src/basic/namespace-util.h

   1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
   2 #pragma once
   3
   4 #include <sys/types.h>
   5
   6 typedef enum NamespaceType {
   7         NAMESPACE_CGROUP,
   8         NAMESPACE_IPC,
   9         NAMESPACE_NET,
  10         NAMESPACE_MOUNT,
  11         NAMESPACE_PID,
  12         NAMESPACE_USER,
  13         NAMESPACE_UTS,
  14         NAMESPACE_TIME,
  15         _NAMESPACE_TYPE_MAX,
  16         _NAMESPACE_TYPE_INVALID = -EINVAL,
  17 } NamespaceType;
  18
  19 extern const struct namespace_info {
  20         const char *proc_name;
  21         const char *proc_path;
  22         unsigned int clone_flag;
  23 } namespace_info[_NAMESPACE_TYPE_MAX + 1];
  24
  25 int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *userns_fd, int *root_fd);
  26 int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int root_fd);
  27
  28 int fd_is_ns(int fd, unsigned long nsflag);
  29
  30 int detach_mount_namespace(void);
  31
  32 static inline bool userns_shift_range_valid(uid_t shift, uid_t range) {
  33         /* Checks that the specified userns range makes sense, i.e. contains at least one UID, and the end
  34          * doesn't overflow uid_t. */
  35
  36         assert_cc((uid_t) -1 > 0); /* verify that uid_t is unsigned */
  37
  38         if (range <= 0)
  39                 return false;
  40
  41         if (shift > (uid_t) -1 - range)
  42                 return false;
  43
  44         return true;
  45 }
  46
  47 int userns_acquire(const char *uid_map, const char *gid_map);
  48 int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type);