diff options
| author | Kirill Korotaev <dev@openvz.org> | 2006-10-02 05:18:21 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-10-02 10:57:22 -0400 |
| commit | 1e78693738b71da037d0df340f38e919e8227c2b (patch) | |
| tree | 7ae30f6e2ea99d56fb88cb9adace7a09d42832c5 /ipc | |
| parent | 73ea41302bab5e02c9e86ab15c509494a550f1db (diff) | |
[PATCH] IPC namespace - msg
IPC namespace support for IPC msg code.
Signed-off-by: Pavel Emelianiov <xemul@openvz.org>
Signed-off-by: Kirill Korotaev <dev@openvz.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'ipc')
| -rw-r--r-- | ipc/msg.c | 157 |
1 files changed, 106 insertions, 51 deletions
| @@ -16,6 +16,10 @@ | |||
| 16 | * | 16 | * |
| 17 | * support for audit of ipc object properties and permission changes | 17 | * support for audit of ipc object properties and permission changes |
| 18 | * Dustin Kirkland <dustin.kirkland@us.ibm.com> | 18 | * Dustin Kirkland <dustin.kirkland@us.ibm.com> |
| 19 | * | ||
| 20 | * namespaces support | ||
| 21 | * OpenVZ, SWsoft Inc. | ||
| 22 | * Pavel Emelianov <xemul@openvz.org> | ||
| 19 | */ | 23 | */ |
| 20 | 24 | ||
| 21 | #include <linux/capability.h> | 25 | #include <linux/capability.h> |
| @@ -31,16 +35,12 @@ | |||
| 31 | #include <linux/audit.h> | 35 | #include <linux/audit.h> |
| 32 | #include <linux/seq_file.h> | 36 | #include <linux/seq_file.h> |
| 33 | #include <linux/mutex.h> | 37 | #include <linux/mutex.h> |
| 38 | #include <linux/nsproxy.h> | ||
| 34 | 39 | ||
| 35 | #include <asm/current.h> | 40 | #include <asm/current.h> |
| 36 | #include <asm/uaccess.h> | 41 | #include <asm/uaccess.h> |
| 37 | #include "util.h" | 42 | #include "util.h" |
| 38 | 43 | ||
| 39 | /* sysctl: */ | ||
| 40 | int msg_ctlmax = MSGMAX; | ||
| 41 | int msg_ctlmnb = MSGMNB; | ||
| 42 | int msg_ctlmni = MSGMNI; | ||
| 43 | |||
| 44 | /* | 44 | /* |
| 45 | * one msg_receiver structure for each sleeping receiver: | 45 | * one msg_receiver structure for each sleeping receiver: |
| 46 | */ | 46 | */ |
| @@ -69,30 +69,75 @@ struct msg_sender { | |||
| 69 | static atomic_t msg_bytes = ATOMIC_INIT(0); | 69 | static atomic_t msg_bytes = ATOMIC_INIT(0); |
| 70 | static atomic_t msg_hdrs = ATOMIC_INIT(0); | 70 | static atomic_t msg_hdrs = ATOMIC_INIT(0); |
| 71 | 71 | ||
| 72 | static struct ipc_ids msg_ids; | 72 | static struct ipc_ids init_msg_ids; |
| 73 | 73 | ||
| 74 | #define msg_lock(id) ((struct msg_queue *)ipc_lock(&msg_ids, id)) | 74 | #define msg_ids(ns) (*((ns)->ids[IPC_MSG_IDS])) |
| 75 | #define msg_unlock(msq) ipc_unlock(&(msq)->q_perm) | ||
| 76 | #define msg_rmid(id) ((struct msg_queue *)ipc_rmid(&msg_ids, id)) | ||
| 77 | #define msg_checkid(msq, msgid) ipc_checkid(&msg_ids, &msq->q_perm, msgid) | ||
| 78 | #define msg_buildid(id, seq) ipc_buildid(&msg_ids, id, seq) | ||
| 79 | 75 | ||
| 80 | static void freeque(struct msg_queue *msq, int id); | 76 | #define msg_lock(ns, id) ((struct msg_queue*)ipc_lock(&msg_ids(ns), id)) |
| 81 | static int newque(key_t key, int msgflg); | 77 | #define msg_unlock(msq) ipc_unlock(&(msq)->q_perm) |
| 78 | #define msg_rmid(ns, id) ((struct msg_queue*)ipc_rmid(&msg_ids(ns), id)) | ||
| 79 | #define msg_checkid(ns, msq, msgid) \ | ||
| 80 | ipc_checkid(&msg_ids(ns), &msq->q_perm, msgid) | ||
| 81 | #define msg_buildid(ns, id, seq) \ | ||
| 82 | ipc_buildid(&msg_ids(ns), id, seq) | ||
| 83 | |||
| 84 | static void freeque (struct ipc_namespace *ns, struct msg_queue *msq, int id); | ||
| 85 | static int newque (struct ipc_namespace *ns, key_t key, int msgflg); | ||
| 82 | #ifdef CONFIG_PROC_FS | 86 | #ifdef CONFIG_PROC_FS |
| 83 | static int sysvipc_msg_proc_show(struct seq_file *s, void *it); | 87 | static int sysvipc_msg_proc_show(struct seq_file *s, void *it); |
| 84 | #endif | 88 | #endif |
| 85 | 89 | ||
| 90 | static void __ipc_init __msg_init_ns(struct ipc_namespace *ns, struct ipc_ids *ids) | ||
| 91 | { | ||
| 92 | ns->ids[IPC_MSG_IDS] = ids; | ||
| 93 | ns->msg_ctlmax = MSGMAX; | ||
| 94 | ns->msg_ctlmnb = MSGMNB; | ||
| 95 | ns->msg_ctlmni = MSGMNI; | ||
| 96 | ipc_init_ids(ids, ns->msg_ctlmni); | ||
| 97 | } | ||
| 98 | |||
| 99 | #ifdef CONFIG_IPC_NS | ||
| 100 | int msg_init_ns(struct ipc_namespace *ns) | ||
| 101 | { | ||
| 102 | struct ipc_ids *ids; | ||
| 103 | |||
| 104 | ids = kmalloc(sizeof(struct ipc_ids), GFP_KERNEL); | ||
| 105 | if (ids == NULL) | ||
| 106 | return -ENOMEM; | ||
| 107 | |||
| 108 | __msg_init_ns(ns, ids); | ||
| 109 | return 0; | ||
| 110 | } | ||
| 111 | |||
| 112 | void msg_exit_ns(struct ipc_namespace *ns) | ||
| 113 | { | ||
| 114 | int i; | ||
| 115 | struct msg_queue *msq; | ||
| 116 | |||
| 117 | mutex_lock(&msg_ids(ns).mutex); | ||
| 118 | for (i = 0; i <= msg_ids(ns).max_id; i++) { | ||
| 119 | msq = msg_lock(ns, i); | ||
| 120 | if (msq == NULL) | ||
| 121 | continue; | ||
| 122 | |||
| 123 | freeque(ns, msq, i); | ||
| 124 | } | ||
| 125 | mutex_unlock(&msg_ids(ns).mutex); | ||
| 126 | |||
| 127 | kfree(ns->ids[IPC_MSG_IDS]); | ||
| 128 | ns->ids[IPC_MSG_IDS] = NULL; | ||
| 129 | } | ||
| 130 | #endif | ||
| 131 | |||
| 86 | void __init msg_init(void) | 132 | void __init msg_init(void) |
| 87 | { | 133 | { |
| 88 | ipc_init_ids(&msg_ids, msg_ctlmni); | 134 | __msg_init_ns(&init_ipc_ns, &init_msg_ids); |
| 89 | ipc_init_proc_interface("sysvipc/msg", | 135 | ipc_init_proc_interface("sysvipc/msg", |
| 90 | " key msqid perms cbytes qnum lspid lrpid uid gid cuid cgid stime rtime ctime\n", | 136 | " key msqid perms cbytes qnum lspid lrpid uid gid cuid cgid stime rtime ctime\n", |
| 91 | &msg_ids, | 137 | IPC_MSG_IDS, sysvipc_msg_proc_show); |
| 92 | sysvipc_msg_proc_show); | ||
| 93 | } | 138 | } |
| 94 | 139 | ||
| 95 | static int newque(key_t key, int msgflg) | 140 | static int newque (struct ipc_namespace *ns, key_t key, int msgflg) |
| 96 | { | 141 | { |
| 97 | struct msg_queue *msq; | 142 | struct msg_queue *msq; |
| 98 | int id, retval; | 143 | int id, retval; |
| @@ -111,18 +156,18 @@ static int newque(key_t key, int msgflg) | |||
| 111 | return retval; | 156 | return retval; |
| 112 | } | 157 | } |
| 113 | 158 | ||
| 114 | id = ipc_addid(&msg_ids, &msq->q_perm, msg_ctlmni); | 159 | id = ipc_addid(&msg_ids(ns), &msq->q_perm, ns->msg_ctlmni); |
| 115 | if (id == -1) { | 160 | if (id == -1) { |
| 116 | security_msg_queue_free(msq); | 161 | security_msg_queue_free(msq); |
| 117 | ipc_rcu_putref(msq); | 162 | ipc_rcu_putref(msq); |
| 118 | return -ENOSPC; | 163 | return -ENOSPC; |
| 119 | } | 164 | } |
| 120 | 165 | ||
| 121 | msq->q_id = msg_buildid(id, msq->q_perm.seq); | 166 | msq->q_id = msg_buildid(ns, id, msq->q_perm.seq); |
| 122 | msq->q_stime = msq->q_rtime = 0; | 167 | msq->q_stime = msq->q_rtime = 0; |
| 123 | msq->q_ctime = get_seconds(); | 168 | msq->q_ctime = get_seconds(); |
| 124 | msq->q_cbytes = msq->q_qnum = 0; | 169 | msq->q_cbytes = msq->q_qnum = 0; |
| 125 | msq->q_qbytes = msg_ctlmnb; | 170 | msq->q_qbytes = ns->msg_ctlmnb; |
| 126 | msq->q_lspid = msq->q_lrpid = 0; | 171 | msq->q_lspid = msq->q_lrpid = 0; |
| 127 | INIT_LIST_HEAD(&msq->q_messages); | 172 | INIT_LIST_HEAD(&msq->q_messages); |
| 128 | INIT_LIST_HEAD(&msq->q_receivers); | 173 | INIT_LIST_HEAD(&msq->q_receivers); |
| @@ -186,13 +231,13 @@ static void expunge_all(struct msg_queue *msq, int res) | |||
| 186 | * msg_ids.mutex and the spinlock for this message queue is hold | 231 | * msg_ids.mutex and the spinlock for this message queue is hold |
| 187 | * before freeque() is called. msg_ids.mutex remains locked on exit. | 232 | * before freeque() is called. msg_ids.mutex remains locked on exit. |
| 188 | */ | 233 | */ |
| 189 | static void freeque(struct msg_queue *msq, int id) | 234 | static void freeque(struct ipc_namespace *ns, struct msg_queue *msq, int id) |
| 190 | { | 235 | { |
| 191 | struct list_head *tmp; | 236 | struct list_head *tmp; |
| 192 | 237 | ||
| 193 | expunge_all(msq, -EIDRM); | 238 | expunge_all(msq, -EIDRM); |
| 194 | ss_wakeup(&msq->q_senders, 1); | 239 | ss_wakeup(&msq->q_senders, 1); |
| 195 | msq = msg_rmid(id); | 240 | msq = msg_rmid(ns, id); |
| 196 | msg_unlock(msq); | 241 | msg_unlock(msq); |
| 197 | 242 | ||
| 198 | tmp = msq->q_messages.next; | 243 | tmp = msq->q_messages.next; |
| @@ -212,24 +257,27 @@ asmlinkage long sys_msgget(key_t key, int msgflg) | |||
| 212 | { | 257 | { |
| 213 | struct msg_queue *msq; | 258 | struct msg_queue *msq; |
| 214 | int id, ret = -EPERM; | 259 | int id, ret = -EPERM; |
| 260 | struct ipc_namespace *ns; | ||
| 261 | |||
| 262 | ns = current->nsproxy->ipc_ns; | ||
| 215 | 263 | ||
| 216 | mutex_lock(&msg_ids.mutex); | 264 | mutex_lock(&msg_ids(ns).mutex); |
| 217 | if (key == IPC_PRIVATE) | 265 | if (key == IPC_PRIVATE) |
| 218 | ret = newque(key, msgflg); | 266 | ret = newque(ns, key, msgflg); |
| 219 | else if ((id = ipc_findkey(&msg_ids, key)) == -1) { /* key not used */ | 267 | else if ((id = ipc_findkey(&msg_ids(ns), key)) == -1) { /* key not used */ |
| 220 | if (!(msgflg & IPC_CREAT)) | 268 | if (!(msgflg & IPC_CREAT)) |
| 221 | ret = -ENOENT; | 269 | ret = -ENOENT; |
| 222 | else | 270 | else |
| 223 | ret = newque(key, msgflg); | 271 | ret = newque(ns, key, msgflg); |
| 224 | } else if (msgflg & IPC_CREAT && msgflg & IPC_EXCL) { | 272 | } else if (msgflg & IPC_CREAT && msgflg & IPC_EXCL) { |
| 225 | ret = -EEXIST; | 273 | ret = -EEXIST; |
| 226 | } else { | 274 | } else { |
| 227 | msq = msg_lock(id); | 275 | msq = msg_lock(ns, id); |
| 228 | BUG_ON(msq == NULL); | 276 | BUG_ON(msq == NULL); |
| 229 | if (ipcperms(&msq->q_perm, msgflg)) | 277 | if (ipcperms(&msq->q_perm, msgflg)) |
| 230 | ret = -EACCES; | 278 | ret = -EACCES; |
| 231 | else { | 279 | else { |
| 232 | int qid = msg_buildid(id, msq->q_perm.seq); | 280 | int qid = msg_buildid(ns, id, msq->q_perm.seq); |
| 233 | 281 | ||
| 234 | ret = security_msg_queue_associate(msq, msgflg); | 282 | ret = security_msg_queue_associate(msq, msgflg); |
| 235 | if (!ret) | 283 | if (!ret) |
| @@ -237,7 +285,7 @@ asmlinkage long sys_msgget(key_t key, int msgflg) | |||
| 237 | } | 285 | } |
| 238 | msg_unlock(msq); | 286 | msg_unlock(msq); |
| 239 | } | 287 | } |
| 240 | mutex_unlock(&msg_ids.mutex); | 288 | mutex_unlock(&msg_ids(ns).mutex); |
| 241 | 289 | ||
| 242 | return ret; | 290 | return ret; |
| 243 | } | 291 | } |
| @@ -341,11 +389,13 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 341 | struct msq_setbuf setbuf; | 389 | struct msq_setbuf setbuf; |
| 342 | struct msg_queue *msq; | 390 | struct msg_queue *msq; |
| 343 | int err, version; | 391 | int err, version; |
| 392 | struct ipc_namespace *ns; | ||
| 344 | 393 | ||
| 345 | if (msqid < 0 || cmd < 0) | 394 | if (msqid < 0 || cmd < 0) |
| 346 | return -EINVAL; | 395 | return -EINVAL; |
| 347 | 396 | ||
| 348 | version = ipc_parse_version(&cmd); | 397 | version = ipc_parse_version(&cmd); |
| 398 | ns = current->nsproxy->ipc_ns; | ||
| 349 | 399 | ||
| 350 | switch (cmd) { | 400 | switch (cmd) { |
| 351 | case IPC_INFO: | 401 | case IPC_INFO: |
| @@ -366,14 +416,14 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 366 | return err; | 416 | return err; |
| 367 | 417 | ||
| 368 | memset(&msginfo, 0, sizeof(msginfo)); | 418 | memset(&msginfo, 0, sizeof(msginfo)); |
| 369 | msginfo.msgmni = msg_ctlmni; | 419 | msginfo.msgmni = ns->msg_ctlmni; |
| 370 | msginfo.msgmax = msg_ctlmax; | 420 | msginfo.msgmax = ns->msg_ctlmax; |
| 371 | msginfo.msgmnb = msg_ctlmnb; | 421 | msginfo.msgmnb = ns->msg_ctlmnb; |
| 372 | msginfo.msgssz = MSGSSZ; | 422 | msginfo.msgssz = MSGSSZ; |
| 373 | msginfo.msgseg = MSGSEG; | 423 | msginfo.msgseg = MSGSEG; |
| 374 | mutex_lock(&msg_ids.mutex); | 424 | mutex_lock(&msg_ids(ns).mutex); |
| 375 | if (cmd == MSG_INFO) { | 425 | if (cmd == MSG_INFO) { |
| 376 | msginfo.msgpool = msg_ids.in_use; | 426 | msginfo.msgpool = msg_ids(ns).in_use; |
| 377 | msginfo.msgmap = atomic_read(&msg_hdrs); | 427 | msginfo.msgmap = atomic_read(&msg_hdrs); |
| 378 | msginfo.msgtql = atomic_read(&msg_bytes); | 428 | msginfo.msgtql = atomic_read(&msg_bytes); |
| 379 | } else { | 429 | } else { |
| @@ -381,8 +431,8 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 381 | msginfo.msgpool = MSGPOOL; | 431 | msginfo.msgpool = MSGPOOL; |
| 382 | msginfo.msgtql = MSGTQL; | 432 | msginfo.msgtql = MSGTQL; |
| 383 | } | 433 | } |
| 384 | max_id = msg_ids.max_id; | 434 | max_id = msg_ids(ns).max_id; |
| 385 | mutex_unlock(&msg_ids.mutex); | 435 | mutex_unlock(&msg_ids(ns).mutex); |
| 386 | if (copy_to_user(buf, &msginfo, sizeof(struct msginfo))) | 436 | if (copy_to_user(buf, &msginfo, sizeof(struct msginfo))) |
| 387 | return -EFAULT; | 437 | return -EFAULT; |
| 388 | return (max_id < 0) ? 0 : max_id; | 438 | return (max_id < 0) ? 0 : max_id; |
| @@ -395,20 +445,20 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 395 | 445 | ||
| 396 | if (!buf) | 446 | if (!buf) |
| 397 | return -EFAULT; | 447 | return -EFAULT; |
| 398 | if (cmd == MSG_STAT && msqid >= msg_ids.entries->size) | 448 | if (cmd == MSG_STAT && msqid >= msg_ids(ns).entries->size) |
| 399 | return -EINVAL; | 449 | return -EINVAL; |
| 400 | 450 | ||
| 401 | memset(&tbuf, 0, sizeof(tbuf)); | 451 | memset(&tbuf, 0, sizeof(tbuf)); |
| 402 | 452 | ||
| 403 | msq = msg_lock(msqid); | 453 | msq = msg_lock(ns, msqid); |
| 404 | if (msq == NULL) | 454 | if (msq == NULL) |
| 405 | return -EINVAL; | 455 | return -EINVAL; |
| 406 | 456 | ||
| 407 | if (cmd == MSG_STAT) { | 457 | if (cmd == MSG_STAT) { |
| 408 | success_return = msg_buildid(msqid, msq->q_perm.seq); | 458 | success_return = msg_buildid(ns, msqid, msq->q_perm.seq); |
| 409 | } else { | 459 | } else { |
| 410 | err = -EIDRM; | 460 | err = -EIDRM; |
| 411 | if (msg_checkid(msq, msqid)) | 461 | if (msg_checkid(ns, msq, msqid)) |
| 412 | goto out_unlock; | 462 | goto out_unlock; |
| 413 | success_return = 0; | 463 | success_return = 0; |
| 414 | } | 464 | } |
| @@ -446,14 +496,14 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 446 | return -EINVAL; | 496 | return -EINVAL; |
| 447 | } | 497 | } |
| 448 | 498 | ||
| 449 | mutex_lock(&msg_ids.mutex); | 499 | mutex_lock(&msg_ids(ns).mutex); |
| 450 | msq = msg_lock(msqid); | 500 | msq = msg_lock(ns, msqid); |
| 451 | err = -EINVAL; | 501 | err = -EINVAL; |
| 452 | if (msq == NULL) | 502 | if (msq == NULL) |
| 453 | goto out_up; | 503 | goto out_up; |
| 454 | 504 | ||
| 455 | err = -EIDRM; | 505 | err = -EIDRM; |
| 456 | if (msg_checkid(msq, msqid)) | 506 | if (msg_checkid(ns, msq, msqid)) |
| 457 | goto out_unlock_up; | 507 | goto out_unlock_up; |
| 458 | ipcp = &msq->q_perm; | 508 | ipcp = &msq->q_perm; |
| 459 | 509 | ||
| @@ -481,7 +531,7 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 481 | case IPC_SET: | 531 | case IPC_SET: |
| 482 | { | 532 | { |
| 483 | err = -EPERM; | 533 | err = -EPERM; |
| 484 | if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE)) | 534 | if (setbuf.qbytes > ns->msg_ctlmnb && !capable(CAP_SYS_RESOURCE)) |
| 485 | goto out_unlock_up; | 535 | goto out_unlock_up; |
| 486 | 536 | ||
| 487 | msq->q_qbytes = setbuf.qbytes; | 537 | msq->q_qbytes = setbuf.qbytes; |
| @@ -503,12 +553,12 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf) | |||
| 503 | break; | 553 | break; |
| 504 | } | 554 | } |
| 505 | case IPC_RMID: | 555 | case IPC_RMID: |
| 506 | freeque(msq, msqid); | 556 | freeque(ns, msq, msqid); |
| 507 | break; | 557 | break; |
| 508 | } | 558 | } |
| 509 | err = 0; | 559 | err = 0; |
| 510 | out_up: | 560 | out_up: |
| 511 | mutex_unlock(&msg_ids.mutex); | 561 | mutex_unlock(&msg_ids(ns).mutex); |
| 512 | return err; | 562 | return err; |
| 513 | out_unlock_up: | 563 | out_unlock_up: |
| 514 | msg_unlock(msq); | 564 | msg_unlock(msq); |
| @@ -582,8 +632,11 @@ sys_msgsnd(int msqid, struct msgbuf __user *msgp, size_t msgsz, int msgflg) | |||
| 582 | struct msg_msg *msg; | 632 | struct msg_msg *msg; |
| 583 | long mtype; | 633 | long mtype; |
| 584 | int err; | 634 | int err; |
| 635 | struct ipc_namespace *ns; | ||
| 636 | |||
| 637 | ns = current->nsproxy->ipc_ns; | ||
| 585 | 638 | ||
| 586 | if (msgsz > msg_ctlmax || (long) msgsz < 0 || msqid < 0) | 639 | if (msgsz > ns->msg_ctlmax || (long) msgsz < 0 || msqid < 0) |
| 587 | return -EINVAL; | 640 | return -EINVAL; |
| 588 | if (get_user(mtype, &msgp->mtype)) | 641 | if (get_user(mtype, &msgp->mtype)) |
| 589 | return -EFAULT; | 642 | return -EFAULT; |
| @@ -597,13 +650,13 @@ sys_msgsnd(int msqid, struct msgbuf __user *msgp, size_t msgsz, int msgflg) | |||
| 597 | msg->m_type = mtype; | 650 | msg->m_type = mtype; |
| 598 | msg->m_ts = msgsz; | 651 | msg->m_ts = msgsz; |
| 599 | 652 | ||
| 600 | msq = msg_lock(msqid); | 653 | msq = msg_lock(ns, msqid); |
| 601 | err = -EINVAL; | 654 | err = -EINVAL; |
| 602 | if (msq == NULL) | 655 | if (msq == NULL) |
| 603 | goto out_free; | 656 | goto out_free; |
| 604 | 657 | ||
| 605 | err= -EIDRM; | 658 | err= -EIDRM; |
| 606 | if (msg_checkid(msq, msqid)) | 659 | if (msg_checkid(ns, msq, msqid)) |
| 607 | goto out_unlock_free; | 660 | goto out_unlock_free; |
| 608 | 661 | ||
| 609 | for (;;) { | 662 | for (;;) { |
| @@ -694,17 +747,19 @@ asmlinkage long sys_msgrcv(int msqid, struct msgbuf __user *msgp, size_t msgsz, | |||
| 694 | struct msg_queue *msq; | 747 | struct msg_queue *msq; |
| 695 | struct msg_msg *msg; | 748 | struct msg_msg *msg; |
| 696 | int mode; | 749 | int mode; |
| 750 | struct ipc_namespace *ns; | ||
| 697 | 751 | ||
| 698 | if (msqid < 0 || (long) msgsz < 0) | 752 | if (msqid < 0 || (long) msgsz < 0) |
| 699 | return -EINVAL; | 753 | return -EINVAL; |
| 700 | mode = convert_mode(&msgtyp, msgflg); | 754 | mode = convert_mode(&msgtyp, msgflg); |
| 755 | ns = current->nsproxy->ipc_ns; | ||
| 701 | 756 | ||
| 702 | msq = msg_lock(msqid); | 757 | msq = msg_lock(ns, msqid); |
| 703 | if (msq == NULL) | 758 | if (msq == NULL) |
| 704 | return -EINVAL; | 759 | return -EINVAL; |
| 705 | 760 | ||
| 706 | msg = ERR_PTR(-EIDRM); | 761 | msg = ERR_PTR(-EIDRM); |
| 707 | if (msg_checkid(msq, msqid)) | 762 | if (msg_checkid(ns, msq, msqid)) |
| 708 | goto out_unlock; | 763 | goto out_unlock; |
| 709 | 764 | ||
| 710 | for (;;) { | 765 | for (;;) { |