1 /* 2 * linux/kernel/sys.c 3 * 4 * Copyright (C) 1991, 1992 Linus Torvalds 5 */ 6 7 #include <linux/module.h> 8 #include <linux/mm.h> 9 #include <linux/utsname.h> 10 #include <linux/mman.h> 11 #include <linux/notifier.h> 12 #include <linux/reboot.h> 13 #include <linux/prctl.h> 14 #include <linux/highuid.h> 15 #include <linux/fs.h> 16 #include <linux/perf_event.h> 17 #include <linux/resource.h> 18 #include <linux/kernel.h> 19 #include <linux/kexec.h> 20 #include <linux/workqueue.h> 21 #include <linux/capability.h> 22 #include <linux/device.h> 23 #include <linux/key.h> 24 #include <linux/times.h> 25 #include <linux/posix-timers.h> 26 #include <linux/security.h> 27 #include <linux/dcookies.h> 28 #include <linux/suspend.h> 29 #include <linux/tty.h> 30 #include <linux/signal.h> 31 #include <linux/cn_proc.h> 32 #include <linux/getcpu.h> 33 #include <linux/task_io_accounting_ops.h> 34 #include <linux/seccomp.h> 35 #include <linux/cpu.h> 36 #include <linux/personality.h> 37 #include <linux/ptrace.h> 38 #include <linux/fs_struct.h> 39 #include <linux/gfp.h> 40 41 #include <linux/compat.h> 42 #include <linux/syscalls.h> 43 #include <linux/kprobes.h> 44 #include <linux/user_namespace.h> 45 46 #include <asm/uaccess.h> 47 #include <asm/io.h> 48 #include <asm/unistd.h> 49 50 #ifndef SET_UNALIGN_CTL 51 # define SET_UNALIGN_CTL(a,b) (-EINVAL) 52 #endif 53 #ifndef GET_UNALIGN_CTL 54 # define GET_UNALIGN_CTL(a,b) (-EINVAL) 55 #endif 56 #ifndef SET_FPEMU_CTL 57 # define SET_FPEMU_CTL(a,b) (-EINVAL) 58 #endif 59 #ifndef GET_FPEMU_CTL 60 # define GET_FPEMU_CTL(a,b) (-EINVAL) 61 #endif 62 #ifndef SET_FPEXC_CTL 63 # define SET_FPEXC_CTL(a,b) (-EINVAL) 64 #endif 65 #ifndef GET_FPEXC_CTL 66 # define GET_FPEXC_CTL(a,b) (-EINVAL) 67 #endif 68 #ifndef GET_ENDIAN 69 # define GET_ENDIAN(a,b) (-EINVAL) 70 #endif 71 #ifndef SET_ENDIAN 72 # define SET_ENDIAN(a,b) (-EINVAL) 73 #endif 74 #ifndef GET_TSC_CTL 75 # define GET_TSC_CTL(a) (-EINVAL) 76 #endif 77 #ifndef SET_TSC_CTL 78 # define SET_TSC_CTL(a) (-EINVAL) 79 #endif 80 81 /* 82 * this is where the system-wide overflow UID and GID are defined, for 83 * architectures that now have 32-bit UID/GID but didn't in the past 84 */ 85 86 int overflowuid = DEFAULT_OVERFLOWUID; 87 int overflowgid = DEFAULT_OVERFLOWGID; 88 89 #ifdef CONFIG_UID16 90 EXPORT_SYMBOL(overflowuid); 91 EXPORT_SYMBOL(overflowgid); 92 #endif 93 94 /* 95 * the same as above, but for filesystems which can only store a 16-bit 96 * UID and GID. as such, this is needed on all architectures 97 */ 98 99 int fs_overflowuid = DEFAULT_FS_OVERFLOWUID; 100 int fs_overflowgid = DEFAULT_FS_OVERFLOWUID; 101 102 EXPORT_SYMBOL(fs_overflowuid); 103 EXPORT_SYMBOL(fs_overflowgid); 104 105 /* 106 * this indicates whether you can reboot with ctrl-alt-del: the default is yes 107 */ 108 109 int C_A_D = 1; 110 struct pid *cad_pid; 111 EXPORT_SYMBOL(cad_pid); 112 113 /* 114 * If set, this is used for preparing the system to power off. 115 */ 116 117 void (*pm_power_off_prepare)(void); 118 119 /* 120 * set the priority of a task 121 * - the caller must hold the RCU read lock 122 */ 123 static int set_one_prio(struct task_struct *p, int niceval, int error) 124 { 125 const struct cred *cred = current_cred(), *pcred = __task_cred(p); 126 int no_nice; 127 128 if (pcred->uid != cred->euid && 129 pcred->euid != cred->euid && !capable(CAP_SYS_NICE)) { 130 error = -EPERM; 131 goto out; 132 } 133 if (niceval < task_nice(p) && !can_nice(p, niceval)) { 134 error = -EACCES; 135 goto out; 136 } 137 no_nice = security_task_setnice(p, niceval); 138 if (no_nice) { 139 error = no_nice; 140 goto out; 141 } 142 if (error == -ESRCH) 143 error = 0; 144 set_user_nice(p, niceval); 145 out: 146 return error; 147 } 148 149 SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval) 150 { 151 struct task_struct *g, *p; 152 struct user_struct *user; 153 const struct cred *cred = current_cred(); 154 int error = -EINVAL; 155 struct pid *pgrp; 156 157 if (which > PRIO_USER || which < PRIO_PROCESS) 158 goto out; 159 160 /* normalize: avoid signed division (rounding problems) */ 161 error = -ESRCH; 162 if (niceval < -20) 163 niceval = -20; 164 if (niceval > 19) 165 niceval = 19; 166 167 rcu_read_lock(); 168 read_lock(&tasklist_lock); 169 switch (which) { 170 case PRIO_PROCESS: 171 if (who) 172 p = find_task_by_vpid(who); 173 else 174 p = current; 175 if (p) 176 error = set_one_prio(p, niceval, error); 177 break; 178 case PRIO_PGRP: 179 if (who) 180 pgrp = find_vpid(who); 181 else 182 pgrp = task_pgrp(current); 183 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) { 184 error = set_one_prio(p, niceval, error); 185 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p); 186 break; 187 case PRIO_USER: 188 user = (struct user_struct *) cred->user; 189 if (!who) 190 who = cred->uid; 191 else if ((who != cred->uid) && 192 !(user = find_user(who))) 193 goto out_unlock; /* No processes for this user */ 194 195 do_each_thread(g, p) { 196 if (__task_cred(p)->uid == who) 197 error = set_one_prio(p, niceval, error); 198 } while_each_thread(g, p); 199 if (who != cred->uid) 200 free_uid(user); /* For find_user() */ 201 break; 202 } 203 out_unlock: 204 read_unlock(&tasklist_lock); 205 rcu_read_unlock(); 206 out: 207 return error; 208 } 209 210 /* 211 * Ugh. To avoid negative return values, "getpriority()" will 212 * not return the normal nice-value, but a negated value that 213 * has been offset by 20 (ie it returns 40..1 instead of -20..19) 214 * to stay compatible. 215 */ 216 SYSCALL_DEFINE2(getpriority, int, which, int, who) 217 { 218 struct task_struct *g, *p; 219 struct user_struct *user; 220 const struct cred *cred = current_cred(); 221 long niceval, retval = -ESRCH; 222 struct pid *pgrp; 223 224 if (which > PRIO_USER || which < PRIO_PROCESS) 225 return -EINVAL; 226 227 rcu_read_lock(); 228 read_lock(&tasklist_lock); 229 switch (which) { 230 case PRIO_PROCESS: 231 if (who) 232 p = find_task_by_vpid(who); 233 else 234 p = current; 235 if (p) { 236 niceval = 20 - task_nice(p); 237 if (niceval > retval) 238 retval = niceval; 239 } 240 break; 241 case PRIO_PGRP: 242 if (who) 243 pgrp = find_vpid(who); 244 else 245 pgrp = task_pgrp(current); 246 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) { 247 niceval = 20 - task_nice(p); 248 if (niceval > retval) 249 retval = niceval; 250 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p); 251 break; 252 case PRIO_USER: 253 user = (struct user_struct *) cred->user; 254 if (!who) 255 who = cred->uid; 256 else if ((who != cred->uid) && 257 !(user = find_user(who))) 258 goto out_unlock; /* No processes for this user */ 259 260 do_each_thread(g, p) { 261 if (__task_cred(p)->uid == who) { 262 niceval = 20 - task_nice(p); 263 if (niceval > retval) 264 retval = niceval; 265 } 266 } while_each_thread(g, p); 267 if (who != cred->uid) 268 free_uid(user); /* for find_user() */ 269 break; 270 } 271 out_unlock: 272 read_unlock(&tasklist_lock); 273 rcu_read_unlock(); 274 275 return retval; 276 } 277 278 /** 279 * emergency_restart - reboot the system 280 * 281 * Without shutting down any hardware or taking any locks 282 * reboot the system. This is called when we know we are in 283 * trouble so this is our best effort to reboot. This is 284 * safe to call in interrupt context. 285 */ 286 void emergency_restart(void) 287 { 288 machine_emergency_restart(); 289 } 290 EXPORT_SYMBOL_GPL(emergency_restart); 291 292 void kernel_restart_prepare(char *cmd) 293 { 294 blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd); 295 system_state = SYSTEM_RESTART; 296 device_shutdown(); 297 sysdev_shutdown(); 298 } 299 300 /** 301 * kernel_restart - reboot the system 302 * @cmd: pointer to buffer containing command to execute for restart 303 * or %NULL 304 * 305 * Shutdown everything and perform a clean reboot. 306 * This is not safe to call in interrupt context. 307 */ 308 void kernel_restart(char *cmd) 309 { 310 kernel_restart_prepare(cmd); 311 if (!cmd) 312 printk(KERN_EMERG "Restarting system.\n"); 313 else 314 printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd); 315 machine_restart(cmd); 316 } 317 EXPORT_SYMBOL_GPL(kernel_restart); 318 319 static void kernel_shutdown_prepare(enum system_states state) 320 { 321 blocking_notifier_call_chain(&reboot_notifier_list, 322 (state == SYSTEM_HALT)?SYS_HALT:SYS_POWER_OFF, NULL); 323 system_state = state; 324 device_shutdown(); 325 } 326 /** 327 * kernel_halt - halt the system 328 * 329 * Shutdown everything and perform a clean system halt. 330 */ 331 void kernel_halt(void) 332 { 333 kernel_shutdown_prepare(SYSTEM_HALT); 334 sysdev_shutdown(); 335 printk(KERN_EMERG "System halted.\n"); 336 machine_halt(); 337 } 338 339 EXPORT_SYMBOL_GPL(kernel_halt); 340 341 /** 342 * kernel_power_off - power_off the system 343 * 344 * Shutdown everything and perform a clean system power_off. 345 */ 346 void kernel_power_off(void) 347 { 348 kernel_shutdown_prepare(SYSTEM_POWER_OFF); 349 if (pm_power_off_prepare) 350 pm_power_off_prepare(); 351 disable_nonboot_cpus(); 352 sysdev_shutdown(); 353 printk(KERN_EMERG "Power down.\n"); 354 machine_power_off(); 355 } 356 EXPORT_SYMBOL_GPL(kernel_power_off); 357 358 static DEFINE_MUTEX(reboot_mutex); 359 360 /* 361 * Reboot system call: for obvious reasons only root may call it, 362 * and even root needs to set up some magic numbers in the registers 363 * so that some mistake won't make this reboot the whole machine. 364 * You can also set the meaning of the ctrl-alt-del-key here. 365 * 366 * reboot doesn't sync: do that yourself before calling this. 367 */ 368 SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd, 369 void __user *, arg) 370 { 371 char buffer[256]; 372 int ret = 0; 373 374 /* We only trust the superuser with rebooting the system. */ 375 if (!capable(CAP_SYS_BOOT)) 376 return -EPERM; 377 378 /* For safety, we require "magic" arguments. */ 379 if (magic1 != LINUX_REBOOT_MAGIC1 || 380 (magic2 != LINUX_REBOOT_MAGIC2 && 381 magic2 != LINUX_REBOOT_MAGIC2A && 382 magic2 != LINUX_REBOOT_MAGIC2B && 383 magic2 != LINUX_REBOOT_MAGIC2C)) 384 return -EINVAL; 385 386 /* Instead of trying to make the power_off code look like 387 * halt when pm_power_off is not set do it the easy way. 388 */ 389 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off) 390 cmd = LINUX_REBOOT_CMD_HALT; 391 392 mutex_lock(&reboot_mutex); 393 switch (cmd) { 394 case LINUX_REBOOT_CMD_RESTART: 395 kernel_restart(NULL); 396 break; 397 398 case LINUX_REBOOT_CMD_CAD_ON: 399 C_A_D = 1; 400 break; 401 402 case LINUX_REBOOT_CMD_CAD_OFF: 403 C_A_D = 0; 404 break; 405 406 case LINUX_REBOOT_CMD_HALT: 407 kernel_halt(); 408 do_exit(0); 409 panic("cannot halt"); 410 411 case LINUX_REBOOT_CMD_POWER_OFF: 412 kernel_power_off(); 413 do_exit(0); 414 break; 415 416 case LINUX_REBOOT_CMD_RESTART2: 417 if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) { 418 ret = -EFAULT; 419 break; 420 } 421 buffer[sizeof(buffer) - 1] = '\0'; 422 423 kernel_restart(buffer); 424 break; 425 426 #ifdef CONFIG_KEXEC 427 case LINUX_REBOOT_CMD_KEXEC: 428 ret = kernel_kexec(); 429 break; 430 #endif 431 432 #ifdef CONFIG_HIBERNATION 433 case LINUX_REBOOT_CMD_SW_SUSPEND: 434 ret = hibernate(); 435 break; 436 #endif 437 438 default: 439 ret = -EINVAL; 440 break; 441 } 442 mutex_unlock(&reboot_mutex); 443 return ret; 444 } 445 446 static void deferred_cad(struct work_struct *dummy) 447 { 448 kernel_restart(NULL); 449 } 450 451 /* 452 * This function gets called by ctrl-alt-del - ie the keyboard interrupt. 453 * As it's called within an interrupt, it may NOT sync: the only choice 454 * is whether to reboot at once, or just ignore the ctrl-alt-del. 455 */ 456 void ctrl_alt_del(void) 457 { 458 static DECLARE_WORK(cad_work, deferred_cad); 459 460 if (C_A_D) 461 schedule_work(&cad_work); 462 else 463 kill_cad_pid(SIGINT, 1); 464 } 465 466 /* 467 * Unprivileged users may change the real gid to the effective gid 468 * or vice versa. (BSD-style) 469 * 470 * If you set the real gid at all, or set the effective gid to a value not 471 * equal to the real gid, then the saved gid is set to the new effective gid. 472 * 473 * This makes it possible for a setgid program to completely drop its 474 * privileges, which is often a useful assertion to make when you are doing 475 * a security audit over a program. 476 * 477 * The general idea is that a program which uses just setregid() will be 478 * 100% compatible with BSD. A program which uses just setgid() will be 479 * 100% compatible with POSIX with saved IDs. 480 * 481 * SMP: There are not races, the GIDs are checked only by filesystem 482 * operations (as far as semantic preservation is concerned). 483 */ 484 SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid) 485 { 486 const struct cred *old; 487 struct cred *new; 488 int retval; 489 490 new = prepare_creds(); 491 if (!new) 492 return -ENOMEM; 493 old = current_cred(); 494 495 retval = -EPERM; 496 if (rgid != (gid_t) -1) { 497 if (old->gid == rgid || 498 old->egid == rgid || 499 capable(CAP_SETGID)) 500 new->gid = rgid; 501 else 502 goto error; 503 } 504 if (egid != (gid_t) -1) { 505 if (old->gid == egid || 506 old->egid == egid || 507 old->sgid == egid || 508 capable(CAP_SETGID)) 509 new->egid = egid; 510 else 511 goto error; 512 } 513 514 if (rgid != (gid_t) -1 || 515 (egid != (gid_t) -1 && egid != old->gid)) 516 new->sgid = new->egid; 517 new->fsgid = new->egid; 518 519 return commit_creds(new); 520 521 error: 522 abort_creds(new); 523 return retval; 524 } 525 526 /* 527 * setgid() is implemented like SysV w/ SAVED_IDS 528 * 529 * SMP: Same implicit races as above. 530 */ 531 SYSCALL_DEFINE1(setgid, gid_t, gid) 532 { 533 const struct cred *old; 534 struct cred *new; 535 int retval; 536 537 new = prepare_creds(); 538 if (!new) 539 return -ENOMEM; 540 old = current_cred(); 541 542 retval = -EPERM; 543 if (capable(CAP_SETGID)) 544 new->gid = new->egid = new->sgid = new->fsgid = gid; 545 else if (gid == old->gid || gid == old->sgid) 546 new->egid = new->fsgid = gid; 547 else 548 goto error; 549 550 return commit_creds(new); 551 552 error: 553 abort_creds(new); 554 return retval; 555 } 556 557 /* 558 * change the user struct in a credentials set to match the new UID 559 */ 560 static int set_user(struct cred *new) 561 { 562 struct user_struct *new_user; 563 564 new_user = alloc_uid(current_user_ns(), new->uid); 565 if (!new_user) 566 return -EAGAIN; 567 568 if (atomic_read(&new_user->processes) >= rlimit(RLIMIT_NPROC) && 569 new_user != INIT_USER) { 570 free_uid(new_user); 571 return -EAGAIN; 572 } 573 574 free_uid(new->user); 575 new->user = new_user; 576 return 0; 577 } 578 579 /* 580 * Unprivileged users may change the real uid to the effective uid 581 * or vice versa. (BSD-style) 582 * 583 * If you set the real uid at all, or set the effective uid to a value not 584 * equal to the real uid, then the saved uid is set to the new effective uid. 585 * 586 * This makes it possible for a setuid program to completely drop its 587 * privileges, which is often a useful assertion to make when you are doing 588 * a security audit over a program. 589 * 590 * The general idea is that a program which uses just setreuid() will be 591 * 100% compatible with BSD. A program which uses just setuid() will be 592 * 100% compatible with POSIX with saved IDs. 593 */ 594 SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) 595 { 596 const struct cred *old; 597 struct cred *new; 598 int retval; 599 600 new = prepare_creds(); 601 if (!new) 602 return -ENOMEM; 603 old = current_cred(); 604 605 retval = -EPERM; 606 if (ruid != (uid_t) -1) { 607 new->uid = ruid; 608 if (old->uid != ruid && 609 old->euid != ruid && 610 !capable(CAP_SETUID)) 611 goto error; 612 } 613 614 if (euid != (uid_t) -1) { 615 new->euid = euid; 616 if (old->uid != euid && 617 old->euid != euid && 618 old->suid != euid && 619 !capable(CAP_SETUID)) 620 goto error; 621 } 622 623 if (new->uid != old->uid) { 624 retval = set_user(new); 625 if (retval < 0) 626 goto error; 627 } 628 if (ruid != (uid_t) -1 || 629 (euid != (uid_t) -1 && euid != old->uid)) 630 new->suid = new->euid; 631 new->fsuid = new->euid; 632 633 retval = security_task_fix_setuid(new, old, LSM_SETID_RE); 634 if (retval < 0) 635 goto error; 636 637 return commit_creds(new); 638 639 error: 640 abort_creds(new); 641 return retval; 642 } 643 644 /* 645 * setuid() is implemented like SysV with SAVED_IDS 646 * 647 * Note that SAVED_ID's is deficient in that a setuid root program 648 * like sendmail, for example, cannot set its uid to be a normal 649 * user and then switch back, because if you're root, setuid() sets 650 * the saved uid too. If you don't like this, blame the bright people 651 * in the POSIX committee and/or USG. Note that the BSD-style setreuid() 652 * will allow a root program to temporarily drop privileges and be able to 653 * regain them by swapping the real and effective uid. 654 */ 655 SYSCALL_DEFINE1(setuid, uid_t, uid) 656 { 657 const struct cred *old; 658 struct cred *new; 659 int retval; 660 661 new = prepare_creds(); 662 if (!new) 663 return -ENOMEM; 664 old = current_cred(); 665 666 retval = -EPERM; 667 if (capable(CAP_SETUID)) { 668 new->suid = new->uid = uid; 669 if (uid != old->uid) { 670 retval = set_user(new); 671 if (retval < 0) 672 goto error; 673 } 674 } else if (uid != old->uid && uid != new->suid) { 675 goto error; 676 } 677 678 new->fsuid = new->euid = uid; 679 680 retval = security_task_fix_setuid(new, old, LSM_SETID_ID); 681 if (retval < 0) 682 goto error; 683 684 return commit_creds(new); 685 686 error: 687 abort_creds(new); 688 return retval; 689 } 690 691 692 /* 693 * This function implements a generic ability to update ruid, euid, 694 * and suid. This allows you to implement the 4.4 compatible seteuid(). 695 */ 696 SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) 697 { 698 const struct cred *old; 699 struct cred *new; 700 int retval; 701 702 new = prepare_creds(); 703 if (!new) 704 return -ENOMEM; 705 706 old = current_cred(); 707 708 retval = -EPERM; 709 if (!capable(CAP_SETUID)) { 710 if (ruid != (uid_t) -1 && ruid != old->uid && 711 ruid != old->euid && ruid != old->suid) 712 goto error; 713 if (euid != (uid_t) -1 && euid != old->uid && 714 euid != old->euid && euid != old->suid) 715 goto error; 716 if (suid != (uid_t) -1 && suid != old->uid && 717 suid != old->euid && suid != old->suid) 718 goto error; 719 } 720 721 if (ruid != (uid_t) -1) { 722 new->uid = ruid; 723 if (ruid != old->uid) { 724 retval = set_user(new); 725 if (retval < 0) 726 goto error; 727 } 728 } 729 if (euid != (uid_t) -1) 730 new->euid = euid; 731 if (suid != (uid_t) -1) 732 new->suid = suid; 733 new->fsuid = new->euid; 734 735 retval = security_task_fix_setuid(new, old, LSM_SETID_RES); 736 if (retval < 0) 737 goto error; 738 739 return commit_creds(new); 740 741 error: 742 abort_creds(new); 743 return retval; 744 } 745 746 SYSCALL_DEFINE3(getresuid, uid_t __user *, ruid, uid_t __user *, euid, uid_t __user *, suid) 747 { 748 const struct cred *cred = current_cred(); 749 int retval; 750 751 if (!(retval = put_user(cred->uid, ruid)) && 752 !(retval = put_user(cred->euid, euid))) 753 retval = put_user(cred->suid, suid); 754 755 return retval; 756 } 757 758 /* 759 * Same as above, but for rgid, egid, sgid. 760 */ 761 SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) 762 { 763 const struct cred *old; 764 struct cred *new; 765 int retval; 766 767 new = prepare_creds(); 768 if (!new) 769 return -ENOMEM; 770 old = current_cred(); 771 772 retval = -EPERM; 773 if (!capable(CAP_SETGID)) { 774 if (rgid != (gid_t) -1 && rgid != old->gid && 775 rgid != old->egid && rgid != old->sgid) 776 goto error; 777 if (egid != (gid_t) -1 && egid != old->gid && 778 egid != old->egid && egid != old->sgid) 779 goto error; 780 if (sgid != (gid_t) -1 && sgid != old->gid && 781 sgid != old->egid && sgid != old->sgid) 782 goto error; 783 } 784 785 if (rgid != (gid_t) -1) 786 new->gid = rgid; 787 if (egid != (gid_t) -1) 788 new->egid = egid; 789 if (sgid != (gid_t) -1) 790 new->sgid = sgid; 791 new->fsgid = new->egid; 792 793 return commit_creds(new); 794 795 error: 796 abort_creds(new); 797 return retval; 798 } 799 800 SYSCALL_DEFINE3(getresgid, gid_t __user *, rgid, gid_t __user *, egid, gid_t __user *, sgid) 801 { 802 const struct cred *cred = current_cred(); 803 int retval; 804 805 if (!(retval = put_user(cred->gid, rgid)) && 806 !(retval = put_user(cred->egid, egid))) 807 retval = put_user(cred->sgid, sgid); 808 809 return retval; 810 } 811 812 813 /* 814 * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This 815 * is used for "access()" and for the NFS daemon (letting nfsd stay at 816 * whatever uid it wants to). It normally shadows "euid", except when 817 * explicitly set by setfsuid() or for access.. 818 */ 819 SYSCALL_DEFINE1(setfsuid, uid_t, uid) 820 { 821 const struct cred *old; 822 struct cred *new; 823 uid_t old_fsuid; 824 825 new = prepare_creds(); 826 if (!new) 827 return current_fsuid(); 828 old = current_cred(); 829 old_fsuid = old->fsuid; 830 831 if (uid == old->uid || uid == old->euid || 832 uid == old->suid || uid == old->fsuid || 833 capable(CAP_SETUID)) { 834 if (uid != old_fsuid) { 835 new->fsuid = uid; 836 if (security_task_fix_setuid(new, old, LSM_SETID_FS) == 0) 837 goto change_okay; 838 } 839 } 840 841 abort_creds(new); 842 return old_fsuid; 843 844 change_okay: 845 commit_creds(new); 846 return old_fsuid; 847 } 848 849 /* 850 * Samma på svenska.. 851 */ 852 SYSCALL_DEFINE1(setfsgid, gid_t, gid) 853 { 854 const struct cred *old; 855 struct cred *new; 856 gid_t old_fsgid; 857 858 new = prepare_creds(); 859 if (!new) 860 return current_fsgid(); 861 old = current_cred(); 862 old_fsgid = old->fsgid; 863 864 if (gid == old->gid || gid == old->egid || 865 gid == old->sgid || gid == old->fsgid || 866 capable(CAP_SETGID)) { 867 if (gid != old_fsgid) { 868 new->fsgid = gid; 869 goto change_okay; 870 } 871 } 872 873 abort_creds(new); 874 return old_fsgid; 875 876 change_okay: 877 commit_creds(new); 878 return old_fsgid; 879 } 880 881 void do_sys_times(struct tms *tms) 882 { 883 cputime_t tgutime, tgstime, cutime, cstime; 884 885 spin_lock_irq(¤t->sighand->siglock); 886 thread_group_times(current, &tgutime, &tgstime); 887 cutime = current->signal->cutime; 888 cstime = current->signal->cstime; 889 spin_unlock_irq(¤t->sighand->siglock); 890 tms->tms_utime = cputime_to_clock_t(tgutime); 891 tms->tms_stime = cputime_to_clock_t(tgstime); 892 tms->tms_cutime = cputime_to_clock_t(cutime); 893 tms->tms_cstime = cputime_to_clock_t(cstime); 894 } 895 896 SYSCALL_DEFINE1(times, struct tms __user *, tbuf) 897 { 898 if (tbuf) { 899 struct tms tmp; 900 901 do_sys_times(&tmp); 902 if (copy_to_user(tbuf, &tmp, sizeof(struct tms))) 903 return -EFAULT; 904 } 905 force_successful_syscall_return(); 906 return (long) jiffies_64_to_clock_t(get_jiffies_64()); 907 } 908 909 /* 910 * This needs some heavy checking ... 911 * I just haven't the stomach for it. I also don't fully 912 * understand sessions/pgrp etc. Let somebody who does explain it. 913 * 914 * OK, I think I have the protection semantics right.... this is really 915 * only important on a multi-user system anyway, to make sure one user 916 * can't send a signal to a process owned by another. -TYT, 12/12/91 917 * 918 * Auch. Had to add the 'did_exec' flag to conform completely to POSIX. 919 * LBT 04.03.94 920 */ 921 SYSCALL_DEFINE2(setpgid, pid_t, pid, pid_t, pgid) 922 { 923 struct task_struct *p; 924 struct task_struct *group_leader = current->group_leader; 925 struct pid *pgrp; 926 int err; 927 928 if (!pid) 929 pid = task_pid_vnr(group_leader); 930 if (!pgid) 931 pgid = pid; 932 if (pgid < 0) 933 return -EINVAL; 934 rcu_read_lock(); 935 936 /* From this point forward we keep holding onto the tasklist lock 937 * so that our parent does not change from under us. -DaveM 938 */ 939 write_lock_irq(&tasklist_lock); 940 941 err = -ESRCH; 942 p = find_task_by_vpid(pid); 943 if (!p) 944 goto out; 945 946 err = -EINVAL; 947 if (!thread_group_leader(p)) 948 goto out; 949 950 if (same_thread_group(p->real_parent, group_leader)) { 951 err = -EPERM; 952 if (task_session(p) != task_session(group_leader)) 953 goto out; 954 err = -EACCES; 955 if (p->did_exec) 956 goto out; 957 } else { 958 err = -ESRCH; 959 if (p != group_leader) 960 goto out; 961 } 962 963 err = -EPERM; 964 if (p->signal->leader) 965 goto out; 966 967 pgrp = task_pid(p); 968 if (pgid != pid) { 969 struct task_struct *g; 970 971 pgrp = find_vpid(pgid); 972 g = pid_task(pgrp, PIDTYPE_PGID); 973 if (!g || task_session(g) != task_session(group_leader)) 974 goto out; 975 } 976 977 err = security_task_setpgid(p, pgid); 978 if (err) 979 goto out; 980 981 if (task_pgrp(p) != pgrp) 982 change_pid(p, PIDTYPE_PGID, pgrp); 983 984 err = 0; 985 out: 986 /* All paths lead to here, thus we are safe. -DaveM */ 987 write_unlock_irq(&tasklist_lock); 988 rcu_read_unlock(); 989 return err; 990 } 991 992 SYSCALL_DEFINE1(getpgid, pid_t, pid) 993 { 994 struct task_struct *p; 995 struct pid *grp; 996 int retval; 997 998 rcu_read_lock(); 999 if (!pid) 1000 grp = task_pgrp(current); 1001 else { 1002 retval = -ESRCH; 1003 p = find_task_by_vpid(pid); 1004 if (!p) 1005 goto out; 1006 grp = task_pgrp(p); 1007 if (!grp) 1008 goto out; 1009 1010 retval = security_task_getpgid(p); 1011 if (retval) 1012 goto out; 1013 } 1014 retval = pid_vnr(grp); 1015 out: 1016 rcu_read_unlock(); 1017 return retval; 1018 } 1019 1020 #ifdef __ARCH_WANT_SYS_GETPGRP 1021 1022 SYSCALL_DEFINE0(getpgrp) 1023 { 1024 return sys_getpgid(0); 1025 } 1026 1027 #endif 1028 1029 SYSCALL_DEFINE1(getsid, pid_t, pid) 1030 { 1031 struct task_struct *p; 1032 struct pid *sid; 1033 int retval; 1034 1035 rcu_read_lock(); 1036 if (!pid) 1037 sid = task_session(current); 1038 else { 1039 retval = -ESRCH; 1040 p = find_task_by_vpid(pid); 1041 if (!p) 1042 goto out; 1043 sid = task_session(p); 1044 if (!sid) 1045 goto out; 1046 1047 retval = security_task_getsid(p); 1048 if (retval) 1049 goto out; 1050 } 1051 retval = pid_vnr(sid); 1052 out: 1053 rcu_read_unlock(); 1054 return retval; 1055 } 1056 1057 SYSCALL_DEFINE0(setsid) 1058 { 1059 struct task_struct *group_leader = current->group_leader; 1060 struct pid *sid = task_pid(group_leader); 1061 pid_t session = pid_vnr(sid); 1062 int err = -EPERM; 1063 1064 write_lock_irq(&tasklist_lock); 1065 /* Fail if I am already a session leader */ 1066 if (group_leader->signal->leader) 1067 goto out; 1068 1069 /* Fail if a process group id already exists that equals the 1070 * proposed session id. 1071 */ 1072 if (pid_task(sid, PIDTYPE_PGID)) 1073 goto out; 1074 1075 group_leader->signal->leader = 1; 1076 __set_special_pids(sid); 1077 1078 proc_clear_tty(group_leader); 1079 1080 err = session; 1081 out: 1082 write_unlock_irq(&tasklist_lock); 1083 if (err > 0) 1084 proc_sid_connector(group_leader); 1085 return err; 1086 } 1087 1088 DECLARE_RWSEM(uts_sem); 1089 1090 #ifdef COMPAT_UTS_MACHINE 1091 #define override_architecture(name) \ 1092 (personality(current->personality) == PER_LINUX32 && \ 1093 copy_to_user(name->machine, COMPAT_UTS_MACHINE, \ 1094 sizeof(COMPAT_UTS_MACHINE))) 1095 #else 1096 #define override_architecture(name) 0 1097 #endif 1098 1099 SYSCALL_DEFINE1(newuname, struct new_utsname __user *, name) 1100 { 1101 int errno = 0; 1102 1103 down_read(&uts_sem); 1104 if (copy_to_user(name, utsname(), sizeof *name)) 1105 errno = -EFAULT; 1106 up_read(&uts_sem); 1107 1108 if (!errno && override_architecture(name)) 1109 errno = -EFAULT; 1110 return errno; 1111 } 1112 1113 #ifdef __ARCH_WANT_SYS_OLD_UNAME 1114 /* 1115 * Old cruft 1116 */ 1117 SYSCALL_DEFINE1(uname, struct old_utsname __user *, name) 1118 { 1119 int error = 0; 1120 1121 if (!name) 1122 return -EFAULT; 1123 1124 down_read(&uts_sem); 1125 if (copy_to_user(name, utsname(), sizeof(*name))) 1126 error = -EFAULT; 1127 up_read(&uts_sem); 1128 1129 if (!error && override_architecture(name)) 1130 error = -EFAULT; 1131 return error; 1132 } 1133 1134 SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) 1135 { 1136 int error; 1137 1138 if (!name) 1139 return -EFAULT; 1140 if (!access_ok(VERIFY_WRITE, name, sizeof(struct oldold_utsname))) 1141 return -EFAULT; 1142 1143 down_read(&uts_sem); 1144 error = __copy_to_user(&name->sysname, &utsname()->sysname, 1145 __OLD_UTS_LEN); 1146 error |= __put_user(0, name->sysname + __OLD_UTS_LEN); 1147 error |= __copy_to_user(&name->nodename, &utsname()->nodename, 1148 __OLD_UTS_LEN); 1149 error |= __put_user(0, name->nodename + __OLD_UTS_LEN); 1150 error |= __copy_to_user(&name->release, &utsname()->release, 1151 __OLD_UTS_LEN); 1152 error |= __put_user(0, name->release + __OLD_UTS_LEN); 1153 error |= __copy_to_user(&name->version, &utsname()->version, 1154 __OLD_UTS_LEN); 1155 error |= __put_user(0, name->version + __OLD_UTS_LEN); 1156 error |= __copy_to_user(&name->machine, &utsname()->machine, 1157 __OLD_UTS_LEN); 1158 error |= __put_user(0, name->machine + __OLD_UTS_LEN); 1159 up_read(&uts_sem); 1160 1161 if (!error && override_architecture(name)) 1162 error = -EFAULT; 1163 return error ? -EFAULT : 0; 1164 } 1165 #endif 1166 1167 SYSCALL_DEFINE2(sethostname, char __user *, name, int, len) 1168 { 1169 int errno; 1170 char tmp[__NEW_UTS_LEN]; 1171 1172 if (!capable(CAP_SYS_ADMIN)) 1173 return -EPERM; 1174 if (len < 0 || len > __NEW_UTS_LEN) 1175 return -EINVAL; 1176 down_write(&uts_sem); 1177 errno = -EFAULT; 1178 if (!copy_from_user(tmp, name, len)) { 1179 struct new_utsname *u = utsname(); 1180 1181 memcpy(u->nodename, tmp, len); 1182 memset(u->nodename + len, 0, sizeof(u->nodename) - len); 1183 errno = 0; 1184 } 1185 up_write(&uts_sem); 1186 return errno; 1187 } 1188 1189 #ifdef __ARCH_WANT_SYS_GETHOSTNAME 1190 1191 SYSCALL_DEFINE2(gethostname, char __user *, name, int, len) 1192 { 1193 int i, errno; 1194 struct new_utsname *u; 1195 1196 if (len < 0) 1197 return -EINVAL; 1198 down_read(&uts_sem); 1199 u = utsname(); 1200 i = 1 + strlen(u->nodename); 1201 if (i > len) 1202 i = len; 1203 errno = 0; 1204 if (copy_to_user(name, u->nodename, i)) 1205 errno = -EFAULT; 1206 up_read(&uts_sem); 1207 return errno; 1208 } 1209 1210 #endif 1211 1212 /* 1213 * Only setdomainname; getdomainname can be implemented by calling 1214 * uname() 1215 */ 1216 SYSCALL_DEFINE2(setdomainname, char __user *, name, int, len) 1217 { 1218 int errno; 1219 char tmp[__NEW_UTS_LEN]; 1220 1221 if (!capable(CAP_SYS_ADMIN)) 1222 return -EPERM; 1223 if (len < 0 || len > __NEW_UTS_LEN) 1224 return -EINVAL; 1225 1226 down_write(&uts_sem); 1227 errno = -EFAULT; 1228 if (!copy_from_user(tmp, name, len)) { 1229 struct new_utsname *u = utsname(); 1230 1231 memcpy(u->domainname, tmp, len); 1232 memset(u->domainname + len, 0, sizeof(u->domainname) - len); 1233 errno = 0; 1234 } 1235 up_write(&uts_sem); 1236 return errno; 1237 } 1238 1239 SYSCALL_DEFINE2(getrlimit, unsigned int, resource, struct rlimit __user *, rlim) 1240 { 1241 struct rlimit value; 1242 int ret; 1243 1244 ret = do_prlimit(current, resource, NULL, &value); 1245 if (!ret) 1246 ret = copy_to_user(rlim, &value, sizeof(*rlim)) ? -EFAULT : 0; 1247 1248 return ret; 1249 } 1250 1251 #ifdef __ARCH_WANT_SYS_OLD_GETRLIMIT 1252 1253 /* 1254 * Back compatibility for getrlimit. Needed for some apps. 1255 */ 1256 1257 SYSCALL_DEFINE2(old_getrlimit, unsigned int, resource, 1258 struct rlimit __user *, rlim) 1259 { 1260 struct rlimit x; 1261 if (resource >= RLIM_NLIMITS) 1262 return -EINVAL; 1263 1264 task_lock(current->group_leader); 1265 x = current->signal->rlim[resource]; 1266 task_unlock(current->group_leader); 1267 if (x.rlim_cur > 0x7FFFFFFF) 1268 x.rlim_cur = 0x7FFFFFFF; 1269 if (x.rlim_max > 0x7FFFFFFF) 1270 x.rlim_max = 0x7FFFFFFF; 1271 return copy_to_user(rlim, &x, sizeof(x))?-EFAULT:0; 1272 } 1273 1274 #endif 1275 1276 static inline bool rlim64_is_infinity(__u64 rlim64) 1277 { 1278 #if BITS_PER_LONG < 64 1279 return rlim64 >= ULONG_MAX; 1280 #else 1281 return rlim64 == RLIM64_INFINITY; 1282 #endif 1283 } 1284 1285 static void rlim_to_rlim64(const struct rlimit *rlim, struct rlimit64 *rlim64) 1286 { 1287 if (rlim->rlim_cur == RLIM_INFINITY) 1288 rlim64->rlim_cur = RLIM64_INFINITY; 1289 else 1290 rlim64->rlim_cur = rlim->rlim_cur; 1291 if (rlim->rlim_max == RLIM_INFINITY) 1292 rlim64->rlim_max = RLIM64_INFINITY; 1293 else 1294 rlim64->rlim_max = rlim->rlim_max; 1295 } 1296 1297 static void rlim64_to_rlim(const struct rlimit64 *rlim64, struct rlimit *rlim) 1298 { 1299 if (rlim64_is_infinity(rlim64->rlim_cur)) 1300 rlim->rlim_cur = RLIM_INFINITY; 1301 else 1302 rlim->rlim_cur = (unsigned long)rlim64->rlim_cur; 1303 if (rlim64_is_infinity(rlim64->rlim_max)) 1304 rlim->rlim_max = RLIM_INFINITY; 1305 else 1306 rlim->rlim_max = (unsigned long)rlim64->rlim_max; 1307 } 1308 1309 /* make sure you are allowed to change @tsk limits before calling this */ 1310 int do_prlimit(struct task_struct *tsk, unsigned int resource, 1311 struct rlimit *new_rlim, struct rlimit *old_rlim) 1312 { 1313 struct rlimit *rlim; 1314 int retval = 0; 1315 1316 if (resource >= RLIM_NLIMITS) 1317 return -EINVAL; 1318 if (new_rlim) { 1319 if (new_rlim->rlim_cur > new_rlim->rlim_max) 1320 return -EINVAL; 1321 if (resource == RLIMIT_NOFILE && 1322 new_rlim->rlim_max > sysctl_nr_open) 1323 return -EPERM; 1324 } 1325 1326 /* protect tsk->signal and tsk->sighand from disappearing */ 1327 read_lock(&tasklist_lock); 1328 if (!tsk->sighand) { 1329 retval = -ESRCH; 1330 goto out; 1331 } 1332 1333 rlim = tsk->signal->rlim + resource; 1334 task_lock(tsk->group_leader); 1335 if (new_rlim) { 1336 if (new_rlim->rlim_max > rlim->rlim_max && 1337 !capable(CAP_SYS_RESOURCE)) 1338 retval = -EPERM; 1339 if (!retval) 1340 retval = security_task_setrlimit(tsk->group_leader, 1341 resource, new_rlim); 1342 if (resource == RLIMIT_CPU && new_rlim->rlim_cur == 0) { 1343 /* 1344 * The caller is asking for an immediate RLIMIT_CPU 1345 * expiry. But we use the zero value to mean "it was 1346 * never set". So let's cheat and make it one second 1347 * instead 1348 */ 1349 new_rlim->rlim_cur = 1; 1350 } 1351 } 1352 if (!retval) { 1353 if (old_rlim) 1354 *old_rlim = *rlim; 1355 if (new_rlim) 1356 *rlim = *new_rlim; 1357 } 1358 task_unlock(tsk->group_leader); 1359 1360 /* 1361 * RLIMIT_CPU handling. Note that the kernel fails to return an error 1362 * code if it rejected the user's attempt to set RLIMIT_CPU. This is a 1363 * very long-standing error, and fixing it now risks breakage of 1364 * applications, so we live with it 1365 */ 1366 if (!retval && new_rlim && resource == RLIMIT_CPU && 1367 new_rlim->rlim_cur != RLIM_INFINITY) 1368 update_rlimit_cpu(tsk, new_rlim->rlim_cur); 1369 out: 1370 read_unlock(&tasklist_lock); 1371 return retval; 1372 } 1373 1374 /* rcu lock must be held */ 1375 static int check_prlimit_permission(struct task_struct *task) 1376 { 1377 const struct cred *cred = current_cred(), *tcred; 1378 1379 tcred = __task_cred(task); 1380 if ((cred->uid != tcred->euid || 1381 cred->uid != tcred->suid || 1382 cred->uid != tcred->uid || 1383 cred->gid != tcred->egid || 1384 cred->gid != tcred->sgid || 1385 cred->gid != tcred->gid) && 1386 !capable(CAP_SYS_RESOURCE)) { 1387 return -EPERM; 1388 } 1389 1390 return 0; 1391 } 1392 1393 SYSCALL_DEFINE4(prlimit64, pid_t, pid, unsigned int, resource, 1394 const struct rlimit64 __user *, new_rlim, 1395 struct rlimit64 __user *, old_rlim) 1396 { 1397 struct rlimit64 old64, new64; 1398 struct rlimit old, new; 1399 struct task_struct *tsk; 1400 int ret; 1401 1402 if (new_rlim) { 1403 if (copy_from_user(&new64, new_rlim, sizeof(new64))) 1404 return -EFAULT; 1405 rlim64_to_rlim(&new64, &new); 1406 } 1407 1408 rcu_read_lock(); 1409 tsk = pid ? find_task_by_vpid(pid) : current; 1410 if (!tsk) { 1411 rcu_read_unlock(); 1412 return -ESRCH; 1413 } 1414 ret = check_prlimit_permission(tsk); 1415 if (ret) { 1416 rcu_read_unlock(); 1417 return ret; 1418 } 1419 get_task_struct(tsk); 1420 rcu_read_unlock(); 1421 1422 ret = do_prlimit(tsk, resource, new_rlim ? &new : NULL, 1423 old_rlim ? &old : NULL); 1424 1425 if (!ret && old_rlim) { 1426 rlim_to_rlim64(&old, &old64); 1427 if (copy_to_user(old_rlim, &old64, sizeof(old64))) 1428 ret = -EFAULT; 1429 } 1430 1431 put_task_struct(tsk); 1432 return ret; 1433 } 1434 1435 SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim) 1436 { 1437 struct rlimit new_rlim; 1438 1439 if (copy_from_user(&new_rlim, rlim, sizeof(*rlim))) 1440 return -EFAULT; 1441 return do_prlimit(current, resource, &new_rlim, NULL); 1442 } 1443 1444 /* 1445 * It would make sense to put struct rusage in the task_struct, 1446 * except that would make the task_struct be *really big*. After 1447 * task_struct gets moved into malloc'ed memory, it would 1448 * make sense to do this. It will make moving the rest of the information 1449 * a lot simpler! (Which we're not doing right now because we're not 1450 * measuring them yet). 1451 * 1452 * When sampling multiple threads for RUSAGE_SELF, under SMP we might have 1453 * races with threads incrementing their own counters. But since word 1454 * reads are atomic, we either get new values or old values and we don't 1455 * care which for the sums. We always take the siglock to protect reading 1456 * the c* fields from p->signal from races with exit.c updating those 1457 * fields when reaping, so a sample either gets all the additions of a 1458 * given child after it's reaped, or none so this sample is before reaping. 1459 * 1460 * Locking: 1461 * We need to take the siglock for CHILDEREN, SELF and BOTH 1462 * for the cases current multithreaded, non-current single threaded 1463 * non-current multithreaded. Thread traversal is now safe with 1464 * the siglock held. 1465 * Strictly speaking, we donot need to take the siglock if we are current and 1466 * single threaded, as no one else can take our signal_struct away, no one 1467 * else can reap the children to update signal->c* counters, and no one else 1468 * can race with the signal-> fields. If we do not take any lock, the 1469 * signal-> fields could be read out of order while another thread was just 1470 * exiting. So we should place a read memory barrier when we avoid the lock. 1471 * On the writer side, write memory barrier is implied in __exit_signal 1472 * as __exit_signal releases the siglock spinlock after updating the signal-> 1473 * fields. But we don't do this yet to keep things simple. 1474 * 1475 */ 1476 1477 static void accumulate_thread_rusage(struct task_struct *t, struct rusage *r) 1478 { 1479 r->ru_nvcsw += t->nvcsw; 1480 r->ru_nivcsw += t->nivcsw; 1481 r->ru_minflt += t->min_flt; 1482 r->ru_majflt += t->maj_flt; 1483 r->ru_inblock += task_io_get_inblock(t); 1484 r->ru_oublock += task_io_get_oublock(t); 1485 } 1486 1487 static void k_getrusage(struct task_struct *p, int who, struct rusage *r) 1488 { 1489 struct task_struct *t; 1490 unsigned long flags; 1491 cputime_t tgutime, tgstime, utime, stime; 1492 unsigned long maxrss = 0; 1493 1494 memset((char *) r, 0, sizeof *r); 1495 utime = stime = cputime_zero; 1496 1497 if (who == RUSAGE_THREAD) { 1498 task_times(current, &utime, &stime); 1499 accumulate_thread_rusage(p, r); 1500 maxrss = p->signal->maxrss; 1501 goto out; 1502 } 1503 1504 if (!lock_task_sighand(p, &flags)) 1505 return; 1506 1507 switch (who) { 1508 case RUSAGE_BOTH: 1509 case RUSAGE_CHILDREN: 1510 utime = p->signal->cutime; 1511 stime = p->signal->cstime; 1512 r->ru_nvcsw = p->signal->cnvcsw; 1513 r->ru_nivcsw = p->signal->cnivcsw; 1514 r->ru_minflt = p->signal->cmin_flt; 1515 r->ru_majflt = p->signal->cmaj_flt; 1516 r->ru_inblock = p->signal->cinblock; 1517 r->ru_oublock = p->signal->coublock; 1518 maxrss = p->signal->cmaxrss; 1519 1520 if (who == RUSAGE_CHILDREN) 1521 break; 1522 1523 case RUSAGE_SELF: 1524 thread_group_times(p, &tgutime, &tgstime); 1525 utime = cputime_add(utime, tgutime); 1526 stime = cputime_add(stime, tgstime); 1527 r->ru_nvcsw += p->signal->nvcsw; 1528 r->ru_nivcsw += p->signal->nivcsw; 1529 r->ru_minflt += p->signal->min_flt; 1530 r->ru_majflt += p->signal->maj_flt; 1531 r->ru_inblock += p->signal->inblock; 1532 r->ru_oublock += p->signal->oublock; 1533 if (maxrss < p->signal->maxrss) 1534 maxrss = p->signal->maxrss; 1535 t = p; 1536 do { 1537 accumulate_thread_rusage(t, r); 1538 t = next_thread(t); 1539 } while (t != p); 1540 break; 1541 1542 default: 1543 BUG(); 1544 } 1545 unlock_task_sighand(p, &flags); 1546 1547 out: 1548 cputime_to_timeval(utime, &r->ru_utime); 1549 cputime_to_timeval(stime, &r->ru_stime); 1550 1551 if (who != RUSAGE_CHILDREN) { 1552 struct mm_struct *mm = get_task_mm(p); 1553 if (mm) { 1554 setmax_mm_hiwater_rss(&maxrss, mm); 1555 mmput(mm); 1556 } 1557 } 1558 r->ru_maxrss = maxrss * (PAGE_SIZE / 1024); /* convert pages to KBs */ 1559 } 1560 1561 int getrusage(struct task_struct *p, int who, struct rusage __user *ru) 1562 { 1563 struct rusage r; 1564 k_getrusage(p, who, &r); 1565 return copy_to_user(ru, &r, sizeof(r)) ? -EFAULT : 0; 1566 } 1567 1568 SYSCALL_DEFINE2(getrusage, int, who, struct rusage __user *, ru) 1569 { 1570 if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN && 1571 who != RUSAGE_THREAD) 1572 return -EINVAL; 1573 return getrusage(current, who, ru); 1574 } 1575 1576 SYSCALL_DEFINE1(umask, int, mask) 1577 { 1578 mask = xchg(¤t->fs->umask, mask & S_IRWXUGO); 1579 return mask; 1580 } 1581 1582 SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, 1583 unsigned long, arg4, unsigned long, arg5) 1584 { 1585 struct task_struct *me = current; 1586 unsigned char comm[sizeof(me->comm)]; 1587 long error; 1588 1589 error = security_task_prctl(option, arg2, arg3, arg4, arg5); 1590 if (error != -ENOSYS) 1591 return error; 1592 1593 error = 0; 1594 switch (option) { 1595 case PR_SET_PDEATHSIG: 1596 if (!valid_signal(arg2)) { 1597 error = -EINVAL; 1598 break; 1599 } 1600 me->pdeath_signal = arg2; 1601 error = 0; 1602 break; 1603 case PR_GET_PDEATHSIG: 1604 error = put_user(me->pdeath_signal, (int __user *)arg2); 1605 break; 1606 case PR_GET_DUMPABLE: 1607 error = get_dumpable(me->mm); 1608 break; 1609 case PR_SET_DUMPABLE: 1610 if (arg2 < 0 || arg2 > 1) { 1611 error = -EINVAL; 1612 break; 1613 } 1614 set_dumpable(me->mm, arg2); 1615 error = 0; 1616 break; 1617 1618 case PR_SET_UNALIGN: 1619 error = SET_UNALIGN_CTL(me, arg2); 1620 break; 1621 case PR_GET_UNALIGN: 1622 error = GET_UNALIGN_CTL(me, arg2); 1623 break; 1624 case PR_SET_FPEMU: 1625 error = SET_FPEMU_CTL(me, arg2); 1626 break; 1627 case PR_GET_FPEMU: 1628 error = GET_FPEMU_CTL(me, arg2); 1629 break; 1630 case PR_SET_FPEXC: 1631 error = SET_FPEXC_CTL(me, arg2); 1632 break; 1633 case PR_GET_FPEXC: 1634 error = GET_FPEXC_CTL(me, arg2); 1635 break; 1636 case PR_GET_TIMING: 1637 error = PR_TIMING_STATISTICAL; 1638 break; 1639 case PR_SET_TIMING: 1640 if (arg2 != PR_TIMING_STATISTICAL) 1641 error = -EINVAL; 1642 else 1643 error = 0; 1644 break; 1645 1646 case PR_SET_NAME: 1647 comm[sizeof(me->comm)-1] = 0; 1648 if (strncpy_from_user(comm, (char __user *)arg2, 1649 sizeof(me->comm) - 1) < 0) 1650 return -EFAULT; 1651 set_task_comm(me, comm); 1652 return 0; 1653 case PR_GET_NAME: 1654 get_task_comm(comm, me); 1655 if (copy_to_user((char __user *)arg2, comm, 1656 sizeof(comm))) 1657 return -EFAULT; 1658 return 0; 1659 case PR_GET_ENDIAN: 1660 error = GET_ENDIAN(me, arg2); 1661 break; 1662 case PR_SET_ENDIAN: 1663 error = SET_ENDIAN(me, arg2); 1664 break; 1665 1666 case PR_GET_SECCOMP: 1667 error = prctl_get_seccomp(); 1668 break; 1669 case PR_SET_SECCOMP: 1670 error = prctl_set_seccomp(arg2); 1671 break; 1672 case PR_GET_TSC: 1673 error = GET_TSC_CTL(arg2); 1674 break; 1675 case PR_SET_TSC: 1676 error = SET_TSC_CTL(arg2); 1677 break; 1678 case PR_TASK_PERF_EVENTS_DISABLE: 1679 error = perf_event_task_disable(); 1680 break; 1681 case PR_TASK_PERF_EVENTS_ENABLE: 1682 error = perf_event_task_enable(); 1683 break; 1684 case PR_GET_TIMERSLACK: 1685 error = current->timer_slack_ns; 1686 break; 1687 case PR_SET_TIMERSLACK: 1688 if (arg2 <= 0) 1689 current->timer_slack_ns = 1690 current->default_timer_slack_ns; 1691 else 1692 current->timer_slack_ns = arg2; 1693 error = 0; 1694 break; 1695 case PR_MCE_KILL: 1696 if (arg4 | arg5) 1697 return -EINVAL; 1698 switch (arg2) { 1699 case PR_MCE_KILL_CLEAR: 1700 if (arg3 != 0) 1701 return -EINVAL; 1702 current->flags &= ~PF_MCE_PROCESS; 1703 break; 1704 case PR_MCE_KILL_SET: 1705 current->flags |= PF_MCE_PROCESS; 1706 if (arg3 == PR_MCE_KILL_EARLY) 1707 current->flags |= PF_MCE_EARLY; 1708 else if (arg3 == PR_MCE_KILL_LATE) 1709 current->flags &= ~PF_MCE_EARLY; 1710 else if (arg3 == PR_MCE_KILL_DEFAULT) 1711 current->flags &= 1712 ~(PF_MCE_EARLY|PF_MCE_PROCESS); 1713 else 1714 return -EINVAL; 1715 break; 1716 default: 1717 return -EINVAL; 1718 } 1719 error = 0; 1720 break; 1721 case PR_MCE_KILL_GET: 1722 if (arg2 | arg3 | arg4 | arg5) 1723 return -EINVAL; 1724 if (current->flags & PF_MCE_PROCESS) 1725 error = (current->flags & PF_MCE_EARLY) ? 1726 PR_MCE_KILL_EARLY : PR_MCE_KILL_LATE; 1727 else 1728 error = PR_MCE_KILL_DEFAULT; 1729 break; 1730 default: 1731 error = -EINVAL; 1732 break; 1733 } 1734 return error; 1735 } 1736 1737 SYSCALL_DEFINE3(getcpu, unsigned __user *, cpup, unsigned __user *, nodep, 1738 struct getcpu_cache __user *, unused) 1739 { 1740 int err = 0; 1741 int cpu = raw_smp_processor_id(); 1742 if (cpup) 1743 err |= put_user(cpu, cpup); 1744 if (nodep) 1745 err |= put_user(cpu_to_node(cpu), nodep); 1746 return err ? -EFAULT : 0; 1747 } 1748 1749 char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff"; 1750 1751 static void argv_cleanup(struct subprocess_info *info) 1752 { 1753 argv_free(info->argv); 1754 } 1755 1756 /** 1757 * orderly_poweroff - Trigger an orderly system poweroff 1758 * @force: force poweroff if command execution fails 1759 * 1760 * This may be called from any context to trigger a system shutdown. 1761 * If the orderly shutdown fails, it will force an immediate shutdown. 1762 */ 1763 int orderly_poweroff(bool force) 1764 { 1765 int argc; 1766 char **argv = argv_split(GFP_ATOMIC, poweroff_cmd, &argc); 1767 static char *envp[] = { 1768 "HOME=/", 1769 "PATH=/sbin:/bin:/usr/sbin:/usr/bin", 1770 NULL 1771 }; 1772 int ret = -ENOMEM; 1773 struct subprocess_info *info; 1774 1775 if (argv == NULL) { 1776 printk(KERN_WARNING "%s failed to allocate memory for \"%s\"\n", 1777 __func__, poweroff_cmd); 1778 goto out; 1779 } 1780 1781 info = call_usermodehelper_setup(argv[0], argv, envp, GFP_ATOMIC); 1782 if (info == NULL) { 1783 argv_free(argv); 1784 goto out; 1785 } 1786 1787 call_usermodehelper_setfns(info, NULL, argv_cleanup, NULL); 1788 1789 ret = call_usermodehelper_exec(info, UMH_NO_WAIT); 1790 1791 out: 1792 if (ret && force) { 1793 printk(KERN_WARNING "Failed to start orderly shutdown: " 1794 "forcing the issue\n"); 1795 1796 /* I guess this should try to kick off some daemon to 1797 sync and poweroff asap. Or not even bother syncing 1798 if we're doing an emergency shutdown? */ 1799 emergency_sync(); 1800 kernel_power_off(); 1801 } 1802 1803 return ret; 1804 } 1805 EXPORT_SYMBOL_GPL(orderly_poweroff); 1806