Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S964930AbXADSLj (ORCPT ); Thu, 4 Jan 2007 13:11:39 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S964881AbXADSLj (ORCPT ); Thu, 4 Jan 2007 13:11:39 -0500 Received: from e33.co.us.ibm.com ([32.97.110.151]:59689 "EHLO e33.co.us.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S964809AbXADSLh (ORCPT ); Thu, 4 Jan 2007 13:11:37 -0500 Date: Thu, 4 Jan 2007 12:11:32 -0600 From: "Serge E. Hallyn" To: Andrew Morton Cc: lkml Subject: [PATCH -mm 3/8] user ns: add user_namespace ptr to vfsmount Message-ID: <20070104181132.GD11377@sergelap.austin.ibm.com> References: <20070104180635.GA11377@sergelap.austin.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070104180635.GA11377@sergelap.austin.ibm.com> User-Agent: Mutt/1.5.13 (2006-08-11) Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3365 Lines: 107 From: Serge E. Hallyn Subject: [PATCH -mm 3/8] user ns: add user_namespace ptr to vfsmount Add user_namespace ptr to vfsmount, and define a helper to compare it to the task's user_ns. Signed-off-by: Serge E. Hallyn --- fs/namespace.c | 3 +++ include/linux/mount.h | 2 ++ include/linux/sched.h | 20 ++++++++++++++++++++ 3 files changed, 25 insertions(+), 0 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index fd999ca..5da87e2 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -25,6 +25,7 @@ #include #include #include #include +#include #include #include #include "pnode.h" @@ -55,6 +56,7 @@ struct vfsmount *alloc_vfsmnt(const char { struct vfsmount *mnt = kmem_cache_zalloc(mnt_cache, GFP_KERNEL); if (mnt) { + mnt->mnt_user_ns = get_user_ns(current->nsproxy->user_ns); atomic_set(&mnt->mnt_count, 1); INIT_LIST_HEAD(&mnt->mnt_hash); INIT_LIST_HEAD(&mnt->mnt_child); @@ -87,6 +89,7 @@ EXPORT_SYMBOL(simple_set_mnt); void free_vfsmnt(struct vfsmount *mnt) { + put_user_ns(mnt->mnt_user_ns); kfree(mnt->mnt_devname); kmem_cache_free(mnt_cache, mnt); } diff --git a/include/linux/mount.h b/include/linux/mount.h index dab69af..e438195 100644 --- a/include/linux/mount.h +++ b/include/linux/mount.h @@ -21,6 +21,7 @@ struct super_block; struct vfsmount; struct dentry; struct mnt_namespace; +struct user_namespace; #define MNT_NOSUID 0x01 #define MNT_NODEV 0x02 @@ -53,6 +54,7 @@ struct vfsmount { struct list_head mnt_slave; /* slave list entry */ struct vfsmount *mnt_master; /* slave is on master->mnt_slave_list */ struct mnt_namespace *mnt_ns; /* containing namespace */ + struct user_namespace *mnt_user_ns; /* namespace for uid interpretation */ /* * We put mnt_count & mnt_expiry_mark at the end of struct vfsmount * to let these frequently modified fields in a separate cache line diff --git a/include/linux/sched.h b/include/linux/sched.h index 5a3f630..450fc39 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -83,6 +83,8 @@ #include #include #include #include +#include +#include #include @@ -1586,6 +1588,24 @@ extern int cond_resched_lock(spinlock_t extern int cond_resched_softirq(void); /* + * Check whether a task and a vfsmnt belong to the same uidns. + * Since the initial namespace is exempt from these checks, + * return 1 if so. Also return 1 if the vfsmnt is exempt from + * such checking. Otherwise, if the uid namespaces are different, + * return 0. + */ +static inline int task_mnt_same_uidns(struct task_struct *tsk, + struct vfsmount *mnt) +{ + if (tsk->nsproxy == init_task.nsproxy) + return 1; + if (mnt->mnt_user_ns == tsk->nsproxy->user_ns) + return 1; + return 0; +} + + +/* * Does a critical section need to be broken due to another * task waiting?: */ -- 1.4.1 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/