asmlinkage long sys_setfsuid16(old_uid_t uid) { long ret = sys_setfsuid(low2highuid(uid)); /* avoid REGPARM breakage on x86: */ asmlinkage_protect(1, ret, uid); return ret; }
SYSCALL_DEFINE1(setfsuid16, old_uid_t, uid) { long ret = sys_setfsuid(low2highuid(uid)); /* avoid REGPARM breakage on x86: */ asmlinkage_protect(1, ret, uid); return ret; }
asmlinkage long sys_setfsuid16(old_uid_t uid) { return sys_setfsuid((uid_t)uid); }
asmlinkage long sys32_setfsuid16(u16 uid) { return sys_setfsuid((uid_t)uid); }
static int restore_creds(CredsEntry *ce) { int b, i, ret; struct cap_header hdr; struct cap_data data[_LINUX_CAPABILITY_U32S_3]; /* * We're still root here and thus can do it without failures. */ /* * First -- set the SECURE_NO_SETUID_FIXUP bit not to * lose caps bits when changing xids. */ ret = sys_prctl(PR_SET_SECUREBITS, 1 << SECURE_NO_SETUID_FIXUP, 0, 0, 0); if (ret) { pr_err("Unable to set SECURE_NO_SETUID_FIXUP: %d\n", ret); return -1; } /* * Second -- restore xids. Since we still have the CAP_SETUID * capability nothing should fail. But call the setfsXid last * to override the setresXid settings. */ ret = sys_setresuid(ce->uid, ce->euid, ce->suid); if (ret) { pr_err("Unable to set real, effective and saved user ID: %d\n", ret); return -1; } sys_setfsuid(ce->fsuid); if (sys_setfsuid(-1) != ce->fsuid) { pr_err("Unable to set fsuid\n"); return -1; } ret = sys_setresgid(ce->gid, ce->egid, ce->sgid); if (ret) { pr_err("Unable to set real, effective and saved group ID: %d\n", ret); return -1; } sys_setfsgid(ce->fsgid); if (sys_setfsgid(-1) != ce->fsgid) { pr_err("Unable to set fsgid\n"); return -1; } /* * Third -- restore securebits. We don't need them in any * special state any longer. */ ret = sys_prctl(PR_SET_SECUREBITS, ce->secbits, 0, 0, 0); if (ret) { pr_err("Unable to set PR_SET_SECUREBITS: %d\n", ret); return -1; } /* * Fourth -- trim bset. This can only be done while * having the CAP_SETPCAP capablity. */ for (b = 0; b < CR_CAP_SIZE; b++) { for (i = 0; i < 32; i++) { if (b * 32 + i > cap_last_cap) break; if (ce->cap_bnd[b] & (1 << i)) /* already set */ continue; ret = sys_prctl(PR_CAPBSET_DROP, i + b * 32, 0, 0, 0); if (ret) { pr_err("Unable to drop capability %d: %d\n", i + b * 32, ret); return -1; } } } /* * Fifth -- restore caps. Nothing but cap bits are changed * at this stage, so just do it. */ hdr.version = _LINUX_CAPABILITY_VERSION_3; hdr.pid = 0; BUILD_BUG_ON(_LINUX_CAPABILITY_U32S_3 != CR_CAP_SIZE); for (i = 0; i < CR_CAP_SIZE; i++) { data[i].eff = ce->cap_eff[i]; data[i].prm = ce->cap_prm[i]; data[i].inh = ce->cap_inh[i]; } ret = sys_capset(&hdr, data); if (ret) { pr_err("Unable to restore capabilities: %d\n", ret); return -1; } return 0; }