diff options
Diffstat (limited to 'kernel/sys.c')
| -rw-r--r-- | kernel/sys.c | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/kernel/sys.c b/kernel/sys.c index 7cb426a58965..0d36d889c74d 100644 --- a/kernel/sys.c +++ b/kernel/sys.c | |||
| @@ -492,10 +492,6 @@ SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid) | |||
| 492 | return -ENOMEM; | 492 | return -ENOMEM; |
| 493 | old = current_cred(); | 493 | old = current_cred(); |
| 494 | 494 | ||
| 495 | retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE); | ||
| 496 | if (retval) | ||
| 497 | goto error; | ||
| 498 | |||
| 499 | retval = -EPERM; | 495 | retval = -EPERM; |
| 500 | if (rgid != (gid_t) -1) { | 496 | if (rgid != (gid_t) -1) { |
| 501 | if (old->gid == rgid || | 497 | if (old->gid == rgid || |
| @@ -543,10 +539,6 @@ SYSCALL_DEFINE1(setgid, gid_t, gid) | |||
| 543 | return -ENOMEM; | 539 | return -ENOMEM; |
| 544 | old = current_cred(); | 540 | old = current_cred(); |
| 545 | 541 | ||
| 546 | retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID); | ||
| 547 | if (retval) | ||
| 548 | goto error; | ||
| 549 | |||
| 550 | retval = -EPERM; | 542 | retval = -EPERM; |
| 551 | if (capable(CAP_SETGID)) | 543 | if (capable(CAP_SETGID)) |
| 552 | new->gid = new->egid = new->sgid = new->fsgid = gid; | 544 | new->gid = new->egid = new->sgid = new->fsgid = gid; |
| @@ -610,10 +602,6 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) | |||
| 610 | return -ENOMEM; | 602 | return -ENOMEM; |
| 611 | old = current_cred(); | 603 | old = current_cred(); |
| 612 | 604 | ||
| 613 | retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE); | ||
| 614 | if (retval) | ||
| 615 | goto error; | ||
| 616 | |||
| 617 | retval = -EPERM; | 605 | retval = -EPERM; |
| 618 | if (ruid != (uid_t) -1) { | 606 | if (ruid != (uid_t) -1) { |
| 619 | new->uid = ruid; | 607 | new->uid = ruid; |
| @@ -675,10 +663,6 @@ SYSCALL_DEFINE1(setuid, uid_t, uid) | |||
| 675 | return -ENOMEM; | 663 | return -ENOMEM; |
| 676 | old = current_cred(); | 664 | old = current_cred(); |
| 677 | 665 | ||
| 678 | retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID); | ||
| 679 | if (retval) | ||
| 680 | goto error; | ||
| 681 | |||
| 682 | retval = -EPERM; | 666 | retval = -EPERM; |
| 683 | if (capable(CAP_SETUID)) { | 667 | if (capable(CAP_SETUID)) { |
| 684 | new->suid = new->uid = uid; | 668 | new->suid = new->uid = uid; |
| @@ -719,9 +703,6 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) | |||
| 719 | if (!new) | 703 | if (!new) |
| 720 | return -ENOMEM; | 704 | return -ENOMEM; |
| 721 | 705 | ||
| 722 | retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES); | ||
| 723 | if (retval) | ||
| 724 | goto error; | ||
| 725 | old = current_cred(); | 706 | old = current_cred(); |
| 726 | 707 | ||
| 727 | retval = -EPERM; | 708 | retval = -EPERM; |
| @@ -788,10 +769,6 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) | |||
| 788 | return -ENOMEM; | 769 | return -ENOMEM; |
| 789 | old = current_cred(); | 770 | old = current_cred(); |
| 790 | 771 | ||
| 791 | retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES); | ||
| 792 | if (retval) | ||
| 793 | goto error; | ||
| 794 | |||
| 795 | retval = -EPERM; | 772 | retval = -EPERM; |
| 796 | if (!capable(CAP_SETGID)) { | 773 | if (!capable(CAP_SETGID)) { |
| 797 | if (rgid != (gid_t) -1 && rgid != old->gid && | 774 | if (rgid != (gid_t) -1 && rgid != old->gid && |
| @@ -851,9 +828,6 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) | |||
| 851 | old = current_cred(); | 828 | old = current_cred(); |
| 852 | old_fsuid = old->fsuid; | 829 | old_fsuid = old->fsuid; |
| 853 | 830 | ||
| 854 | if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS) < 0) | ||
| 855 | goto error; | ||
| 856 | |||
| 857 | if (uid == old->uid || uid == old->euid || | 831 | if (uid == old->uid || uid == old->euid || |
| 858 | uid == old->suid || uid == old->fsuid || | 832 | uid == old->suid || uid == old->fsuid || |
| 859 | capable(CAP_SETUID)) { | 833 | capable(CAP_SETUID)) { |
| @@ -864,7 +838,6 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) | |||
| 864 | } | 838 | } |
| 865 | } | 839 | } |
| 866 | 840 | ||
| 867 | error: | ||
| 868 | abort_creds(new); | 841 | abort_creds(new); |
| 869 | return old_fsuid; | 842 | return old_fsuid; |
| 870 | 843 | ||
| @@ -888,9 +861,6 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) | |||
| 888 | old = current_cred(); | 861 | old = current_cred(); |
| 889 | old_fsgid = old->fsgid; | 862 | old_fsgid = old->fsgid; |
| 890 | 863 | ||
| 891 | if (security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS)) | ||
| 892 | goto error; | ||
| 893 | |||
| 894 | if (gid == old->gid || gid == old->egid || | 864 | if (gid == old->gid || gid == old->egid || |
| 895 | gid == old->sgid || gid == old->fsgid || | 865 | gid == old->sgid || gid == old->fsgid || |
| 896 | capable(CAP_SETGID)) { | 866 | capable(CAP_SETGID)) { |
| @@ -900,7 +870,6 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) | |||
| 900 | } | 870 | } |
| 901 | } | 871 | } |
| 902 | 872 | ||
| 903 | error: | ||
| 904 | abort_creds(new); | 873 | abort_creds(new); |
| 905 | return old_fsgid; | 874 | return old_fsgid; |
| 906 | 875 | ||