diff options
| author | Cedric Le Goater <clg@fr.ibm.com> | 2006-12-08 05:37:59 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.osdl.org> | 2006-12-08 11:28:52 -0500 |
| commit | 9a575a92db3312a40cdf0b0406d88de88ad9741e (patch) | |
| tree | 0b789528da13cd31f7fb206f184cfa123cc0ba42 /kernel | |
| parent | 61a58c6c238cc81f7742b8cc84212cc55fb57747 (diff) | |
[PATCH] to nsproxy
Add the pid namespace framework to the nsproxy object. The copy of the pid
namespace only increases the refcount on the global pid namespace,
init_pid_ns, and unshare is not implemented.
There is no configuration option to activate or deactivate this feature
because this not relevant for the moment.
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/nsproxy.c | 26 | ||||
| -rw-r--r-- | kernel/pid.c | 23 |
2 files changed, 42 insertions, 7 deletions
diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c index f223c15c18e9..e2ce748e96af 100644 --- a/kernel/nsproxy.c +++ b/kernel/nsproxy.c | |||
| @@ -19,6 +19,7 @@ | |||
| 19 | #include <linux/init_task.h> | 19 | #include <linux/init_task.h> |
| 20 | #include <linux/mnt_namespace.h> | 20 | #include <linux/mnt_namespace.h> |
| 21 | #include <linux/utsname.h> | 21 | #include <linux/utsname.h> |
| 22 | #include <linux/pid_namespace.h> | ||
| 22 | 23 | ||
| 23 | struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy); | 24 | struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy); |
| 24 | 25 | ||
| @@ -68,6 +69,8 @@ struct nsproxy *dup_namespaces(struct nsproxy *orig) | |||
| 68 | get_uts_ns(ns->uts_ns); | 69 | get_uts_ns(ns->uts_ns); |
| 69 | if (ns->ipc_ns) | 70 | if (ns->ipc_ns) |
| 70 | get_ipc_ns(ns->ipc_ns); | 71 | get_ipc_ns(ns->ipc_ns); |
| 72 | if (ns->pid_ns) | ||
| 73 | get_pid_ns(ns->pid_ns); | ||
| 71 | } | 74 | } |
| 72 | 75 | ||
| 73 | return ns; | 76 | return ns; |
| @@ -111,10 +114,17 @@ int copy_namespaces(int flags, struct task_struct *tsk) | |||
| 111 | if (err) | 114 | if (err) |
| 112 | goto out_ipc; | 115 | goto out_ipc; |
| 113 | 116 | ||
| 117 | err = copy_pid_ns(flags, tsk); | ||
| 118 | if (err) | ||
| 119 | goto out_pid; | ||
| 120 | |||
| 114 | out: | 121 | out: |
| 115 | put_nsproxy(old_ns); | 122 | put_nsproxy(old_ns); |
| 116 | return err; | 123 | return err; |
| 117 | 124 | ||
| 125 | out_pid: | ||
| 126 | if (new_ns->ipc_ns) | ||
| 127 | put_ipc_ns(new_ns->ipc_ns); | ||
| 118 | out_ipc: | 128 | out_ipc: |
| 119 | if (new_ns->uts_ns) | 129 | if (new_ns->uts_ns) |
| 120 | put_uts_ns(new_ns->uts_ns); | 130 | put_uts_ns(new_ns->uts_ns); |
| @@ -129,11 +139,13 @@ out_ns: | |||
| 129 | 139 | ||
| 130 | void free_nsproxy(struct nsproxy *ns) | 140 | void free_nsproxy(struct nsproxy *ns) |
| 131 | { | 141 | { |
| 132 | if (ns->mnt_ns) | 142 | if (ns->mnt_ns) |
| 133 | put_mnt_ns(ns->mnt_ns); | 143 | put_mnt_ns(ns->mnt_ns); |
| 134 | if (ns->uts_ns) | 144 | if (ns->uts_ns) |
| 135 | put_uts_ns(ns->uts_ns); | 145 | put_uts_ns(ns->uts_ns); |
| 136 | if (ns->ipc_ns) | 146 | if (ns->ipc_ns) |
| 137 | put_ipc_ns(ns->ipc_ns); | 147 | put_ipc_ns(ns->ipc_ns); |
| 138 | kfree(ns); | 148 | if (ns->pid_ns) |
| 149 | put_pid_ns(ns->pid_ns); | ||
| 150 | kfree(ns); | ||
| 139 | } | 151 | } |
diff --git a/kernel/pid.c b/kernel/pid.c index 25807e1b98dd..5319b9f2fc5e 100644 --- a/kernel/pid.c +++ b/kernel/pid.c | |||
| @@ -59,6 +59,9 @@ static inline int mk_pid(struct pid_namespace *pid_ns, | |||
| 59 | * the scheme scales to up to 4 million PIDs, runtime. | 59 | * the scheme scales to up to 4 million PIDs, runtime. |
| 60 | */ | 60 | */ |
| 61 | struct pid_namespace init_pid_ns = { | 61 | struct pid_namespace init_pid_ns = { |
| 62 | .kref = { | ||
| 63 | .refcount = ATOMIC_INIT(2), | ||
| 64 | }, | ||
| 62 | .pidmap = { | 65 | .pidmap = { |
| 63 | [ 0 ... PIDMAP_ENTRIES-1] = { ATOMIC_INIT(BITS_PER_PAGE), NULL } | 66 | [ 0 ... PIDMAP_ENTRIES-1] = { ATOMIC_INIT(BITS_PER_PAGE), NULL } |
| 64 | }, | 67 | }, |
| @@ -356,6 +359,26 @@ struct pid *find_ge_pid(int nr) | |||
| 356 | } | 359 | } |
| 357 | EXPORT_SYMBOL_GPL(find_get_pid); | 360 | EXPORT_SYMBOL_GPL(find_get_pid); |
| 358 | 361 | ||
| 362 | int copy_pid_ns(int flags, struct task_struct *tsk) | ||
| 363 | { | ||
| 364 | struct pid_namespace *old_ns = tsk->nsproxy->pid_ns; | ||
| 365 | int err = 0; | ||
| 366 | |||
| 367 | if (!old_ns) | ||
| 368 | return 0; | ||
| 369 | |||
| 370 | get_pid_ns(old_ns); | ||
| 371 | return err; | ||
| 372 | } | ||
| 373 | |||
| 374 | void free_pid_ns(struct kref *kref) | ||
| 375 | { | ||
| 376 | struct pid_namespace *ns; | ||
| 377 | |||
| 378 | ns = container_of(kref, struct pid_namespace, kref); | ||
| 379 | kfree(ns); | ||
| 380 | } | ||
| 381 | |||
| 359 | /* | 382 | /* |
| 360 | * The pid hash table is scaled according to the amount of memory in the | 383 | * The pid hash table is scaled according to the amount of memory in the |
| 361 | * machine. From a minimum of 16 slots up to 4096 slots at one gigabyte or | 384 | * machine. From a minimum of 16 slots up to 4096 slots at one gigabyte or |