1#ifndef _LINUX_USER_NAMESPACE_H
2#define _LINUX_USER_NAMESPACE_H
3
4#include <linux/kref.h>
5#include <linux/nsproxy.h>
6#include <linux/sched.h>
7#include <linux/err.h>
8
9#define UID_GID_MAP_MAX_EXTENTS 5
10
11struct uid_gid_map {
12 u32 nr_extents;
13 struct uid_gid_extent {
14 u32 first;
15 u32 lower_first;
16 u32 count;
17 } extent[UID_GID_MAP_MAX_EXTENTS];
18};
19
20struct user_namespace {
21 struct uid_gid_map uid_map;
22 struct uid_gid_map gid_map;
23 struct uid_gid_map projid_map;
24 atomic_t count;
25 struct user_namespace *parent;
26 int level;
27 kuid_t owner;
28 kgid_t group;
29 unsigned int proc_inum;
30 bool may_mount_sysfs;
31 bool may_mount_proc;
32};
33
34extern struct user_namespace init_user_ns;
35
36#ifdef CONFIG_USER_NS
37
38static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
39{
40 if (ns)
41 atomic_inc(&ns->count);
42 return ns;
43}
44
45extern int create_user_ns(struct cred *new);
46extern int unshare_userns(unsigned long unshare_flags, struct cred **new_cred);
47extern void free_user_ns(struct user_namespace *ns);
48
49static inline void put_user_ns(struct user_namespace *ns)
50{
51 if (ns && atomic_dec_and_test(&ns->count))
52 free_user_ns(ns);
53}
54
55struct seq_operations;
56extern struct seq_operations proc_uid_seq_operations;
57extern struct seq_operations proc_gid_seq_operations;
58extern struct seq_operations proc_projid_seq_operations;
59extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *);
60extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *);
61extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *);
62#else
63
64static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
65{
66 return &init_user_ns;
67}
68
69static inline int create_user_ns(struct cred *new)
70{
71 return -EINVAL;
72}
73
74static inline int unshare_userns(unsigned long unshare_flags,
75 struct cred **new_cred)
76{
77 if (unshare_flags & CLONE_NEWUSER)
78 return -EINVAL;
79 return 0;
80}
81
82static inline void put_user_ns(struct user_namespace *ns)
83{
84}
85
86#endif
87
88void update_mnt_policy(struct user_namespace *userns);
89
90#endif
91