1 files changed, 87 insertions, 13 deletions
diff --git a/fs/nsfs.c b/fs/nsfs.c
index 8f20d6016e20..fb7b397a1297 100644
--- a/fs/nsfs.c
+++ b/fs/nsfs.c
@@ -5,11 +5,16 @@
 #include <linux/magic.h>
 #include <linux/ktime.h>
 #include <linux/seq_file.h>
+#include <linux/user_namespace.h>
+#include <linux/nsfs.h>
 static struct vfsmount *nsfs_mnt;
+static long ns_ioctl(struct file *filp, unsigned int ioctl,
+                        unsigned long arg);
 static const struct file_operations ns_file_operations = {
        .llseek         = no_llseek,
+        .unlocked_ioctl = ns_ioctl,
 };
 static char *ns_dname(struct dentry *dentry, char *buffer, int buflen)
@@ -44,22 +49,14 @@ static void nsfs_evict(struct inode *inode)
        ns->ops->put(ns);
 }
-void *ns_get_path(struct path *path, struct task_struct *task,
+static void *__ns_get_path(struct path *path, struct ns_common *ns)
-                        const struct proc_ns_operations *ns_ops)
 {
        struct vfsmount *mnt = mntget(nsfs_mnt);
        struct qstr qname = { .name = "", };
        struct dentry *dentry;
        struct inode *inode;
-        struct ns_common *ns;
        unsigned long d;
-again:
-        ns = ns_ops->get(task);
-        if (!ns) {
-                mntput(mnt);
-                return ERR_PTR(-ENOENT);
-        }
        rcu_read_lock();
        d = atomic_long_read(&ns->stashed);
        if (!d)
@@ -68,7 +65,7 @@ again:
        if (!lockref_get_not_dead(&dentry->d_lockref))
                goto slow;
        rcu_read_unlock();
-        ns_ops->put(ns);
+        ns->ops->put(ns);
 got_it:
        path->mnt = mnt;
        path->dentry = dentry;
@@ -77,7 +74,7 @@ slow:
        rcu_read_unlock();
        inode = new_inode_pseudo(mnt->mnt_sb);
        if (!inode) {
-                ns_ops->put(ns);
+                ns->ops->put(ns);
                mntput(mnt);
                return ERR_PTR(-ENOMEM);
        }
@@ -95,17 +92,94 @@ slow:
                return ERR_PTR(-ENOMEM);
        }
        d_instantiate(dentry, inode);
-        dentry->d_fsdata = (void *)ns_ops;
+        dentry->d_fsdata = (void *)ns->ops;
        d = atomic_long_cmpxchg(&ns->stashed, 0, (unsigned long)dentry);
        if (d) {
                d_delete(dentry);       /* make sure ->d_prune() does nothing */
                dput(dentry);
+                mntput(mnt);
                cpu_relax();
-                goto again;
+                return ERR_PTR(-EAGAIN);
        }
        goto got_it;
 }
+void *ns_get_path(struct path *path, struct task_struct *task,
+                        const struct proc_ns_operations *ns_ops)
+{
+        struct ns_common *ns;
+        void *ret;
+again:
+        ns = ns_ops->get(task);
+        if (!ns)
+                return ERR_PTR(-ENOENT);
+        ret = __ns_get_path(path, ns);
+        if (IS_ERR(ret) && PTR_ERR(ret) == -EAGAIN)
+                goto again;
+        return ret;
+}
+static int open_related_ns(struct ns_common *ns,
+                   struct ns_common *(*get_ns)(struct ns_common *ns))
+{
+        struct path path = {};
+        struct file *f;
+        void *err;
+        int fd;
+        fd = get_unused_fd_flags(O_CLOEXEC);
+        if (fd < 0)
+                return fd;
+        while (1) {
+                struct ns_common *relative;
+                relative = get_ns(ns);
+                if (IS_ERR(relative)) {
+                        put_unused_fd(fd);
+                        return PTR_ERR(relative);
+                }
+                err = __ns_get_path(&path, relative);
+                if (IS_ERR(err) && PTR_ERR(err) == -EAGAIN)
+                        continue;
+                break;
+        }
+        if (IS_ERR(err)) {
+                put_unused_fd(fd);
+                return PTR_ERR(err);
+        }
+        f = dentry_open(&path, O_RDONLY, current_cred());
+        path_put(&path);
+        if (IS_ERR(f)) {
+                put_unused_fd(fd);
+                fd = PTR_ERR(f);
+        } else
+                fd_install(fd, f);
+        return fd;
+}
+static long ns_ioctl(struct file *filp, unsigned int ioctl,
+                        unsigned long arg)
+{
+        struct ns_common *ns = get_proc_ns(file_inode(filp));
+        switch (ioctl) {
+        case NS_GET_USERNS:
+                return open_related_ns(ns, ns_get_owner);
+        case NS_GET_PARENT:
+                if (!ns->ops->get_parent)
+                        return -EINVAL;
+                return open_related_ns(ns, ns->ops->get_parent);
+        default:
+                return -ENOTTY;
+        }
+}
 int ns_get_name(char *buf, size_t size, struct task_struct *task,
                        const struct proc_ns_operations *ns_ops)
 {

diff --git a/fs/nsfs.c b/fs/nsfs.c index 8f20d6016e20..fb7b397a1297 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c
@@ -5,11 +5,16 @@
5	#include <linux/magic.h>	5	#include <linux/magic.h>
6	#include <linux/ktime.h>	6	#include <linux/ktime.h>
7	#include <linux/seq_file.h>	7	#include <linux/seq_file.h>
		8	#include <linux/user_namespace.h>
		9	#include <linux/nsfs.h>
8		10
9	static struct vfsmount *nsfs_mnt;	11	static struct vfsmount *nsfs_mnt;
10		12
		13	static long ns_ioctl(struct file *filp, unsigned int ioctl,
		14	unsigned long arg);
11	static const struct file_operations ns_file_operations = {	15	static const struct file_operations ns_file_operations = {
12	.llseek = no_llseek,	16	.llseek = no_llseek,
		17	.unlocked_ioctl = ns_ioctl,
13	};	18	};
14		19
15	static char ns_dname(struct dentry dentry, char *buffer, int buflen)	20	static char ns_dname(struct dentry dentry, char *buffer, int buflen)
@@ -44,22 +49,14 @@ static void nsfs_evict(struct inode *inode)
44	ns->ops->put(ns);	49	ns->ops->put(ns);
45	}	50	}
46		51
47	void ns_get_path(struct path path, struct task_struct *task,	52	static void __ns_get_path(struct path path, struct ns_common *ns)
48	const struct proc_ns_operations *ns_ops)
49	{	53	{
50	struct vfsmount *mnt = mntget(nsfs_mnt);	54	struct vfsmount *mnt = mntget(nsfs_mnt);
51	struct qstr qname = { .name = "", };	55	struct qstr qname = { .name = "", };
52	struct dentry *dentry;	56	struct dentry *dentry;
53	struct inode *inode;	57	struct inode *inode;
54	struct ns_common *ns;
55	unsigned long d;	58	unsigned long d;
56		59
57	again:
58	ns = ns_ops->get(task);
59	if (!ns) {
60	mntput(mnt);
61	return ERR_PTR(-ENOENT);
62	}
63	rcu_read_lock();	60	rcu_read_lock();
64	d = atomic_long_read(&ns->stashed);	61	d = atomic_long_read(&ns->stashed);
65	if (!d)	62	if (!d)
@@ -68,7 +65,7 @@ again:
68	if (!lockref_get_not_dead(&dentry->d_lockref))	65	if (!lockref_get_not_dead(&dentry->d_lockref))
69	goto slow;	66	goto slow;
70	rcu_read_unlock();	67	rcu_read_unlock();
71	ns_ops->put(ns);	68	ns->ops->put(ns);
72	got_it:	69	got_it:
73	path->mnt = mnt;	70	path->mnt = mnt;
74	path->dentry = dentry;	71	path->dentry = dentry;
@@ -77,7 +74,7 @@ slow:
77	rcu_read_unlock();	74	rcu_read_unlock();
78	inode = new_inode_pseudo(mnt->mnt_sb);	75	inode = new_inode_pseudo(mnt->mnt_sb);
79	if (!inode) {	76	if (!inode) {
80	ns_ops->put(ns);	77	ns->ops->put(ns);
81	mntput(mnt);	78	mntput(mnt);
82	return ERR_PTR(-ENOMEM);	79	return ERR_PTR(-ENOMEM);
83	}	80	}
@@ -95,17 +92,94 @@ slow:
95	return ERR_PTR(-ENOMEM);	92	return ERR_PTR(-ENOMEM);
96	}	93	}
97	d_instantiate(dentry, inode);	94	d_instantiate(dentry, inode);
98	dentry->d_fsdata = (void *)ns_ops;	95	dentry->d_fsdata = (void *)ns->ops;
99	d = atomic_long_cmpxchg(&ns->stashed, 0, (unsigned long)dentry);	96	d = atomic_long_cmpxchg(&ns->stashed, 0, (unsigned long)dentry);
100	if (d) {	97	if (d) {
101	d_delete(dentry); /* make sure ->d_prune() does nothing */	98	d_delete(dentry); /* make sure ->d_prune() does nothing */
102	dput(dentry);	99	dput(dentry);
		100	mntput(mnt);
103	cpu_relax();	101	cpu_relax();
104	goto again;	102	return ERR_PTR(-EAGAIN);
105	}	103	}
106	goto got_it;	104	goto got_it;
107	}	105	}
108		106
		107	void ns_get_path(struct path path, struct task_struct *task,
		108	const struct proc_ns_operations *ns_ops)
		109	{
		110	struct ns_common *ns;
		111	void *ret;
		112
		113	again:
		114	ns = ns_ops->get(task);
		115	if (!ns)
		116	return ERR_PTR(-ENOENT);
		117
		118	ret = __ns_get_path(path, ns);
		119	if (IS_ERR(ret) && PTR_ERR(ret) == -EAGAIN)
		120	goto again;
		121	return ret;
		122	}
		123
		124	static int open_related_ns(struct ns_common *ns,
		125	struct ns_common (get_ns)(struct ns_common *ns))
		126	{
		127	struct path path = {};
		128	struct file *f;
		129	void *err;
		130	int fd;
		131
		132	fd = get_unused_fd_flags(O_CLOEXEC);
		133	if (fd < 0)
		134	return fd;
		135
		136	while (1) {
		137	struct ns_common *relative;
		138
		139	relative = get_ns(ns);
		140	if (IS_ERR(relative)) {
		141	put_unused_fd(fd);
		142	return PTR_ERR(relative);
		143	}
		144
		145	err = __ns_get_path(&path, relative);
		146	if (IS_ERR(err) && PTR_ERR(err) == -EAGAIN)
		147	continue;
		148	break;
		149	}
		150	if (IS_ERR(err)) {
		151	put_unused_fd(fd);
		152	return PTR_ERR(err);
		153	}
		154
		155	f = dentry_open(&path, O_RDONLY, current_cred());
		156	path_put(&path);
		157	if (IS_ERR(f)) {
		158	put_unused_fd(fd);
		159	fd = PTR_ERR(f);
		160	} else
		161	fd_install(fd, f);
		162
		163	return fd;
		164	}
		165
		166	static long ns_ioctl(struct file *filp, unsigned int ioctl,
		167	unsigned long arg)
		168	{
		169	struct ns_common *ns = get_proc_ns(file_inode(filp));
		170
		171	switch (ioctl) {
		172	case NS_GET_USERNS:
		173	return open_related_ns(ns, ns_get_owner);
		174	case NS_GET_PARENT:
		175	if (!ns->ops->get_parent)
		176	return -EINVAL;
		177	return open_related_ns(ns, ns->ops->get_parent);
		178	default:
		179	return -ENOTTY;
		180	}
		181	}
		182
109	int ns_get_name(char buf, size_t size, struct task_struct task,	183	int ns_get_name(char buf, size_t size, struct task_struct task,
110	const struct proc_ns_operations *ns_ops)	184	const struct proc_ns_operations *ns_ops)
111	{	185	{