[GitHub/mt8127/android_kernel_alcatel_ttab.git] / include / linux / user_namespace.h

#ifndef _LINUX_USER_NAMESPACE_H
#define _LINUX_USER_NAMESPACE_H

#include <linux/kref.h>
#include <linux/nsproxy.h>
#include <linux/sched.h>
#include <linux/err.h>

#define UID_GID_MAP_MAX_EXTENTS 5

struct uid_gid_map {	/* 64 bytes -- 1 cache line */
	u32 nr_extents;
	struct uid_gid_extent {
		u32 first;
		u32 lower_first;
		u32 count;
	} extent[UID_GID_MAP_MAX_EXTENTS];
};

#define USERNS_SETGROUPS_ALLOWED 1UL

#define USERNS_INIT_FLAGS USERNS_SETGROUPS_ALLOWED

struct user_namespace {
	struct uid_gid_map	uid_map;
	struct uid_gid_map	gid_map;
	struct uid_gid_map	projid_map;
	atomic_t		count;
	struct user_namespace	*parent;
	int			level;
	kuid_t			owner;
	kgid_t			group;
	unsigned int		proc_inum;
	unsigned long		flags;
	bool			may_mount_sysfs;
	bool			may_mount_proc;
};

extern struct user_namespace init_user_ns;

#ifdef CONFIG_USER_NS

static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
{
	if (ns)
		atomic_inc(&ns->count);
	return ns;
}

extern int create_user_ns(struct cred *new);
extern int unshare_userns(unsigned long unshare_flags, struct cred **new_cred);
extern void free_user_ns(struct user_namespace *ns);

static inline void put_user_ns(struct user_namespace *ns)
{
	if (ns && atomic_dec_and_test(&ns->count))
		free_user_ns(ns);
}

struct seq_operations;
extern struct seq_operations proc_uid_seq_operations;
extern struct seq_operations proc_gid_seq_operations;
extern struct seq_operations proc_projid_seq_operations;
extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *);
extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *);
extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *);
extern ssize_t proc_setgroups_write(struct file *, const char __user *, size_t, loff_t *);
extern int proc_setgroups_show(struct seq_file *m, void *v);
extern bool userns_may_setgroups(const struct user_namespace *ns);
#else

static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
{
	return &init_user_ns;
}

static inline int create_user_ns(struct cred *new)
{
	return -EINVAL;
}

static inline int unshare_userns(unsigned long unshare_flags,
				 struct cred **new_cred)
{
	if (unshare_flags & CLONE_NEWUSER)
		return -EINVAL;
	return 0;
}

static inline void put_user_ns(struct user_namespace *ns)
{
}

static inline bool userns_may_setgroups(const struct user_namespace *ns)
{
	return true;
}
#endif

void update_mnt_policy(struct user_namespace *userns);

#endif /* _LINUX_USER_H */
Commit	Line	Data
acce292c CLG	1	#ifndef _LINUX_USER_NAMESPACE_H
	2	#define _LINUX_USER_NAMESPACE_H
	3
	4	#include <linux/kref.h>
	5	#include <linux/nsproxy.h>
	6	#include <linux/sched.h>
77ec739d	7	#include <linux/err.h>
acce292c	8
22d917d8 EB	9	#define UID_GID_MAP_MAX_EXTENTS 5
	10
	11	struct uid_gid_map { /* 64 bytes -- 1 cache line */
	12	u32 nr_extents;
	13	struct uid_gid_extent {
	14	u32 first;
	15	u32 lower_first;
	16	u32 count;
	17	} extent[UID_GID_MAP_MAX_EXTENTS];
	18	};
	19
1c587ee5 EB	20	#define USERNS_SETGROUPS_ALLOWED 1UL
	21
	22	#define USERNS_INIT_FLAGS USERNS_SETGROUPS_ALLOWED
	23
acce292c	24	struct user_namespace {
22d917d8 EB	25	struct uid_gid_map uid_map;
22d917d8 EB	26	struct uid_gid_map gid_map;
f76d207a	27	struct uid_gid_map projid_map;
c61a2810	28	atomic_t count;
aeb3ae9d	29	struct user_namespace *parent;
5c5f9cd2	30	int level;
783291e6 EB	31	kuid_t owner;
783291e6 EB	32	kgid_t group;
98f842e6	33	unsigned int proc_inum;
1c587ee5	34	unsigned long flags;
87a8ebd6 EB	35	bool may_mount_sysfs;
87a8ebd6 EB	36	bool may_mount_proc;
acce292c CLG	37	};
	38
	39	extern struct user_namespace init_user_ns;
	40
	41	#ifdef CONFIG_USER_NS
	42
	43	static inline struct user_namespace get_user_ns(struct user_namespace ns)
	44	{
	45	if (ns)
c61a2810	46	atomic_inc(&ns->count);
acce292c CLG	47	return ns;
	48	}
	49
18b6e041	50	extern int create_user_ns(struct cred *new);
b2e0d987	51	extern int unshare_userns(unsigned long unshare_flags, struct cred **new_cred);
c61a2810	52	extern void free_user_ns(struct user_namespace *ns);
acce292c CLG	53
	54	static inline void put_user_ns(struct user_namespace *ns)
	55	{
c61a2810 EB	56	if (ns && atomic_dec_and_test(&ns->count))
c61a2810 EB	57	free_user_ns(ns);
acce292c CLG	58	}
acce292c CLG	59
22d917d8 EB	60	struct seq_operations;
	61	extern struct seq_operations proc_uid_seq_operations;
	62	extern struct seq_operations proc_gid_seq_operations;
f76d207a	63	extern struct seq_operations proc_projid_seq_operations;
22d917d8 EB	64	extern ssize_t proc_uid_map_write(struct file , const char __user , size_t, loff_t *);
22d917d8 EB	65	extern ssize_t proc_gid_map_write(struct file , const char __user , size_t, loff_t *);
f76d207a	66	extern ssize_t proc_projid_map_write(struct file , const char __user , size_t, loff_t *);
1c587ee5 EB	67	extern ssize_t proc_setgroups_write(struct file , const char __user , size_t, loff_t *);
1c587ee5 EB	68	extern int proc_setgroups_show(struct seq_file m, void v);
fc9b65e3	69	extern bool userns_may_setgroups(const struct user_namespace *ns);
acce292c CLG	70	#else
	71
	72	static inline struct user_namespace get_user_ns(struct user_namespace ns)
	73	{
	74	return &init_user_ns;
	75	}
	76
18b6e041	77	static inline int create_user_ns(struct cred *new)
acce292c	78	{
18b6e041	79	return -EINVAL;
acce292c CLG	80	}
acce292c CLG	81
b2e0d987 EB	82	static inline int unshare_userns(unsigned long unshare_flags,
	83	struct cred **new_cred)
	84	{
	85	if (unshare_flags & CLONE_NEWUSER)
	86	return -EINVAL;
	87	return 0;
	88	}
	89
acce292c CLG	90	static inline void put_user_ns(struct user_namespace *ns)
	91	{
	92	}
	93
fc9b65e3 EB	94	static inline bool userns_may_setgroups(const struct user_namespace *ns)
	95	{
	96	return true;
	97	}
22d917d8 EB	98	#endif
22d917d8 EB	99
87a8ebd6 EB	100	void update_mnt_policy(struct user_namespace *userns);
87a8ebd6 EB	101
acce292c	102	#endif /* _LINUX_USER_H */