1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _LINUX_PID_NS_H
3 #define _LINUX_PID_NS_H
4 
5 #include <linux/sched.h>
6 #include <linux/bug.h>
7 #include <linux/mm.h>
8 #include <linux/workqueue.h>
9 #include <linux/threads.h>
10 #include <linux/nsproxy.h>
11 #include <linux/ns_common.h>
12 #include <linux/idr.h>
13 
14 /* MAX_PID_NS_LEVEL is needed for limiting size of 'struct pid' */
15 #define MAX_PID_NS_LEVEL 32
16 
17 struct fs_pin;
18 
19 #if defined(CONFIG_SYSCTL) && defined(CONFIG_MEMFD_CREATE)
20 /*
21  * sysctl for vm.memfd_noexec
22  * 0: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL
23  *	acts like MFD_EXEC was set.
24  * 1: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL
25  *	acts like MFD_NOEXEC_SEAL was set.
26  * 2: memfd_create() without MFD_NOEXEC_SEAL will be
27  *	rejected.
28  */
29 #define MEMFD_NOEXEC_SCOPE_EXEC			0
30 #define MEMFD_NOEXEC_SCOPE_NOEXEC_SEAL		1
31 #define MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED	2
32 #endif
33 
34 struct pid_namespace {
35 	struct idr idr;
36 	struct rcu_head rcu;
37 	unsigned int pid_allocated;
38 	struct task_struct *child_reaper;
39 	struct kmem_cache *pid_cachep;
40 	unsigned int level;
41 	struct pid_namespace *parent;
42 #ifdef CONFIG_BSD_PROCESS_ACCT
43 	struct fs_pin *bacct;
44 #endif
45 	struct user_namespace *user_ns;
46 	struct ucounts *ucounts;
47 	int reboot;	/* group exit code if this pidns was rebooted */
48 	struct ns_common ns;
49 #if defined(CONFIG_SYSCTL) && defined(CONFIG_MEMFD_CREATE)
50 	/* sysctl for vm.memfd_noexec */
51 	int memfd_noexec_scope;
52 #endif
53 } __randomize_layout;
54 
55 extern struct pid_namespace init_pid_ns;
56 
57 #define PIDNS_ADDING (1U << 31)
58 
59 #ifdef CONFIG_PID_NS
get_pid_ns(struct pid_namespace * ns)60 static inline struct pid_namespace *get_pid_ns(struct pid_namespace *ns)
61 {
62 	if (ns != &init_pid_ns)
63 		refcount_inc(&ns->ns.count);
64 	return ns;
65 }
66 
67 extern struct pid_namespace *copy_pid_ns(unsigned long flags,
68 	struct user_namespace *user_ns, struct pid_namespace *ns);
69 extern void zap_pid_ns_processes(struct pid_namespace *pid_ns);
70 extern int reboot_pid_ns(struct pid_namespace *pid_ns, int cmd);
71 extern void put_pid_ns(struct pid_namespace *ns);
72 
73 #else /* !CONFIG_PID_NS */
74 #include <linux/err.h>
75 
get_pid_ns(struct pid_namespace * ns)76 static inline struct pid_namespace *get_pid_ns(struct pid_namespace *ns)
77 {
78 	return ns;
79 }
80 
copy_pid_ns(unsigned long flags,struct user_namespace * user_ns,struct pid_namespace * ns)81 static inline struct pid_namespace *copy_pid_ns(unsigned long flags,
82 	struct user_namespace *user_ns, struct pid_namespace *ns)
83 {
84 	if (flags & CLONE_NEWPID)
85 		ns = ERR_PTR(-EINVAL);
86 	return ns;
87 }
88 
put_pid_ns(struct pid_namespace * ns)89 static inline void put_pid_ns(struct pid_namespace *ns)
90 {
91 }
92 
zap_pid_ns_processes(struct pid_namespace * ns)93 static inline void zap_pid_ns_processes(struct pid_namespace *ns)
94 {
95 	BUG();
96 }
97 
reboot_pid_ns(struct pid_namespace * pid_ns,int cmd)98 static inline int reboot_pid_ns(struct pid_namespace *pid_ns, int cmd)
99 {
100 	return 0;
101 }
102 #endif /* CONFIG_PID_NS */
103 
104 extern struct pid_namespace *task_active_pid_ns(struct task_struct *tsk);
105 void pidhash_init(void);
106 void pid_idr_init(void);
107 
task_is_in_init_pid_ns(struct task_struct * tsk)108 static inline bool task_is_in_init_pid_ns(struct task_struct *tsk)
109 {
110 	return task_active_pid_ns(tsk) == &init_pid_ns;
111 }
112 
113 #endif /* _LINUX_PID_NS_H */
114