The commit is pushed to "branch-rh7-3.10.0-229.7.2.vz7.9.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git after rh7-3.10.0-229.7.2.vz7.9.9 ------> commit f45760c66fd26b7593270dfbf8fe7d7ed7db66dd Author: Andrey Ryabinin <aryabi...@virtuozzo.com> Date: Thu Nov 12 13:52:18 2015 +0400
ve: introduce ve_init_user_ns() helper Add new helper ve_init_user_ns() which returns initial namespace for current ve, and use it in do_new_mount() https://jira.sw.ru/browse/PSBM-41075 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> Acked-by: Stanislav Kinsbursky <skinsbur...@virtuozzo.com> --- fs/namespace.c | 8 +------- include/linux/ve.h | 9 +++++++++ kernel/ve/ve.c | 9 +++++++++ 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 8909c13..c051e42 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -2167,7 +2167,6 @@ static int do_new_mount(struct path *path, const char *fstype, int flags, struct file_system_type *type; struct user_namespace *user_ns = current->nsproxy->mnt_ns->user_ns; struct vfsmount *mnt; - struct user_namespace *root_user_ns; int err; if (!fstype) @@ -2177,12 +2176,7 @@ static int do_new_mount(struct path *path, const char *fstype, int flags, if (!type) return -ENODEV; - if (get_exec_env()->init_cred) - root_user_ns = get_exec_env()->init_cred->user_ns; - else - root_user_ns = &init_user_ns; - - if (user_ns != root_user_ns) { + if (user_ns != ve_init_user_ns()) { if (!(type->fs_flags & FS_USERNS_MOUNT)) { put_filesystem(type); return -EPERM; diff --git a/include/linux/ve.h b/include/linux/ve.h index 86b95c3..2554337 100644 --- a/include/linux/ve.h +++ b/include/linux/ve.h @@ -31,6 +31,8 @@ struct file_system_type; struct veip_struct; struct ve_monitor; struct nsproxy; +struct user_namespace; +extern struct user_namespace init_user_ns; struct ve_struct { struct cgroup_subsys_state css; @@ -215,6 +217,7 @@ void ve_exit_ns(struct pid_namespace *ns); int ve_start_container(struct ve_struct *ve); extern bool current_user_ns_initial(void); +struct user_namespace *ve_init_user_ns(void); #ifdef CONFIG_TTY extern struct tty_driver *vtty_driver(dev_t dev, int *index); @@ -242,6 +245,12 @@ static inline bool current_user_ns_initial(void) { return current_user_ns() == init_cred.user_ns; } + +static inline struct user_namespace *ve_init_user_ns(void) +{ + return &init_user_ns; +} + #define kthread_create_on_node_ve(ve, threadfn, data, node, namefmt...) \ kthread_create_on_node_ve(threadfn, data, node, namefmt...) diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c index e9219e6..8f5f905 100644 --- a/kernel/ve/ve.c +++ b/kernel/ve/ve.c @@ -253,6 +253,15 @@ bool current_user_ns_initial(void) } EXPORT_SYMBOL(current_user_ns_initial); +struct user_namespace *ve_init_user_ns(void) +{ + struct cred *init_cred; + + init_cred = get_exec_env()->init_cred; + return init_cred ? init_cred->user_ns : &init_user_ns; +} +EXPORT_SYMBOL(ve_init_user_ns); + int nr_threads_ve(struct ve_struct *ve) { return cgroup_task_count(ve->css.cgroup); _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel