kernel/user_namespace.c

   1 /*
   2  *  This program is free software; you can redistribute it and/or
   3  *  modify it under the terms of the GNU General Public License as
   4  *  published by the Free Software Foundation, version 2 of the
   5  *  License.
   6  */
   7
   8 #include <linux/module.h>
   9 #include <linux/version.h>
  10 #include <linux/nsproxy.h>
  11 #include <linux/slab.h>
  12 #include <linux/user_namespace.h>
  13
  14 /*
  15  * Clone a new ns copying an original user ns, setting refcount to 1
  16  * @old_ns: namespace to clone
  17  * Return NULL on error (failure to kmalloc), new ns otherwise
  18  */
  19 static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
  20 {
  21         struct user_namespace *ns;
  22         struct user_struct *new_user;
  23         int n;
  24
  25         ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);
  26         if (!ns)
  27                 return ERR_PTR(-ENOMEM);
  28
  29         kref_init(&ns->kref);
  30
  31         for (n = 0; n < UIDHASH_SZ; ++n)
  32                 INIT_HLIST_HEAD(ns->uidhash_table + n);
  33
  34         /* Insert new root user.  */
  35         ns->root_user = alloc_uid(ns, 0);
  36         if (!ns->root_user) {
  37                 kfree(ns);
  38                 return ERR_PTR(-ENOMEM);
  39         }
  40
  41         /* Reset current->user with a new one */
  42         new_user = alloc_uid(ns, current->uid);
  43         if (!new_user) {
  44                 free_uid(ns->root_user);
  45                 kfree(ns);
  46                 return ERR_PTR(-ENOMEM);
  47         }
  48
  49         switch_uid(new_user);
  50         return ns;
  51 }
  52
  53 struct user_namespace * copy_user_ns(int flags, struct user_namespace *old_ns)
  54 {
  55         struct user_namespace *new_ns;
  56
  57         BUG_ON(!old_ns);
  58         get_user_ns(old_ns);
  59
  60         if (!(flags & CLONE_NEWUSER))
  61                 return old_ns;
  62
  63         new_ns = clone_user_ns(old_ns);
  64
  65         put_user_ns(old_ns);
  66         return new_ns;
  67 }
  68
  69 void free_user_ns(struct kref *kref)
  70 {
  71         struct user_namespace *ns;
  72
  73         ns = container_of(kref, struct user_namespace, kref);
  74         release_uids(ns);
  75         kfree(ns);
  76 }
  77 EXPORT_SYMBOL(free_user_ns);