kernel/user_namespace.c

   1 /*
   2  *  This program is free software; you can redistribute it and/or
   3  *  modify it under the terms of the GNU General Public License as
   4  *  published by the Free Software Foundation, version 2 of the
   5  *  License.
   6  */
   7
   8 #include <linux/module.h>
   9 #include <linux/version.h>
  10 #include <linux/nsproxy.h>
  11 #include <linux/user_namespace.h>
  12
  13 struct user_namespace init_user_ns = {
  14         .kref = {
  15                 .refcount       = ATOMIC_INIT(2),
  16         },
  17         .root_user = &root_user,
  18 };
  19
  20 EXPORT_SYMBOL_GPL(init_user_ns);
  21
  22 #ifdef CONFIG_USER_NS
  23
  24 /*
  25  * Clone a new ns copying an original user ns, setting refcount to 1
  26  * @old_ns: namespace to clone
  27  * Return NULL on error (failure to kmalloc), new ns otherwise
  28  */
  29 static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
  30 {
  31         struct user_namespace *ns;
  32         struct user_struct *new_user;
  33         int n;
  34
  35         ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);
  36         if (!ns)
  37                 return ERR_PTR(-ENOMEM);
  38
  39         kref_init(&ns->kref);
  40
  41         for (n = 0; n < UIDHASH_SZ; ++n)
  42                 INIT_HLIST_HEAD(ns->uidhash_table + n);
  43
  44         /* Insert new root user.  */
  45         ns->root_user = alloc_uid(ns, 0);
  46         if (!ns->root_user) {
  47                 kfree(ns);
  48                 return ERR_PTR(-ENOMEM);
  49         }
  50
  51         /* Reset current->user with a new one */
  52         new_user = alloc_uid(ns, current->uid);
  53         if (!new_user) {
  54                 free_uid(ns->root_user);
  55                 kfree(ns);
  56                 return ERR_PTR(-ENOMEM);
  57         }
  58
  59         switch_uid(new_user);
  60         return ns;
  61 }
  62
  63 struct user_namespace * copy_user_ns(int flags, struct user_namespace *old_ns)
  64 {
  65         struct user_namespace *new_ns;
  66
  67         BUG_ON(!old_ns);
  68         get_user_ns(old_ns);
  69
  70         if (!(flags & CLONE_NEWUSER))
  71                 return old_ns;
  72
  73         new_ns = clone_user_ns(old_ns);
  74
  75         put_user_ns(old_ns);
  76         return new_ns;
  77 }
  78
  79 void free_user_ns(struct kref *kref)
  80 {
  81         struct user_namespace *ns;
  82
  83         ns = container_of(kref, struct user_namespace, kref);
  84         release_uids(ns);
  85         kfree(ns);
  86 }
  87
  88 #endif /* CONFIG_USER_NS */