1*a793d79eSChristian Brauner /* SPDX-License-Identifier: GPL-2.0 */ 2*a793d79eSChristian Brauner #ifndef _LINUX_MNT_IDMAPPING_H 3*a793d79eSChristian Brauner #define _LINUX_MNT_IDMAPPING_H 4*a793d79eSChristian Brauner 5*a793d79eSChristian Brauner #include <linux/types.h> 6*a793d79eSChristian Brauner #include <linux/uidgid.h> 7*a793d79eSChristian Brauner 8*a793d79eSChristian Brauner struct user_namespace; 9*a793d79eSChristian Brauner extern struct user_namespace init_user_ns; 10*a793d79eSChristian Brauner 11*a793d79eSChristian Brauner /** 12*a793d79eSChristian Brauner * kuid_into_mnt - map a kuid down into a mnt_userns 13*a793d79eSChristian Brauner * @mnt_userns: user namespace of the relevant mount 14*a793d79eSChristian Brauner * @kuid: kuid to be mapped 15*a793d79eSChristian Brauner * 16*a793d79eSChristian Brauner * Return: @kuid mapped according to @mnt_userns. 17*a793d79eSChristian Brauner * If @kuid has no mapping INVALID_UID is returned. 18*a793d79eSChristian Brauner */ 19*a793d79eSChristian Brauner static inline kuid_t kuid_into_mnt(struct user_namespace *mnt_userns, 20*a793d79eSChristian Brauner kuid_t kuid) 21*a793d79eSChristian Brauner { 22*a793d79eSChristian Brauner return make_kuid(mnt_userns, __kuid_val(kuid)); 23*a793d79eSChristian Brauner } 24*a793d79eSChristian Brauner 25*a793d79eSChristian Brauner /** 26*a793d79eSChristian Brauner * kgid_into_mnt - map a kgid down into a mnt_userns 27*a793d79eSChristian Brauner * @mnt_userns: user namespace of the relevant mount 28*a793d79eSChristian Brauner * @kgid: kgid to be mapped 29*a793d79eSChristian Brauner * 30*a793d79eSChristian Brauner * Return: @kgid mapped according to @mnt_userns. 31*a793d79eSChristian Brauner * If @kgid has no mapping INVALID_GID is returned. 32*a793d79eSChristian Brauner */ 33*a793d79eSChristian Brauner static inline kgid_t kgid_into_mnt(struct user_namespace *mnt_userns, 34*a793d79eSChristian Brauner kgid_t kgid) 35*a793d79eSChristian Brauner { 36*a793d79eSChristian Brauner return make_kgid(mnt_userns, __kgid_val(kgid)); 37*a793d79eSChristian Brauner } 38*a793d79eSChristian Brauner 39*a793d79eSChristian Brauner /** 40*a793d79eSChristian Brauner * kuid_from_mnt - map a kuid up into a mnt_userns 41*a793d79eSChristian Brauner * @mnt_userns: user namespace of the relevant mount 42*a793d79eSChristian Brauner * @kuid: kuid to be mapped 43*a793d79eSChristian Brauner * 44*a793d79eSChristian Brauner * Return: @kuid mapped up according to @mnt_userns. 45*a793d79eSChristian Brauner * If @kuid has no mapping INVALID_UID is returned. 46*a793d79eSChristian Brauner */ 47*a793d79eSChristian Brauner static inline kuid_t kuid_from_mnt(struct user_namespace *mnt_userns, 48*a793d79eSChristian Brauner kuid_t kuid) 49*a793d79eSChristian Brauner { 50*a793d79eSChristian Brauner return KUIDT_INIT(from_kuid(mnt_userns, kuid)); 51*a793d79eSChristian Brauner } 52*a793d79eSChristian Brauner 53*a793d79eSChristian Brauner /** 54*a793d79eSChristian Brauner * kgid_from_mnt - map a kgid up into a mnt_userns 55*a793d79eSChristian Brauner * @mnt_userns: user namespace of the relevant mount 56*a793d79eSChristian Brauner * @kgid: kgid to be mapped 57*a793d79eSChristian Brauner * 58*a793d79eSChristian Brauner * Return: @kgid mapped up according to @mnt_userns. 59*a793d79eSChristian Brauner * If @kgid has no mapping INVALID_GID is returned. 60*a793d79eSChristian Brauner */ 61*a793d79eSChristian Brauner static inline kgid_t kgid_from_mnt(struct user_namespace *mnt_userns, 62*a793d79eSChristian Brauner kgid_t kgid) 63*a793d79eSChristian Brauner { 64*a793d79eSChristian Brauner return KGIDT_INIT(from_kgid(mnt_userns, kgid)); 65*a793d79eSChristian Brauner } 66*a793d79eSChristian Brauner 67*a793d79eSChristian Brauner /** 68*a793d79eSChristian Brauner * mapped_fsuid - return caller's fsuid mapped up into a mnt_userns 69*a793d79eSChristian Brauner * @mnt_userns: user namespace of the relevant mount 70*a793d79eSChristian Brauner * 71*a793d79eSChristian Brauner * Use this helper to initialize a new vfs or filesystem object based on 72*a793d79eSChristian Brauner * the caller's fsuid. A common example is initializing the i_uid field of 73*a793d79eSChristian Brauner * a newly allocated inode triggered by a creation event such as mkdir or 74*a793d79eSChristian Brauner * O_CREAT. Other examples include the allocation of quotas for a specific 75*a793d79eSChristian Brauner * user. 76*a793d79eSChristian Brauner * 77*a793d79eSChristian Brauner * Return: the caller's current fsuid mapped up according to @mnt_userns. 78*a793d79eSChristian Brauner */ 79*a793d79eSChristian Brauner static inline kuid_t mapped_fsuid(struct user_namespace *mnt_userns) 80*a793d79eSChristian Brauner { 81*a793d79eSChristian Brauner return kuid_from_mnt(mnt_userns, current_fsuid()); 82*a793d79eSChristian Brauner } 83*a793d79eSChristian Brauner 84*a793d79eSChristian Brauner /** 85*a793d79eSChristian Brauner * mapped_fsgid - return caller's fsgid mapped up into a mnt_userns 86*a793d79eSChristian Brauner * @mnt_userns: user namespace of the relevant mount 87*a793d79eSChristian Brauner * 88*a793d79eSChristian Brauner * Use this helper to initialize a new vfs or filesystem object based on 89*a793d79eSChristian Brauner * the caller's fsgid. A common example is initializing the i_gid field of 90*a793d79eSChristian Brauner * a newly allocated inode triggered by a creation event such as mkdir or 91*a793d79eSChristian Brauner * O_CREAT. Other examples include the allocation of quotas for a specific 92*a793d79eSChristian Brauner * user. 93*a793d79eSChristian Brauner * 94*a793d79eSChristian Brauner * Return: the caller's current fsgid mapped up according to @mnt_userns. 95*a793d79eSChristian Brauner */ 96*a793d79eSChristian Brauner static inline kgid_t mapped_fsgid(struct user_namespace *mnt_userns) 97*a793d79eSChristian Brauner { 98*a793d79eSChristian Brauner return kgid_from_mnt(mnt_userns, current_fsgid()); 99*a793d79eSChristian Brauner } 100*a793d79eSChristian Brauner 101*a793d79eSChristian Brauner #endif /* _LINUX_MNT_IDMAPPING_H */ 102