1 // SPDX-License-Identifier: GPL-2.0-only
7 * Author: Eric Biederman <ebiederm@xmission.com>
9 * proc net directory handling functions
12 #include <linux/uaccess.h>
14 #include <linux/errno.h>
15 #include <linux/time.h>
16 #include <linux/proc_fs.h>
17 #include <linux/stat.h>
18 #include <linux/slab.h>
19 #include <linux/init.h>
20 #include <linux/sched.h>
21 #include <linux/sched/task.h>
22 #include <linux/module.h>
23 #include <linux/bitops.h>
24 #include <linux/mount.h>
25 #include <linux/nsproxy.h>
26 #include <linux/uidgid.h>
27 #include <net/net_namespace.h>
28 #include <linux/seq_file.h>
32 static inline struct net
*PDE_NET(struct proc_dir_entry
*pde
)
34 return pde
->parent
->data
;
37 static struct net
*get_proc_net(const struct inode
*inode
)
39 return maybe_get_net(PDE_NET(PDE(inode
)));
42 static int proc_net_d_revalidate(struct dentry
*dentry
, unsigned int flags
)
47 static const struct dentry_operations proc_net_dentry_ops
= {
48 .d_revalidate
= proc_net_d_revalidate
,
49 .d_delete
= always_delete_dentry
,
52 static void pde_force_lookup(struct proc_dir_entry
*pde
)
54 /* /proc/net/ entries can be changed under us by setns(CLONE_NEWNET) */
55 pde
->proc_dops
= &proc_net_dentry_ops
;
58 static int seq_open_net(struct inode
*inode
, struct file
*file
)
60 unsigned int state_size
= PDE(inode
)->state_size
;
61 struct seq_net_private
*p
;
64 WARN_ON_ONCE(state_size
< sizeof(*p
));
66 if (file
->f_mode
& FMODE_WRITE
&& !PDE(inode
)->write
)
69 net
= get_proc_net(inode
);
73 p
= __seq_open_private(file
, PDE(inode
)->seq_ops
, state_size
);
84 static int seq_release_net(struct inode
*ino
, struct file
*f
)
86 struct seq_file
*seq
= f
->private_data
;
88 put_net(seq_file_net(seq
));
89 seq_release_private(ino
, f
);
93 static const struct proc_ops proc_net_seq_ops
= {
94 .proc_open
= seq_open_net
,
95 .proc_read
= seq_read
,
96 .proc_write
= proc_simple_write
,
97 .proc_lseek
= seq_lseek
,
98 .proc_release
= seq_release_net
,
101 struct proc_dir_entry
*proc_create_net_data(const char *name
, umode_t mode
,
102 struct proc_dir_entry
*parent
, const struct seq_operations
*ops
,
103 unsigned int state_size
, void *data
)
105 struct proc_dir_entry
*p
;
107 p
= proc_create_reg(name
, mode
, &parent
, data
);
111 p
->proc_ops
= &proc_net_seq_ops
;
113 p
->state_size
= state_size
;
114 return proc_register(parent
, p
);
116 EXPORT_SYMBOL_GPL(proc_create_net_data
);
119 * proc_create_net_data_write - Create a writable net_ns-specific proc file
120 * @name: The name of the file.
121 * @mode: The file's access mode.
122 * @parent: The parent directory in which to create.
123 * @ops: The seq_file ops with which to read the file.
124 * @write: The write method which which to 'modify' the file.
125 * @data: Data for retrieval by PDE_DATA().
127 * Create a network namespaced proc file in the @parent directory with the
128 * specified @name and @mode that allows reading of a file that displays a
129 * series of elements and also provides for the file accepting writes that have
130 * some arbitrary effect.
132 * The functions in the @ops table are used to iterate over items to be
133 * presented and extract the readable content using the seq_file interface.
135 * The @write function is called with the data copied into a kernel space
136 * scratch buffer and has a NUL appended for convenience. The buffer may be
137 * modified by the @write function. @write should return 0 on success.
139 * The @data value is accessible from the @show and @write functions by calling
140 * PDE_DATA() on the file inode. The network namespace must be accessed by
141 * calling seq_file_net() on the seq_file struct.
143 struct proc_dir_entry
*proc_create_net_data_write(const char *name
, umode_t mode
,
144 struct proc_dir_entry
*parent
,
145 const struct seq_operations
*ops
,
147 unsigned int state_size
, void *data
)
149 struct proc_dir_entry
*p
;
151 p
= proc_create_reg(name
, mode
, &parent
, data
);
155 p
->proc_ops
= &proc_net_seq_ops
;
157 p
->state_size
= state_size
;
159 return proc_register(parent
, p
);
161 EXPORT_SYMBOL_GPL(proc_create_net_data_write
);
163 static int single_open_net(struct inode
*inode
, struct file
*file
)
165 struct proc_dir_entry
*de
= PDE(inode
);
169 net
= get_proc_net(inode
);
173 err
= single_open(file
, de
->single_show
, net
);
179 static int single_release_net(struct inode
*ino
, struct file
*f
)
181 struct seq_file
*seq
= f
->private_data
;
182 put_net(seq
->private);
183 return single_release(ino
, f
);
186 static const struct proc_ops proc_net_single_ops
= {
187 .proc_open
= single_open_net
,
188 .proc_read
= seq_read
,
189 .proc_write
= proc_simple_write
,
190 .proc_lseek
= seq_lseek
,
191 .proc_release
= single_release_net
,
194 struct proc_dir_entry
*proc_create_net_single(const char *name
, umode_t mode
,
195 struct proc_dir_entry
*parent
,
196 int (*show
)(struct seq_file
*, void *), void *data
)
198 struct proc_dir_entry
*p
;
200 p
= proc_create_reg(name
, mode
, &parent
, data
);
204 p
->proc_ops
= &proc_net_single_ops
;
205 p
->single_show
= show
;
206 return proc_register(parent
, p
);
208 EXPORT_SYMBOL_GPL(proc_create_net_single
);
211 * proc_create_net_single_write - Create a writable net_ns-specific proc file
212 * @name: The name of the file.
213 * @mode: The file's access mode.
214 * @parent: The parent directory in which to create.
215 * @show: The seqfile show method with which to read the file.
216 * @write: The write method which which to 'modify' the file.
217 * @data: Data for retrieval by PDE_DATA().
219 * Create a network-namespaced proc file in the @parent directory with the
220 * specified @name and @mode that allows reading of a file that displays a
221 * single element rather than a series and also provides for the file accepting
222 * writes that have some arbitrary effect.
224 * The @show function is called to extract the readable content via the
225 * seq_file interface.
227 * The @write function is called with the data copied into a kernel space
228 * scratch buffer and has a NUL appended for convenience. The buffer may be
229 * modified by the @write function. @write should return 0 on success.
231 * The @data value is accessible from the @show and @write functions by calling
232 * PDE_DATA() on the file inode. The network namespace must be accessed by
233 * calling seq_file_single_net() on the seq_file struct.
235 struct proc_dir_entry
*proc_create_net_single_write(const char *name
, umode_t mode
,
236 struct proc_dir_entry
*parent
,
237 int (*show
)(struct seq_file
*, void *),
241 struct proc_dir_entry
*p
;
243 p
= proc_create_reg(name
, mode
, &parent
, data
);
247 p
->proc_ops
= &proc_net_single_ops
;
248 p
->single_show
= show
;
250 return proc_register(parent
, p
);
252 EXPORT_SYMBOL_GPL(proc_create_net_single_write
);
254 static struct net
*get_proc_task_net(struct inode
*dir
)
256 struct task_struct
*task
;
258 struct net
*net
= NULL
;
261 task
= pid_task(proc_pid(dir
), PIDTYPE_PID
);
266 net
= get_net(ns
->net_ns
);
274 static struct dentry
*proc_tgid_net_lookup(struct inode
*dir
,
275 struct dentry
*dentry
, unsigned int flags
)
280 de
= ERR_PTR(-ENOENT
);
281 net
= get_proc_task_net(dir
);
283 de
= proc_lookup_de(dir
, dentry
, net
->proc_net
);
289 static int proc_tgid_net_getattr(const struct path
*path
, struct kstat
*stat
,
290 u32 request_mask
, unsigned int query_flags
)
292 struct inode
*inode
= d_inode(path
->dentry
);
295 net
= get_proc_task_net(inode
);
297 generic_fillattr(inode
, stat
);
300 stat
->nlink
= net
->proc_net
->nlink
;
307 const struct inode_operations proc_net_inode_operations
= {
308 .lookup
= proc_tgid_net_lookup
,
309 .getattr
= proc_tgid_net_getattr
,
312 static int proc_tgid_net_readdir(struct file
*file
, struct dir_context
*ctx
)
318 net
= get_proc_task_net(file_inode(file
));
320 ret
= proc_readdir_de(file
, ctx
, net
->proc_net
);
326 const struct file_operations proc_net_operations
= {
327 .llseek
= generic_file_llseek
,
328 .read
= generic_read_dir
,
329 .iterate_shared
= proc_tgid_net_readdir
,
332 static __net_init
int proc_net_ns_init(struct net
*net
)
334 struct proc_dir_entry
*netd
, *net_statd
;
340 netd
= kmem_cache_zalloc(proc_dir_entry_cache
, GFP_KERNEL
);
344 netd
->subdir
= RB_ROOT
;
348 netd
->parent
= &proc_root
;
349 netd
->name
= netd
->inline_name
;
350 memcpy(netd
->name
, "net", 4);
352 uid
= make_kuid(net
->user_ns
, 0);
356 gid
= make_kgid(net
->user_ns
, 0);
360 proc_set_user(netd
, uid
, gid
);
363 net_statd
= proc_net_mkdir(net
, "stat", netd
);
367 net
->proc_net
= netd
;
368 net
->proc_net_stat
= net_statd
;
377 static __net_exit
void proc_net_ns_exit(struct net
*net
)
379 remove_proc_entry("stat", net
->proc_net
);
380 pde_free(net
->proc_net
);
383 static struct pernet_operations __net_initdata proc_net_ns_ops
= {
384 .init
= proc_net_ns_init
,
385 .exit
= proc_net_ns_exit
,
388 int __init
proc_net_init(void)
390 proc_symlink("net", NULL
, "self/net");
392 return register_pernet_subsys(&proc_net_ns_ops
);