10 #include <linux/capability.h>
11 #include <linux/audit.h>
12 #include <linux/module.h>
14 #include <linux/kernel.h>
18 #include <linux/mman.h>
22 #include <linux/netlink.h>
23 #include <linux/ptrace.h>
24 #include <linux/xattr.h>
27 #include <linux/sched.h>
29 #include <linux/securebits.h>
31 #include <linux/binfmts.h>
32 #include <linux/personality.h>
45 static void warn_setuid_and_fcaps_mixed(
const char *
fname)
50 " effective capabilities. Therefore not raising all"
51 " capabilities.\n", fname);
135 const struct cred *
cred, *child_cred;
167 const struct cred *
cred, *child_cred;
212 static inline int cap_inh_is_capped(
void)
237 const struct cred *old,
242 if (cap_inh_is_capped() &&
243 !cap_issubset(*inheritable,
249 if (!cap_issubset(*inheritable,
260 if (!cap_issubset(*effective, *permitted))
263 new->cap_effective = *effective;
264 new->cap_inheritable = *inheritable;
265 new->cap_permitted = *permitted;
272 static inline void bprm_clear_caps(
struct linux_binprm *bprm)
294 if (!inode->
i_op->getxattr)
315 if (!inode->
i_op->removexattr)
347 new->cap_permitted.cap[
i] =
348 (
new->cap_bset.cap[
i] & permitted) |
349 (new->cap_inheritable.cap[i] & inheritable);
351 if (permitted & ~new->cap_permitted.cap[i])
361 return *effective ? ret : 0;
377 if (!inode || !inode->
i_op->getxattr)
388 if (size <
sizeof(magic_etc))
423 static int get_file_caps(
struct linux_binprm *bprm,
bool *effective,
bool *has_cap)
429 bprm_clear_caps(bprm);
437 dentry = dget(bprm->
file->f_dentry);
449 rc = bprm_caps_from_vfs_caps(&vcaps, bprm, effective, has_cap);
457 bprm_clear_caps(bprm);
474 bool effective, has_cap =
false;
479 ret = get_file_caps(bprm, &effective, &has_cap);
491 if (has_cap && !uid_eq(new->uid, root_uid) && uid_eq(new->euid, root_uid)) {
492 warn_setuid_and_fcaps_mixed(bprm->
filename);
502 if (uid_eq(new->euid, root_uid) || uid_eq(new->uid, root_uid)) {
504 new->cap_permitted = cap_combine(old->
cap_bset,
507 if (uid_eq(new->euid, root_uid))
522 if ((!uid_eq(new->euid, old->
uid) ||
523 !gid_eq(new->egid, old->
gid) ||
529 new->euid =
new->uid;
530 new->egid =
new->gid;
532 new->cap_permitted = cap_intersect(new->cap_permitted,
536 new->suid =
new->fsuid =
new->euid;
537 new->sgid =
new->fsgid =
new->egid;
540 new->cap_effective =
new->cap_permitted;
557 if (!cap_isclear(new->cap_effective)) {
558 if (!cap_issubset(CAP_FULL_SET, new->cap_effective) ||
559 !uid_eq(new->euid, root_uid) || !uid_eq(new->uid, root_uid) ||
561 ret = audit_log_bprm_fcaps(bprm,
new, old);
586 if (!uid_eq(cred->
uid, root_uid)) {
593 return (!uid_eq(cred->
euid, cred->
uid) ||
594 !gid_eq(cred->
egid, cred->
gid));
682 static inline void cap_emulate_setxuid(
struct cred *
new,
const struct cred *old)
686 if ((uid_eq(old->
uid, root_uid) ||
687 uid_eq(old->
euid, root_uid) ||
688 uid_eq(old->
suid, root_uid)) &&
689 (!uid_eq(new->uid, root_uid) &&
690 !uid_eq(new->euid, root_uid) &&
691 !uid_eq(new->suid, root_uid)) &&
696 if (uid_eq(old->
euid, root_uid) && !uid_eq(new->euid, root_uid))
698 if (!uid_eq(old->
euid, root_uid) && uid_eq(new->euid, root_uid))
699 new->cap_effective =
new->cap_permitted;
720 cap_emulate_setxuid(
new, old);
732 if (uid_eq(old->
fsuid, root_uid) && !uid_eq(new->fsuid, root_uid))
734 cap_drop_fs_set(new->cap_effective);
736 if (!uid_eq(old->
fsuid, root_uid) && uid_eq(new->fsuid, root_uid))
738 cap_raise_fs_set(new->cap_effective,
783 return cap_safe_nice(p);
796 return cap_safe_nice(p);
809 return cap_safe_nice(p);
816 static long cap_prctl_drop(
struct cred *
new,
unsigned long cap)
840 unsigned long arg4,
unsigned long arg5)
858 error = cap_prctl_drop(
new, arg2);
885 & (new->securebits ^ arg2))
901 new->securebits =
arg2;
905 error =
new->securebits;
952 int cap_sys_admin = 0;
984 unsigned long prot,
unsigned long flags)