1 // SPDX-License-Identifier: GPL-2.0
2 #include "cgroup-internal.h"
12 static struct ucounts *inc_cgroup_namespaces(struct user_namespace *ns)  in inc_cgroup_namespaces()  argument
14 	return inc_ucount(ns, current_euid(), UCOUNT_CGROUP_NAMESPACES);  in inc_cgroup_namespaces()
29 		return ERR_PTR(-ENOMEM);  in alloc_cgroup_ns()
30 	ret = ns_alloc_inum(&new_ns->ns);  in alloc_cgroup_ns()
35 	refcount_set(&new_ns->ns.count, 1);  in alloc_cgroup_ns()
36 	new_ns->ns.ops = &cgroupns_operations;  in alloc_cgroup_ns()
40 void free_cgroup_ns(struct cgroup_namespace *ns)  in free_cgroup_ns()  argument
42 	put_css_set(ns->root_cset);  in free_cgroup_ns()
43 	dec_cgroup_namespaces(ns->ucounts);  in free_cgroup_ns()
44 	put_user_ns(ns->user_ns);  in free_cgroup_ns()
45 	ns_free_inum(&ns->ns);  in free_cgroup_ns()
46 	kfree(ns);  in free_cgroup_ns()
67 		return ERR_PTR(-EPERM);  in copy_cgroup_ns()
71 		return ERR_PTR(-ENOSPC);  in copy_cgroup_ns()
86 	new_ns->user_ns = get_user_ns(user_ns);  in copy_cgroup_ns()
87 	new_ns->ucounts = ucounts;  in copy_cgroup_ns()
88 	new_ns->root_cset = cset;  in copy_cgroup_ns()
93 static inline struct cgroup_namespace *to_cg_ns(struct ns_common *ns)  in to_cg_ns()  argument
95 	return container_of(ns, struct cgroup_namespace, ns);  in to_cg_ns()
98 static int cgroupns_install(struct nsset *nsset, struct ns_common *ns)  in cgroupns_install()  argument
100 	struct nsproxy *nsproxy = nsset->nsproxy;  in cgroupns_install()
101 	struct cgroup_namespace *cgroup_ns = to_cg_ns(ns);  in cgroupns_install()
103 	if (!ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN) ||  in cgroupns_install()
104 	    !ns_capable(cgroup_ns->user_ns, CAP_SYS_ADMIN))  in cgroupns_install()
105 		return -EPERM;  in cgroupns_install()
108 	if (cgroup_ns == nsproxy->cgroup_ns)  in cgroupns_install()
112 	put_cgroup_ns(nsproxy->cgroup_ns);  in cgroupns_install()
113 	nsproxy->cgroup_ns = cgroup_ns;  in cgroupns_install()
120 	struct cgroup_namespace *ns = NULL;  in cgroupns_get()  local
124 	nsproxy = task->nsproxy;  in cgroupns_get()
126 		ns = nsproxy->cgroup_ns;  in cgroupns_get()
127 		get_cgroup_ns(ns);  in cgroupns_get()
131 	return ns ? &ns->ns : NULL;  in cgroupns_get()
134 static void cgroupns_put(struct ns_common *ns)  in cgroupns_put()  argument
136 	put_cgroup_ns(to_cg_ns(ns));  in cgroupns_put()
139 static struct user_namespace *cgroupns_owner(struct ns_common *ns)  in cgroupns_owner()  argument
141 	return to_cg_ns(ns)->user_ns;  in cgroupns_owner()