231  * @new: The proposed new credentials; alterations should be made here
233  * @effective: A pointer to the proposed new effective capabilities set
234  * @inheritable: A pointer to the proposed new inheritable capabilities set
235  * @permitted: A pointer to the proposed new permitted capabilities set
238  * process's capability sets.  The changes are made to the proposed new
241 int cap_capset(struct cred *new,  in cap_capset()  argument
257 		/* no new pI capabilities outside bounding set */  in cap_capset()
260 	/* verify restrictions on target's new Permitted set */  in cap_capset()
268 	new->cap_effective   = *effective;  in cap_capset()
269 	new->cap_inheritable = *inheritable;  in cap_capset()
270 	new->cap_permitted   = *permitted;  in cap_capset()
276 	new->cap_ambient = cap_intersect(new->cap_ambient,  in cap_capset()
279 	if (WARN_ON(!cap_ambient_invariant_ok(new)))  in cap_capset()
474  * If all is ok, we return the new size, on error return < 0.
525  * Calculate the new process capability sets from the capability sets attached
533 	struct cred *new = bprm->cred;  in bprm_caps_from_vfs_caps()  local
551 		new->cap_permitted.cap[i] =  in bprm_caps_from_vfs_caps()
552 			(new->cap_bset.cap[i] & permitted) |  in bprm_caps_from_vfs_caps()
553 			(new->cap_inheritable.cap[i] & inheritable);  in bprm_caps_from_vfs_caps()
555 		if (permitted & ~new->cap_permitted.cap[i])  in bprm_caps_from_vfs_caps()
718 	struct cred *new = bprm->cred;  in handle_privileged_root()  local
727 	if (has_fcap && __is_suid(root_uid, new)) {  in handle_privileged_root()
736 	if (__is_eff(root_uid, new) || __is_real(root_uid, new)) {  in handle_privileged_root()
738 		new->cap_permitted = cap_combine(old->cap_bset,  in handle_privileged_root()
744 	if (__is_eff(root_uid, new))  in handle_privileged_root()
755 static inline bool __is_setuid(struct cred *new, const struct cred *old)  in __is_setuid()  argument
756 { return !uid_eq(new->euid, old->uid); }  in __is_setuid()
758 static inline bool __is_setgid(struct cred *new, const struct cred *old)  in __is_setgid()  argument
759 { return !gid_eq(new->egid, old->gid); }  in __is_setgid()
778 static inline bool nonroot_raised_pE(struct cred *new, const struct cred *old,  in nonroot_raised_pE()  argument
783 	if ((__cap_grew(effective, ambient, new) &&  in nonroot_raised_pE()
784 	     !(__cap_full(effective, new) &&  in nonroot_raised_pE()
785 	       (__is_eff(root, new) || __is_real(root, new)) &&  in nonroot_raised_pE()
788 	     __is_suid(root, new) &&  in nonroot_raised_pE()
789 	     !__cap_full(effective, new)) ||  in nonroot_raised_pE()
790 	    (!__is_setuid(new, old) &&  in nonroot_raised_pE()
792 	       __cap_gained(permitted, new, old)) ||  in nonroot_raised_pE()
793 	      __cap_gained(ambient, new, old))))  in nonroot_raised_pE()
805  * Set up the proposed credentials for a new execution context being
813 	struct cred *new = bprm->cred;  in cap_bprm_creds_from_file()  local
825 	root_uid = make_kuid(new->user_ns, 0);  in cap_bprm_creds_from_file()
830 	if (__cap_gained(permitted, new, old))  in cap_bprm_creds_from_file()
836 	 * In addition, if NO_NEW_PRIVS, then ensure we get no new privs.  in cap_bprm_creds_from_file()
838 	is_setid = __is_setuid(new, old) || __is_setgid(new, old);  in cap_bprm_creds_from_file()
840 	if ((is_setid || __cap_gained(permitted, new, old)) &&  in cap_bprm_creds_from_file()
842 	     !ptracer_capable(current, new->user_ns))) {  in cap_bprm_creds_from_file()
844 		if (!ns_capable(new->user_ns, CAP_SETUID) ||  in cap_bprm_creds_from_file()
846 			new->euid = new->uid;  in cap_bprm_creds_from_file()
847 			new->egid = new->gid;  in cap_bprm_creds_from_file()
849 		new->cap_permitted = cap_intersect(new->cap_permitted,  in cap_bprm_creds_from_file()
853 	new->suid = new->fsuid = new->euid;  in cap_bprm_creds_from_file()
854 	new->sgid = new->fsgid = new->egid;  in cap_bprm_creds_from_file()
858 		cap_clear(new->cap_ambient);  in cap_bprm_creds_from_file()
864 	new->cap_permitted = cap_combine(new->cap_permitted, new->cap_ambient);  in cap_bprm_creds_from_file()
871 		new->cap_effective = new->cap_permitted;  in cap_bprm_creds_from_file()
873 		new->cap_effective = new->cap_ambient;  in cap_bprm_creds_from_file()
875 	if (WARN_ON(!cap_ambient_invariant_ok(new)))  in cap_bprm_creds_from_file()
878 	if (nonroot_raised_pE(new, old, root_uid, has_fcap)) {  in cap_bprm_creds_from_file()
879 		ret = audit_log_bprm_fcaps(bprm, new, old);  in cap_bprm_creds_from_file()
884 	new->securebits &= ~issecure_mask(SECURE_KEEP_CAPS);  in cap_bprm_creds_from_file()
886 	if (WARN_ON(!cap_ambient_invariant_ok(new)))  in cap_bprm_creds_from_file()
891 	    (!__is_real(root_uid, new) &&  in cap_bprm_creds_from_file()
893 	      __cap_grew(permitted, ambient, new))))  in cap_bprm_creds_from_file()
989  * cevans - New behaviour, Oct '99
999 static inline void cap_emulate_setxuid(struct cred *new, const struct cred *old)  in cap_emulate_setxuid()  argument
1006 	    (!uid_eq(new->uid, root_uid) &&  in cap_emulate_setxuid()
1007 	     !uid_eq(new->euid, root_uid) &&  in cap_emulate_setxuid()
1008 	     !uid_eq(new->suid, root_uid))) {  in cap_emulate_setxuid()
1010 			cap_clear(new->cap_permitted);  in cap_emulate_setxuid()
1011 			cap_clear(new->cap_effective);  in cap_emulate_setxuid()
1019 		cap_clear(new->cap_ambient);  in cap_emulate_setxuid()
1021 	if (uid_eq(old->euid, root_uid) && !uid_eq(new->euid, root_uid))  in cap_emulate_setxuid()
1022 		cap_clear(new->cap_effective);  in cap_emulate_setxuid()
1023 	if (!uid_eq(old->euid, root_uid) && uid_eq(new->euid, root_uid))  in cap_emulate_setxuid()
1024 		new->cap_effective = new->cap_permitted;  in cap_emulate_setxuid()
1029  * @new: The proposed credentials
1036 int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags)  in cap_task_fix_setuid()  argument
1045 			cap_emulate_setxuid(new, old);  in cap_task_fix_setuid()
1057 			if (uid_eq(old->fsuid, root_uid) && !uid_eq(new->fsuid, root_uid))  in cap_task_fix_setuid()
1058 				new->cap_effective =  in cap_task_fix_setuid()
1059 					cap_drop_fs_set(new->cap_effective);  in cap_task_fix_setuid()
1061 			if (!uid_eq(old->fsuid, root_uid) && uid_eq(new->fsuid, root_uid))  in cap_task_fix_setuid()
1062 				new->cap_effective =  in cap_task_fix_setuid()
1063 					cap_raise_fs_set(new->cap_effective,  in cap_task_fix_setuid()
1064 							 new->cap_permitted);  in cap_task_fix_setuid()
1143 	struct cred *new;  in cap_prctl_drop()  local
1150 	new = prepare_creds();  in cap_prctl_drop()
1151 	if (!new)  in cap_prctl_drop()
1153 	cap_lower(new->cap_bset, cap);  in cap_prctl_drop()
1154 	return commit_creds(new);  in cap_prctl_drop()
1173 	struct cred *new;  in cap_task_prctl()  local
1223 		new = prepare_creds();  in cap_task_prctl()
1224 		if (!new)  in cap_task_prctl()
1226 		new->securebits = arg2;  in cap_task_prctl()
1227 		return commit_creds(new);  in cap_task_prctl()
1241 		new = prepare_creds();  in cap_task_prctl()
1242 		if (!new)  in cap_task_prctl()
1245 			new->securebits |= issecure_mask(SECURE_KEEP_CAPS);  in cap_task_prctl()
1247 			new->securebits &= ~issecure_mask(SECURE_KEEP_CAPS);  in cap_task_prctl()
1248 		return commit_creds(new);  in cap_task_prctl()
1255 			new = prepare_creds();  in cap_task_prctl()
1256 			if (!new)  in cap_task_prctl()
1258 			cap_clear(new->cap_ambient);  in cap_task_prctl()
1259 			return commit_creds(new);  in cap_task_prctl()
1278 			new = prepare_creds();  in cap_task_prctl()
1279 			if (!new)  in cap_task_prctl()
1282 				cap_raise(new->cap_ambient, arg3);  in cap_task_prctl()
1284 				cap_lower(new->cap_ambient, arg3);  in cap_task_prctl()
1285 			return commit_creds(new);  in cap_task_prctl()
1295  * cap_vm_enough_memory - Determine whether a new virtual mapping is permitted
1296  * @mm: The VM space in which the new mapping is to be made
1299  * Determine whether the allocation of a new virtual mapping by the current