]> git.ipfire.org Git - people/ms/linux.git/blob - fs/proc/proc_net.c
projects / people / ms / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'soc-fixes-6.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
[people/ms/linux.git] / fs / proc / proc_net.c
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * linux/fs/proc/net.c
4 *
5 * Copyright (C) 2007
6 *
7 * Author: Eric Biederman <ebiederm@xmission.com>
8 *
9 * proc net directory handling functions
10 */
11 #include <linux/errno.h>
12 #include <linux/time.h>
13 #include <linux/proc_fs.h>
14 #include <linux/stat.h>
15 #include <linux/slab.h>
16 #include <linux/init.h>
17 #include <linux/sched.h>
18 #include <linux/sched/task.h>
19 #include <linux/module.h>
20 #include <linux/bitops.h>
21 #include <linux/mount.h>
22 #include <linux/nsproxy.h>
23 #include <linux/uidgid.h>
24 #include <net/net_namespace.h>
25 #include <linux/seq_file.h>
26
27 #include "internal.h"
28
29 static inline struct net *PDE_NET(struct proc_dir_entry *pde)
30 {
31 return pde->parent->data;
32 }
33
34 static struct net *get_proc_net(const struct inode *inode)
35 {
36 return maybe_get_net(PDE_NET(PDE(inode)));
37 }
38
39 static int seq_open_net(struct inode *inode, struct file *file)
40 {
41 unsigned int state_size = PDE(inode)->state_size;
42 struct seq_net_private *p;
43 struct net *net;
44
45 WARN_ON_ONCE(state_size < sizeof(*p));
46
47 if (file->f_mode & FMODE_WRITE && !PDE(inode)->write)
48 return -EACCES;
49
50 net = get_proc_net(inode);
51 if (!net)
52 return -ENXIO;
53
54 p = __seq_open_private(file, PDE(inode)->seq_ops, state_size);
55 if (!p) {
56 put_net(net);
57 return -ENOMEM;
58 }
59 #ifdef CONFIG_NET_NS
60 p->net = net;
61 netns_tracker_alloc(net, &p->ns_tracker, GFP_KERNEL);
62 #endif
63 return 0;
64 }
65
66 static void seq_file_net_put_net(struct seq_file *seq)
67 {
68 #ifdef CONFIG_NET_NS
69 struct seq_net_private *priv = seq->private;
70
71 put_net_track(priv->net, &priv->ns_tracker);
72 #else
73 put_net(&init_net);
74 #endif
75 }
76
77 static int seq_release_net(struct inode *ino, struct file *f)
78 {
79 struct seq_file *seq = f->private_data;
80
81 seq_file_net_put_net(seq);
82 seq_release_private(ino, f);
83 return 0;
84 }
85
86 static const struct proc_ops proc_net_seq_ops = {
87 .proc_open = seq_open_net,
88 .proc_read = seq_read,
89 .proc_write = proc_simple_write,
90 .proc_lseek = seq_lseek,
91 .proc_release = seq_release_net,
92 };
93
94 int bpf_iter_init_seq_net(void *priv_data, struct bpf_iter_aux_info *aux)
95 {
96 #ifdef CONFIG_NET_NS
97 struct seq_net_private *p = priv_data;
98
99 p->net = get_net_track(current->nsproxy->net_ns, &p->ns_tracker,
100 GFP_KERNEL);
101 #endif
102 return 0;
103 }
104
105 void bpf_iter_fini_seq_net(void *priv_data)
106 {
107 #ifdef CONFIG_NET_NS
108 struct seq_net_private *p = priv_data;
109
110 put_net_track(p->net, &p->ns_tracker);
111 #endif
112 }
113
114 struct proc_dir_entry *proc_create_net_data(const char *name, umode_t mode,
115 struct proc_dir_entry *parent, const struct seq_operations *ops,
116 unsigned int state_size, void *data)
117 {
118 struct proc_dir_entry *p;
119
120 p = proc_create_reg(name, mode, &parent, data);
121 if (!p)
122 return NULL;
123 pde_force_lookup(p);
124 p->proc_ops = &proc_net_seq_ops;
125 p->seq_ops = ops;
126 p->state_size = state_size;
127 return proc_register(parent, p);
128 }
129 EXPORT_SYMBOL_GPL(proc_create_net_data);
130
131 /**
132 * proc_create_net_data_write - Create a writable net_ns-specific proc file
133 * @name: The name of the file.
134 * @mode: The file's access mode.
135 * @parent: The parent directory in which to create.
136 * @ops: The seq_file ops with which to read the file.
137 * @write: The write method with which to 'modify' the file.
138 * @data: Data for retrieval by pde_data().
139 *
140 * Create a network namespaced proc file in the @parent directory with the
141 * specified @name and @mode that allows reading of a file that displays a
142 * series of elements and also provides for the file accepting writes that have
143 * some arbitrary effect.
144 *
145 * The functions in the @ops table are used to iterate over items to be
146 * presented and extract the readable content using the seq_file interface.
147 *
148 * The @write function is called with the data copied into a kernel space
149 * scratch buffer and has a NUL appended for convenience. The buffer may be
150 * modified by the @write function. @write should return 0 on success.
151 *
152 * The @data value is accessible from the @show and @write functions by calling
153 * pde_data() on the file inode. The network namespace must be accessed by
154 * calling seq_file_net() on the seq_file struct.
155 */
156 struct proc_dir_entry *proc_create_net_data_write(const char *name, umode_t mode,
157 struct proc_dir_entry *parent,
158 const struct seq_operations *ops,
159 proc_write_t write,
160 unsigned int state_size, void *data)
161 {
162 struct proc_dir_entry *p;
163
164 p = proc_create_reg(name, mode, &parent, data);
165 if (!p)
166 return NULL;
167 pde_force_lookup(p);
168 p->proc_ops = &proc_net_seq_ops;
169 p->seq_ops = ops;
170 p->state_size = state_size;
171 p->write = write;
172 return proc_register(parent, p);
173 }
174 EXPORT_SYMBOL_GPL(proc_create_net_data_write);
175
176 static int single_open_net(struct inode *inode, struct file *file)
177 {
178 struct proc_dir_entry *de = PDE(inode);
179 struct net *net;
180 int err;
181
182 net = get_proc_net(inode);
183 if (!net)
184 return -ENXIO;
185
186 err = single_open(file, de->single_show, net);
187 if (err)
188 put_net(net);
189 return err;
190 }
191
192 static int single_release_net(struct inode *ino, struct file *f)
193 {
194 struct seq_file *seq = f->private_data;
195 put_net(seq->private);
196 return single_release(ino, f);
197 }
198
199 static const struct proc_ops proc_net_single_ops = {
200 .proc_open = single_open_net,
201 .proc_read = seq_read,
202 .proc_write = proc_simple_write,
203 .proc_lseek = seq_lseek,
204 .proc_release = single_release_net,
205 };
206
207 struct proc_dir_entry *proc_create_net_single(const char *name, umode_t mode,
208 struct proc_dir_entry *parent,
209 int (*show)(struct seq_file *, void *), void *data)
210 {
211 struct proc_dir_entry *p;
212
213 p = proc_create_reg(name, mode, &parent, data);
214 if (!p)
215 return NULL;
216 pde_force_lookup(p);
217 p->proc_ops = &proc_net_single_ops;
218 p->single_show = show;
219 return proc_register(parent, p);
220 }
221 EXPORT_SYMBOL_GPL(proc_create_net_single);
222
223 /**
224 * proc_create_net_single_write - Create a writable net_ns-specific proc file
225 * @name: The name of the file.
226 * @mode: The file's access mode.
227 * @parent: The parent directory in which to create.
228 * @show: The seqfile show method with which to read the file.
229 * @write: The write method with which to 'modify' the file.
230 * @data: Data for retrieval by pde_data().
231 *
232 * Create a network-namespaced proc file in the @parent directory with the
233 * specified @name and @mode that allows reading of a file that displays a
234 * single element rather than a series and also provides for the file accepting
235 * writes that have some arbitrary effect.
236 *
237 * The @show function is called to extract the readable content via the
238 * seq_file interface.
239 *
240 * The @write function is called with the data copied into a kernel space
241 * scratch buffer and has a NUL appended for convenience. The buffer may be
242 * modified by the @write function. @write should return 0 on success.
243 *
244 * The @data value is accessible from the @show and @write functions by calling
245 * pde_data() on the file inode. The network namespace must be accessed by
246 * calling seq_file_single_net() on the seq_file struct.
247 */
248 struct proc_dir_entry *proc_create_net_single_write(const char *name, umode_t mode,
249 struct proc_dir_entry *parent,
250 int (*show)(struct seq_file *, void *),
251 proc_write_t write,
252 void *data)
253 {
254 struct proc_dir_entry *p;
255
256 p = proc_create_reg(name, mode, &parent, data);
257 if (!p)
258 return NULL;
259 pde_force_lookup(p);
260 p->proc_ops = &proc_net_single_ops;
261 p->single_show = show;
262 p->write = write;
263 return proc_register(parent, p);
264 }
265 EXPORT_SYMBOL_GPL(proc_create_net_single_write);
266
267 static struct net *get_proc_task_net(struct inode *dir)
268 {
269 struct task_struct *task;
270 struct nsproxy *ns;
271 struct net *net = NULL;
272
273 rcu_read_lock();
274 task = pid_task(proc_pid(dir), PIDTYPE_PID);
275 if (task != NULL) {
276 task_lock(task);
277 ns = task->nsproxy;
278 if (ns != NULL)
279 net = get_net(ns->net_ns);
280 task_unlock(task);
281 }
282 rcu_read_unlock();
283
284 return net;
285 }
286
287 static struct dentry *proc_tgid_net_lookup(struct inode *dir,
288 struct dentry *dentry, unsigned int flags)
289 {
290 struct dentry *de;
291 struct net *net;
292
293 de = ERR_PTR(-ENOENT);
294 net = get_proc_task_net(dir);
295 if (net != NULL) {
296 de = proc_lookup_de(dir, dentry, net->proc_net);
297 put_net(net);
298 }
299 return de;
300 }
301
302 static int proc_tgid_net_getattr(struct user_namespace *mnt_userns,
303 const struct path *path, struct kstat *stat,
304 u32 request_mask, unsigned int query_flags)
305 {
306 struct inode *inode = d_inode(path->dentry);
307 struct net *net;
308
309 net = get_proc_task_net(inode);
310
311 generic_fillattr(&init_user_ns, inode, stat);
312
313 if (net != NULL) {
314 stat->nlink = net->proc_net->nlink;
315 put_net(net);
316 }
317
318 return 0;
319 }
320
321 const struct inode_operations proc_net_inode_operations = {
322 .lookup = proc_tgid_net_lookup,
323 .getattr = proc_tgid_net_getattr,
324 };
325
326 static int proc_tgid_net_readdir(struct file *file, struct dir_context *ctx)
327 {
328 int ret;
329 struct net *net;
330
331 ret = -EINVAL;
332 net = get_proc_task_net(file_inode(file));
333 if (net != NULL) {
334 ret = proc_readdir_de(file, ctx, net->proc_net);
335 put_net(net);
336 }
337 return ret;
338 }
339
340 const struct file_operations proc_net_operations = {
341 .llseek = generic_file_llseek,
342 .read = generic_read_dir,
343 .iterate_shared = proc_tgid_net_readdir,
344 };
345
346 static __net_init int proc_net_ns_init(struct net *net)
347 {
348 struct proc_dir_entry *netd, *net_statd;
349 kuid_t uid;
350 kgid_t gid;
351 int err;
352
353 /*
354 * This PDE acts only as an anchor for /proc/${pid}/net hierarchy.
355 * Corresponding inode (PDE(inode) == net->proc_net) is never
356 * instantiated therefore blanket zeroing is fine.
357 * net->proc_net_stat inode is instantiated normally.
358 */
359 err = -ENOMEM;
360 netd = kmem_cache_zalloc(proc_dir_entry_cache, GFP_KERNEL);
361 if (!netd)
362 goto out;
363
364 netd->subdir = RB_ROOT;
365 netd->data = net;
366 netd->nlink = 2;
367 netd->namelen = 3;
368 netd->parent = &proc_root;
369 netd->name = netd->inline_name;
370 memcpy(netd->name, "net", 4);
371
372 uid = make_kuid(net->user_ns, 0);
373 if (!uid_valid(uid))
374 uid = netd->uid;
375
376 gid = make_kgid(net->user_ns, 0);
377 if (!gid_valid(gid))
378 gid = netd->gid;
379
380 proc_set_user(netd, uid, gid);
381
382 /* Seed dentry revalidation for /proc/${pid}/net */
383 pde_force_lookup(netd);
384
385 err = -EEXIST;
386 net_statd = proc_net_mkdir(net, "stat", netd);
387 if (!net_statd)
388 goto free_net;
389
390 net->proc_net = netd;
391 net->proc_net_stat = net_statd;
392 return 0;
393
394 free_net:
395 pde_free(netd);
396 out:
397 return err;
398 }
399
400 static __net_exit void proc_net_ns_exit(struct net *net)
401 {
402 remove_proc_entry("stat", net->proc_net);
403 pde_free(net->proc_net);
404 }
405
406 static struct pernet_operations __net_initdata proc_net_ns_ops = {
407 .init = proc_net_ns_init,
408 .exit = proc_net_ns_exit,
409 };
410
411 int __init proc_net_init(void)
412 {
413 proc_symlink("net", NULL, "self/net");
414
415 return register_pernet_subsys(&proc_net_ns_ops);
416 }
Michael's Linux tree.