1 /* 2 * Supplementary group IDs 3 */ 4 #include <linux/cred.h> 5 #include <linux/module.h> 6 #include <linux/slab.h> 7 #include <linux/security.h> 8 #include <linux/syscalls.h> 9 #include <asm/uaccess.h> 10 11 /* init to 2 - one for init_task, one to ensure it is never freed */ 12 struct group_info init_groups = { .usage = ATOMIC_INIT(2) }; 13 14 struct group_info *groups_alloc(int gidsetsize) 15 { 16 struct group_info *group_info; 17 int nblocks; 18 int i; 19 20 nblocks = (gidsetsize + NGROUPS_PER_BLOCK - 1) / NGROUPS_PER_BLOCK; 21 /* Make sure we always allocate at least one indirect block pointer */ 22 nblocks = nblocks ? : 1; 23 group_info = kmalloc(sizeof(*group_info) + nblocks*sizeof(gid_t *), GFP_USER); 24 if (!group_info) 25 return NULL; 26 group_info->ngroups = gidsetsize; 27 group_info->nblocks = nblocks; 28 atomic_set(&group_info->usage, 1); 29 30 if (gidsetsize <= NGROUPS_SMALL) 31 group_info->blocks[0] = group_info->small_block; 32 else { 33 for (i = 0; i < nblocks; i++) { 34 gid_t *b; 35 b = (void *)__get_free_page(GFP_USER); 36 if (!b) 37 goto out_undo_partial_alloc; 38 group_info->blocks[i] = b; 39 } 40 } 41 return group_info; 42 43 out_undo_partial_alloc: 44 while (--i >= 0) { 45 free_page((unsigned long)group_info->blocks[i]); 46 } 47 kfree(group_info); 48 return NULL; 49 } 50 51 EXPORT_SYMBOL(groups_alloc); 52 53 void groups_free(struct group_info *group_info) 54 { 55 if (group_info->blocks[0] != group_info->small_block) { 56 int i; 57 for (i = 0; i < group_info->nblocks; i++) 58 free_page((unsigned long)group_info->blocks[i]); 59 } 60 kfree(group_info); 61 } 62 63 EXPORT_SYMBOL(groups_free); 64 65 /* export the group_info to a user-space array */ 66 static int groups_to_user(gid_t __user *grouplist, 67 const struct group_info *group_info) 68 { 69 int i; 70 unsigned int count = group_info->ngroups; 71 72 for (i = 0; i < group_info->nblocks; i++) { 73 unsigned int cp_count = min(NGROUPS_PER_BLOCK, count); 74 unsigned int len = cp_count * sizeof(*grouplist); 75 76 if (copy_to_user(grouplist, group_info->blocks[i], len)) 77 return -EFAULT; 78 79 grouplist += NGROUPS_PER_BLOCK; 80 count -= cp_count; 81 } 82 return 0; 83 } 84 85 /* fill a group_info from a user-space array - it must be allocated already */ 86 static int groups_from_user(struct group_info *group_info, 87 gid_t __user *grouplist) 88 { 89 int i; 90 unsigned int count = group_info->ngroups; 91 92 for (i = 0; i < group_info->nblocks; i++) { 93 unsigned int cp_count = min(NGROUPS_PER_BLOCK, count); 94 unsigned int len = cp_count * sizeof(*grouplist); 95 96 if (copy_from_user(group_info->blocks[i], grouplist, len)) 97 return -EFAULT; 98 99 grouplist += NGROUPS_PER_BLOCK; 100 count -= cp_count; 101 } 102 return 0; 103 } 104 105 /* a simple Shell sort */ 106 static void groups_sort(struct group_info *group_info) 107 { 108 int base, max, stride; 109 int gidsetsize = group_info->ngroups; 110 111 for (stride = 1; stride < gidsetsize; stride = 3 * stride + 1) 112 ; /* nothing */ 113 stride /= 3; 114 115 while (stride) { 116 max = gidsetsize - stride; 117 for (base = 0; base < max; base++) { 118 int left = base; 119 int right = left + stride; 120 gid_t tmp = GROUP_AT(group_info, right); 121 122 while (left >= 0 && GROUP_AT(group_info, left) > tmp) { 123 GROUP_AT(group_info, right) = 124 GROUP_AT(group_info, left); 125 right = left; 126 left -= stride; 127 } 128 GROUP_AT(group_info, right) = tmp; 129 } 130 stride /= 3; 131 } 132 } 133 134 /* a simple bsearch */ 135 int groups_search(const struct group_info *group_info, gid_t grp) 136 { 137 unsigned int left, right; 138 139 if (!group_info) 140 return 0; 141 142 left = 0; 143 right = group_info->ngroups; 144 while (left < right) { 145 unsigned int mid = (left+right)/2; 146 int cmp = grp - GROUP_AT(group_info, mid); 147 if (cmp > 0) 148 left = mid + 1; 149 else if (cmp < 0) 150 right = mid; 151 else 152 return 1; 153 } 154 return 0; 155 } 156 157 /** 158 * set_groups - Change a group subscription in a set of credentials 159 * @new: The newly prepared set of credentials to alter 160 * @group_info: The group list to install 161 * 162 * Validate a group subscription and, if valid, insert it into a set 163 * of credentials. 164 */ 165 int set_groups(struct cred *new, struct group_info *group_info) 166 { 167 put_group_info(new->group_info); 168 groups_sort(group_info); 169 get_group_info(group_info); 170 new->group_info = group_info; 171 return 0; 172 } 173 174 EXPORT_SYMBOL(set_groups); 175 176 /** 177 * set_current_groups - Change current's group subscription 178 * @group_info: The group list to impose 179 * 180 * Validate a group subscription and, if valid, impose it upon current's task 181 * security record. 182 */ 183 int set_current_groups(struct group_info *group_info) 184 { 185 struct cred *new; 186 int ret; 187 188 new = prepare_creds(); 189 if (!new) 190 return -ENOMEM; 191 192 ret = set_groups(new, group_info); 193 if (ret < 0) { 194 abort_creds(new); 195 return ret; 196 } 197 198 return commit_creds(new); 199 } 200 201 EXPORT_SYMBOL(set_current_groups); 202 203 SYSCALL_DEFINE2(getgroups, int, gidsetsize, gid_t __user *, grouplist) 204 { 205 const struct cred *cred = current_cred(); 206 int i; 207 208 if (gidsetsize < 0) 209 return -EINVAL; 210 211 /* no need to grab task_lock here; it cannot change */ 212 i = cred->group_info->ngroups; 213 if (gidsetsize) { 214 if (i > gidsetsize) { 215 i = -EINVAL; 216 goto out; 217 } 218 if (groups_to_user(grouplist, cred->group_info)) { 219 i = -EFAULT; 220 goto out; 221 } 222 } 223 out: 224 return i; 225 } 226 227 /* 228 * SMP: Our groups are copy-on-write. We can set them safely 229 * without another task interfering. 230 */ 231 232 SYSCALL_DEFINE2(setgroups, int, gidsetsize, gid_t __user *, grouplist) 233 { 234 struct group_info *group_info; 235 int retval; 236 237 if (!capable(CAP_SETGID)) 238 return -EPERM; 239 if ((unsigned)gidsetsize > NGROUPS_MAX) 240 return -EINVAL; 241 242 group_info = groups_alloc(gidsetsize); 243 if (!group_info) 244 return -ENOMEM; 245 retval = groups_from_user(group_info, grouplist); 246 if (retval) { 247 put_group_info(group_info); 248 return retval; 249 } 250 251 retval = set_current_groups(group_info); 252 put_group_info(group_info); 253 254 return retval; 255 } 256 257 /* 258 * Check whether we're fsgid/egid or in the supplemental group.. 259 */ 260 int in_group_p(gid_t grp) 261 { 262 const struct cred *cred = current_cred(); 263 int retval = 1; 264 265 if (grp != cred->fsgid) 266 retval = groups_search(cred->group_info, grp); 267 return retval; 268 } 269 270 EXPORT_SYMBOL(in_group_p); 271 272 int in_egroup_p(gid_t grp) 273 { 274 const struct cred *cred = current_cred(); 275 int retval = 1; 276 277 if (grp != cred->egid) 278 retval = groups_search(cred->group_info, grp); 279 return retval; 280 } 281 282 EXPORT_SYMBOL(in_egroup_p); 283