2020-07-30 23:38:15 +02:00
|
|
|
/*
|
|
|
|
* Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
|
|
|
|
*
|
2021-04-22 01:24:48 -07:00
|
|
|
* SPDX-License-Identifier: BSD-2-Clause
|
2020-07-30 23:38:15 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <Kernel/Process.h>
|
|
|
|
|
|
|
|
namespace Kernel {
|
|
|
|
|
2021-11-08 00:51:39 +01:00
|
|
|
ErrorOr<FlatPtr> Process::sys$seteuid(UserID new_euid)
|
2020-07-30 23:38:15 +02:00
|
|
|
{
|
2022-08-17 21:03:04 +01:00
|
|
|
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
|
2021-12-29 01:11:45 -08:00
|
|
|
TRY(require_promise(Pledge::id));
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-12-19 15:10:45 +02:00
|
|
|
if (new_euid == (uid_t)-1)
|
|
|
|
return EINVAL;
|
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (new_euid != uid() && new_euid != suid() && !is_superuser())
|
2021-03-01 13:49:16 +01:00
|
|
|
return EPERM;
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (euid() != new_euid)
|
2020-12-25 18:27:42 +01:00
|
|
|
set_dumpable(false);
|
2021-03-11 13:13:05 +01:00
|
|
|
|
|
|
|
ProtectedDataMutationScope scope { *this };
|
|
|
|
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.euid = new_euid;
|
2020-07-30 23:38:15 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2021-11-08 00:51:39 +01:00
|
|
|
ErrorOr<FlatPtr> Process::sys$setegid(GroupID new_egid)
|
2020-07-30 23:38:15 +02:00
|
|
|
{
|
2022-08-17 21:03:04 +01:00
|
|
|
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
|
2021-12-29 01:11:45 -08:00
|
|
|
TRY(require_promise(Pledge::id));
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-12-19 15:10:45 +02:00
|
|
|
if (new_egid == (uid_t)-1)
|
|
|
|
return EINVAL;
|
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (new_egid != gid() && new_egid != sgid() && !is_superuser())
|
2021-03-01 13:49:16 +01:00
|
|
|
return EPERM;
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (egid() != new_egid)
|
2020-12-25 18:27:42 +01:00
|
|
|
set_dumpable(false);
|
|
|
|
|
2021-03-11 13:13:05 +01:00
|
|
|
ProtectedDataMutationScope scope { *this };
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.egid = new_egid;
|
2020-07-30 23:38:15 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2021-11-08 00:51:39 +01:00
|
|
|
ErrorOr<FlatPtr> Process::sys$setuid(UserID new_uid)
|
2020-07-30 23:38:15 +02:00
|
|
|
{
|
2022-08-17 21:03:04 +01:00
|
|
|
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
|
2021-12-29 01:11:45 -08:00
|
|
|
TRY(require_promise(Pledge::id));
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-12-19 15:10:45 +02:00
|
|
|
if (new_uid == (uid_t)-1)
|
|
|
|
return EINVAL;
|
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (new_uid != uid() && new_uid != euid() && !is_superuser())
|
2021-03-01 13:49:16 +01:00
|
|
|
return EPERM;
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (euid() != new_uid)
|
2020-12-25 18:27:42 +01:00
|
|
|
set_dumpable(false);
|
|
|
|
|
2021-03-11 13:13:05 +01:00
|
|
|
ProtectedDataMutationScope scope { *this };
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.uid = new_uid;
|
|
|
|
m_protected_values.euid = new_uid;
|
|
|
|
m_protected_values.suid = new_uid;
|
2020-07-30 23:38:15 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2021-11-08 00:51:39 +01:00
|
|
|
ErrorOr<FlatPtr> Process::sys$setgid(GroupID new_gid)
|
2020-07-30 23:38:15 +02:00
|
|
|
{
|
2022-08-17 21:03:04 +01:00
|
|
|
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
|
2021-12-29 01:11:45 -08:00
|
|
|
TRY(require_promise(Pledge::id));
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-12-19 15:10:45 +02:00
|
|
|
if (new_gid == (uid_t)-1)
|
|
|
|
return EINVAL;
|
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (new_gid != gid() && new_gid != egid() && !is_superuser())
|
2021-03-01 13:49:16 +01:00
|
|
|
return EPERM;
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (egid() != new_gid)
|
2020-12-25 18:27:42 +01:00
|
|
|
set_dumpable(false);
|
|
|
|
|
2021-03-11 13:13:05 +01:00
|
|
|
ProtectedDataMutationScope scope { *this };
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.gid = new_gid;
|
|
|
|
m_protected_values.egid = new_gid;
|
|
|
|
m_protected_values.sgid = new_gid;
|
2020-07-30 23:38:15 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2021-11-08 00:51:39 +01:00
|
|
|
ErrorOr<FlatPtr> Process::sys$setreuid(UserID new_ruid, UserID new_euid)
|
2021-04-09 21:13:15 +10:00
|
|
|
{
|
2022-08-17 21:03:04 +01:00
|
|
|
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
|
2021-12-29 01:11:45 -08:00
|
|
|
TRY(require_promise(Pledge::id));
|
2021-04-09 21:13:15 +10:00
|
|
|
|
|
|
|
if (new_ruid == (uid_t)-1)
|
|
|
|
new_ruid = uid();
|
|
|
|
if (new_euid == (uid_t)-1)
|
|
|
|
new_euid = euid();
|
|
|
|
|
2021-08-28 22:11:16 +02:00
|
|
|
auto ok = [this](UserID id) { return id == uid() || id == euid() || id == suid(); };
|
2021-04-09 21:13:15 +10:00
|
|
|
if (!ok(new_ruid) || !ok(new_euid))
|
|
|
|
return EPERM;
|
|
|
|
|
|
|
|
if (new_ruid < (uid_t)-1 || new_euid < (uid_t)-1)
|
|
|
|
return EINVAL;
|
|
|
|
|
|
|
|
if (euid() != new_euid)
|
|
|
|
set_dumpable(false);
|
|
|
|
|
|
|
|
ProtectedDataMutationScope scope { *this };
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.uid = new_ruid;
|
|
|
|
m_protected_values.euid = new_euid;
|
2021-04-09 21:13:15 +10:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2021-11-08 00:51:39 +01:00
|
|
|
ErrorOr<FlatPtr> Process::sys$setresuid(UserID new_ruid, UserID new_euid, UserID new_suid)
|
2020-07-30 23:38:15 +02:00
|
|
|
{
|
2022-08-17 21:03:04 +01:00
|
|
|
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
|
2021-12-29 01:11:45 -08:00
|
|
|
TRY(require_promise(Pledge::id));
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (new_ruid == (uid_t)-1)
|
|
|
|
new_ruid = uid();
|
|
|
|
if (new_euid == (uid_t)-1)
|
|
|
|
new_euid = euid();
|
|
|
|
if (new_suid == (uid_t)-1)
|
|
|
|
new_suid = suid();
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-08-28 22:11:16 +02:00
|
|
|
auto ok = [this](UserID id) { return id == uid() || id == euid() || id == suid(); };
|
2021-03-10 19:59:46 +01:00
|
|
|
if ((!ok(new_ruid) || !ok(new_euid) || !ok(new_suid)) && !is_superuser())
|
2021-03-01 13:49:16 +01:00
|
|
|
return EPERM;
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (euid() != new_euid)
|
2020-12-25 18:27:42 +01:00
|
|
|
set_dumpable(false);
|
|
|
|
|
2021-03-11 13:13:05 +01:00
|
|
|
ProtectedDataMutationScope scope { *this };
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.uid = new_ruid;
|
|
|
|
m_protected_values.euid = new_euid;
|
|
|
|
m_protected_values.suid = new_suid;
|
2020-07-30 23:38:15 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2021-11-08 00:51:39 +01:00
|
|
|
ErrorOr<FlatPtr> Process::sys$setresgid(GroupID new_rgid, GroupID new_egid, GroupID new_sgid)
|
2020-07-30 23:38:15 +02:00
|
|
|
{
|
2022-08-17 21:03:04 +01:00
|
|
|
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
|
2021-12-29 01:11:45 -08:00
|
|
|
TRY(require_promise(Pledge::id));
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (new_rgid == (gid_t)-1)
|
|
|
|
new_rgid = gid();
|
|
|
|
if (new_egid == (gid_t)-1)
|
|
|
|
new_egid = egid();
|
|
|
|
if (new_sgid == (gid_t)-1)
|
|
|
|
new_sgid = sgid();
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-08-28 22:11:16 +02:00
|
|
|
auto ok = [this](GroupID id) { return id == gid() || id == egid() || id == sgid(); };
|
2021-03-10 19:59:46 +01:00
|
|
|
if ((!ok(new_rgid) || !ok(new_egid) || !ok(new_sgid)) && !is_superuser())
|
2021-03-01 13:49:16 +01:00
|
|
|
return EPERM;
|
2020-07-30 23:38:15 +02:00
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
if (egid() != new_egid)
|
2020-12-25 18:27:42 +01:00
|
|
|
set_dumpable(false);
|
|
|
|
|
2021-03-11 13:13:05 +01:00
|
|
|
ProtectedDataMutationScope scope { *this };
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.gid = new_rgid;
|
|
|
|
m_protected_values.egid = new_egid;
|
|
|
|
m_protected_values.sgid = new_sgid;
|
2020-07-30 23:38:15 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2022-04-01 20:58:27 +03:00
|
|
|
ErrorOr<FlatPtr> Process::sys$setgroups(size_t count, Userspace<gid_t const*> user_gids)
|
2020-07-30 23:38:15 +02:00
|
|
|
{
|
2022-08-17 21:03:04 +01:00
|
|
|
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
|
2021-12-29 01:11:45 -08:00
|
|
|
TRY(require_promise(Pledge::id));
|
2020-07-30 23:38:15 +02:00
|
|
|
if (!is_superuser())
|
2021-03-01 13:49:16 +01:00
|
|
|
return EPERM;
|
2020-07-30 23:38:15 +02:00
|
|
|
|
|
|
|
if (!count) {
|
2021-03-11 13:13:05 +01:00
|
|
|
ProtectedDataMutationScope scope { *this };
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.extra_gids.clear();
|
2020-07-30 23:38:15 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2021-03-10 19:59:46 +01:00
|
|
|
Vector<gid_t> new_extra_gids;
|
2021-11-10 11:55:37 +01:00
|
|
|
TRY(new_extra_gids.try_resize(count));
|
2021-09-05 17:38:37 +02:00
|
|
|
TRY(copy_n_from_user(new_extra_gids.data(), user_gids, count));
|
2020-07-30 23:38:15 +02:00
|
|
|
|
|
|
|
HashTable<gid_t> unique_extra_gids;
|
2021-03-10 19:59:46 +01:00
|
|
|
for (auto& extra_gid : new_extra_gids) {
|
|
|
|
if (extra_gid != gid())
|
2022-01-25 15:16:39 +02:00
|
|
|
TRY(unique_extra_gids.try_set(extra_gid));
|
2020-07-30 23:38:15 +02:00
|
|
|
}
|
|
|
|
|
2021-03-11 13:13:05 +01:00
|
|
|
ProtectedDataMutationScope scope { *this };
|
2021-11-10 11:55:37 +01:00
|
|
|
TRY(m_protected_values.extra_gids.try_resize(unique_extra_gids.size()));
|
2020-07-30 23:38:15 +02:00
|
|
|
size_t i = 0;
|
2021-03-10 19:59:46 +01:00
|
|
|
for (auto& extra_gid : unique_extra_gids) {
|
|
|
|
if (extra_gid == gid())
|
2020-07-30 23:38:15 +02:00
|
|
|
continue;
|
2021-08-07 22:30:06 +03:00
|
|
|
m_protected_values.extra_gids[i++] = extra_gid;
|
2020-07-30 23:38:15 +02:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|