From acdef55ef75ea82d7fea857995c23f6f3c5c02fc Mon Sep 17 00:00:00 2001
From: Sam Leonard <sam.leonard@codethink.co.uk>
Date: Tue, 30 Jan 2024 13:24:22 +0000
Subject: [PATCH] basic/namespace-util: add parse_userns_uid_range

---
 src/basic/namespace-util.c | 39 ++++++++++++++++++++++++++++++++++++++
 src/basic/namespace-util.h |  2 ++
 2 files changed, 41 insertions(+)

diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c
index d517263b36..c537c0f9b7 100644
--- a/src/basic/namespace-util.c
+++ b/src/basic/namespace-util.c
@@ -11,6 +11,7 @@
 #include "missing_magic.h"
 #include "missing_sched.h"
 #include "namespace-util.h"
+#include "parse-util.h"
 #include "process-util.h"
 #include "stat-util.h"
 #include "stdio-util.h"
@@ -305,3 +306,41 @@ int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type) {
 
         return stat_inode_same(&ns_st1, &ns_st2);
 }
+
+int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_range) {
+        _cleanup_free_ char *buffer = NULL;
+        const char *range, *shift;
+        int r;
+        uid_t uid_shift, uid_range = 65536;
+
+        assert(s);
+
+        range = strchr(s, ':');
+        if (range) {
+                buffer = strndup(s, range - s);
+                if (!buffer)
+                        return log_oom();
+                shift = buffer;
+
+                range++;
+                r = safe_atou32(range, &uid_range);
+                if (r < 0)
+                        return log_error_errno(r, "Failed to parse UID range \"%s\": %m", range);
+        } else
+                shift = s;
+
+        r = parse_uid(shift, &uid_shift);
+        if (r < 0)
+                return log_error_errno(r, "Failed to parse UID \"%s\": %m", s);
+
+        if (!userns_shift_range_valid(uid_shift, uid_range))
+                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "UID range cannot be empty or go beyond " UID_FMT ".", UID_INVALID);
+
+        if (ret_uid_shift)
+                *ret_uid_shift = uid_shift;
+
+        if (ret_uid_range)
+                *ret_uid_range = uid_range;
+
+        return 0;
+}
diff --git a/src/basic/namespace-util.h b/src/basic/namespace-util.h
index d1d015612f..34cbec3f6e 100644
--- a/src/basic/namespace-util.h
+++ b/src/basic/namespace-util.h
@@ -53,3 +53,5 @@ static inline bool userns_shift_range_valid(uid_t shift, uid_t range) {
 int userns_acquire(const char *uid_map, const char *gid_map);
 int netns_acquire(void);
 int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type);
+
+int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_range);
-- 
2.25.1