[CRIU] [crtools-bot] syscalls: Prepare syscalls and bits for (mostly) setting creds

Mon Jan 30 04:00:33 EST 2012

The commit is pushed to "master" and will appear on git://github.com/cyrillos/crtools.git
------>
commit d846d108f6f768fc5c23cac90d99ddb11bb04f04
Author: Pavel Emelyanov <xemul at openvz.org>
Date:   Fri Jan 27 21:39:14 2012 +0400

    syscalls: Prepare syscalls and bits for (mostly) setting creds
    
    These are setXXXid, capset and various bits for prctl and caps machinery.
    The thing is that the caps API is not yet fully in glibc so we have to
    declare some bits even for core code, not just for restorer/parasite.
    
    Signed-off-by: Pavel Emelyanov <xemul at parallels.com>
    Signed-off-by: Cyrill Gorcunov <gorcunov at openvz.org>
---
 include/syscall-codes.h |    5 +++++
 include/syscall.h       |   36 ++++++++++++++++++++++++++++++++++++
 include/types.h         |    9 +++++++++
 3 files changed, 50 insertions(+), 0 deletions(-)

diff --git a/include/syscall-codes.h b/include/syscall-codes.h
index 79f5f58..5215590 100644
--- a/include/syscall-codes.h
+++ b/include/syscall-codes.h
@@ -28,6 +28,11 @@
 #define __NR_kill		62
 #define __NR_flock		73
 #define __NR_unlink		87
+#define __NR_setresuid		117
+#define __NR_setresgid		119
+#define __NR_setfsuid		122
+#define __NR_setfsgid		123
+#define __NR_capset		126
 #define __NR_tgkill		131
 #define __NR__sysctl		156
 #define __NR_prctl		157
diff --git a/include/syscall.h b/include/syscall.h
index 15657e0..a1f69c0 100644
--- a/include/syscall.h
+++ b/include/syscall.h
@@ -313,6 +313,42 @@ static long always_inline sys_setns(int fd, int nstype)
 	return syscall2(__NR_setns, (long)fd, (long)nstype);
 }
 
+static long sys_setresuid(int uid, int euid, int suid)
+{
+	return syscall3(__NR_setresuid, (long)uid, (long)euid, (long)suid);
+}
+
+static long sys_setresgid(int gid, int egid, int sgid)
+{
+	return syscall3(__NR_setresgid, (long)gid, (long)egid, (long)sgid);
+}
+
+static long sys_setfsuid(int fsuid)
+{
+	return syscall1(__NR_setfsuid, (long)fsuid);
+}
+
+static long sys_setfsgid(int fsgid)
+{
+	return syscall1(__NR_setfsgid, (long)fsgid);
+}
+
+struct cap_header {
+	u32 version;
+	int pid;
+};
+
+struct cap_data {
+	u32 eff;
+	u32 prm;
+	u32 inh;
+};
+
+static long sys_capset(struct cap_header *h, struct cap_data *d)
+{
+	return syscall2(__NR_capset, (long)h, (long)d);
+}
+
 #ifndef CLONE_NEWUTS
 #define CLONE_NEWUTS	0x04000000
 #endif
diff --git a/include/types.h b/include/types.h
index 1607b52..b34f024 100644
--- a/include/types.h
+++ b/include/types.h
@@ -24,6 +24,12 @@
 #define PR_SET_NAME		15
 #define PR_GET_NAME		16
 
+#define PR_CAPBSET_DROP		24
+#define PR_GET_SECUREBITS	27
+#define PR_SET_SECUREBITS	28
+
+#define SECURE_NO_SETUID_FIXUP	2
+
 #define PR_SET_MM		35
 # define PR_SET_MM_START_CODE		1
 # define PR_SET_MM_END_CODE		2
@@ -72,6 +78,9 @@ typedef signed char		s8;
 
 #define MAJOR(dev)		((dev)>>8)
 
+#define _LINUX_CAPABILITY_VERSION_3	0x20080522
+#define _LINUX_CAPABILITY_U32S_3	2
+
 #ifdef CONFIG_X86_64
 
 typedef struct {
