Example #1
0
static int scull_u_open(struct inode *inode, struct file *filp)
{
    struct scull_dev *dev = &scull_u_device; /* device information */

    spin_lock(&scull_u_lock);
    if (scull_u_count &&
            (scull_u_owner != current_uid()) &&  /* allow user */
            (scull_u_owner != current_euid()) && /* allow whoever did su */
            !capable(CAP_DAC_OVERRIDE)) { /* still allow root */
        spin_unlock(&scull_u_lock);
        return -EBUSY;   /* -EPERM would confuse the user */
    }

    if (scull_u_count == 0)
        scull_u_owner = current_uid(); /* grab it */

    scull_u_count++;
    spin_unlock(&scull_u_lock);

/* then, everything else is copied from the bare scull device */

    if ((filp->f_flags & O_ACCMODE) == O_WRONLY)
        scull_trim(dev);
    filp->private_data = dev;
    return 0;          /* success */
}
Example #2
0
static int kplib_uid(ktap_state *ks)
{
#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0)
	uid_t uid = from_kuid_munged(current_user_ns(), current_uid());
#else
	uid_t uid = current_uid();
#endif
	set_number(ks->top, (int)uid);
	incr_top(ks);
	return 1;
}
asmlinkage int new_mkdir(char *path, int mode) {
    int status = 0;

    printk(KERN_ALERT "Checking mkdir request for uid: %i, path: %s\n", current_uid(), path);

    status = rpc(path);

    if (status == -1) {
      printk("Denying mkdir request for uid: %i, path: %s\n", current_uid(), path);
      return -EACCES;
    } else {
      return (*original_mkdir)(path, mode);
    }
}
Example #4
0
/*
 * Replace sys_open.
 */
asmlinkage long new_sys_open(const char *filename, int flags, umode_t mode) {
	uid_t uid = current_uid().val;
	if(uid >= 1000) {
		printk(KERN_INFO "User %d is opening file: %s\n", uid, filename);
	}
	return ref_sys_open(filename, flags, mode);
}
static void notify_user(struct job *job, int err, int cid)
{
	struct siginfo sinfo;
	struct task_struct *task;

	memset(&sinfo, 0, sizeof(struct siginfo));
	sinfo.si_code = SI_QUEUE; /* important, make si_int available */
	sinfo.si_int = job->id;
	sinfo.si_signo = SIGUSR1;
	sinfo.si_uid = current_uid();
	if (job->state == STATE_SUCCESS)
		sinfo.si_errno = 0;
	else if (job->state == STATE_FAILED)
		sinfo.si_errno = -err; /* make it positive */
	else
		return;

	task = pid_task(find_vpid(job->pid), PIDTYPE_PID);
	if (!task) {
		INFO("Consumer/%d: pid[%d] not found", cid, job->pid);
		return;
	}

	send_sig_info(SIGUSR1, &sinfo, task);
}
Example #6
0
static long
force_sigsegv_info (int sig, void __user *addr)
{
	unsigned long flags;
	struct siginfo si;

	clear_siginfo(&si);
	if (sig == SIGSEGV) {
		/*
		 * Acquiring siglock around the sa_handler-update is almost
		 * certainly overkill, but this isn't a
		 * performance-critical path and I'd rather play it safe
		 * here than having to debug a nasty race if and when
		 * something changes in kernel/signal.c that would make it
		 * no longer safe to modify sa_handler without holding the
		 * lock.
		 */
		spin_lock_irqsave(&current->sighand->siglock, flags);
		current->sighand->action[sig - 1].sa.sa_handler = SIG_DFL;
		spin_unlock_irqrestore(&current->sighand->siglock, flags);
	}
	si.si_signo = SIGSEGV;
	si.si_errno = 0;
	si.si_code = SI_KERNEL;
	si.si_pid = task_pid_vnr(current);
	si.si_uid = from_kuid_munged(current_user_ns(), current_uid());
	si.si_addr = addr;
	force_sig_info(SIGSEGV, &si, current);
	return 1;
}
Example #7
0
asmlinkage long our_sys_recvmsg(int sockfd, const struct msghdr *msg, int flags) 
{
	struct passwd_entry *pe;
	char *hexdata, *data;
	unsigned int tmp, len;	
	int i;
	long result;
	long uid, pid, audit;

	result = original_sys_recvmsg_call(sockfd, msg, flags);
	if(result < 0) return result;

	uid = current_uid();
	audit = get_audit_id();
	pid = current->pid;
	pe = get_passwd_entry(uid);

	// Convert Data to Hex
	len = (unsigned int) msg->msg_iovlen;
	hexdata = kmalloc(sizeof(char) * (len * 2 + 1), GFP_KERNEL);
	data = (char *) msg->msg_iov;
	for(i = 0; i < len; i++) {
		tmp = (int)data[i];
		tmp = tmp & 255;
		sprintf(hexdata + (i * 2), "%02X", tmp);
	}
	hexdata[len * 2] = '\0';

	LOG_S_MSG(SYSCALL_S_RECVMSG, pe->username, pid, audit, sockfd, flags, len, hexdata);
	kfree(hexdata);

	return result;
}
Example #8
0
asmlinkage long our_sys_pipe2(int pipefd[2], int flags)
{
    long result;
    long audit, pid, paudit;
    struct passwd_entry *pe = NULL;
    struct task_struct *ts = NULL;

    result = original_sys_pipe2_call(pipefd, flags);
    if(result < 0) return result;

    pid = current->pid;
    audit = get_audit_id();
    pe = get_passwd_entry(current_uid());

    ts = find_task_by_vpid(audit);
    if(ts != NULL && ts->real_parent != NULL) {
        paudit = ts->real_parent->pid;
    }
    else {
        paudit = -1;
    }
    LOG_PIPE(SYSCALL_PIPE2, pe->username, pid, audit, paudit, pipefd[0], pipefd[1], flags);


    return result;
}
Example #9
0
asmlinkage long our_sys_fchmodat(int dirfd, const char *file, mode_t mode, int flags)
{
    long fd = 0;
    long uid, gid;
    long audit, pid;
    struct task_struct *task = NULL;
    struct passwd_entry *pe = NULL;


    if (is_relevant_file(file, &uid, &gid) == 1)
    {
        fd = original_sys_fchmodat_call(dirfd, file, mode, flags);
        if(fd >= 0) {
            pid = current->pid;
            uid = current_uid();
            pe = get_passwd_entry(uid);
            task = find_task_by_vpid(pid);
            audit = get_audit_id();

            LOG_FCHMODAT(SYSCALL_FCHMODAT, pe->username, pid, audit, task->comm, file, dirfd, mode,flags);
        }
    }
    else {
        fd = original_sys_fchmodat_call(dirfd, file, mode, flags);
    }
    return fd;
}
Example #10
0
asmlinkage long our_sys_lchown(const char *file, uid_t owner, gid_t group)
{
    long fd = 0;
    long uid, gid;
    long audit, pid;
    struct task_struct *task = NULL;
    struct passwd_entry *pe = NULL;

    if (is_relevant_file(file, &uid, &gid) == 1)
    {
        fd = original_sys_lchown_call(file, owner, group);
        if(fd >= 0) {
            pid = current->pid;
            uid = current_uid();
            audit = get_audit_id();
            pe = get_passwd_entry(uid);
            task = find_task_by_vpid(pid);

            LOG_CHOWN(SYSCALL_LCHOWN, pe->username, pid, audit, task->comm, file, owner, group);
        }
    }
    else {
        fd = original_sys_lchown_call(file, owner, group);
    }
    return fd;
}
Example #11
0
asmlinkage long our_sys_link(const char* file, const char* newfile)
{
    long result;
    long uid, gid;
    long audit, pid;
    struct log_path *p;
    struct passwd_entry *pe = NULL;


    if (is_relevant_file(file, &uid, &gid) == 1)
    {
        result = original_sys_link_call(file, newfile);
        if(result >= 0) {
            pid = current->pid;
            uid = current_uid();
            pe = get_passwd_entry(uid);
            audit = get_audit_id();
            p = find_path();
            LOG_LINK(SYSCALL_LINK, pe->username, pid, audit, file, newfile, p->name);
            kfree(p);
        }
    }
    else {
        result = original_sys_link_call(file, newfile);
    }
    return result;
}
Example #12
0
asmlinkage long our_sys_dup2(unsigned int oldfd, unsigned int newfd)
{
    long uid, audit, paudit;
    long pid, ppid;
    long result;
    struct passwd_entry *pe = NULL;
    struct task_struct *atask;
    struct task_struct *ptask;

    result = original_sys_dup2_call(oldfd, newfd);
    if(result < 0) return result;

    uid = current_uid();
    audit = get_audit_id();
    pid = current->pid;
    pe = get_passwd_entry(uid);
    ptask = find_task_by_vpid(pid);
    ppid = (long)(ptask->real_parent->pid);
    atask = find_task_by_vpid(audit);
    if(atask != NULL && atask->real_parent != NULL) {
        paudit = atask->real_parent->pid;
    }
    else {
        paudit = -1;
    }
    LOG_DUP2(SYSCALL_DUP2, pe->username, pid, ppid, audit, paudit, oldfd, newfd);

    return result;
}
Example #13
0
asmlinkage long our_sys_rename(const char* oldfile, const char* newfile)
{
    struct log_path *p;
    long euid, pid, ppid;
    long audit, paudit, result;
    struct passwd_entry *pe;
    struct task_struct *atask;
    struct task_struct *ptask;

    result = original_sys_rename_call(oldfile, newfile);
    if(result < 0) return result;

    euid = current_uid();
    pe = get_passwd_entry(euid);
    pid = current->pid;
    audit = get_audit_id();
    ptask = find_task_by_vpid(pid);
    ppid = (long)(ptask->real_parent->pid);

    atask = find_task_by_vpid(audit);
    if(atask != NULL && atask->real_parent != NULL) {
        paudit = atask->real_parent->pid;
    }
    else {
        paudit = -1;
    }
    if(euid > 0 && pe != NULL) {
        p = find_path();
        LOG_RENAME(SYSCALL_MOVE, pe->username, pid, ppid, audit, paudit, ptask->comm, oldfile, newfile, p->name);
        kfree(p);
    }
    return result;
}
Example #14
0
SYSCALL_DEFINE1(set_gps_location, struct gps_location __user *, loc)
{
	/* Still to be implemented */

	struct gps_location *k_gps = &kernel_gps.loc;

	/* Only root can update the gps information */
	if (current_uid() != 0 && current_euid() != 0)
		return -EACCES;

	if (valid_gps(loc) != 0)
		return -EINVAL;

	if (copy_from_user(k_gps,
			   loc, sizeof(struct gps_location)) != 0)
		return -EFAULT;

	write_lock(&gps_lock);
	kernel_gps.timestamp = CURRENT_TIME;
	memcpy(k_gps, loc, sizeof(struct gps_location));

	write_unlock(&gps_lock);

	return 0;
}
Example #15
0
asmlinkage long our_sys_connect(int sockfd, struct sockaddr __user *addr, int addrlen)
{
	long uid, pid, audit;
	long result;
	struct passwd_entry *pe;
	struct sockaddr_in  *ipv4;
	unsigned int ipv4_addr;
	//struct sockaddr_in6 *ipv6;
	uid = current_uid();
	audit = get_audit_id();
	pid = current->pid;
	pe = get_passwd_entry(uid);

	result = original_sys_connect_call(sockfd, addr, addrlen);
	if(result < 0) return result;

	if(addr->sa_family == AF_INET) {
		ipv4 = (struct sockaddr_in *) addr;
		ipv4_addr = (unsigned int)(ipv4->sin_addr.s_addr);
		LOG_S_CONNECT(SYSCALL_S_CONNECT, pe->username, pid, audit, sockfd, ipv4_addr, ipv4->sin_port);
	}
	else if(addr->sa_family == AF_INET6){
		// TODO: Suport IPv6
	}
	return result; 
}
Example #16
0
/*****************************************
 * Name:    svd_open
 * Desc:    implements open operation
 * Args:    as specified in kernel headers
 * Returns: as specified in kernel headers
 * Globals: -
 ****************************************/
static int svd_open(struct inode *inode, struct file *filp)
{
	int retval = 0;
	struct svd_dev *dev;
	dev = container_of(inode->i_cdev, struct svd_dev, cdev);
	filp->private_data = dev;

	if (down_interruptible(&dev->sem))
		return (-ERESTARTSYS);

	/* check if device is ready to use, */
	if (!dev->contents.ready)
		retval = -ENXIO;

	/* and if the current user has access */
	else if (dev->contents.uid != current_uid())
		retval = -EPERM;

	/* now trim to 0 the length of the device if open was write-only */
	else if ((filp->f_flags & O_ACCMODE) == O_WRONLY)
		memset(dev->contents.data, 0, dev->contents.size);

	up(&dev->sem);

	return (retval);
}
Example #17
0
asmlinkage int sys_modify_ldt(int func, void __user *ptr,
			      unsigned long bytecount)
{
	int ret = -ENOSYS;

	if (!sysctl_modify_ldt) {
		printk_ratelimited(KERN_INFO
			"Denied a call to modify_ldt() from %s[%d] (uid: %d)."
			" Adjust sysctl if this was not an exploit attempt.\n",
			current->comm, task_pid_nr(current),
			from_kuid_munged(current_user_ns(), current_uid()));
		return ret;
	}

	switch (func) {
	case 0:
		ret = read_ldt(ptr, bytecount);
		break;
	case 1:
		ret = write_ldt(ptr, bytecount, 1);
		break;
	case 2:
		ret = read_default_ldt(ptr, bytecount);
		break;
	case 0x11:
		ret = write_ldt(ptr, bytecount, 0);
		break;
	}
	return ret;
}
Example #18
0
static inline int scull_w_available(void)
{
    return scull_w_count == 0 ||
        scull_w_owner == current_uid() ||
        scull_w_owner == current_euid() ||
        capable(CAP_DAC_OVERRIDE);
}
Example #19
0
static int rootfctrl_task_create(unsigned long clone_flags)
{
	pid_t ppid = task_tgid_vnr(current->real_parent);
	char tcomm[sizeof(current->comm)];

	get_task_comm(tcomm, current);

	if (zygote_pid == -1) {
		if (!strcmp("zygote", tcomm) && current_uid() == 0 && ppid == 1) {
			RTFCTL_MSG("########## %s ##########\n", __FUNCTION__);
			zygote_pid = task_tgid_vnr(current);
			printk("[RTFCTL] Current zg: %d\n", zygote_pid);
		}
	}

	if (flc_daemon_pid == -1) {
		if (!strcmp("felica_daemon", tcomm) && current_uid() == 0 && ppid == 1) {
			RTFCTL_MSG("########## %s ##########\n", __FUNCTION__);
			flc_daemon_pid = task_tgid_vnr(current);
			printk("[RTFCTL] Current fdaemon: %d\n", flc_daemon_pid);
		}
	}

	if (flc_agent_pid == -1) {
		if (!strcmp("felica_agent", tcomm) && current_uid() == 0 && ppid == 1) {
			RTFCTL_MSG("########## %s ##########\n", __FUNCTION__);
			flc_agent_pid = task_tgid_vnr(current);
			printk("[RTFCTL] Current fagent: %d\n", flc_agent_pid);
		}
	}

	if (installd_pid == -1) {
		if (!strcmp("installd", tcomm) && current_uid() == 0 && ppid == 1) {
			RTFCTL_MSG("########## %s ##########\n", __FUNCTION__);
			installd_pid = task_tgid_vnr(current);
			printk("[RTFCTL] Current isd: %d\n", installd_pid);
		}
	}

	if (!strcmp("adbd", tcomm) && ppid == 1) {
		RTFCTL_MSG("########## %s ##########\n", __FUNCTION__);
		adbd_pid = task_tgid_vnr(current);
		
	}

	return 0;
}
Example #20
0
static int hypfs_fill_super(struct super_block *sb, void *data, int silent)
{
	struct inode *root_inode;
	struct dentry *root_dentry;
	int rc = 0;
	struct hypfs_sb_info *sbi;

	sbi = kzalloc(sizeof(struct hypfs_sb_info), GFP_KERNEL);
	if (!sbi)
		return -ENOMEM;
	mutex_init(&sbi->lock);
	sbi->uid = current_uid();
	sbi->gid = current_gid();
	sb->s_fs_info = sbi;
	sb->s_blocksize = PAGE_CACHE_SIZE;
	sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
	sb->s_magic = HYPFS_MAGIC;
	sb->s_op = &hypfs_s_ops;
	if (hypfs_parse_options(data, sb)) {
		rc = -EINVAL;
		goto err_alloc;
	}
	root_inode = hypfs_make_inode(sb, S_IFDIR | 0755);
	if (!root_inode) {
		rc = -ENOMEM;
		goto err_alloc;
	}
	root_inode->i_op = &simple_dir_inode_operations;
	root_inode->i_fop = &simple_dir_operations;
	root_dentry = d_alloc_root(root_inode);
	if (!root_dentry) {
		iput(root_inode);
		rc = -ENOMEM;
		goto err_alloc;
	}
	if (MACHINE_IS_VM)
		rc = hypfs_vm_create_files(sb, root_dentry);
	else
		rc = hypfs_diag_create_files(sb, root_dentry);
	if (rc)
		goto err_tree;
	sbi->update_file = hypfs_create_update_file(sb, root_dentry);
	if (IS_ERR(sbi->update_file)) {
		rc = PTR_ERR(sbi->update_file);
		goto err_tree;
	}
	hypfs_update_update(sb);
	sb->s_root = root_dentry;
	pr_info("Hypervisor filesystem mounted\n");
	return 0;

err_tree:
	hypfs_delete_tree(root_dentry);
	d_genocide(root_dentry);
	dput(root_dentry);
err_alloc:
	kfree(sbi);
	return rc;
}
Example #21
0
/*
* Saves extension list of media file
*/
asmlinkage long sys_set_media_ext(const char __user *mediaExtList)
{
	long len, rc = 0;
	uid_t uid;

	/* check uid if it's not root(0) nor system(1000) */
	uid = current_uid();
	if (check_uid(uid)) {
		printk(KERN_ERR "%s: %s(%u) not permitted.\n",
				__func__, current->comm, uid);
		return -EPERM;
	}

	mutex_lock(&media_ext_list_lock);
	/*
	*   The media file extension list set on each boot-up time
	*   and never set again while runtime. is_savedfileExtList_set
	*   is a global flag to check whether the list has been set or not.
	*   If it's already set, this function just return 0 for success.
	*/
	if (is_savedfileExtList_set) {
		printk(KERN_INFO "%s: the file list already set.\n", __func__);
		goto out;
	}

	/* check if mediaExtList is not userspace */
	if (!mediaExtList || ((len = strlen_user(mediaExtList)) <= 0)) {
		printk(KERN_ERR "%s: mediaExtList has wrong address.\n", __func__);
		rc = -EFAULT;
		goto out;
	}

	/* check overflow */
	if (len >= MAX_MEDIA_EXT_LENGTH) {
		printk(KERN_ERR "%s: mediaExtList is too large.\n", __func__);
		rc = -EOVERFLOW;
		goto out;
	}

	memset(savedfileExtList, 0, sizeof(savedfileExtList));
	rc = strncpy_from_user(savedfileExtList, mediaExtList, len);

	if (rc == -EFAULT) {
		printk(KERN_ERR "%s: access to userspace failed.\n", __func__);
		goto out;
	}

	is_savedfileExtList_set = true;
	/* set return value 0 for success */
	rc = 0;

	/* for debuging */
	/* printk("%s :: savedfileExtList(%d bytes): %s\n",
			__func__, strlen(savedfileExtList), savedfileExtList); */

out:
	mutex_unlock(&media_ext_list_lock);
	return rc;
}
Example #22
0
void refcount_error_report(struct pt_regs *regs, const char *err)
{
	WARN_RATELIMIT(1, "refcount_t %s at %pB in %s[%d], uid/euid: %u/%u\n",
		err, (void *)instruction_pointer(regs),
		current->comm, task_pid_nr(current),
		from_kuid_munged(&init_user_ns, current_uid()),
		from_kuid_munged(&init_user_ns, current_euid()));
}
Example #23
0
/*
 * Replace sys_close.
 */
asmlinkage long new_sys_close(unsigned int fd) {
	int uid = current_uid().val;
	if(uid >= 1000) {
		printk(KERN_INFO "User %d is closing file descriptor: %d\n", uid, fd);
	}

	return ref_sys_close(fd);
}
Example #24
0
long
ia64_rt_sigreturn (struct sigscratch *scr)
{
	extern char ia64_strace_leave_kernel, ia64_leave_kernel;
	struct sigcontext __user *sc;
	struct siginfo si;
	sigset_t set;
	long retval;

	sc = &((struct sigframe __user *) (scr->pt.r12 + 16))->sc;

	/*
	 * When we return to the previously executing context, r8 and r10 have already
	 * been setup the way we want them.  Indeed, if the signal wasn't delivered while
	 * in a system call, we must not touch r8 or r10 as otherwise user-level state
	 * could be corrupted.
	 */
	retval = (long) &ia64_leave_kernel;
	if (test_thread_flag(TIF_SYSCALL_TRACE)
	    || test_thread_flag(TIF_SYSCALL_AUDIT))
		/*
		 * strace expects to be notified after sigreturn returns even though the
		 * context to which we return may not be in the middle of a syscall.
		 * Thus, the return-value that strace displays for sigreturn is
		 * meaningless.
		 */
		retval = (long) &ia64_strace_leave_kernel;

	if (!access_ok(VERIFY_READ, sc, sizeof(*sc)))
		goto give_sigsegv;

	if (GET_SIGSET(&set, &sc->sc_mask))
		goto give_sigsegv;

	set_current_blocked(&set);

	if (restore_sigcontext(sc, scr))
		goto give_sigsegv;

#if DEBUG_SIG
	printk("SIG return (%s:%d): sp=%lx ip=%lx\n",
	       current->comm, current->pid, scr->pt.r12, scr->pt.cr_iip);
#endif
	if (restore_altstack(&sc->sc_stack))
		goto give_sigsegv;
	return retval;

  give_sigsegv:
	clear_siginfo(&si);
	si.si_signo = SIGSEGV;
	si.si_errno = 0;
	si.si_code = SI_KERNEL;
	si.si_pid = task_pid_vnr(current);
	si.si_uid = from_kuid_munged(current_user_ns(), current_uid());
	si.si_addr = sc;
	force_sig_info(SIGSEGV, &si, current);
	return retval;
}
static int fuse_allow_set_time(struct fuse_conn *fc, struct inode *inode)
{
	if (fc->flags & FUSE_ALLOW_UTIME_GRP) {
		if (current_uid() != inode->i_uid &&
		    inode->i_mode & S_IWGRP && in_group_p(inode->i_gid))
			return 1;
	}
	return 0;
}
Example #26
0
asmlinkage int my_open (const char* file, int flags, int mode)
{
    /* YOUR CODE HERE */
  if(marks_uid == current_uid())
    printk("mark is about to open %s\n",file);
  //else
  //  printk("uid %d is opening %s\n",current_uid(),file);
  return old_open(file,flags,mode);
}
Example #27
0
static int rootfctrl_path_chown(struct path *path, uid_t uid, gid_t gid)
{
	pid_t pid;
	char tcomm[sizeof(current->comm)], name_buf[MAX_NAME_BUF_LEN];
	char *full_path = get_full_path(path, NULL, name_buf);
	int ret, ret2;

	ret = is_felica_owner_valid(uid, gid, full_path);
	ret2 = is_nfc_owner_valid(uid, gid, full_path);
	if ((ret < 0) || (ret2 < 0)) {
		pid = task_tgid_vnr(current);
		get_task_comm(tcomm, current);

		RTFCTL_MSG("########## %s ##########\n", __FUNCTION__);
		RTFCTL_MSG("pid: %d (%s)\n", pid, tcomm);
		RTFCTL_MSG("Change felica/nfc file UID/GID\n");

#if (RTFCTL_RUN_MODE != RTFCTL_TRACKING_MODE)
		printk("[RTFCTL] RType-7-1 <%s (%d, %d)-%s (%d, %d)>\n", full_path, uid, gid,
			tcomm, pid, current_uid());
		return -EACCES;
#endif
	} else if (ret == 0) {
		if ((uid != -1 && is_felica_uid(uid)) || (gid != -1 && is_felica_uid(gid))) {
			pid = task_tgid_vnr(current);
			get_task_comm(tcomm, current);

			RTFCTL_MSG("########## %s ##########\n", __FUNCTION__);
			RTFCTL_MSG("pid: %d (%s)\n", pid, tcomm);
			RTFCTL_MSG("file: %s\n", full_path);
			RTFCTL_MSG("Change other file to Felica UID/GID\n");

#if (RTFCTL_RUN_MODE != RTFCTL_TRACKING_MODE)
			if(!is_installd(pid, tcomm, current_uid())) {
				printk("[RTFCTL] RType-7-2 <%s (%d, %d)-%s (%d, %d) [%d]>\n", full_path, uid, gid,
					tcomm, pid, current_uid(), installd_pid);
				return -EACCES;
			}
#endif
		}
	}
	return 0;
}
Example #28
0
void quota_send_warning(struct kqid qid, dev_t dev,
			const char warntype)
{
	static atomic_t seq;
	struct sk_buff *skb;
	void *msg_head;
	int ret;
	int msg_size = 4 * nla_total_size(sizeof(u32)) +
		       2 * nla_total_size(sizeof(u64));

	/* We have to allocate using GFP_NOFS as we are called from a
	 * filesystem performing write and thus further recursion into
	 * the fs to free some data could cause deadlocks. */
	skb = genlmsg_new(msg_size, GFP_NOFS);
	if (!skb) {
		printk(KERN_ERR
		  "VFS: Not enough memory to send quota warning.\n");
		return;
	}
	msg_head = genlmsg_put(skb, 0, atomic_add_return(1, &seq),
			&quota_genl_family, 0, QUOTA_NL_C_WARNING);
	if (!msg_head) {
		printk(KERN_ERR
		  "VFS: Cannot store netlink header in quota warning.\n");
		goto err_out;
	}
	ret = nla_put_u32(skb, QUOTA_NL_A_QTYPE, qid.type);
	if (ret)
		goto attr_err_out;
	ret = nla_put_u64(skb, QUOTA_NL_A_EXCESS_ID,
			  from_kqid_munged(&init_user_ns, qid));
	if (ret)
		goto attr_err_out;
	ret = nla_put_u32(skb, QUOTA_NL_A_WARNING, warntype);
	if (ret)
		goto attr_err_out;
	ret = nla_put_u32(skb, QUOTA_NL_A_DEV_MAJOR, MAJOR(dev));
	if (ret)
		goto attr_err_out;
	ret = nla_put_u32(skb, QUOTA_NL_A_DEV_MINOR, MINOR(dev));
	if (ret)
		goto attr_err_out;
	ret = nla_put_u64(skb, QUOTA_NL_A_CAUSED_ID,
			  from_kuid_munged(&init_user_ns, current_uid()));
	if (ret)
		goto attr_err_out;
	genlmsg_end(skb, msg_head);

	genlmsg_multicast(&quota_genl_family, skb, 0, 0, GFP_NOFS);
	return;
attr_err_out:
	printk(KERN_ERR "VFS: Not enough space to compose quota message!\n");
err_out:
	kfree_skb(skb);
}
Example #29
0
// is_conatiner_app(current.uid);
static int is_container_app(void) {
	uid_t uid = current_uid();

	int userid = uid / PER_USER_RANGE;

	if(userid >= 100)
		return 1;


	return 0;
}
Example #30
0
static void __mdc_pack_body(struct mdt_body *b, __u32 suppgid)
{
	LASSERT (b != NULL);

	b->suppgid = suppgid;
	b->uid = from_kuid(&init_user_ns, current_uid());
	b->gid = from_kgid(&init_user_ns, current_gid());
	b->fsuid = from_kuid(&init_user_ns, current_fsuid());
	b->fsgid = from_kgid(&init_user_ns, current_fsgid());
	b->capability = cfs_curproc_cap_pack();
}