Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (C) 2007
4 *
5 * Author: Eric Biederman <ebiederm@xmision.com>
6 */
7
8#include <linux/module.h>
9#include <linux/ipc.h>
10#include <linux/nsproxy.h>
11#include <linux/sysctl.h>
12#include <linux/uaccess.h>
13#include <linux/capability.h>
14#include <linux/ipc_namespace.h>
15#include <linux/msg.h>
16#include <linux/slab.h>
17#include "util.h"
18
19static int proc_ipc_dointvec_minmax_orphans(struct ctl_table *table, int write,
20 void *buffer, size_t *lenp, loff_t *ppos)
21{
22 struct ipc_namespace *ns =
23 container_of(table->data, struct ipc_namespace, shm_rmid_forced);
24 int err;
25
26 err = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
27
28 if (err < 0)
29 return err;
30 if (ns->shm_rmid_forced)
31 shm_destroy_orphaned(ns);
32 return err;
33}
34
35static int proc_ipc_auto_msgmni(struct ctl_table *table, int write,
36 void *buffer, size_t *lenp, loff_t *ppos)
37{
38 struct ctl_table ipc_table;
39 int dummy = 0;
40
41 memcpy(&ipc_table, table, sizeof(ipc_table));
42 ipc_table.data = &dummy;
43
44 if (write)
45 pr_info_once("writing to auto_msgmni has no effect");
46
47 return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
48}
49
50static int proc_ipc_sem_dointvec(struct ctl_table *table, int write,
51 void *buffer, size_t *lenp, loff_t *ppos)
52{
53 struct ipc_namespace *ns =
54 container_of(table->data, struct ipc_namespace, sem_ctls);
55 int ret, semmni;
56
57 semmni = ns->sem_ctls[3];
58 ret = proc_dointvec(table, write, buffer, lenp, ppos);
59
60 if (!ret)
61 ret = sem_check_semmni(ns);
62
63 /*
64 * Reset the semmni value if an error happens.
65 */
66 if (ret)
67 ns->sem_ctls[3] = semmni;
68 return ret;
69}
70
71int ipc_mni = IPCMNI;
72int ipc_mni_shift = IPCMNI_SHIFT;
73int ipc_min_cycle = RADIX_TREE_MAP_SIZE;
74
75static struct ctl_table ipc_sysctls[] = {
76 {
77 .procname = "shmmax",
78 .data = &init_ipc_ns.shm_ctlmax,
79 .maxlen = sizeof(init_ipc_ns.shm_ctlmax),
80 .mode = 0644,
81 .proc_handler = proc_doulongvec_minmax,
82 },
83 {
84 .procname = "shmall",
85 .data = &init_ipc_ns.shm_ctlall,
86 .maxlen = sizeof(init_ipc_ns.shm_ctlall),
87 .mode = 0644,
88 .proc_handler = proc_doulongvec_minmax,
89 },
90 {
91 .procname = "shmmni",
92 .data = &init_ipc_ns.shm_ctlmni,
93 .maxlen = sizeof(init_ipc_ns.shm_ctlmni),
94 .mode = 0644,
95 .proc_handler = proc_dointvec_minmax,
96 .extra1 = SYSCTL_ZERO,
97 .extra2 = &ipc_mni,
98 },
99 {
100 .procname = "shm_rmid_forced",
101 .data = &init_ipc_ns.shm_rmid_forced,
102 .maxlen = sizeof(init_ipc_ns.shm_rmid_forced),
103 .mode = 0644,
104 .proc_handler = proc_ipc_dointvec_minmax_orphans,
105 .extra1 = SYSCTL_ZERO,
106 .extra2 = SYSCTL_ONE,
107 },
108 {
109 .procname = "msgmax",
110 .data = &init_ipc_ns.msg_ctlmax,
111 .maxlen = sizeof(init_ipc_ns.msg_ctlmax),
112 .mode = 0644,
113 .proc_handler = proc_dointvec_minmax,
114 .extra1 = SYSCTL_ZERO,
115 .extra2 = SYSCTL_INT_MAX,
116 },
117 {
118 .procname = "msgmni",
119 .data = &init_ipc_ns.msg_ctlmni,
120 .maxlen = sizeof(init_ipc_ns.msg_ctlmni),
121 .mode = 0644,
122 .proc_handler = proc_dointvec_minmax,
123 .extra1 = SYSCTL_ZERO,
124 .extra2 = &ipc_mni,
125 },
126 {
127 .procname = "auto_msgmni",
128 .data = NULL,
129 .maxlen = sizeof(int),
130 .mode = 0644,
131 .proc_handler = proc_ipc_auto_msgmni,
132 .extra1 = SYSCTL_ZERO,
133 .extra2 = SYSCTL_ONE,
134 },
135 {
136 .procname = "msgmnb",
137 .data = &init_ipc_ns.msg_ctlmnb,
138 .maxlen = sizeof(init_ipc_ns.msg_ctlmnb),
139 .mode = 0644,
140 .proc_handler = proc_dointvec_minmax,
141 .extra1 = SYSCTL_ZERO,
142 .extra2 = SYSCTL_INT_MAX,
143 },
144 {
145 .procname = "sem",
146 .data = &init_ipc_ns.sem_ctls,
147 .maxlen = 4*sizeof(int),
148 .mode = 0644,
149 .proc_handler = proc_ipc_sem_dointvec,
150 },
151#ifdef CONFIG_CHECKPOINT_RESTORE
152 {
153 .procname = "sem_next_id",
154 .data = &init_ipc_ns.ids[IPC_SEM_IDS].next_id,
155 .maxlen = sizeof(init_ipc_ns.ids[IPC_SEM_IDS].next_id),
156 .mode = 0444,
157 .proc_handler = proc_dointvec_minmax,
158 .extra1 = SYSCTL_ZERO,
159 .extra2 = SYSCTL_INT_MAX,
160 },
161 {
162 .procname = "msg_next_id",
163 .data = &init_ipc_ns.ids[IPC_MSG_IDS].next_id,
164 .maxlen = sizeof(init_ipc_ns.ids[IPC_MSG_IDS].next_id),
165 .mode = 0444,
166 .proc_handler = proc_dointvec_minmax,
167 .extra1 = SYSCTL_ZERO,
168 .extra2 = SYSCTL_INT_MAX,
169 },
170 {
171 .procname = "shm_next_id",
172 .data = &init_ipc_ns.ids[IPC_SHM_IDS].next_id,
173 .maxlen = sizeof(init_ipc_ns.ids[IPC_SHM_IDS].next_id),
174 .mode = 0444,
175 .proc_handler = proc_dointvec_minmax,
176 .extra1 = SYSCTL_ZERO,
177 .extra2 = SYSCTL_INT_MAX,
178 },
179#endif
180 {}
181};
182
183static struct ctl_table_set *set_lookup(struct ctl_table_root *root)
184{
185 return ¤t->nsproxy->ipc_ns->ipc_set;
186}
187
188static int set_is_seen(struct ctl_table_set *set)
189{
190 return ¤t->nsproxy->ipc_ns->ipc_set == set;
191}
192
193static int ipc_permissions(struct ctl_table_header *head, struct ctl_table *table)
194{
195 int mode = table->mode;
196
197#ifdef CONFIG_CHECKPOINT_RESTORE
198 struct ipc_namespace *ns = current->nsproxy->ipc_ns;
199
200 if (((table->data == &ns->ids[IPC_SEM_IDS].next_id) ||
201 (table->data == &ns->ids[IPC_MSG_IDS].next_id) ||
202 (table->data == &ns->ids[IPC_SHM_IDS].next_id)) &&
203 checkpoint_restore_ns_capable(ns->user_ns))
204 mode = 0666;
205#endif
206 return mode;
207}
208
209static struct ctl_table_root set_root = {
210 .lookup = set_lookup,
211 .permissions = ipc_permissions,
212};
213
214bool setup_ipc_sysctls(struct ipc_namespace *ns)
215{
216 struct ctl_table *tbl;
217
218 setup_sysctl_set(&ns->ipc_set, &set_root, set_is_seen);
219
220 tbl = kmemdup(ipc_sysctls, sizeof(ipc_sysctls), GFP_KERNEL);
221 if (tbl) {
222 int i;
223
224 for (i = 0; i < ARRAY_SIZE(ipc_sysctls); i++) {
225 if (tbl[i].data == &init_ipc_ns.shm_ctlmax)
226 tbl[i].data = &ns->shm_ctlmax;
227
228 else if (tbl[i].data == &init_ipc_ns.shm_ctlall)
229 tbl[i].data = &ns->shm_ctlall;
230
231 else if (tbl[i].data == &init_ipc_ns.shm_ctlmni)
232 tbl[i].data = &ns->shm_ctlmni;
233
234 else if (tbl[i].data == &init_ipc_ns.shm_rmid_forced)
235 tbl[i].data = &ns->shm_rmid_forced;
236
237 else if (tbl[i].data == &init_ipc_ns.msg_ctlmax)
238 tbl[i].data = &ns->msg_ctlmax;
239
240 else if (tbl[i].data == &init_ipc_ns.msg_ctlmni)
241 tbl[i].data = &ns->msg_ctlmni;
242
243 else if (tbl[i].data == &init_ipc_ns.msg_ctlmnb)
244 tbl[i].data = &ns->msg_ctlmnb;
245
246 else if (tbl[i].data == &init_ipc_ns.sem_ctls)
247 tbl[i].data = &ns->sem_ctls;
248#ifdef CONFIG_CHECKPOINT_RESTORE
249 else if (tbl[i].data == &init_ipc_ns.ids[IPC_SEM_IDS].next_id)
250 tbl[i].data = &ns->ids[IPC_SEM_IDS].next_id;
251
252 else if (tbl[i].data == &init_ipc_ns.ids[IPC_MSG_IDS].next_id)
253 tbl[i].data = &ns->ids[IPC_MSG_IDS].next_id;
254
255 else if (tbl[i].data == &init_ipc_ns.ids[IPC_SHM_IDS].next_id)
256 tbl[i].data = &ns->ids[IPC_SHM_IDS].next_id;
257#endif
258 else
259 tbl[i].data = NULL;
260 }
261
262 ns->ipc_sysctls = __register_sysctl_table(&ns->ipc_set, "kernel", tbl);
263 }
264 if (!ns->ipc_sysctls) {
265 kfree(tbl);
266 retire_sysctl_set(&ns->ipc_set);
267 return false;
268 }
269
270 return true;
271}
272
273void retire_ipc_sysctls(struct ipc_namespace *ns)
274{
275 struct ctl_table *tbl;
276
277 tbl = ns->ipc_sysctls->ctl_table_arg;
278 unregister_sysctl_table(ns->ipc_sysctls);
279 retire_sysctl_set(&ns->ipc_set);
280 kfree(tbl);
281}
282
283static int __init ipc_sysctl_init(void)
284{
285 if (!setup_ipc_sysctls(&init_ipc_ns)) {
286 pr_warn("ipc sysctl registration failed\n");
287 return -ENOMEM;
288 }
289 return 0;
290}
291
292device_initcall(ipc_sysctl_init);
293
294static int __init ipc_mni_extend(char *str)
295{
296 ipc_mni = IPCMNI_EXTEND;
297 ipc_mni_shift = IPCMNI_EXTEND_SHIFT;
298 ipc_min_cycle = IPCMNI_EXTEND_MIN_CYCLE;
299 pr_info("IPCMNI extended to %d.\n", ipc_mni);
300 return 0;
301}
302early_param("ipcmni_extend", ipc_mni_extend);
1/*
2 * Copyright (C) 2007
3 *
4 * Author: Eric Biederman <ebiederm@xmision.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License as
8 * published by the Free Software Foundation, version 2 of the
9 * License.
10 */
11
12#include <linux/module.h>
13#include <linux/ipc.h>
14#include <linux/nsproxy.h>
15#include <linux/sysctl.h>
16#include <linux/uaccess.h>
17#include <linux/ipc_namespace.h>
18#include <linux/msg.h>
19#include "util.h"
20
21static void *get_ipc(ctl_table *table)
22{
23 char *which = table->data;
24 struct ipc_namespace *ipc_ns = current->nsproxy->ipc_ns;
25 which = (which - (char *)&init_ipc_ns) + (char *)ipc_ns;
26 return which;
27}
28
29#ifdef CONFIG_PROC_SYSCTL
30static int proc_ipc_dointvec(ctl_table *table, int write,
31 void __user *buffer, size_t *lenp, loff_t *ppos)
32{
33 struct ctl_table ipc_table;
34
35 memcpy(&ipc_table, table, sizeof(ipc_table));
36 ipc_table.data = get_ipc(table);
37
38 return proc_dointvec(&ipc_table, write, buffer, lenp, ppos);
39}
40
41static int proc_ipc_dointvec_minmax(ctl_table *table, int write,
42 void __user *buffer, size_t *lenp, loff_t *ppos)
43{
44 struct ctl_table ipc_table;
45
46 memcpy(&ipc_table, table, sizeof(ipc_table));
47 ipc_table.data = get_ipc(table);
48
49 return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
50}
51
52static int proc_ipc_dointvec_minmax_orphans(ctl_table *table, int write,
53 void __user *buffer, size_t *lenp, loff_t *ppos)
54{
55 struct ipc_namespace *ns = current->nsproxy->ipc_ns;
56 int err = proc_ipc_dointvec_minmax(table, write, buffer, lenp, ppos);
57
58 if (err < 0)
59 return err;
60 if (ns->shm_rmid_forced)
61 shm_destroy_orphaned(ns);
62 return err;
63}
64
65static int proc_ipc_callback_dointvec_minmax(ctl_table *table, int write,
66 void __user *buffer, size_t *lenp, loff_t *ppos)
67{
68 struct ctl_table ipc_table;
69 size_t lenp_bef = *lenp;
70 int rc;
71
72 memcpy(&ipc_table, table, sizeof(ipc_table));
73 ipc_table.data = get_ipc(table);
74
75 rc = proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
76
77 if (write && !rc && lenp_bef == *lenp)
78 /*
79 * Tunable has successfully been changed by hand. Disable its
80 * automatic adjustment. This simply requires unregistering
81 * the notifiers that trigger recalculation.
82 */
83 unregister_ipcns_notifier(current->nsproxy->ipc_ns);
84
85 return rc;
86}
87
88static int proc_ipc_doulongvec_minmax(ctl_table *table, int write,
89 void __user *buffer, size_t *lenp, loff_t *ppos)
90{
91 struct ctl_table ipc_table;
92 memcpy(&ipc_table, table, sizeof(ipc_table));
93 ipc_table.data = get_ipc(table);
94
95 return proc_doulongvec_minmax(&ipc_table, write, buffer,
96 lenp, ppos);
97}
98
99/*
100 * Routine that is called when the file "auto_msgmni" has successfully been
101 * written.
102 * Two values are allowed:
103 * 0: unregister msgmni's callback routine from the ipc namespace notifier
104 * chain. This means that msgmni won't be recomputed anymore upon memory
105 * add/remove or ipc namespace creation/removal.
106 * 1: register back the callback routine.
107 */
108static void ipc_auto_callback(int val)
109{
110 if (!val)
111 unregister_ipcns_notifier(current->nsproxy->ipc_ns);
112 else {
113 /*
114 * Re-enable automatic recomputing only if not already
115 * enabled.
116 */
117 recompute_msgmni(current->nsproxy->ipc_ns);
118 cond_register_ipcns_notifier(current->nsproxy->ipc_ns);
119 }
120}
121
122static int proc_ipcauto_dointvec_minmax(ctl_table *table, int write,
123 void __user *buffer, size_t *lenp, loff_t *ppos)
124{
125 struct ctl_table ipc_table;
126 size_t lenp_bef = *lenp;
127 int oldval;
128 int rc;
129
130 memcpy(&ipc_table, table, sizeof(ipc_table));
131 ipc_table.data = get_ipc(table);
132 oldval = *((int *)(ipc_table.data));
133
134 rc = proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
135
136 if (write && !rc && lenp_bef == *lenp) {
137 int newval = *((int *)(ipc_table.data));
138 /*
139 * The file "auto_msgmni" has correctly been set.
140 * React by (un)registering the corresponding tunable, if the
141 * value has changed.
142 */
143 if (newval != oldval)
144 ipc_auto_callback(newval);
145 }
146
147 return rc;
148}
149
150#else
151#define proc_ipc_doulongvec_minmax NULL
152#define proc_ipc_dointvec NULL
153#define proc_ipc_dointvec_minmax NULL
154#define proc_ipc_dointvec_minmax_orphans NULL
155#define proc_ipc_callback_dointvec_minmax NULL
156#define proc_ipcauto_dointvec_minmax NULL
157#endif
158
159static int zero;
160static int one = 1;
161static int int_max = INT_MAX;
162
163static struct ctl_table ipc_kern_table[] = {
164 {
165 .procname = "shmmax",
166 .data = &init_ipc_ns.shm_ctlmax,
167 .maxlen = sizeof(init_ipc_ns.shm_ctlmax),
168 .mode = 0644,
169 .proc_handler = proc_ipc_doulongvec_minmax,
170 },
171 {
172 .procname = "shmall",
173 .data = &init_ipc_ns.shm_ctlall,
174 .maxlen = sizeof(init_ipc_ns.shm_ctlall),
175 .mode = 0644,
176 .proc_handler = proc_ipc_doulongvec_minmax,
177 },
178 {
179 .procname = "shmmni",
180 .data = &init_ipc_ns.shm_ctlmni,
181 .maxlen = sizeof(init_ipc_ns.shm_ctlmni),
182 .mode = 0644,
183 .proc_handler = proc_ipc_dointvec,
184 },
185 {
186 .procname = "shm_rmid_forced",
187 .data = &init_ipc_ns.shm_rmid_forced,
188 .maxlen = sizeof(init_ipc_ns.shm_rmid_forced),
189 .mode = 0644,
190 .proc_handler = proc_ipc_dointvec_minmax_orphans,
191 .extra1 = &zero,
192 .extra2 = &one,
193 },
194 {
195 .procname = "msgmax",
196 .data = &init_ipc_ns.msg_ctlmax,
197 .maxlen = sizeof(init_ipc_ns.msg_ctlmax),
198 .mode = 0644,
199 .proc_handler = proc_ipc_dointvec_minmax,
200 .extra1 = &zero,
201 .extra2 = &int_max,
202 },
203 {
204 .procname = "msgmni",
205 .data = &init_ipc_ns.msg_ctlmni,
206 .maxlen = sizeof(init_ipc_ns.msg_ctlmni),
207 .mode = 0644,
208 .proc_handler = proc_ipc_callback_dointvec_minmax,
209 .extra1 = &zero,
210 .extra2 = &int_max,
211 },
212 {
213 .procname = "msgmnb",
214 .data = &init_ipc_ns.msg_ctlmnb,
215 .maxlen = sizeof(init_ipc_ns.msg_ctlmnb),
216 .mode = 0644,
217 .proc_handler = proc_ipc_dointvec_minmax,
218 .extra1 = &zero,
219 .extra2 = &int_max,
220 },
221 {
222 .procname = "sem",
223 .data = &init_ipc_ns.sem_ctls,
224 .maxlen = 4*sizeof(int),
225 .mode = 0644,
226 .proc_handler = proc_ipc_dointvec,
227 },
228 {
229 .procname = "auto_msgmni",
230 .data = &init_ipc_ns.auto_msgmni,
231 .maxlen = sizeof(int),
232 .mode = 0644,
233 .proc_handler = proc_ipcauto_dointvec_minmax,
234 .extra1 = &zero,
235 .extra2 = &one,
236 },
237#ifdef CONFIG_CHECKPOINT_RESTORE
238 {
239 .procname = "sem_next_id",
240 .data = &init_ipc_ns.ids[IPC_SEM_IDS].next_id,
241 .maxlen = sizeof(init_ipc_ns.ids[IPC_SEM_IDS].next_id),
242 .mode = 0644,
243 .proc_handler = proc_ipc_dointvec_minmax,
244 .extra1 = &zero,
245 .extra2 = &int_max,
246 },
247 {
248 .procname = "msg_next_id",
249 .data = &init_ipc_ns.ids[IPC_MSG_IDS].next_id,
250 .maxlen = sizeof(init_ipc_ns.ids[IPC_MSG_IDS].next_id),
251 .mode = 0644,
252 .proc_handler = proc_ipc_dointvec_minmax,
253 .extra1 = &zero,
254 .extra2 = &int_max,
255 },
256 {
257 .procname = "shm_next_id",
258 .data = &init_ipc_ns.ids[IPC_SHM_IDS].next_id,
259 .maxlen = sizeof(init_ipc_ns.ids[IPC_SHM_IDS].next_id),
260 .mode = 0644,
261 .proc_handler = proc_ipc_dointvec_minmax,
262 .extra1 = &zero,
263 .extra2 = &int_max,
264 },
265#endif
266 {}
267};
268
269static struct ctl_table ipc_root_table[] = {
270 {
271 .procname = "kernel",
272 .mode = 0555,
273 .child = ipc_kern_table,
274 },
275 {}
276};
277
278static int __init ipc_sysctl_init(void)
279{
280 register_sysctl_table(ipc_root_table);
281 return 0;
282}
283
284device_initcall(ipc_sysctl_init);