aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/sys.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/sys.c')
-rw-r--r--kernel/sys.c36
1 files changed, 22 insertions, 14 deletions
diff --git a/kernel/sys.c b/kernel/sys.c
index f145c415bc16..51dbb55604e8 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -34,6 +34,7 @@
34#include <linux/seccomp.h> 34#include <linux/seccomp.h>
35#include <linux/cpu.h> 35#include <linux/cpu.h>
36#include <linux/ptrace.h> 36#include <linux/ptrace.h>
37#include <linux/fs_struct.h>
37 38
38#include <linux/compat.h> 39#include <linux/compat.h>
39#include <linux/syscalls.h> 40#include <linux/syscalls.h>
@@ -559,7 +560,7 @@ error:
559 abort_creds(new); 560 abort_creds(new);
560 return retval; 561 return retval;
561} 562}
562 563
563/* 564/*
564 * change the user struct in a credentials set to match the new UID 565 * change the user struct in a credentials set to match the new UID
565 */ 566 */
@@ -571,6 +572,11 @@ static int set_user(struct cred *new)
571 if (!new_user) 572 if (!new_user)
572 return -EAGAIN; 573 return -EAGAIN;
573 574
575 if (!task_can_switch_user(new_user, current)) {
576 free_uid(new_user);
577 return -EINVAL;
578 }
579
574 if (atomic_read(&new_user->processes) >= 580 if (atomic_read(&new_user->processes) >=
575 current->signal->rlim[RLIMIT_NPROC].rlim_cur && 581 current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
576 new_user != INIT_USER) { 582 new_user != INIT_USER) {
@@ -631,10 +637,11 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid)
631 goto error; 637 goto error;
632 } 638 }
633 639
634 retval = -EAGAIN; 640 if (new->uid != old->uid) {
635 if (new->uid != old->uid && set_user(new) < 0) 641 retval = set_user(new);
636 goto error; 642 if (retval < 0)
637 643 goto error;
644 }
638 if (ruid != (uid_t) -1 || 645 if (ruid != (uid_t) -1 ||
639 (euid != (uid_t) -1 && euid != old->uid)) 646 (euid != (uid_t) -1 && euid != old->uid))
640 new->suid = new->euid; 647 new->suid = new->euid;
@@ -680,9 +687,10 @@ SYSCALL_DEFINE1(setuid, uid_t, uid)
680 retval = -EPERM; 687 retval = -EPERM;
681 if (capable(CAP_SETUID)) { 688 if (capable(CAP_SETUID)) {
682 new->suid = new->uid = uid; 689 new->suid = new->uid = uid;
683 if (uid != old->uid && set_user(new) < 0) { 690 if (uid != old->uid) {
684 retval = -EAGAIN; 691 retval = set_user(new);
685 goto error; 692 if (retval < 0)
693 goto error;
686 } 694 }
687 } else if (uid != old->uid && uid != new->suid) { 695 } else if (uid != old->uid && uid != new->suid) {
688 goto error; 696 goto error;
@@ -734,11 +742,13 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid)
734 goto error; 742 goto error;
735 } 743 }
736 744
737 retval = -EAGAIN;
738 if (ruid != (uid_t) -1) { 745 if (ruid != (uid_t) -1) {
739 new->uid = ruid; 746 new->uid = ruid;
740 if (ruid != old->uid && set_user(new) < 0) 747 if (ruid != old->uid) {
741 goto error; 748 retval = set_user(new);
749 if (retval < 0)
750 goto error;
751 }
742 } 752 }
743 if (euid != (uid_t) -1) 753 if (euid != (uid_t) -1)
744 new->euid = euid; 754 new->euid = euid;
@@ -1004,10 +1014,8 @@ SYSCALL_DEFINE2(setpgid, pid_t, pid, pid_t, pgid)
1004 if (err) 1014 if (err)
1005 goto out; 1015 goto out;
1006 1016
1007 if (task_pgrp(p) != pgrp) { 1017 if (task_pgrp(p) != pgrp)
1008 change_pid(p, PIDTYPE_PGID, pgrp); 1018 change_pid(p, PIDTYPE_PGID, pgrp);
1009 set_task_pgrp(p, pid_nr(pgrp));
1010 }
1011 1019
1012 err = 0; 1020 err = 0;
1013out: 1021out: