[people/ms/linux.git] / ipc / ipc_sysctl.c

// SPDX-License-Identifier: GPL-2.0-only
/*
 *  Copyright (C) 2007
 *
 *  Author: Eric Biederman <ebiederm@xmision.com>
 */

#include <linux/module.h>
#include <linux/ipc.h>
#include <linux/nsproxy.h>
#include <linux/sysctl.h>
#include <linux/uaccess.h>
#include <linux/capability.h>
#include <linux/ipc_namespace.h>
#include <linux/msg.h>
#include "util.h"

static void *get_ipc(struct ctl_table *table)
{
	char *which = table->data;
	struct ipc_namespace *ipc_ns = current->nsproxy->ipc_ns;
	which = (which - (char *)&init_ipc_ns) + (char *)ipc_ns;
	return which;
}

static int proc_ipc_dointvec(struct ctl_table *table, int write,
		void *buffer, size_t *lenp, loff_t *ppos)
{
	struct ctl_table ipc_table;

	memcpy(&ipc_table, table, sizeof(ipc_table));
	ipc_table.data = get_ipc(table);

	return proc_dointvec(&ipc_table, write, buffer, lenp, ppos);
}

static int proc_ipc_dointvec_minmax(struct ctl_table *table, int write,
		void *buffer, size_t *lenp, loff_t *ppos)
{
	struct ctl_table ipc_table;

	memcpy(&ipc_table, table, sizeof(ipc_table));
	ipc_table.data = get_ipc(table);

	return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
}

static int proc_ipc_dointvec_minmax_orphans(struct ctl_table *table, int write,
		void *buffer, size_t *lenp, loff_t *ppos)
{
	struct ipc_namespace *ns = current->nsproxy->ipc_ns;
	int err = proc_ipc_dointvec_minmax(table, write, buffer, lenp, ppos);

	if (err < 0)
		return err;
	if (ns->shm_rmid_forced)
		shm_destroy_orphaned(ns);
	return err;
}

static int proc_ipc_doulongvec_minmax(struct ctl_table *table, int write,
		void *buffer, size_t *lenp, loff_t *ppos)
{
	struct ctl_table ipc_table;
	memcpy(&ipc_table, table, sizeof(ipc_table));
	ipc_table.data = get_ipc(table);

	return proc_doulongvec_minmax(&ipc_table, write, buffer,
					lenp, ppos);
}

static int proc_ipc_auto_msgmni(struct ctl_table *table, int write,
		void *buffer, size_t *lenp, loff_t *ppos)
{
	struct ctl_table ipc_table;
	int dummy = 0;

	memcpy(&ipc_table, table, sizeof(ipc_table));
	ipc_table.data = &dummy;

	if (write)
		pr_info_once("writing to auto_msgmni has no effect");

	return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
}

static int proc_ipc_sem_dointvec(struct ctl_table *table, int write,
	void *buffer, size_t *lenp, loff_t *ppos)
{
	int ret, semmni;
	struct ipc_namespace *ns = current->nsproxy->ipc_ns;

	semmni = ns->sem_ctls[3];
	ret = proc_ipc_dointvec(table, write, buffer, lenp, ppos);

	if (!ret)
		ret = sem_check_semmni(current->nsproxy->ipc_ns);

	/*
	 * Reset the semmni value if an error happens.
	 */
	if (ret)
		ns->sem_ctls[3] = semmni;
	return ret;
}

#ifdef CONFIG_CHECKPOINT_RESTORE
static int proc_ipc_dointvec_minmax_checkpoint_restore(struct ctl_table *table,
		int write, void *buffer, size_t *lenp, loff_t *ppos)
{
	struct user_namespace *user_ns = current->nsproxy->ipc_ns->user_ns;

	if (write && !checkpoint_restore_ns_capable(user_ns))
		return -EPERM;

	return proc_ipc_dointvec_minmax(table, write, buffer, lenp, ppos);
}
#endif

int ipc_mni = IPCMNI;
int ipc_mni_shift = IPCMNI_SHIFT;
int ipc_min_cycle = RADIX_TREE_MAP_SIZE;

static struct ctl_table ipc_kern_table[] = {
	{
		.procname	= "shmmax",
		.data		= &init_ipc_ns.shm_ctlmax,
		.maxlen		= sizeof(init_ipc_ns.shm_ctlmax),
		.mode		= 0644,
		.proc_handler	= proc_ipc_doulongvec_minmax,
	},
	{
		.procname	= "shmall",
		.data		= &init_ipc_ns.shm_ctlall,
		.maxlen		= sizeof(init_ipc_ns.shm_ctlall),
		.mode		= 0644,
		.proc_handler	= proc_ipc_doulongvec_minmax,
	},
	{
		.procname	= "shmmni",
		.data		= &init_ipc_ns.shm_ctlmni,
		.maxlen		= sizeof(init_ipc_ns.shm_ctlmni),
		.mode		= 0644,
		.proc_handler	= proc_ipc_dointvec_minmax,
		.extra1		= SYSCTL_ZERO,
		.extra2		= &ipc_mni,
	},
	{
		.procname	= "shm_rmid_forced",
		.data		= &init_ipc_ns.shm_rmid_forced,
		.maxlen		= sizeof(init_ipc_ns.shm_rmid_forced),
		.mode		= 0644,
		.proc_handler	= proc_ipc_dointvec_minmax_orphans,
		.extra1		= SYSCTL_ZERO,
		.extra2		= SYSCTL_ONE,
	},
	{
		.procname	= "msgmax",
		.data		= &init_ipc_ns.msg_ctlmax,
		.maxlen		= sizeof(init_ipc_ns.msg_ctlmax),
		.mode		= 0644,
		.proc_handler	= proc_ipc_dointvec_minmax,
		.extra1		= SYSCTL_ZERO,
		.extra2		= SYSCTL_INT_MAX,
	},
	{
		.procname	= "msgmni",
		.data		= &init_ipc_ns.msg_ctlmni,
		.maxlen		= sizeof(init_ipc_ns.msg_ctlmni),
		.mode		= 0644,
		.proc_handler	= proc_ipc_dointvec_minmax,
		.extra1		= SYSCTL_ZERO,
		.extra2		= &ipc_mni,
	},
	{
		.procname	= "auto_msgmni",
		.data		= NULL,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_ipc_auto_msgmni,
		.extra1		= SYSCTL_ZERO,
		.extra2		= SYSCTL_ONE,
	},
	{
		.procname	=  "msgmnb",
		.data		= &init_ipc_ns.msg_ctlmnb,
		.maxlen		= sizeof(init_ipc_ns.msg_ctlmnb),
		.mode		= 0644,
		.proc_handler	= proc_ipc_dointvec_minmax,
		.extra1		= SYSCTL_ZERO,
		.extra2		= SYSCTL_INT_MAX,
	},
	{
		.procname	= "sem",
		.data		= &init_ipc_ns.sem_ctls,
		.maxlen		= 4*sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_ipc_sem_dointvec,
	},
#ifdef CONFIG_CHECKPOINT_RESTORE
	{
		.procname	= "sem_next_id",
		.data		= &init_ipc_ns.ids[IPC_SEM_IDS].next_id,
		.maxlen		= sizeof(init_ipc_ns.ids[IPC_SEM_IDS].next_id),
		.mode		= 0666,
		.proc_handler	= proc_ipc_dointvec_minmax_checkpoint_restore,
		.extra1		= SYSCTL_ZERO,
		.extra2		= SYSCTL_INT_MAX,
	},
	{
		.procname	= "msg_next_id",
		.data		= &init_ipc_ns.ids[IPC_MSG_IDS].next_id,
		.maxlen		= sizeof(init_ipc_ns.ids[IPC_MSG_IDS].next_id),
		.mode		= 0666,
		.proc_handler	= proc_ipc_dointvec_minmax_checkpoint_restore,
		.extra1		= SYSCTL_ZERO,
		.extra2		= SYSCTL_INT_MAX,
	},
	{
		.procname	= "shm_next_id",
		.data		= &init_ipc_ns.ids[IPC_SHM_IDS].next_id,
		.maxlen		= sizeof(init_ipc_ns.ids[IPC_SHM_IDS].next_id),
		.mode		= 0666,
		.proc_handler	= proc_ipc_dointvec_minmax_checkpoint_restore,
		.extra1		= SYSCTL_ZERO,
		.extra2		= SYSCTL_INT_MAX,
	},
#endif
	{}
};

static struct ctl_table ipc_root_table[] = {
	{
		.procname	= "kernel",
		.mode		= 0555,
		.child		= ipc_kern_table,
	},
	{}
};

static int __init ipc_sysctl_init(void)
{
	register_sysctl_table(ipc_root_table);
	return 0;
}

device_initcall(ipc_sysctl_init);

static int __init ipc_mni_extend(char *str)
{
	ipc_mni = IPCMNI_EXTEND;
	ipc_mni_shift = IPCMNI_EXTEND_SHIFT;
	ipc_min_cycle = IPCMNI_EXTEND_MIN_CYCLE;
	pr_info("IPCMNI extended to %d.\n", ipc_mni);
	return 0;
}
early_param("ipcmni_extend", ipc_mni_extend);
Commit	Line	Data
b886d83c	1	// SPDX-License-Identifier: GPL-2.0-only
a5494dcd EB	2	/*
	3	* Copyright (C) 2007
	4	*
	5	* Author: Eric Biederman <ebiederm@xmision.com>
a5494dcd EB	6	*/
	7
	8	#include <linux/module.h>
	9	#include <linux/ipc.h>
	10	#include <linux/nsproxy.h>
	11	#include <linux/sysctl.h>
	12	#include <linux/uaccess.h>
5563cabd	13	#include <linux/capability.h>
ae5e1b22	14	#include <linux/ipc_namespace.h>
6546bc42 ND	15	#include <linux/msg.h>
6546bc42 ND	16	#include "util.h"
a5494dcd	17
a5c5928b	18	static void get_ipc(struct ctl_table table)
a5494dcd EB	19	{
	20	char *which = table->data;
	21	struct ipc_namespace *ipc_ns = current->nsproxy->ipc_ns;
	22	which = (which - (char )&init_ipc_ns) + (char )ipc_ns;
	23	return which;
	24	}
a5494dcd	25
a5c5928b	26	static int proc_ipc_dointvec(struct ctl_table *table, int write,
32927393	27	void buffer, size_t lenp, loff_t *ppos)
a5494dcd EB	28	{
a5494dcd EB	29	struct ctl_table ipc_table;
b34a6b1d	30
a5494dcd EB	31	memcpy(&ipc_table, table, sizeof(ipc_table));
	32	ipc_table.data = get_ipc(table);
	33
8d65af78	34	return proc_dointvec(&ipc_table, write, buffer, lenp, ppos);
a5494dcd EB	35	}
a5494dcd EB	36
a5c5928b	37	static int proc_ipc_dointvec_minmax(struct ctl_table *table, int write,
32927393	38	void buffer, size_t lenp, loff_t *ppos)
b34a6b1d VK	39	{
	40	struct ctl_table ipc_table;
	41
	42	memcpy(&ipc_table, table, sizeof(ipc_table));
	43	ipc_table.data = get_ipc(table);
	44
	45	return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
	46	}
	47
a5c5928b	48	static int proc_ipc_dointvec_minmax_orphans(struct ctl_table *table, int write,
32927393	49	void buffer, size_t lenp, loff_t *ppos)
b34a6b1d VK	50	{
	51	struct ipc_namespace *ns = current->nsproxy->ipc_ns;
	52	int err = proc_ipc_dointvec_minmax(table, write, buffer, lenp, ppos);
	53
	54	if (err < 0)
	55	return err;
	56	if (ns->shm_rmid_forced)
	57	shm_destroy_orphaned(ns);
	58	return err;
	59	}
	60
a5c5928b	61	static int proc_ipc_doulongvec_minmax(struct ctl_table *table, int write,
32927393	62	void buffer, size_t lenp, loff_t *ppos)
a5494dcd EB	63	{
	64	struct ctl_table ipc_table;
	65	memcpy(&ipc_table, table, sizeof(ipc_table));
	66	ipc_table.data = get_ipc(table);
	67
8d65af78	68	return proc_doulongvec_minmax(&ipc_table, write, buffer,
a5494dcd EB	69	lenp, ppos);
	70	}
	71
0050ee05	72	static int proc_ipc_auto_msgmni(struct ctl_table *table, int write,
32927393	73	void buffer, size_t lenp, loff_t *ppos)
9eefe520 ND	74	{
9eefe520 ND	75	struct ctl_table ipc_table;
0050ee05	76	int dummy = 0;
9eefe520 ND	77
9eefe520 ND	78	memcpy(&ipc_table, table, sizeof(ipc_table));
0050ee05 MS	79	ipc_table.data = &dummy;
	80
	81	if (write)
	82	pr_info_once("writing to auto_msgmni has no effect");
	83
	84	return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
9eefe520 ND	85	}
9eefe520 ND	86
8c81ddd2	87	static int proc_ipc_sem_dointvec(struct ctl_table *table, int write,
fff1662c	88	void buffer, size_t lenp, loff_t *ppos)
8c81ddd2 WL	89	{
	90	int ret, semmni;
	91	struct ipc_namespace *ns = current->nsproxy->ipc_ns;
	92
	93	semmni = ns->sem_ctls[3];
	94	ret = proc_ipc_dointvec(table, write, buffer, lenp, ppos);
	95
	96	if (!ret)
	97	ret = sem_check_semmni(current->nsproxy->ipc_ns);
	98
	99	/*
	100	* Reset the semmni value if an error happens.
	101	*/
	102	if (ret)
	103	ns->sem_ctls[3] = semmni;
	104	return ret;
	105	}
	106
5563cabd MC	107	#ifdef CONFIG_CHECKPOINT_RESTORE
	108	static int proc_ipc_dointvec_minmax_checkpoint_restore(struct ctl_table *table,
	109	int write, void buffer, size_t lenp, loff_t *ppos)
	110	{
	111	struct user_namespace *user_ns = current->nsproxy->ipc_ns->user_ns;
	112
	113	if (write && !checkpoint_restore_ns_capable(user_ns))
	114	return -EPERM;
	115
	116	return proc_ipc_dointvec_minmax(table, write, buffer, lenp, ppos);
	117	}
	118	#endif
	119
5ac893b8 WL	120	int ipc_mni = IPCMNI;
5ac893b8 WL	121	int ipc_mni_shift = IPCMNI_SHIFT;
99db46ea	122	int ipc_min_cycle = RADIX_TREE_MAP_SIZE;
9eefe520	123
a5494dcd EB	124	static struct ctl_table ipc_kern_table[] = {
a5494dcd EB	125	{
a5494dcd EB	126	.procname = "shmmax",
a5494dcd EB	127	.data = &init_ipc_ns.shm_ctlmax,
239521f3	128	.maxlen = sizeof(init_ipc_ns.shm_ctlmax),
a5494dcd EB	129	.mode = 0644,
a5494dcd EB	130	.proc_handler = proc_ipc_doulongvec_minmax,
a5494dcd EB	131	},
a5494dcd EB	132	{
a5494dcd EB	133	.procname = "shmall",
a5494dcd EB	134	.data = &init_ipc_ns.shm_ctlall,
239521f3	135	.maxlen = sizeof(init_ipc_ns.shm_ctlall),
a5494dcd EB	136	.mode = 0644,
a5494dcd EB	137	.proc_handler = proc_ipc_doulongvec_minmax,
a5494dcd EB	138	},
a5494dcd EB	139	{
a5494dcd EB	140	.procname = "shmmni",
a5494dcd EB	141	.data = &init_ipc_ns.shm_ctlmni,
239521f3	142	.maxlen = sizeof(init_ipc_ns.shm_ctlmni),
a5494dcd	143	.mode = 0644,
6730e658	144	.proc_handler = proc_ipc_dointvec_minmax,
eec4844f	145	.extra1 = SYSCTL_ZERO,
6730e658	146	.extra2 = &ipc_mni,
a5494dcd	147	},
b34a6b1d VK	148	{
	149	.procname = "shm_rmid_forced",
	150	.data = &init_ipc_ns.shm_rmid_forced,
	151	.maxlen = sizeof(init_ipc_ns.shm_rmid_forced),
	152	.mode = 0644,
	153	.proc_handler = proc_ipc_dointvec_minmax_orphans,
eec4844f MC	154	.extra1 = SYSCTL_ZERO,
eec4844f MC	155	.extra2 = SYSCTL_ONE,
b34a6b1d	156	},
a5494dcd	157	{
a5494dcd EB	158	.procname = "msgmax",
a5494dcd EB	159	.data = &init_ipc_ns.msg_ctlmax,
239521f3	160	.maxlen = sizeof(init_ipc_ns.msg_ctlmax),
a5494dcd	161	.mode = 0644,
9bf76ca3	162	.proc_handler = proc_ipc_dointvec_minmax,
eec4844f MC	163	.extra1 = SYSCTL_ZERO,
eec4844f MC	164	.extra2 = SYSCTL_INT_MAX,
a5494dcd EB	165	},
a5494dcd EB	166	{
a5494dcd EB	167	.procname = "msgmni",
a5494dcd EB	168	.data = &init_ipc_ns.msg_ctlmni,
239521f3	169	.maxlen = sizeof(init_ipc_ns.msg_ctlmni),
a5494dcd	170	.mode = 0644,
0050ee05	171	.proc_handler = proc_ipc_dointvec_minmax,
eec4844f	172	.extra1 = SYSCTL_ZERO,
6730e658	173	.extra2 = &ipc_mni,
a5494dcd	174	},
0050ee05 MS	175	{
	176	.procname = "auto_msgmni",
	177	.data = NULL,
	178	.maxlen = sizeof(int),
	179	.mode = 0644,
	180	.proc_handler = proc_ipc_auto_msgmni,
eec4844f MC	181	.extra1 = SYSCTL_ZERO,
eec4844f MC	182	.extra2 = SYSCTL_ONE,
0050ee05	183	},
a5494dcd	184	{
a5494dcd EB	185	.procname = "msgmnb",
a5494dcd EB	186	.data = &init_ipc_ns.msg_ctlmnb,
239521f3	187	.maxlen = sizeof(init_ipc_ns.msg_ctlmnb),
a5494dcd	188	.mode = 0644,
9bf76ca3	189	.proc_handler = proc_ipc_dointvec_minmax,
eec4844f MC	190	.extra1 = SYSCTL_ZERO,
eec4844f MC	191	.extra2 = SYSCTL_INT_MAX,
a5494dcd EB	192	},
a5494dcd EB	193	{
a5494dcd EB	194	.procname = "sem",
a5494dcd EB	195	.data = &init_ipc_ns.sem_ctls,
239521f3	196	.maxlen = 4*sizeof(int),
a5494dcd	197	.mode = 0644,
8c81ddd2	198	.proc_handler = proc_ipc_sem_dointvec,
a5494dcd	199	},
03f59566 SK	200	#ifdef CONFIG_CHECKPOINT_RESTORE
	201	{
	202	.procname = "sem_next_id",
	203	.data = &init_ipc_ns.ids[IPC_SEM_IDS].next_id,
	204	.maxlen = sizeof(init_ipc_ns.ids[IPC_SEM_IDS].next_id),
5563cabd MC	205	.mode = 0666,
5563cabd MC	206	.proc_handler = proc_ipc_dointvec_minmax_checkpoint_restore,
eec4844f MC	207	.extra1 = SYSCTL_ZERO,
eec4844f MC	208	.extra2 = SYSCTL_INT_MAX,
03f59566 SK	209	},
	210	{
	211	.procname = "msg_next_id",
	212	.data = &init_ipc_ns.ids[IPC_MSG_IDS].next_id,
	213	.maxlen = sizeof(init_ipc_ns.ids[IPC_MSG_IDS].next_id),
5563cabd MC	214	.mode = 0666,
5563cabd MC	215	.proc_handler = proc_ipc_dointvec_minmax_checkpoint_restore,
eec4844f MC	216	.extra1 = SYSCTL_ZERO,
eec4844f MC	217	.extra2 = SYSCTL_INT_MAX,
03f59566 SK	218	},
	219	{
	220	.procname = "shm_next_id",
	221	.data = &init_ipc_ns.ids[IPC_SHM_IDS].next_id,
	222	.maxlen = sizeof(init_ipc_ns.ids[IPC_SHM_IDS].next_id),
5563cabd MC	223	.mode = 0666,
5563cabd MC	224	.proc_handler = proc_ipc_dointvec_minmax_checkpoint_restore,
eec4844f MC	225	.extra1 = SYSCTL_ZERO,
eec4844f MC	226	.extra2 = SYSCTL_INT_MAX,
03f59566 SK	227	},
03f59566 SK	228	#endif
a5494dcd EB	229	{}
	230	};
	231
	232	static struct ctl_table ipc_root_table[] = {
	233	{
a5494dcd EB	234	.procname = "kernel",
	235	.mode = 0555,
	236	.child = ipc_kern_table,
	237	},
	238	{}
	239	};
	240
	241	static int __init ipc_sysctl_init(void)
	242	{
0b4d4147	243	register_sysctl_table(ipc_root_table);
a5494dcd EB	244	return 0;
	245	}
	246
6d08a256	247	device_initcall(ipc_sysctl_init);
5ac893b8 WL	248
	249	static int __init ipc_mni_extend(char *str)
	250	{
	251	ipc_mni = IPCMNI_EXTEND;
	252	ipc_mni_shift = IPCMNI_EXTEND_SHIFT;
99db46ea	253	ipc_min_cycle = IPCMNI_EXTEND_MIN_CYCLE;
5ac893b8 WL	254	pr_info("IPCMNI extended to %d.\n", ipc_mni);
	255	return 0;
	256	}
	257	early_param("ipcmni_extend", ipc_mni_extend);