xref: /openbmc/linux/kernel/sys.c (revision b6dcefde)
1  /*
2   *  linux/kernel/sys.c
3   *
4   *  Copyright (C) 1991, 1992  Linus Torvalds
5   */
6  
7  #include <linux/module.h>
8  #include <linux/mm.h>
9  #include <linux/utsname.h>
10  #include <linux/mman.h>
11  #include <linux/notifier.h>
12  #include <linux/reboot.h>
13  #include <linux/prctl.h>
14  #include <linux/highuid.h>
15  #include <linux/fs.h>
16  #include <linux/perf_event.h>
17  #include <linux/resource.h>
18  #include <linux/kernel.h>
19  #include <linux/kexec.h>
20  #include <linux/workqueue.h>
21  #include <linux/capability.h>
22  #include <linux/device.h>
23  #include <linux/key.h>
24  #include <linux/times.h>
25  #include <linux/posix-timers.h>
26  #include <linux/security.h>
27  #include <linux/dcookies.h>
28  #include <linux/suspend.h>
29  #include <linux/tty.h>
30  #include <linux/signal.h>
31  #include <linux/cn_proc.h>
32  #include <linux/getcpu.h>
33  #include <linux/task_io_accounting_ops.h>
34  #include <linux/seccomp.h>
35  #include <linux/cpu.h>
36  #include <linux/ptrace.h>
37  #include <linux/fs_struct.h>
38  
39  #include <linux/compat.h>
40  #include <linux/syscalls.h>
41  #include <linux/kprobes.h>
42  #include <linux/user_namespace.h>
43  
44  #include <asm/uaccess.h>
45  #include <asm/io.h>
46  #include <asm/unistd.h>
47  
48  #ifndef SET_UNALIGN_CTL
49  # define SET_UNALIGN_CTL(a,b)	(-EINVAL)
50  #endif
51  #ifndef GET_UNALIGN_CTL
52  # define GET_UNALIGN_CTL(a,b)	(-EINVAL)
53  #endif
54  #ifndef SET_FPEMU_CTL
55  # define SET_FPEMU_CTL(a,b)	(-EINVAL)
56  #endif
57  #ifndef GET_FPEMU_CTL
58  # define GET_FPEMU_CTL(a,b)	(-EINVAL)
59  #endif
60  #ifndef SET_FPEXC_CTL
61  # define SET_FPEXC_CTL(a,b)	(-EINVAL)
62  #endif
63  #ifndef GET_FPEXC_CTL
64  # define GET_FPEXC_CTL(a,b)	(-EINVAL)
65  #endif
66  #ifndef GET_ENDIAN
67  # define GET_ENDIAN(a,b)	(-EINVAL)
68  #endif
69  #ifndef SET_ENDIAN
70  # define SET_ENDIAN(a,b)	(-EINVAL)
71  #endif
72  #ifndef GET_TSC_CTL
73  # define GET_TSC_CTL(a)		(-EINVAL)
74  #endif
75  #ifndef SET_TSC_CTL
76  # define SET_TSC_CTL(a)		(-EINVAL)
77  #endif
78  
79  /*
80   * this is where the system-wide overflow UID and GID are defined, for
81   * architectures that now have 32-bit UID/GID but didn't in the past
82   */
83  
84  int overflowuid = DEFAULT_OVERFLOWUID;
85  int overflowgid = DEFAULT_OVERFLOWGID;
86  
87  #ifdef CONFIG_UID16
88  EXPORT_SYMBOL(overflowuid);
89  EXPORT_SYMBOL(overflowgid);
90  #endif
91  
92  /*
93   * the same as above, but for filesystems which can only store a 16-bit
94   * UID and GID. as such, this is needed on all architectures
95   */
96  
97  int fs_overflowuid = DEFAULT_FS_OVERFLOWUID;
98  int fs_overflowgid = DEFAULT_FS_OVERFLOWUID;
99  
100  EXPORT_SYMBOL(fs_overflowuid);
101  EXPORT_SYMBOL(fs_overflowgid);
102  
103  /*
104   * this indicates whether you can reboot with ctrl-alt-del: the default is yes
105   */
106  
107  int C_A_D = 1;
108  struct pid *cad_pid;
109  EXPORT_SYMBOL(cad_pid);
110  
111  /*
112   * If set, this is used for preparing the system to power off.
113   */
114  
115  void (*pm_power_off_prepare)(void);
116  
117  /*
118   * set the priority of a task
119   * - the caller must hold the RCU read lock
120   */
121  static int set_one_prio(struct task_struct *p, int niceval, int error)
122  {
123  	const struct cred *cred = current_cred(), *pcred = __task_cred(p);
124  	int no_nice;
125  
126  	if (pcred->uid  != cred->euid &&
127  	    pcred->euid != cred->euid && !capable(CAP_SYS_NICE)) {
128  		error = -EPERM;
129  		goto out;
130  	}
131  	if (niceval < task_nice(p) && !can_nice(p, niceval)) {
132  		error = -EACCES;
133  		goto out;
134  	}
135  	no_nice = security_task_setnice(p, niceval);
136  	if (no_nice) {
137  		error = no_nice;
138  		goto out;
139  	}
140  	if (error == -ESRCH)
141  		error = 0;
142  	set_user_nice(p, niceval);
143  out:
144  	return error;
145  }
146  
147  SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
148  {
149  	struct task_struct *g, *p;
150  	struct user_struct *user;
151  	const struct cred *cred = current_cred();
152  	int error = -EINVAL;
153  	struct pid *pgrp;
154  
155  	if (which > PRIO_USER || which < PRIO_PROCESS)
156  		goto out;
157  
158  	/* normalize: avoid signed division (rounding problems) */
159  	error = -ESRCH;
160  	if (niceval < -20)
161  		niceval = -20;
162  	if (niceval > 19)
163  		niceval = 19;
164  
165  	rcu_read_lock();
166  	read_lock(&tasklist_lock);
167  	switch (which) {
168  		case PRIO_PROCESS:
169  			if (who)
170  				p = find_task_by_vpid(who);
171  			else
172  				p = current;
173  			if (p)
174  				error = set_one_prio(p, niceval, error);
175  			break;
176  		case PRIO_PGRP:
177  			if (who)
178  				pgrp = find_vpid(who);
179  			else
180  				pgrp = task_pgrp(current);
181  			do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
182  				error = set_one_prio(p, niceval, error);
183  			} while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
184  			break;
185  		case PRIO_USER:
186  			user = (struct user_struct *) cred->user;
187  			if (!who)
188  				who = cred->uid;
189  			else if ((who != cred->uid) &&
190  				 !(user = find_user(who)))
191  				goto out_unlock;	/* No processes for this user */
192  
193  			do_each_thread(g, p) {
194  				if (__task_cred(p)->uid == who)
195  					error = set_one_prio(p, niceval, error);
196  			} while_each_thread(g, p);
197  			if (who != cred->uid)
198  				free_uid(user);		/* For find_user() */
199  			break;
200  	}
201  out_unlock:
202  	read_unlock(&tasklist_lock);
203  	rcu_read_unlock();
204  out:
205  	return error;
206  }
207  
208  /*
209   * Ugh. To avoid negative return values, "getpriority()" will
210   * not return the normal nice-value, but a negated value that
211   * has been offset by 20 (ie it returns 40..1 instead of -20..19)
212   * to stay compatible.
213   */
214  SYSCALL_DEFINE2(getpriority, int, which, int, who)
215  {
216  	struct task_struct *g, *p;
217  	struct user_struct *user;
218  	const struct cred *cred = current_cred();
219  	long niceval, retval = -ESRCH;
220  	struct pid *pgrp;
221  
222  	if (which > PRIO_USER || which < PRIO_PROCESS)
223  		return -EINVAL;
224  
225  	rcu_read_lock();
226  	read_lock(&tasklist_lock);
227  	switch (which) {
228  		case PRIO_PROCESS:
229  			if (who)
230  				p = find_task_by_vpid(who);
231  			else
232  				p = current;
233  			if (p) {
234  				niceval = 20 - task_nice(p);
235  				if (niceval > retval)
236  					retval = niceval;
237  			}
238  			break;
239  		case PRIO_PGRP:
240  			if (who)
241  				pgrp = find_vpid(who);
242  			else
243  				pgrp = task_pgrp(current);
244  			do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
245  				niceval = 20 - task_nice(p);
246  				if (niceval > retval)
247  					retval = niceval;
248  			} while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
249  			break;
250  		case PRIO_USER:
251  			user = (struct user_struct *) cred->user;
252  			if (!who)
253  				who = cred->uid;
254  			else if ((who != cred->uid) &&
255  				 !(user = find_user(who)))
256  				goto out_unlock;	/* No processes for this user */
257  
258  			do_each_thread(g, p) {
259  				if (__task_cred(p)->uid == who) {
260  					niceval = 20 - task_nice(p);
261  					if (niceval > retval)
262  						retval = niceval;
263  				}
264  			} while_each_thread(g, p);
265  			if (who != cred->uid)
266  				free_uid(user);		/* for find_user() */
267  			break;
268  	}
269  out_unlock:
270  	read_unlock(&tasklist_lock);
271  	rcu_read_unlock();
272  
273  	return retval;
274  }
275  
276  /**
277   *	emergency_restart - reboot the system
278   *
279   *	Without shutting down any hardware or taking any locks
280   *	reboot the system.  This is called when we know we are in
281   *	trouble so this is our best effort to reboot.  This is
282   *	safe to call in interrupt context.
283   */
284  void emergency_restart(void)
285  {
286  	machine_emergency_restart();
287  }
288  EXPORT_SYMBOL_GPL(emergency_restart);
289  
290  void kernel_restart_prepare(char *cmd)
291  {
292  	blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
293  	system_state = SYSTEM_RESTART;
294  	device_shutdown();
295  	sysdev_shutdown();
296  }
297  
298  /**
299   *	kernel_restart - reboot the system
300   *	@cmd: pointer to buffer containing command to execute for restart
301   *		or %NULL
302   *
303   *	Shutdown everything and perform a clean reboot.
304   *	This is not safe to call in interrupt context.
305   */
306  void kernel_restart(char *cmd)
307  {
308  	kernel_restart_prepare(cmd);
309  	if (!cmd)
310  		printk(KERN_EMERG "Restarting system.\n");
311  	else
312  		printk(KERN_EMERG "Restarting system with command '%s'.\n", cmd);
313  	machine_restart(cmd);
314  }
315  EXPORT_SYMBOL_GPL(kernel_restart);
316  
317  static void kernel_shutdown_prepare(enum system_states state)
318  {
319  	blocking_notifier_call_chain(&reboot_notifier_list,
320  		(state == SYSTEM_HALT)?SYS_HALT:SYS_POWER_OFF, NULL);
321  	system_state = state;
322  	device_shutdown();
323  }
324  /**
325   *	kernel_halt - halt the system
326   *
327   *	Shutdown everything and perform a clean system halt.
328   */
329  void kernel_halt(void)
330  {
331  	kernel_shutdown_prepare(SYSTEM_HALT);
332  	sysdev_shutdown();
333  	printk(KERN_EMERG "System halted.\n");
334  	machine_halt();
335  }
336  
337  EXPORT_SYMBOL_GPL(kernel_halt);
338  
339  /**
340   *	kernel_power_off - power_off the system
341   *
342   *	Shutdown everything and perform a clean system power_off.
343   */
344  void kernel_power_off(void)
345  {
346  	kernel_shutdown_prepare(SYSTEM_POWER_OFF);
347  	if (pm_power_off_prepare)
348  		pm_power_off_prepare();
349  	disable_nonboot_cpus();
350  	sysdev_shutdown();
351  	printk(KERN_EMERG "Power down.\n");
352  	machine_power_off();
353  }
354  EXPORT_SYMBOL_GPL(kernel_power_off);
355  
356  static DEFINE_MUTEX(reboot_mutex);
357  
358  /*
359   * Reboot system call: for obvious reasons only root may call it,
360   * and even root needs to set up some magic numbers in the registers
361   * so that some mistake won't make this reboot the whole machine.
362   * You can also set the meaning of the ctrl-alt-del-key here.
363   *
364   * reboot doesn't sync: do that yourself before calling this.
365   */
366  SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd,
367  		void __user *, arg)
368  {
369  	char buffer[256];
370  	int ret = 0;
371  
372  	/* We only trust the superuser with rebooting the system. */
373  	if (!capable(CAP_SYS_BOOT))
374  		return -EPERM;
375  
376  	/* For safety, we require "magic" arguments. */
377  	if (magic1 != LINUX_REBOOT_MAGIC1 ||
378  	    (magic2 != LINUX_REBOOT_MAGIC2 &&
379  	                magic2 != LINUX_REBOOT_MAGIC2A &&
380  			magic2 != LINUX_REBOOT_MAGIC2B &&
381  	                magic2 != LINUX_REBOOT_MAGIC2C))
382  		return -EINVAL;
383  
384  	/* Instead of trying to make the power_off code look like
385  	 * halt when pm_power_off is not set do it the easy way.
386  	 */
387  	if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
388  		cmd = LINUX_REBOOT_CMD_HALT;
389  
390  	mutex_lock(&reboot_mutex);
391  	switch (cmd) {
392  	case LINUX_REBOOT_CMD_RESTART:
393  		kernel_restart(NULL);
394  		break;
395  
396  	case LINUX_REBOOT_CMD_CAD_ON:
397  		C_A_D = 1;
398  		break;
399  
400  	case LINUX_REBOOT_CMD_CAD_OFF:
401  		C_A_D = 0;
402  		break;
403  
404  	case LINUX_REBOOT_CMD_HALT:
405  		kernel_halt();
406  		do_exit(0);
407  		panic("cannot halt");
408  
409  	case LINUX_REBOOT_CMD_POWER_OFF:
410  		kernel_power_off();
411  		do_exit(0);
412  		break;
413  
414  	case LINUX_REBOOT_CMD_RESTART2:
415  		if (strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1) < 0) {
416  			ret = -EFAULT;
417  			break;
418  		}
419  		buffer[sizeof(buffer) - 1] = '\0';
420  
421  		kernel_restart(buffer);
422  		break;
423  
424  #ifdef CONFIG_KEXEC
425  	case LINUX_REBOOT_CMD_KEXEC:
426  		ret = kernel_kexec();
427  		break;
428  #endif
429  
430  #ifdef CONFIG_HIBERNATION
431  	case LINUX_REBOOT_CMD_SW_SUSPEND:
432  		ret = hibernate();
433  		break;
434  #endif
435  
436  	default:
437  		ret = -EINVAL;
438  		break;
439  	}
440  	mutex_unlock(&reboot_mutex);
441  	return ret;
442  }
443  
444  static void deferred_cad(struct work_struct *dummy)
445  {
446  	kernel_restart(NULL);
447  }
448  
449  /*
450   * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
451   * As it's called within an interrupt, it may NOT sync: the only choice
452   * is whether to reboot at once, or just ignore the ctrl-alt-del.
453   */
454  void ctrl_alt_del(void)
455  {
456  	static DECLARE_WORK(cad_work, deferred_cad);
457  
458  	if (C_A_D)
459  		schedule_work(&cad_work);
460  	else
461  		kill_cad_pid(SIGINT, 1);
462  }
463  
464  /*
465   * Unprivileged users may change the real gid to the effective gid
466   * or vice versa.  (BSD-style)
467   *
468   * If you set the real gid at all, or set the effective gid to a value not
469   * equal to the real gid, then the saved gid is set to the new effective gid.
470   *
471   * This makes it possible for a setgid program to completely drop its
472   * privileges, which is often a useful assertion to make when you are doing
473   * a security audit over a program.
474   *
475   * The general idea is that a program which uses just setregid() will be
476   * 100% compatible with BSD.  A program which uses just setgid() will be
477   * 100% compatible with POSIX with saved IDs.
478   *
479   * SMP: There are not races, the GIDs are checked only by filesystem
480   *      operations (as far as semantic preservation is concerned).
481   */
482  SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid)
483  {
484  	const struct cred *old;
485  	struct cred *new;
486  	int retval;
487  
488  	new = prepare_creds();
489  	if (!new)
490  		return -ENOMEM;
491  	old = current_cred();
492  
493  	retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
494  	if (retval)
495  		goto error;
496  
497  	retval = -EPERM;
498  	if (rgid != (gid_t) -1) {
499  		if (old->gid == rgid ||
500  		    old->egid == rgid ||
501  		    capable(CAP_SETGID))
502  			new->gid = rgid;
503  		else
504  			goto error;
505  	}
506  	if (egid != (gid_t) -1) {
507  		if (old->gid == egid ||
508  		    old->egid == egid ||
509  		    old->sgid == egid ||
510  		    capable(CAP_SETGID))
511  			new->egid = egid;
512  		else
513  			goto error;
514  	}
515  
516  	if (rgid != (gid_t) -1 ||
517  	    (egid != (gid_t) -1 && egid != old->gid))
518  		new->sgid = new->egid;
519  	new->fsgid = new->egid;
520  
521  	return commit_creds(new);
522  
523  error:
524  	abort_creds(new);
525  	return retval;
526  }
527  
528  /*
529   * setgid() is implemented like SysV w/ SAVED_IDS
530   *
531   * SMP: Same implicit races as above.
532   */
533  SYSCALL_DEFINE1(setgid, gid_t, gid)
534  {
535  	const struct cred *old;
536  	struct cred *new;
537  	int retval;
538  
539  	new = prepare_creds();
540  	if (!new)
541  		return -ENOMEM;
542  	old = current_cred();
543  
544  	retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
545  	if (retval)
546  		goto error;
547  
548  	retval = -EPERM;
549  	if (capable(CAP_SETGID))
550  		new->gid = new->egid = new->sgid = new->fsgid = gid;
551  	else if (gid == old->gid || gid == old->sgid)
552  		new->egid = new->fsgid = gid;
553  	else
554  		goto error;
555  
556  	return commit_creds(new);
557  
558  error:
559  	abort_creds(new);
560  	return retval;
561  }
562  
563  /*
564   * change the user struct in a credentials set to match the new UID
565   */
566  static int set_user(struct cred *new)
567  {
568  	struct user_struct *new_user;
569  
570  	new_user = alloc_uid(current_user_ns(), new->uid);
571  	if (!new_user)
572  		return -EAGAIN;
573  
574  	if (!task_can_switch_user(new_user, current)) {
575  		free_uid(new_user);
576  		return -EINVAL;
577  	}
578  
579  	if (atomic_read(&new_user->processes) >=
580  				current->signal->rlim[RLIMIT_NPROC].rlim_cur &&
581  			new_user != INIT_USER) {
582  		free_uid(new_user);
583  		return -EAGAIN;
584  	}
585  
586  	free_uid(new->user);
587  	new->user = new_user;
588  	return 0;
589  }
590  
591  /*
592   * Unprivileged users may change the real uid to the effective uid
593   * or vice versa.  (BSD-style)
594   *
595   * If you set the real uid at all, or set the effective uid to a value not
596   * equal to the real uid, then the saved uid is set to the new effective uid.
597   *
598   * This makes it possible for a setuid program to completely drop its
599   * privileges, which is often a useful assertion to make when you are doing
600   * a security audit over a program.
601   *
602   * The general idea is that a program which uses just setreuid() will be
603   * 100% compatible with BSD.  A program which uses just setuid() will be
604   * 100% compatible with POSIX with saved IDs.
605   */
606  SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid)
607  {
608  	const struct cred *old;
609  	struct cred *new;
610  	int retval;
611  
612  	new = prepare_creds();
613  	if (!new)
614  		return -ENOMEM;
615  	old = current_cred();
616  
617  	retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
618  	if (retval)
619  		goto error;
620  
621  	retval = -EPERM;
622  	if (ruid != (uid_t) -1) {
623  		new->uid = ruid;
624  		if (old->uid != ruid &&
625  		    old->euid != ruid &&
626  		    !capable(CAP_SETUID))
627  			goto error;
628  	}
629  
630  	if (euid != (uid_t) -1) {
631  		new->euid = euid;
632  		if (old->uid != euid &&
633  		    old->euid != euid &&
634  		    old->suid != euid &&
635  		    !capable(CAP_SETUID))
636  			goto error;
637  	}
638  
639  	if (new->uid != old->uid) {
640  		retval = set_user(new);
641  		if (retval < 0)
642  			goto error;
643  	}
644  	if (ruid != (uid_t) -1 ||
645  	    (euid != (uid_t) -1 && euid != old->uid))
646  		new->suid = new->euid;
647  	new->fsuid = new->euid;
648  
649  	retval = security_task_fix_setuid(new, old, LSM_SETID_RE);
650  	if (retval < 0)
651  		goto error;
652  
653  	return commit_creds(new);
654  
655  error:
656  	abort_creds(new);
657  	return retval;
658  }
659  
660  /*
661   * setuid() is implemented like SysV with SAVED_IDS
662   *
663   * Note that SAVED_ID's is deficient in that a setuid root program
664   * like sendmail, for example, cannot set its uid to be a normal
665   * user and then switch back, because if you're root, setuid() sets
666   * the saved uid too.  If you don't like this, blame the bright people
667   * in the POSIX committee and/or USG.  Note that the BSD-style setreuid()
668   * will allow a root program to temporarily drop privileges and be able to
669   * regain them by swapping the real and effective uid.
670   */
671  SYSCALL_DEFINE1(setuid, uid_t, uid)
672  {
673  	const struct cred *old;
674  	struct cred *new;
675  	int retval;
676  
677  	new = prepare_creds();
678  	if (!new)
679  		return -ENOMEM;
680  	old = current_cred();
681  
682  	retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
683  	if (retval)
684  		goto error;
685  
686  	retval = -EPERM;
687  	if (capable(CAP_SETUID)) {
688  		new->suid = new->uid = uid;
689  		if (uid != old->uid) {
690  			retval = set_user(new);
691  			if (retval < 0)
692  				goto error;
693  		}
694  	} else if (uid != old->uid && uid != new->suid) {
695  		goto error;
696  	}
697  
698  	new->fsuid = new->euid = uid;
699  
700  	retval = security_task_fix_setuid(new, old, LSM_SETID_ID);
701  	if (retval < 0)
702  		goto error;
703  
704  	return commit_creds(new);
705  
706  error:
707  	abort_creds(new);
708  	return retval;
709  }
710  
711  
712  /*
713   * This function implements a generic ability to update ruid, euid,
714   * and suid.  This allows you to implement the 4.4 compatible seteuid().
715   */
716  SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid)
717  {
718  	const struct cred *old;
719  	struct cred *new;
720  	int retval;
721  
722  	new = prepare_creds();
723  	if (!new)
724  		return -ENOMEM;
725  
726  	retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES);
727  	if (retval)
728  		goto error;
729  	old = current_cred();
730  
731  	retval = -EPERM;
732  	if (!capable(CAP_SETUID)) {
733  		if (ruid != (uid_t) -1 && ruid != old->uid &&
734  		    ruid != old->euid  && ruid != old->suid)
735  			goto error;
736  		if (euid != (uid_t) -1 && euid != old->uid &&
737  		    euid != old->euid  && euid != old->suid)
738  			goto error;
739  		if (suid != (uid_t) -1 && suid != old->uid &&
740  		    suid != old->euid  && suid != old->suid)
741  			goto error;
742  	}
743  
744  	if (ruid != (uid_t) -1) {
745  		new->uid = ruid;
746  		if (ruid != old->uid) {
747  			retval = set_user(new);
748  			if (retval < 0)
749  				goto error;
750  		}
751  	}
752  	if (euid != (uid_t) -1)
753  		new->euid = euid;
754  	if (suid != (uid_t) -1)
755  		new->suid = suid;
756  	new->fsuid = new->euid;
757  
758  	retval = security_task_fix_setuid(new, old, LSM_SETID_RES);
759  	if (retval < 0)
760  		goto error;
761  
762  	return commit_creds(new);
763  
764  error:
765  	abort_creds(new);
766  	return retval;
767  }
768  
769  SYSCALL_DEFINE3(getresuid, uid_t __user *, ruid, uid_t __user *, euid, uid_t __user *, suid)
770  {
771  	const struct cred *cred = current_cred();
772  	int retval;
773  
774  	if (!(retval   = put_user(cred->uid,  ruid)) &&
775  	    !(retval   = put_user(cred->euid, euid)))
776  		retval = put_user(cred->suid, suid);
777  
778  	return retval;
779  }
780  
781  /*
782   * Same as above, but for rgid, egid, sgid.
783   */
784  SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid)
785  {
786  	const struct cred *old;
787  	struct cred *new;
788  	int retval;
789  
790  	new = prepare_creds();
791  	if (!new)
792  		return -ENOMEM;
793  	old = current_cred();
794  
795  	retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES);
796  	if (retval)
797  		goto error;
798  
799  	retval = -EPERM;
800  	if (!capable(CAP_SETGID)) {
801  		if (rgid != (gid_t) -1 && rgid != old->gid &&
802  		    rgid != old->egid  && rgid != old->sgid)
803  			goto error;
804  		if (egid != (gid_t) -1 && egid != old->gid &&
805  		    egid != old->egid  && egid != old->sgid)
806  			goto error;
807  		if (sgid != (gid_t) -1 && sgid != old->gid &&
808  		    sgid != old->egid  && sgid != old->sgid)
809  			goto error;
810  	}
811  
812  	if (rgid != (gid_t) -1)
813  		new->gid = rgid;
814  	if (egid != (gid_t) -1)
815  		new->egid = egid;
816  	if (sgid != (gid_t) -1)
817  		new->sgid = sgid;
818  	new->fsgid = new->egid;
819  
820  	return commit_creds(new);
821  
822  error:
823  	abort_creds(new);
824  	return retval;
825  }
826  
827  SYSCALL_DEFINE3(getresgid, gid_t __user *, rgid, gid_t __user *, egid, gid_t __user *, sgid)
828  {
829  	const struct cred *cred = current_cred();
830  	int retval;
831  
832  	if (!(retval   = put_user(cred->gid,  rgid)) &&
833  	    !(retval   = put_user(cred->egid, egid)))
834  		retval = put_user(cred->sgid, sgid);
835  
836  	return retval;
837  }
838  
839  
840  /*
841   * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
842   * is used for "access()" and for the NFS daemon (letting nfsd stay at
843   * whatever uid it wants to). It normally shadows "euid", except when
844   * explicitly set by setfsuid() or for access..
845   */
846  SYSCALL_DEFINE1(setfsuid, uid_t, uid)
847  {
848  	const struct cred *old;
849  	struct cred *new;
850  	uid_t old_fsuid;
851  
852  	new = prepare_creds();
853  	if (!new)
854  		return current_fsuid();
855  	old = current_cred();
856  	old_fsuid = old->fsuid;
857  
858  	if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS) < 0)
859  		goto error;
860  
861  	if (uid == old->uid  || uid == old->euid  ||
862  	    uid == old->suid || uid == old->fsuid ||
863  	    capable(CAP_SETUID)) {
864  		if (uid != old_fsuid) {
865  			new->fsuid = uid;
866  			if (security_task_fix_setuid(new, old, LSM_SETID_FS) == 0)
867  				goto change_okay;
868  		}
869  	}
870  
871  error:
872  	abort_creds(new);
873  	return old_fsuid;
874  
875  change_okay:
876  	commit_creds(new);
877  	return old_fsuid;
878  }
879  
880  /*
881   * Samma pÃ¥ svenska..
882   */
883  SYSCALL_DEFINE1(setfsgid, gid_t, gid)
884  {
885  	const struct cred *old;
886  	struct cred *new;
887  	gid_t old_fsgid;
888  
889  	new = prepare_creds();
890  	if (!new)
891  		return current_fsgid();
892  	old = current_cred();
893  	old_fsgid = old->fsgid;
894  
895  	if (security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS))
896  		goto error;
897  
898  	if (gid == old->gid  || gid == old->egid  ||
899  	    gid == old->sgid || gid == old->fsgid ||
900  	    capable(CAP_SETGID)) {
901  		if (gid != old_fsgid) {
902  			new->fsgid = gid;
903  			goto change_okay;
904  		}
905  	}
906  
907  error:
908  	abort_creds(new);
909  	return old_fsgid;
910  
911  change_okay:
912  	commit_creds(new);
913  	return old_fsgid;
914  }
915  
916  void do_sys_times(struct tms *tms)
917  {
918  	cputime_t tgutime, tgstime, cutime, cstime;
919  
920  	spin_lock_irq(&current->sighand->siglock);
921  	thread_group_times(current, &tgutime, &tgstime);
922  	cutime = current->signal->cutime;
923  	cstime = current->signal->cstime;
924  	spin_unlock_irq(&current->sighand->siglock);
925  	tms->tms_utime = cputime_to_clock_t(tgutime);
926  	tms->tms_stime = cputime_to_clock_t(tgstime);
927  	tms->tms_cutime = cputime_to_clock_t(cutime);
928  	tms->tms_cstime = cputime_to_clock_t(cstime);
929  }
930  
931  SYSCALL_DEFINE1(times, struct tms __user *, tbuf)
932  {
933  	if (tbuf) {
934  		struct tms tmp;
935  
936  		do_sys_times(&tmp);
937  		if (copy_to_user(tbuf, &tmp, sizeof(struct tms)))
938  			return -EFAULT;
939  	}
940  	force_successful_syscall_return();
941  	return (long) jiffies_64_to_clock_t(get_jiffies_64());
942  }
943  
944  /*
945   * This needs some heavy checking ...
946   * I just haven't the stomach for it. I also don't fully
947   * understand sessions/pgrp etc. Let somebody who does explain it.
948   *
949   * OK, I think I have the protection semantics right.... this is really
950   * only important on a multi-user system anyway, to make sure one user
951   * can't send a signal to a process owned by another.  -TYT, 12/12/91
952   *
953   * Auch. Had to add the 'did_exec' flag to conform completely to POSIX.
954   * LBT 04.03.94
955   */
956  SYSCALL_DEFINE2(setpgid, pid_t, pid, pid_t, pgid)
957  {
958  	struct task_struct *p;
959  	struct task_struct *group_leader = current->group_leader;
960  	struct pid *pgrp;
961  	int err;
962  
963  	if (!pid)
964  		pid = task_pid_vnr(group_leader);
965  	if (!pgid)
966  		pgid = pid;
967  	if (pgid < 0)
968  		return -EINVAL;
969  
970  	/* From this point forward we keep holding onto the tasklist lock
971  	 * so that our parent does not change from under us. -DaveM
972  	 */
973  	write_lock_irq(&tasklist_lock);
974  
975  	err = -ESRCH;
976  	p = find_task_by_vpid(pid);
977  	if (!p)
978  		goto out;
979  
980  	err = -EINVAL;
981  	if (!thread_group_leader(p))
982  		goto out;
983  
984  	if (same_thread_group(p->real_parent, group_leader)) {
985  		err = -EPERM;
986  		if (task_session(p) != task_session(group_leader))
987  			goto out;
988  		err = -EACCES;
989  		if (p->did_exec)
990  			goto out;
991  	} else {
992  		err = -ESRCH;
993  		if (p != group_leader)
994  			goto out;
995  	}
996  
997  	err = -EPERM;
998  	if (p->signal->leader)
999  		goto out;
1000  
1001  	pgrp = task_pid(p);
1002  	if (pgid != pid) {
1003  		struct task_struct *g;
1004  
1005  		pgrp = find_vpid(pgid);
1006  		g = pid_task(pgrp, PIDTYPE_PGID);
1007  		if (!g || task_session(g) != task_session(group_leader))
1008  			goto out;
1009  	}
1010  
1011  	err = security_task_setpgid(p, pgid);
1012  	if (err)
1013  		goto out;
1014  
1015  	if (task_pgrp(p) != pgrp)
1016  		change_pid(p, PIDTYPE_PGID, pgrp);
1017  
1018  	err = 0;
1019  out:
1020  	/* All paths lead to here, thus we are safe. -DaveM */
1021  	write_unlock_irq(&tasklist_lock);
1022  	return err;
1023  }
1024  
1025  SYSCALL_DEFINE1(getpgid, pid_t, pid)
1026  {
1027  	struct task_struct *p;
1028  	struct pid *grp;
1029  	int retval;
1030  
1031  	rcu_read_lock();
1032  	if (!pid)
1033  		grp = task_pgrp(current);
1034  	else {
1035  		retval = -ESRCH;
1036  		p = find_task_by_vpid(pid);
1037  		if (!p)
1038  			goto out;
1039  		grp = task_pgrp(p);
1040  		if (!grp)
1041  			goto out;
1042  
1043  		retval = security_task_getpgid(p);
1044  		if (retval)
1045  			goto out;
1046  	}
1047  	retval = pid_vnr(grp);
1048  out:
1049  	rcu_read_unlock();
1050  	return retval;
1051  }
1052  
1053  #ifdef __ARCH_WANT_SYS_GETPGRP
1054  
1055  SYSCALL_DEFINE0(getpgrp)
1056  {
1057  	return sys_getpgid(0);
1058  }
1059  
1060  #endif
1061  
1062  SYSCALL_DEFINE1(getsid, pid_t, pid)
1063  {
1064  	struct task_struct *p;
1065  	struct pid *sid;
1066  	int retval;
1067  
1068  	rcu_read_lock();
1069  	if (!pid)
1070  		sid = task_session(current);
1071  	else {
1072  		retval = -ESRCH;
1073  		p = find_task_by_vpid(pid);
1074  		if (!p)
1075  			goto out;
1076  		sid = task_session(p);
1077  		if (!sid)
1078  			goto out;
1079  
1080  		retval = security_task_getsid(p);
1081  		if (retval)
1082  			goto out;
1083  	}
1084  	retval = pid_vnr(sid);
1085  out:
1086  	rcu_read_unlock();
1087  	return retval;
1088  }
1089  
1090  SYSCALL_DEFINE0(setsid)
1091  {
1092  	struct task_struct *group_leader = current->group_leader;
1093  	struct pid *sid = task_pid(group_leader);
1094  	pid_t session = pid_vnr(sid);
1095  	int err = -EPERM;
1096  
1097  	write_lock_irq(&tasklist_lock);
1098  	/* Fail if I am already a session leader */
1099  	if (group_leader->signal->leader)
1100  		goto out;
1101  
1102  	/* Fail if a process group id already exists that equals the
1103  	 * proposed session id.
1104  	 */
1105  	if (pid_task(sid, PIDTYPE_PGID))
1106  		goto out;
1107  
1108  	group_leader->signal->leader = 1;
1109  	__set_special_pids(sid);
1110  
1111  	proc_clear_tty(group_leader);
1112  
1113  	err = session;
1114  out:
1115  	write_unlock_irq(&tasklist_lock);
1116  	if (err > 0)
1117  		proc_sid_connector(group_leader);
1118  	return err;
1119  }
1120  
1121  DECLARE_RWSEM(uts_sem);
1122  
1123  SYSCALL_DEFINE1(newuname, struct new_utsname __user *, name)
1124  {
1125  	int errno = 0;
1126  
1127  	down_read(&uts_sem);
1128  	if (copy_to_user(name, utsname(), sizeof *name))
1129  		errno = -EFAULT;
1130  	up_read(&uts_sem);
1131  	return errno;
1132  }
1133  
1134  SYSCALL_DEFINE2(sethostname, char __user *, name, int, len)
1135  {
1136  	int errno;
1137  	char tmp[__NEW_UTS_LEN];
1138  
1139  	if (!capable(CAP_SYS_ADMIN))
1140  		return -EPERM;
1141  	if (len < 0 || len > __NEW_UTS_LEN)
1142  		return -EINVAL;
1143  	down_write(&uts_sem);
1144  	errno = -EFAULT;
1145  	if (!copy_from_user(tmp, name, len)) {
1146  		struct new_utsname *u = utsname();
1147  
1148  		memcpy(u->nodename, tmp, len);
1149  		memset(u->nodename + len, 0, sizeof(u->nodename) - len);
1150  		errno = 0;
1151  	}
1152  	up_write(&uts_sem);
1153  	return errno;
1154  }
1155  
1156  #ifdef __ARCH_WANT_SYS_GETHOSTNAME
1157  
1158  SYSCALL_DEFINE2(gethostname, char __user *, name, int, len)
1159  {
1160  	int i, errno;
1161  	struct new_utsname *u;
1162  
1163  	if (len < 0)
1164  		return -EINVAL;
1165  	down_read(&uts_sem);
1166  	u = utsname();
1167  	i = 1 + strlen(u->nodename);
1168  	if (i > len)
1169  		i = len;
1170  	errno = 0;
1171  	if (copy_to_user(name, u->nodename, i))
1172  		errno = -EFAULT;
1173  	up_read(&uts_sem);
1174  	return errno;
1175  }
1176  
1177  #endif
1178  
1179  /*
1180   * Only setdomainname; getdomainname can be implemented by calling
1181   * uname()
1182   */
1183  SYSCALL_DEFINE2(setdomainname, char __user *, name, int, len)
1184  {
1185  	int errno;
1186  	char tmp[__NEW_UTS_LEN];
1187  
1188  	if (!capable(CAP_SYS_ADMIN))
1189  		return -EPERM;
1190  	if (len < 0 || len > __NEW_UTS_LEN)
1191  		return -EINVAL;
1192  
1193  	down_write(&uts_sem);
1194  	errno = -EFAULT;
1195  	if (!copy_from_user(tmp, name, len)) {
1196  		struct new_utsname *u = utsname();
1197  
1198  		memcpy(u->domainname, tmp, len);
1199  		memset(u->domainname + len, 0, sizeof(u->domainname) - len);
1200  		errno = 0;
1201  	}
1202  	up_write(&uts_sem);
1203  	return errno;
1204  }
1205  
1206  SYSCALL_DEFINE2(getrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1207  {
1208  	if (resource >= RLIM_NLIMITS)
1209  		return -EINVAL;
1210  	else {
1211  		struct rlimit value;
1212  		task_lock(current->group_leader);
1213  		value = current->signal->rlim[resource];
1214  		task_unlock(current->group_leader);
1215  		return copy_to_user(rlim, &value, sizeof(*rlim)) ? -EFAULT : 0;
1216  	}
1217  }
1218  
1219  #ifdef __ARCH_WANT_SYS_OLD_GETRLIMIT
1220  
1221  /*
1222   *	Back compatibility for getrlimit. Needed for some apps.
1223   */
1224  
1225  SYSCALL_DEFINE2(old_getrlimit, unsigned int, resource,
1226  		struct rlimit __user *, rlim)
1227  {
1228  	struct rlimit x;
1229  	if (resource >= RLIM_NLIMITS)
1230  		return -EINVAL;
1231  
1232  	task_lock(current->group_leader);
1233  	x = current->signal->rlim[resource];
1234  	task_unlock(current->group_leader);
1235  	if (x.rlim_cur > 0x7FFFFFFF)
1236  		x.rlim_cur = 0x7FFFFFFF;
1237  	if (x.rlim_max > 0x7FFFFFFF)
1238  		x.rlim_max = 0x7FFFFFFF;
1239  	return copy_to_user(rlim, &x, sizeof(x))?-EFAULT:0;
1240  }
1241  
1242  #endif
1243  
1244  SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1245  {
1246  	struct rlimit new_rlim, *old_rlim;
1247  	int retval;
1248  
1249  	if (resource >= RLIM_NLIMITS)
1250  		return -EINVAL;
1251  	if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
1252  		return -EFAULT;
1253  	if (new_rlim.rlim_cur > new_rlim.rlim_max)
1254  		return -EINVAL;
1255  	old_rlim = current->signal->rlim + resource;
1256  	if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
1257  	    !capable(CAP_SYS_RESOURCE))
1258  		return -EPERM;
1259  	if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > sysctl_nr_open)
1260  		return -EPERM;
1261  
1262  	retval = security_task_setrlimit(resource, &new_rlim);
1263  	if (retval)
1264  		return retval;
1265  
1266  	if (resource == RLIMIT_CPU && new_rlim.rlim_cur == 0) {
1267  		/*
1268  		 * The caller is asking for an immediate RLIMIT_CPU
1269  		 * expiry.  But we use the zero value to mean "it was
1270  		 * never set".  So let's cheat and make it one second
1271  		 * instead
1272  		 */
1273  		new_rlim.rlim_cur = 1;
1274  	}
1275  
1276  	task_lock(current->group_leader);
1277  	*old_rlim = new_rlim;
1278  	task_unlock(current->group_leader);
1279  
1280  	if (resource != RLIMIT_CPU)
1281  		goto out;
1282  
1283  	/*
1284  	 * RLIMIT_CPU handling.   Note that the kernel fails to return an error
1285  	 * code if it rejected the user's attempt to set RLIMIT_CPU.  This is a
1286  	 * very long-standing error, and fixing it now risks breakage of
1287  	 * applications, so we live with it
1288  	 */
1289  	if (new_rlim.rlim_cur == RLIM_INFINITY)
1290  		goto out;
1291  
1292  	update_rlimit_cpu(new_rlim.rlim_cur);
1293  out:
1294  	return 0;
1295  }
1296  
1297  /*
1298   * It would make sense to put struct rusage in the task_struct,
1299   * except that would make the task_struct be *really big*.  After
1300   * task_struct gets moved into malloc'ed memory, it would
1301   * make sense to do this.  It will make moving the rest of the information
1302   * a lot simpler!  (Which we're not doing right now because we're not
1303   * measuring them yet).
1304   *
1305   * When sampling multiple threads for RUSAGE_SELF, under SMP we might have
1306   * races with threads incrementing their own counters.  But since word
1307   * reads are atomic, we either get new values or old values and we don't
1308   * care which for the sums.  We always take the siglock to protect reading
1309   * the c* fields from p->signal from races with exit.c updating those
1310   * fields when reaping, so a sample either gets all the additions of a
1311   * given child after it's reaped, or none so this sample is before reaping.
1312   *
1313   * Locking:
1314   * We need to take the siglock for CHILDEREN, SELF and BOTH
1315   * for  the cases current multithreaded, non-current single threaded
1316   * non-current multithreaded.  Thread traversal is now safe with
1317   * the siglock held.
1318   * Strictly speaking, we donot need to take the siglock if we are current and
1319   * single threaded,  as no one else can take our signal_struct away, no one
1320   * else can  reap the  children to update signal->c* counters, and no one else
1321   * can race with the signal-> fields. If we do not take any lock, the
1322   * signal-> fields could be read out of order while another thread was just
1323   * exiting. So we should  place a read memory barrier when we avoid the lock.
1324   * On the writer side,  write memory barrier is implied in  __exit_signal
1325   * as __exit_signal releases  the siglock spinlock after updating the signal->
1326   * fields. But we don't do this yet to keep things simple.
1327   *
1328   */
1329  
1330  static void accumulate_thread_rusage(struct task_struct *t, struct rusage *r)
1331  {
1332  	r->ru_nvcsw += t->nvcsw;
1333  	r->ru_nivcsw += t->nivcsw;
1334  	r->ru_minflt += t->min_flt;
1335  	r->ru_majflt += t->maj_flt;
1336  	r->ru_inblock += task_io_get_inblock(t);
1337  	r->ru_oublock += task_io_get_oublock(t);
1338  }
1339  
1340  static void k_getrusage(struct task_struct *p, int who, struct rusage *r)
1341  {
1342  	struct task_struct *t;
1343  	unsigned long flags;
1344  	cputime_t tgutime, tgstime, utime, stime;
1345  	unsigned long maxrss = 0;
1346  
1347  	memset((char *) r, 0, sizeof *r);
1348  	utime = stime = cputime_zero;
1349  
1350  	if (who == RUSAGE_THREAD) {
1351  		task_times(current, &utime, &stime);
1352  		accumulate_thread_rusage(p, r);
1353  		maxrss = p->signal->maxrss;
1354  		goto out;
1355  	}
1356  
1357  	if (!lock_task_sighand(p, &flags))
1358  		return;
1359  
1360  	switch (who) {
1361  		case RUSAGE_BOTH:
1362  		case RUSAGE_CHILDREN:
1363  			utime = p->signal->cutime;
1364  			stime = p->signal->cstime;
1365  			r->ru_nvcsw = p->signal->cnvcsw;
1366  			r->ru_nivcsw = p->signal->cnivcsw;
1367  			r->ru_minflt = p->signal->cmin_flt;
1368  			r->ru_majflt = p->signal->cmaj_flt;
1369  			r->ru_inblock = p->signal->cinblock;
1370  			r->ru_oublock = p->signal->coublock;
1371  			maxrss = p->signal->cmaxrss;
1372  
1373  			if (who == RUSAGE_CHILDREN)
1374  				break;
1375  
1376  		case RUSAGE_SELF:
1377  			thread_group_times(p, &tgutime, &tgstime);
1378  			utime = cputime_add(utime, tgutime);
1379  			stime = cputime_add(stime, tgstime);
1380  			r->ru_nvcsw += p->signal->nvcsw;
1381  			r->ru_nivcsw += p->signal->nivcsw;
1382  			r->ru_minflt += p->signal->min_flt;
1383  			r->ru_majflt += p->signal->maj_flt;
1384  			r->ru_inblock += p->signal->inblock;
1385  			r->ru_oublock += p->signal->oublock;
1386  			if (maxrss < p->signal->maxrss)
1387  				maxrss = p->signal->maxrss;
1388  			t = p;
1389  			do {
1390  				accumulate_thread_rusage(t, r);
1391  				t = next_thread(t);
1392  			} while (t != p);
1393  			break;
1394  
1395  		default:
1396  			BUG();
1397  	}
1398  	unlock_task_sighand(p, &flags);
1399  
1400  out:
1401  	cputime_to_timeval(utime, &r->ru_utime);
1402  	cputime_to_timeval(stime, &r->ru_stime);
1403  
1404  	if (who != RUSAGE_CHILDREN) {
1405  		struct mm_struct *mm = get_task_mm(p);
1406  		if (mm) {
1407  			setmax_mm_hiwater_rss(&maxrss, mm);
1408  			mmput(mm);
1409  		}
1410  	}
1411  	r->ru_maxrss = maxrss * (PAGE_SIZE / 1024); /* convert pages to KBs */
1412  }
1413  
1414  int getrusage(struct task_struct *p, int who, struct rusage __user *ru)
1415  {
1416  	struct rusage r;
1417  	k_getrusage(p, who, &r);
1418  	return copy_to_user(ru, &r, sizeof(r)) ? -EFAULT : 0;
1419  }
1420  
1421  SYSCALL_DEFINE2(getrusage, int, who, struct rusage __user *, ru)
1422  {
1423  	if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN &&
1424  	    who != RUSAGE_THREAD)
1425  		return -EINVAL;
1426  	return getrusage(current, who, ru);
1427  }
1428  
1429  SYSCALL_DEFINE1(umask, int, mask)
1430  {
1431  	mask = xchg(&current->fs->umask, mask & S_IRWXUGO);
1432  	return mask;
1433  }
1434  
1435  SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
1436  		unsigned long, arg4, unsigned long, arg5)
1437  {
1438  	struct task_struct *me = current;
1439  	unsigned char comm[sizeof(me->comm)];
1440  	long error;
1441  
1442  	error = security_task_prctl(option, arg2, arg3, arg4, arg5);
1443  	if (error != -ENOSYS)
1444  		return error;
1445  
1446  	error = 0;
1447  	switch (option) {
1448  		case PR_SET_PDEATHSIG:
1449  			if (!valid_signal(arg2)) {
1450  				error = -EINVAL;
1451  				break;
1452  			}
1453  			me->pdeath_signal = arg2;
1454  			error = 0;
1455  			break;
1456  		case PR_GET_PDEATHSIG:
1457  			error = put_user(me->pdeath_signal, (int __user *)arg2);
1458  			break;
1459  		case PR_GET_DUMPABLE:
1460  			error = get_dumpable(me->mm);
1461  			break;
1462  		case PR_SET_DUMPABLE:
1463  			if (arg2 < 0 || arg2 > 1) {
1464  				error = -EINVAL;
1465  				break;
1466  			}
1467  			set_dumpable(me->mm, arg2);
1468  			error = 0;
1469  			break;
1470  
1471  		case PR_SET_UNALIGN:
1472  			error = SET_UNALIGN_CTL(me, arg2);
1473  			break;
1474  		case PR_GET_UNALIGN:
1475  			error = GET_UNALIGN_CTL(me, arg2);
1476  			break;
1477  		case PR_SET_FPEMU:
1478  			error = SET_FPEMU_CTL(me, arg2);
1479  			break;
1480  		case PR_GET_FPEMU:
1481  			error = GET_FPEMU_CTL(me, arg2);
1482  			break;
1483  		case PR_SET_FPEXC:
1484  			error = SET_FPEXC_CTL(me, arg2);
1485  			break;
1486  		case PR_GET_FPEXC:
1487  			error = GET_FPEXC_CTL(me, arg2);
1488  			break;
1489  		case PR_GET_TIMING:
1490  			error = PR_TIMING_STATISTICAL;
1491  			break;
1492  		case PR_SET_TIMING:
1493  			if (arg2 != PR_TIMING_STATISTICAL)
1494  				error = -EINVAL;
1495  			else
1496  				error = 0;
1497  			break;
1498  
1499  		case PR_SET_NAME:
1500  			comm[sizeof(me->comm)-1] = 0;
1501  			if (strncpy_from_user(comm, (char __user *)arg2,
1502  					      sizeof(me->comm) - 1) < 0)
1503  				return -EFAULT;
1504  			set_task_comm(me, comm);
1505  			return 0;
1506  		case PR_GET_NAME:
1507  			get_task_comm(comm, me);
1508  			if (copy_to_user((char __user *)arg2, comm,
1509  					 sizeof(comm)))
1510  				return -EFAULT;
1511  			return 0;
1512  		case PR_GET_ENDIAN:
1513  			error = GET_ENDIAN(me, arg2);
1514  			break;
1515  		case PR_SET_ENDIAN:
1516  			error = SET_ENDIAN(me, arg2);
1517  			break;
1518  
1519  		case PR_GET_SECCOMP:
1520  			error = prctl_get_seccomp();
1521  			break;
1522  		case PR_SET_SECCOMP:
1523  			error = prctl_set_seccomp(arg2);
1524  			break;
1525  		case PR_GET_TSC:
1526  			error = GET_TSC_CTL(arg2);
1527  			break;
1528  		case PR_SET_TSC:
1529  			error = SET_TSC_CTL(arg2);
1530  			break;
1531  		case PR_TASK_PERF_EVENTS_DISABLE:
1532  			error = perf_event_task_disable();
1533  			break;
1534  		case PR_TASK_PERF_EVENTS_ENABLE:
1535  			error = perf_event_task_enable();
1536  			break;
1537  		case PR_GET_TIMERSLACK:
1538  			error = current->timer_slack_ns;
1539  			break;
1540  		case PR_SET_TIMERSLACK:
1541  			if (arg2 <= 0)
1542  				current->timer_slack_ns =
1543  					current->default_timer_slack_ns;
1544  			else
1545  				current->timer_slack_ns = arg2;
1546  			error = 0;
1547  			break;
1548  		case PR_MCE_KILL:
1549  			if (arg4 | arg5)
1550  				return -EINVAL;
1551  			switch (arg2) {
1552  			case PR_MCE_KILL_CLEAR:
1553  				if (arg3 != 0)
1554  					return -EINVAL;
1555  				current->flags &= ~PF_MCE_PROCESS;
1556  				break;
1557  			case PR_MCE_KILL_SET:
1558  				current->flags |= PF_MCE_PROCESS;
1559  				if (arg3 == PR_MCE_KILL_EARLY)
1560  					current->flags |= PF_MCE_EARLY;
1561  				else if (arg3 == PR_MCE_KILL_LATE)
1562  					current->flags &= ~PF_MCE_EARLY;
1563  				else if (arg3 == PR_MCE_KILL_DEFAULT)
1564  					current->flags &=
1565  						~(PF_MCE_EARLY|PF_MCE_PROCESS);
1566  				else
1567  					return -EINVAL;
1568  				break;
1569  			default:
1570  				return -EINVAL;
1571  			}
1572  			error = 0;
1573  			break;
1574  		case PR_MCE_KILL_GET:
1575  			if (arg2 | arg3 | arg4 | arg5)
1576  				return -EINVAL;
1577  			if (current->flags & PF_MCE_PROCESS)
1578  				error = (current->flags & PF_MCE_EARLY) ?
1579  					PR_MCE_KILL_EARLY : PR_MCE_KILL_LATE;
1580  			else
1581  				error = PR_MCE_KILL_DEFAULT;
1582  			break;
1583  		default:
1584  			error = -EINVAL;
1585  			break;
1586  	}
1587  	return error;
1588  }
1589  
1590  SYSCALL_DEFINE3(getcpu, unsigned __user *, cpup, unsigned __user *, nodep,
1591  		struct getcpu_cache __user *, unused)
1592  {
1593  	int err = 0;
1594  	int cpu = raw_smp_processor_id();
1595  	if (cpup)
1596  		err |= put_user(cpu, cpup);
1597  	if (nodep)
1598  		err |= put_user(cpu_to_node(cpu), nodep);
1599  	return err ? -EFAULT : 0;
1600  }
1601  
1602  char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff";
1603  
1604  static void argv_cleanup(char **argv, char **envp)
1605  {
1606  	argv_free(argv);
1607  }
1608  
1609  /**
1610   * orderly_poweroff - Trigger an orderly system poweroff
1611   * @force: force poweroff if command execution fails
1612   *
1613   * This may be called from any context to trigger a system shutdown.
1614   * If the orderly shutdown fails, it will force an immediate shutdown.
1615   */
1616  int orderly_poweroff(bool force)
1617  {
1618  	int argc;
1619  	char **argv = argv_split(GFP_ATOMIC, poweroff_cmd, &argc);
1620  	static char *envp[] = {
1621  		"HOME=/",
1622  		"PATH=/sbin:/bin:/usr/sbin:/usr/bin",
1623  		NULL
1624  	};
1625  	int ret = -ENOMEM;
1626  	struct subprocess_info *info;
1627  
1628  	if (argv == NULL) {
1629  		printk(KERN_WARNING "%s failed to allocate memory for \"%s\"\n",
1630  		       __func__, poweroff_cmd);
1631  		goto out;
1632  	}
1633  
1634  	info = call_usermodehelper_setup(argv[0], argv, envp, GFP_ATOMIC);
1635  	if (info == NULL) {
1636  		argv_free(argv);
1637  		goto out;
1638  	}
1639  
1640  	call_usermodehelper_setcleanup(info, argv_cleanup);
1641  
1642  	ret = call_usermodehelper_exec(info, UMH_NO_WAIT);
1643  
1644    out:
1645  	if (ret && force) {
1646  		printk(KERN_WARNING "Failed to start orderly shutdown: "
1647  		       "forcing the issue\n");
1648  
1649  		/* I guess this should try to kick off some daemon to
1650  		   sync and poweroff asap.  Or not even bother syncing
1651  		   if we're doing an emergency shutdown? */
1652  		emergency_sync();
1653  		kernel_power_off();
1654  	}
1655  
1656  	return ret;
1657  }
1658  EXPORT_SYMBOL_GPL(orderly_poweroff);
1659