diff options
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/capability.c | 166 |
1 files changed, 83 insertions, 83 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index 14853be5944..cbc5fd60c0f 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -5,7 +5,7 @@ * * Integrated into 2.1.97+, Andrew G. Morgan <morgan@kernel.org> * 30 May 2002: Cleanup, Robert M. Love <rml@tech9.net> - */ + */ #include <linux/capability.h> #include <linux/mm.h> @@ -37,49 +37,49 @@ static DEFINE_SPINLOCK(task_capability_lock); */ asmlinkage long sys_capget(cap_user_header_t header, cap_user_data_t dataptr) { - int ret = 0; - pid_t pid; - __u32 version; - struct task_struct *target; - struct __user_cap_data_struct data; + int ret = 0; + pid_t pid; + __u32 version; + struct task_struct *target; + struct __user_cap_data_struct data; - if (get_user(version, &header->version)) - return -EFAULT; + if (get_user(version, &header->version)) + return -EFAULT; - if (version != _LINUX_CAPABILITY_VERSION) { - if (put_user(_LINUX_CAPABILITY_VERSION, &header->version)) - return -EFAULT; - return -EINVAL; - } + if (version != _LINUX_CAPABILITY_VERSION) { + if (put_user(_LINUX_CAPABILITY_VERSION, &header->version)) + return -EFAULT; + return -EINVAL; + } - if (get_user(pid, &header->pid)) - return -EFAULT; + if (get_user(pid, &header->pid)) + return -EFAULT; - if (pid < 0) - return -EINVAL; + if (pid < 0) + return -EINVAL; - spin_lock(&task_capability_lock); - read_lock(&tasklist_lock); + spin_lock(&task_capability_lock); + read_lock(&tasklist_lock); - if (pid && pid != current->pid) { - target = find_task_by_pid(pid); - if (!target) { - ret = -ESRCH; - goto out; - } - } else - target = current; + if (pid && pid != current->pid) { + target = find_task_by_pid(pid); + if (!target) { + ret = -ESRCH; + goto out; + } + } else + target = current; - ret = security_capget(target, &data.effective, &data.inheritable, &data.permitted); + ret = security_capget(target, &data.effective, &data.inheritable, &data.permitted); out: - read_unlock(&tasklist_lock); - spin_unlock(&task_capability_lock); + read_unlock(&tasklist_lock); + spin_unlock(&task_capability_lock); - if (!ret && copy_to_user(dataptr, &data, sizeof data)) - return -EFAULT; + if (!ret && copy_to_user(dataptr, &data, sizeof data)) + return -EFAULT; - return ret; + return ret; } /* @@ -112,7 +112,7 @@ static inline int cap_set_pg(int pgrp_nr, kernel_cap_t *effective, } while_each_pid_task(pgrp, PIDTYPE_PGID, g); if (!found) - ret = 0; + ret = 0; return ret; } @@ -166,68 +166,68 @@ static inline int cap_set_all(kernel_cap_t *effective, */ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data) { - kernel_cap_t inheritable, permitted, effective; - __u32 version; - struct task_struct *target; - int ret; - pid_t pid; + kernel_cap_t inheritable, permitted, effective; + __u32 version; + struct task_struct *target; + int ret; + pid_t pid; - if (get_user(version, &header->version)) - return -EFAULT; + if (get_user(version, &header->version)) + return -EFAULT; - if (version != _LINUX_CAPABILITY_VERSION) { - if (put_user(_LINUX_CAPABILITY_VERSION, &header->version)) - return -EFAULT; - return -EINVAL; - } + if (version != _LINUX_CAPABILITY_VERSION) { + if (put_user(_LINUX_CAPABILITY_VERSION, &header->version)) + return -EFAULT; + return -EINVAL; + } - if (get_user(pid, &header->pid)) - return -EFAULT; + if (get_user(pid, &header->pid)) + return -EFAULT; - if (pid && pid != current->pid && !capable(CAP_SETPCAP)) - return -EPERM; + if (pid && pid != current->pid && !capable(CAP_SETPCAP)) + return -EPERM; - if (copy_from_user(&effective, &data->effective, sizeof(effective)) || - copy_from_user(&inheritable, &data->inheritable, sizeof(inheritable)) || - copy_from_user(&permitted, &data->permitted, sizeof(permitted))) - return -EFAULT; + if (copy_from_user(&effective, &data->effective, sizeof(effective)) || + copy_from_user(&inheritable, &data->inheritable, sizeof(inheritable)) || + copy_from_user(&permitted, &data->permitted, sizeof(permitted))) + return -EFAULT; - spin_lock(&task_capability_lock); - read_lock(&tasklist_lock); + spin_lock(&task_capability_lock); + read_lock(&tasklist_lock); - if (pid > 0 && pid != current->pid) { - target = find_task_by_pid(pid); - if (!target) { - ret = -ESRCH; - goto out; - } - } else - target = current; + if (pid > 0 && pid != current->pid) { + target = find_task_by_pid(pid); + if (!target) { + ret = -ESRCH; + goto out; + } + } else + target = current; - ret = 0; + ret = 0; - /* having verified that the proposed changes are legal, - we now put them into effect. */ - if (pid < 0) { - if (pid == -1) /* all procs other than current and init */ - ret = cap_set_all(&effective, &inheritable, &permitted); + /* having verified that the proposed changes are legal, + we now put them into effect. */ + if (pid < 0) { + if (pid == -1) /* all procs other than current and init */ + ret = cap_set_all(&effective, &inheritable, &permitted); - else /* all procs in process group */ - ret = cap_set_pg(-pid, &effective, &inheritable, - &permitted); - } else { - ret = security_capset_check(target, &effective, &inheritable, - &permitted); - if (!ret) - security_capset_set(target, &effective, &inheritable, - &permitted); - } + else /* all procs in process group */ + ret = cap_set_pg(-pid, &effective, &inheritable, + &permitted); + } else { + ret = security_capset_check(target, &effective, &inheritable, + &permitted); + if (!ret) + security_capset_set(target, &effective, &inheritable, + &permitted); + } out: - read_unlock(&tasklist_lock); - spin_unlock(&task_capability_lock); + read_unlock(&tasklist_lock); + spin_unlock(&task_capability_lock); - return ret; + return ret; } int __capable(struct task_struct *t, int cap) |