syscalls: Prepare syscalls and bits for (mostly) setting creds

These are setXXXid, capset and various bits for prctl and caps machinery. The thing is that the caps API is not yet fully in glibc so we have to declare some bits even for core code, not just for restorer/parasite. Signed-off-by: Pavel Emelyanov <xemul@parallels.com> Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>

syscalls: Prepare syscalls and bits for (mostly) setting creds
These are setXXXid, capset and various bits for prctl and caps machinery. The thing is that the caps API is not yet fully in glibc so we have to declare some bits even for core code, not just for restorer/parasite. Signed-off-by: Pavel Emelyanov <xemul@parallels.com> Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
d846d108 · Pavel Emelyanov · Cyrill Gorcunov · f382d2a3 · d846d108 · d846d108
Commit d846d108 authored Jan 27, 2012 by Pavel Emelyanov Committed by Cyrill Gorcunov Jan 30, 2012
Hide whitespace changes
Inline Side-by-side

Showing with 50 additions and 0 deletions

syscall-codes.h include/syscall-codes.h +5 -0

syscall.h include/syscall.h +36 -0

types.h include/types.h +9 -0

No files found.
--- a/include/syscall-codes.h
+++ b/include/syscall-codes.h
@@ -28,6 +28,11 @@
 #define __NR_kill		62
 #define __NR_flock		73
 #define __NR_unlink		87
+#define __NR_setresuid		117
+#define __NR_setresgid		119
+#define __NR_setfsuid		122
+#define __NR_setfsgid		123
+#define __NR_capset		126
 #define __NR_tgkill		131
 #define __NR__sysctl		156
 #define __NR_prctl		157

--- a/include/syscall.h
+++ b/include/syscall.h
@@ -313,6 +313,42 @@ static long always_inline sys_setns(int fd, int nstype)
 	return syscall2(__NR_setns, (long)fd, (long)nstype);
 }
+static long sys_setresuid(int uid, int euid, int suid)
+{
+	return syscall3(__NR_setresuid, (long)uid, (long)euid, (long)suid);
+}
+static long sys_setresgid(int gid, int egid, int sgid)
+{
+	return syscall3(__NR_setresgid, (long)gid, (long)egid, (long)sgid);
+}
+static long sys_setfsuid(int fsuid)
+{
+	return syscall1(__NR_setfsuid, (long)fsuid);
+}
+static long sys_setfsgid(int fsgid)
+{
+	return syscall1(__NR_setfsgid, (long)fsgid);
+}
+struct cap_header {
+	u32 version;
+	int pid;
+};
+struct cap_data {
+	u32 eff;
+	u32 prm;
+	u32 inh;
+};
+static long sys_capset(struct cap_header *h, struct cap_data *d)
+{
+	return syscall2(__NR_capset, (long)h, (long)d);
+}
 #ifndef CLONE_NEWUTS
 #define CLONE_NEWUTS	0x04000000
 #endif

--- a/include/types.h
+++ b/include/types.h
@@ -24,6 +24,12 @@
 #define PR_SET_NAME		15
 #define PR_GET_NAME		16
+#define PR_CAPBSET_DROP		24
+#define PR_GET_SECUREBITS	27
+#define PR_SET_SECUREBITS	28
+#define SECURE_NO_SETUID_FIXUP	2
 #define PR_SET_MM		35
 # define PR_SET_MM_START_CODE		1
 # define PR_SET_MM_END_CODE		2
@@ -72,6 +78,9 @@ typedef signed char		s8;
 #define MAJOR(dev)		((dev)>>8)
+#define _LINUX_CAPABILITY_VERSION_3	0x20080522
+#define _LINUX_CAPABILITY_U32S_3	2
 #ifdef CONFIG_X86_64
 typedef struct {