sysctl_net.c source code [linux/net/sysctl_net.c]

1	// SPDX-License-Identifier: GPL-2.0-only
2	/ -- linux-c --*
3	* sysctl_net.c: sysctl interface to net subsystem.
4	*
5	* Begun April 1, 1996, Mike Shaver.
6	* Added /proc/sys/net directories for each protocol family. [MS]
7	*
8	* Revision 1.2 1996/05/08 20:24:40 shaver
9	* Added bits for NET_BRIDGE and the NET_IPV4_ARP stuff and
10	* NET_IPV4_IP_FORWARD.
11	*
12	*
13	*/
14
15	#include <linux/mm.h>
16	#include <linux/export.h>
17	#include <linux/sysctl.h>
18	#include <linux/nsproxy.h>
19
20	#include <net/sock.h>
21
22	#ifdef CONFIG_INET
23	#include <net/ip.h>
24	#endif
25
26	#ifdef CONFIG_NET
27	#include <linux/if_ether.h>
28	#endif
29
30	static struct ctl_table_set *
31	net_ctl_header_lookup(struct ctl_table_root *root)
32	{
33	return &current->nsproxy->net_ns->sysctls;
34	}
35
36	static int is_seen(struct ctl_table_set *set)
37	{
38	return &current->nsproxy->net_ns->sysctls == set;
39	}
40
41	/ Return standard mode bits for table entry. /
42	static int net_ctl_permissions(struct ctl_table_header *head,
43	struct ctl_table *table)
44	{
45	struct net net = container_of(head->set, struct* net, sysctls);
46
47	/ Allow network administrator to have same access as root. /
48	if (ns_capable_noaudit(ns: net->user_ns, CAP_NET_ADMIN)) {
49	int mode = (table->mode >> `6`) & `7`;
50	return (mode << `6`) \| (mode << `3`) \| mode;
51	}
52
53	return table->mode;
54	}
55
56	static void net_ctl_set_ownership(struct ctl_table_header *head,
57	struct ctl_table *table,
58	kuid_t uid, kgid_t gid)
59	{
60	struct net net = container_of(head->set, struct* net, sysctls);
61	kuid_t ns_root_uid;
62	kgid_t ns_root_gid;
63
64	ns_root_uid = make_kuid(from: net->user_ns, uid: `0`);
65	if (uid_valid(uid: ns_root_uid))
66	*uid = ns_root_uid;
67
68	ns_root_gid = make_kgid(from: net->user_ns, gid: `0`);
69	if (gid_valid(gid: ns_root_gid))
70	*gid = ns_root_gid;
71	}
72
73	static struct ctl_table_root net_sysctl_root = {
74	.lookup = net_ctl_header_lookup,
75	.permissions = net_ctl_permissions,
76	.set_ownership = net_ctl_set_ownership,
77	};
78
79	static int __net_init sysctl_net_init(struct net *net)
80	{
81	setup_sysctl_set(p: &net->sysctls, root: &net_sysctl_root, is_seen);
82	return `0`;
83	}
84
85	static void __net_exit sysctl_net_exit(struct net *net)
86	{
87	retire_sysctl_set(set: &net->sysctls);
88	}
89
90	static struct pernet_operations sysctl_pernet_ops = {
91	.init = sysctl_net_init,
92	.exit = sysctl_net_exit,
93	};
94
95	static struct ctl_table_header *net_header;
96	__init int net_sysctl_init(void)
97	{
98	static struct ctl_table empty[`1`];
99	int ret = -ENOMEM;
100	/ Avoid limitations in the sysctl implementation by*
101	* registering "/proc/sys/net" as an empty directory not in a
102	* network namespace.
103	*/
104	net_header = register_sysctl_sz(path: "net", table: empty, table_size: `0`);
105	if (!net_header)
106	goto out;
107	ret = register_pernet_subsys(&sysctl_pernet_ops);
108	if (ret)
109	goto out1;
110	out:
111	return ret;
112	out1:
113	unregister_sysctl_table(table: net_header);
114	net_header = NULL;
115	goto out;
116	}
117
118	/ Verify that sysctls for non-init netns are safe by either:*
119	* 1) being read-only, or
120	* 2) having a data pointer which points outside of the global kernel/module
121	* data segment, and rather into the heap where a per-net object was
122	* allocated.
123	*/
124	static void ensure_safe_net_sysctl(struct net net, const* char *path,
125	struct ctl_table *table, size_t table_size)
126	{
127	struct ctl_table *ent;
128
129	pr_debug("Registering net sysctl (net %p): %s\n", net, path);
130	ent = table;
131	for (size_t i = `0`; i < table_size && ent->procname; ent++, i++) {
132	unsigned long addr;
133	const char *where;
134
135	pr_debug(" procname=%s mode=%o proc_handler=%ps data=%p\n",
136	ent->procname, ent->mode, ent->proc_handler, ent->data);
137
138	/ If it's not writable inside the netns, then it can't hurt. /
139	if ((ent->mode & `0222`) == `0`) {
140	pr_debug(" Not writable by anyone\n");
141	continue;
142	}
143
144	/ Where does data point? /
145	addr = (unsigned long)ent->data;
146	if (is_module_address(addr))
147	where = "module";
148	else if (is_kernel_core_data(addr))
149	where = "kernel";
150	else
151	continue;
152
153	/ If it is writable and points to kernel/module global*
154	* data, then it's probably a netns leak.
155	*/
156	WARN(`1`, "sysctl %s/%s: data points to %s global data: %ps\n",
157	path, ent->procname, where, ent->data);
158
159	/ Make it "safe" by dropping writable perms /
160	ent->mode &= ~`0222`;
161	}
162	}
163
164	struct ctl_table_header register_net_sysctl_sz(struct* net *net,
165	const char *path,
166	struct ctl_table *table,
167	size_t table_size)
168	{
169	int count;
170	struct ctl_table *entry;
171
172	if (!net_eq(net1: net, net2: &init_net))
173	ensure_safe_net_sysctl(net, path, table, table_size);
174
175	entry = table;
176	for (count = `0` ; count < table_size && entry->procname; entry++, count++)
177	;
178
179	return __register_sysctl_table(set: &net->sysctls, path, table, table_size: count);
180	}
181	EXPORT_SYMBOL_GPL(register_net_sysctl_sz);
182
183	void unregister_net_sysctl_table(struct ctl_table_header *header)
184	{
185	unregister_sysctl_table(table: header);
186	}
187	EXPORT_SYMBOL_GPL(unregister_net_sysctl_table);
188

source code of linux/net/sysctl_net.c