The patch titled
namespaces: incorporate fs namespace into nsproxy
has been added to the -mm tree. Its filename is
namespaces-incorporate-fs-namespace-into-nsproxy.patch
See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this
------------------------------------------------------
Subject: namespaces: incorporate fs namespace into nsproxy
From: "Serge E. Hallyn" <serue@xxxxxxxxxx>
This moves the mount namespace into the nsproxy. The mount namespace count
now refers to the number of nsproxies point to it, rather than the number of
tasks. As a result, the unshare_namespace() function in kernel/fork.c no
longer checks whether it is being shared.
Signed-off-by: Serge Hallyn <serue@xxxxxxxxxx>
Cc: Kirill Korotaev <dev@xxxxxxxxxx>
Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Cc: Herbert Poetzl <herbert@xxxxxxxxxxxx>
Cc: Andrey Savochkin <saw@xxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---
fs/namespace.c | 22 ++++++++--------------
fs/proc/base.c | 5 +++--
include/linux/init_task.h | 1 +
include/linux/namespace.h | 6 ++----
include/linux/nsproxy.h | 3 +++
include/linux/sched.h | 4 +---
kernel/exit.c | 4 ----
kernel/fork.c | 17 ++++++-----------
kernel/nsproxy.c | 32 +++++++++++++++++++++++++++++++-
9 files changed, 55 insertions(+), 39 deletions(-)
diff -puN fs/namespace.c~namespaces-incorporate-fs-namespace-into-nsproxy fs/namespace.c
--- 25/fs/namespace.c~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/fs/namespace.c Fri May 19 11:40:02 2006
@@ -133,7 +133,7 @@ struct vfsmount *lookup_mnt(struct vfsmo
static inline int check_mnt(struct vfsmount *mnt)
{
- return mnt->mnt_namespace == current->namespace;
+ return mnt->mnt_namespace == current->nsproxy->namespace;
}
static void touch_namespace(struct namespace *ns)
@@ -830,7 +830,7 @@ static int attach_recursive_mnt(struct v
if (parent_nd) {
detach_mnt(source_mnt, parent_nd);
attach_mnt(source_mnt, nd);
- touch_namespace(current->namespace);
+ touch_namespace(current->nsproxy->namespace);
} else {
mnt_set_mountpoint(dest_mnt, dest_dentry, source_mnt);
commit_tree(source_mnt);
@@ -1441,7 +1441,7 @@ dput_out:
*/
struct namespace *dup_namespace(struct task_struct *tsk, struct fs_struct *fs)
{
- struct namespace *namespace = tsk->namespace;
+ struct namespace *namespace = tsk->nsproxy->namespace;
struct namespace *new_ns;
struct vfsmount *rootmnt = NULL, *pwdmnt = NULL, *altrootmnt = NULL;
struct vfsmount *p, *q;
@@ -1508,7 +1508,7 @@ struct namespace *dup_namespace(struct t
int copy_namespace(int flags, struct task_struct *tsk)
{
- struct namespace *namespace = tsk->namespace;
+ struct namespace *namespace = tsk->nsproxy->namespace;
struct namespace *new_ns;
int err = 0;
@@ -1531,7 +1531,7 @@ int copy_namespace(int flags, struct tas
goto out;
}
- tsk->namespace = new_ns;
+ tsk->nsproxy->namespace = new_ns;
out:
put_namespace(namespace);
@@ -1754,7 +1754,7 @@ asmlinkage long sys_pivot_root(const cha
detach_mnt(user_nd.mnt, &root_parent);
attach_mnt(user_nd.mnt, &old_nd); /* mount old root on put_old */
attach_mnt(new_nd.mnt, &root_parent); /* mount new_root on / */
- touch_namespace(current->namespace);
+ touch_namespace(current->nsproxy->namespace);
spin_unlock(&vfsmount_lock);
chroot_fs_refs(&user_nd, &new_nd);
security_sb_post_pivotroot(&user_nd, &new_nd);
@@ -1780,7 +1780,6 @@ static void __init init_mount_tree(void)
{
struct vfsmount *mnt;
struct namespace *namespace;
- struct task_struct *g, *p;
mnt = do_kern_mount("rootfs", 0, "rootfs", NULL);
if (IS_ERR(mnt))
@@ -1796,13 +1795,8 @@ static void __init init_mount_tree(void)
namespace->root = mnt;
mnt->mnt_namespace = namespace;
- init_task.namespace = namespace;
- read_lock(&tasklist_lock);
- do_each_thread(g, p) {
- get_namespace(namespace);
- p->namespace = namespace;
- } while_each_thread(g, p);
- read_unlock(&tasklist_lock);
+ init_task.nsproxy->namespace = namespace;
+ get_namespace(namespace);
set_fs_pwd(current->fs, namespace->root, namespace->root->mnt_root);
set_fs_root(current->fs, namespace->root, namespace->root->mnt_root);
diff -puN fs/proc/base.c~namespaces-incorporate-fs-namespace-into-nsproxy fs/proc/base.c
--- 25/fs/proc/base.c~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/fs/proc/base.c Fri May 19 11:40:02 2006
@@ -72,6 +72,7 @@
#include <linux/cpuset.h>
#include <linux/audit.h>
#include <linux/poll.h>
+#include <linux/nsproxy.h>
#include "internal.h"
/* NOTE:
@@ -559,7 +560,7 @@ static int mounts_open(struct inode *ino
if (task) {
task_lock(task);
- namespace = task->namespace;
+ namespace = task->nsproxy->namespace;
if (namespace)
get_namespace(namespace);
task_unlock(task);
@@ -630,7 +631,7 @@ static int mountstats_open(struct inode
if (task) {
task_lock(task);
- namespace = task->namespace;
+ namespace = task->nsproxy->namespace;
if (namespace)
get_namespace(namespace);
task_unlock(task);
diff -puN include/linux/init_task.h~namespaces-incorporate-fs-namespace-into-nsproxy include/linux/init_task.h
--- 25/include/linux/init_task.h~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/include/linux/init_task.h Fri May 19 11:40:02 2006
@@ -70,6 +70,7 @@ extern struct nsproxy init_nsproxy;
#define INIT_NSPROXY(nsproxy) { \
.count = ATOMIC_INIT(1), \
.nslock = SPIN_LOCK_UNLOCKED, \
+ .namespace = NULL, \
}
#define INIT_SIGHAND(sighand) { \
diff -puN include/linux/namespace.h~namespaces-incorporate-fs-namespace-into-nsproxy include/linux/namespace.h
--- 25/include/linux/namespace.h~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/include/linux/namespace.h Fri May 19 11:40:02 2006
@@ -4,6 +4,7 @@
#include <linux/mount.h>
#include <linux/sched.h>
+#include <linux/nsproxy.h>
struct namespace {
atomic_t count;
@@ -26,11 +27,8 @@ static inline void put_namespace(struct
static inline void exit_namespace(struct task_struct *p)
{
- struct namespace *namespace = p->namespace;
+ struct namespace *namespace = p->nsproxy->namespace;
if (namespace) {
- task_lock(p);
- p->namespace = NULL;
- task_unlock(p);
put_namespace(namespace);
}
}
diff -puN include/linux/nsproxy.h~namespaces-incorporate-fs-namespace-into-nsproxy include/linux/nsproxy.h
--- 25/include/linux/nsproxy.h~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/include/linux/nsproxy.h Fri May 19 11:40:02 2006
@@ -4,6 +4,8 @@
#include <linux/spinlock.h>
#include <linux/sched.h>
+struct namespace;
+
/*
* A structure to contain pointers to all per-process
* namespaces - fs (mount), uts, network, sysvipc, etc.
@@ -19,6 +21,7 @@
struct nsproxy {
atomic_t count;
spinlock_t nslock;
+ struct namespace *namespace;
};
extern struct nsproxy init_nsproxy;
diff -puN include/linux/sched.h~namespaces-incorporate-fs-namespace-into-nsproxy include/linux/sched.h
--- 25/include/linux/sched.h~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/include/linux/sched.h Fri May 19 11:40:02 2006
@@ -238,7 +238,6 @@ extern signed long schedule_timeout_inte
extern signed long schedule_timeout_uninterruptible(signed long timeout);
asmlinkage void schedule(void);
-struct namespace;
struct nsproxy;
/* Maximum number of active map areas.. This is a random (large) number */
@@ -874,8 +873,7 @@ struct task_struct {
struct fs_struct *fs;
/* open file information */
struct files_struct *files;
-/* namespace */
- struct namespace *namespace;
+/* namespaces */
struct nsproxy *nsproxy;
/* signal handlers */
struct signal_struct *signal;
diff -puN kernel/exit.c~namespaces-incorporate-fs-namespace-into-nsproxy kernel/exit.c
--- 25/kernel/exit.c~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/kernel/exit.c Fri May 19 11:40:02 2006
@@ -411,11 +411,8 @@ void daemonize(const char *name, ...)
current->fs = fs;
atomic_inc(&fs->count);
- exit_namespace(current);
exit_task_namespaces(current);
- current->namespace = init_task.namespace;
current->nsproxy = init_task.nsproxy;
- get_namespace(current->namespace);
get_task_namespaces(current);
exit_files(current);
@@ -927,7 +924,6 @@ fastcall NORET_TYPE void do_exit(long co
exit_sem(tsk);
__exit_files(tsk);
__exit_fs(tsk);
- exit_namespace(tsk);
exit_task_namespaces(tsk);
exit_thread();
cpuset_exit(tsk);
diff -puN kernel/fork.c~namespaces-incorporate-fs-namespace-into-nsproxy kernel/fork.c
--- 25/kernel/fork.c~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/kernel/fork.c Fri May 19 11:40:02 2006
@@ -1081,11 +1081,9 @@ static task_t *copy_process(unsigned lon
goto bad_fork_cleanup_mm;
if ((retval = copy_namespaces(clone_flags, p)))
goto bad_fork_cleanup_keys;
- if ((retval = copy_namespace(clone_flags, p)))
- goto bad_fork_cleanup_namespaces;
retval = copy_thread(0, clone_flags, stack_start, stack_size, p, regs);
if (retval)
- goto bad_fork_cleanup_namespace;
+ goto bad_fork_cleanup_namespaces;
p->set_child_tid = (clone_flags & CLONE_CHILD_SETTID) ? child_tidptr : NULL;
/*
@@ -1175,7 +1173,7 @@ static task_t *copy_process(unsigned lon
spin_unlock(¤t->sighand->siglock);
write_unlock_irq(&tasklist_lock);
retval = -ERESTARTNOINTR;
- goto bad_fork_cleanup_namespace;
+ goto bad_fork_cleanup_namespaces;
}
if (clone_flags & CLONE_THREAD) {
@@ -1228,8 +1226,6 @@ static task_t *copy_process(unsigned lon
proc_fork_connector(p);
return p;
-bad_fork_cleanup_namespace:
- exit_namespace(p);
bad_fork_cleanup_namespaces:
exit_task_namespaces(p);
bad_fork_cleanup_keys:
@@ -1481,10 +1477,9 @@ static int unshare_fs(unsigned long unsh
*/
static int unshare_namespace(unsigned long unshare_flags, struct namespace **new_nsp, struct fs_struct *new_fs)
{
- struct namespace *ns = current->namespace;
+ struct namespace *ns = current->nsproxy->namespace;
- if ((unshare_flags & CLONE_NEWNS) &&
- (ns && atomic_read(&ns->count) > 1)) {
+ if ((unshare_flags & CLONE_NEWNS) && ns) {
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
@@ -1617,8 +1612,8 @@ asmlinkage long sys_unshare(unsigned lon
}
if (new_ns) {
- ns = current->namespace;
- current->namespace = new_ns;
+ ns = current->nsproxy->namespace;
+ current->nsproxy->namespace = new_ns;
new_ns = ns;
}
diff -puN kernel/nsproxy.c~namespaces-incorporate-fs-namespace-into-nsproxy kernel/nsproxy.c
--- 25/kernel/nsproxy.c~namespaces-incorporate-fs-namespace-into-nsproxy Fri May 19 11:40:02 2006
+++ 25-akpm/kernel/nsproxy.c Fri May 19 11:40:02 2006
@@ -13,6 +13,7 @@
#include <linux/module.h>
#include <linux/version.h>
#include <linux/nsproxy.h>
+#include <linux/namespace.h>
static inline void get_nsproxy(struct nsproxy *ns)
{
@@ -53,6 +54,11 @@ struct nsproxy *dup_namespaces(struct ns
{
struct nsproxy *ns = clone_namespaces(orig);
+ if (ns) {
+ if (ns->namespace)
+ get_namespace(ns->namespace);
+ }
+
return ns;
}
@@ -63,16 +69,40 @@ struct nsproxy *dup_namespaces(struct ns
int copy_namespaces(int flags, struct task_struct *tsk)
{
struct nsproxy *old_ns = tsk->nsproxy;
+ struct nsproxy *new_ns;
+ int err = 0;
if (!old_ns)
return 0;
get_nsproxy(old_ns);
- return 0;
+ if (!(flags & CLONE_NEWNS))
+ return 0;
+
+ new_ns = clone_namespaces(old_ns);
+ if (!new_ns) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ tsk->nsproxy = new_ns;
+
+ err = copy_namespace(flags, tsk);
+ if (err) {
+ tsk->nsproxy = old_ns;
+ put_nsproxy(new_ns);
+ goto out;
+ }
+
+out:
+ put_nsproxy(old_ns);
+ return err;
}
void free_nsproxy(struct nsproxy *ns)
{
+ if (ns->namespace)
+ put_namespace(ns->namespace);
kfree(ns);
}
_
Patches currently in -mm which might be from serue@xxxxxxxxxx are
origin.patch
namespaces-add-nsproxy.patch
namespaces-incorporate-fs-namespace-into-nsproxy.patch
namespaces-utsname-introduce-temporary-helpers.patch
namespaces-utsname-switch-to-using-uts-namespaces.patch
namespaces-utsname-use-init_utsname-when-appropriate.patch
namespaces-utsname-implement-utsname-namespaces.patch
namespaces-utsname-sysctl-hack.patch
namespaces-utsname-remove-system_utsname.patch
namespaces-utsname-implement-clone_newuts-flag.patch
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
