2 * This program is free software; you can redistribute it and/or
3 * modify it under the terms of the GNU General Public License as
4 * published by the Free Software Foundation, version 2 of the
8 #include <linux/export.h>
9 #include <linux/nsproxy.h>
10 #include <linux/slab.h>
11 #include <linux/user_namespace.h>
12 #include <linux/highuid.h>
13 #include <linux/cred.h>
14 #include <linux/securebits.h>
16 static struct kmem_cache
*user_ns_cachep __read_mostly
;
19 * Create a new user namespace, deriving the creator from the user in the
20 * passed credentials, and replacing that user with the new root user for the
23 * This is called by copy_creds(), which will finish setting the target task's
26 int create_user_ns(struct cred
*new)
28 struct user_namespace
*ns
, *parent_ns
= new->user_ns
;
29 struct user_struct
*root_user
;
32 ns
= kmem_cache_alloc(user_ns_cachep
, GFP_KERNEL
);
38 for (n
= 0; n
< UIDHASH_SZ
; ++n
)
39 INIT_HLIST_HEAD(ns
->uidhash_table
+ n
);
41 /* Alloc new root user. */
42 root_user
= alloc_uid(ns
, 0);
44 kmem_cache_free(user_ns_cachep
, ns
);
48 /* set the new root user in the credentials under preparation */
49 ns
->parent
= parent_ns
;
50 ns
->creator
= new->user
;
51 new->user
= root_user
;
52 new->uid
= new->euid
= new->suid
= new->fsuid
= 0;
53 new->gid
= new->egid
= new->sgid
= new->fsgid
= 0;
54 put_group_info(new->group_info
);
55 new->group_info
= get_group_info(&init_groups
);
56 /* Start with the same capabilities as init but useless for doing
57 * anything as the capabilities are bound to the new user namespace.
59 new->securebits
= SECUREBITS_DEFAULT
;
60 new->cap_inheritable
= CAP_EMPTY_SET
;
61 new->cap_permitted
= CAP_FULL_SET
;
62 new->cap_effective
= CAP_FULL_SET
;
63 new->cap_bset
= CAP_FULL_SET
;
65 key_put(new->request_key_auth
);
66 new->request_key_auth
= NULL
;
68 /* tgcred will be cleared in our caller bc CLONE_THREAD won't be set */
70 /* Leave the reference to our user_ns with the new cred */
77 * Deferred destructor for a user namespace. This is required because
78 * free_user_ns() may be called with uidhash_lock held, but we need to call
79 * back to free_uid() which will want to take the lock again.
81 static void free_user_ns_work(struct work_struct
*work
)
83 struct user_namespace
*parent
, *ns
=
84 container_of(work
, struct user_namespace
, destroyer
);
86 free_uid(ns
->creator
);
87 kmem_cache_free(user_ns_cachep
, ns
);
91 void free_user_ns(struct kref
*kref
)
93 struct user_namespace
*ns
=
94 container_of(kref
, struct user_namespace
, kref
);
96 INIT_WORK(&ns
->destroyer
, free_user_ns_work
);
97 schedule_work(&ns
->destroyer
);
99 EXPORT_SYMBOL(free_user_ns
);
101 uid_t
user_ns_map_uid(struct user_namespace
*to
, const struct cred
*cred
, uid_t uid
)
103 struct user_namespace
*tmp
;
105 if (likely(to
== cred
->user_ns
))
109 /* Is cred->user the creator of the target user_ns
110 * or the creator of one of it's parents?
112 for ( tmp
= to
; tmp
!= &init_user_ns
; tmp
= tmp
->parent
) {
113 if (cred
->user
== tmp
->creator
) {
118 /* No useful relationship so no mapping */
122 gid_t
user_ns_map_gid(struct user_namespace
*to
, const struct cred
*cred
, gid_t gid
)
124 struct user_namespace
*tmp
;
126 if (likely(to
== cred
->user_ns
))
129 /* Is cred->user the creator of the target user_ns
130 * or the creator of one of it's parents?
132 for ( tmp
= to
; tmp
!= &init_user_ns
; tmp
= tmp
->parent
) {
133 if (cred
->user
== tmp
->creator
) {
138 /* No useful relationship so no mapping */
142 static __init
int user_namespaces_init(void)
144 user_ns_cachep
= KMEM_CACHE(user_namespace
, SLAB_PANIC
);
147 module_init(user_namespaces_init
);