xref: /linux-6.15/include/linux/user_namespace.h (revision 4d07bbf2) 
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _LINUX_USER_NAMESPACE_H
3 #define _LINUX_USER_NAMESPACE_H
4 
5 #include <linux/kref.h>
6 #include <linux/nsproxy.h>
7 #include <linux/ns_common.h>
8 #include <linux/rculist_nulls.h>
9 #include <linux/sched.h>
10 #include <linux/workqueue.h>
11 #include <linux/rcuref.h>
12 #include <linux/rwsem.h>
13 #include <linux/sysctl.h>
14 #include <linux/err.h>
15 
16 #define UID_GID_MAP_MAX_BASE_EXTENTS 5
17 #define UID_GID_MAP_MAX_EXTENTS 340
18 
19 struct uid_gid_extent {
20 	u32 first;
21 	u32 lower_first;
22 	u32 count;
23 };
24 
25 struct uid_gid_map { /* 64 bytes -- 1 cache line */
26 	union {
27 		struct {
28 			struct uid_gid_extent extent[UID_GID_MAP_MAX_BASE_EXTENTS];
29 			u32 nr_extents;
30 		};
31 		struct {
32 			struct uid_gid_extent *forward;
33 			struct uid_gid_extent *reverse;
34 		};
35 	};
36 };
37 
38 #define USERNS_SETGROUPS_ALLOWED 1UL
39 
40 #define USERNS_INIT_FLAGS USERNS_SETGROUPS_ALLOWED
41 
42 struct ucounts;
43 
44 enum ucount_type {
45 	UCOUNT_USER_NAMESPACES,
46 	UCOUNT_PID_NAMESPACES,
47 	UCOUNT_UTS_NAMESPACES,
48 	UCOUNT_IPC_NAMESPACES,
49 	UCOUNT_NET_NAMESPACES,
50 	UCOUNT_MNT_NAMESPACES,
51 	UCOUNT_CGROUP_NAMESPACES,
52 	UCOUNT_TIME_NAMESPACES,
53 #ifdef CONFIG_INOTIFY_USER
54 	UCOUNT_INOTIFY_INSTANCES,
55 	UCOUNT_INOTIFY_WATCHES,
56 #endif
57 #ifdef CONFIG_FANOTIFY
58 	UCOUNT_FANOTIFY_GROUPS,
59 	UCOUNT_FANOTIFY_MARKS,
60 #endif
61 	UCOUNT_COUNTS,
62 };
63 
64 enum rlimit_type {
65 	UCOUNT_RLIMIT_NPROC,
66 	UCOUNT_RLIMIT_MSGQUEUE,
67 	UCOUNT_RLIMIT_SIGPENDING,
68 	UCOUNT_RLIMIT_MEMLOCK,
69 	UCOUNT_RLIMIT_COUNTS,
70 };
71 
72 #if IS_ENABLED(CONFIG_BINFMT_MISC)
73 struct binfmt_misc;
74 #endif
75 
76 struct user_namespace {
77 	struct uid_gid_map	uid_map;
78 	struct uid_gid_map	gid_map;
79 	struct uid_gid_map	projid_map;
80 	struct user_namespace	*parent;
81 	int			level;
82 	kuid_t			owner;
83 	kgid_t			group;
84 	struct ns_common	ns;
85 	unsigned long		flags;
86 	/* parent_could_setfcap: true if the creator if this ns had CAP_SETFCAP
87 	 * in its effective capability set at the child ns creation time. */
88 	bool			parent_could_setfcap;
89 
90 #ifdef CONFIG_KEYS
91 	/* List of joinable keyrings in this namespace.  Modification access of
92 	 * these pointers is controlled by keyring_sem.  Once
93 	 * user_keyring_register is set, it won't be changed, so it can be
94 	 * accessed directly with READ_ONCE().
95 	 */
96 	struct list_head	keyring_name_list;
97 	struct key		*user_keyring_register;
98 	struct rw_semaphore	keyring_sem;
99 #endif
100 
101 	/* Register of per-UID persistent keyrings for this namespace */
102 #ifdef CONFIG_PERSISTENT_KEYRINGS
103 	struct key		*persistent_keyring_register;
104 #endif
105 	struct work_struct	work;
106 #ifdef CONFIG_SYSCTL
107 	struct ctl_table_set	set;
108 	struct ctl_table_header *sysctls;
109 #endif
110 	struct ucounts		*ucounts;
111 	long ucount_max[UCOUNT_COUNTS];
112 	long rlimit_max[UCOUNT_RLIMIT_COUNTS];
113 
114 #if IS_ENABLED(CONFIG_BINFMT_MISC)
115 	struct binfmt_misc *binfmt_misc;
116 #endif
117 } __randomize_layout;
118 
119 struct ucounts {
120 	struct hlist_nulls_node node;
121 	struct user_namespace *ns;
122 	kuid_t uid;
123 	struct rcu_head rcu;
124 	rcuref_t count;
125 	atomic_long_t ucount[UCOUNT_COUNTS];
126 	atomic_long_t rlimit[UCOUNT_RLIMIT_COUNTS];
127 };
128 
129 extern struct user_namespace init_user_ns;
130 extern struct ucounts init_ucounts;
131 
132 bool setup_userns_sysctls(struct user_namespace *ns);
133 void retire_userns_sysctls(struct user_namespace *ns);
134 struct ucounts *inc_ucount(struct user_namespace *ns, kuid_t uid, enum ucount_type type);
135 void dec_ucount(struct ucounts *ucounts, enum ucount_type type);
136 struct ucounts *alloc_ucounts(struct user_namespace *ns, kuid_t uid);
137 void put_ucounts(struct ucounts *ucounts);
138 
139 static inline struct ucounts * __must_check get_ucounts(struct ucounts *ucounts)
140 {
141 	if (rcuref_get(&ucounts->count))
142 		return ucounts;
143 	return NULL;
144 }
145 
146 static inline long get_rlimit_value(struct ucounts *ucounts, enum rlimit_type type)
147 {
148 	return atomic_long_read(&ucounts->rlimit[type]);
149 }
150 
151 long inc_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v);
152 bool dec_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v);
153 long inc_rlimit_get_ucounts(struct ucounts *ucounts, enum rlimit_type type,
154 			    bool override_rlimit);
155 void dec_rlimit_put_ucounts(struct ucounts *ucounts, enum rlimit_type type);
156 bool is_rlimit_overlimit(struct ucounts *ucounts, enum rlimit_type type, unsigned long max);
157 
158 static inline long get_userns_rlimit_max(struct user_namespace *ns, enum rlimit_type type)
159 {
160 	return READ_ONCE(ns->rlimit_max[type]);
161 }
162 
163 static inline void set_userns_rlimit_max(struct user_namespace *ns,
164 		enum rlimit_type type, unsigned long max)
165 {
166 	ns->rlimit_max[type] = max <= LONG_MAX ? max : LONG_MAX;
167 }
168 
169 #ifdef CONFIG_USER_NS
170 
171 static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
172 {
173 	if (ns)
174 		refcount_inc(&ns->ns.count);
175 	return ns;
176 }
177 
178 extern int create_user_ns(struct cred *new);
179 extern int unshare_userns(unsigned long unshare_flags, struct cred **new_cred);
180 extern void __put_user_ns(struct user_namespace *ns);
181 
182 static inline void put_user_ns(struct user_namespace *ns)
183 {
184 	if (ns && refcount_dec_and_test(&ns->ns.count))
185 		__put_user_ns(ns);
186 }
187 
188 struct seq_operations;
189 extern const struct seq_operations proc_uid_seq_operations;
190 extern const struct seq_operations proc_gid_seq_operations;
191 extern const struct seq_operations proc_projid_seq_operations;
192 extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *);
193 extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *);
194 extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *);
195 extern ssize_t proc_setgroups_write(struct file *, const char __user *, size_t, loff_t *);
196 extern int proc_setgroups_show(struct seq_file *m, void *v);
197 extern bool userns_may_setgroups(const struct user_namespace *ns);
198 extern bool in_userns(const struct user_namespace *ancestor,
199 		       const struct user_namespace *child);
200 extern bool current_in_userns(const struct user_namespace *target_ns);
201 struct ns_common *ns_get_owner(struct ns_common *ns);
202 #else
203 
204 static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
205 {
206 	return &init_user_ns;
207 }
208 
209 static inline int create_user_ns(struct cred *new)
210 {
211 	return -EINVAL;
212 }
213 
214 static inline int unshare_userns(unsigned long unshare_flags,
215 				 struct cred **new_cred)
216 {
217 	if (unshare_flags & CLONE_NEWUSER)
218 		return -EINVAL;
219 	return 0;
220 }
221 
222 static inline void put_user_ns(struct user_namespace *ns)
223 {
224 }
225 
226 static inline bool userns_may_setgroups(const struct user_namespace *ns)
227 {
228 	return true;
229 }
230 
231 static inline bool in_userns(const struct user_namespace *ancestor,
232 			     const struct user_namespace *child)
233 {
234 	return true;
235 }
236 
237 static inline bool current_in_userns(const struct user_namespace *target_ns)
238 {
239 	return true;
240 }
241 
242 static inline struct ns_common *ns_get_owner(struct ns_common *ns)
243 {
244 	return ERR_PTR(-EPERM);
245 }
246 #endif
247 
248 #endif /* _LINUX_USER_H */
249