1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Author: Andrei Vagin <avagin@openvz.org> 4 * Author: Dmitry Safonov <dima@arista.com> 5 */ 6 7 #include <linux/time_namespace.h> 8 #include <linux/user_namespace.h> 9 #include <linux/sched/signal.h> 10 #include <linux/sched/task.h> 11 #include <linux/clocksource.h> 12 #include <linux/seq_file.h> 13 #include <linux/proc_ns.h> 14 #include <linux/export.h> 15 #include <linux/nstree.h> 16 #include <linux/time.h> 17 #include <linux/slab.h> 18 #include <linux/cred.h> 19 #include <linux/err.h> 20 #include <linux/mm.h> 21 22 #include "namespace_internal.h" 23 24 ktime_t do_timens_ktime_to_host(clockid_t clockid, ktime_t tim, 25 struct timens_offsets *ns_offsets) 26 { 27 ktime_t offset; 28 29 switch (clockid) { 30 case CLOCK_MONOTONIC: 31 offset = timespec64_to_ktime(ns_offsets->monotonic); 32 break; 33 case CLOCK_BOOTTIME: 34 case CLOCK_BOOTTIME_ALARM: 35 offset = timespec64_to_ktime(ns_offsets->boottime); 36 break; 37 default: 38 return tim; 39 } 40 41 /* 42 * Check that @tim value is in [offset, KTIME_MAX + offset] 43 * and subtract offset. 44 */ 45 if (tim < offset) { 46 /* 47 * User can specify @tim *absolute* value - if it's lesser than 48 * the time namespace's offset - it's already expired. 49 */ 50 tim = 0; 51 } else { 52 tim = ktime_sub(tim, offset); 53 if (unlikely(tim > KTIME_MAX)) 54 tim = KTIME_MAX; 55 } 56 57 return tim; 58 } 59 60 static struct ucounts *inc_time_namespaces(struct user_namespace *ns) 61 { 62 return inc_ucount(ns, current_euid(), UCOUNT_TIME_NAMESPACES); 63 } 64 65 static void dec_time_namespaces(struct ucounts *ucounts) 66 { 67 dec_ucount(ucounts, UCOUNT_TIME_NAMESPACES); 68 } 69 70 /** 71 * clone_time_ns - Clone a time namespace 72 * @user_ns: User namespace which owns a new namespace. 73 * @old_ns: Namespace to clone 74 * 75 * Clone @old_ns and set the clone refcount to 1 76 * 77 * Return: The new namespace or ERR_PTR. 78 */ 79 static struct time_namespace *clone_time_ns(struct user_namespace *user_ns, 80 struct time_namespace *old_ns) 81 { 82 struct time_namespace *ns; 83 struct ucounts *ucounts; 84 int err; 85 86 err = -ENOSPC; 87 ucounts = inc_time_namespaces(user_ns); 88 if (!ucounts) 89 goto fail; 90 91 err = -ENOMEM; 92 ns = kzalloc_obj(*ns, GFP_KERNEL_ACCOUNT); 93 if (!ns) 94 goto fail_dec; 95 96 ns->vvar_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); 97 if (!ns->vvar_page) 98 goto fail_free; 99 100 err = ns_common_init(ns); 101 if (err) 102 goto fail_free_page; 103 104 ns->ucounts = ucounts; 105 ns->user_ns = get_user_ns(user_ns); 106 ns->offsets = old_ns->offsets; 107 ns->frozen_offsets = false; 108 ns_tree_add(ns); 109 return ns; 110 111 fail_free_page: 112 __free_page(ns->vvar_page); 113 fail_free: 114 kfree(ns); 115 fail_dec: 116 dec_time_namespaces(ucounts); 117 fail: 118 return ERR_PTR(err); 119 } 120 121 /** 122 * copy_time_ns - Create timens_for_children from @old_ns 123 * @flags: Cloning flags 124 * @user_ns: User namespace which owns a new namespace. 125 * @old_ns: Namespace to clone 126 * 127 * If CLONE_NEWTIME specified in @flags, creates a new timens_for_children; 128 * adds a refcounter to @old_ns otherwise. 129 * 130 * Return: timens_for_children namespace or ERR_PTR. 131 */ 132 struct time_namespace *copy_time_ns(u64 flags, 133 struct user_namespace *user_ns, struct time_namespace *old_ns) 134 { 135 if (!(flags & CLONE_NEWTIME)) 136 return get_time_ns(old_ns); 137 138 return clone_time_ns(user_ns, old_ns); 139 } 140 141 DEFINE_MUTEX(timens_offset_lock); 142 143 void free_time_ns(struct time_namespace *ns) 144 { 145 ns_tree_remove(ns); 146 dec_time_namespaces(ns->ucounts); 147 put_user_ns(ns->user_ns); 148 ns_common_free(ns); 149 __free_page(ns->vvar_page); 150 /* Concurrent nstree traversal depends on a grace period. */ 151 kfree_rcu(ns, ns.ns_rcu); 152 } 153 154 static struct ns_common *timens_get(struct task_struct *task) 155 { 156 struct time_namespace *ns = NULL; 157 struct nsproxy *nsproxy; 158 159 task_lock(task); 160 nsproxy = task->nsproxy; 161 if (nsproxy) { 162 ns = nsproxy->time_ns; 163 get_time_ns(ns); 164 } 165 task_unlock(task); 166 167 return ns ? &ns->ns : NULL; 168 } 169 170 static struct ns_common *timens_for_children_get(struct task_struct *task) 171 { 172 struct time_namespace *ns = NULL; 173 struct nsproxy *nsproxy; 174 175 task_lock(task); 176 nsproxy = task->nsproxy; 177 if (nsproxy) { 178 ns = nsproxy->time_ns_for_children; 179 get_time_ns(ns); 180 } 181 task_unlock(task); 182 183 return ns ? &ns->ns : NULL; 184 } 185 186 static void timens_put(struct ns_common *ns) 187 { 188 put_time_ns(to_time_ns(ns)); 189 } 190 191 static int timens_install(struct nsset *nsset, struct ns_common *new) 192 { 193 struct nsproxy *nsproxy = nsset->nsproxy; 194 struct time_namespace *ns = to_time_ns(new); 195 196 if (!current_is_single_threaded()) 197 return -EUSERS; 198 199 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || 200 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) 201 return -EPERM; 202 203 get_time_ns(ns); 204 put_time_ns(nsproxy->time_ns); 205 nsproxy->time_ns = ns; 206 207 get_time_ns(ns); 208 put_time_ns(nsproxy->time_ns_for_children); 209 nsproxy->time_ns_for_children = ns; 210 return 0; 211 } 212 213 void timens_on_fork(struct nsproxy *nsproxy, struct task_struct *tsk) 214 { 215 struct ns_common *nsc = &nsproxy->time_ns_for_children->ns; 216 struct time_namespace *ns = to_time_ns(nsc); 217 218 /* create_new_namespaces() already incremented the ref counter */ 219 if (nsproxy->time_ns == nsproxy->time_ns_for_children) 220 return; 221 222 get_time_ns(ns); 223 put_time_ns(nsproxy->time_ns); 224 nsproxy->time_ns = ns; 225 226 timens_commit(tsk, ns); 227 } 228 229 static struct user_namespace *timens_owner(struct ns_common *ns) 230 { 231 return to_time_ns(ns)->user_ns; 232 } 233 234 static void show_offset(struct seq_file *m, int clockid, struct timespec64 *ts) 235 { 236 char *clock; 237 238 switch (clockid) { 239 case CLOCK_BOOTTIME: 240 clock = "boottime"; 241 break; 242 case CLOCK_MONOTONIC: 243 clock = "monotonic"; 244 break; 245 default: 246 clock = "unknown"; 247 break; 248 } 249 seq_printf(m, "%-10s %10lld %9ld\n", clock, ts->tv_sec, ts->tv_nsec); 250 } 251 252 void proc_timens_show_offsets(struct task_struct *p, struct seq_file *m) 253 { 254 struct ns_common *ns; 255 struct time_namespace *time_ns; 256 257 ns = timens_for_children_get(p); 258 if (!ns) 259 return; 260 time_ns = to_time_ns(ns); 261 262 show_offset(m, CLOCK_MONOTONIC, &time_ns->offsets.monotonic); 263 show_offset(m, CLOCK_BOOTTIME, &time_ns->offsets.boottime); 264 put_time_ns(time_ns); 265 } 266 267 int proc_timens_set_offset(struct file *file, struct task_struct *p, 268 struct proc_timens_offset *offsets, int noffsets) 269 { 270 struct ns_common *ns; 271 struct time_namespace *time_ns; 272 struct timespec64 tp; 273 int i, err; 274 275 ns = timens_for_children_get(p); 276 if (!ns) 277 return -ESRCH; 278 time_ns = to_time_ns(ns); 279 280 if (!file_ns_capable(file, time_ns->user_ns, CAP_SYS_TIME)) { 281 put_time_ns(time_ns); 282 return -EPERM; 283 } 284 285 for (i = 0; i < noffsets; i++) { 286 struct proc_timens_offset *off = &offsets[i]; 287 288 switch (off->clockid) { 289 case CLOCK_MONOTONIC: 290 ktime_get_ts64(&tp); 291 break; 292 case CLOCK_BOOTTIME: 293 ktime_get_boottime_ts64(&tp); 294 break; 295 default: 296 err = -EINVAL; 297 goto out; 298 } 299 300 err = -ERANGE; 301 302 if (off->val.tv_sec > KTIME_SEC_MAX || 303 off->val.tv_sec < -KTIME_SEC_MAX) 304 goto out; 305 306 tp = timespec64_add(tp, off->val); 307 /* 308 * KTIME_SEC_MAX is divided by 2 to be sure that KTIME_MAX is 309 * still unreachable. 310 */ 311 if (tp.tv_sec < 0 || tp.tv_sec > KTIME_SEC_MAX / 2) 312 goto out; 313 } 314 315 mutex_lock(&timens_offset_lock); 316 if (time_ns->frozen_offsets) { 317 err = -EACCES; 318 goto out_unlock; 319 } 320 321 err = 0; 322 /* Don't report errors after this line */ 323 for (i = 0; i < noffsets; i++) { 324 struct proc_timens_offset *off = &offsets[i]; 325 struct timespec64 *offset = NULL; 326 327 switch (off->clockid) { 328 case CLOCK_MONOTONIC: 329 offset = &time_ns->offsets.monotonic; 330 break; 331 case CLOCK_BOOTTIME: 332 offset = &time_ns->offsets.boottime; 333 break; 334 } 335 336 *offset = off->val; 337 } 338 339 out_unlock: 340 mutex_unlock(&timens_offset_lock); 341 out: 342 put_time_ns(time_ns); 343 344 return err; 345 } 346 347 const struct proc_ns_operations timens_operations = { 348 .name = "time", 349 .get = timens_get, 350 .put = timens_put, 351 .install = timens_install, 352 .owner = timens_owner, 353 }; 354 355 const struct proc_ns_operations timens_for_children_operations = { 356 .name = "time_for_children", 357 .real_ns_name = "time", 358 .get = timens_for_children_get, 359 .put = timens_put, 360 .install = timens_install, 361 .owner = timens_owner, 362 }; 363 364 struct time_namespace init_time_ns = { 365 .ns = NS_COMMON_INIT(init_time_ns), 366 .user_ns = &init_user_ns, 367 .frozen_offsets = true, 368 }; 369 370 void __init time_ns_init(void) 371 { 372 ns_tree_add(&init_time_ns); 373 } 374