Hey Linus,
/* Summary */
This contains work to make it possible to derive namespace file descriptors
from pidfd file descriptors.
Right now it is already possible to use a pidfd with setns() to atomically
change multiple namespaces at the same time. In other words, it is possible to
switch to the namespace context of a process using a pidfd. There is no need to
first open namespace file descriptors via procfs.
The work included here is an extension of these abilities by allowing to open
namespace file descriptors using a pidfd. This means it is now possible to
interact with namespaces without ever touching procfs.
To this end a new set of ioctls() on pidfds is introduced covering all
supported namespace types.
/* Testing */
clang: Debian clang version 16.0.6 (26)
gcc: (Debian 13.2.0-24)
All patches are based on v6.10-rc1 and have been sitting in linux-next.
No build failures or warnings were observed.
/* Conflicts */
[1]: This contains a merge conflict with the vfs-6.11.misc pull request
https://lore.kernel.org/r/20240712-vfs-misc-c1dbbc5eaf82@brauner
After conflict resolution the merge diff looks like this:
diff --cc fs/internal.h
index f26454c60a98,24346cf765dd..a5e9a2f5b30d
--- a/fs/internal.h
+++ b/fs/internal.h
@@@ -323,15 -322,4 +324,16 @@@ struct stashed_operations
int path_from_stashed(struct dentry **stashed, struct vfsmount *mnt, void *data,
struct path *path);
void stashed_dentry_prune(struct dentry *dentry);
+/**
+ * path_mounted - check whether path is mounted
+ * @path: path to check
+ *
+ * Determine whether @path refers to the root of a mount.
+ *
+ * Return: true if @path is the root of a mount, false if not.
+ */
+static inline bool path_mounted(const struct path *path)
+{
+ return path->mnt->mnt_root == path->dentry;
+}
+ int open_namespace(struct ns_common *ns);
The following changes since commit 1613e604df0cd359cf2a7fbd9be7a0bcfacfabd0:
Linux 6.10-rc1 (2024-05-26 15:20:12 -0700)
are available in the Git repository at:
git@xxxxxxxxxxxxxxxxxxx:pub/scm/linux/kernel/git/vfs/vfs tags/vfs-6.11.pidfs
for you to fetch changes up to 5b08bd408534bfb3a7cf5778da5b27d4e4fffe12:
pidfs: allow retrieval of namespace file descriptors (2024-06-28 10:37:29 +0200)
Please consider pulling these changes from the signed vfs-6.11.pidfs tag.
Thanks!
Christian
----------------------------------------------------------------
vfs-6.11.pidfs
----------------------------------------------------------------
Christian Brauner (6):
path: add cleanup helper
file: add take_fd() cleanup helper
nsproxy: add a cleanup helper for nsproxy
nsproxy: add helper to go from arbitrary namespace to ns_common
nsfs: add open_namespace()
pidfs: allow retrieval of namespace file descriptors
fs/internal.h | 2 ++
fs/nsfs.c | 55 +++++++++++++++-------------
fs/pidfs.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++
include/linux/cleanup.h | 13 ++++---
include/linux/file.h | 20 +++++++++++
include/linux/nsproxy.h | 13 +++++++
include/linux/path.h | 9 +++++
include/uapi/linux/pidfd.h | 14 ++++++++
8 files changed, 187 insertions(+), 29 deletions(-)
