Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1161788AbbBECer (ORCPT ); Wed, 4 Feb 2015 21:34:47 -0500 Received: from mx1.redhat.com ([209.132.183.28]:52335 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756338AbbBECeo (ORCPT ); Wed, 4 Feb 2015 21:34:44 -0500 Subject: [RFC PATCH 6/8] nfsd - use namespace if not executing in init namespace From: Ian Kent To: Kernel Mailing List Cc: David Howells , Oleg Nesterov , Trond Myklebust , "J. Bruce Fields" , Benjamin Coddington , Al Viro , Jeff Layton , "Eric W. Biederman" Date: Thu, 05 Feb 2015 10:34:31 +0800 Message-ID: <20150205023430.8382.67797.stgit@pluto.fritz.box> In-Reply-To: <20150205021553.8382.16297.stgit@pluto.fritz.box> References: <20150205021553.8382.16297.stgit@pluto.fritz.box> User-Agent: StGit/0.17-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 5409 Lines: 161 If nfsd is running within a container the client tracking operations should run within the container also. Signed-off-by: Ian Kent Cc: Benjamin Coddington Cc: Al Viro Cc: J. Bruce Fields Cc: David Howells Cc: Trond Myklebust Cc: Oleg Nesterov Cc: Eric W. Biederman Cc: Jeff Layton --- fs/nfsd/netns.h | 2 ++ fs/nfsd/nfs4recover.c | 48 ++++++++++++++++++++++++++++++++---------------- 2 files changed, 34 insertions(+), 16 deletions(-) diff --git a/fs/nfsd/netns.h b/fs/nfsd/netns.h index ea6749a..c168196 100644 --- a/fs/nfsd/netns.h +++ b/fs/nfsd/netns.h @@ -112,6 +112,8 @@ struct nfsd_net { u32 clientid_counter; struct svc_serv *nfsd_serv; + + int umh_flags; }; /* Simple check to find out if a given net was properly initialized */ diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c index cc6a760..b962856 100644 --- a/fs/nfsd/nfs4recover.c +++ b/fs/nfsd/nfs4recover.c @@ -1184,7 +1184,9 @@ nfsd4_cltrack_grace_start(time_t grace_start) } static int -nfsd4_umh_cltrack_upcall(char *cmd, char *arg, char *env0, char *env1) +nfsd4_umh_cltrack_upcall(char *cmd, + char *arg, char *env0, char *env1, + int flags) { char *envp[3]; char *argv[4]; @@ -1209,7 +1211,7 @@ nfsd4_umh_cltrack_upcall(char *cmd, char *arg, char *env0, char *env1) argv[2] = arg; argv[3] = NULL; - ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_PROC); + ret = call_usermodehelper(argv[0], argv, envp, flags); /* * Disable the upcall mechanism if we're getting an ENOENT or EACCES * error. The admin can re-enable it on the fly by using sysfs @@ -1252,14 +1254,13 @@ nfsd4_umh_cltrack_init(struct net *net) struct nfsd_net *nn = net_generic(net, nfsd_net_id); char *grace_start = nfsd4_cltrack_grace_start(nn->boot_time); - /* XXX: The usermode helper s not working in container yet. */ - if (net != &init_net) { - WARN(1, KERN_ERR "NFSD: attempt to initialize umh client " - "tracking in a container!\n"); - return -EINVAL; - } + nn->umh_flags = UMH_WAIT_PROC; + if (net != &init_net) + nn->umh_flags |= UMH_USE_NS; - ret = nfsd4_umh_cltrack_upcall("init", NULL, grace_start, NULL); + ret = nfsd4_umh_cltrack_upcall("init", + NULL, grace_start, NULL, + nn->umh_flags); kfree(grace_start); return ret; } @@ -1285,6 +1286,7 @@ nfsd4_umh_cltrack_create(struct nfs4_client *clp) { char *hexid, *has_session, *grace_start; struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); + int ret; /* * With v4.0 clients, there's little difference in outcome between a @@ -1312,7 +1314,10 @@ nfsd4_umh_cltrack_create(struct nfs4_client *clp) grace_start = nfsd4_cltrack_grace_start(nn->boot_time); nfsd4_cltrack_upcall_lock(clp); - if (!nfsd4_umh_cltrack_upcall("create", hexid, has_session, grace_start)) + ret = nfsd4_umh_cltrack_upcall("create", + hexid, has_session, grace_start, + nn->umh_flags); + if (!ret) set_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags); nfsd4_cltrack_upcall_unlock(clp); @@ -1324,7 +1329,9 @@ nfsd4_umh_cltrack_create(struct nfs4_client *clp) static void nfsd4_umh_cltrack_remove(struct nfs4_client *clp) { + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); char *hexid; + int ret; if (!test_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags)) return; @@ -1336,9 +1343,13 @@ nfsd4_umh_cltrack_remove(struct nfs4_client *clp) } nfsd4_cltrack_upcall_lock(clp); - if (test_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags) && - nfsd4_umh_cltrack_upcall("remove", hexid, NULL, NULL) == 0) - clear_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags); + if (test_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags)) { + ret = nfsd4_umh_cltrack_upcall("remove", + hexid, NULL, NULL, + nn->umh_flags); + if (ret == 0) + clear_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags); + } nfsd4_cltrack_upcall_unlock(clp); kfree(hexid); @@ -1347,8 +1358,9 @@ nfsd4_umh_cltrack_remove(struct nfs4_client *clp) static int nfsd4_umh_cltrack_check(struct nfs4_client *clp) { - int ret; + struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); char *hexid, *has_session, *legacy; + int ret; if (test_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags)) return 0; @@ -1366,7 +1378,9 @@ nfsd4_umh_cltrack_check(struct nfs4_client *clp) if (test_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags)) { ret = 0; } else { - ret = nfsd4_umh_cltrack_upcall("check", hexid, has_session, legacy); + ret = nfsd4_umh_cltrack_upcall("check", hexid, + has_session, legacy, + mm->umh_flags); if (ret == 0) set_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags); } @@ -1386,7 +1400,9 @@ nfsd4_umh_cltrack_grace_done(struct nfsd_net *nn) sprintf(timestr, "%ld", nn->boot_time); legacy = nfsd4_cltrack_legacy_topdir(); - nfsd4_umh_cltrack_upcall("gracedone", timestr, legacy, NULL); + nfsd4_umh_cltrack_upcall("gracedone", + timestr, legacy, NULL, + nn->umh_flags); kfree(legacy); } -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/