Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1758875AbbBHTBk (ORCPT <rfc822;w@1wt.eu>);
	Sun, 8 Feb 2015 14:01:40 -0500
Received: from mx1.redhat.com ([209.132.183.28]:60756 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1758529AbbBHTBj (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Sun, 8 Feb 2015 14:01:39 -0500
Date: Sun, 8 Feb 2015 20:00:19 +0100
From: Oleg Nesterov <oleg@redhat.com>
To: Ian Kent <ikent@redhat.com>
Cc: Kernel Mailing List <linux-kernel@vger.kernel.org>,
        David Howells <dhowells@redhat.com>,
        Trond Myklebust <trond.myklebust@primarydata.com>,
        "J. Bruce Fields" <bfields@fieldses.org>,
        Benjamin Coddington <bcodding@redhat.com>,
        Al Viro <viro@ZenIV.linux.org.uk>,
        Jeff Layton <jeff.layton@primarydata.com>,
        "Eric W. Biederman" <ebiederm@xmission.com>
Subject: Re: [RFC PATCH 3/8] kmod - teach call_usermodehelper() to use a
	namespace
Message-ID: <20150208190019.GA22948@redhat.com>
References: <20150205021553.8382.16297.stgit@pluto.fritz.box> <20150205023410.8382.13695.stgit@pluto.fritz.box>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20150205023410.8382.13695.stgit@pluto.fritz.box>
User-Agent: Mutt/1.5.18 (2008-05-17)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1581
Lines: 59

On 02/05, Ian Kent wrote:
>
> +int umh_enter_ns(struct task_struct *tsk, struct cred *new)
> +{
> +	char path[NS_PATH_MAX];
> +	struct vfsmount *mnt;
> +	const char *name;
> +	pid_t pid;
> +	int err = 0;
> +
> +	pid = task_pid_nr(tsk);
> +
> +	/*
> +	 * The user mode thread runner runs in the root init namespace
> +	 * so it will see all system pids.
> +	 */
> +	mnt = task_active_pid_ns(current)->proc_mnt;
> +
> +	for (name = ns_names[0]; *name; name++) {
> +		struct file *this;
> +		int len;
> +
> +		len = snprintf(path,
> +			       NS_PATH_MAX, NS_PATH_FMT,
> +			       (unsigned long) pid, name);
> +		if (len >= NS_PATH_MAX) {
> +			err = -ENAMETOOLONG;
> +			break;
> +		}
> +
> +		this = file_open_root(mnt->mnt_root, mnt, path, O_RDONLY);
> +		if (unlikely(IS_ERR(this))) {
> +			err = PTR_ERR(this);
> +			break;
> +		}
> +
> +		err = setns_inode(file_inode(this), 0);
> +		fput(this);
> +		if (err)
> +			break;
> +	}
> +
> +	return err;
> +}

Yes, I need to actually read this series and setns paths, but at first glance
there must be a simpler method to call ops->install's and switch_task_namespaces.

Sorry if this was already discussed before, but to me it looks a bit strange
to abuse /proc/ files for this. And again, iiuc file_open_root() can fail if
tsk has already exited (init can be multithreaded).

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/