kernel/user_namespace.c

   1 /*
   2  *  This program is free software; you can redistribute it and/or
   3  *  modify it under the terms of the GNU General Public License as
   4  *  published by the Free Software Foundation, version 2 of the
   5  *  License.
   6  */
   7
   8 #include <linux/export.h>
   9 #include <linux/nsproxy.h>
  10 #include <linux/slab.h>
  11 #include <linux/user_namespace.h>
  12 #include <linux/highuid.h>
  13 #include <linux/cred.h>
  14 #include <linux/securebits.h>
  15
  16 static struct kmem_cache *user_ns_cachep __read_mostly;
  17
  18 /*
  19  * Create a new user namespace, deriving the creator from the user in the
  20  * passed credentials, and replacing that user with the new root user for the
  21  * new namespace.
  22  *
  23  * This is called by copy_creds(), which will finish setting the target task's
  24  * credentials.
  25  */
  26 int create_user_ns(struct cred *new)
  27 {
  28         struct user_namespace *ns, *parent_ns = new->user_ns;
  29         struct user_struct *root_user;
  30         int n;
  31
  32         ns = kmem_cache_alloc(user_ns_cachep, GFP_KERNEL);
  33         if (!ns)
  34                 return -ENOMEM;
  35
  36         kref_init(&ns->kref);
  37
  38         for (n = 0; n < UIDHASH_SZ; ++n)
  39                 INIT_HLIST_HEAD(ns->uidhash_table + n);
  40
  41         /* Alloc new root user.  */
  42         root_user = alloc_uid(ns, 0);
  43         if (!root_user) {
  44                 kmem_cache_free(user_ns_cachep, ns);
  45                 return -ENOMEM;
  46         }
  47
  48         /* set the new root user in the credentials under preparation */
  49         ns->parent = parent_ns;
  50         ns->creator = new->user;
  51         new->user = root_user;
  52         new->uid = new->euid = new->suid = new->fsuid = 0;
  53         new->gid = new->egid = new->sgid = new->fsgid = 0;
  54         put_group_info(new->group_info);
  55         new->group_info = get_group_info(&init_groups);
  56         /* Start with the same capabilities as init but useless for doing
  57          * anything as the capabilities are bound to the new user namespace.
  58          */
  59         new->securebits = SECUREBITS_DEFAULT;
  60         new->cap_inheritable = CAP_EMPTY_SET;
  61         new->cap_permitted = CAP_FULL_SET;
  62         new->cap_effective = CAP_FULL_SET;
  63         new->cap_bset = CAP_FULL_SET;
  64 #ifdef CONFIG_KEYS
  65         key_put(new->request_key_auth);
  66         new->request_key_auth = NULL;
  67 #endif
  68         /* tgcred will be cleared in our caller bc CLONE_THREAD won't be set */
  69
  70         /* Leave the reference to our user_ns with the new cred */
  71         new->user_ns = ns;
  72
  73         return 0;
  74 }
  75
  76 /*
  77  * Deferred destructor for a user namespace.  This is required because
  78  * free_user_ns() may be called with uidhash_lock held, but we need to call
  79  * back to free_uid() which will want to take the lock again.
  80  */
  81 static void free_user_ns_work(struct work_struct *work)
  82 {
  83         struct user_namespace *parent, *ns =
  84                 container_of(work, struct user_namespace, destroyer);
  85         parent = ns->parent;
  86         free_uid(ns->creator);
  87         kmem_cache_free(user_ns_cachep, ns);
  88         put_user_ns(parent);
  89 }
  90
  91 void free_user_ns(struct kref *kref)
  92 {
  93         struct user_namespace *ns =
  94                 container_of(kref, struct user_namespace, kref);
  95
  96         INIT_WORK(&ns->destroyer, free_user_ns_work);
  97         schedule_work(&ns->destroyer);
  98 }
  99 EXPORT_SYMBOL(free_user_ns);
 100
 101 uid_t user_ns_map_uid(struct user_namespace *to, const struct cred *cred, uid_t uid)
 102 {
 103         struct user_namespace *tmp;
 104
 105         if (likely(to == cred->user_ns))
 106                 return uid;
 107
 108
 109         /* Is cred->user the creator of the target user_ns
 110          * or the creator of one of it's parents?
 111          */
 112         for ( tmp = to; tmp != &init_user_ns; tmp = tmp->parent ) {
 113                 if (cred->user == tmp->creator) {
 114                         return (uid_t)0;
 115                 }
 116         }
 117
 118         /* No useful relationship so no mapping */
 119         return overflowuid;
 120 }
 121
 122 gid_t user_ns_map_gid(struct user_namespace *to, const struct cred *cred, gid_t gid)
 123 {
 124         struct user_namespace *tmp;
 125
 126         if (likely(to == cred->user_ns))
 127                 return gid;
 128
 129         /* Is cred->user the creator of the target user_ns
 130          * or the creator of one of it's parents?
 131          */
 132         for ( tmp = to; tmp != &init_user_ns; tmp = tmp->parent ) {
 133                 if (cred->user == tmp->creator) {
 134                         return (gid_t)0;
 135                 }
 136         }
 137
 138         /* No useful relationship so no mapping */
 139         return overflowgid;
 140 }
 141
 142 static __init int user_namespaces_init(void)
 143 {
 144         user_ns_cachep = KMEM_CACHE(user_namespace, SLAB_PANIC);
 145         return 0;
 146 }
 147 module_init(user_namespaces_init);