aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--init/Kconfig17
-rw-r--r--kernel/Makefile5
-rw-r--r--kernel/user.c10
-rw-r--r--kernel/user_namespace.c13
4 files changed, 21 insertions, 24 deletions
diff --git a/init/Kconfig b/init/Kconfig
index 47879a874966..2a6499d6f283 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -214,15 +214,6 @@ config TASK_IO_ACCOUNTING
214 214
215 Say N if unsure. 215 Say N if unsure.
216 216
217config USER_NS
218 bool "User Namespaces (EXPERIMENTAL)"
219 default n
220 depends on EXPERIMENTAL
221 help
222 Support user namespaces. This allows containers, i.e.
223 vservers, to use user namespaces to provide different
224 user info for different servers. If unsure, say N.
225
226config PID_NS 217config PID_NS
227 bool "PID Namespaces (EXPERIMENTAL)" 218 bool "PID Namespaces (EXPERIMENTAL)"
228 default n 219 default n
@@ -443,6 +434,14 @@ config IPC_NS
443 In this namespace tasks work with IPC ids which correspond to 434 In this namespace tasks work with IPC ids which correspond to
444 different IPC objects in different namespaces 435 different IPC objects in different namespaces
445 436
437config USER_NS
438 bool "User namespace (EXPERIMENTAL)"
439 depends on NAMESPACES && EXPERIMENTAL
440 help
441 This allows containers, i.e. vservers, to use user namespaces
442 to provide different user info for different servers.
443 If unsure, say N.
444
446config BLK_DEV_INITRD 445config BLK_DEV_INITRD
447 bool "Initial RAM filesystem and RAM disk (initramfs/initrd) support" 446 bool "Initial RAM filesystem and RAM disk (initramfs/initrd) support"
448 depends on BROKEN || !FRV 447 depends on BROKEN || !FRV
diff --git a/kernel/Makefile b/kernel/Makefile
index 0f15bd409367..30a957a35c91 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -4,7 +4,7 @@
4 4
5obj-y = sched.o fork.o exec_domain.o panic.o printk.o profile.o \ 5obj-y = sched.o fork.o exec_domain.o panic.o printk.o profile.o \
6 exit.o itimer.o time.o softirq.o resource.o \ 6 exit.o itimer.o time.o softirq.o resource.o \
7 sysctl.o capability.o ptrace.o timer.o user.o user_namespace.o \ 7 sysctl.o capability.o ptrace.o timer.o user.o \
8 signal.o sys.o kmod.o workqueue.o pid.o \ 8 signal.o sys.o kmod.o workqueue.o pid.o \
9 rcupdate.o extable.o params.o posix-timers.o \ 9 rcupdate.o extable.o params.o posix-timers.o \
10 kthread.o wait.o kfifo.o sys_ni.o posix-cpu-timers.o mutex.o \ 10 kthread.o wait.o kfifo.o sys_ni.o posix-cpu-timers.o mutex.o \
@@ -33,7 +33,6 @@ obj-$(CONFIG_PROVE_LOCKING) += spinlock.o
33obj-$(CONFIG_UID16) += uid16.o 33obj-$(CONFIG_UID16) += uid16.o
34obj-$(CONFIG_MODULES) += module.o 34obj-$(CONFIG_MODULES) += module.o
35obj-$(CONFIG_KALLSYMS) += kallsyms.o 35obj-$(CONFIG_KALLSYMS) += kallsyms.o
36obj-$(CONFIG_UTS_NS) += utsname.o
37obj-$(CONFIG_PM) += power/ 36obj-$(CONFIG_PM) += power/
38obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o 37obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o
39obj-$(CONFIG_KEXEC) += kexec.o 38obj-$(CONFIG_KEXEC) += kexec.o
@@ -43,6 +42,8 @@ obj-$(CONFIG_CGROUPS) += cgroup.o
43obj-$(CONFIG_CGROUP_DEBUG) += cgroup_debug.o 42obj-$(CONFIG_CGROUP_DEBUG) += cgroup_debug.o
44obj-$(CONFIG_CPUSETS) += cpuset.o 43obj-$(CONFIG_CPUSETS) += cpuset.o
45obj-$(CONFIG_CGROUP_NS) += ns_cgroup.o 44obj-$(CONFIG_CGROUP_NS) += ns_cgroup.o
45obj-$(CONFIG_UTS_NS) += utsname.o
46obj-$(CONFIG_USER_NS) += user_namespace.o
46obj-$(CONFIG_IKCONFIG) += configs.o 47obj-$(CONFIG_IKCONFIG) += configs.o
47obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o 48obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o
48obj-$(CONFIG_STOP_MACHINE) += stop_machine.o 49obj-$(CONFIG_STOP_MACHINE) += stop_machine.o
diff --git a/kernel/user.c b/kernel/user.c
index bc1c48d35cb3..7d7900c5a1fd 100644
--- a/kernel/user.c
+++ b/kernel/user.c
@@ -17,6 +17,14 @@
17#include <linux/module.h> 17#include <linux/module.h>
18#include <linux/user_namespace.h> 18#include <linux/user_namespace.h>
19 19
20struct user_namespace init_user_ns = {
21 .kref = {
22 .refcount = ATOMIC_INIT(2),
23 },
24 .root_user = &root_user,
25};
26EXPORT_SYMBOL_GPL(init_user_ns);
27
20/* 28/*
21 * UID task count cache, to get fast user lookup in "alloc_uid" 29 * UID task count cache, to get fast user lookup in "alloc_uid"
22 * when changing user ID's (ie setuid() and friends). 30 * when changing user ID's (ie setuid() and friends).
@@ -427,6 +435,7 @@ void switch_uid(struct user_struct *new_user)
427 suid_keys(current); 435 suid_keys(current);
428} 436}
429 437
438#ifdef CONFIG_USER_NS
430void release_uids(struct user_namespace *ns) 439void release_uids(struct user_namespace *ns)
431{ 440{
432 int i; 441 int i;
@@ -451,6 +460,7 @@ void release_uids(struct user_namespace *ns)
451 460
452 free_uid(ns->root_user); 461 free_uid(ns->root_user);
453} 462}
463#endif
454 464
455static int __init uid_cache_init(void) 465static int __init uid_cache_init(void)
456{ 466{
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
index 7af90fc4f0fd..4c9006275df7 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
@@ -10,17 +10,6 @@
10#include <linux/nsproxy.h> 10#include <linux/nsproxy.h>
11#include <linux/user_namespace.h> 11#include <linux/user_namespace.h>
12 12
13struct user_namespace init_user_ns = {
14 .kref = {
15 .refcount = ATOMIC_INIT(2),
16 },
17 .root_user = &root_user,
18};
19
20EXPORT_SYMBOL_GPL(init_user_ns);
21
22#ifdef CONFIG_USER_NS
23
24/* 13/*
25 * Clone a new ns copying an original user ns, setting refcount to 1 14 * Clone a new ns copying an original user ns, setting refcount to 1
26 * @old_ns: namespace to clone 15 * @old_ns: namespace to clone
@@ -84,5 +73,3 @@ void free_user_ns(struct kref *kref)
84 release_uids(ns); 73 release_uids(ns);
85 kfree(ns); 74 kfree(ns);
86} 75}
87
88#endif /* CONFIG_USER_NS */
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-04 05:30:41 -0400