linux-imx

/*

 *  This program is free software; you can redistribute it and/or

 *  modify it under the terms of the GNU General Public License as

 *  published by the Free Software Foundation, version 2 of the

 *  License.

 */

​

#include <linux/export.h>

#include <linux/nsproxy.h>

#include <linux/slab.h>

#include <linux/sched/signal.h>

#include <linux/user_namespace.h>

#include <linux/proc_ns.h>

#include <linux/highuid.h>

#include <linux/cred.h>

#include <linux/securebits.h>

#include <linux/keyctl.h>

#include <linux/key-type.h>

#include <keys/user-type.h>

#include <linux/seq_file.h>

#include <linux/fs.h>

#include <linux/uaccess.h>

#include <linux/ctype.h>

#include <linux/projid.h>

#include <linux/fs_struct.h>

#include <linux/bsearch.h>

#include <linux/sort.h>

​

static struct kmem_cache *user_ns_cachep __read_mostly;

static DEFINE_MUTEX(userns_state_mutex);

​

static bool new_idmap_permitted(const struct file *file,

                struct user_namespace *ns, int cap_setid,

                struct uid_gid_map *map);

static void free_user_ns(struct work_struct *work);

​

static struct ucounts *inc_user_namespaces(struct user_namespace *ns, kuid_t uid)

{

    return inc_ucount(ns, uid, UCOUNT_USER_NAMESPACES);

}

​

static void dec_user_namespaces(struct ucounts *ucounts)

{

    return dec_ucount(ucounts, UCOUNT_USER_NAMESPACES);

}

​

static void set_cred_user_ns(struct cred *cred, struct user_namespace *user_ns)

{

    /* Start with the same capabilities as init but useless for doing

     * anything as the capabilities are bound to the new user namespace.

     */

    cred->securebits = SECUREBITS_DEFAULT;

    cred->cap_inheritable = CAP_EMPTY_SET;

    cred->cap_permitted = CAP_FULL_SET;

    cred->cap_effective = CAP_FULL_SET;

    cred->cap_ambient = CAP_EMPTY_SET;

    cred->cap_bset = CAP_FULL_SET;

#ifdef CONFIG_KEYS

    key_put(cred->request_key_auth);

    cred->request_key_auth = NULL;

#endif

    /* tgcred will be cleared in our caller bc CLONE_THREAD won't be set */

    cred->user_ns = user_ns;

}

​

/*

 * Create a new user namespace, deriving the creator from the user in the

 * passed credentials, and replacing that user with the new root user for the

 * new namespace.

 *

 * This is called by copy_creds(), which will finish setting the target task's

 * credentials.

 */

int create_user_ns(struct cred *new)

{

    struct user_namespace *ns, *parent_ns = new->user_ns;

    kuid_t owner = new->euid;

    kgid_t group = new->egid;

    struct ucounts *ucounts;

    int ret, i;

​

    ret = -ENOSPC;

    if (parent_ns->level > 32)

        goto fail;

​

    ucounts = inc_user_namespaces(parent_ns, owner);

    if (!ucounts)

        goto fail;

​

    /*

     * Verify that we can not violate the policy of which files

     * may be accessed that is specified by the root directory,