net/sysctl_net.c

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /* -*- linux-c -*-
   3  * sysctl_net.c: sysctl interface to net subsystem.
   4  *
   5  * Begun April 1, 1996, Mike Shaver.
   6  * Added /proc/sys/net directories for each protocol family. [MS]
   7  *
   8  * Revision 1.2  1996/05/08  20:24:40  shaver
   9  * Added bits for NET_BRIDGE and the NET_IPV4_ARP stuff and
  10  * NET_IPV4_IP_FORWARD.
  11  *
  12  *
  13  */
  14
  15 #include <linux/mm.h>
  16 #include <linux/export.h>
  17 #include <linux/sysctl.h>
  18 #include <linux/nsproxy.h>
  19
  20 #include <net/sock.h>
  21
  22 #ifdef CONFIG_INET
  23 #include <net/ip.h>
  24 #endif
  25
  26 #ifdef CONFIG_NET
  27 #include <linux/if_ether.h>
  28 #endif
  29
  30 static struct ctl_table_set *
  31 net_ctl_header_lookup(struct ctl_table_root *root)
  32 {
  33         return &current->nsproxy->net_ns->sysctls;
  34 }
  35
  36 static int is_seen(struct ctl_table_set *set)
  37 {
  38         return &current->nsproxy->net_ns->sysctls == set;
  39 }
  40
  41 /* Return standard mode bits for table entry. */
  42 static int net_ctl_permissions(struct ctl_table_header *head,
  43                                const struct ctl_table *table)
  44 {
  45         struct net *net = container_of(head->set, struct net, sysctls);
  46
  47         /* Allow network administrator to have same access as root. */
  48         if (ns_capable_noaudit(net->user_ns, CAP_NET_ADMIN)) {
  49                 int mode = (table->mode >> 6) & 7;
  50                 return (mode << 6) | (mode << 3) | mode;
  51         }
  52
  53         return table->mode;
  54 }
  55
  56 static void net_ctl_set_ownership(struct ctl_table_header *head,
  57                                   kuid_t *uid, kgid_t *gid)
  58 {
  59         struct net *net = container_of(head->set, struct net, sysctls);
  60         kuid_t ns_root_uid;
  61         kgid_t ns_root_gid;
  62
  63         ns_root_uid = make_kuid(net->user_ns, 0);
  64         if (uid_valid(ns_root_uid))
  65                 *uid = ns_root_uid;
  66
  67         ns_root_gid = make_kgid(net->user_ns, 0);
  68         if (gid_valid(ns_root_gid))
  69                 *gid = ns_root_gid;
  70 }
  71
  72 static struct ctl_table_root net_sysctl_root = {
  73         .lookup = net_ctl_header_lookup,
  74         .permissions = net_ctl_permissions,
  75         .set_ownership = net_ctl_set_ownership,
  76 };
  77
  78 static int __net_init sysctl_net_init(struct net *net)
  79 {
  80         setup_sysctl_set(&net->sysctls, &net_sysctl_root, is_seen);
  81         return 0;
  82 }
  83
  84 static void __net_exit sysctl_net_exit(struct net *net)
  85 {
  86         retire_sysctl_set(&net->sysctls);
  87 }
  88
  89 static struct pernet_operations sysctl_pernet_ops = {
  90         .init = sysctl_net_init,
  91         .exit = sysctl_net_exit,
  92 };
  93
  94 static struct ctl_table_header *net_header;
  95 __init int net_sysctl_init(void)
  96 {
  97         static struct ctl_table empty[1];
  98         int ret = -ENOMEM;
  99         /* Avoid limitations in the sysctl implementation by
 100          * registering "/proc/sys/net" as an empty directory not in a
 101          * network namespace.
 102          */
 103         net_header = register_sysctl_sz("net", empty, 0);
 104         if (!net_header)
 105                 goto out;
 106         ret = register_pernet_subsys(&sysctl_pernet_ops);
 107         if (ret)
 108                 goto out1;
 109 out:
 110         return ret;
 111 out1:
 112         unregister_sysctl_table(net_header);
 113         net_header = NULL;
 114         goto out;
 115 }
 116
 117 /* Verify that sysctls for non-init netns are safe by either:
 118  * 1) being read-only, or
 119  * 2) having a data pointer which points outside of the global kernel/module
 120  *    data segment, and rather into the heap where a per-net object was
 121  *    allocated.
 122  */
 123 static void ensure_safe_net_sysctl(struct net *net, const char *path,
 124                                    struct ctl_table *table, size_t table_size)
 125 {
 126         struct ctl_table *ent;
 127
 128         pr_debug("Registering net sysctl (net %p): %s\n", net, path);
 129         ent = table;
 130         for (size_t i = 0; i < table_size; ent++, i++) {
 131                 unsigned long addr;
 132                 const char *where;
 133
 134                 pr_debug("  procname=%s mode=%o proc_handler=%ps data=%p\n",
 135                          ent->procname, ent->mode, ent->proc_handler, ent->data);
 136
 137                 /* If it's not writable inside the netns, then it can't hurt. */
 138                 if ((ent->mode & 0222) == 0) {
 139                         pr_debug("    Not writable by anyone\n");
 140                         continue;
 141                 }
 142
 143                 /* Where does data point? */
 144                 addr = (unsigned long)ent->data;
 145                 if (is_module_address(addr))
 146                         where = "module";
 147                 else if (is_kernel_core_data(addr))
 148                         where = "kernel";
 149                 else
 150                         continue;
 151
 152                 /* If it is writable and points to kernel/module global
 153                  * data, then it's probably a netns leak.
 154                  */
 155                 WARN(1, "sysctl %s/%s: data points to %s global data: %ps\n",
 156                      path, ent->procname, where, ent->data);
 157
 158                 /* Make it "safe" by dropping writable perms */
 159                 ent->mode &= ~0222;
 160         }
 161 }
 162
 163 struct ctl_table_header *register_net_sysctl_sz(struct net *net,
 164                                                 const char *path,
 165                                                 struct ctl_table *table,
 166                                                 size_t table_size)
 167 {
 168         if (!net_eq(net, &init_net))
 169                 ensure_safe_net_sysctl(net, path, table, table_size);
 170
 171         return __register_sysctl_table(&net->sysctls, path, table, table_size);
 172 }
 173 EXPORT_SYMBOL_GPL(register_net_sysctl_sz);
 174
 175 void unregister_net_sysctl_table(struct ctl_table_header *header)
 176 {
 177         unregister_sysctl_table(header);
 178 }
 179 EXPORT_SYMBOL_GPL(unregister_net_sysctl_table);