diff options
| author | Badari Pulavarty <pbadari@us.ibm.com> | 2007-05-08 03:25:21 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-05-08 14:15:00 -0400 |
| commit | e3222c4ecc649c4ae568e61dda9349482401b501 (patch) | |
| tree | d96614ef67d947a3dd8ab0929a4755bce9fdbcc1 /include | |
| parent | 4fc75ff4816c3483b4b772b2f6cb3d8fd88ca547 (diff) | |
Merge sys_clone()/sys_unshare() nsproxy and namespace handling
sys_clone() and sys_unshare() both makes copies of nsproxy and its associated
namespaces. But they have different code paths.
This patch merges all the nsproxy and its associated namespace copy/clone
handling (as much as possible). Posted on container list earlier for
feedback.
- Create a new nsproxy and its associated namespaces and pass it back to
caller to attach it to right process.
- Changed all copy_*_ns() routines to return a new copy of namespace
instead of attaching it to task->nsproxy.
- Moved the CAP_SYS_ADMIN checks out of copy_*_ns() routines.
- Removed unnessary !ns checks from copy_*_ns() and added BUG_ON()
just incase.
- Get rid of all individual unshare_*_ns() routines and make use of
copy_*_ns() instead.
[akpm@osdl.org: cleanups, warning fix]
[clg@fr.ibm.com: remove dup_namespaces() declaration]
[serue@us.ibm.com: fix CONFIG_IPC_NS=n, clone(CLONE_NEWIPC) retval]
[akpm@linux-foundation.org: fix build with CONFIG_SYSVIPC=n]
Signed-off-by: Badari Pulavarty <pbadari@us.ibm.com>
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: <containers@lists.osdl.org>
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/ipc.h | 11 | ||||
| -rw-r--r-- | include/linux/mnt_namespace.h | 5 | ||||
| -rw-r--r-- | include/linux/nsproxy.h | 3 | ||||
| -rw-r--r-- | include/linux/pid_namespace.h | 2 | ||||
| -rw-r--r-- | include/linux/utsname.h | 19 |
5 files changed, 16 insertions, 24 deletions
diff --git a/include/linux/ipc.h b/include/linux/ipc.h index 6da6772c19ff..1980867a64a4 100644 --- a/include/linux/ipc.h +++ b/include/linux/ipc.h | |||
| @@ -92,16 +92,19 @@ extern struct ipc_namespace init_ipc_ns; | |||
| 92 | 92 | ||
| 93 | #ifdef CONFIG_SYSVIPC | 93 | #ifdef CONFIG_SYSVIPC |
| 94 | #define INIT_IPC_NS(ns) .ns = &init_ipc_ns, | 94 | #define INIT_IPC_NS(ns) .ns = &init_ipc_ns, |
| 95 | extern int copy_ipcs(unsigned long flags, struct task_struct *tsk); | 95 | extern struct ipc_namespace *copy_ipcs(unsigned long flags, |
| 96 | struct ipc_namespace *ns); | ||
| 96 | #else | 97 | #else |
| 97 | #define INIT_IPC_NS(ns) | 98 | #define INIT_IPC_NS(ns) |
| 98 | static inline int copy_ipcs(unsigned long flags, struct task_struct *tsk) | 99 | static inline struct ipc_namespace *copy_ipcs(unsigned long flags, |
| 99 | { return 0; } | 100 | struct ipc_namespace *ns) |
| 101 | { | ||
| 102 | return ns; | ||
| 103 | } | ||
| 100 | #endif | 104 | #endif |
| 101 | 105 | ||
| 102 | #ifdef CONFIG_IPC_NS | 106 | #ifdef CONFIG_IPC_NS |
| 103 | extern void free_ipc_ns(struct kref *kref); | 107 | extern void free_ipc_ns(struct kref *kref); |
| 104 | extern int unshare_ipcs(unsigned long flags, struct ipc_namespace **ns); | ||
| 105 | #endif | 108 | #endif |
| 106 | 109 | ||
| 107 | static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) | 110 | static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) |
diff --git a/include/linux/mnt_namespace.h b/include/linux/mnt_namespace.h index 4af0b1fc282a..1fa4d9813b31 100644 --- a/include/linux/mnt_namespace.h +++ b/include/linux/mnt_namespace.h | |||
| @@ -14,10 +14,9 @@ struct mnt_namespace { | |||
| 14 | int event; | 14 | int event; |
| 15 | }; | 15 | }; |
| 16 | 16 | ||
| 17 | extern int copy_mnt_ns(int, struct task_struct *); | 17 | extern struct mnt_namespace *copy_mnt_ns(int, struct mnt_namespace *, |
| 18 | extern void __put_mnt_ns(struct mnt_namespace *ns); | ||
| 19 | extern struct mnt_namespace *dup_mnt_ns(struct task_struct *, | ||
| 20 | struct fs_struct *); | 18 | struct fs_struct *); |
| 19 | extern void __put_mnt_ns(struct mnt_namespace *ns); | ||
| 21 | 20 | ||
| 22 | static inline void put_mnt_ns(struct mnt_namespace *ns) | 21 | static inline void put_mnt_ns(struct mnt_namespace *ns) |
| 23 | { | 22 | { |
diff --git a/include/linux/nsproxy.h b/include/linux/nsproxy.h index 0b9f0dc30d61..189e0dc993ab 100644 --- a/include/linux/nsproxy.h +++ b/include/linux/nsproxy.h | |||
| @@ -31,10 +31,11 @@ struct nsproxy { | |||
| 31 | }; | 31 | }; |
| 32 | extern struct nsproxy init_nsproxy; | 32 | extern struct nsproxy init_nsproxy; |
| 33 | 33 | ||
| 34 | struct nsproxy *dup_namespaces(struct nsproxy *orig); | ||
| 35 | int copy_namespaces(int flags, struct task_struct *tsk); | 34 | int copy_namespaces(int flags, struct task_struct *tsk); |
| 36 | void get_task_namespaces(struct task_struct *tsk); | 35 | void get_task_namespaces(struct task_struct *tsk); |
| 37 | void free_nsproxy(struct nsproxy *ns); | 36 | void free_nsproxy(struct nsproxy *ns); |
| 37 | int unshare_nsproxy_namespaces(unsigned long, struct nsproxy **, | ||
| 38 | struct fs_struct *); | ||
| 38 | 39 | ||
| 39 | static inline void put_nsproxy(struct nsproxy *ns) | 40 | static inline void put_nsproxy(struct nsproxy *ns) |
| 40 | { | 41 | { |
diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h index 2833806d42c6..169c6c24209b 100644 --- a/include/linux/pid_namespace.h +++ b/include/linux/pid_namespace.h | |||
| @@ -29,7 +29,7 @@ static inline void get_pid_ns(struct pid_namespace *ns) | |||
| 29 | kref_get(&ns->kref); | 29 | kref_get(&ns->kref); |
| 30 | } | 30 | } |
| 31 | 31 | ||
| 32 | extern int copy_pid_ns(int flags, struct task_struct *tsk); | 32 | extern struct pid_namespace *copy_pid_ns(int flags, struct pid_namespace *ns); |
| 33 | extern void free_pid_ns(struct kref *kref); | 33 | extern void free_pid_ns(struct kref *kref); |
| 34 | 34 | ||
| 35 | static inline void put_pid_ns(struct pid_namespace *ns) | 35 | static inline void put_pid_ns(struct pid_namespace *ns) |
diff --git a/include/linux/utsname.h b/include/linux/utsname.h index e10267d402c5..f8d3b326e93a 100644 --- a/include/linux/utsname.h +++ b/include/linux/utsname.h | |||
| @@ -49,9 +49,7 @@ static inline void get_uts_ns(struct uts_namespace *ns) | |||
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | #ifdef CONFIG_UTS_NS | 51 | #ifdef CONFIG_UTS_NS |
| 52 | extern int unshare_utsname(unsigned long unshare_flags, | 52 | extern struct uts_namespace *copy_utsname(int flags, struct uts_namespace *ns); |
| 53 | struct uts_namespace **new_uts); | ||
| 54 | extern int copy_utsname(int flags, struct task_struct *tsk); | ||
| 55 | extern void free_uts_ns(struct kref *kref); | 53 | extern void free_uts_ns(struct kref *kref); |
| 56 | 54 | ||
| 57 | static inline void put_uts_ns(struct uts_namespace *ns) | 55 | static inline void put_uts_ns(struct uts_namespace *ns) |
| @@ -59,21 +57,12 @@ static inline void put_uts_ns(struct uts_namespace *ns) | |||
| 59 | kref_put(&ns->kref, free_uts_ns); | 57 | kref_put(&ns->kref, free_uts_ns); |
| 60 | } | 58 | } |
| 61 | #else | 59 | #else |
| 62 | static inline int unshare_utsname(unsigned long unshare_flags, | 60 | static inline struct uts_namespace *copy_utsname(int flags, |
| 63 | struct uts_namespace **new_uts) | 61 | struct uts_namespace *ns) |
| 64 | { | 62 | { |
| 65 | if (unshare_flags & CLONE_NEWUTS) | 63 | return ns; |
| 66 | return -EINVAL; | ||
| 67 | |||
| 68 | return 0; | ||
| 69 | } | 64 | } |
| 70 | 65 | ||
| 71 | static inline int copy_utsname(int flags, struct task_struct *tsk) | ||
| 72 | { | ||
| 73 | if (flags & CLONE_NEWUTS) | ||
| 74 | return -EINVAL; | ||
| 75 | return 0; | ||
| 76 | } | ||
| 77 | static inline void put_uts_ns(struct uts_namespace *ns) | 66 | static inline void put_uts_ns(struct uts_namespace *ns) |
| 78 | { | 67 | { |
| 79 | } | 68 | } |