Commit 078de5f7 authored by Eric W. Biederman's avatar Eric W. Biederman

userns: Store uid and gid values in struct cred with kuid_t and kgid_t types

cred.h and a few trivial users of struct cred are changed.  The rest of the users
of struct cred are left for other patches as there are too many changes to make
in one go and leave the change reviewable.  If the user namespace is disabled and
CONFIG_UIDGID_STRICT_TYPE_CHECKS are disabled the code will contiue to compile
and behave correctly.
Acked-by: default avatarSerge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
parent ae2975bc
...@@ -582,7 +582,7 @@ show_fault_oops(struct pt_regs *regs, unsigned long error_code, ...@@ -582,7 +582,7 @@ show_fault_oops(struct pt_regs *regs, unsigned long error_code,
pte_t *pte = lookup_address(address, &level); pte_t *pte = lookup_address(address, &level);
if (pte && pte_present(*pte) && !pte_exec(*pte)) if (pte && pte_present(*pte) && !pte_exec(*pte))
printk(nx_warning, current_uid()); printk(nx_warning, from_kuid(&init_user_ns, current_uid()));
} }
printk(KERN_ALERT "BUG: unable to handle kernel "); printk(KERN_ALERT "BUG: unable to handle kernel ");
......
...@@ -123,9 +123,7 @@ SYSCALL_DEFINE3(ioprio_set, int, which, int, who, int, ioprio) ...@@ -123,9 +123,7 @@ SYSCALL_DEFINE3(ioprio_set, int, which, int, who, int, ioprio)
break; break;
do_each_thread(g, p) { do_each_thread(g, p) {
const struct cred *tcred = __task_cred(p); if (!uid_eq(task_uid(p), uid))
kuid_t tcred_uid = make_kuid(tcred->user_ns, tcred->uid);
if (!uid_eq(tcred_uid, uid))
continue; continue;
ret = set_task_ioprio(p, ioprio); ret = set_task_ioprio(p, ioprio);
if (ret) if (ret)
...@@ -220,9 +218,7 @@ SYSCALL_DEFINE2(ioprio_get, int, which, int, who) ...@@ -220,9 +218,7 @@ SYSCALL_DEFINE2(ioprio_get, int, which, int, who)
break; break;
do_each_thread(g, p) { do_each_thread(g, p) {
const struct cred *tcred = __task_cred(p); if (!uid_eq(task_uid(p), user->uid))
kuid_t tcred_uid = make_kuid(tcred->user_ns, tcred->uid);
if (!uid_eq(tcred_uid, user->uid))
continue; continue;
tmpio = get_task_ioprio(p); tmpio = get_task_ioprio(p);
if (tmpio < 0) if (tmpio < 0)
......
...@@ -123,14 +123,14 @@ struct cred { ...@@ -123,14 +123,14 @@ struct cred {
#define CRED_MAGIC 0x43736564 #define CRED_MAGIC 0x43736564
#define CRED_MAGIC_DEAD 0x44656144 #define CRED_MAGIC_DEAD 0x44656144
#endif #endif
uid_t uid; /* real UID of the task */ kuid_t uid; /* real UID of the task */
gid_t gid; /* real GID of the task */ kgid_t gid; /* real GID of the task */
uid_t suid; /* saved UID of the task */ kuid_t suid; /* saved UID of the task */
gid_t sgid; /* saved GID of the task */ kgid_t sgid; /* saved GID of the task */
uid_t euid; /* effective UID of the task */ kuid_t euid; /* effective UID of the task */
gid_t egid; /* effective GID of the task */ kgid_t egid; /* effective GID of the task */
uid_t fsuid; /* UID for VFS ops */ kuid_t fsuid; /* UID for VFS ops */
gid_t fsgid; /* GID for VFS ops */ kgid_t fsgid; /* GID for VFS ops */
unsigned securebits; /* SUID-less security management */ unsigned securebits; /* SUID-less security management */
kernel_cap_t cap_inheritable; /* caps our children can inherit */ kernel_cap_t cap_inheritable; /* caps our children can inherit */
kernel_cap_t cap_permitted; /* caps we're permitted */ kernel_cap_t cap_permitted; /* caps we're permitted */
......
...@@ -70,15 +70,15 @@ static inline void put_user_ns(struct user_namespace *ns) ...@@ -70,15 +70,15 @@ static inline void put_user_ns(struct user_namespace *ns)
#endif #endif
static inline uid_t user_ns_map_uid(struct user_namespace *to, static inline uid_t user_ns_map_uid(struct user_namespace *to,
const struct cred *cred, uid_t uid) const struct cred *cred, kuid_t uid)
{ {
return from_kuid_munged(to, make_kuid(cred->user_ns, uid)); return from_kuid_munged(to, uid);
} }
static inline gid_t user_ns_map_gid(struct user_namespace *to, static inline gid_t user_ns_map_gid(struct user_namespace *to,
const struct cred *cred, gid_t gid) const struct cred *cred, kgid_t gid)
{ {
return from_kgid_munged(to, make_kgid(cred->user_ns, gid)); return from_kgid_munged(to, gid);
} }
#endif /* _LINUX_USER_H */ #endif /* _LINUX_USER_H */
...@@ -49,6 +49,14 @@ struct cred init_cred = { ...@@ -49,6 +49,14 @@ struct cred init_cred = {
.subscribers = ATOMIC_INIT(2), .subscribers = ATOMIC_INIT(2),
.magic = CRED_MAGIC, .magic = CRED_MAGIC,
#endif #endif
.uid = GLOBAL_ROOT_UID,
.gid = GLOBAL_ROOT_GID,
.suid = GLOBAL_ROOT_UID,
.sgid = GLOBAL_ROOT_GID,
.euid = GLOBAL_ROOT_UID,
.egid = GLOBAL_ROOT_GID,
.fsuid = GLOBAL_ROOT_UID,
.fsgid = GLOBAL_ROOT_GID,
.securebits = SECUREBITS_DEFAULT, .securebits = SECUREBITS_DEFAULT,
.cap_inheritable = CAP_EMPTY_SET, .cap_inheritable = CAP_EMPTY_SET,
.cap_permitted = CAP_FULL_SET, .cap_permitted = CAP_FULL_SET,
...@@ -488,10 +496,10 @@ int commit_creds(struct cred *new) ...@@ -488,10 +496,10 @@ int commit_creds(struct cred *new)
get_cred(new); /* we will require a ref for the subj creds too */ get_cred(new); /* we will require a ref for the subj creds too */
/* dumpability changes */ /* dumpability changes */
if (old->euid != new->euid || if (!uid_eq(old->euid, new->euid) ||
old->egid != new->egid || !gid_eq(old->egid, new->egid) ||
old->fsuid != new->fsuid || !uid_eq(old->fsuid, new->fsuid) ||
old->fsgid != new->fsgid || !gid_eq(old->fsgid, new->fsgid) ||
!cap_issubset(new->cap_permitted, old->cap_permitted)) { !cap_issubset(new->cap_permitted, old->cap_permitted)) {
if (task->mm) if (task->mm)
set_dumpable(task->mm, suid_dumpable); set_dumpable(task->mm, suid_dumpable);
...@@ -500,9 +508,9 @@ int commit_creds(struct cred *new) ...@@ -500,9 +508,9 @@ int commit_creds(struct cred *new)
} }
/* alter the thread keyring */ /* alter the thread keyring */
if (new->fsuid != old->fsuid) if (!uid_eq(new->fsuid, old->fsuid))
key_fsuid_changed(task); key_fsuid_changed(task);
if (new->fsgid != old->fsgid) if (!gid_eq(new->fsgid, old->fsgid))
key_fsgid_changed(task); key_fsgid_changed(task);
/* do it /* do it
...@@ -519,16 +527,16 @@ int commit_creds(struct cred *new) ...@@ -519,16 +527,16 @@ int commit_creds(struct cred *new)
alter_cred_subscribers(old, -2); alter_cred_subscribers(old, -2);
/* send notifications */ /* send notifications */
if (new->uid != old->uid || if (!uid_eq(new->uid, old->uid) ||
new->euid != old->euid || !uid_eq(new->euid, old->euid) ||
new->suid != old->suid || !uid_eq(new->suid, old->suid) ||
new->fsuid != old->fsuid) !uid_eq(new->fsuid, old->fsuid))
proc_id_connector(task, PROC_EVENT_UID); proc_id_connector(task, PROC_EVENT_UID);
if (new->gid != old->gid || if (!gid_eq(new->gid, old->gid) ||
new->egid != old->egid || !gid_eq(new->egid, old->egid) ||
new->sgid != old->sgid || !gid_eq(new->sgid, old->sgid) ||
new->fsgid != old->fsgid) !gid_eq(new->fsgid, old->fsgid))
proc_id_connector(task, PROC_EVENT_GID); proc_id_connector(task, PROC_EVENT_GID);
/* release the old obj and subj refs both */ /* release the old obj and subj refs both */
......
...@@ -1038,8 +1038,10 @@ static inline void userns_fixup_signal_uid(struct siginfo *info, struct task_str ...@@ -1038,8 +1038,10 @@ static inline void userns_fixup_signal_uid(struct siginfo *info, struct task_str
if (SI_FROMKERNEL(info)) if (SI_FROMKERNEL(info))
return; return;
info->si_uid = user_ns_map_uid(task_cred_xxx(t, user_ns), rcu_read_lock();
current_cred(), info->si_uid); info->si_uid = from_kuid_munged(task_cred_xxx(t, user_ns),
make_kuid(current_user_ns(), info->si_uid));
rcu_read_unlock();
} }
#else #else
static inline void userns_fixup_signal_uid(struct siginfo *info, struct task_struct *t) static inline void userns_fixup_signal_uid(struct siginfo *info, struct task_struct *t)
...@@ -1106,7 +1108,7 @@ static int __send_signal(int sig, struct siginfo *info, struct task_struct *t, ...@@ -1106,7 +1108,7 @@ static int __send_signal(int sig, struct siginfo *info, struct task_struct *t,
q->info.si_code = SI_USER; q->info.si_code = SI_USER;
q->info.si_pid = task_tgid_nr_ns(current, q->info.si_pid = task_tgid_nr_ns(current,
task_active_pid_ns(t)); task_active_pid_ns(t));
q->info.si_uid = current_uid(); q->info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
break; break;
case (unsigned long) SEND_SIG_PRIV: case (unsigned long) SEND_SIG_PRIV:
q->info.si_signo = sig; q->info.si_signo = sig;
...@@ -1973,7 +1975,7 @@ static void ptrace_do_notify(int signr, int exit_code, int why) ...@@ -1973,7 +1975,7 @@ static void ptrace_do_notify(int signr, int exit_code, int why)
info.si_signo = signr; info.si_signo = signr;
info.si_code = exit_code; info.si_code = exit_code;
info.si_pid = task_pid_vnr(current); info.si_pid = task_pid_vnr(current);
info.si_uid = current_uid(); info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
/* Let the debugger run. */ /* Let the debugger run. */
ptrace_stop(exit_code, why, 1, &info); ptrace_stop(exit_code, why, 1, &info);
...@@ -2828,7 +2830,7 @@ SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) ...@@ -2828,7 +2830,7 @@ SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
info.si_errno = 0; info.si_errno = 0;
info.si_code = SI_USER; info.si_code = SI_USER;
info.si_pid = task_tgid_vnr(current); info.si_pid = task_tgid_vnr(current);
info.si_uid = current_uid(); info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
return kill_something_info(sig, &info, pid); return kill_something_info(sig, &info, pid);
} }
...@@ -2871,7 +2873,7 @@ static int do_tkill(pid_t tgid, pid_t pid, int sig) ...@@ -2871,7 +2873,7 @@ static int do_tkill(pid_t tgid, pid_t pid, int sig)
info.si_errno = 0; info.si_errno = 0;
info.si_code = SI_TKILL; info.si_code = SI_TKILL;
info.si_pid = task_tgid_vnr(current); info.si_pid = task_tgid_vnr(current);
info.si_uid = current_uid(); info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
return do_send_specific(tgid, pid, sig, &info); return do_send_specific(tgid, pid, sig, &info);
} }
......
...@@ -175,7 +175,6 @@ SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval) ...@@ -175,7 +175,6 @@ SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
const struct cred *cred = current_cred(); const struct cred *cred = current_cred();
int error = -EINVAL; int error = -EINVAL;
struct pid *pgrp; struct pid *pgrp;
kuid_t cred_uid;
kuid_t uid; kuid_t uid;
if (which > PRIO_USER || which < PRIO_PROCESS) if (which > PRIO_USER || which < PRIO_PROCESS)
...@@ -209,22 +208,19 @@ SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval) ...@@ -209,22 +208,19 @@ SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
} while_each_pid_thread(pgrp, PIDTYPE_PGID, p); } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
break; break;
case PRIO_USER: case PRIO_USER:
cred_uid = make_kuid(cred->user_ns, cred->uid);
uid = make_kuid(cred->user_ns, who); uid = make_kuid(cred->user_ns, who);
user = cred->user; user = cred->user;
if (!who) if (!who)
uid = cred_uid; uid = cred->uid;
else if (!uid_eq(uid, cred_uid) && else if (!uid_eq(uid, cred->uid) &&
!(user = find_user(uid))) !(user = find_user(uid)))
goto out_unlock; /* No processes for this user */ goto out_unlock; /* No processes for this user */
do_each_thread(g, p) { do_each_thread(g, p) {
const struct cred *tcred = __task_cred(p); if (uid_eq(task_uid(p), uid))
kuid_t tcred_uid = make_kuid(tcred->user_ns, tcred->uid);
if (uid_eq(tcred_uid, uid))
error = set_one_prio(p, niceval, error); error = set_one_prio(p, niceval, error);
} while_each_thread(g, p); } while_each_thread(g, p);
if (!uid_eq(uid, cred_uid)) if (!uid_eq(uid, cred->uid))
free_uid(user); /* For find_user() */ free_uid(user); /* For find_user() */
break; break;
} }
...@@ -248,7 +244,6 @@ SYSCALL_DEFINE2(getpriority, int, which, int, who) ...@@ -248,7 +244,6 @@ SYSCALL_DEFINE2(getpriority, int, which, int, who)
const struct cred *cred = current_cred(); const struct cred *cred = current_cred();
long niceval, retval = -ESRCH; long niceval, retval = -ESRCH;
struct pid *pgrp; struct pid *pgrp;
kuid_t cred_uid;
kuid_t uid; kuid_t uid;
if (which > PRIO_USER || which < PRIO_PROCESS) if (which > PRIO_USER || which < PRIO_PROCESS)
...@@ -280,25 +275,22 @@ SYSCALL_DEFINE2(getpriority, int, which, int, who) ...@@ -280,25 +275,22 @@ SYSCALL_DEFINE2(getpriority, int, which, int, who)
} while_each_pid_thread(pgrp, PIDTYPE_PGID, p); } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
break; break;
case PRIO_USER: case PRIO_USER:
cred_uid = make_kuid(cred->user_ns, cred->uid);
uid = make_kuid(cred->user_ns, who); uid = make_kuid(cred->user_ns, who);
user = cred->user; user = cred->user;
if (!who) if (!who)
uid = cred_uid; uid = cred->uid;
else if (!uid_eq(uid, cred_uid) && else if (!uid_eq(uid, cred->uid) &&
!(user = find_user(uid))) !(user = find_user(uid)))
goto out_unlock; /* No processes for this user */ goto out_unlock; /* No processes for this user */
do_each_thread(g, p) { do_each_thread(g, p) {
const struct cred *tcred = __task_cred(p); if (uid_eq(task_uid(p), uid)) {
kuid_t tcred_uid = make_kuid(tcred->user_ns, tcred->uid);
if (uid_eq(tcred_uid, uid)) {
niceval = 20 - task_nice(p); niceval = 20 - task_nice(p);
if (niceval > retval) if (niceval > retval)
retval = niceval; retval = niceval;
} }
} while_each_thread(g, p); } while_each_thread(g, p);
if (!uid_eq(uid, cred_uid)) if (!uid_eq(uid, cred->uid))
free_uid(user); /* for find_user() */ free_uid(user); /* for find_user() */
break; break;
} }
...@@ -641,7 +633,7 @@ static int set_user(struct cred *new) ...@@ -641,7 +633,7 @@ static int set_user(struct cred *new)
{ {
struct user_struct *new_user; struct user_struct *new_user;
new_user = alloc_uid(make_kuid(new->user_ns, new->uid)); new_user = alloc_uid(new->uid);
if (!new_user) if (!new_user)
return -EAGAIN; return -EAGAIN;
......
...@@ -36,8 +36,8 @@ static bool new_idmap_permitted(struct user_namespace *ns, int cap_setid, ...@@ -36,8 +36,8 @@ static bool new_idmap_permitted(struct user_namespace *ns, int cap_setid,
int create_user_ns(struct cred *new) int create_user_ns(struct cred *new)
{ {
struct user_namespace *ns, *parent_ns = new->user_ns; struct user_namespace *ns, *parent_ns = new->user_ns;
kuid_t owner = make_kuid(new->user_ns, new->euid); kuid_t owner = new->euid;
kgid_t group = make_kgid(new->user_ns, new->egid); kgid_t group = new->egid;
/* The creator needs a mapping in the parent user namespace /* The creator needs a mapping in the parent user namespace
* or else we won't be able to reasonably tell userspace who * or else we won't be able to reasonably tell userspace who
......
...@@ -410,8 +410,8 @@ static void dump_tasks(const struct mem_cgroup *memcg, const nodemask_t *nodemas ...@@ -410,8 +410,8 @@ static void dump_tasks(const struct mem_cgroup *memcg, const nodemask_t *nodemas
} }
pr_info("[%5d] %5d %5d %8lu %8lu %3u %3d %5d %s\n", pr_info("[%5d] %5d %5d %8lu %8lu %3u %3d %5d %s\n",
task->pid, task_uid(task), task->tgid, task->pid, from_kuid(&init_user_ns, task_uid(task)),
task->mm->total_vm, get_mm_rss(task->mm), task->tgid, task->mm->total_vm, get_mm_rss(task->mm),
task_cpu(task), task->signal->oom_adj, task_cpu(task), task->signal->oom_adj,
task->signal->oom_score_adj, task->comm); task->signal->oom_score_adj, task->comm);
task_unlock(task); task_unlock(task);
......
...@@ -77,8 +77,7 @@ int cap_capable(const struct cred *cred, struct user_namespace *targ_ns, ...@@ -77,8 +77,7 @@ int cap_capable(const struct cred *cred, struct user_namespace *targ_ns,
{ {
for (;;) { for (;;) {
/* The owner of the user namespace has all caps. */ /* The owner of the user namespace has all caps. */
if (targ_ns != &init_user_ns && uid_eq(targ_ns->owner, if (targ_ns != &init_user_ns && uid_eq(targ_ns->owner, cred->euid))
make_kuid(cred->user_ns, cred->euid)))
return 0; return 0;
/* Do we have the necessary capabilities? */ /* Do we have the necessary capabilities? */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment