^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * Copyright (C) 2004 IBM Corporation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * Author: Serge Hallyn <serue@us.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) #include <linux/export.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) #include <linux/uts.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) #include <linux/utsname.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) #include <linux/err.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) #include <linux/cred.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #include <linux/user_namespace.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) #include <linux/proc_ns.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #include <linux/sched/task.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) static struct kmem_cache *uts_ns_cache __ro_after_init;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) static struct ucounts *inc_uts_namespaces(struct user_namespace *ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) return inc_ucount(ns, current_euid(), UCOUNT_UTS_NAMESPACES);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) static void dec_uts_namespaces(struct ucounts *ucounts)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) dec_ucount(ucounts, UCOUNT_UTS_NAMESPACES);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) static struct uts_namespace *create_uts_ns(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) struct uts_namespace *uts_ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) uts_ns = kmem_cache_alloc(uts_ns_cache, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) if (uts_ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) kref_init(&uts_ns->kref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) return uts_ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) * Clone a new ns copying an original utsname, setting refcount to 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) * @old_ns: namespace to clone
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) * Return ERR_PTR(-ENOMEM) on error (failure to allocate), new ns otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) static struct uts_namespace *clone_uts_ns(struct user_namespace *user_ns,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) struct uts_namespace *old_ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) struct uts_namespace *ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) struct ucounts *ucounts;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) err = -ENOSPC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) ucounts = inc_uts_namespaces(user_ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) if (!ucounts)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) goto fail;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) err = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) ns = create_uts_ns();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) if (!ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) goto fail_dec;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) err = ns_alloc_inum(&ns->ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) goto fail_free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) ns->ucounts = ucounts;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) ns->ns.ops = &utsns_operations;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) down_read(&uts_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) ns->user_ns = get_user_ns(user_ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) up_read(&uts_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) return ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) fail_free:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) kmem_cache_free(uts_ns_cache, ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) fail_dec:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) dec_uts_namespaces(ucounts);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) fail:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) * Copy task tsk's utsname namespace, or clone it if flags
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) * specifies CLONE_NEWUTS. In latter case, changes to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) * utsname of this process won't be seen by parent, and vice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) * versa.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) struct uts_namespace *copy_utsname(unsigned long flags,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) struct user_namespace *user_ns, struct uts_namespace *old_ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) struct uts_namespace *new_ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) BUG_ON(!old_ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) get_uts_ns(old_ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) if (!(flags & CLONE_NEWUTS))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) return old_ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) new_ns = clone_uts_ns(user_ns, old_ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) put_uts_ns(old_ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) return new_ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) void free_uts_ns(struct kref *kref)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) struct uts_namespace *ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) ns = container_of(kref, struct uts_namespace, kref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) dec_uts_namespaces(ns->ucounts);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) put_user_ns(ns->user_ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) ns_free_inum(&ns->ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) kmem_cache_free(uts_ns_cache, ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) static inline struct uts_namespace *to_uts_ns(struct ns_common *ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) return container_of(ns, struct uts_namespace, ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) static struct ns_common *utsns_get(struct task_struct *task)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) struct uts_namespace *ns = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) struct nsproxy *nsproxy;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) task_lock(task);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) nsproxy = task->nsproxy;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) if (nsproxy) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) ns = nsproxy->uts_ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) get_uts_ns(ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) task_unlock(task);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) return ns ? &ns->ns : NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) static void utsns_put(struct ns_common *ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) put_uts_ns(to_uts_ns(ns));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) static int utsns_install(struct nsset *nsset, struct ns_common *new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) struct nsproxy *nsproxy = nsset->nsproxy;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) struct uts_namespace *ns = to_uts_ns(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) get_uts_ns(ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) put_uts_ns(nsproxy->uts_ns);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) nsproxy->uts_ns = ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) static struct user_namespace *utsns_owner(struct ns_common *ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) return to_uts_ns(ns)->user_ns;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) const struct proc_ns_operations utsns_operations = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) .name = "uts",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) .type = CLONE_NEWUTS,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) .get = utsns_get,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) .put = utsns_put,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) .install = utsns_install,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) .owner = utsns_owner,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) void __init uts_ns_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) uts_ns_cache = kmem_cache_create_usercopy(
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) "uts_namespace", sizeof(struct uts_namespace), 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) SLAB_PANIC|SLAB_ACCOUNT,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) offsetof(struct uts_namespace, name),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) sizeof_field(struct uts_namespace, name),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) }
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags