xref: /linux/kernel/time/namespace.c (revision 7138a8698a39e81eb153e05500823fff76d5b3bd) 
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Author: Andrei Vagin <avagin@openvz.org>
4  * Author: Dmitry Safonov <dima@arista.com>
5  */
6 
7 #include <linux/time_namespace.h>
8 #include <linux/user_namespace.h>
9 #include <linux/sched/signal.h>
10 #include <linux/sched/task.h>
11 #include <linux/clocksource.h>
12 #include <linux/seq_file.h>
13 #include <linux/proc_ns.h>
14 #include <linux/export.h>
15 #include <linux/nstree.h>
16 #include <linux/time.h>
17 #include <linux/slab.h>
18 #include <linux/cred.h>
19 #include <linux/err.h>
20 #include <linux/mm.h>
21 #include <linux/cleanup.h>
22 
23 #include "namespace_internal.h"
24 
25 ktime_t do_timens_ktime_to_host(clockid_t clockid, ktime_t tim,
26 				struct timens_offsets *ns_offsets)
27 {
28 	ktime_t offset;
29 
30 	switch (clockid) {
31 	case CLOCK_MONOTONIC:
32 		offset = timespec64_to_ktime(ns_offsets->monotonic);
33 		break;
34 	case CLOCK_BOOTTIME:
35 	case CLOCK_BOOTTIME_ALARM:
36 		offset = timespec64_to_ktime(ns_offsets->boottime);
37 		break;
38 	default:
39 		return tim;
40 	}
41 
42 	/*
43 	 * Check that @tim value is in [offset, KTIME_MAX + offset]
44 	 * and subtract offset.
45 	 */
46 	if (tim < offset) {
47 		/*
48 		 * User can specify @tim *absolute* value - if it's lesser than
49 		 * the time namespace's offset - it's already expired.
50 		 */
51 		tim = 0;
52 	} else {
53 		tim = ktime_sub(tim, offset);
54 		if (unlikely(tim > KTIME_MAX))
55 			tim = KTIME_MAX;
56 	}
57 
58 	return tim;
59 }
60 
61 static struct ucounts *inc_time_namespaces(struct user_namespace *ns)
62 {
63 	return inc_ucount(ns, current_euid(), UCOUNT_TIME_NAMESPACES);
64 }
65 
66 static void dec_time_namespaces(struct ucounts *ucounts)
67 {
68 	dec_ucount(ucounts, UCOUNT_TIME_NAMESPACES);
69 }
70 
71 /**
72  * clone_time_ns - Clone a time namespace
73  * @user_ns:	User namespace which owns a new namespace.
74  * @old_ns:	Namespace to clone
75  *
76  * Clone @old_ns and set the clone refcount to 1
77  *
78  * Return: The new namespace or ERR_PTR.
79  */
80 static struct time_namespace *clone_time_ns(struct user_namespace *user_ns,
81 					  struct time_namespace *old_ns)
82 {
83 	struct time_namespace *ns;
84 	struct ucounts *ucounts;
85 	int err;
86 
87 	err = -ENOSPC;
88 	ucounts = inc_time_namespaces(user_ns);
89 	if (!ucounts)
90 		goto fail;
91 
92 	err = -ENOMEM;
93 	ns = kzalloc_obj(*ns, GFP_KERNEL_ACCOUNT);
94 	if (!ns)
95 		goto fail_dec;
96 
97 	err = timens_vdso_alloc_vvar_page(ns);
98 	if (err)
99 		goto fail_free;
100 
101 	err = ns_common_init(ns);
102 	if (err)
103 		goto fail_free_page;
104 
105 	ns->ucounts = ucounts;
106 	ns->user_ns = get_user_ns(user_ns);
107 	ns->offsets = old_ns->offsets;
108 	ns->frozen_offsets = false;
109 	ns_tree_add(ns);
110 	return ns;
111 
112 fail_free_page:
113 	timens_vdso_free_vvar_page(ns);
114 fail_free:
115 	kfree(ns);
116 fail_dec:
117 	dec_time_namespaces(ucounts);
118 fail:
119 	return ERR_PTR(err);
120 }
121 
122 /**
123  * copy_time_ns - Create timens_for_children from @old_ns
124  * @flags:	Cloning flags
125  * @user_ns:	User namespace which owns a new namespace.
126  * @old_ns:	Namespace to clone
127  *
128  * If CLONE_NEWTIME specified in @flags, creates a new timens_for_children;
129  * adds a refcounter to @old_ns otherwise.
130  *
131  * Return: timens_for_children namespace or ERR_PTR.
132  */
133 struct time_namespace *copy_time_ns(u64 flags,
134 	struct user_namespace *user_ns, struct time_namespace *old_ns)
135 {
136 	if (!(flags & CLONE_NEWTIME))
137 		return get_time_ns(old_ns);
138 
139 	return clone_time_ns(user_ns, old_ns);
140 }
141 
142 DEFINE_MUTEX(timens_offset_lock);
143 
144 void free_time_ns(struct time_namespace *ns)
145 {
146 	ns_tree_remove(ns);
147 	dec_time_namespaces(ns->ucounts);
148 	put_user_ns(ns->user_ns);
149 	ns_common_free(ns);
150 	timens_vdso_free_vvar_page(ns);
151 	/* Concurrent nstree traversal depends on a grace period. */
152 	kfree_rcu(ns, ns.ns_rcu);
153 }
154 
155 static struct ns_common *timens_get(struct task_struct *task)
156 {
157 	struct time_namespace *ns;
158 	struct nsproxy *nsproxy;
159 
160 	guard(task_lock)(task);
161 	nsproxy = task->nsproxy;
162 	if (!nsproxy)
163 		return NULL;
164 
165 	ns = nsproxy->time_ns;
166 	get_time_ns(ns);
167 	return &ns->ns;
168 }
169 
170 static struct ns_common *timens_for_children_get(struct task_struct *task)
171 {
172 	struct time_namespace *ns;
173 	struct nsproxy *nsproxy;
174 
175 	guard(task_lock)(task);
176 	nsproxy = task->nsproxy;
177 	if (!nsproxy)
178 		return NULL;
179 
180 	ns = nsproxy->time_ns_for_children;
181 	get_time_ns(ns);
182 	return &ns->ns;
183 }
184 
185 static void timens_put(struct ns_common *ns)
186 {
187 	put_time_ns(to_time_ns(ns));
188 }
189 
190 static int timens_install(struct nsset *nsset, struct ns_common *new)
191 {
192 	struct nsproxy *nsproxy = nsset->nsproxy;
193 	struct time_namespace *ns = to_time_ns(new);
194 
195 	if (!current_is_single_threaded())
196 		return -EUSERS;
197 
198 	if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) ||
199 	    !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN))
200 		return -EPERM;
201 
202 	get_time_ns(ns);
203 	put_time_ns(nsproxy->time_ns);
204 	nsproxy->time_ns = ns;
205 
206 	get_time_ns(ns);
207 	put_time_ns(nsproxy->time_ns_for_children);
208 	nsproxy->time_ns_for_children = ns;
209 	return 0;
210 }
211 
212 void timens_on_fork(struct nsproxy *nsproxy, struct task_struct *tsk)
213 {
214 	struct ns_common *nsc = &nsproxy->time_ns_for_children->ns;
215 	struct time_namespace *ns = to_time_ns(nsc);
216 
217 	/* create_new_namespaces() already incremented the ref counter */
218 	if (nsproxy->time_ns == nsproxy->time_ns_for_children)
219 		return;
220 
221 	get_time_ns(ns);
222 	put_time_ns(nsproxy->time_ns);
223 	nsproxy->time_ns = ns;
224 
225 	timens_commit(tsk, ns);
226 }
227 
228 static struct user_namespace *timens_owner(struct ns_common *ns)
229 {
230 	return to_time_ns(ns)->user_ns;
231 }
232 
233 static void show_offset(struct seq_file *m, int clockid, struct timespec64 *ts)
234 {
235 	char *clock;
236 
237 	switch (clockid) {
238 	case CLOCK_BOOTTIME:
239 		clock = "boottime";
240 		break;
241 	case CLOCK_MONOTONIC:
242 		clock = "monotonic";
243 		break;
244 	default:
245 		clock = "unknown";
246 		break;
247 	}
248 	seq_printf(m, "%-10s %10lld %9ld\n", clock, ts->tv_sec, ts->tv_nsec);
249 }
250 
251 void proc_timens_show_offsets(struct task_struct *p, struct seq_file *m)
252 {
253 	struct time_namespace *time_ns __free(time_ns) = NULL;
254 	struct ns_common *ns = timens_for_children_get(p);
255 
256 	if (!ns)
257 		return;
258 
259 	time_ns = to_time_ns(ns);
260 
261 	show_offset(m, CLOCK_MONOTONIC, &time_ns->offsets.monotonic);
262 	show_offset(m, CLOCK_BOOTTIME, &time_ns->offsets.boottime);
263 }
264 
265 int proc_timens_set_offset(struct file *file, struct task_struct *p,
266 			   struct proc_timens_offset *offsets, int noffsets)
267 {
268 	struct time_namespace *time_ns __free(time_ns) = NULL;
269 	struct ns_common *ns = timens_for_children_get(p);
270 	struct timespec64 tp;
271 	int i;
272 
273 	if (!ns)
274 		return -ESRCH;
275 
276 	time_ns = to_time_ns(ns);
277 
278 	if (!file_ns_capable(file, time_ns->user_ns, CAP_SYS_TIME))
279 		return -EPERM;
280 
281 	for (i = 0; i < noffsets; i++) {
282 		struct proc_timens_offset *off = &offsets[i];
283 
284 		switch (off->clockid) {
285 		case CLOCK_MONOTONIC:
286 			ktime_get_ts64(&tp);
287 			break;
288 		case CLOCK_BOOTTIME:
289 			ktime_get_boottime_ts64(&tp);
290 			break;
291 		default:
292 			return -EINVAL;
293 		}
294 
295 		if (off->val.tv_sec > KTIME_SEC_MAX ||
296 		    off->val.tv_sec < -KTIME_SEC_MAX)
297 			return -ERANGE;
298 
299 		tp = timespec64_add(tp, off->val);
300 		/*
301 		 * KTIME_SEC_MAX is divided by 2 to be sure that KTIME_MAX is
302 		 * still unreachable.
303 		 */
304 		if (tp.tv_sec < 0 || tp.tv_sec > KTIME_SEC_MAX / 2)
305 			return -ERANGE;
306 	}
307 
308 	guard(mutex)(&timens_offset_lock);
309 	if (time_ns->frozen_offsets)
310 		return -EACCES;
311 
312 	/* Don't report errors after this line */
313 	for (i = 0; i < noffsets; i++) {
314 		struct proc_timens_offset *off = &offsets[i];
315 		struct timespec64 *offset = NULL;
316 
317 		switch (off->clockid) {
318 		case CLOCK_MONOTONIC:
319 			offset = &time_ns->offsets.monotonic;
320 			break;
321 		case CLOCK_BOOTTIME:
322 			offset = &time_ns->offsets.boottime;
323 			break;
324 		}
325 
326 		*offset = off->val;
327 	}
328 
329 	return 0;
330 }
331 
332 const struct proc_ns_operations timens_operations = {
333 	.name		= "time",
334 	.get		= timens_get,
335 	.put		= timens_put,
336 	.install	= timens_install,
337 	.owner		= timens_owner,
338 };
339 
340 const struct proc_ns_operations timens_for_children_operations = {
341 	.name		= "time_for_children",
342 	.real_ns_name	= "time",
343 	.get		= timens_for_children_get,
344 	.put		= timens_put,
345 	.install	= timens_install,
346 	.owner		= timens_owner,
347 };
348 
349 struct time_namespace init_time_ns = {
350 	.ns		= NS_COMMON_INIT(init_time_ns),
351 	.user_ns	= &init_user_ns,
352 	.frozen_offsets	= true,
353 };
354 
355 void __init time_ns_init(void)
356 {
357 	ns_tree_add(&init_time_ns);
358 }
359