1 // SPDX-License-Identifier: GPL-2.0-only
68  * ns_tree_node_init - Initialize a namespace tree node
75 	RB_CLEAR_NODE(&node->ns_node);  in ns_tree_node_init()
76 	INIT_LIST_HEAD(&node->ns_list_entry);  in ns_tree_node_init()
80  * ns_tree_root_init - Initialize a namespace tree root
87 	root->ns_rb = RB_ROOT;  in ns_tree_root_init()
88 	INIT_LIST_HEAD(&root->ns_list_head);  in ns_tree_root_init()
92  * ns_tree_node_empty - Check if a namespace tree node is empty
99 	return RB_EMPTY_NODE(&node->ns_node);  in ns_tree_node_empty()
103  * ns_tree_node_add - Add a node to a namespace tree
121 	ret = rb_find_add_rcu(&node->ns_node, &root->ns_rb, cmp);  in ns_tree_node_add()
124 	prev = rb_prev(&node->ns_node);  in ns_tree_node_add()
127 		list_add_rcu(&node->ns_list_entry, &root->ns_list_head);  in ns_tree_node_add()
132 		list_add_rcu(&node->ns_list_entry, &prev_node->ns_list_entry);  in ns_tree_node_add()
139  * ns_tree_node_del - Remove a node from a namespace tree
147 	rb_erase(&node->ns_node, &root->ns_rb);  in ns_tree_node_del()
148 	RB_CLEAR_NODE(&node->ns_node);  in ns_tree_node_del()
149 	list_bidir_del_rcu(&node->ns_list_entry);  in ns_tree_node_del()
176 		return -1;  in ns_id_cmp()
184 	return ns_id_cmp(node_to_ns(a)->ns_id, node_to_ns(b)->ns_id);  in ns_cmp()
189 	return ns_id_cmp(node_to_ns_unified(a)->ns_id, node_to_ns_unified(b)->ns_id);  in ns_cmp_unified()
194 	return ns_id_cmp(node_to_ns_owner(a)->ns_id, node_to_ns_owner(b)->ns_id);  in ns_cmp_owner()
197 void __ns_tree_add_raw(struct ns_common *ns, struct ns_tree_root *ns_tree)  in __ns_tree_add_raw()  argument
200 	const struct proc_ns_operations *ops = ns->ops;  in __ns_tree_add_raw()
202 	VFS_WARN_ON_ONCE(!ns->ns_id);  in __ns_tree_add_raw()
206 	/* Add to per-type tree and list */  in __ns_tree_add_raw()
207 	node = ns_tree_node_add(&ns->ns_tree_node, ns_tree, ns_cmp);  in __ns_tree_add_raw()
210 	ns_tree_node_add(&ns->ns_unified_node, &ns_unified_root, ns_cmp_unified);  in __ns_tree_add_raw()
216 		VFS_WARN_ON_ONCE(!ops->owner);  in __ns_tree_add_raw()
217 		user_ns = ops->owner(ns);  in __ns_tree_add_raw()
219 			struct ns_common *owner = &user_ns->ns;  in __ns_tree_add_raw()
220 			VFS_WARN_ON_ONCE(owner->ns_type != CLONE_NEWUSER);  in __ns_tree_add_raw()
223 			ns_tree_node_add(&ns->ns_owner_node, &owner->ns_owner_root, ns_cmp_owner);  in __ns_tree_add_raw()
226 			VFS_WARN_ON_ONCE(ns != to_ns_common(&init_user_ns));  in __ns_tree_add_raw()
233 void __ns_tree_remove(struct ns_common *ns, struct ns_tree_root *ns_tree)  in __ns_tree_remove()  argument
235 	const struct proc_ns_operations *ops = ns->ops;  in __ns_tree_remove()
238 	VFS_WARN_ON_ONCE(ns_tree_node_empty(&ns->ns_tree_node));  in __ns_tree_remove()
239 	VFS_WARN_ON_ONCE(list_empty(&ns->ns_tree_node.ns_list_entry));  in __ns_tree_remove()
243 	/* Remove from per-type tree and list */  in __ns_tree_remove()
244 	ns_tree_node_del(&ns->ns_tree_node, ns_tree);  in __ns_tree_remove()
247 	ns_tree_node_del(&ns->ns_unified_node, &ns_unified_root);  in __ns_tree_remove()
251 		user_ns = ops->owner(ns);  in __ns_tree_remove()
253 			struct ns_common *owner = &user_ns->ns;  in __ns_tree_remove()
254 			ns_tree_node_del(&ns->ns_owner_node, &owner->ns_owner_root);  in __ns_tree_remove()
265 	const struct ns_common *ns = node_to_ns(node);  in ns_find()  local
267 	if (ns_id < ns->ns_id)  in ns_find()
268 		return -1;  in ns_find()
269 	if (ns_id > ns->ns_id)  in ns_find()
277 	const struct ns_common *ns = node_to_ns_unified(node);  in ns_find_unified()  local
279 	if (ns_id < ns->ns_id)  in ns_find_unified()
280 		return -1;  in ns_find_unified()
281 	if (ns_id > ns->ns_id)  in ns_find_unified()
337 		node = rb_find_rcu(&ns_id, &ns_tree->ns_rb, ns_find);  in __ns_tree_lookup_rcu()
356  * __ns_tree_adjoined_rcu - find the next/previous namespace in the same
358  * @ns: namespace to start from
362  * Find the next or previous namespace in the same tree as @ns. If
363  * there is no next/previous namespace, -ENOENT is returned.
365 struct ns_common *__ns_tree_adjoined_rcu(struct ns_common *ns,  in __ns_tree_adjoined_rcu()  argument
373 		list = rcu_dereference(list_bidir_prev_rcu(&ns->ns_tree_node.ns_list_entry));  in __ns_tree_adjoined_rcu()
375 		list = rcu_dereference(list_next_rcu(&ns->ns_tree_node.ns_list_entry));  in __ns_tree_adjoined_rcu()
376 	if (list_is_head(list, &ns_tree->ns_list_head))  in __ns_tree_adjoined_rcu()
377 		return ERR_PTR(-ENOENT);  in __ns_tree_adjoined_rcu()
383  * __ns_tree_gen_id - generate a new namespace id
384  * @ns: namespace to generate id for
385  * @id: if non-zero, this is the initial namespace and this is a fixed id
392 u64 __ns_tree_gen_id(struct ns_common *ns, u64 id)  in __ns_tree_gen_id()  argument
397 		ns->ns_id = id;  in __ns_tree_gen_id()
399 		ns->ns_id = atomic64_inc_return(&namespace_cookie);  in __ns_tree_gen_id()
400 	return ns->ns_id;  in __ns_tree_gen_id()
416 	if (kls->user_ns_id != LISTNS_CURRENT_USER)  in __free_klistns_free()
417 		put_user_ns(kls->user_ns);  in __free_klistns_free()
418 	if (kls->first_ns && kls->first_ns->ops)  in __free_klistns_free()
419 		kls->first_ns->ops->put(kls->first_ns);  in __free_klistns_free()
432 	ret = get_user(usize, &req->size);  in copy_ns_id_req()
434 		return -EFAULT;  in copy_ns_id_req()
436 		return -E2BIG;  in copy_ns_id_req()
438 		return -EINVAL;  in copy_ns_id_req()
443 	if (kreq->spare != 0)  in copy_ns_id_req()
444 		return -EINVAL;  in copy_ns_id_req()
445 	if (kreq->ns_type & ~NS_ALL)  in copy_ns_id_req()
446 		return -EOPNOTSUPP;  in copy_ns_id_req()
453 	kls->last_ns_id = kreq->ns_id;  in prepare_klistns()
454 	kls->user_ns_id = kreq->user_ns_id;  in prepare_klistns()
455 	kls->nr_ns_ids	= nr_ns_ids;  in prepare_klistns()
456 	kls->ns_type	= kreq->ns_type;  in prepare_klistns()
457 	kls->uns_ids	= ns_ids;  in prepare_klistns()
470 	VFS_WARN_ON_ONCE(owner->ns_type != CLONE_NEWUSER);  in lookup_ns_owner_at()
474 	node = owner->ns_owner_root.ns_rb.rb_node;  in lookup_ns_owner_at()
476 		struct ns_common *ns;  in lookup_ns_owner_at()  local
478 		ns = node_to_ns_owner(node);  in lookup_ns_owner_at()
479 		if (ns_id <= ns->ns_id) {  in lookup_ns_owner_at()
480 			ret = ns;  in lookup_ns_owner_at()
481 			if (ns_id == ns->ns_id)  in lookup_ns_owner_at()
483 			node = node->rb_left;  in lookup_ns_owner_at()
485 			node = node->rb_right;  in lookup_ns_owner_at()
496 	struct ns_common *ns;  in lookup_ns_id()  local
499 	ns = ns_tree_lookup_rcu(mnt_ns_id, ns_type);  in lookup_ns_id()
500 	if (!ns)  in lookup_ns_id()
503 	if (!ns_get_unless_inactive(ns))  in lookup_ns_id()
506 	return ns;  in lookup_ns_id()
510 					     const struct ns_common *ns)  in ns_requested()  argument
512 	return !kls->ns_type || (kls->ns_type & ns->ns_type);  in ns_requested()
516 					    struct ns_common *ns)  in may_list_ns()  argument
518 	if (kls->user_ns) {  in may_list_ns()
519 		if (kls->userns_capable)  in may_list_ns()
525 		owner = ns_owner(ns);  in may_list_ns()
534 	if (is_current_namespace(ns))  in may_list_ns()
537 	if (ns->ns_type != CLONE_NEWUSER)  in may_list_ns()
540 	if (ns_capable_noaudit(to_user_ns(ns), CAP_SYS_ADMIN))  in may_list_ns()
546 static inline void ns_put(struct ns_common *ns)  in ns_put()  argument
548 	if (ns && ns->ops)  in ns_put()
549 		ns->ops->put(ns);  in ns_put()
557 	struct ns_common *ns __free(ns_put) = NULL;  in legitimize_ns()
562 	ns = ns_get_unless_inactive(candidate);  in legitimize_ns()
563 	if (!ns)  in legitimize_ns()
566 	if (!may_list_ns(kls, ns))  in legitimize_ns()
569 	return no_free_ptr(ns);  in legitimize_ns()
574 	u64 __user *ns_ids = kls->uns_ids;  in do_listns_userns()
575 	size_t nr_ns_ids = kls->nr_ns_ids;  in do_listns_userns()
576 	struct ns_common *ns = NULL, *first_ns = NULL, *prev = NULL;  in do_listns_userns()  local
580 	VFS_WARN_ON_ONCE(!kls->user_ns_id);  in do_listns_userns()
582 	if (kls->user_ns_id == LISTNS_CURRENT_USER)  in do_listns_userns()
583 		ns = to_ns_common(current_user_ns());  in do_listns_userns()
584 	else if (kls->user_ns_id)  in do_listns_userns()
585 		ns = lookup_ns_id(kls->user_ns_id, CLONE_NEWUSER);  in do_listns_userns()
586 	if (!ns)  in do_listns_userns()
587 		return -EINVAL;  in do_listns_userns()
588 	kls->user_ns = to_user_ns(ns);  in do_listns_userns()
594 	if (kls->last_ns_id) {  in do_listns_userns()
595 		kls->first_ns = lookup_ns_owner_at(kls->last_ns_id + 1, ns);  in do_listns_userns()
596 		if (!kls->first_ns)  in do_listns_userns()
597 			return -ENOENT;  in do_listns_userns()
598 		first_ns = kls->first_ns;  in do_listns_userns()
602 	head = &to_ns_common(kls->user_ns)->ns_owner_root.ns_list_head;  in do_listns_userns()
603 	kls->userns_capable = ns_capable_noaudit(kls->user_ns, CAP_SYS_ADMIN);  in do_listns_userns()
608 		first_ns = list_entry_rcu(head->next, typeof(*first_ns), ns_owner_node.ns_list_entry);  in do_listns_userns()
610 	ns = first_ns;  in do_listns_userns()
611 	list_for_each_entry_from_rcu(ns, head, ns_owner_node.ns_list_entry) {  in do_listns_userns()
617 		valid = legitimize_ns(kls, ns);  in do_listns_userns()
626 		if (put_user(valid->ns_id, ns_ids + ret)) {  in do_listns_userns()
628 			return -EFAULT;  in do_listns_userns()
631 		nr_ns_ids--;  in do_listns_userns()
643  * Lookup a namespace with id >= ns_id in either the unified tree or a type-specific tree.
661 		node = ns_tree->ns_rb.rb_node;  in lookup_ns_id_at()
666 		struct ns_common *ns;  in lookup_ns_id_at()  local
669 			ns = node_to_ns(node);  in lookup_ns_id_at()
671 			ns = node_to_ns_unified(node);  in lookup_ns_id_at()
673 		if (ns_id <= ns->ns_id) {  in lookup_ns_id_at()
678 			if (ns_id == ns->ns_id)  in lookup_ns_id_at()
680 			node = node->rb_left;  in lookup_ns_id_at()
682 			node = node->rb_right;  in lookup_ns_id_at()
695 		return list_entry_rcu(head->next, struct ns_common, ns_tree_node.ns_list_entry);  in first_ns_common()
696 	return list_entry_rcu(head->next, struct ns_common, ns_unified_node.ns_list_entry);  in first_ns_common()
699 static inline struct ns_common *next_ns_common(struct ns_common *ns,  in next_ns_common()  argument
703 …return list_entry_rcu(ns->ns_tree_node.ns_list_entry.next, struct ns_common, ns_tree_node.ns_list_…  in next_ns_common()
704 …return list_entry_rcu(ns->ns_unified_node.ns_list_entry.next, struct ns_common, ns_unified_node.ns…  in next_ns_common()
707 static inline bool ns_common_is_head(struct ns_common *ns,  in ns_common_is_head()  argument
712 		return &ns->ns_tree_node.ns_list_entry == head;  in ns_common_is_head()
713 	return &ns->ns_unified_node.ns_list_entry == head;  in ns_common_is_head()
718 	u64 __user *ns_ids = kls->uns_ids;  in do_listns()
719 	size_t nr_ns_ids = kls->nr_ns_ids;  in do_listns()
720 	struct ns_common *ns, *first_ns = NULL, *prev = NULL;  in do_listns()  local
726 	if (hweight32(kls->ns_type) == 1)  in do_listns()
727 		ns_type = kls->ns_type;  in do_listns()
734 			return -EINVAL;  in do_listns()
737 	if (kls->last_ns_id) {  in do_listns()
738 		kls->first_ns = lookup_ns_id_at(kls->last_ns_id + 1, ns_type);  in do_listns()
739 		if (!kls->first_ns)  in do_listns()
740 			return -ENOENT;  in do_listns()
741 		first_ns = kls->first_ns;  in do_listns()
746 		head = &ns_tree->ns_list_head;  in do_listns()
755 	for (ns = first_ns; !ns_common_is_head(ns, head, ns_tree) && nr_ns_ids;  in do_listns()
756 	     ns = next_ns_common(ns, ns_tree)) {  in do_listns()
759 		valid = legitimize_ns(kls, ns);  in do_listns()
768 		if (put_user(valid->ns_id, ns_ids + ret)) {  in do_listns()
770 			return -EFAULT;  in do_listns()
773 		nr_ns_ids--;  in do_listns()
793 		return -EINVAL;  in SYSCALL_DEFINE4()
796 		return -EOVERFLOW;  in SYSCALL_DEFINE4()
799 		return -EFAULT;  in SYSCALL_DEFINE4()