1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _LINUX_UIDGID_H
3 #define _LINUX_UIDGID_H
4
5 /*
6 * A set of types for the internal kernel types representing uids and gids.
7 *
8 * The types defined in this header allow distinguishing which uids and gids in
9 * the kernel are values used by userspace and which uid and gid values are
10 * the internal kernel values. With the addition of user namespaces the values
11 * can be different. Using the type system makes it possible for the compiler
12 * to detect when we overlook these differences.
13 *
14 */
15 #include <linux/types.h>
16 #include <linux/highuid.h>
17
18 struct user_namespace;
19 extern struct user_namespace init_user_ns;
20
21 typedef struct {
22 uid_t val;
23 } kuid_t;
24
25
26 typedef struct {
27 gid_t val;
28 } kgid_t;
29
30 #define KUIDT_INIT(value) (kuid_t){ value }
31 #define KGIDT_INIT(value) (kgid_t){ value }
32
33 #ifdef CONFIG_MULTIUSER
__kuid_val(kuid_t uid)34 static inline uid_t __kuid_val(kuid_t uid)
35 {
36 return uid.val;
37 }
38
__kgid_val(kgid_t gid)39 static inline gid_t __kgid_val(kgid_t gid)
40 {
41 return gid.val;
42 }
43 #else
__kuid_val(kuid_t uid)44 static inline uid_t __kuid_val(kuid_t uid)
45 {
46 return 0;
47 }
48
__kgid_val(kgid_t gid)49 static inline gid_t __kgid_val(kgid_t gid)
50 {
51 return 0;
52 }
53 #endif
54
55 #define GLOBAL_ROOT_UID KUIDT_INIT(0)
56 #define GLOBAL_ROOT_GID KGIDT_INIT(0)
57
58 #define INVALID_UID KUIDT_INIT(-1)
59 #define INVALID_GID KGIDT_INIT(-1)
60
uid_eq(kuid_t left,kuid_t right)61 static inline bool uid_eq(kuid_t left, kuid_t right)
62 {
63 return __kuid_val(left) == __kuid_val(right);
64 }
65
gid_eq(kgid_t left,kgid_t right)66 static inline bool gid_eq(kgid_t left, kgid_t right)
67 {
68 return __kgid_val(left) == __kgid_val(right);
69 }
70
uid_gt(kuid_t left,kuid_t right)71 static inline bool uid_gt(kuid_t left, kuid_t right)
72 {
73 return __kuid_val(left) > __kuid_val(right);
74 }
75
gid_gt(kgid_t left,kgid_t right)76 static inline bool gid_gt(kgid_t left, kgid_t right)
77 {
78 return __kgid_val(left) > __kgid_val(right);
79 }
80
uid_gte(kuid_t left,kuid_t right)81 static inline bool uid_gte(kuid_t left, kuid_t right)
82 {
83 return __kuid_val(left) >= __kuid_val(right);
84 }
85
gid_gte(kgid_t left,kgid_t right)86 static inline bool gid_gte(kgid_t left, kgid_t right)
87 {
88 return __kgid_val(left) >= __kgid_val(right);
89 }
90
uid_lt(kuid_t left,kuid_t right)91 static inline bool uid_lt(kuid_t left, kuid_t right)
92 {
93 return __kuid_val(left) < __kuid_val(right);
94 }
95
gid_lt(kgid_t left,kgid_t right)96 static inline bool gid_lt(kgid_t left, kgid_t right)
97 {
98 return __kgid_val(left) < __kgid_val(right);
99 }
100
uid_lte(kuid_t left,kuid_t right)101 static inline bool uid_lte(kuid_t left, kuid_t right)
102 {
103 return __kuid_val(left) <= __kuid_val(right);
104 }
105
gid_lte(kgid_t left,kgid_t right)106 static inline bool gid_lte(kgid_t left, kgid_t right)
107 {
108 return __kgid_val(left) <= __kgid_val(right);
109 }
110
uid_valid(kuid_t uid)111 static inline bool uid_valid(kuid_t uid)
112 {
113 return __kuid_val(uid) != (uid_t) -1;
114 }
115
gid_valid(kgid_t gid)116 static inline bool gid_valid(kgid_t gid)
117 {
118 return __kgid_val(gid) != (gid_t) -1;
119 }
120
121 #ifdef CONFIG_USER_NS
122
123 extern kuid_t make_kuid(struct user_namespace *from, uid_t uid);
124 extern kgid_t make_kgid(struct user_namespace *from, gid_t gid);
125
126 extern uid_t from_kuid(struct user_namespace *to, kuid_t uid);
127 extern gid_t from_kgid(struct user_namespace *to, kgid_t gid);
128 extern uid_t from_kuid_munged(struct user_namespace *to, kuid_t uid);
129 extern gid_t from_kgid_munged(struct user_namespace *to, kgid_t gid);
130
kuid_has_mapping(struct user_namespace * ns,kuid_t uid)131 static inline bool kuid_has_mapping(struct user_namespace *ns, kuid_t uid)
132 {
133 return from_kuid(ns, uid) != (uid_t) -1;
134 }
135
kgid_has_mapping(struct user_namespace * ns,kgid_t gid)136 static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid)
137 {
138 return from_kgid(ns, gid) != (gid_t) -1;
139 }
140
141 #else
142
make_kuid(struct user_namespace * from,uid_t uid)143 static inline kuid_t make_kuid(struct user_namespace *from, uid_t uid)
144 {
145 return KUIDT_INIT(uid);
146 }
147
make_kgid(struct user_namespace * from,gid_t gid)148 static inline kgid_t make_kgid(struct user_namespace *from, gid_t gid)
149 {
150 return KGIDT_INIT(gid);
151 }
152
from_kuid(struct user_namespace * to,kuid_t kuid)153 static inline uid_t from_kuid(struct user_namespace *to, kuid_t kuid)
154 {
155 return __kuid_val(kuid);
156 }
157
from_kgid(struct user_namespace * to,kgid_t kgid)158 static inline gid_t from_kgid(struct user_namespace *to, kgid_t kgid)
159 {
160 return __kgid_val(kgid);
161 }
162
from_kuid_munged(struct user_namespace * to,kuid_t kuid)163 static inline uid_t from_kuid_munged(struct user_namespace *to, kuid_t kuid)
164 {
165 uid_t uid = from_kuid(to, kuid);
166 if (uid == (uid_t)-1)
167 uid = overflowuid;
168 return uid;
169 }
170
from_kgid_munged(struct user_namespace * to,kgid_t kgid)171 static inline gid_t from_kgid_munged(struct user_namespace *to, kgid_t kgid)
172 {
173 gid_t gid = from_kgid(to, kgid);
174 if (gid == (gid_t)-1)
175 gid = overflowgid;
176 return gid;
177 }
178
kuid_has_mapping(struct user_namespace * ns,kuid_t uid)179 static inline bool kuid_has_mapping(struct user_namespace *ns, kuid_t uid)
180 {
181 return uid_valid(uid);
182 }
183
kgid_has_mapping(struct user_namespace * ns,kgid_t gid)184 static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid)
185 {
186 return gid_valid(gid);
187 }
188
189 #endif /* CONFIG_USER_NS */
190
191 #endif /* _LINUX_UIDGID_H */
192