1 /* 2 * Supplementary group IDs 3 */ 4 #include <linux/cred.h> 5 #include <linux/export.h> 6 #include <linux/slab.h> 7 #include <linux/security.h> 8 #include <linux/syscalls.h> 9 #include <asm/uaccess.h> 10 11 /* init to 2 - one for init_task, one to ensure it is never freed */ 12 struct group_info init_groups = { .usage = ATOMIC_INIT(2) }; 13 14 struct group_info *groups_alloc(int gidsetsize) 15 { 16 struct group_info *group_info; 17 int nblocks; 18 int i; 19 20 nblocks = (gidsetsize + NGROUPS_PER_BLOCK - 1) / NGROUPS_PER_BLOCK; 21 /* Make sure we always allocate at least one indirect block pointer */ 22 nblocks = nblocks ? : 1; 23 group_info = kmalloc(sizeof(*group_info) + nblocks*sizeof(gid_t *), GFP_USER); 24 if (!group_info) 25 return NULL; 26 group_info->ngroups = gidsetsize; 27 group_info->nblocks = nblocks; 28 atomic_set(&group_info->usage, 1); 29 30 if (gidsetsize <= NGROUPS_SMALL) 31 group_info->blocks[0] = group_info->small_block; 32 else { 33 for (i = 0; i < nblocks; i++) { 34 gid_t *b; 35 b = (void *)__get_free_page(GFP_USER); 36 if (!b) 37 goto out_undo_partial_alloc; 38 group_info->blocks[i] = b; 39 } 40 } 41 return group_info; 42 43 out_undo_partial_alloc: 44 while (--i >= 0) { 45 free_page((unsigned long)group_info->blocks[i]); 46 } 47 kfree(group_info); 48 return NULL; 49 } 50 51 EXPORT_SYMBOL(groups_alloc); 52 53 void groups_free(struct group_info *group_info) 54 { 55 if (group_info->blocks[0] != group_info->small_block) { 56 int i; 57 for (i = 0; i < group_info->nblocks; i++) 58 free_page((unsigned long)group_info->blocks[i]); 59 } 60 kfree(group_info); 61 } 62 63 EXPORT_SYMBOL(groups_free); 64 65 /* export the group_info to a user-space array */ 66 static int groups_to_user(gid_t __user *grouplist, 67 const struct group_info *group_info) 68 { 69 int i; 70 unsigned int count = group_info->ngroups; 71 72 for (i = 0; i < group_info->nblocks; i++) { 73 unsigned int cp_count = min(NGROUPS_PER_BLOCK, count); 74 unsigned int len = cp_count * sizeof(*grouplist); 75 76 if (copy_to_user(grouplist, group_info->blocks[i], len)) 77 return -EFAULT; 78 79 grouplist += NGROUPS_PER_BLOCK; 80 count -= cp_count; 81 } 82 return 0; 83 } 84 85 /* fill a group_info from a user-space array - it must be allocated already */ 86 static int groups_from_user(struct group_info *group_info, 87 gid_t __user *grouplist) 88 { 89 int i; 90 unsigned int count = group_info->ngroups; 91 92 for (i = 0; i < group_info->nblocks; i++) { 93 unsigned int cp_count = min(NGROUPS_PER_BLOCK, count); 94 unsigned int len = cp_count * sizeof(*grouplist); 95 96 if (copy_from_user(group_info->blocks[i], grouplist, len)) 97 return -EFAULT; 98 99 grouplist += NGROUPS_PER_BLOCK; 100 count -= cp_count; 101 } 102 return 0; 103 } 104 105 /* a simple Shell sort */ 106 static void groups_sort(struct group_info *group_info) 107 { 108 int base, max, stride; 109 int gidsetsize = group_info->ngroups; 110 111 for (stride = 1; stride < gidsetsize; stride = 3 * stride + 1) 112 ; /* nothing */ 113 stride /= 3; 114 115 while (stride) { 116 max = gidsetsize - stride; 117 for (base = 0; base < max; base++) { 118 int left = base; 119 int right = left + stride; 120 gid_t tmp = GROUP_AT(group_info, right); 121 122 while (left >= 0 && GROUP_AT(group_info, left) > tmp) { 123 GROUP_AT(group_info, right) = 124 GROUP_AT(group_info, left); 125 right = left; 126 left -= stride; 127 } 128 GROUP_AT(group_info, right) = tmp; 129 } 130 stride /= 3; 131 } 132 } 133 134 /* a simple bsearch */ 135 int groups_search(const struct group_info *group_info, gid_t grp) 136 { 137 unsigned int left, right; 138 139 if (!group_info) 140 return 0; 141 142 left = 0; 143 right = group_info->ngroups; 144 while (left < right) { 145 unsigned int mid = (left+right)/2; 146 if (grp > GROUP_AT(group_info, mid)) 147 left = mid + 1; 148 else if (grp < GROUP_AT(group_info, mid)) 149 right = mid; 150 else 151 return 1; 152 } 153 return 0; 154 } 155 156 /** 157 * set_groups - Change a group subscription in a set of credentials 158 * @new: The newly prepared set of credentials to alter 159 * @group_info: The group list to install 160 * 161 * Validate a group subscription and, if valid, insert it into a set 162 * of credentials. 163 */ 164 int set_groups(struct cred *new, struct group_info *group_info) 165 { 166 put_group_info(new->group_info); 167 groups_sort(group_info); 168 get_group_info(group_info); 169 new->group_info = group_info; 170 return 0; 171 } 172 173 EXPORT_SYMBOL(set_groups); 174 175 /** 176 * set_current_groups - Change current's group subscription 177 * @group_info: The group list to impose 178 * 179 * Validate a group subscription and, if valid, impose it upon current's task 180 * security record. 181 */ 182 int set_current_groups(struct group_info *group_info) 183 { 184 struct cred *new; 185 int ret; 186 187 new = prepare_creds(); 188 if (!new) 189 return -ENOMEM; 190 191 ret = set_groups(new, group_info); 192 if (ret < 0) { 193 abort_creds(new); 194 return ret; 195 } 196 197 return commit_creds(new); 198 } 199 200 EXPORT_SYMBOL(set_current_groups); 201 202 SYSCALL_DEFINE2(getgroups, int, gidsetsize, gid_t __user *, grouplist) 203 { 204 const struct cred *cred = current_cred(); 205 int i; 206 207 if (gidsetsize < 0) 208 return -EINVAL; 209 210 /* no need to grab task_lock here; it cannot change */ 211 i = cred->group_info->ngroups; 212 if (gidsetsize) { 213 if (i > gidsetsize) { 214 i = -EINVAL; 215 goto out; 216 } 217 if (groups_to_user(grouplist, cred->group_info)) { 218 i = -EFAULT; 219 goto out; 220 } 221 } 222 out: 223 return i; 224 } 225 226 /* 227 * SMP: Our groups are copy-on-write. We can set them safely 228 * without another task interfering. 229 */ 230 231 SYSCALL_DEFINE2(setgroups, int, gidsetsize, gid_t __user *, grouplist) 232 { 233 struct group_info *group_info; 234 int retval; 235 236 if (!nsown_capable(CAP_SETGID)) 237 return -EPERM; 238 if ((unsigned)gidsetsize > NGROUPS_MAX) 239 return -EINVAL; 240 241 group_info = groups_alloc(gidsetsize); 242 if (!group_info) 243 return -ENOMEM; 244 retval = groups_from_user(group_info, grouplist); 245 if (retval) { 246 put_group_info(group_info); 247 return retval; 248 } 249 250 retval = set_current_groups(group_info); 251 put_group_info(group_info); 252 253 return retval; 254 } 255 256 /* 257 * Check whether we're fsgid/egid or in the supplemental group.. 258 */ 259 int in_group_p(gid_t grp) 260 { 261 const struct cred *cred = current_cred(); 262 int retval = 1; 263 264 if (grp != cred->fsgid) 265 retval = groups_search(cred->group_info, grp); 266 return retval; 267 } 268 269 EXPORT_SYMBOL(in_group_p); 270 271 int in_egroup_p(gid_t grp) 272 { 273 const struct cred *cred = current_cred(); 274 int retval = 1; 275 276 if (grp != cred->egid) 277 retval = groups_search(cred->group_info, grp); 278 return retval; 279 } 280 281 EXPORT_SYMBOL(in_egroup_p); 282