[PATCH] namespaces: add nsproxy
This patch adds a nsproxy structure to the task struct. Later patches will move the fs namespace pointer into this structure, and introduce a new utsname namespace into the nsproxy. The vserver and openvz functionality, then, would be implemented in large part by virtualizing/isolating more and more resources into namespaces, each contained in the nsproxy. [akpm@osdl.org: build fix] Signed-off-by: Serge Hallyn <serue@us.ibm.com> Cc: Kirill Korotaev <dev@openvz.org> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Herbert Poetzl <herbert@13thfloor.at> Cc: Andrey Savochkin <saw@sw.ru> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
b1ba4ddde0
commit
ab516013ad
@ -5,6 +5,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
|
|
||||||
|
|
||||||
@ -13,6 +14,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
struct task_struct init_task = INIT_TASK(init_task);
|
struct task_struct init_task = INIT_TASK(init_task);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
@ -8,6 +8,7 @@
|
|||||||
#include <linux/init.h>
|
#include <linux/init.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -17,6 +18,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -11,6 +11,7 @@
|
|||||||
#include <linux/init.h>
|
#include <linux/init.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -20,6 +21,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -15,6 +16,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -8,6 +8,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -17,6 +18,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -15,6 +16,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -12,6 +12,7 @@
|
|||||||
#include <linux/sched.h>
|
#include <linux/sched.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -21,6 +22,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -7,6 +7,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -16,6 +17,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -8,6 +8,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -17,6 +18,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -4,6 +4,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/thread_info.h>
|
#include <asm/thread_info.h>
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
@ -14,6 +15,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -28,6 +28,7 @@
|
|||||||
#include <linux/init.h>
|
#include <linux/init.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -38,6 +39,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
|
|
||||||
static struct fs_struct init_fs = INIT_FS;
|
static struct fs_struct init_fs = INIT_FS;
|
||||||
@ -12,6 +13,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -11,6 +11,7 @@
|
|||||||
#include <linux/sched.h>
|
#include <linux/sched.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -20,6 +21,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
#include <linux/sched.h>
|
#include <linux/sched.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -12,6 +13,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -14,6 +14,7 @@
|
|||||||
#include <linux/sched.h>
|
#include <linux/sched.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -23,6 +24,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
struct pt_regs fake_swapper_regs;
|
struct pt_regs fake_swapper_regs;
|
||||||
|
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
#include <linux/sched.h>
|
#include <linux/sched.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
@ -12,6 +13,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
struct task_struct init_task = INIT_TASK(init_task);
|
struct task_struct init_task = INIT_TASK(init_task);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
#include <linux/sched.h>
|
#include <linux/sched.h>
|
||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
@ -13,6 +14,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -9,6 +9,7 @@
|
|||||||
#include "linux/sched.h"
|
#include "linux/sched.h"
|
||||||
#include "linux/init_task.h"
|
#include "linux/init_task.h"
|
||||||
#include "linux/mqueue.h"
|
#include "linux/mqueue.h"
|
||||||
|
#include "linux/nsproxy.h"
|
||||||
#include "asm/uaccess.h"
|
#include "asm/uaccess.h"
|
||||||
#include "asm/pgtable.h"
|
#include "asm/pgtable.h"
|
||||||
#include "user_util.h"
|
#include "user_util.h"
|
||||||
@ -17,6 +18,7 @@
|
|||||||
|
|
||||||
static struct fs_struct init_fs = INIT_FS;
|
static struct fs_struct init_fs = INIT_FS;
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
static struct files_struct init_files = INIT_FILES;
|
static struct files_struct init_files = INIT_FILES;
|
||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
|
@ -16,6 +16,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -25,6 +26,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS (init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS (init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM (init_mm);
|
struct mm_struct init_mm = INIT_MM (init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
#include <linux/init_task.h>
|
#include <linux/init_task.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
#include <linux/mqueue.h>
|
#include <linux/mqueue.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
#include <asm/uaccess.h>
|
#include <asm/uaccess.h>
|
||||||
#include <asm/pgtable.h>
|
#include <asm/pgtable.h>
|
||||||
@ -15,6 +16,7 @@ static struct files_struct init_files = INIT_FILES;
|
|||||||
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
|
||||||
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
|
||||||
struct mm_struct init_mm = INIT_MM(init_mm);
|
struct mm_struct init_mm = INIT_MM(init_mm);
|
||||||
|
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
|
||||||
|
|
||||||
EXPORT_SYMBOL(init_mm);
|
EXPORT_SYMBOL(init_mm);
|
||||||
|
|
||||||
|
@ -68,6 +68,12 @@
|
|||||||
.session = 1, \
|
.session = 1, \
|
||||||
}
|
}
|
||||||
|
|
||||||
|
extern struct nsproxy init_nsproxy;
|
||||||
|
#define INIT_NSPROXY(nsproxy) { \
|
||||||
|
.count = ATOMIC_INIT(1), \
|
||||||
|
.nslock = SPIN_LOCK_UNLOCKED, \
|
||||||
|
}
|
||||||
|
|
||||||
#define INIT_SIGHAND(sighand) { \
|
#define INIT_SIGHAND(sighand) { \
|
||||||
.count = ATOMIC_INIT(1), \
|
.count = ATOMIC_INIT(1), \
|
||||||
.action = { { { .sa_handler = NULL, } }, }, \
|
.action = { { { .sa_handler = NULL, } }, }, \
|
||||||
@ -117,6 +123,7 @@ extern struct group_info init_groups;
|
|||||||
.files = &init_files, \
|
.files = &init_files, \
|
||||||
.signal = &init_signals, \
|
.signal = &init_signals, \
|
||||||
.sighand = &init_sighand, \
|
.sighand = &init_sighand, \
|
||||||
|
.nsproxy = &init_nsproxy, \
|
||||||
.pending = { \
|
.pending = { \
|
||||||
.list = LIST_HEAD_INIT(tsk.pending.list), \
|
.list = LIST_HEAD_INIT(tsk.pending.list), \
|
||||||
.signal = {{0}}}, \
|
.signal = {{0}}}, \
|
||||||
|
45
include/linux/nsproxy.h
Normal file
45
include/linux/nsproxy.h
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
#ifndef _LINUX_NSPROXY_H
|
||||||
|
#define _LINUX_NSPROXY_H
|
||||||
|
|
||||||
|
#include <linux/spinlock.h>
|
||||||
|
#include <linux/sched.h>
|
||||||
|
|
||||||
|
/*
|
||||||
|
* A structure to contain pointers to all per-process
|
||||||
|
* namespaces - fs (mount), uts, network, sysvipc, etc.
|
||||||
|
*
|
||||||
|
* 'count' is the number of tasks holding a reference.
|
||||||
|
* The count for each namespace, then, will be the number
|
||||||
|
* of nsproxies pointing to it, not the number of tasks.
|
||||||
|
*
|
||||||
|
* The nsproxy is shared by tasks which share all namespaces.
|
||||||
|
* As soon as a single namespace is cloned or unshared, the
|
||||||
|
* nsproxy is copied.
|
||||||
|
*/
|
||||||
|
struct nsproxy {
|
||||||
|
atomic_t count;
|
||||||
|
spinlock_t nslock;
|
||||||
|
};
|
||||||
|
extern struct nsproxy init_nsproxy;
|
||||||
|
|
||||||
|
struct nsproxy *dup_namespaces(struct nsproxy *orig);
|
||||||
|
int copy_namespaces(int flags, struct task_struct *tsk);
|
||||||
|
void get_task_namespaces(struct task_struct *tsk);
|
||||||
|
void free_nsproxy(struct nsproxy *ns);
|
||||||
|
|
||||||
|
static inline void put_nsproxy(struct nsproxy *ns)
|
||||||
|
{
|
||||||
|
if (atomic_dec_and_test(&ns->count)) {
|
||||||
|
free_nsproxy(ns);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline void exit_task_namespaces(struct task_struct *p)
|
||||||
|
{
|
||||||
|
struct nsproxy *ns = p->nsproxy;
|
||||||
|
if (ns) {
|
||||||
|
put_nsproxy(ns);
|
||||||
|
p->nsproxy = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
@ -239,6 +239,7 @@ extern signed long schedule_timeout_uninterruptible(signed long timeout);
|
|||||||
asmlinkage void schedule(void);
|
asmlinkage void schedule(void);
|
||||||
|
|
||||||
struct namespace;
|
struct namespace;
|
||||||
|
struct nsproxy;
|
||||||
|
|
||||||
/* Maximum number of active map areas.. This is a random (large) number */
|
/* Maximum number of active map areas.. This is a random (large) number */
|
||||||
#define DEFAULT_MAX_MAP_COUNT 65536
|
#define DEFAULT_MAX_MAP_COUNT 65536
|
||||||
@ -898,6 +899,7 @@ struct task_struct {
|
|||||||
struct files_struct *files;
|
struct files_struct *files;
|
||||||
/* namespace */
|
/* namespace */
|
||||||
struct namespace *namespace;
|
struct namespace *namespace;
|
||||||
|
struct nsproxy *nsproxy;
|
||||||
/* signal handlers */
|
/* signal handlers */
|
||||||
struct signal_struct *signal;
|
struct signal_struct *signal;
|
||||||
struct sighand_struct *sighand;
|
struct sighand_struct *sighand;
|
||||||
|
@ -8,7 +8,7 @@ obj-y = sched.o fork.o exec_domain.o panic.o printk.o profile.o \
|
|||||||
signal.o sys.o kmod.o workqueue.o pid.o \
|
signal.o sys.o kmod.o workqueue.o pid.o \
|
||||||
rcupdate.o extable.o params.o posix-timers.o \
|
rcupdate.o extable.o params.o posix-timers.o \
|
||||||
kthread.o wait.o kfifo.o sys_ni.o posix-cpu-timers.o mutex.o \
|
kthread.o wait.o kfifo.o sys_ni.o posix-cpu-timers.o mutex.o \
|
||||||
hrtimer.o rwsem.o latency.o
|
hrtimer.o rwsem.o latency.o nsproxy.o
|
||||||
|
|
||||||
obj-$(CONFIG_STACKTRACE) += stacktrace.o
|
obj-$(CONFIG_STACKTRACE) += stacktrace.o
|
||||||
obj-y += time/
|
obj-y += time/
|
||||||
|
@ -21,6 +21,7 @@
|
|||||||
#include <linux/tsacct_kern.h>
|
#include <linux/tsacct_kern.h>
|
||||||
#include <linux/file.h>
|
#include <linux/file.h>
|
||||||
#include <linux/binfmts.h>
|
#include <linux/binfmts.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
#include <linux/ptrace.h>
|
#include <linux/ptrace.h>
|
||||||
#include <linux/profile.h>
|
#include <linux/profile.h>
|
||||||
#include <linux/mount.h>
|
#include <linux/mount.h>
|
||||||
@ -397,9 +398,14 @@ void daemonize(const char *name, ...)
|
|||||||
fs = init_task.fs;
|
fs = init_task.fs;
|
||||||
current->fs = fs;
|
current->fs = fs;
|
||||||
atomic_inc(&fs->count);
|
atomic_inc(&fs->count);
|
||||||
|
|
||||||
exit_namespace(current);
|
exit_namespace(current);
|
||||||
|
exit_task_namespaces(current);
|
||||||
current->namespace = init_task.namespace;
|
current->namespace = init_task.namespace;
|
||||||
|
current->nsproxy = init_task.nsproxy;
|
||||||
get_namespace(current->namespace);
|
get_namespace(current->namespace);
|
||||||
|
get_task_namespaces(current);
|
||||||
|
|
||||||
exit_files(current);
|
exit_files(current);
|
||||||
current->files = init_task.files;
|
current->files = init_task.files;
|
||||||
atomic_inc(¤t->files->count);
|
atomic_inc(¤t->files->count);
|
||||||
@ -918,6 +924,7 @@ fastcall NORET_TYPE void do_exit(long code)
|
|||||||
__exit_files(tsk);
|
__exit_files(tsk);
|
||||||
__exit_fs(tsk);
|
__exit_fs(tsk);
|
||||||
exit_namespace(tsk);
|
exit_namespace(tsk);
|
||||||
|
exit_task_namespaces(tsk);
|
||||||
exit_thread();
|
exit_thread();
|
||||||
cpuset_exit(tsk);
|
cpuset_exit(tsk);
|
||||||
exit_keys(tsk);
|
exit_keys(tsk);
|
||||||
|
@ -27,6 +27,7 @@
|
|||||||
#include <linux/binfmts.h>
|
#include <linux/binfmts.h>
|
||||||
#include <linux/mman.h>
|
#include <linux/mman.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
#include <linux/capability.h>
|
#include <linux/capability.h>
|
||||||
#include <linux/cpu.h>
|
#include <linux/cpu.h>
|
||||||
#include <linux/cpuset.h>
|
#include <linux/cpuset.h>
|
||||||
@ -1116,8 +1117,10 @@ static struct task_struct *copy_process(unsigned long clone_flags,
|
|||||||
goto bad_fork_cleanup_signal;
|
goto bad_fork_cleanup_signal;
|
||||||
if ((retval = copy_keys(clone_flags, p)))
|
if ((retval = copy_keys(clone_flags, p)))
|
||||||
goto bad_fork_cleanup_mm;
|
goto bad_fork_cleanup_mm;
|
||||||
if ((retval = copy_namespace(clone_flags, p)))
|
if ((retval = copy_namespaces(clone_flags, p)))
|
||||||
goto bad_fork_cleanup_keys;
|
goto bad_fork_cleanup_keys;
|
||||||
|
if ((retval = copy_namespace(clone_flags, p)))
|
||||||
|
goto bad_fork_cleanup_namespaces;
|
||||||
retval = copy_thread(0, clone_flags, stack_start, stack_size, p, regs);
|
retval = copy_thread(0, clone_flags, stack_start, stack_size, p, regs);
|
||||||
if (retval)
|
if (retval)
|
||||||
goto bad_fork_cleanup_namespace;
|
goto bad_fork_cleanup_namespace;
|
||||||
@ -1262,6 +1265,8 @@ static struct task_struct *copy_process(unsigned long clone_flags,
|
|||||||
|
|
||||||
bad_fork_cleanup_namespace:
|
bad_fork_cleanup_namespace:
|
||||||
exit_namespace(p);
|
exit_namespace(p);
|
||||||
|
bad_fork_cleanup_namespaces:
|
||||||
|
exit_task_namespaces(p);
|
||||||
bad_fork_cleanup_keys:
|
bad_fork_cleanup_keys:
|
||||||
exit_keys(p);
|
exit_keys(p);
|
||||||
bad_fork_cleanup_mm:
|
bad_fork_cleanup_mm:
|
||||||
@ -1606,6 +1611,7 @@ asmlinkage long sys_unshare(unsigned long unshare_flags)
|
|||||||
struct mm_struct *mm, *new_mm = NULL, *active_mm = NULL;
|
struct mm_struct *mm, *new_mm = NULL, *active_mm = NULL;
|
||||||
struct files_struct *fd, *new_fd = NULL;
|
struct files_struct *fd, *new_fd = NULL;
|
||||||
struct sem_undo_list *new_ulist = NULL;
|
struct sem_undo_list *new_ulist = NULL;
|
||||||
|
struct nsproxy *new_nsproxy, *old_nsproxy;
|
||||||
|
|
||||||
check_unshare_flags(&unshare_flags);
|
check_unshare_flags(&unshare_flags);
|
||||||
|
|
||||||
@ -1632,7 +1638,15 @@ asmlinkage long sys_unshare(unsigned long unshare_flags)
|
|||||||
|
|
||||||
if (new_fs || new_ns || new_sigh || new_mm || new_fd || new_ulist) {
|
if (new_fs || new_ns || new_sigh || new_mm || new_fd || new_ulist) {
|
||||||
|
|
||||||
|
old_nsproxy = current->nsproxy;
|
||||||
|
new_nsproxy = dup_namespaces(old_nsproxy);
|
||||||
|
if (!new_nsproxy) {
|
||||||
|
err = -ENOMEM;
|
||||||
|
goto bad_unshare_cleanup_semundo;
|
||||||
|
}
|
||||||
|
|
||||||
task_lock(current);
|
task_lock(current);
|
||||||
|
current->nsproxy = new_nsproxy;
|
||||||
|
|
||||||
if (new_fs) {
|
if (new_fs) {
|
||||||
fs = current->fs;
|
fs = current->fs;
|
||||||
@ -1668,8 +1682,10 @@ asmlinkage long sys_unshare(unsigned long unshare_flags)
|
|||||||
}
|
}
|
||||||
|
|
||||||
task_unlock(current);
|
task_unlock(current);
|
||||||
|
put_nsproxy(old_nsproxy);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bad_unshare_cleanup_semundo:
|
||||||
bad_unshare_cleanup_fd:
|
bad_unshare_cleanup_fd:
|
||||||
if (new_fd)
|
if (new_fd)
|
||||||
put_files_struct(new_fd);
|
put_files_struct(new_fd);
|
||||||
|
77
kernel/nsproxy.c
Normal file
77
kernel/nsproxy.c
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (C) 2006 IBM Corporation
|
||||||
|
*
|
||||||
|
* Author: Serge Hallyn <serue@us.ibm.com>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU General Public License as
|
||||||
|
* published by the Free Software Foundation, version 2 of the
|
||||||
|
* License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <linux/module.h>
|
||||||
|
#include <linux/version.h>
|
||||||
|
#include <linux/nsproxy.h>
|
||||||
|
|
||||||
|
static inline void get_nsproxy(struct nsproxy *ns)
|
||||||
|
{
|
||||||
|
atomic_inc(&ns->count);
|
||||||
|
}
|
||||||
|
|
||||||
|
void get_task_namespaces(struct task_struct *tsk)
|
||||||
|
{
|
||||||
|
struct nsproxy *ns = tsk->nsproxy;
|
||||||
|
if (ns) {
|
||||||
|
get_nsproxy(ns);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* creates a copy of "orig" with refcount 1.
|
||||||
|
* This does not grab references to the contained namespaces,
|
||||||
|
* so that needs to be done by dup_namespaces.
|
||||||
|
*/
|
||||||
|
static inline struct nsproxy *clone_namespaces(struct nsproxy *orig)
|
||||||
|
{
|
||||||
|
struct nsproxy *ns;
|
||||||
|
|
||||||
|
ns = kmalloc(sizeof(struct nsproxy), GFP_KERNEL);
|
||||||
|
if (ns) {
|
||||||
|
memcpy(ns, orig, sizeof(struct nsproxy));
|
||||||
|
atomic_set(&ns->count, 1);
|
||||||
|
}
|
||||||
|
return ns;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* copies the nsproxy, setting refcount to 1, and grabbing a
|
||||||
|
* reference to all contained namespaces. Called from
|
||||||
|
* sys_unshare()
|
||||||
|
*/
|
||||||
|
struct nsproxy *dup_namespaces(struct nsproxy *orig)
|
||||||
|
{
|
||||||
|
struct nsproxy *ns = clone_namespaces(orig);
|
||||||
|
|
||||||
|
return ns;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* called from clone. This now handles copy for nsproxy and all
|
||||||
|
* namespaces therein.
|
||||||
|
*/
|
||||||
|
int copy_namespaces(int flags, struct task_struct *tsk)
|
||||||
|
{
|
||||||
|
struct nsproxy *old_ns = tsk->nsproxy;
|
||||||
|
|
||||||
|
if (!old_ns)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
get_nsproxy(old_ns);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void free_nsproxy(struct nsproxy *ns)
|
||||||
|
{
|
||||||
|
kfree(ns);
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user