Add a helper which checks if current user_ns is the same as ve init_cred's. Will be used in next patch.
Signed-off-by: Kirill Tkhai <ktk...@odin.com> --- include/linux/ve.h | 6 ++++++ kernel/ve/ve.c | 16 ++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/include/linux/ve.h b/include/linux/ve.h index 10c150a..86b95c3 100644 --- a/include/linux/ve.h +++ b/include/linux/ve.h @@ -214,6 +214,8 @@ void ve_stop_ns(struct pid_namespace *ns); void ve_exit_ns(struct pid_namespace *ns); int ve_start_container(struct ve_struct *ve); +extern bool current_user_ns_initial(void); + #ifdef CONFIG_TTY extern struct tty_driver *vtty_driver(dev_t dev, int *index); extern struct tty_driver *vtty_console_driver(int *index); @@ -236,6 +238,10 @@ static inline int vz_security_protocol_check(struct net *net, int protocol) { re static inline void ve_stop_ns(struct pid_namespace *ns) { } static inline void ve_exit_ns(struct pid_namespace *ns) { } +static inline bool current_user_ns_initial(void) +{ + return current_user_ns() == init_cred.user_ns; +} #define kthread_create_on_node_ve(ve, threadfn, data, node, namefmt...) \ kthread_create_on_node_ve(threadfn, data, node, namefmt...) diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c index aff3b03..12cfa33 100644 --- a/kernel/ve/ve.c +++ b/kernel/ve/ve.c @@ -238,6 +238,21 @@ int vz_security_protocol_check(struct net *net, int protocol) } EXPORT_SYMBOL_GPL(vz_security_protocol_check); +/* Check if current user_ns is initial for current ve */ +bool current_user_ns_initial(void) +{ + struct ve_struct *ve = get_exec_env(); + bool ret = false; + + rcu_read_lock(); + if (ve->ve_ns && ve->init_cred->user_ns == current_user_ns()) + ret = true; + rcu_read_unlock(); + + return ret; +} +EXPORT_SYMBOL(current_user_ns_initial); + int nr_threads_ve(struct ve_struct *ve) { return cgroup_task_count(ve->css.cgroup); @@ -408,6 +423,7 @@ static void ve_drop_context(struct ve_struct *ve) put_net(ve->ve_netns); ve->ve_netns = NULL; + /* Allows to dereference init_cred if ve_ns is set */ rcu_assign_pointer(ve->ve_ns, NULL); synchronize_rcu(); put_nsproxy(ve_ns); _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel