diff options
author | Badari Pulavarty <pbadari@us.ibm.com> | 2007-05-08 03:25:21 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-05-08 14:15:00 -0400 |
commit | e3222c4ecc649c4ae568e61dda9349482401b501 (patch) | |
tree | d96614ef67d947a3dd8ab0929a4755bce9fdbcc1 /fs | |
parent | 4fc75ff4816c3483b4b772b2f6cb3d8fd88ca547 (diff) |
Merge sys_clone()/sys_unshare() nsproxy and namespace handling
sys_clone() and sys_unshare() both makes copies of nsproxy and its associated
namespaces. But they have different code paths.
This patch merges all the nsproxy and its associated namespace copy/clone
handling (as much as possible). Posted on container list earlier for
feedback.
- Create a new nsproxy and its associated namespaces and pass it back to
caller to attach it to right process.
- Changed all copy_*_ns() routines to return a new copy of namespace
instead of attaching it to task->nsproxy.
- Moved the CAP_SYS_ADMIN checks out of copy_*_ns() routines.
- Removed unnessary !ns checks from copy_*_ns() and added BUG_ON()
just incase.
- Get rid of all individual unshare_*_ns() routines and make use of
copy_*_ns() instead.
[akpm@osdl.org: cleanups, warning fix]
[clg@fr.ibm.com: remove dup_namespaces() declaration]
[serue@us.ibm.com: fix CONFIG_IPC_NS=n, clone(CLONE_NEWIPC) retval]
[akpm@linux-foundation.org: fix build with CONFIG_SYSVIPC=n]
Signed-off-by: Badari Pulavarty <pbadari@us.ibm.com>
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: <containers@lists.osdl.org>
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/namespace.c | 30 |
1 files changed, 7 insertions, 23 deletions
diff --git a/fs/namespace.c b/fs/namespace.c index fd999cab7b57..be5e56bfb73e 100644 --- a/fs/namespace.c +++ b/fs/namespace.c | |||
@@ -1441,10 +1441,9 @@ dput_out: | |||
1441 | * Allocate a new namespace structure and populate it with contents | 1441 | * Allocate a new namespace structure and populate it with contents |
1442 | * copied from the namespace of the passed in task structure. | 1442 | * copied from the namespace of the passed in task structure. |
1443 | */ | 1443 | */ |
1444 | struct mnt_namespace *dup_mnt_ns(struct task_struct *tsk, | 1444 | static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns, |
1445 | struct fs_struct *fs) | 1445 | struct fs_struct *fs) |
1446 | { | 1446 | { |
1447 | struct mnt_namespace *mnt_ns = tsk->nsproxy->mnt_ns; | ||
1448 | struct mnt_namespace *new_ns; | 1447 | struct mnt_namespace *new_ns; |
1449 | struct vfsmount *rootmnt = NULL, *pwdmnt = NULL, *altrootmnt = NULL; | 1448 | struct vfsmount *rootmnt = NULL, *pwdmnt = NULL, *altrootmnt = NULL; |
1450 | struct vfsmount *p, *q; | 1449 | struct vfsmount *p, *q; |
@@ -1509,36 +1508,21 @@ struct mnt_namespace *dup_mnt_ns(struct task_struct *tsk, | |||
1509 | return new_ns; | 1508 | return new_ns; |
1510 | } | 1509 | } |
1511 | 1510 | ||
1512 | int copy_mnt_ns(int flags, struct task_struct *tsk) | 1511 | struct mnt_namespace *copy_mnt_ns(int flags, struct mnt_namespace *ns, |
1512 | struct fs_struct *new_fs) | ||
1513 | { | 1513 | { |
1514 | struct mnt_namespace *ns = tsk->nsproxy->mnt_ns; | ||
1515 | struct mnt_namespace *new_ns; | 1514 | struct mnt_namespace *new_ns; |
1516 | int err = 0; | ||
1517 | |||
1518 | if (!ns) | ||
1519 | return 0; | ||
1520 | 1515 | ||
1516 | BUG_ON(!ns); | ||
1521 | get_mnt_ns(ns); | 1517 | get_mnt_ns(ns); |
1522 | 1518 | ||
1523 | if (!(flags & CLONE_NEWNS)) | 1519 | if (!(flags & CLONE_NEWNS)) |
1524 | return 0; | 1520 | return ns; |
1525 | |||
1526 | if (!capable(CAP_SYS_ADMIN)) { | ||
1527 | err = -EPERM; | ||
1528 | goto out; | ||
1529 | } | ||
1530 | |||
1531 | new_ns = dup_mnt_ns(tsk, tsk->fs); | ||
1532 | if (!new_ns) { | ||
1533 | err = -ENOMEM; | ||
1534 | goto out; | ||
1535 | } | ||
1536 | 1521 | ||
1537 | tsk->nsproxy->mnt_ns = new_ns; | 1522 | new_ns = dup_mnt_ns(ns, new_fs); |
1538 | 1523 | ||
1539 | out: | ||
1540 | put_mnt_ns(ns); | 1524 | put_mnt_ns(ns); |
1541 | return err; | 1525 | return new_ns; |
1542 | } | 1526 | } |
1543 | 1527 | ||
1544 | asmlinkage long sys_mount(char __user * dev_name, char __user * dir_name, | 1528 | asmlinkage long sys_mount(char __user * dev_name, char __user * dir_name, |