diff options
Diffstat (limited to 'kernel/sys.c')
-rw-r--r-- | kernel/sys.c | 38 |
1 files changed, 25 insertions, 13 deletions
diff --git a/kernel/sys.c b/kernel/sys.c index 1b96401a0576..fc71f99fb469 100644 --- a/kernel/sys.c +++ b/kernel/sys.c | |||
@@ -1060,9 +1060,7 @@ asmlinkage long sys_setsid(void) | |||
1060 | group_leader->signal->leader = 1; | 1060 | group_leader->signal->leader = 1; |
1061 | __set_special_pids(sid); | 1061 | __set_special_pids(sid); |
1062 | 1062 | ||
1063 | spin_lock(&group_leader->sighand->siglock); | 1063 | proc_clear_tty(group_leader); |
1064 | group_leader->signal->tty = NULL; | ||
1065 | spin_unlock(&group_leader->sighand->siglock); | ||
1066 | 1064 | ||
1067 | err = session; | 1065 | err = session; |
1068 | out: | 1066 | out: |
@@ -1351,8 +1349,10 @@ asmlinkage long sys_sethostname(char __user *name, int len) | |||
1351 | down_write(&uts_sem); | 1349 | down_write(&uts_sem); |
1352 | errno = -EFAULT; | 1350 | errno = -EFAULT; |
1353 | if (!copy_from_user(tmp, name, len)) { | 1351 | if (!copy_from_user(tmp, name, len)) { |
1354 | memcpy(utsname()->nodename, tmp, len); | 1352 | struct new_utsname *u = utsname(); |
1355 | utsname()->nodename[len] = 0; | 1353 | |
1354 | memcpy(u->nodename, tmp, len); | ||
1355 | memset(u->nodename + len, 0, sizeof(u->nodename) - len); | ||
1356 | errno = 0; | 1356 | errno = 0; |
1357 | } | 1357 | } |
1358 | up_write(&uts_sem); | 1358 | up_write(&uts_sem); |
@@ -1364,15 +1364,17 @@ asmlinkage long sys_sethostname(char __user *name, int len) | |||
1364 | asmlinkage long sys_gethostname(char __user *name, int len) | 1364 | asmlinkage long sys_gethostname(char __user *name, int len) |
1365 | { | 1365 | { |
1366 | int i, errno; | 1366 | int i, errno; |
1367 | struct new_utsname *u; | ||
1367 | 1368 | ||
1368 | if (len < 0) | 1369 | if (len < 0) |
1369 | return -EINVAL; | 1370 | return -EINVAL; |
1370 | down_read(&uts_sem); | 1371 | down_read(&uts_sem); |
1371 | i = 1 + strlen(utsname()->nodename); | 1372 | u = utsname(); |
1373 | i = 1 + strlen(u->nodename); | ||
1372 | if (i > len) | 1374 | if (i > len) |
1373 | i = len; | 1375 | i = len; |
1374 | errno = 0; | 1376 | errno = 0; |
1375 | if (copy_to_user(name, utsname()->nodename, i)) | 1377 | if (copy_to_user(name, u->nodename, i)) |
1376 | errno = -EFAULT; | 1378 | errno = -EFAULT; |
1377 | up_read(&uts_sem); | 1379 | up_read(&uts_sem); |
1378 | return errno; | 1380 | return errno; |
@@ -1397,8 +1399,10 @@ asmlinkage long sys_setdomainname(char __user *name, int len) | |||
1397 | down_write(&uts_sem); | 1399 | down_write(&uts_sem); |
1398 | errno = -EFAULT; | 1400 | errno = -EFAULT; |
1399 | if (!copy_from_user(tmp, name, len)) { | 1401 | if (!copy_from_user(tmp, name, len)) { |
1400 | memcpy(utsname()->domainname, tmp, len); | 1402 | struct new_utsname *u = utsname(); |
1401 | utsname()->domainname[len] = 0; | 1403 | |
1404 | memcpy(u->domainname, tmp, len); | ||
1405 | memset(u->domainname + len, 0, sizeof(u->domainname) - len); | ||
1402 | errno = 0; | 1406 | errno = 0; |
1403 | } | 1407 | } |
1404 | up_write(&uts_sem); | 1408 | up_write(&uts_sem); |
@@ -1452,14 +1456,22 @@ asmlinkage long sys_setrlimit(unsigned int resource, struct rlimit __user *rlim) | |||
1452 | return -EINVAL; | 1456 | return -EINVAL; |
1453 | if (copy_from_user(&new_rlim, rlim, sizeof(*rlim))) | 1457 | if (copy_from_user(&new_rlim, rlim, sizeof(*rlim))) |
1454 | return -EFAULT; | 1458 | return -EFAULT; |
1455 | if (new_rlim.rlim_cur > new_rlim.rlim_max) | ||
1456 | return -EINVAL; | ||
1457 | old_rlim = current->signal->rlim + resource; | 1459 | old_rlim = current->signal->rlim + resource; |
1458 | if ((new_rlim.rlim_max > old_rlim->rlim_max) && | 1460 | if ((new_rlim.rlim_max > old_rlim->rlim_max) && |
1459 | !capable(CAP_SYS_RESOURCE)) | 1461 | !capable(CAP_SYS_RESOURCE)) |
1460 | return -EPERM; | 1462 | return -EPERM; |
1461 | if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > sysctl_nr_open) | 1463 | |
1462 | return -EPERM; | 1464 | if (resource == RLIMIT_NOFILE) { |
1465 | if (new_rlim.rlim_max == RLIM_INFINITY) | ||
1466 | new_rlim.rlim_max = sysctl_nr_open; | ||
1467 | if (new_rlim.rlim_cur == RLIM_INFINITY) | ||
1468 | new_rlim.rlim_cur = sysctl_nr_open; | ||
1469 | if (new_rlim.rlim_max > sysctl_nr_open) | ||
1470 | return -EPERM; | ||
1471 | } | ||
1472 | |||
1473 | if (new_rlim.rlim_cur > new_rlim.rlim_max) | ||
1474 | return -EINVAL; | ||
1463 | 1475 | ||
1464 | retval = security_task_setrlimit(resource, &new_rlim); | 1476 | retval = security_task_setrlimit(resource, &new_rlim); |
1465 | if (retval) | 1477 | if (retval) |