2013-09-28 06:16:17 +04:00
|
|
|
#include <unistd.h>
|
|
|
|
|
#include "crtools.h"
|
|
|
|
|
#include "log.h"
|
|
|
|
|
|
2013-10-02 17:11:17 +04:00
|
|
|
static unsigned int cr_uid; /* UID which user can C/R */
|
2013-09-28 06:16:17 +04:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Setup what user is requesting for dump (via rpc or using
|
|
|
|
|
* suid bit on crtools). Later we would deny to dump/restore
|
|
|
|
|
* a task, to which the original user doesn't have the direct
|
|
|
|
|
* access to. (Or implement some trickier security policy).
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
void restrict_uid(unsigned int uid)
|
|
|
|
|
{
|
|
|
|
|
pr_info("Restrict C/R with %u uid\n", uid);
|
2013-10-02 17:11:17 +04:00
|
|
|
cr_uid = uid;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static bool check_uid(unsigned int uid)
|
|
|
|
|
{
|
|
|
|
|
if (cr_uid == 0)
|
|
|
|
|
return true;
|
|
|
|
|
if (cr_uid == uid)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
2013-09-28 06:16:17 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool may_dump_uid(unsigned int uid)
|
|
|
|
|
{
|
2013-10-02 17:11:17 +04:00
|
|
|
if (check_uid(uid))
|
2013-09-28 06:16:17 +04:00
|
|
|
return true;
|
2013-10-02 17:11:17 +04:00
|
|
|
|
|
|
|
|
pr_err("UID (%u) != dumper's UID(%u)\n", uid, cr_uid);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool may_restore_uid(unsigned int uid)
|
|
|
|
|
{
|
|
|
|
|
if (check_uid(uid))
|
2013-09-28 06:16:17 +04:00
|
|
|
return true;
|
|
|
|
|
|
2013-10-02 17:11:17 +04:00
|
|
|
pr_err("UID (%u) != restorer's UID(%u)\n", uid, cr_uid);
|
2013-09-28 06:16:17 +04:00
|
|
|
return false;
|
|
|
|
|
}
|
