From patchwork Tue Jan 17 01:03:29 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
X-Patchwork-Id: 9519755
Return-Path: <linux-fsdevel-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	29DF760244 for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue, 17 Jan 2017 01:03:51 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 13791283FD
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue, 17 Jan 2017 01:03:51 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 07E8128494; Tue, 17 Jan 2017 01:03:51 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.3 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 760F1283FD
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue, 17 Jan 2017 01:03:50 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751106AbdAQBDs (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Mon, 16 Jan 2017 20:03:48 -0500
Received: from mail-pg0-f66.google.com ([74.125.83.66]:36619 "EHLO
	mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750770AbdAQBDq (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Mon, 16 Jan 2017 20:03:46 -0500
Received: by mail-pg0-f66.google.com with SMTP id 75so6484849pgf.3;
	Mon, 16 Jan 2017 17:03:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=subject:to:references:cc:from:message-id:date:user-agent
	:mime-version:in-reply-to:content-transfer-encoding;
	bh=ftlEGYISbqIhMegbkk6+KOJwyH3/UAbQyyz0gDx6zK0=;
	b=S8hkv6FxxHDbyYIqbX2AhHKhNr5WBgKiAMmxRgoRDRm8oOjoRJAFcogyQsJfCG2o4l
	9HOzzq+Jmh8a90NBD/eNBVnPrxuOq0Ao7RHIxVS7DAQiUU2y3z66Fftx0HG5OxSrCr96
	6+PiawHxNB/Wy7CAecsXwwvNGzCwfJpKqtwgnmPEpoUTu1mPbgLt8hR9FxGhR2n2jS+/
	baS+/WgOQkugNk9tAUUDAww8xNOwCdiHgKTK2N3U3CEbwq1aa8Ab3cr+pxMiawmP89Pb
	Egsi20dyI2Q3bUdEVLKf9KkaUGsrGAkN4YghNGnk0Xk+Swct3cKdg5oMC1UO1shlYWPf
	maKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:subject:to:references:cc:from:message-id:date
	:user-agent:mime-version:in-reply-to:content-transfer-encoding;
	bh=ftlEGYISbqIhMegbkk6+KOJwyH3/UAbQyyz0gDx6zK0=;
	b=oG1IASuzyRKomYp7kRxD7Lxe1aP1OyDg82jkcZTo02JOlUfo5wcW713LO5NAOYuEv1
	MfiKJmkwrGcfLDm4odWr6x63dZChXVKMDtgWMyl/N6rzm8z3d+7Vu7Z7EufxsNiVoZjo
	fzdebE1+xQClU0A7t2eH+t6kg+8tsei+WxIdbMl4DlGVmqxEn9ZMAdN8yijhJNPQKRK/
	ig1jqRNJwyTqAiVrtbIbgRU7c8XUjs05n3PnzDI23jbQRezyJ0NJpLfxatPxScPNGq+J
	ZsPE3lQ5wJ2aOKbgmRdlAMN4PPlQDoA2m4SwbpwfZzHycIiJiCHww1nL28Jpg8xftcwC
	230Q==
X-Gm-Message-State: 
 AIkVDXJoPPF0SZDq4/VGMFAgXqnViS8tbKvbjHekzfKO+lIXQPSe5pkBCOAyd1/Vir2zPA==
X-Received: by 10.84.224.129 with SMTP id s1mr54777893plj.162.1484615015951;
	Mon, 16 Jan 2017 17:03:35 -0800 (PST)
Received: from [192.168.1.146]
	(203-96-136-154.dsl-dynamic.connections.net.nz. [203.96.136.154])
	by smtp.gmail.com with ESMTPSA id
	q145sm50349704pfq.22.2017.01.16.17.03.30
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 16 Jan 2017 17:03:34 -0800 (PST)
Subject: [PATCH v3 2/2] nsfs: Add an ioctl() to return owner UID of a userns
To: "Eric W. Biederman" <ebiederm@xmission.com>
References: <69550fe9-5347-309c-b421-79c16a6300f6@gmail.com>
Cc: mtk.manpages@gmail.com, "Serge E. Hallyn" <serge@hallyn.com>,
	linux-api@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, Andrey Vagin <avagin@openvz.org>,
	James Bottomley <James.Bottomley@hansenpartnership.com>,
	"W. Trevor King" <wking@tremily.us>,
	Alexander Viro <viro@zeniv.linux.org.uk>
From: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
Message-ID: <daac6f7d-bc1e-bd61-355b-e47cf93e2535@gmail.com>
Date: Tue, 17 Jan 2017 14:03:29 +1300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
	Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <69550fe9-5347-309c-b421-79c16a6300f6@gmail.com>
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

I'd like to write code that discovers the user namespace hierarchy on
a running system, and also shows who owns the various user namespaces.
Currently, there is no way of getting the owner UID of a user
namespace. Therefore, this patch adds an NS_GET_CREATOR_UID ioctl()
that fetches the (munged) UID of the creator of the user namespace
referred to by the specified file descriptor.

If the supplied file descriptor does not refer to a user namespace,
the operation fails with the error EINVAL.

Acked-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Michael Kerrisk <mtk-manpages@gmail.com>
---
Open questions:

Should the type for the ioctl() argument be changed? I mean,
make the following changes to the patch below:

-       unsigned int __user *argp;
+       uid_t __user *argp;

And further below, change:

-             argp = (unsigned int __user *) arg;
+             argp = (uid_t __user *) arg;

?

V3 changes:
* Fixed data type of local variable 'uid'; thanks to Andrei Vagin

V2 changes:
* Renamed ioctl() from NS_CREATOR_UID to NS_OWNER_UID, at the
  suggestion of Eric Biederman.
* Make ioctl() return UID via buffer pointed to by argp. (Returning
  the UID via the result value could lead to problems since a large
  unsigned int UID might be misinterpreted as an error.) Thanks to
  Andrei Vagin for pointing this out.
---
 fs/nsfs.c                 | 11 +++++++++++
 include/uapi/linux/nsfs.h |  8 +++++---
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/fs/nsfs.c b/fs/nsfs.c
index 5d53476..63a4ad4 100644
--- a/fs/nsfs.c
+++ b/fs/nsfs.c
@@ -7,6 +7,7 @@
 #include <linux/seq_file.h>
 #include <linux/user_namespace.h>
 #include <linux/nsfs.h>
+#include <linux/uaccess.h>
 
 static struct vfsmount *nsfs_mnt;
 
@@ -163,7 +164,10 @@ int open_related_ns(struct ns_common *ns,
 static long ns_ioctl(struct file *filp, unsigned int ioctl,
 			unsigned long arg)
 {
+	struct user_namespace *user_ns;
 	struct ns_common *ns = get_proc_ns(file_inode(filp));
+	unsigned int __user *argp;
+	uid_t uid;
 
 	switch (ioctl) {
 	case NS_GET_USERNS:
@@ -174,6 +178,13 @@ static long ns_ioctl(struct file *filp, unsigned int ioctl,
 		return open_related_ns(ns, ns->ops->get_parent);
 	case NS_GET_NSTYPE:
 		return ns->ops->type;
+	case NS_GET_OWNER_UID:
+		if (ns->ops->type != CLONE_NEWUSER)
+			return -EINVAL;
+		user_ns = container_of(ns, struct user_namespace, ns);
+		argp = (unsigned int __user *) arg;
+		uid = from_kuid_munged(current_user_ns(), user_ns->owner);
+		return put_user(uid, argp);
 	default:
 		return -ENOTTY;
 	}
diff --git a/include/uapi/linux/nsfs.h b/include/uapi/linux/nsfs.h
index 2b48df1..c4a925e 100644
--- a/include/uapi/linux/nsfs.h
+++ b/include/uapi/linux/nsfs.h
@@ -6,11 +6,13 @@
 #define NSIO	0xb7
 
 /* Returns a file descriptor that refers to an owning user namespace */
-#define NS_GET_USERNS	_IO(NSIO, 0x1)
+#define NS_GET_USERNS		_IO(NSIO, 0x1)
 /* Returns a file descriptor that refers to a parent namespace */
-#define NS_GET_PARENT	_IO(NSIO, 0x2)
+#define NS_GET_PARENT		_IO(NSIO, 0x2)
 /* Returns the type of namespace (CLONE_NEW* value) referred to by
    file descriptor */
-#define NS_GET_NSTYPE	_IO(NSIO, 0x3)
+#define NS_GET_NSTYPE		_IO(NSIO, 0x3)
+/* Get owner UID for a user namespace */
+#define NS_GET_OWNER_UID	_IO(NSIO, 0x4)
 
 #endif /* __LINUX_NSFS_H */