1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef _LINUX_UIDGID_H 3 #define _LINUX_UIDGID_H 4 5 /* 6 * A set of types for the internal kernel types representing uids and gids. 7 * 8 * The types defined in this header allow distinguishing which uids and gids in 9 * the kernel are values used by userspace and which uid and gid values are 10 * the internal kernel values. With the addition of user namespaces the values 11 * can be different. Using the type system makes it possible for the compiler 12 * to detect when we overlook these differences. 13 * 14 */ 15 #include <linux/types.h> 16 #include <linux/highuid.h> 17 18 struct user_namespace; 19 extern struct user_namespace init_user_ns; 20 21 typedef struct { 22 uid_t val; 23 } kuid_t; 24 25 26 typedef struct { 27 gid_t val; 28 } kgid_t; 29 30 #define KUIDT_INIT(value) (kuid_t){ value } 31 #define KGIDT_INIT(value) (kgid_t){ value } 32 33 #ifdef CONFIG_MULTIUSER __kuid_val(kuid_t uid)34 static inline uid_t __kuid_val(kuid_t uid) 35 { 36 return uid.val; 37 } 38 __kgid_val(kgid_t gid)39 static inline gid_t __kgid_val(kgid_t gid) 40 { 41 return gid.val; 42 } 43 #else __kuid_val(kuid_t uid)44 static inline uid_t __kuid_val(kuid_t uid) 45 { 46 return 0; 47 } 48 __kgid_val(kgid_t gid)49 static inline gid_t __kgid_val(kgid_t gid) 50 { 51 return 0; 52 } 53 #endif 54 55 #define GLOBAL_ROOT_UID KUIDT_INIT(0) 56 #define GLOBAL_ROOT_GID KGIDT_INIT(0) 57 58 #define INVALID_UID KUIDT_INIT(-1) 59 #define INVALID_GID KGIDT_INIT(-1) 60 uid_eq(kuid_t left,kuid_t right)61 static inline bool uid_eq(kuid_t left, kuid_t right) 62 { 63 return __kuid_val(left) == __kuid_val(right); 64 } 65 gid_eq(kgid_t left,kgid_t right)66 static inline bool gid_eq(kgid_t left, kgid_t right) 67 { 68 return __kgid_val(left) == __kgid_val(right); 69 } 70 uid_gt(kuid_t left,kuid_t right)71 static inline bool uid_gt(kuid_t left, kuid_t right) 72 { 73 return __kuid_val(left) > __kuid_val(right); 74 } 75 gid_gt(kgid_t left,kgid_t right)76 static inline bool gid_gt(kgid_t left, kgid_t right) 77 { 78 return __kgid_val(left) > __kgid_val(right); 79 } 80 uid_gte(kuid_t left,kuid_t right)81 static inline bool uid_gte(kuid_t left, kuid_t right) 82 { 83 return __kuid_val(left) >= __kuid_val(right); 84 } 85 gid_gte(kgid_t left,kgid_t right)86 static inline bool gid_gte(kgid_t left, kgid_t right) 87 { 88 return __kgid_val(left) >= __kgid_val(right); 89 } 90 uid_lt(kuid_t left,kuid_t right)91 static inline bool uid_lt(kuid_t left, kuid_t right) 92 { 93 return __kuid_val(left) < __kuid_val(right); 94 } 95 gid_lt(kgid_t left,kgid_t right)96 static inline bool gid_lt(kgid_t left, kgid_t right) 97 { 98 return __kgid_val(left) < __kgid_val(right); 99 } 100 uid_lte(kuid_t left,kuid_t right)101 static inline bool uid_lte(kuid_t left, kuid_t right) 102 { 103 return __kuid_val(left) <= __kuid_val(right); 104 } 105 gid_lte(kgid_t left,kgid_t right)106 static inline bool gid_lte(kgid_t left, kgid_t right) 107 { 108 return __kgid_val(left) <= __kgid_val(right); 109 } 110 uid_valid(kuid_t uid)111 static inline bool uid_valid(kuid_t uid) 112 { 113 return __kuid_val(uid) != (uid_t) -1; 114 } 115 gid_valid(kgid_t gid)116 static inline bool gid_valid(kgid_t gid) 117 { 118 return __kgid_val(gid) != (gid_t) -1; 119 } 120 121 #ifdef CONFIG_USER_NS 122 123 extern kuid_t make_kuid(struct user_namespace *from, uid_t uid); 124 extern kgid_t make_kgid(struct user_namespace *from, gid_t gid); 125 126 extern uid_t from_kuid(struct user_namespace *to, kuid_t uid); 127 extern gid_t from_kgid(struct user_namespace *to, kgid_t gid); 128 extern uid_t from_kuid_munged(struct user_namespace *to, kuid_t uid); 129 extern gid_t from_kgid_munged(struct user_namespace *to, kgid_t gid); 130 kuid_has_mapping(struct user_namespace * ns,kuid_t uid)131 static inline bool kuid_has_mapping(struct user_namespace *ns, kuid_t uid) 132 { 133 return from_kuid(ns, uid) != (uid_t) -1; 134 } 135 kgid_has_mapping(struct user_namespace * ns,kgid_t gid)136 static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) 137 { 138 return from_kgid(ns, gid) != (gid_t) -1; 139 } 140 141 #else 142 make_kuid(struct user_namespace * from,uid_t uid)143 static inline kuid_t make_kuid(struct user_namespace *from, uid_t uid) 144 { 145 return KUIDT_INIT(uid); 146 } 147 make_kgid(struct user_namespace * from,gid_t gid)148 static inline kgid_t make_kgid(struct user_namespace *from, gid_t gid) 149 { 150 return KGIDT_INIT(gid); 151 } 152 from_kuid(struct user_namespace * to,kuid_t kuid)153 static inline uid_t from_kuid(struct user_namespace *to, kuid_t kuid) 154 { 155 return __kuid_val(kuid); 156 } 157 from_kgid(struct user_namespace * to,kgid_t kgid)158 static inline gid_t from_kgid(struct user_namespace *to, kgid_t kgid) 159 { 160 return __kgid_val(kgid); 161 } 162 from_kuid_munged(struct user_namespace * to,kuid_t kuid)163 static inline uid_t from_kuid_munged(struct user_namespace *to, kuid_t kuid) 164 { 165 uid_t uid = from_kuid(to, kuid); 166 if (uid == (uid_t)-1) 167 uid = overflowuid; 168 return uid; 169 } 170 from_kgid_munged(struct user_namespace * to,kgid_t kgid)171 static inline gid_t from_kgid_munged(struct user_namespace *to, kgid_t kgid) 172 { 173 gid_t gid = from_kgid(to, kgid); 174 if (gid == (gid_t)-1) 175 gid = overflowgid; 176 return gid; 177 } 178 kuid_has_mapping(struct user_namespace * ns,kuid_t uid)179 static inline bool kuid_has_mapping(struct user_namespace *ns, kuid_t uid) 180 { 181 return uid_valid(uid); 182 } 183 kgid_has_mapping(struct user_namespace * ns,kgid_t gid)184 static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) 185 { 186 return gid_valid(gid); 187 } 188 189 #endif /* CONFIG_USER_NS */ 190 191 #endif /* _LINUX_UIDGID_H */ 192