kernel/user_namespace.c

   1 /*
   2  *  This program is free software; you can redistribute it and/or
   3  *  modify it under the terms of the GNU General Public License as
   4  *  published by the Free Software Foundation, version 2 of the
   5  *  License.
   6  */
   7
   8 #include <linux/module.h>
   9 #include <linux/nsproxy.h>
  10 #include <linux/slab.h>
  11 #include <linux/user_namespace.h>
  12
  13 /*
  14  * Clone a new ns copying an original user ns, setting refcount to 1
  15  * @old_ns: namespace to clone
  16  * Return NULL on error (failure to kmalloc), new ns otherwise
  17  */
  18 static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
  19 {
  20         struct user_namespace *ns;
  21         struct user_struct *new_user;
  22         int n;
  23
  24         ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);
  25         if (!ns)
  26                 return ERR_PTR(-ENOMEM);
  27
  28         kref_init(&ns->kref);
  29
  30         for (n = 0; n < UIDHASH_SZ; ++n)
  31                 INIT_HLIST_HEAD(ns->uidhash_table + n);
  32
  33         /* Insert new root user.  */
  34         ns->root_user = alloc_uid(ns, 0);
  35         if (!ns->root_user) {
  36                 kfree(ns);
  37                 return ERR_PTR(-ENOMEM);
  38         }
  39
  40         /* Reset current->user with a new one */
  41         new_user = alloc_uid(ns, current->uid);
  42         if (!new_user) {
  43                 free_uid(ns->root_user);
  44                 kfree(ns);
  45                 return ERR_PTR(-ENOMEM);
  46         }
  47
  48         switch_uid(new_user);
  49         return ns;
  50 }
  51
  52 struct user_namespace * copy_user_ns(int flags, struct user_namespace *old_ns)
  53 {
  54         struct user_namespace *new_ns;
  55
  56         BUG_ON(!old_ns);
  57         get_user_ns(old_ns);
  58
  59         if (!(flags & CLONE_NEWUSER))
  60                 return old_ns;
  61
  62         new_ns = clone_user_ns(old_ns);
  63
  64         put_user_ns(old_ns);
  65         return new_ns;
  66 }
  67
  68 void free_user_ns(struct kref *kref)
  69 {
  70         struct user_namespace *ns;
  71
  72         ns = container_of(kref, struct user_namespace, kref);
  73         release_uids(ns);
  74         kfree(ns);
  75 }
  76 EXPORT_SYMBOL(free_user_ns);