summaryrefslogtreecommitdiffstats
path: root/kernel/user_namespace.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/user_namespace.c')
-rw-r--r--kernel/user_namespace.c29
1 files changed, 14 insertions, 15 deletions
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
index aa312b0dc3ec..1491ad00388f 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
@@ -86,11 +86,12 @@ int create_user_ns(struct cred *new)
86 if (!ns) 86 if (!ns)
87 return -ENOMEM; 87 return -ENOMEM;
88 88
89 ret = proc_alloc_inum(&ns->proc_inum); 89 ret = ns_alloc_inum(&ns->ns);
90 if (ret) { 90 if (ret) {
91 kmem_cache_free(user_ns_cachep, ns); 91 kmem_cache_free(user_ns_cachep, ns);
92 return ret; 92 return ret;
93 } 93 }
94 ns->ns.ops = &userns_operations;
94 95
95 atomic_set(&ns->count, 1); 96 atomic_set(&ns->count, 1);
96 /* Leave the new->user_ns reference with the new user namespace. */ 97 /* Leave the new->user_ns reference with the new user namespace. */
@@ -136,7 +137,7 @@ void free_user_ns(struct user_namespace *ns)
136#ifdef CONFIG_PERSISTENT_KEYRINGS 137#ifdef CONFIG_PERSISTENT_KEYRINGS
137 key_put(ns->persistent_keyring_register); 138 key_put(ns->persistent_keyring_register);
138#endif 139#endif
139 proc_free_inum(ns->proc_inum); 140 ns_free_inum(&ns->ns);
140 kmem_cache_free(user_ns_cachep, ns); 141 kmem_cache_free(user_ns_cachep, ns);
141 ns = parent; 142 ns = parent;
142 } while (atomic_dec_and_test(&parent->count)); 143 } while (atomic_dec_and_test(&parent->count));
@@ -841,7 +842,12 @@ static bool new_idmap_permitted(const struct file *file,
841 return false; 842 return false;
842} 843}
843 844
844static void *userns_get(struct task_struct *task) 845static inline struct user_namespace *to_user_ns(struct ns_common *ns)
846{
847 return container_of(ns, struct user_namespace, ns);
848}
849
850static struct ns_common *userns_get(struct task_struct *task)
845{ 851{
846 struct user_namespace *user_ns; 852 struct user_namespace *user_ns;
847 853
@@ -849,17 +855,17 @@ static void *userns_get(struct task_struct *task)
849 user_ns = get_user_ns(__task_cred(task)->user_ns); 855 user_ns = get_user_ns(__task_cred(task)->user_ns);
850 rcu_read_unlock(); 856 rcu_read_unlock();
851 857
852 return user_ns; 858 return user_ns ? &user_ns->ns : NULL;
853} 859}
854 860
855static void userns_put(void *ns) 861static void userns_put(struct ns_common *ns)
856{ 862{
857 put_user_ns(ns); 863 put_user_ns(to_user_ns(ns));
858} 864}
859 865
860static int userns_install(struct nsproxy *nsproxy, void *ns) 866static int userns_install(struct nsproxy *nsproxy, struct ns_common *ns)
861{ 867{
862 struct user_namespace *user_ns = ns; 868 struct user_namespace *user_ns = to_user_ns(ns);
863 struct cred *cred; 869 struct cred *cred;
864 870
865 /* Don't allow gaining capabilities by reentering 871 /* Don't allow gaining capabilities by reentering
@@ -888,19 +894,12 @@ static int userns_install(struct nsproxy *nsproxy, void *ns)
888 return commit_creds(cred); 894 return commit_creds(cred);
889} 895}
890 896
891static unsigned int userns_inum(void *ns)
892{
893 struct user_namespace *user_ns = ns;
894 return user_ns->proc_inum;
895}
896
897const struct proc_ns_operations userns_operations = { 897const struct proc_ns_operations userns_operations = {
898 .name = "user", 898 .name = "user",
899 .type = CLONE_NEWUSER, 899 .type = CLONE_NEWUSER,
900 .get = userns_get, 900 .get = userns_get,
901 .put = userns_put, 901 .put = userns_put,
902 .install = userns_install, 902 .install = userns_install,
903 .inum = userns_inum,
904}; 903};
905 904
906static __init int user_namespaces_init(void) 905static __init int user_namespaces_init(void)
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-28 22:01:07 -0400