1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef _LINUX_UIDGID_H 3 #define _LINUX_UIDGID_H 4 5 /* 6 * A set of types for the internal kernel types representing uids and gids. 7 * 8 * The types defined in this header allow distinguishing which uids and gids in 9 * the kernel are values used by userspace and which uid and gid values are 10 * the internal kernel values. With the addition of user namespaces the values 11 * can be different. Using the type system makes it possible for the compiler 12 * to detect when we overlook these differences. 13 * 14 */ 15 #include <linux/types.h> 16 #include <linux/highuid.h> 17 18 struct user_namespace; 19 extern struct user_namespace init_user_ns; 20 struct uid_gid_map; 21 22 typedef struct { 23 uid_t val; 24 } kuid_t; 25 26 27 typedef struct { 28 gid_t val; 29 } kgid_t; 30 31 #define KUIDT_INIT(value) (kuid_t){ value } 32 #define KGIDT_INIT(value) (kgid_t){ value } 33 34 #ifdef CONFIG_MULTIUSER 35 static inline uid_t __kuid_val(kuid_t uid) 36 { 37 return uid.val; 38 } 39 40 static inline gid_t __kgid_val(kgid_t gid) 41 { 42 return gid.val; 43 } 44 #else 45 static inline uid_t __kuid_val(kuid_t uid) 46 { 47 return 0; 48 } 49 50 static inline gid_t __kgid_val(kgid_t gid) 51 { 52 return 0; 53 } 54 #endif 55 56 #define GLOBAL_ROOT_UID KUIDT_INIT(0) 57 #define GLOBAL_ROOT_GID KGIDT_INIT(0) 58 59 #define INVALID_UID KUIDT_INIT(-1) 60 #define INVALID_GID KGIDT_INIT(-1) 61 62 static inline bool uid_eq(kuid_t left, kuid_t right) 63 { 64 return __kuid_val(left) == __kuid_val(right); 65 } 66 67 static inline bool gid_eq(kgid_t left, kgid_t right) 68 { 69 return __kgid_val(left) == __kgid_val(right); 70 } 71 72 static inline bool uid_gt(kuid_t left, kuid_t right) 73 { 74 return __kuid_val(left) > __kuid_val(right); 75 } 76 77 static inline bool gid_gt(kgid_t left, kgid_t right) 78 { 79 return __kgid_val(left) > __kgid_val(right); 80 } 81 82 static inline bool uid_gte(kuid_t left, kuid_t right) 83 { 84 return __kuid_val(left) >= __kuid_val(right); 85 } 86 87 static inline bool gid_gte(kgid_t left, kgid_t right) 88 { 89 return __kgid_val(left) >= __kgid_val(right); 90 } 91 92 static inline bool uid_lt(kuid_t left, kuid_t right) 93 { 94 return __kuid_val(left) < __kuid_val(right); 95 } 96 97 static inline bool gid_lt(kgid_t left, kgid_t right) 98 { 99 return __kgid_val(left) < __kgid_val(right); 100 } 101 102 static inline bool uid_lte(kuid_t left, kuid_t right) 103 { 104 return __kuid_val(left) <= __kuid_val(right); 105 } 106 107 static inline bool gid_lte(kgid_t left, kgid_t right) 108 { 109 return __kgid_val(left) <= __kgid_val(right); 110 } 111 112 static inline bool uid_valid(kuid_t uid) 113 { 114 return __kuid_val(uid) != (uid_t) -1; 115 } 116 117 static inline bool gid_valid(kgid_t gid) 118 { 119 return __kgid_val(gid) != (gid_t) -1; 120 } 121 122 #ifdef CONFIG_USER_NS 123 124 extern kuid_t make_kuid(struct user_namespace *from, uid_t uid); 125 extern kgid_t make_kgid(struct user_namespace *from, gid_t gid); 126 127 extern uid_t from_kuid(struct user_namespace *to, kuid_t uid); 128 extern gid_t from_kgid(struct user_namespace *to, kgid_t gid); 129 extern uid_t from_kuid_munged(struct user_namespace *to, kuid_t uid); 130 extern gid_t from_kgid_munged(struct user_namespace *to, kgid_t gid); 131 132 static inline bool kuid_has_mapping(struct user_namespace *ns, kuid_t uid) 133 { 134 return from_kuid(ns, uid) != (uid_t) -1; 135 } 136 137 static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) 138 { 139 return from_kgid(ns, gid) != (gid_t) -1; 140 } 141 142 u32 map_id_down(struct uid_gid_map *map, u32 id); 143 u32 map_id_up(struct uid_gid_map *map, u32 id); 144 145 #else 146 147 static inline kuid_t make_kuid(struct user_namespace *from, uid_t uid) 148 { 149 return KUIDT_INIT(uid); 150 } 151 152 static inline kgid_t make_kgid(struct user_namespace *from, gid_t gid) 153 { 154 return KGIDT_INIT(gid); 155 } 156 157 static inline uid_t from_kuid(struct user_namespace *to, kuid_t kuid) 158 { 159 return __kuid_val(kuid); 160 } 161 162 static inline gid_t from_kgid(struct user_namespace *to, kgid_t kgid) 163 { 164 return __kgid_val(kgid); 165 } 166 167 static inline uid_t from_kuid_munged(struct user_namespace *to, kuid_t kuid) 168 { 169 uid_t uid = from_kuid(to, kuid); 170 if (uid == (uid_t)-1) 171 uid = overflowuid; 172 return uid; 173 } 174 175 static inline gid_t from_kgid_munged(struct user_namespace *to, kgid_t kgid) 176 { 177 gid_t gid = from_kgid(to, kgid); 178 if (gid == (gid_t)-1) 179 gid = overflowgid; 180 return gid; 181 } 182 183 static inline bool kuid_has_mapping(struct user_namespace *ns, kuid_t uid) 184 { 185 return uid_valid(uid); 186 } 187 188 static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) 189 { 190 return gid_valid(gid); 191 } 192 193 static inline u32 map_id_down(struct uid_gid_map *map, u32 id) 194 { 195 return id; 196 } 197 198 static inline u32 map_id_up(struct uid_gid_map *map, u32 id) 199 { 200 return id; 201 } 202 #endif /* CONFIG_USER_NS */ 203 204 #endif /* _LINUX_UIDGID_H */ 205