Commit | Line | Data |
---|---|---|
b2441318 | 1 | // SPDX-License-Identifier: GPL-2.0 |
6b4e306a EB |
2 | #include <linux/proc_fs.h> |
3 | #include <linux/nsproxy.h> | |
6b4e306a | 4 | #include <linux/ptrace.h> |
6b4e306a EB |
5 | #include <linux/namei.h> |
6 | #include <linux/file.h> | |
7 | #include <linux/utsname.h> | |
8 | #include <net/net_namespace.h> | |
6b4e306a EB |
9 | #include <linux/ipc_namespace.h> |
10 | #include <linux/pid_namespace.h> | |
cde1975b | 11 | #include <linux/user_namespace.h> |
6b4e306a EB |
12 | #include "internal.h" |
13 | ||
14 | ||
15 | static const struct proc_ns_operations *ns_entries[] = { | |
13b6f576 EB |
16 | #ifdef CONFIG_NET_NS |
17 | &netns_operations, | |
18 | #endif | |
34482e89 EB |
19 | #ifdef CONFIG_UTS_NS |
20 | &utsns_operations, | |
21 | #endif | |
a00eaf11 EB |
22 | #ifdef CONFIG_IPC_NS |
23 | &ipcns_operations, | |
24 | #endif | |
57e8391d EB |
25 | #ifdef CONFIG_PID_NS |
26 | &pidns_operations, | |
eaa0d190 | 27 | &pidns_for_children_operations, |
cde1975b EB |
28 | #endif |
29 | #ifdef CONFIG_USER_NS | |
30 | &userns_operations, | |
57e8391d | 31 | #endif |
8823c079 | 32 | &mntns_operations, |
a79a908f AK |
33 | #ifdef CONFIG_CGROUPS |
34 | &cgroupns_operations, | |
35 | #endif | |
6b4e306a EB |
36 | }; |
37 | ||
6b255391 | 38 | static const char *proc_ns_get_link(struct dentry *dentry, |
fceef393 AV |
39 | struct inode *inode, |
40 | struct delayed_call *done) | |
bf056bfa | 41 | { |
3d3d35b1 | 42 | const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns_ops; |
bf056bfa | 43 | struct task_struct *task; |
db04dc67 | 44 | struct path ns_path; |
bf056bfa EB |
45 | void *error = ERR_PTR(-EACCES); |
46 | ||
6b255391 AV |
47 | if (!dentry) |
48 | return ERR_PTR(-ECHILD); | |
49 | ||
bf056bfa EB |
50 | task = get_proc_task(inode); |
51 | if (!task) | |
e149ed2b | 52 | return error; |
bf056bfa | 53 | |
caaee623 | 54 | if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) { |
e149ed2b AV |
55 | error = ns_get_path(&ns_path, task, ns_ops); |
56 | if (!error) | |
6e77137b | 57 | nd_jump_link(&ns_path); |
bf056bfa | 58 | } |
bf056bfa | 59 | put_task_struct(task); |
bf056bfa EB |
60 | return error; |
61 | } | |
62 | ||
63 | static int proc_ns_readlink(struct dentry *dentry, char __user *buffer, int buflen) | |
64 | { | |
2b0143b5 | 65 | struct inode *inode = d_inode(dentry); |
3d3d35b1 | 66 | const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns_ops; |
bf056bfa | 67 | struct task_struct *task; |
bf056bfa | 68 | char name[50]; |
5d826c84 | 69 | int res = -EACCES; |
bf056bfa EB |
70 | |
71 | task = get_proc_task(inode); | |
72 | if (!task) | |
e149ed2b | 73 | return res; |
bf056bfa | 74 | |
caaee623 | 75 | if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) { |
e149ed2b AV |
76 | res = ns_get_name(name, sizeof(name), task, ns_ops); |
77 | if (res >= 0) | |
78 | res = readlink_copy(buffer, buflen, name); | |
79 | } | |
bf056bfa | 80 | put_task_struct(task); |
5d826c84 | 81 | return res; |
bf056bfa EB |
82 | } |
83 | ||
84 | static const struct inode_operations proc_ns_link_inode_operations = { | |
85 | .readlink = proc_ns_readlink, | |
6b255391 | 86 | .get_link = proc_ns_get_link, |
bf056bfa EB |
87 | .setattr = proc_setattr, |
88 | }; | |
89 | ||
c52a47ac | 90 | static int proc_ns_instantiate(struct inode *dir, |
6b4e306a EB |
91 | struct dentry *dentry, struct task_struct *task, const void *ptr) |
92 | { | |
93 | const struct proc_ns_operations *ns_ops = ptr; | |
94 | struct inode *inode; | |
95 | struct proc_inode *ei; | |
6b4e306a | 96 | |
db978da8 | 97 | inode = proc_pid_make_inode(dir->i_sb, task, S_IFLNK | S_IRWXUGO); |
6b4e306a EB |
98 | if (!inode) |
99 | goto out; | |
100 | ||
101 | ei = PROC_I(inode); | |
bf056bfa | 102 | inode->i_op = &proc_ns_link_inode_operations; |
3d3d35b1 | 103 | ei->ns_ops = ns_ops; |
6b4e306a | 104 | |
1b26c9b3 | 105 | d_set_d_op(dentry, &pid_dentry_operations); |
6b4e306a EB |
106 | d_add(dentry, inode); |
107 | /* Close the race of the process dying before we return the dentry */ | |
0b728e19 | 108 | if (pid_revalidate(dentry, 0)) |
c52a47ac | 109 | return 0; |
6b4e306a | 110 | out: |
c52a47ac | 111 | return -ENOENT; |
6b4e306a EB |
112 | } |
113 | ||
f0c3b509 | 114 | static int proc_ns_dir_readdir(struct file *file, struct dir_context *ctx) |
6b4e306a | 115 | { |
f0c3b509 | 116 | struct task_struct *task = get_proc_task(file_inode(file)); |
6b4e306a | 117 | const struct proc_ns_operations **entry, **last; |
6b4e306a | 118 | |
6b4e306a | 119 | if (!task) |
f0c3b509 | 120 | return -ENOENT; |
6b4e306a | 121 | |
f0c3b509 AV |
122 | if (!dir_emit_dots(file, ctx)) |
123 | goto out; | |
124 | if (ctx->pos >= 2 + ARRAY_SIZE(ns_entries)) | |
125 | goto out; | |
126 | entry = ns_entries + (ctx->pos - 2); | |
127 | last = &ns_entries[ARRAY_SIZE(ns_entries) - 1]; | |
128 | while (entry <= last) { | |
129 | const struct proc_ns_operations *ops = *entry; | |
130 | if (!proc_fill_cache(file, ctx, ops->name, strlen(ops->name), | |
131 | proc_ns_instantiate, task, ops)) | |
132 | break; | |
133 | ctx->pos++; | |
134 | entry++; | |
135 | } | |
6b4e306a EB |
136 | out: |
137 | put_task_struct(task); | |
f0c3b509 | 138 | return 0; |
6b4e306a EB |
139 | } |
140 | ||
141 | const struct file_operations proc_ns_dir_operations = { | |
142 | .read = generic_read_dir, | |
f50752ea AV |
143 | .iterate_shared = proc_ns_dir_readdir, |
144 | .llseek = generic_file_llseek, | |
6b4e306a EB |
145 | }; |
146 | ||
147 | static struct dentry *proc_ns_dir_lookup(struct inode *dir, | |
00cd8dd3 | 148 | struct dentry *dentry, unsigned int flags) |
6b4e306a | 149 | { |
c52a47ac | 150 | int error; |
6b4e306a EB |
151 | struct task_struct *task = get_proc_task(dir); |
152 | const struct proc_ns_operations **entry, **last; | |
153 | unsigned int len = dentry->d_name.len; | |
154 | ||
c52a47ac | 155 | error = -ENOENT; |
6b4e306a EB |
156 | |
157 | if (!task) | |
158 | goto out_no_task; | |
159 | ||
4c619aa0 AM |
160 | last = &ns_entries[ARRAY_SIZE(ns_entries)]; |
161 | for (entry = ns_entries; entry < last; entry++) { | |
6b4e306a EB |
162 | if (strlen((*entry)->name) != len) |
163 | continue; | |
164 | if (!memcmp(dentry->d_name.name, (*entry)->name, len)) | |
165 | break; | |
166 | } | |
4c619aa0 | 167 | if (entry == last) |
6b4e306a EB |
168 | goto out; |
169 | ||
170 | error = proc_ns_instantiate(dir, dentry, task, *entry); | |
171 | out: | |
172 | put_task_struct(task); | |
173 | out_no_task: | |
c52a47ac | 174 | return ERR_PTR(error); |
6b4e306a EB |
175 | } |
176 | ||
177 | const struct inode_operations proc_ns_dir_inode_operations = { | |
178 | .lookup = proc_ns_dir_lookup, | |
179 | .getattr = pid_getattr, | |
180 | .setattr = proc_setattr, | |
181 | }; |