/*
* linux/kernel/capability.c
*
* Copyright (C) 1997 Andrew Main <zefram@fysh.org>
* Integrated into 2.1.97+, Andrew G. Morgan <morgan@transmeta.com>
*/
#include <linux/mm.h>
#include <asm/uaccess.h>
kernel_cap_t cap_bset = CAP_INIT_EFF_SET;
/* Note: never hold tasklist_lock while spinning for this one */
spinlock_t task_capability_lock = SPIN_LOCK_UNLOCKED;
/*
* For sys_getproccap() and sys_setproccap(), any of the three
* capability set pointers may be NULL -- indicating that that set is
* uninteresting and/or not to be changed.
*/
22 asmlinkage long sys_capget(cap_user_header_t header, cap_user_data_t dataptr)
{
int error, pid;
__u32 version;
struct task_struct *target;
struct __user_cap_data_struct data;
29 if (get_user(version, &header->version))
30 return -EFAULT;
error = -EINVAL;
33 if (version != _LINUX_CAPABILITY_VERSION) {
version = _LINUX_CAPABILITY_VERSION;
35 if (put_user(version, &header->version))
error = -EFAULT;
37 return error;
}
40 if (get_user(pid, &header->pid))
41 return -EFAULT;
43 if (pid < 0)
44 return -EINVAL;
error = 0;
spin_lock(&task_capability_lock);
50 if (pid && pid != current->pid) {
read_lock(&tasklist_lock);
target = find_task_by_pid(pid); /* identify target of query */
53 if (!target)
error = -ESRCH;
55 } else {
target = current;
}
59 if (!error) {
data.permitted = cap_t(target->cap_permitted);
data.inheritable = cap_t(target->cap_inheritable);
data.effective = cap_t(target->cap_effective);
}
65 if (target != current)
66 read_unlock(&tasklist_lock);
67 spin_unlock(&task_capability_lock);
69 if (!error) {
70 if (copy_to_user(dataptr, &data, sizeof data))
71 return -EFAULT;
}
74 return error;
}
/* set capabilities for all processes in a given process group */
79 static void cap_set_pg(int pgrp,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted)
{
struct task_struct *target;
/* FIXME: do we need to have a write lock here..? */
read_lock(&tasklist_lock);
88 for_each_task(target) {
89 if (target->pgrp != pgrp)
90 continue;
target->cap_effective = *effective;
target->cap_inheritable = *inheritable;
target->cap_permitted = *permitted;
}
95 read_unlock(&tasklist_lock);
}
/* set capabilities for all processes other than 1 and self */
100 static void cap_set_all(kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted)
{
struct task_struct *target;
/* FIXME: do we need to have a write lock here..? */
read_lock(&tasklist_lock);
/* ALL means everyone other than self or 'init' */
109 for_each_task(target) {
110 if (target == current || target->pid == 1)
111 continue;
target->cap_effective = *effective;
target->cap_inheritable = *inheritable;
target->cap_permitted = *permitted;
}
116 read_unlock(&tasklist_lock);
}
/*
* The restrictions on setting capabilities are specified as:
*
* [pid is for the 'target' task. 'current' is the calling task.]
*
* I: any raised capabilities must be a subset of the (old current) Permitted
* P: any raised capabilities must be a subset of the (old current) permitted
* E: must be set to a subset of (new target) Permitted
*/
129 asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
{
kernel_cap_t inheritable, permitted, effective;
__u32 version;
struct task_struct *target;
int error, pid;
136 if (get_user(version, &header->version))
137 return -EFAULT;
139 if (version != _LINUX_CAPABILITY_VERSION) {
version = _LINUX_CAPABILITY_VERSION;
141 if (put_user(version, &header->version))
142 return -EFAULT;
143 return -EINVAL;
}
146 if (get_user(pid, &header->pid))
147 return -EFAULT;
149 if (pid && !capable(CAP_SETPCAP))
150 return -EPERM;
if (copy_from_user(&effective, &data->effective, sizeof(effective)) ||
copy_from_user(&inheritable, &data->inheritable, sizeof(inheritable)) ||
154 copy_from_user(&permitted, &data->permitted, sizeof(permitted)))
155 return -EFAULT;
error = -EPERM;
spin_lock(&task_capability_lock);
160 if (pid > 0 && pid != current->pid) {
read_lock(&tasklist_lock);
target = find_task_by_pid(pid); /* identify target of query */
163 if (!target) {
error = -ESRCH;
165 goto out;
}
167 } else {
target = current;
}
/* verify restrictions on target's new Inheritable set */
if (!cap_issubset(inheritable,
cap_combine(target->cap_inheritable,
175 current->cap_permitted))) {
176 goto out;
}
/* verify restrictions on target's new Permitted set */
if (!cap_issubset(permitted,
cap_combine(target->cap_permitted,
182 current->cap_permitted))) {
183 goto out;
}
/* verify the _new_Effective_ is a subset of the _new_Permitted_ */
187 if (!cap_issubset(effective, permitted)) {
188 goto out;
}
/* having verified that the proposed changes are legal,
we now put them into effect. */
error = 0;
195 if (pid < 0) {
196 if (pid == -1) /* all procs other than current and init */
cap_set_all(&effective, &inheritable, &permitted);
199 else /* all procs in process group */
cap_set_pg(-pid, &effective, &inheritable, &permitted);
201 goto spin_out;
202 } else {
/* FIXME: do we need to have a write lock here..? */
target->cap_effective = effective;
target->cap_inheritable = inheritable;
target->cap_permitted = permitted;
}
out:
210 if (target != current) {
211 read_unlock(&tasklist_lock);
}
spin_out:
214 spin_unlock(&task_capability_lock);
215 return error;
}