The kernel uses open code to check if a process is in root PID namespace
or not in several places.
Suggested by Suzuki, this patch set is to create a helper function
task_is_in_root_ns() so we can use it replace open code.
To test this patch set, I built Arm64 kernel with enabling all relevant
modules, and verified the kernel with CoreSight module on Arm64 Juno
board.
Leo Yan (7):
pid: Introduce helper task_is_in_root_ns()
coresight: etm3x: Use task_is_in_root_ns() to check PID namespace
coresight: etm4x: Use task_is_in_root_ns() to check PID namespace
connector/cn_proc: Use task_is_in_root_ns() to check PID namespace
coda: Use task_is_in_root_ns()
audit: Use task_is_in_root_ns()
taskstats: Use task_is_in_root_ns()
drivers/connector/cn_proc.c | 2 +-
drivers/hwtracing/coresight/coresight-etm3x-sysfs.c | 8 ++++----
drivers/hwtracing/coresight/coresight-etm4x-sysfs.c | 8 ++++----
fs/coda/inode.c | 2 +-
fs/coda/psdev.c | 2 +-
include/linux/pid_namespace.h | 5 +++++
kernel/audit.c | 2 +-
kernel/taskstats.c | 2 +-
8 files changed, 18 insertions(+), 13 deletions(-)
--
2.25.1
Currently the kernel uses open code in multiple places to check if a
task is in the root PID namespace with the kind of format:
if (task_active_pid_ns(current) == &init_pid_ns)
do_something();
This patch creates a new helper function, task_is_in_root_ns(), it
returns true if a passed task is in the root PID namespace, otherwise
returns false. So it will be used to replace open codes.
Suggested-by: Suzuki K Poulose <[email protected]>
Signed-off-by: Leo Yan <[email protected]>
---
include/linux/pid_namespace.h | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h
index 7c7e627503d2..bf82b373f022 100644
--- a/include/linux/pid_namespace.h
+++ b/include/linux/pid_namespace.h
@@ -86,4 +86,9 @@ extern struct pid_namespace *task_active_pid_ns(struct task_struct *tsk);
void pidhash_init(void);
void pid_idr_init(void);
+static inline bool task_is_in_root_ns(struct task_struct *tsk)
+{
+ return task_active_pid_ns(tsk) == &init_pid_ns;
+}
+
#endif /* _LINUX_PID_NS_H */
--
2.25.1
This patch uses helper task_is_in_root_ns() to replace open code for
checking if a task is in root PID namespace.
Signed-off-by: Leo Yan <[email protected]>
---
drivers/hwtracing/coresight/coresight-etm3x-sysfs.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/hwtracing/coresight/coresight-etm3x-sysfs.c b/drivers/hwtracing/coresight/coresight-etm3x-sysfs.c
index e8c7649f123e..baba16ad9bb1 100644
--- a/drivers/hwtracing/coresight/coresight-etm3x-sysfs.c
+++ b/drivers/hwtracing/coresight/coresight-etm3x-sysfs.c
@@ -1030,7 +1030,7 @@ static ssize_t ctxid_pid_show(struct device *dev,
* Don't use contextID tracing if coming from a PID namespace. See
* comment in ctxid_pid_store().
*/
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
spin_lock(&drvdata->spinlock);
@@ -1058,7 +1058,7 @@ static ssize_t ctxid_pid_store(struct device *dev,
* As such refuse to use the feature if @current is not in the initial
* PID namespace.
*/
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
ret = kstrtoul(buf, 16, &pid);
@@ -1084,7 +1084,7 @@ static ssize_t ctxid_mask_show(struct device *dev,
* Don't use contextID tracing if coming from a PID namespace. See
* comment in ctxid_pid_store().
*/
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
val = config->ctxid_mask;
@@ -1104,7 +1104,7 @@ static ssize_t ctxid_mask_store(struct device *dev,
* Don't use contextID tracing if coming from a PID namespace. See
* comment in ctxid_pid_store().
*/
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
ret = kstrtoul(buf, 16, &val);
--
2.25.1
To avoid open code, this patch uses the helper task_is_in_root_ns() to
check if a task is in root PID namespace.
Signed-off-by: Leo Yan <[email protected]>
---
drivers/hwtracing/coresight/coresight-etm4x-sysfs.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c b/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c
index a0640fa5c55b..cd87ad8456d7 100644
--- a/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c
+++ b/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c
@@ -1890,7 +1890,7 @@ static ssize_t ctxid_pid_show(struct device *dev,
* Don't use contextID tracing if coming from a PID namespace. See
* comment in ctxid_pid_store().
*/
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
spin_lock(&drvdata->spinlock);
@@ -1918,7 +1918,7 @@ static ssize_t ctxid_pid_store(struct device *dev,
* As such refuse to use the feature if @current is not in the initial
* PID namespace.
*/
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
/*
@@ -1951,7 +1951,7 @@ static ssize_t ctxid_masks_show(struct device *dev,
* Don't use contextID tracing if coming from a PID namespace. See
* comment in ctxid_pid_store().
*/
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
spin_lock(&drvdata->spinlock);
@@ -1975,7 +1975,7 @@ static ssize_t ctxid_masks_store(struct device *dev,
* Don't use contextID tracing if coming from a PID namespace. See
* comment in ctxid_pid_store().
*/
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
/*
--
2.25.1
To avoid open code, this patch uses the helper task_is_in_root_ns() to
check if task is in root PID namespace.
Signed-off-by: Leo Yan <[email protected]>
---
drivers/connector/cn_proc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c
index 646ad385e490..b8a4fa366b28 100644
--- a/drivers/connector/cn_proc.c
+++ b/drivers/connector/cn_proc.c
@@ -358,7 +358,7 @@ static void cn_proc_mcast_ctl(struct cn_msg *msg,
* other namespaces.
*/
if ((current_user_ns() != &init_user_ns) ||
- (task_active_pid_ns(current) != &init_pid_ns))
+ !task_is_in_root_ns(current))
return;
/* Can only change if privileged. */
--
2.25.1
Replace open coded checking root PID namespace with
task_is_in_root_ns().
Signed-off-by: Leo Yan <[email protected]>
---
fs/coda/inode.c | 2 +-
fs/coda/psdev.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/coda/inode.c b/fs/coda/inode.c
index d9f1bd7153df..a7d630ac522e 100644
--- a/fs/coda/inode.c
+++ b/fs/coda/inode.c
@@ -152,7 +152,7 @@ static int coda_fill_super(struct super_block *sb, void *data, int silent)
int error;
int idx;
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
idx = get_device_index((struct coda_mount_data *) data);
diff --git a/fs/coda/psdev.c b/fs/coda/psdev.c
index b39580ad4ce5..54db13bf2e06 100644
--- a/fs/coda/psdev.c
+++ b/fs/coda/psdev.c
@@ -270,7 +270,7 @@ static int coda_psdev_open(struct inode * inode, struct file * file)
struct venus_comm *vcp;
int idx, err;
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
if (current_user_ns() != &init_user_ns)
--
2.25.1
Replace open coded checking root PID namespace with
task_is_in_root_ns().
Signed-off-by: Leo Yan <[email protected]>
---
kernel/audit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 121d37e700a6..c71d4182c05d 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1034,7 +1034,7 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type)
case AUDIT_MAKE_EQUIV:
/* Only support auditd and auditctl in initial pid namespace
* for now. */
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EPERM;
if (!netlink_capable(skb, CAP_AUDIT_CONTROL))
--
2.25.1
Replace open coded checking root PID namespace with
task_is_in_root_ns().
Signed-off-by: Leo Yan <[email protected]>
---
kernel/taskstats.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/taskstats.c b/kernel/taskstats.c
index 2b4898b4752e..c6a19d3911b3 100644
--- a/kernel/taskstats.c
+++ b/kernel/taskstats.c
@@ -284,7 +284,7 @@ static int add_del_listener(pid_t pid, const struct cpumask *mask, int isadd)
if (current_user_ns() != &init_user_ns)
return -EINVAL;
- if (task_active_pid_ns(current) != &init_pid_ns)
+ if (!task_is_in_root_ns(current))
return -EINVAL;
if (isadd == REGISTER) {
--
2.25.1
On Sun, Dec 05, 2021 at 10:50:59PM +0800, Leo Yan wrote:
> Currently the kernel uses open code in multiple places to check if a
> task is in the root PID namespace with the kind of format:
>
> if (task_active_pid_ns(current) == &init_pid_ns)
> do_something();
>
> This patch creates a new helper function, task_is_in_root_ns(), it
> returns true if a passed task is in the root PID namespace, otherwise
> returns false. So it will be used to replace open codes.
>
> Suggested-by: Suzuki K Poulose <[email protected]>
> Signed-off-by: Leo Yan <[email protected]>
> ---
> include/linux/pid_namespace.h | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h
> index 7c7e627503d2..bf82b373f022 100644
> --- a/include/linux/pid_namespace.h
> +++ b/include/linux/pid_namespace.h
> @@ -86,4 +86,9 @@ extern struct pid_namespace *task_active_pid_ns(struct task_struct *tsk);
> void pidhash_init(void);
> void pid_idr_init(void);
>
> +static inline bool task_is_in_root_ns(struct task_struct *tsk)
It is bad that this name doesn't reflect PID nature of this namespace.
Won't it better to name it task_is_in_init_pid_ns()?
Thanks
> +{
> + return task_active_pid_ns(tsk) == &init_pid_ns;
> +}
> +
> #endif /* _LINUX_PID_NS_H */
> --
> 2.25.1
>
Hi Leon,
On Mon, Dec 06, 2021 at 08:49:01AM +0200, Leon Romanovsky wrote:
> On Sun, Dec 05, 2021 at 10:50:59PM +0800, Leo Yan wrote:
[...]
> > +static inline bool task_is_in_root_ns(struct task_struct *tsk)
>
> It is bad that this name doesn't reflect PID nature of this namespace.
> Won't it better to name it task_is_in_init_pid_ns()?
Yes, task_is_in_init_pid_ns() is more clear.
Will respin for this. Thank you for suggestion!
Leo
On Mon, Dec 06, 2021 at 03:03:58PM +0800, Leo Yan wrote:
> Hi Leon,
>
> On Mon, Dec 06, 2021 at 08:49:01AM +0200, Leon Romanovsky wrote:
> > On Sun, Dec 05, 2021 at 10:50:59PM +0800, Leo Yan wrote:
>
> [...]
>
> > > +static inline bool task_is_in_root_ns(struct task_struct *tsk)
> >
> > It is bad that this name doesn't reflect PID nature of this namespace.
> > Won't it better to name it task_is_in_init_pid_ns()?
>
> Yes, task_is_in_init_pid_ns() is more clear.
>
> Will respin for this. Thank you for suggestion!
Thanks
>
> Leo