_HALT;
419 printk(KERN_EMERG "System halted.\n");
425 case LINUX_REBOOT_CMD_POWER_OFF:
426 notifier_call_chain(&reboot_notifier_list, SYS_POWER_OFF, NULL);
427 system_state = SYSTEM_POWER_OFF;
429 printk(KERN_EMERG "Power down.\n");
435 case LINUX_REBOOT_CMD_RESTART2:
436 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
440 buffer[sizeof(buffer) - 1] = '\0';
442 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, buffer);
443 system_state = SYSTEM_RESTART;
445 printk(KERN_EMERG "Restarting system with command '%s'.\n", buffer);
446 machine_restart(buffer);
450 case LINUX_REBOOT_CMD_KEXEC:
452 struct kimage *image;
453 image = xchg(&kexec_image, 0);
458 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
459 system_state = SYSTEM_RESTART;
461 system_state = SYSTEM_BOOTING;
462 printk(KERN_EMERG "Starting new kernel\n");
464 machine_kexec(image);
469 #ifdef CONFIG_SOFTWARE_SUSPEND
470 case LINUX_REBOOT_CMD_SW_SUSPEND:
472 int ret = software_suspend();
486 static void deferred_cad(void *dummy)
488 notifier_call_chain(&reboot_notifier_list, SYS_RESTART, NULL);
489 machine_restart(NULL);
493 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
494 * As it's called within an interrupt, it may NOT sync: the only choice
495 * is whether to reboot at once, or just ignore the ctrl-alt-del.
497 void ctrl_alt_del(void)
499 static DECLARE_WORK(cad_work, deferred_cad, NULL);
502 schedule_work(&cad_work);
504 kill_proc(cad_pid, SIGINT, 1);
510 * Unprivileged users may change the real gid to the effective gid
511 * or vice versa. (BSD-style)
513 * If you set the real gid at all, or set the effective gid to a value not
514 * equal to the real gid, then the saved gid is set to the new effective gid.
516 * This makes it possible for a setgid program to completely drop its
517 * privileges, which is often a useful assertion to make when you are doing
518 * a security audit over a program.
520 * The general idea is that a program which uses just setregid() will be
521 * 100% compatible with BSD. A program which uses just setgid() will be
522 * 100% compatible with POSIX with saved IDs.
524 * SMP: There are not races, the GIDs are checked only by filesystem
525 * operations (as far as semantic preservation is concerned).
527 asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
529 int old_rgid = current->gid;
530 int old_egid = current->egid;
531 int new_rgid = old_rgid;
532 int new_egid = old_egid;
535 retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
539 if (rgid != (gid_t) -1) {
540 if ((old_rgid == rgid) ||
541 (current->egid==rgid) ||
547 if (egid != (gid_t) -1) {
548 if ((old_rgid == egid) ||
549 (current->egid == egid) ||
550 (current->sgid == egid) ||
557 if (new_egid != old_egid)
559 current->mm->dumpable = suid_dumpable;
562 if (rgid != (gid_t) -1 ||
563 (egid != (gid_t) -1 && egid != old_rgid))
564 current->sgid = new_egid;
565 current->fsgid = new_egid;
566 current->egid = new_egid;
567 current->gid = new_rgid;
569 key_fsgid_changed(current);
574 * setgid() is implemented like SysV w/ SAVED_IDS
576 * SMP: Same implicit races as above.
578 asmlinkage long sys_setgid(gid_t gid)
580 int old_egid = current->egid;
583 retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
587 if (capable(CAP_SETGID))
591 current->mm->dumpable = suid_dumpable;
594 current->gid = current->egid = current->sgid = current->fsgid = gid;
596 else if ((gid == current->gid) || (gid == current->sgid))
600 current->mm->dumpable = suid_dumpable;
603 current->egid = current->fsgid = gid;
608 key_fsgid_changed(current);
613 static int set_user(uid_t new_ruid, int dumpclear)
615 struct user_struct *new_user;
617 new_user = alloc_uid(vx_current_xid(), new_ruid);
621 if (atomic_read(&new_user->processes) >=
622 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
623 new_user != &root_user) {
628 switch_uid(new_user);
632 current->mm->dumpable = suid_dumpable;
635 current->uid = new_ruid;
640 * Unprivileged users may change the real uid to the effective uid
641 * or vice versa. (BSD-style)
643 * If you set the real uid at all, or set the effective uid to a value not
644 * equal to the real uid, then the saved uid is set to the new effective uid.
646 * This makes it possible for a setuid program to completely drop its
647 * privileges, which is often a useful assertion to make when you are doing
648 * a security audit over a program.
650 * The general idea is that a program which uses just setreuid() will be
651 * 100% compatible with BSD. A program which uses just setuid() will be
652 * 100% compatible with POSIX with saved IDs.
654 asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
656 int old_ruid, old_euid, old_suid, new_ruid, new_euid;
659 retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
663 new_ruid = old_ruid = current->uid;
664 new_euid = old_euid = current->euid;
665 old_suid = current->suid;
667 if (ruid != (uid_t) -1) {
669 if ((old_ruid != ruid) &&
670 (current->euid != ruid) &&
671 !capable(CAP_SETUID))
675 if (euid != (uid_t) -1) {
677 if ((old_ruid != euid) &&
678 (current->euid != euid) &&
679 (current->suid != euid) &&
680 !capable(CAP_SETUID))
684 if (new_ruid != old_ruid && set_user(new_ruid, new_euid != old_euid) < 0)
687 if (new_euid != old_euid)
689 current->mm->dumpable = suid_dumpable;
692 current->fsuid = current->euid = new_euid;
693 if (ruid != (uid_t) -1 ||
694 (euid != (uid_t) -1 && euid != old_ruid))
695 current->suid = current->euid;
696 current->fsuid = current->euid;
698 key_fsuid_changed(current);
700 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
706 * setuid() is implemented like SysV with SAVED_IDS
708 * Note that SAVED_ID's is deficient in that a setuid root program
709 * like sendmail, for example, cannot set its uid to be a normal
710 * user and then switch back, because if you're root, setuid() sets
711 * the saved uid too. If you don't like this, blame the bright people
712 * in the POSIX committee and/or USG. Note that the BSD-style setreuid()
713 * will allow a root program to temporarily drop privileges and be able to
714 * regain them by swapping the real and effective uid.
716 asmlinkage long sys_setuid(uid_t uid)
718 int old_euid = current->euid;
719 int old_ruid, old_suid, new_ruid, new_suid;
722 retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
726 old_ruid = new_ruid = current->uid;
727 old_suid = current->suid;
730 if (capable(CAP_SETUID)) {
731 if (uid != old_ruid && set_user(uid, old_euid != uid) < 0)
734 } else if ((uid != current->uid) && (uid != new_suid))
739 current->mm->dumpable = suid_dumpable;
742 current->fsuid = current->euid = uid;
743 current->suid = new_suid;
745 key_fsuid_changed(current);
747 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
752 * This function implements a generic ability to update ruid, euid,
753 * and suid. This allows you to implement the 4.4 compatible seteuid().
755 asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
757 int old_ruid = current->uid;
758 int old_euid = current->euid;
759 int old_suid = current->suid;
762 retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
766 if (!capable(CAP_SETUID)) {
767 if ((ruid != (uid_t) -1) && (ruid != current->uid) &&
768 (ruid != current->euid) && (ruid != current->suid))
770 if ((euid != (uid_t) -1) && (euid != current->uid) &&
771 (euid != current->euid) && (euid != current->suid))
773 if ((suid != (uid_t) -1) && (suid != current->uid) &&
774 (suid != current->euid) && (suid != current->suid))
777 if (ruid != (uid_t) -1) {
778 if (ruid != current->uid && set_user(ruid, euid != current->euid) < 0)
781 if (euid != (uid_t) -1) {
782 if (euid != current->euid)
784 current->mm->dumpable = suid_dumpable;
787 current->euid = euid;
789 current->fsuid = current->euid;
790 if (suid != (uid_t) -1)
791 current->suid = suid;
793 key_fsuid_changed(current);
795 return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
798 asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
802 if (!(retval = put_user(current->uid, ruid)) &&
803 !(retval = put_user(current->euid, euid)))
804 retval = put_user(current->suid, suid);
810 * Same as above, but for rgid, egid, sgid.
812 asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
816 retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
820 if (!capable(CAP_SETGID)) {
821 if ((rgid != (gid_t) -1) && (rgid != current->gid) &&
822 (rgid != current->egid) && (rgid != current->sgid))
824 if ((egid != (gid_t) -1) && (egid != current->gid) &&
825 (egid != current->egid) && (egid != current->sgid))
827 if ((sgid != (gid_t) -1) && (sgid != current->gid) &&
828 (sgid != current->egid) && (sgid != current->sgid))
831 if (egid != (gid_t) -1) {
832 if (egid != current->egid)
834 current->mm->dumpable = suid_dumpable;
837 current->egid = egid;
839 current->fsgid = current->egid;
840 if (rgid != (gid_t) -1)
842 if (sgid != (gid_t) -1)
843 current->sgid = sgid;
845 key_fsgid_changed(current);
849 asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
853 if (!(retval = put_user(current->gid, rgid)) &&
854 !(retval = put_user(current->egid, egid)))
855 retval = put_user(current->sgid, sgid);
862 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
863 * is used for "access()" and for the NFS daemon (letting nfsd stay at
864 * whatever uid it wants to). It normally shadows "euid", except when
865 * explicitly set by setfsuid() or for access..
867 asmlinkage long sys_setfsuid(uid_t uid)
871 old_fsuid = current->fsuid;
872 if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
875 if (uid == current->uid || uid == current->euid ||
876 uid == current->suid || uid == current->fsuid ||
879 if (uid != old_fsuid)
881 current->mm->dumpable = suid_dumpable;
884 current->fsuid = uid;
887 key_fsuid_changed(current);
889 security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
895 * Samma på svenska..
897 asmlinkage long sys_setfsgid(gid_t gid)
901 old_fsgid = current->fsgid;
902 if (security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS))
905 if (gid == current->gid || gid == current->egid ||
906 gid == current->sgid || gid == current->fsgid ||
909 if (gid != old_fsgid)
911 current->mm->dumpable = suid_dumpable;
914 current->fsgid = gid;
915 key_fsgid_changed(current);
920 asmlinkage long sys_times(struct tms __user * tbuf)
923 * In the SMP world we might just be unlucky and have one of
924 * the times increment as we use it. Since the value is an
925 * atomically safe type this is just fine. Conceptually its
926 * as if the syscall took an instant longer to occur.
930 struct task_struct *tsk = current;
931 struct task_struct *t;
932 unsigned long utime, stime, cutime, cstime;
934 read_lock(&tasklist_lock);
935 utime = tsk->signal->utime;
936 stime = tsk->signal->stime;
945 * While we have tasklist_lock read-locked, no dying thread
946 * can be updating current->signal->[us]time. Instead,
947 * we got their counts included in the live thread loop.
948 * However, another thread can come in right now and
949 * do a wait call that updates current->signal->c[us]time.
950 * To make sure we always see that pair updated atomically,
951 * we take the siglock around fetching them.
953 spin_lock_irq(&tsk->sighand->siglock);
954 cutime = tsk->signal->cutime;
955 cstime = tsk->signal->cstime;
956 spin_unlock_irq(&tsk->sighand->siglock);
957 read_unlock(&tasklist_lock);
959 tmp.tms_utime = jiffies_to_clock_t(utime);
960 tmp.tms_stime = jiffies_to_clock_t(stime);
961 tmp.tms_cutime = jiffies_to_clock_t(cutime);
962 tmp.tms_cstime = jiffies_to_clock_t(cstime);
963 if (copy_to_user(tbuf, &tmp, sizeof(struct tms)))
966 return (long) jiffies_64_to_clock_t(get_jiffies_64());
970 * This needs some heavy checking ...
971 * I just haven't the stomach for it. I also don't fully
972 * understand sessions/pgrp etc. Let somebody who does explain it.
974 * OK, I think I have the protection semantics right.... this is really
975 * only important on a multi-user system anyway, to make sure one user
976 * can't send a signal to a process owned by another. -TYT, 12/12/91
978 * Auch. Had to add the 'did_exec' flag to conform completely to POSIX.
982 asmlinkage long sys_setpgid(pid_t pid, pid_t pgid)
984 struct task_struct *p;
989 pid = vx_map_pid(current->pid);
995 rpgid = vx_rmap_pid(pgid);
997 /* From this point forward we keep holding onto the tasklist lock
998 * so that our parent does not change from under us. -DaveM
1000 write_lock_irq(&tasklist_lock);
1003 p = find_task_by_pid(pid);
1008 if (!thread_group_leader(p))
1011 if (p->parent == current || p->real_parent == current) {
1013 if (p->signal->session != current->signal->session)
1025 if (p->signal->leader)
1029 struct task_struct *p;
1031 do_each_task_pid(rpgid, PIDTYPE_PGID, p) {
1032 if (p->signal->session == current->signal->session)
1034 } while_each_task_pid(rpgid, PIDTYPE_PGID, p);
1039 err = security_task_setpgid(p, rpgid);
1043 if (process_group(p) != rpgid) {
1044 detach_pid(p, PIDTYPE_PGID);
1045 p->signal->pgrp = rpgid;
1046 attach_pid(p, PIDTYPE_PGID, rpgid);
1051 /* All paths lead to here, thus we are safe. -DaveM */
1052 write_unlock_irq(&tasklist_lock);
1056 asmlinkage long sys_getpgid(pid_t pid)
1059 return vx_rmap_pid(process_group(current));
1062 struct task_struct *p;
1064 read_lock(&tasklist_lock);
1065 p = find_task_by_pid(pid);
1069 retval = security_task_getpgid(p);
1071 retval = vx_rmap_pid(process_group(p));
1073 read_unlock(&tasklist_lock);
1078 #ifdef __ARCH_WANT_SYS_GETPGRP
1080 asmlinkage long sys_getpgrp(void)
1082 /* SMP - assuming writes are word atomic this is fine */
1083 return process_group(current);
1088 asmlinkage long sys_getsid(pid_t pid)
1091 return current->signal->session;
1094 struct task_struct *p;
1096 read_lock(&tasklist_lock);
1097 p = find_task_by_pid(pid);
1101 retval = security_task_getsid(p);
1103 retval = p->signal->session;
1105 read_unlock(&tasklist_lock);
1110 asmlinkage long sys_setsid(void)
1115 if (!thread_group_leader(current))
1119 write_lock_irq(&tasklist_lock);
1121 pid = find_pid(PIDTYPE_PGID, current->pid);
1125 current->signal->leader = 1;
1126 __set_special_pids(current->pid, current->pid);
1127 current->signal->tty = NULL;
1128 current->signal->tty_old_pgrp = 0;
1129 err = process_group(current);
1131 write_unlock_irq(&tasklist_lock);
1137 * Supplementary group IDs
1140 /* init to 2 - one for init_task, one to ensure it is never freed */
1141 struct group_info init_groups = { .usage = ATOMIC_INIT(2) };
1143 struct group_info *groups_alloc(int gidsetsize)
1145 struct group_info *group_info;
1149 nblocks = (gidsetsize + NGROUPS_PER_BLOCK - 1) / NGROUPS_PER_BLOCK;
1150 /* Make sure we always allocate at least one indirect block pointer */
1151 nblocks = nblocks ? : 1;
1152 group_info = kmalloc(sizeof(*group_info) + nblocks*sizeof(gid_t *), GFP_USER);
1155 group_info->ngroups = gidsetsize;
1156 group_info->nblocks = nblocks;
1157 atomic_set(&group_info->usage, 1);
1159 if (gidsetsize <= NGROUPS_SMALL) {
1160 group_info->blocks[0] = group_info->small_block;
1162 for (i = 0; i < nblocks; i++) {
1164 b = (void *)__get_free_page(GFP_USER);
1166 goto out_undo_partial_alloc;
1167 group_info->blocks[i] = b;
1172 out_undo_partial_alloc:
1174 free_page((unsigned long)group_info->blocks[i]);
1180 EXPORT_SYMBOL(groups_alloc);
1182 void groups_free(struct group_info *group_info)
1184 if (group_info->blocks[0] != group_info->small_block) {
1186 for (i = 0; i < group_info->nblocks; i++)
1187 free_page((unsigned long)group_info->blocks[i]);
1192 EXPORT_SYMBOL(groups_free);
1194 /* export the group_info to a user-space array */
1195 static int groups_to_user(gid_t __user *grouplist,
1196 struct group_info *group_info)
1199 int count = group_info->ngroups;
1201 for (i = 0; i < group_info->nblocks; i++) {
1202 int cp_count = min(NGROUPS_PER_BLOCK, count);
1203 int off = i * NGROUPS_PER_BLOCK;
1204 int len = cp_count * sizeof(*grouplist);
1206 if (copy_to_user(grouplist+off, group_info->blocks[i], len))
1214 /* fill a group_info from a user-space array - it must be allocated already */
1215 static int groups_from_user(struct group_info *group_info,
1216 gid_t __user *grouplist)
1219 int count = group_info->ngroups;
1221 for (i = 0; i < group_info->nblocks; i++) {
1222 int cp_count = min(NGROUPS_PER_BLOCK, count);
1223 int off = i * NGROUPS_PER_BLOCK;
1224 int len = cp_count * sizeof(*grouplist);
1226 if (copy_from_user(group_info->blocks[i], grouplist+off, len))
1234 /* a simple shell-metzner sort */
1235 static void groups_sort(struct group_info *group_info)
1237 int base, max, stride;
1238 int gidsetsize = group_info->ngroups;
1240 for (stride = 1; stride < gidsetsize; stride = 3 * stride + 1)
1245 max = gidsetsize - stride;
1246 for (base = 0; base < max; base++) {
1248 int right = left + stride;
1249 gid_t tmp = GROUP_AT(group_info, right);
1251 while (left >= 0 && GROUP_AT(group_info, left) > tmp) {
1252 GROUP_AT(group_info, right) =
1253 GROUP_AT(group_info, left);
1257 GROUP_AT(group_info, right) = tmp;
1263 /* a simple bsearch */
1264 static int groups_search(struct group_info *group_info, gid_t grp)
1272 right = group_info->ngroups;
1273 while (left < right) {
1274 int mid = (left+right)/2;
1275 int cmp = grp - GROUP_AT(group_info, mid);
1286 /* validate and set current->group_info */
1287 int set_current_groups(struct group_info *group_info)
1290 struct group_info *old_info;
1292 retval = security_task_setgroups(group_info);
1296 groups_sort(group_info);
1297 get_group_info(group_info);
1300 old_info = current->group_info;
1301 current->group_info = group_info;
1302 task_unlock(current);
1304 put_group_info(old_info);
1309 EXPORT_SYMBOL(set_current_groups);
1311 asmlinkage long sys_getgroups(int gidsetsize, gid_t __user *grouplist)
1316 * SMP: Nobody else can change our grouplist. Thus we are
1323 /* no need to grab task_lock here; it cannot change */
1324 get_group_info(current->group_info);
1325 i = current->group_info->ngroups;
1327 if (i > gidsetsize) {
1331 if (groups_to_user(grouplist, current->group_info)) {
1337 put_group_info(current->group_info);
1342 * SMP: Our groups are copy-on-write. We can set them safely
1343 * without another task interfering.
1346 asmlinkage long sys_setgroups(int gidsetsize, gid_t __user *grouplist)
1348 struct group_info *group_info;
1351 if (!capable(CAP_SETGID))
1353 if ((unsigned)gidsetsize > NGROUPS_MAX)
1356 group_info = groups_alloc(gidsetsize);
1359 retval = groups_from_user(group_info, grouplist);
1361 put_group_info(group_info);
1365 retval = set_current_groups(group_info);
1366 put_group_info(group_info);
1372 * Check whether we're fsgid/egid or in the supplemental group..
1374 int in_group_p(gid_t grp)
1377 if (grp != current->fsgid) {
1378 get_group_info(current->group_info);
1379 retval = groups_search(current->group_info, grp);
1380 put_group_info(current->group_info);
1385 EXPORT_SYMBOL(in_group_p);
1387 int in_egroup_p(gid_t grp)
1390 if (grp != current->egid) {
1391 get_group_info(current->group_info);
1392 retval = groups_search(current->group_info, grp);
1393 put_group_info(current->group_info);
1398 EXPORT_SYMBOL(in_egroup_p);
1400 DECLARE_RWSEM(uts_sem);
1402 EXPORT_SYMBOL(uts_sem);
1404 asmlinkage long sys_newuname(struct new_utsname __user * name)
1408 down_read(&uts_sem);
1409 if (copy_to_user(name, vx_new_utsname(), sizeof *name))
1415 asmlinkage long sys_sethostname(char __user *name, int len)
1418 char tmp[__NEW_UTS_LEN];
1420 if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SET_UTSNAME))
1422 if (len < 0 || len > __NEW_UTS_LEN)
1424 down_write(&uts_sem);
1426 if (!copy_from_user(tmp, name, len)) {
1427 char *ptr = vx_new_uts(nodename);
1429 memcpy(ptr, tmp, len);
1437 #ifdef __ARCH_WANT_SYS_GETHOSTNAME
1439 asmlinkage long sys_gethostname(char __user *name, int len)
1446 down_read(&uts_sem);
1447 ptr = vx_new_uts(nodename);
1448 i = 1 + strlen(ptr);
1452 if (copy_to_user(name, ptr, i))
1461 * Only setdomainname; getdomainname can be implemented by calling
1464 asmlinkage long sys_setdomainname(char __user *name, int len)
1467 char tmp[__NEW_UTS_LEN];
1469 if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SET_UTSNAME))
1471 if (len < 0 || len > __NEW_UTS_LEN)
1474 down_write(&uts_sem);
1476 if (!copy_from_user(tmp, name, len)) {
1477 char *ptr = vx_new_uts(domainname);
1479 memcpy(ptr, tmp, len);
1487 asmlinkage long sys_getrlimit(unsigned int resource, struct rlimit __user *rlim)
1489 if (resource >= RLIM_NLIMITS)
1492 struct rlimit value;
1493 task_lock(current->group_leader);
1494 value = current->signal->rlim[resource];
1495 task_unlock(current->group_leader);
1496 return copy_to_user(rlim, &value, sizeof(*rlim)) ? -EFAULT : 0;
1500 #ifdef __ARCH_WANT_SYS_OLD_GETRLIMIT
1503 * Back compatibility for getrlimit. Needed for some apps.
1506 asmlinkage long sys_old_getrlimit(unsigned int resource, struct rlimit __user *rlim)
1509 if (resource >= RLIM_NLIMITS)
1512 task_lock(current->group_leader);
1513 x = current->signal->rlim[resource];
1514 task_unlock(current->group_leader);
1515 if(x.rlim_cur > 0x7FFFFFFF)
1516 x.rlim_cur = 0x7FFFFFFF;
1517 if(x.rlim_max > 0x7FFFFFFF)
1518 x.rlim_max = 0x7FFFFFFF;
1519 return copy_to_user(rlim, &x, sizeof(x))?-EFAULT:0;
1524 asmlinkage long sys_setrlimit(unsigned int resource, struct rlimit __user *rlim)
1526 struct rlimit new_rlim, *old_rlim;
1529 if (resource >= RLIM_NLIMITS)
1531 if(copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
1533 if (new_rlim.rlim_cur > new_rlim.rlim_max)
1535 old_rlim = current->signal->rlim + resource;
1536 if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
1537 !capable(CAP_SYS_RESOURCE) && !vx_ccaps(VXC_SET_RLIMIT))
1539 if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > NR_OPEN)
1542 retval = security_task_setrlimit(resource, &new_rlim);
1546 task_lock(current->group_leader);
1547 *old_rlim = new_rlim;
1548 task_unlock(current->group_leader);
1553 * It would make sense to put struct rusage in the task_struct,
1554 * except that would make the task_struct be *really big*. After
1555 * task_struct gets moved into malloc'ed memory, it would
1556 * make sense to do this. It will make moving the rest of the information
1557 * a lot simpler! (Which we're not doing right now because we're not
1558 * measuring them yet).
1560 * This expects to be called with tasklist_lock read-locked or better,
1561 * and the siglock not locked. It may momentarily take the siglock.
1563 * When sampling multiple threads for RUSAGE_SELF, under SMP we might have
1564 * races with threads incrementing their own counters. But since word
1565 * reads are atomic, we either get new values or old values and we don't
1566 * care which for the sums. We always take the siglock to protect reading
1567 * the c* fields from p->signal from races with exit.c updating those
1568 * fields when reaping, so a sample either gets all the additions of a
1569 * given child after it's reaped, or none so this sample is before reaping.
1572 void k_getrusage(struct task_struct *p, int who, struct rusage *r)
1574 struct task_struct *t;
1575 unsigned long flags;
1576 unsigned long utime, stime;
1578 memset((char *) r, 0, sizeof *r);
1580 if (unlikely(!p->signal))
1584 case RUSAGE_CHILDREN:
1585 spin_lock_irqsave(&p->sighand->siglock, flags);
1586 utime = p->signal->cutime;
1587 stime = p->signal->cstime;
1588 r->ru_nvcsw = p->signal->cnvcsw;
1589 r->ru_nivcsw = p->signal->cnivcsw;
1590 r->ru_minflt = p->signal->cmin_flt;
1591 r->ru_majflt = p->signal->cmaj_flt;
1592 spin_unlock_irqrestore(&p->sighand->siglock, flags);
1593 jiffies_to_timeval(utime, &r->ru_utime);
1594 jiffies_to_timeval(stime, &r->ru_stime);
1597 spin_lock_irqsave(&p->sighand->siglock, flags);
1601 spin_lock_irqsave(&p->sighand->siglock, flags);
1602 utime = p->signal->cutime;
1603 stime = p->signal->cstime;
1604 r->ru_nvcsw = p->signal->cnvcsw;
1605 r->ru_nivcsw = p->signal->cnivcsw;
1606 r->ru_minflt = p->signal->cmin_flt;
1607 r->ru_majflt = p->signal->cmaj_flt;
1609 utime += p->signal->utime;
1610 stime += p->signal->stime;
1611 r->ru_nvcsw += p->signal->nvcsw;
1612 r->ru_nivcsw += p->signal->nivcsw;
1613 r->ru_minflt += p->signal->min_flt;
1614 r->ru_majflt += p->signal->maj_flt;
1619 r->ru_nvcsw += t->nvcsw;
1620 r->ru_nivcsw += t->nivcsw;
1621 r->ru_minflt += t->min_flt;
1622 r->ru_majflt += t->maj_flt;
1625 spin_unlock_irqrestore(&p->sighand->siglock, flags);
1626 jiffies_to_timeval(utime, &r->ru_utime);
1627 jiffies_to_timeval(stime, &r->ru_stime);
1634 int getrusage(struct task_struct *p, int who, struct rusage __user *ru)
1637 read_lock(&tasklist_lock);
1638 k_getrusage(p, who, &r);
1639 read_unlock(&tasklist_lock);
1640 return copy_to_user(ru, &r, sizeof(r)) ? -EFAULT : 0;
1643 asmlinkage long sys_getrusage(int who, struct rusage __user *ru)
1645 if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN)
1647 return getrusage(current, who, ru);
1650 asmlinkage long sys_umask(int mask)
1652 mask = xchg(¤t->fs->umask, mask & S_IRWXUGO);
1656 asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3,
1657 unsigned long arg4, unsigned long arg5)
1662 error = security_task_prctl(option, arg2, arg3, arg4, arg5);
1667 case PR_SET_PDEATHSIG:
1669 if (sig < 0 || sig > _NSIG) {
1673 current->pdeath_signal = sig;
1675 case PR_GET_PDEATHSIG:
1676 error = put_user(current->pdeath_signal, (int __user *)arg2);
1678 case PR_GET_DUMPABLE:
1679 if (current->mm->dumpable)
1682 case PR_SET_DUMPABLE:
1683 if (arg2 < 0 && arg2 > 2) {
1687 current->mm->dumpable = arg2;
1690 case PR_SET_UNALIGN:
1691 error = SET_UNALIGN_CTL(current, arg2);
1693 case PR_GET_UNALIGN:
1694 error = GET_UNALIGN_CTL(current, arg2);
1697 error = SET_FPEMU_CTL(current, arg2);
1700 error = GET_FPEMU_CTL(current, arg2);
1703 error = SET_FPEXC_CTL(current, arg2);
1706 error = GET_FPEXC_CTL(current, arg2);
1709 error = PR_TIMING_STATISTICAL;
1712 if (arg2 == PR_TIMING_STATISTICAL)
1718 case PR_GET_KEEPCAPS:
1719 if (current->keep_capabilities)
1722 case PR_SET_KEEPCAPS:
1723 if (arg2 != 0 && arg2 != 1) {
1727 current->keep_capabilities = arg2;
1730 struct task_struct *me = current;
1731 unsigned char ncomm[sizeof(me->comm)];
1733 ncomm[sizeof(me->comm)-1] = 0;
1734 if (strncpy_from_user(ncomm, (char __user *)arg2,
1735 sizeof(me->comm)-1) < 0)
1737 set_task_comm(me, ncomm);