[thirdparty/systemd.git] / src / basic / uid-range.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <string.h>

#include "alloc-util.h"
#include "errno-util.h"
#include "fd-util.h"
#include "format-util.h"
#include "namespace-util.h"
#include "path-util.h"
#include "process-util.h"
#include "sort-util.h"
#include "stat-util.h"
#include "uid-range.h"
#include "user-util.h"

UIDRange *uid_range_free(UIDRange *range) {
        if (!range)
                return NULL;

        free(range->entries);
        return mfree(range);
}

static bool uid_range_entry_intersect(const UIDRangeEntry *a, const UIDRangeEntry *b) {
        assert(a);
        assert(b);

        return a->start <= b->start + b->nr && a->start + a->nr >= b->start;
}

static int uid_range_entry_compare(const UIDRangeEntry *a, const UIDRangeEntry *b) {
        int r;

        assert(a);
        assert(b);

        r = CMP(a->start, b->start);
        if (r != 0)
                return r;

        return CMP(a->nr, b->nr);
}

static void uid_range_coalesce(UIDRange *range) {
        assert(range);

        if (range->n_entries <= 0)
                return;

        typesafe_qsort(range->entries, range->n_entries, uid_range_entry_compare);

        for (size_t i = 0; i < range->n_entries; i++) {
                UIDRangeEntry *x = range->entries + i;

                for (size_t j = i + 1; j < range->n_entries; j++) {
                        UIDRangeEntry *y = range->entries + j;
                        uid_t begin, end;

                        if (!uid_range_entry_intersect(x, y))
                                break;

                        begin = MIN(x->start, y->start);
                        end = MAX(x->start + x->nr, y->start + y->nr);

                        x->start = begin;
                        x->nr = end - begin;

                        if (range->n_entries > j + 1)
                                memmove(y, y + 1, sizeof(UIDRangeEntry) * (range->n_entries - j - 1));

                        range->n_entries--;
                        j--;
                }
        }
}

int uid_range_add_internal(UIDRange **range, uid_t start, uid_t nr, bool coalesce) {
        _cleanup_(uid_range_freep) UIDRange *range_new = NULL;
        UIDRange *p;

        assert(range);

        if (nr <= 0)
                return 0;

        if (start > UINT32_MAX - nr) /* overflow check */
                return -ERANGE;

        if (*range)
                p = *range;
        else {
                range_new = new0(UIDRange, 1);
                if (!range_new)
                        return -ENOMEM;

                p = range_new;
        }

        if (!GREEDY_REALLOC(p->entries, p->n_entries + 1))
                return -ENOMEM;

        p->entries[p->n_entries++] = (UIDRangeEntry) {
                .start = start,
                .nr = nr,
        };

        if (coalesce)
                uid_range_coalesce(p);

        TAKE_PTR(range_new);
        *range = p;

        return 0;
}

int uid_range_add_str(UIDRange **range, const char *s) {
        uid_t start, end;
        int r;

        assert(range);
        assert(s);

        r = parse_uid_range(s, &start, &end);
        if (r < 0)
                return r;

        return uid_range_add_internal(range, start, end - start + 1, /* coalesce = */ true);
}

int uid_range_next_lower(const UIDRange *range, uid_t *uid) {
        uid_t closest = UID_INVALID, candidate;

        assert(range);
        assert(uid);

        if (*uid == 0)
                return -EBUSY;

        candidate = *uid - 1;

        for (size_t i = 0; i < range->n_entries; i++) {
                uid_t begin, end;

                begin = range->entries[i].start;
                end = range->entries[i].start + range->entries[i].nr - 1;

                if (candidate >= begin && candidate <= end) {
                        *uid = candidate;
                        return 1;
                }

                if (end < candidate)
                        closest = end;
        }

        if (closest == UID_INVALID)
                return -EBUSY;

        *uid = closest;
        return 1;
}

bool uid_range_covers(const UIDRange *range, uid_t start, uid_t nr) {
        if (nr == 0) /* empty range? always covered... */
                return true;

        if (start > UINT32_MAX - nr) /* range overflows? definitely not covered... */
                return false;

        if (!range)
                return false;

        FOREACH_ARRAY(i, range->entries, range->n_entries)
                if (start >= i->start &&
                    start + nr <= i->start + i->nr)
                        return true;

        return false;
}

int uid_map_read_one(FILE *f, uid_t *ret_base, uid_t *ret_shift, uid_t *ret_range) {
        uid_t uid_base, uid_shift, uid_range;
        int r;

        assert(f);

        errno = 0;
        r = fscanf(f, UID_FMT " " UID_FMT " " UID_FMT "\n", &uid_base, &uid_shift, &uid_range);
        if (r == EOF)
                return errno_or_else(ENOMSG);
        assert(r >= 0);
        if (r != 3)
                return -EBADMSG;
        if (uid_range <= 0)
                return -EBADMSG;

        if (ret_base)
                *ret_base = uid_base;
        if (ret_shift)
                *ret_shift = uid_shift;
        if (ret_range)
                *ret_range = uid_range;

        return 0;
}

unsigned uid_range_size(const UIDRange *range) {
        if (!range)
                return 0;

        unsigned n = 0;

        FOREACH_ARRAY(e, range->entries, range->n_entries)
                n += e->nr;

        return n;
}

bool uid_range_is_empty(const UIDRange *range) {

        if (!range)
                return true;

        FOREACH_ARRAY(e, range->entries, range->n_entries)
                if (e->nr > 0)
                        return false;

        return true;
}

int uid_range_load_userns(const char *path, UIDRangeUsernsMode mode, UIDRange **ret) {
        _cleanup_(uid_range_freep) UIDRange *range = NULL;
        _cleanup_fclose_ FILE *f = NULL;
        int r;

        /* If 'path' is NULL loads the UID range of the userns namespace we run. Otherwise load the data from
         * the specified file (which can be either uid_map or gid_map, in case caller needs to deal with GID
         * maps).
         *
         * To simplify things this will modify the passed array in case of later failure. */

        assert(mode >= 0);
        assert(mode < _UID_RANGE_USERNS_MODE_MAX);
        assert(ret);

        if (!path)
                path = IN_SET(mode, UID_RANGE_USERNS_INSIDE, UID_RANGE_USERNS_OUTSIDE) ? "/proc/self/uid_map" : "/proc/self/gid_map";

        f = fopen(path, "re");
        if (!f) {
                r = -errno;

                if (r == -ENOENT && path_startswith(path, "/proc/"))
                        return proc_mounted() > 0 ? -EOPNOTSUPP : -ENOSYS;

                return r;
        }

        range = new0(UIDRange, 1);
        if (!range)
                return -ENOMEM;

        for (;;) {
                uid_t uid_base, uid_shift, uid_range;

                r = uid_map_read_one(f, &uid_base, &uid_shift, &uid_range);
                if (r == -ENOMSG)
                        break;
                if (r < 0)
                        return r;

                r = uid_range_add_internal(
                                &range,
                                IN_SET(mode, UID_RANGE_USERNS_INSIDE, GID_RANGE_USERNS_INSIDE) ? uid_base : uid_shift,
                                uid_range,
                                /* coalesce = */ false);
                if (r < 0)
                        return r;
        }

        uid_range_coalesce(range);

        *ret = TAKE_PTR(range);
        return 0;
}

int uid_range_load_userns_by_fd(int userns_fd, UIDRangeUsernsMode mode, UIDRange **ret) {
        _cleanup_(sigkill_waitp) pid_t pid = 0;
        int r;

        assert(userns_fd >= 0);
        assert(mode >= 0);
        assert(mode < _UID_RANGE_USERNS_MODE_MAX);
        assert(ret);

        r = userns_enter_and_pin(userns_fd, &pid);
        if (r < 0)
                return r;

        const char *p = procfs_file_alloca(
                        pid,
                        IN_SET(mode, UID_RANGE_USERNS_INSIDE, UID_RANGE_USERNS_OUTSIDE) ? "uid_map" : "gid_map");

        return uid_range_load_userns(p, mode, ret);
}

bool uid_range_overlaps(const UIDRange *range, uid_t start, uid_t nr) {

        if (!range)
                return false;

        /* Avoid overflow */
        if (start > UINT32_MAX - nr)
                nr = UINT32_MAX - start;

        if (nr == 0)
                return false;

        FOREACH_ARRAY(entry, range->entries, range->n_entries)
                if (start < entry->start + entry->nr &&
                    start + nr >= entry->start)
                        return true;

        return false;
}

bool uid_range_equal(const UIDRange *a, const UIDRange *b) {
        if (a == b)
                return true;

        if (!a || !b)
                return false;

        if (a->n_entries != b->n_entries)
                return false;

        for (size_t i = 0; i < a->n_entries; i++) {
                if (a->entries[i].start != b->entries[i].start)
                        return false;
                if (a->entries[i].nr != b->entries[i].nr)
                        return false;
        }

        return true;
}

int uid_map_search_root(pid_t pid, UIDRangeUsernsMode mode, uid_t *ret) {
        int r;

        assert(pid_is_valid(pid));
        assert(IN_SET(mode, UID_RANGE_USERNS_OUTSIDE, GID_RANGE_USERNS_OUTSIDE));

        const char *p = procfs_file_alloca(pid, mode == UID_RANGE_USERNS_OUTSIDE ? "uid_map" : "gid_map");
        _cleanup_fclose_ FILE *f = fopen(p, "re");
        if (!f) {
                if (errno != ENOENT)
                        return -errno;

                r = proc_mounted();
                if (r < 0)
                        return -ENOENT; /* original error, if we can't determine /proc/ state */

                return r ? -ENOPKG : -ENOSYS;
        }

        for (;;) {
                uid_t uid_base = UID_INVALID, uid_shift = UID_INVALID;

                r = uid_map_read_one(f, &uid_base, &uid_shift, /* ret_range= */ NULL);
                if (r < 0)
                        return r;

                if (uid_base == 0) {
                        if (ret)
                                *ret = uid_shift;
                        return 0;
                }
        }
}
Commit	Line	Data
	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
	2
	3	#include <string.h>
	4
	5	#include "alloc-util.h"
	6	#include "errno-util.h"
	7	#include "fd-util.h"
	8	#include "format-util.h"
	9	#include "namespace-util.h"
	10	#include "path-util.h"
	11	#include "process-util.h"
	12	#include "sort-util.h"
	13	#include "stat-util.h"
	14	#include "uid-range.h"
	15	#include "user-util.h"
	16
	17	UIDRange uid_range_free(UIDRange range) {
	18	if (!range)
	19	return NULL;
	20
	21	free(range->entries);
	22	return mfree(range);
	23	}
	24
	25	static bool uid_range_entry_intersect(const UIDRangeEntry a, const UIDRangeEntry b) {
	26	assert(a);
	27	assert(b);
	28
	29	return a->start <= b->start + b->nr && a->start + a->nr >= b->start;
	30	}
	31
	32	static int uid_range_entry_compare(const UIDRangeEntry a, const UIDRangeEntry b) {
	33	int r;
	34
	35	assert(a);
	36	assert(b);
	37
	38	r = CMP(a->start, b->start);
	39	if (r != 0)
	40	return r;
	41
	42	return CMP(a->nr, b->nr);
	43	}
	44
	45	static void uid_range_coalesce(UIDRange *range) {
	46	assert(range);
	47
	48	if (range->n_entries <= 0)
	49	return;
	50
	51	typesafe_qsort(range->entries, range->n_entries, uid_range_entry_compare);
	52
	53	for (size_t i = 0; i < range->n_entries; i++) {
	54	UIDRangeEntry *x = range->entries + i;
	55
	56	for (size_t j = i + 1; j < range->n_entries; j++) {
	57	UIDRangeEntry *y = range->entries + j;
	58	uid_t begin, end;
	59
	60	if (!uid_range_entry_intersect(x, y))
	61	break;
	62
	63	begin = MIN(x->start, y->start);
	64	end = MAX(x->start + x->nr, y->start + y->nr);
	65
	66	x->start = begin;
	67	x->nr = end - begin;
	68
	69	if (range->n_entries > j + 1)
	70	memmove(y, y + 1, sizeof(UIDRangeEntry) * (range->n_entries - j - 1));
	71
	72	range->n_entries--;
	73	j--;
	74	}
	75	}
	76	}
	77
	78	int uid_range_add_internal(UIDRange **range, uid_t start, uid_t nr, bool coalesce) {
	79	_cleanup_(uid_range_freep) UIDRange *range_new = NULL;
	80	UIDRange *p;
	81
	82	assert(range);
	83
	84	if (nr <= 0)
	85	return 0;
	86
	87	if (start > UINT32_MAX - nr) /* overflow check */
	88	return -ERANGE;
	89
	90	if (*range)
	91	p = *range;
	92	else {
	93	range_new = new0(UIDRange, 1);
	94	if (!range_new)
	95	return -ENOMEM;
	96
	97	p = range_new;
	98	}
	99
	100	if (!GREEDY_REALLOC(p->entries, p->n_entries + 1))
	101	return -ENOMEM;
	102
	103	p->entries[p->n_entries++] = (UIDRangeEntry) {
	104	.start = start,
	105	.nr = nr,
	106	};
	107
	108	if (coalesce)
	109	uid_range_coalesce(p);
	110
	111	TAKE_PTR(range_new);
	112	*range = p;
	113
	114	return 0;
	115	}
	116
	117	int uid_range_add_str(UIDRange *range, const char s) {
	118	uid_t start, end;
	119	int r;
	120
	121	assert(range);
	122	assert(s);
	123
	124	r = parse_uid_range(s, &start, &end);
	125	if (r < 0)
	126	return r;
	127
	128	return uid_range_add_internal(range, start, end - start + 1, /* coalesce = */ true);
	129	}
	130
	131	int uid_range_next_lower(const UIDRange range, uid_t uid) {
	132	uid_t closest = UID_INVALID, candidate;
	133
	134	assert(range);
	135	assert(uid);
	136
	137	if (*uid == 0)
	138	return -EBUSY;
	139
	140	candidate = *uid - 1;
	141
	142	for (size_t i = 0; i < range->n_entries; i++) {
	143	uid_t begin, end;
	144
	145	begin = range->entries[i].start;
	146	end = range->entries[i].start + range->entries[i].nr - 1;
	147
	148	if (candidate >= begin && candidate <= end) {
	149	*uid = candidate;
	150	return 1;
	151	}
	152
	153	if (end < candidate)
	154	closest = end;
	155	}
	156
	157	if (closest == UID_INVALID)
	158	return -EBUSY;
	159
	160	*uid = closest;
	161	return 1;
	162	}
	163
	164	bool uid_range_covers(const UIDRange *range, uid_t start, uid_t nr) {
	165	if (nr == 0) /* empty range? always covered... */
	166	return true;
	167
	168	if (start > UINT32_MAX - nr) /* range overflows? definitely not covered... */
	169	return false;
	170
	171	if (!range)
	172	return false;
	173
	174	FOREACH_ARRAY(i, range->entries, range->n_entries)
	175	if (start >= i->start &&
	176	start + nr <= i->start + i->nr)
	177	return true;
	178
	179	return false;
	180	}
	181
	182	int uid_map_read_one(FILE f, uid_t ret_base, uid_t ret_shift, uid_t ret_range) {
	183	uid_t uid_base, uid_shift, uid_range;
	184	int r;
	185
	186	assert(f);
	187
	188	errno = 0;
	189	r = fscanf(f, UID_FMT " " UID_FMT " " UID_FMT "\n", &uid_base, &uid_shift, &uid_range);
	190	if (r == EOF)
	191	return errno_or_else(ENOMSG);
	192	assert(r >= 0);
	193	if (r != 3)
	194	return -EBADMSG;
	195	if (uid_range <= 0)
	196	return -EBADMSG;
	197
	198	if (ret_base)
	199	*ret_base = uid_base;
	200	if (ret_shift)
	201	*ret_shift = uid_shift;
	202	if (ret_range)
	203	*ret_range = uid_range;
	204
	205	return 0;
	206	}
	207
	208	unsigned uid_range_size(const UIDRange *range) {
	209	if (!range)
	210	return 0;
	211
	212	unsigned n = 0;
	213
	214	FOREACH_ARRAY(e, range->entries, range->n_entries)
	215	n += e->nr;
	216
	217	return n;
	218	}
	219
	220	bool uid_range_is_empty(const UIDRange *range) {
	221
	222	if (!range)
	223	return true;
	224
	225	FOREACH_ARRAY(e, range->entries, range->n_entries)
	226	if (e->nr > 0)
	227	return false;
	228
	229	return true;
	230	}
	231
	232	int uid_range_load_userns(const char path, UIDRangeUsernsMode mode, UIDRange *ret) {
	233	_cleanup_(uid_range_freep) UIDRange *range = NULL;
	234	_cleanup_fclose_ FILE *f = NULL;
	235	int r;
	236
	237	/* If 'path' is NULL loads the UID range of the userns namespace we run. Otherwise load the data from
	238	* the specified file (which can be either uid_map or gid_map, in case caller needs to deal with GID
	239	* maps).
	240	*
	241	* To simplify things this will modify the passed array in case of later failure. */
	242
	243	assert(mode >= 0);
	244	assert(mode < _UID_RANGE_USERNS_MODE_MAX);
	245	assert(ret);
	246
	247	if (!path)
	248	path = IN_SET(mode, UID_RANGE_USERNS_INSIDE, UID_RANGE_USERNS_OUTSIDE) ? "/proc/self/uid_map" : "/proc/self/gid_map";
	249
	250	f = fopen(path, "re");
	251	if (!f) {
	252	r = -errno;
	253
	254	if (r == -ENOENT && path_startswith(path, "/proc/"))
	255	return proc_mounted() > 0 ? -EOPNOTSUPP : -ENOSYS;
	256
	257	return r;
	258	}
	259
	260	range = new0(UIDRange, 1);
	261	if (!range)
	262	return -ENOMEM;
	263
	264	for (;;) {
	265	uid_t uid_base, uid_shift, uid_range;
	266
	267	r = uid_map_read_one(f, &uid_base, &uid_shift, &uid_range);
	268	if (r == -ENOMSG)
	269	break;
	270	if (r < 0)
	271	return r;
	272
	273	r = uid_range_add_internal(
	274	&range,
	275	IN_SET(mode, UID_RANGE_USERNS_INSIDE, GID_RANGE_USERNS_INSIDE) ? uid_base : uid_shift,
	276	uid_range,
	277	/* coalesce = */ false);
	278	if (r < 0)
	279	return r;
	280	}
	281
	282	uid_range_coalesce(range);
	283
	284	*ret = TAKE_PTR(range);
	285	return 0;
	286	}
	287
	288	int uid_range_load_userns_by_fd(int userns_fd, UIDRangeUsernsMode mode, UIDRange **ret) {
	289	_cleanup_(sigkill_waitp) pid_t pid = 0;
	290	int r;
	291
	292	assert(userns_fd >= 0);
	293	assert(mode >= 0);
	294	assert(mode < _UID_RANGE_USERNS_MODE_MAX);
	295	assert(ret);
	296
	297	r = userns_enter_and_pin(userns_fd, &pid);
	298	if (r < 0)
	299	return r;
	300
	301	const char *p = procfs_file_alloca(
	302	pid,
	303	IN_SET(mode, UID_RANGE_USERNS_INSIDE, UID_RANGE_USERNS_OUTSIDE) ? "uid_map" : "gid_map");
	304
	305	return uid_range_load_userns(p, mode, ret);
	306	}
	307
	308	bool uid_range_overlaps(const UIDRange *range, uid_t start, uid_t nr) {
	309
	310	if (!range)
	311	return false;
	312
	313	/* Avoid overflow */
	314	if (start > UINT32_MAX - nr)
	315	nr = UINT32_MAX - start;
	316
	317	if (nr == 0)
	318	return false;
	319
	320	FOREACH_ARRAY(entry, range->entries, range->n_entries)
	321	if (start < entry->start + entry->nr &&
	322	start + nr >= entry->start)
	323	return true;
	324
	325	return false;
	326	}
	327
	328	bool uid_range_equal(const UIDRange a, const UIDRange b) {
	329	if (a == b)
	330	return true;
	331
	332	if (!a \|\| !b)
	333	return false;
	334
	335	if (a->n_entries != b->n_entries)
	336	return false;
	337
	338	for (size_t i = 0; i < a->n_entries; i++) {
	339	if (a->entries[i].start != b->entries[i].start)
	340	return false;
	341	if (a->entries[i].nr != b->entries[i].nr)
	342	return false;
	343	}
	344
	345	return true;
	346	}
	347
	348	int uid_map_search_root(pid_t pid, UIDRangeUsernsMode mode, uid_t *ret) {
	349	int r;
	350
	351	assert(pid_is_valid(pid));
	352	assert(IN_SET(mode, UID_RANGE_USERNS_OUTSIDE, GID_RANGE_USERNS_OUTSIDE));
	353
	354	const char *p = procfs_file_alloca(pid, mode == UID_RANGE_USERNS_OUTSIDE ? "uid_map" : "gid_map");
	355	_cleanup_fclose_ FILE *f = fopen(p, "re");
	356	if (!f) {
	357	if (errno != ENOENT)
	358	return -errno;
	359
	360	r = proc_mounted();
	361	if (r < 0)
	362	return -ENOENT; /* original error, if we can't determine /proc/ state */
	363
	364	return r ? -ENOPKG : -ENOSYS;
	365	}
	366
	367	for (;;) {
	368	uid_t uid_base = UID_INVALID, uid_shift = UID_INVALID;
	369
	370	r = uid_map_read_one(f, &uid_base, &uid_shift, /* ret_range= */ NULL);
	371	if (r < 0)
	372	return r;
	373
	374	if (uid_base == 0) {
	375	if (ret)
	376	*ret = uid_shift;
	377	return 0;
	378	}
	379	}
	380	}