userns: add a user namespace owner of ipc ns

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Changelog:
Feb 15: Don't set new ipc->user_ns if we didn't create a new
ipc_ns.
Feb 23: Move extern declaration to ipc_namespace.h, and group
fwd declarations at top.

Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
Acked-by: David Howells <dhowells@redhat.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Serge E. Hallyn and committed by

Linus Torvalds 15 years ago b515498f fc832ad3

+16 -2

4 changed files

expand all

include

linux

ipc_namespace.h

ipc

msgutil.c

namespace.c

kernel

nsproxy.c

include/linux/ipc_namespace.h

··· 15 15 16 16 #define IPCNS_CALLBACK_PRI 0 17 17 18 + struct user_namespace; 18 19 19 20 struct ipc_ids { 20 21 int in_use; ··· 57 56 unsigned int mq_msg_max; /* initialized to DFLT_MSGMAX */ 58 57 unsigned int mq_msgsize_max; /* initialized to DFLT_MSGSIZEMAX */ 59 58 59 + /* user_ns which owns the ipc ns */ 60 + struct user_namespace *user_ns; 60 61 }; 61 62 62 63 extern struct ipc_namespace init_ipc_ns;

ipc/msgutil.c

··· 32 32 .mq_msg_max = DFLT_MSGMAX, 33 33 .mq_msgsize_max = DFLT_MSGSIZEMAX, 34 34 #endif 35 + .user_ns = &init_user_ns, 35 36 }; 36 37 37 38 atomic_t nr_ipc_ns = ATOMIC_INIT(1);

+7 -2

ipc/namespace.c

··· 11 11 #include <linux/slab.h> 12 12 #include <linux/fs.h> 13 13 #include <linux/mount.h> 14 + #include <linux/user_namespace.h> 14 15 15 16 #include "util.h" 16 17 17 - static struct ipc_namespace *create_ipc_ns(void) 18 + static struct ipc_namespace *create_ipc_ns(struct ipc_namespace *old_ns) 18 19 { 19 20 struct ipc_namespace *ns; 20 21 int err; ··· 44 43 ipcns_notify(IPCNS_CREATED); 45 44 register_ipcns_notifier(ns); 46 45 46 + ns->user_ns = old_ns->user_ns; 47 + get_user_ns(ns->user_ns); 48 + 47 49 return ns; 48 50 } 49 51 ··· 54 50 { 55 51 if (!(flags & CLONE_NEWIPC)) 56 52 return get_ipc_ns(ns); 57 - return create_ipc_ns(); 53 + return create_ipc_ns(ns); 58 54 } 59 55 60 56 /* ··· 109 105 * order to have a correct value when recomputing msgmni. 110 106 */ 111 107 ipcns_notify(IPCNS_REMOVED); 108 + put_user_ns(ns->user_ns); 112 109 } 113 110 114 111 /*

kernel/nsproxy.c

··· 80 80 err = PTR_ERR(new_nsp->ipc_ns); 81 81 goto out_ipc; 82 82 } 83 + if (new_nsp->ipc_ns != tsk->nsproxy->ipc_ns) { 84 + put_user_ns(new_nsp->ipc_ns->user_ns); 85 + new_nsp->ipc_ns->user_ns = task_cred_xxx(tsk, user)->user_ns; 86 + get_user_ns(new_nsp->ipc_ns->user_ns); 87 + } 83 88 84 89 new_nsp->pid_ns = copy_pid_ns(flags, task_active_pid_ns(tsk)); 85 90 if (IS_ERR(new_nsp->pid_ns)) {