diff options
Diffstat (limited to 'security/commoncap.c')
-rw-r--r-- | security/commoncap.c | 42 |
1 files changed, 13 insertions, 29 deletions
diff --git a/security/commoncap.c b/security/commoncap.c index 7f0b2a68717d..79713545cd63 100644 --- a/security/commoncap.c +++ b/security/commoncap.c | |||
@@ -43,44 +43,28 @@ int cap_netlink_recv(struct sk_buff *skb, int cap) | |||
43 | EXPORT_SYMBOL(cap_netlink_recv); | 43 | EXPORT_SYMBOL(cap_netlink_recv); |
44 | 44 | ||
45 | /** | 45 | /** |
46 | * cap_capable - Determine whether current has a particular effective capability | 46 | * cap_capable - Determine whether a task has a particular effective capability |
47 | * @tsk: The task to query | ||
47 | * @cap: The capability to check for | 48 | * @cap: The capability to check for |
48 | * @audit: Whether to write an audit message or not | 49 | * @audit: Whether to write an audit message or not |
49 | * | 50 | * |
50 | * Determine whether the nominated task has the specified capability amongst | 51 | * Determine whether the nominated task has the specified capability amongst |
51 | * its effective set, returning 0 if it does, -ve if it does not. Note that | 52 | * its effective set, returning 0 if it does, -ve if it does not. |
52 | * this uses current's subjective/effective credentials. | ||
53 | * | 53 | * |
54 | * NOTE WELL: cap_capable() cannot be used like the kernel's capable() | 54 | * NOTE WELL: cap_capable() cannot be used like the kernel's capable() |
55 | * function. That is, it has the reverse semantics: cap_capable() returns 0 | 55 | * function. That is, it has the reverse semantics: cap_capable() returns 0 |
56 | * when a task has a capability, but the kernel's capable() returns 1 for this | 56 | * when a task has a capability, but the kernel's capable() returns 1 for this |
57 | * case. | 57 | * case. |
58 | */ | 58 | */ |
59 | int cap_capable(int cap, int audit) | 59 | int cap_capable(struct task_struct *tsk, int cap, int audit) |
60 | { | 60 | { |
61 | return cap_raised(current_cap(), cap) ? 0 : -EPERM; | 61 | __u32 cap_raised; |
62 | } | ||
63 | 62 | ||
64 | /** | 63 | /* Derived from include/linux/sched.h:capable. */ |
65 | * cap_has_capability - Determine whether a task has a particular effective capability | 64 | rcu_read_lock(); |
66 | * @tsk: The task to query | 65 | cap_raised = cap_raised(__task_cred(tsk)->cap_effective, cap); |
67 | * @cred: The credentials to use | 66 | rcu_read_unlock(); |
68 | * @cap: The capability to check for | 67 | return cap_raised ? 0 : -EPERM; |
69 | * @audit: Whether to write an audit message or not | ||
70 | * | ||
71 | * Determine whether the nominated task has the specified capability amongst | ||
72 | * its effective set, returning 0 if it does, -ve if it does not. Note that | ||
73 | * this uses the task's objective/real credentials. | ||
74 | * | ||
75 | * NOTE WELL: cap_has_capability() cannot be used like the kernel's | ||
76 | * has_capability() function. That is, it has the reverse semantics: | ||
77 | * cap_has_capability() returns 0 when a task has a capability, but the | ||
78 | * kernel's has_capability() returns 1 for this case. | ||
79 | */ | ||
80 | int cap_task_capable(struct task_struct *tsk, const struct cred *cred, int cap, | ||
81 | int audit) | ||
82 | { | ||
83 | return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM; | ||
84 | } | 68 | } |
85 | 69 | ||
86 | /** | 70 | /** |
@@ -176,7 +160,7 @@ static inline int cap_inh_is_capped(void) | |||
176 | /* they are so limited unless the current task has the CAP_SETPCAP | 160 | /* they are so limited unless the current task has the CAP_SETPCAP |
177 | * capability | 161 | * capability |
178 | */ | 162 | */ |
179 | if (cap_capable(CAP_SETPCAP, SECURITY_CAP_AUDIT) == 0) | 163 | if (cap_capable(current, CAP_SETPCAP, SECURITY_CAP_AUDIT) == 0) |
180 | return 0; | 164 | return 0; |
181 | #endif | 165 | #endif |
182 | return 1; | 166 | return 1; |
@@ -885,7 +869,7 @@ int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, | |||
885 | & (new->securebits ^ arg2)) /*[1]*/ | 869 | & (new->securebits ^ arg2)) /*[1]*/ |
886 | || ((new->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/ | 870 | || ((new->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/ |
887 | || (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS)) /*[3]*/ | 871 | || (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS)) /*[3]*/ |
888 | || (cap_capable(CAP_SETPCAP, SECURITY_CAP_AUDIT) != 0) /*[4]*/ | 872 | || (cap_capable(current, CAP_SETPCAP, SECURITY_CAP_AUDIT) != 0) /*[4]*/ |
889 | /* | 873 | /* |
890 | * [1] no changing of bits that are locked | 874 | * [1] no changing of bits that are locked |
891 | * [2] no unlocking of locks | 875 | * [2] no unlocking of locks |
@@ -966,7 +950,7 @@ int cap_vm_enough_memory(struct mm_struct *mm, long pages) | |||
966 | { | 950 | { |
967 | int cap_sys_admin = 0; | 951 | int cap_sys_admin = 0; |
968 | 952 | ||
969 | if (cap_capable(CAP_SYS_ADMIN, SECURITY_CAP_NOAUDIT) == 0) | 953 | if (cap_capable(current, CAP_SYS_ADMIN, SECURITY_CAP_NOAUDIT) == 0) |
970 | cap_sys_admin = 1; | 954 | cap_sys_admin = 1; |
971 | return __vm_enough_memory(mm, pages, cap_sys_admin); | 955 | return __vm_enough_memory(mm, pages, cap_sys_admin); |
972 | } | 956 | } |