[linux-2.6-block.git] / include / linux / user_namespace.h

/* SPDX-License-Identifier: GPL-2.0 */
#ifndef _LINUX_USER_NAMESPACE_H
#define _LINUX_USER_NAMESPACE_H

#include <linux/kref.h>
#include <linux/nsproxy.h>
#include <linux/ns_common.h>
#include <linux/rculist_nulls.h>
#include <linux/sched.h>
#include <linux/workqueue.h>
#include <linux/rcuref.h>
#include <linux/rwsem.h>
#include <linux/sysctl.h>
#include <linux/err.h>

#define UID_GID_MAP_MAX_BASE_EXTENTS 5
#define UID_GID_MAP_MAX_EXTENTS 340

struct uid_gid_extent {
	u32 first;
	u32 lower_first;
	u32 count;
};

struct uid_gid_map { /* 64 bytes -- 1 cache line */
	union {
		struct {
			struct uid_gid_extent extent[UID_GID_MAP_MAX_BASE_EXTENTS];
			u32 nr_extents;
		};
		struct {
			struct uid_gid_extent *forward;
			struct uid_gid_extent *reverse;
		};
	};
};

#define USERNS_SETGROUPS_ALLOWED 1UL

#define USERNS_INIT_FLAGS USERNS_SETGROUPS_ALLOWED

struct ucounts;

enum ucount_type {
	UCOUNT_USER_NAMESPACES,
	UCOUNT_PID_NAMESPACES,
	UCOUNT_UTS_NAMESPACES,
	UCOUNT_IPC_NAMESPACES,
	UCOUNT_NET_NAMESPACES,
	UCOUNT_MNT_NAMESPACES,
	UCOUNT_CGROUP_NAMESPACES,
	UCOUNT_TIME_NAMESPACES,
#ifdef CONFIG_INOTIFY_USER
	UCOUNT_INOTIFY_INSTANCES,
	UCOUNT_INOTIFY_WATCHES,
#endif
#ifdef CONFIG_FANOTIFY
	UCOUNT_FANOTIFY_GROUPS,
	UCOUNT_FANOTIFY_MARKS,
#endif
	UCOUNT_COUNTS,
};

enum rlimit_type {
	UCOUNT_RLIMIT_NPROC,
	UCOUNT_RLIMIT_MSGQUEUE,
	UCOUNT_RLIMIT_SIGPENDING,
	UCOUNT_RLIMIT_MEMLOCK,
	UCOUNT_RLIMIT_COUNTS,
};

#if IS_ENABLED(CONFIG_BINFMT_MISC)
struct binfmt_misc;
#endif

struct user_namespace {
	struct uid_gid_map	uid_map;
	struct uid_gid_map	gid_map;
	struct uid_gid_map	projid_map;
	struct user_namespace	*parent;
	int			level;
	kuid_t			owner;
	kgid_t			group;
	struct ns_common	ns;
	unsigned long		flags;
	/* parent_could_setfcap: true if the creator if this ns had CAP_SETFCAP
	 * in its effective capability set at the child ns creation time. */
	bool			parent_could_setfcap;

#ifdef CONFIG_KEYS
	/* List of joinable keyrings in this namespace.  Modification access of
	 * these pointers is controlled by keyring_sem.  Once
	 * user_keyring_register is set, it won't be changed, so it can be
	 * accessed directly with READ_ONCE().
	 */
	struct list_head	keyring_name_list;
	struct key		*user_keyring_register;
	struct rw_semaphore	keyring_sem;
#endif

	/* Register of per-UID persistent keyrings for this namespace */
#ifdef CONFIG_PERSISTENT_KEYRINGS
	struct key		*persistent_keyring_register;
#endif
	struct work_struct	work;
#ifdef CONFIG_SYSCTL
	struct ctl_table_set	set;
	struct ctl_table_header *sysctls;
#endif
	struct ucounts		*ucounts;
	long ucount_max[UCOUNT_COUNTS];
	long rlimit_max[UCOUNT_RLIMIT_COUNTS];

#if IS_ENABLED(CONFIG_BINFMT_MISC)
	struct binfmt_misc *binfmt_misc;
#endif
} __randomize_layout;

struct ucounts {
	struct hlist_nulls_node node;
	struct user_namespace *ns;
	kuid_t uid;
	struct rcu_head rcu;
	rcuref_t count;
	atomic_long_t ucount[UCOUNT_COUNTS];
	atomic_long_t rlimit[UCOUNT_RLIMIT_COUNTS];
};

extern struct user_namespace init_user_ns;
extern struct ucounts init_ucounts;

bool setup_userns_sysctls(struct user_namespace *ns);
void retire_userns_sysctls(struct user_namespace *ns);
struct ucounts *inc_ucount(struct user_namespace *ns, kuid_t uid, enum ucount_type type);
void dec_ucount(struct ucounts *ucounts, enum ucount_type type);
struct ucounts *alloc_ucounts(struct user_namespace *ns, kuid_t uid);
void put_ucounts(struct ucounts *ucounts);

static inline struct ucounts * __must_check get_ucounts(struct ucounts *ucounts)
{
	if (rcuref_get(&ucounts->count))
		return ucounts;
	return NULL;
}

static inline long get_rlimit_value(struct ucounts *ucounts, enum rlimit_type type)
{
	return atomic_long_read(&ucounts->rlimit[type]);
}

long inc_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v);
bool dec_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v);
long inc_rlimit_get_ucounts(struct ucounts *ucounts, enum rlimit_type type,
			    bool override_rlimit);
void dec_rlimit_put_ucounts(struct ucounts *ucounts, enum rlimit_type type);
bool is_rlimit_overlimit(struct ucounts *ucounts, enum rlimit_type type, unsigned long max);

static inline long get_userns_rlimit_max(struct user_namespace *ns, enum rlimit_type type)
{
	return READ_ONCE(ns->rlimit_max[type]);
}

static inline void set_userns_rlimit_max(struct user_namespace *ns,
		enum rlimit_type type, unsigned long max)
{
	ns->rlimit_max[type] = max <= LONG_MAX ? max : LONG_MAX;
}

#ifdef CONFIG_USER_NS

static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
{
	if (ns)
		refcount_inc(&ns->ns.count);
	return ns;
}

extern int create_user_ns(struct cred *new);
extern int unshare_userns(unsigned long unshare_flags, struct cred **new_cred);
extern void __put_user_ns(struct user_namespace *ns);

static inline void put_user_ns(struct user_namespace *ns)
{
	if (ns && refcount_dec_and_test(&ns->ns.count))
		__put_user_ns(ns);
}

struct seq_operations;
extern const struct seq_operations proc_uid_seq_operations;
extern const struct seq_operations proc_gid_seq_operations;
extern const struct seq_operations proc_projid_seq_operations;
extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *);
extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *);
extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *);
extern ssize_t proc_setgroups_write(struct file *, const char __user *, size_t, loff_t *);
extern int proc_setgroups_show(struct seq_file *m, void *v);
extern bool userns_may_setgroups(const struct user_namespace *ns);
extern bool in_userns(const struct user_namespace *ancestor,
		       const struct user_namespace *child);
extern bool current_in_userns(const struct user_namespace *target_ns);
struct ns_common *ns_get_owner(struct ns_common *ns);
#else

static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
{
	return &init_user_ns;
}

static inline int create_user_ns(struct cred *new)
{
	return -EINVAL;
}

static inline int unshare_userns(unsigned long unshare_flags,
				 struct cred **new_cred)
{
	if (unshare_flags & CLONE_NEWUSER)
		return -EINVAL;
	return 0;
}

static inline void put_user_ns(struct user_namespace *ns)
{
}

static inline bool userns_may_setgroups(const struct user_namespace *ns)
{
	return true;
}

static inline bool in_userns(const struct user_namespace *ancestor,
			     const struct user_namespace *child)
{
	return true;
}

static inline bool current_in_userns(const struct user_namespace *target_ns)
{
	return true;
}

static inline struct ns_common *ns_get_owner(struct ns_common *ns)
{
	return ERR_PTR(-EPERM);
}
#endif

#endif /* _LINUX_USER_H */
Commit	Line	Data
b2441318	1	/* SPDX-License-Identifier: GPL-2.0 */
acce292c CLG	2	#ifndef _LINUX_USER_NAMESPACE_H
	3	#define _LINUX_USER_NAMESPACE_H
	4
	5	#include <linux/kref.h>
	6	#include <linux/nsproxy.h>
435d5f4b	7	#include <linux/ns_common.h>
5f01a22c	8	#include <linux/rculist_nulls.h>
acce292c	9	#include <linux/sched.h>
b2d5bfea	10	#include <linux/workqueue.h>
b4dc0bee	11	#include <linux/rcuref.h>
cd9c513b	12	#include <linux/rwsem.h>
cc5efc23	13	#include <linux/sysctl.h>
77ec739d	14	#include <linux/err.h>
acce292c	15
6397fac4 CB	16	#define UID_GID_MAP_MAX_BASE_EXTENTS 5
6397fac4 CB	17	#define UID_GID_MAP_MAX_EXTENTS 340
22d917d8	18
aa4bf44d CB	19	struct uid_gid_extent {
	20	u32 first;
	21	u32 lower_first;
	22	u32 count;
	23	};
	24
6397fac4	25	struct uid_gid_map { /* 64 bytes -- 1 cache line */
aa4bf44d	26	union {
2077006d CB	27	struct {
	28	struct uid_gid_extent extent[UID_GID_MAP_MAX_BASE_EXTENTS];
	29	u32 nr_extents;
	30	};
aa4bf44d CB	31	struct {
	32	struct uid_gid_extent *forward;
	33	struct uid_gid_extent *reverse;
	34	};
	35	};
22d917d8 EB	36	};
22d917d8 EB	37
9cc46516 EB	38	#define USERNS_SETGROUPS_ALLOWED 1UL
	39
	40	#define USERNS_INIT_FLAGS USERNS_SETGROUPS_ALLOWED
	41
f6b2db1a	42	struct ucounts;
25f9c081 EB	43
	44	enum ucount_type {
	45	UCOUNT_USER_NAMESPACES,
f333c700	46	UCOUNT_PID_NAMESPACES,
f7af3d1c	47	UCOUNT_UTS_NAMESPACES,
aba35661	48	UCOUNT_IPC_NAMESPACES,
70328660	49	UCOUNT_NET_NAMESPACES,
537f7ccb	50	UCOUNT_MNT_NAMESPACES,
d08311dd	51	UCOUNT_CGROUP_NAMESPACES,
769071ac	52	UCOUNT_TIME_NAMESPACES,
1cce1eea NB	53	#ifdef CONFIG_INOTIFY_USER
	54	UCOUNT_INOTIFY_INSTANCES,
	55	UCOUNT_INOTIFY_WATCHES,
5b8fea65 AG	56	#endif
	57	#ifdef CONFIG_FANOTIFY
	58	UCOUNT_FANOTIFY_GROUPS,
	59	UCOUNT_FANOTIFY_MARKS,
1cce1eea	60	#endif
de399236 AG	61	UCOUNT_COUNTS,
	62	};
	63
	64	enum rlimit_type {
21d1c5e3	65	UCOUNT_RLIMIT_NPROC,
6e52a9f0	66	UCOUNT_RLIMIT_MSGQUEUE,
d6469690	67	UCOUNT_RLIMIT_SIGPENDING,
d7c9e99a	68	UCOUNT_RLIMIT_MEMLOCK,
de399236	69	UCOUNT_RLIMIT_COUNTS,
25f9c081 EB	70	};
25f9c081 EB	71
21ca59b3 CB	72	#if IS_ENABLED(CONFIG_BINFMT_MISC)
	73	struct binfmt_misc;
	74	#endif
	75
acce292c	76	struct user_namespace {
22d917d8 EB	77	struct uid_gid_map uid_map;
22d917d8 EB	78	struct uid_gid_map gid_map;
f76d207a	79	struct uid_gid_map projid_map;
aeb3ae9d	80	struct user_namespace *parent;
8742f229	81	int level;
783291e6 EB	82	kuid_t owner;
783291e6 EB	83	kgid_t group;
435d5f4b	84	struct ns_common ns;
9cc46516	85	unsigned long flags;
db2e718a SH	86	/* parent_could_setfcap: true if the creator if this ns had CAP_SETFCAP
	87	* in its effective capability set at the child ns creation time. */
	88	bool parent_could_setfcap;
f36f8c75	89
b206f281	90	#ifdef CONFIG_KEYS
0f44e4d9 DH	91	/* List of joinable keyrings in this namespace. Modification access of
	92	* these pointers is controlled by keyring_sem. Once
	93	* user_keyring_register is set, it won't be changed, so it can be
	94	* accessed directly with READ_ONCE().
	95	*/
b206f281	96	struct list_head keyring_name_list;
0f44e4d9 DH	97	struct key *user_keyring_register;
0f44e4d9 DH	98	struct rw_semaphore keyring_sem;
b206f281 DH	99	#endif
b206f281 DH	100
f36f8c75 DH	101	/* Register of per-UID persistent keyrings for this namespace */
	102	#ifdef CONFIG_PERSISTENT_KEYRINGS
	103	struct key *persistent_keyring_register;
f36f8c75	104	#endif
b032132c	105	struct work_struct work;
dbec2846 EB	106	#ifdef CONFIG_SYSCTL
	107	struct ctl_table_set set;
	108	struct ctl_table_header *sysctls;
	109	#endif
f6b2db1a	110	struct ucounts *ucounts;
f9c82a4e	111	long ucount_max[UCOUNT_COUNTS];
de399236	112	long rlimit_max[UCOUNT_RLIMIT_COUNTS];
21ca59b3 CB	113
	114	#if IS_ENABLED(CONFIG_BINFMT_MISC)
	115	struct binfmt_misc *binfmt_misc;
	116	#endif
3859a271	117	} __randomize_layout;
f6b2db1a EB	118
f6b2db1a EB	119	struct ucounts {
5f01a22c	120	struct hlist_nulls_node node;
f6b2db1a EB	121	struct user_namespace *ns;
f6b2db1a EB	122	kuid_t uid;
5f01a22c	123	struct rcu_head rcu;
b4dc0bee	124	rcuref_t count;
f9c82a4e	125	atomic_long_t ucount[UCOUNT_COUNTS];
de399236	126	atomic_long_t rlimit[UCOUNT_RLIMIT_COUNTS];
acce292c CLG	127	};
	128
	129	extern struct user_namespace init_user_ns;
905ae01c	130	extern struct ucounts init_ucounts;
f6b2db1a EB	131
	132	bool setup_userns_sysctls(struct user_namespace *ns);
	133	void retire_userns_sysctls(struct user_namespace *ns);
25f9c081 EB	134	struct ucounts inc_ucount(struct user_namespace ns, kuid_t uid, enum ucount_type type);
25f9c081 EB	135	void dec_ucount(struct ucounts *ucounts, enum ucount_type type);
905ae01c	136	struct ucounts alloc_ucounts(struct user_namespace ns, kuid_t uid);
905ae01c	137	void put_ucounts(struct ucounts *ucounts);
acce292c	138
b4dc0bee SAS	139	static inline struct ucounts * __must_check get_ucounts(struct ucounts *ucounts)
	140	{
	141	if (rcuref_get(&ucounts->count))
	142	return ucounts;
	143	return NULL;
	144	}
	145
de399236	146	static inline long get_rlimit_value(struct ucounts *ucounts, enum rlimit_type type)
21d1c5e3	147	{
de399236	148	return atomic_long_read(&ucounts->rlimit[type]);
21d1c5e3 AG	149	}
21d1c5e3 AG	150
de399236 AG	151	long inc_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v);
de399236 AG	152	bool dec_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v);
9e05e5c7 RG	153	long inc_rlimit_get_ucounts(struct ucounts *ucounts, enum rlimit_type type,
9e05e5c7 RG	154	bool override_rlimit);
de399236 AG	155	void dec_rlimit_put_ucounts(struct ucounts *ucounts, enum rlimit_type type);
	156	bool is_rlimit_overlimit(struct ucounts *ucounts, enum rlimit_type type, unsigned long max);
	157
	158	static inline long get_userns_rlimit_max(struct user_namespace *ns, enum rlimit_type type)
	159	{
	160	return READ_ONCE(ns->rlimit_max[type]);
	161	}
21d1c5e3	162
de399236 AG	163	static inline void set_userns_rlimit_max(struct user_namespace *ns,
de399236 AG	164	enum rlimit_type type, unsigned long max)
c1ada3dc	165	{
de399236	166	ns->rlimit_max[type] = max <= LONG_MAX ? max : LONG_MAX;
c1ada3dc	167	}
acce292c CLG	168
	169	#ifdef CONFIG_USER_NS
	170
	171	static inline struct user_namespace get_user_ns(struct user_namespace ns)
	172	{
	173	if (ns)
265cbd62	174	refcount_inc(&ns->ns.count);
acce292c CLG	175	return ns;
	176	}
	177
18b6e041	178	extern int create_user_ns(struct cred *new);
b2e0d987	179	extern int unshare_userns(unsigned long unshare_flags, struct cred **new_cred);
b032132c	180	extern void __put_user_ns(struct user_namespace *ns);
acce292c CLG	181
	182	static inline void put_user_ns(struct user_namespace *ns)
	183	{
265cbd62	184	if (ns && refcount_dec_and_test(&ns->ns.count))
b032132c	185	__put_user_ns(ns);
acce292c CLG	186	}
acce292c CLG	187
22d917d8	188	struct seq_operations;
ccf94f1b FF	189	extern const struct seq_operations proc_uid_seq_operations;
	190	extern const struct seq_operations proc_gid_seq_operations;
	191	extern const struct seq_operations proc_projid_seq_operations;
22d917d8 EB	192	extern ssize_t proc_uid_map_write(struct file , const char __user , size_t, loff_t *);
22d917d8 EB	193	extern ssize_t proc_gid_map_write(struct file , const char __user , size_t, loff_t *);
f76d207a	194	extern ssize_t proc_projid_map_write(struct file , const char __user , size_t, loff_t *);
9cc46516 EB	195	extern ssize_t proc_setgroups_write(struct file , const char __user , size_t, loff_t *);
9cc46516 EB	196	extern int proc_setgroups_show(struct seq_file m, void v);
273d2c67	197	extern bool userns_may_setgroups(const struct user_namespace *ns);
a2b42626 EB	198	extern bool in_userns(const struct user_namespace *ancestor,
a2b42626 EB	199	const struct user_namespace *child);
d07b846f	200	extern bool current_in_userns(const struct user_namespace *target_ns);
bcac25a5	201	struct ns_common ns_get_owner(struct ns_common ns);
acce292c CLG	202	#else
	203
	204	static inline struct user_namespace get_user_ns(struct user_namespace ns)
	205	{
	206	return &init_user_ns;
	207	}
	208
18b6e041	209	static inline int create_user_ns(struct cred *new)
acce292c	210	{
18b6e041	211	return -EINVAL;
acce292c CLG	212	}
acce292c CLG	213
b2e0d987 EB	214	static inline int unshare_userns(unsigned long unshare_flags,
	215	struct cred **new_cred)
	216	{
	217	if (unshare_flags & CLONE_NEWUSER)
	218	return -EINVAL;
	219	return 0;
	220	}
	221
acce292c CLG	222	static inline void put_user_ns(struct user_namespace *ns)
	223	{
	224	}
	225
273d2c67 EB	226	static inline bool userns_may_setgroups(const struct user_namespace *ns)
	227	{
	228	return true;
	229	}
d07b846f	230
a2b42626 EB	231	static inline bool in_userns(const struct user_namespace *ancestor,
	232	const struct user_namespace *child)
	233	{
	234	return true;
	235	}
	236
d07b846f SF	237	static inline bool current_in_userns(const struct user_namespace *target_ns)
	238	{
	239	return true;
	240	}
bcac25a5 AV	241
	242	static inline struct ns_common ns_get_owner(struct ns_common ns)
	243	{
	244	return ERR_PTR(-EPERM);
	245	}
22d917d8 EB	246	#endif
22d917d8 EB	247
acce292c	248	#endif /* _LINUX_USER_H */