From patchwork Wed Jan 25 01:04:15 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Michael Kerrisk (man-pages)" X-Patchwork-Id: 9536253 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 67EA4601D3 for ; Wed, 25 Jan 2017 01:06:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 56D2327D8D for ; Wed, 25 Jan 2017 01:06:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4B44027DF9; Wed, 25 Jan 2017 01:06:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.3 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM, T_DKIM_INVALID autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D557B27D8D for ; Wed, 25 Jan 2017 01:06:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751232AbdAYBFf (ORCPT ); Tue, 24 Jan 2017 20:05:35 -0500 Received: from mail-pf0-f193.google.com ([209.85.192.193]:34615 "EHLO mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751212AbdAYBFb (ORCPT ); Tue, 24 Jan 2017 20:05:31 -0500 Received: by mail-pf0-f193.google.com with SMTP id y143so13090371pfb.1; Tue, 24 Jan 2017 17:04:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:references:cc:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=a4gLgdGdGRfCgFLpaJz6tCfMMHJdjdOmHtRkLTiuUqM=; b=nIsghJVpodaW0zyGQj0ct5bvVXZ+BsQpzK9IaZF3ke3ANXElldqehco6nOFMNRhKR5 TXoKBQ+xitSkoxwutRAFzcBKKDd+Lz1y2JAWBToCDIKKNQhojrQA7XbpnZHFwCYfJQK6 GY2OFVFDhX9zzD88LoMqr2FS2z8N19tiP7LALo9Y5exWA+RbfNu0zZdKRf5j7wXW8n7A AwbXy6iGCZvqtQkd/21TVbGFFS4xMeu8DjUQazEAbWSZr8rZikI5Xfk+VEP9qGmUBHFb xfeZ7Uecq24XFaS8OFQ64D1FW+0lxe9cyqNKS1tTKSMWgHcASzmrPeQ27se9YliKPUoF gayg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:references:cc:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=a4gLgdGdGRfCgFLpaJz6tCfMMHJdjdOmHtRkLTiuUqM=; b=GKVY5Jbc0P9e8Loqj/FcH1pZKAe9zwpCeMS7L+EMer/JDT46Uv1394TWeUYAI8MIV8 jRbG1UvFskxFvX3Q5x2msoSd1XI0QCJQI22dAh0BJVW9USCjjZR9q4WMPoQXu7l1BfKj TAmyeRRUUA4dzFoUeN08+HFKiqZ1+0h8LFK1CXTSk8yD557vrAYluED6IHo9tNaEBy2U L5GqIZMmJjL7RKK5kSo8fjsgixkbBDUp7QPHpghl1QSYQ+9y56/GwjaNSFr7+aYWyI63 DznNAFiNzWzPMIJZ/qETYD17VnAN64hcIa//CaK1BL5Ctz9uTtaMmwR5RnKQ+fYzOcXv 7GGA== X-Gm-Message-State: AIkVDXJgqEtdmRh0Uh0ZsDcUeHUi3eF9/8+SJqsc8xU+HSUxv6u2HotD4pSRwLlmoolprg== X-Received: by 10.99.168.76 with SMTP id i12mr43826317pgp.73.1485306263765; Tue, 24 Jan 2017 17:04:23 -0800 (PST) Received: from [192.168.1.10] (168.160.69.111.dynamic.snap.net.nz. [111.69.160.168]) by smtp.gmail.com with ESMTPSA id y6sm8360789pge.16.2017.01.24.17.04.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 24 Jan 2017 17:04:22 -0800 (PST) From: "Michael Kerrisk (man-pages)" Subject: [PATCH v4 2/2] nsfs: Add an ioctl() to return owner UID of a userns To: "Eric W. Biederman" References: <93e5c7f9-9dc1-6c93-ad20-0ba053d8bfef@gmail.com> <2c27a76e-336d-e2ad-4b30-22e29249c2e9@gmail.com> Cc: mtk.manpages@gmail.com, "Serge E. Hallyn" , linux-api@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Andrey Vagin , James Bottomley , "W. Trevor King" , Alexander Viro Message-ID: <628f8630-6631-8292-1841-2a45e74ae96f@gmail.com> Date: Wed, 25 Jan 2017 14:04:15 +1300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <2c27a76e-336d-e2ad-4b30-22e29249c2e9@gmail.com> Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP I'd like to write code that discovers the user namespace hierarchy on a running system, and also shows who owns the various user namespaces. Currently, there is no way of getting the owner UID of a user namespace. Therefore, this patch adds a new NS_GET_CREATOR_UID ioctl() that fetches the UID (as seen in the user namespace of the caller) of the creator of the user namespace referred to by the specified file descriptor. If the supplied file descriptor does not refer to a user namespace, the operation fails with the error EINVAL. If the owner UID does not have a mapping in the caller's user namespace, the operation fails with the error EOVERFLOW. (Failing with EOVERFLOW, rather than returning the overflow UID, is probably easier to deal with in user-space applications.) Acked-by: Andrey Vagin Signed-off-by: Michael Kerrisk --- V4 changes: * Improve comment describing NS_GET_OWNER_UID (thanks to W. Trevor King) * Use uid_t (rather than unsigned int) as type for ioctl() argument. * Rather than returning the overflow UID if the owner UID does not have a mapping in the caller's user namespace, fail with the error EOVERFLOW. This makes user-space coding a little easier. (Thanks to the suggestion from Eric Biederman.) V3 changes: * Fixed data type of local variable 'uid'; thanks to Andrei Vagin. V2 changes: * Renamed ioctl() from NS_GET_CREATOR_UID to NS_GET_OWNER_UID, at the suggestion of Eric Biederman. * Make ioctl() return UID via buffer pointed to by argp. (Returning the UID via the result value could lead to problems since a large unsigned int UID might be misinterpreted as an error.) Thanks to Andrei Vagin for pointing this out. --- fs/nsfs.c | 13 +++++++++++++ include/uapi/linux/nsfs.h | 8 +++++--- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/fs/nsfs.c b/fs/nsfs.c index 5d53476..4842617 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -7,6 +7,7 @@ #include #include #include +#include static struct vfsmount *nsfs_mnt; @@ -163,7 +164,10 @@ int open_related_ns(struct ns_common *ns, static long ns_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) { + struct user_namespace *user_ns; struct ns_common *ns = get_proc_ns(file_inode(filp)); + uid_t __user *argp; + uid_t uid; switch (ioctl) { case NS_GET_USERNS: @@ -174,6 +178,15 @@ static long ns_ioctl(struct file *filp, unsigned int ioctl, return open_related_ns(ns, ns->ops->get_parent); case NS_GET_NSTYPE: return ns->ops->type; + case NS_GET_OWNER_UID: + if (ns->ops->type != CLONE_NEWUSER) + return -EINVAL; + user_ns = container_of(ns, struct user_namespace, ns); + argp = (uid_t __user *) arg; + uid = from_kuid(current_user_ns(), user_ns->owner); + if (uid == (uid_t)-1) + return -EOVERFLOW; + return put_user(uid, argp); default: return -ENOTTY; } diff --git a/include/uapi/linux/nsfs.h b/include/uapi/linux/nsfs.h index 2b48df1..1a3ca79 100644 --- a/include/uapi/linux/nsfs.h +++ b/include/uapi/linux/nsfs.h @@ -6,11 +6,13 @@ #define NSIO 0xb7 /* Returns a file descriptor that refers to an owning user namespace */ -#define NS_GET_USERNS _IO(NSIO, 0x1) +#define NS_GET_USERNS _IO(NSIO, 0x1) /* Returns a file descriptor that refers to a parent namespace */ -#define NS_GET_PARENT _IO(NSIO, 0x2) +#define NS_GET_PARENT _IO(NSIO, 0x2) /* Returns the type of namespace (CLONE_NEW* value) referred to by file descriptor */ -#define NS_GET_NSTYPE _IO(NSIO, 0x3) +#define NS_GET_NSTYPE _IO(NSIO, 0x3) +/* Get owner UID (in the caller's user namespace) for a user namespace */ +#define NS_GET_OWNER_UID _IO(NSIO, 0x4) #endif /* __LINUX_NSFS_H */