Skip to content

Commit

Permalink
---
Browse files Browse the repository at this point in the history 
yaml
---
r: 71178
b: refs/heads/master
c: 314f70f
h: refs/heads/master
v: v3
  • Loading branch information
Daniel Walker authored and Linus Torvalds committed Oct 18, 2007
1 parent 6ddc0ed commit 890a612
Show file tree
Hide file tree
Showing 2 changed files with 96 additions and 96 deletions.
2 changes: 1 addition & 1 deletion [refs]
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
refs/heads/master: c277e63fbe53697eab7595e86b297c643e2ea723
refs/heads/master: 314f70fd967064c7fa0734908f5feae6ac2831a9
190 changes: 95 additions & 95 deletions trunk/kernel/capability.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
*
* Integrated into 2.1.97+, Andrew G. Morgan <morgan@kernel.org>
* 30 May 2002: Cleanup, Robert M. Love <rml@tech9.net>
*/
*/

#include <linux/capability.h>
#include <linux/mm.h>
Expand Down Expand Up @@ -37,49 +37,49 @@ static DEFINE_SPINLOCK(task_capability_lock);
*/
asmlinkage long sys_capget(cap_user_header_t header, cap_user_data_t dataptr)
{
int ret = 0;
pid_t pid;
__u32 version;
struct task_struct *target;
struct __user_cap_data_struct data;

if (get_user(version, &header->version))
return -EFAULT;

if (version != _LINUX_CAPABILITY_VERSION) {
if (put_user(_LINUX_CAPABILITY_VERSION, &header->version))
return -EFAULT;
return -EINVAL;
}
int ret = 0;
pid_t pid;
__u32 version;
struct task_struct *target;
struct __user_cap_data_struct data;

if (get_user(version, &header->version))
return -EFAULT;

if (version != _LINUX_CAPABILITY_VERSION) {
if (put_user(_LINUX_CAPABILITY_VERSION, &header->version))
return -EFAULT;
return -EINVAL;
}

if (get_user(pid, &header->pid))
return -EFAULT;
if (get_user(pid, &header->pid))
return -EFAULT;

if (pid < 0)
return -EINVAL;
if (pid < 0)
return -EINVAL;

spin_lock(&task_capability_lock);
read_lock(&tasklist_lock);
spin_lock(&task_capability_lock);
read_lock(&tasklist_lock);

if (pid && pid != current->pid) {
target = find_task_by_pid(pid);
if (!target) {
ret = -ESRCH;
goto out;
}
} else
target = current;
if (pid && pid != current->pid) {
target = find_task_by_pid(pid);
if (!target) {
ret = -ESRCH;
goto out;
}
} else
target = current;

ret = security_capget(target, &data.effective, &data.inheritable, &data.permitted);
ret = security_capget(target, &data.effective, &data.inheritable, &data.permitted);

out:
read_unlock(&tasklist_lock);
spin_unlock(&task_capability_lock);
read_unlock(&tasklist_lock);
spin_unlock(&task_capability_lock);

if (!ret && copy_to_user(dataptr, &data, sizeof data))
return -EFAULT;
if (!ret && copy_to_user(dataptr, &data, sizeof data))
return -EFAULT;

return ret;
return ret;
}

/*
Expand Down Expand Up @@ -112,7 +112,7 @@ static inline int cap_set_pg(int pgrp_nr, kernel_cap_t *effective,
} while_each_pid_task(pgrp, PIDTYPE_PGID, g);

if (!found)
ret = 0;
ret = 0;
return ret;
}

Expand Down Expand Up @@ -166,68 +166,68 @@ static inline int cap_set_all(kernel_cap_t *effective,
*/
asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
{
kernel_cap_t inheritable, permitted, effective;
__u32 version;
struct task_struct *target;
int ret;
pid_t pid;

if (get_user(version, &header->version))
return -EFAULT;

if (version != _LINUX_CAPABILITY_VERSION) {
if (put_user(_LINUX_CAPABILITY_VERSION, &header->version))
return -EFAULT;
return -EINVAL;
}

if (get_user(pid, &header->pid))
return -EFAULT;

if (pid && pid != current->pid && !capable(CAP_SETPCAP))
return -EPERM;

if (copy_from_user(&effective, &data->effective, sizeof(effective)) ||
copy_from_user(&inheritable, &data->inheritable, sizeof(inheritable)) ||
copy_from_user(&permitted, &data->permitted, sizeof(permitted)))
return -EFAULT;

spin_lock(&task_capability_lock);
read_lock(&tasklist_lock);

if (pid > 0 && pid != current->pid) {
target = find_task_by_pid(pid);
if (!target) {
ret = -ESRCH;
goto out;
}
} else
target = current;

ret = 0;

/* having verified that the proposed changes are legal,
we now put them into effect. */
if (pid < 0) {
if (pid == -1) /* all procs other than current and init */
ret = cap_set_all(&effective, &inheritable, &permitted);

else /* all procs in process group */
ret = cap_set_pg(-pid, &effective, &inheritable,
&permitted);
} else {
ret = security_capset_check(target, &effective, &inheritable,
&permitted);
if (!ret)
security_capset_set(target, &effective, &inheritable,
&permitted);
}
kernel_cap_t inheritable, permitted, effective;
__u32 version;
struct task_struct *target;
int ret;
pid_t pid;

if (get_user(version, &header->version))
return -EFAULT;

if (version != _LINUX_CAPABILITY_VERSION) {
if (put_user(_LINUX_CAPABILITY_VERSION, &header->version))
return -EFAULT;
return -EINVAL;
}

if (get_user(pid, &header->pid))
return -EFAULT;

if (pid && pid != current->pid && !capable(CAP_SETPCAP))
return -EPERM;

if (copy_from_user(&effective, &data->effective, sizeof(effective)) ||
copy_from_user(&inheritable, &data->inheritable, sizeof(inheritable)) ||
copy_from_user(&permitted, &data->permitted, sizeof(permitted)))
return -EFAULT;

spin_lock(&task_capability_lock);
read_lock(&tasklist_lock);

if (pid > 0 && pid != current->pid) {
target = find_task_by_pid(pid);
if (!target) {
ret = -ESRCH;
goto out;
}
} else
target = current;

ret = 0;

/* having verified that the proposed changes are legal,
we now put them into effect. */
if (pid < 0) {
if (pid == -1) /* all procs other than current and init */
ret = cap_set_all(&effective, &inheritable, &permitted);

else /* all procs in process group */
ret = cap_set_pg(-pid, &effective, &inheritable,
&permitted);
} else {
ret = security_capset_check(target, &effective, &inheritable,
&permitted);
if (!ret)
security_capset_set(target, &effective, &inheritable,
&permitted);
}

out:
read_unlock(&tasklist_lock);
spin_unlock(&task_capability_lock);
read_unlock(&tasklist_lock);
spin_unlock(&task_capability_lock);

return ret;
return ret;
}

int __capable(struct task_struct *t, int cap)
Expand Down

0 comments on commit 890a612

Please sign in to comment.