kill syscall check uid

2015-03-17 15:04:36 +09:00
parent ed6d94a358
commit 8934eb91a4
9 changed files with 123 additions and 2 deletions
--- a/arch/x86/kernel/include/syscall_list.h
+++ b/arch/x86/kernel/include/syscall_list.h
@@ -61,11 +61,14 @@ SYSCALL_HANDLED(97, getrlimit)
 SYSCALL_HANDLED(101, ptrace)
 SYSCALL_DELEGATED(102, getuid)
 SYSCALL_DELEGATED(104, getgid)
+SYSCALL_HANDLED(105, setuid)
 SYSCALL_DELEGATED(107, geteuid)
 SYSCALL_DELEGATED(108, getegid)
 SYSCALL_HANDLED(109, setpgid)
 SYSCALL_HANDLED(110, getppid)
 SYSCALL_DELEGATED(111, getpgrp)
+SYSCALL_HANDLED(113, setreuid)
+SYSCALL_HANDLED(117, setresuid)
 SYSCALL_HANDLED(127, rt_sigpending)
 SYSCALL_HANDLED(128, rt_sigtimedwait)
 SYSCALL_HANDLED(129, rt_sigqueueinfo)
--- a/arch/x86/kernel/syscall.c
+++ b/arch/x86/kernel/syscall.c
@@ -932,6 +932,17 @@ do_kill(int pid, int tid, int sig, siginfo_t *info, int ptracecont)
 		return 0;
 	}

+	if(sig != SIGCONT &&
+	   proc->ftn->euid != 0 &&
+	   proc->ftn->ruid != tproc->ftn->ruid &&
+	   proc->ftn->euid != tproc->ftn->ruid &&
+	   proc->ftn->ruid != tproc->ftn->suid &&
+	   proc->ftn->euid != tproc->ftn->suid){
+		ihk_mc_spinlock_unlock_noirq(savelock);
+		cpu_restore_interrupt(irqstate);
+		return -EPERM;
+	}
+
 	doint = 0;
 	if(tid == -1){
 		ihk_mc_spinlock_lock_noirq(&tproc->sigshared->lock);