Intead of hardcoded "init" namespaces.
Signed-off-by: Stanislav Kinsburskiy <skinsbur...@virtuozzo.com>
---
drivers/connector/cn_proc.c | 69 ++++++++++++++++++++++++++-----------------
1 file changed, 42 insertions(+), 27 deletions(-)
diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c
index b66fde8..df6553d 100644
--- a/drivers/connector/cn_proc.c
+++ b/drivers/connector/cn_proc.c
@@ -122,14 +122,15 @@ static bool fill_fork_event(struct proc_event *ev, struct
ve_struct *ve,
struct task_struct *task, int unused)
{
struct task_struct *parent;
+ struct pid_namespace *pid_ns = ve->ve_ns->pid_ns;
rcu_read_lock();
parent = rcu_dereference(task->real_parent);
- ev->event_data.fork.parent_pid = task_pid_nr_ns(parent, &init_pid_ns);
- ev->event_data.fork.parent_tgid = task_tgid_nr_ns(parent, &init_pid_ns);
+ ev->event_data.fork.parent_pid = task_pid_nr_ns(parent, pid_ns);
+ ev->event_data.fork.parent_tgid = task_tgid_nr_ns(parent, pid_ns);
rcu_read_unlock();
- ev->event_data.fork.child_pid = task_pid_nr_ns(task, &init_pid_ns);
- ev->event_data.fork.child_tgid = task_tgid_nr_ns(task, &init_pid_ns);
+ ev->event_data.fork.child_pid = task_pid_nr_ns(task, pid_ns);
+ ev->event_data.fork.child_tgid = task_tgid_nr_ns(task, pid_ns);
return true;
}
@@ -141,8 +142,10 @@ void proc_fork_connector(struct task_struct *task)
static bool fill_exec_event(struct proc_event *ev, struct ve_struct *ve,
struct task_struct *task, int unused)
{
- ev->event_data.exec.process_pid = task_pid_nr_ns(task, &init_pid_ns);
- ev->event_data.exec.process_tgid = task_tgid_nr_ns(task, &init_pid_ns);
+ struct pid_namespace *pid_ns = ve->ve_ns->pid_ns;
+
+ ev->event_data.exec.process_pid = task_pid_nr_ns(task, pid_ns);
+ ev->event_data.exec.process_tgid = task_tgid_nr_ns(task, pid_ns);
return true;
}
@@ -155,17 +158,19 @@ static bool fill_id_event(struct proc_event *ev, struct
ve_struct *ve,
struct task_struct *task, int which_id)
{
const struct cred *cred;
+ struct pid_namespace *pid_ns = ve->ve_ns->pid_ns;
+ struct user_namespace *user_ns = ve->init_cred->user_ns;
- ev->event_data.id.process_pid = task_pid_nr_ns(task, &init_pid_ns);
- ev->event_data.id.process_tgid = task_tgid_nr_ns(task, &init_pid_ns);
+ ev->event_data.id.process_pid = task_pid_nr_ns(task, pid_ns);
+ ev->event_data.id.process_tgid = task_tgid_nr_ns(task, pid_ns);
rcu_read_lock();
cred = __task_cred(task);
if (which_id == PROC_EVENT_UID) {
- ev->event_data.id.r.ruid = from_kuid_munged(&init_user_ns,
cred->uid);
- ev->event_data.id.e.euid = from_kuid_munged(&init_user_ns,
cred->euid);
+ ev->event_data.id.r.ruid = from_kuid_munged(user_ns, cred->uid);
+ ev->event_data.id.e.euid = from_kuid_munged(user_ns,
cred->euid);
} else if (which_id == PROC_EVENT_GID) {
- ev->event_data.id.r.rgid = from_kgid_munged(&init_user_ns,
cred->gid);
- ev->event_data.id.e.egid = from_kgid_munged(&init_user_ns,
cred->egid);
+ ev->event_data.id.r.rgid = from_kgid_munged(user_ns, cred->gid);
+ ev->event_data.id.e.egid = from_kgid_munged(user_ns,
cred->egid);
} else {
rcu_read_unlock();
return false;
@@ -182,8 +187,10 @@ void proc_id_connector(struct task_struct *task, int
which_id)
static bool fill_sid_event(struct proc_event *ev, struct ve_struct *ve,
struct task_struct *task, int unused)
{
- ev->event_data.sid.process_pid = task_pid_nr_ns(task, &init_pid_ns);
- ev->event_data.sid.process_tgid = task_tgid_nr_ns(task, &init_pid_ns);
+ struct pid_namespace *pid_ns = ve->ve_ns->pid_ns;
+
+ ev->event_data.sid.process_pid = task_pid_nr_ns(task, pid_ns);
+ ev->event_data.sid.process_tgid = task_tgid_nr_ns(task, pid_ns);
return true;
}
@@ -195,11 +202,13 @@ void proc_sid_connector(struct task_struct *task)
static bool fill_ptrace_event(struct proc_event *ev, struct ve_struct *ve,
struct task_struct *task, int ptrace_id)
{
- ev->event_data.ptrace.process_pid = task_pid_nr_ns(task, &init_pid_ns);
- ev->event_data.ptrace.process_tgid = task_tgid_nr_ns(task,
&init_pid_ns);
+ struct pid_namespace *pid_ns = ve->ve_ns->pid_ns;
+
+ ev->event_data.ptrace.process_pid = task_pid_nr_ns(task, pid_ns);
+ ev->event_data.ptrace.process_tgid = task_tgid_nr_ns(task, pid_ns);
if (ptrace_id == PTRACE_ATTACH) {
- ev->event_data.ptrace.tracer_pid = task_pid_nr_ns(current,
&init_pid_ns);
- ev->event_data.ptrace.tracer_tgid = task_tgid_nr_ns(current,
&init_pid_ns);
+ ev->event_data.ptrace.tracer_pid = task_pid_nr_ns(current,
pid_ns);
+ ev->event_data.ptrace.tracer_tgid = task_tgid_nr_ns(current,
pid_ns);
} else if (ptrace_id == PTRACE_DETACH) {
ev->event_data.ptrace.tracer_pid = 0;
ev->event_data.ptrace.tracer_tgid = 0;
@@ -217,8 +226,10 @@ void proc_ptrace_connector(struct task_struct *task, int
ptrace_id)
static bool fill_comm_event(struct proc_event *ev, struct ve_struct *ve,
struct task_struct *task, int unused)
{
- ev->event_data.comm.process_pid = task_pid_nr_ns(task, &init_pid_ns);
- ev->event_data.comm.process_tgid = task_tgid_nr_ns(task, &init_pid_ns);
+ struct pid_namespace *pid_ns = ve->ve_ns->pid_ns;
+
+ ev->event_data.comm.process_pid = task_pid_nr_ns(task, pid_ns);
+ ev->event_data.comm.process_tgid = task_tgid_nr_ns(task, pid_ns);
get_task_comm(ev->event_data.comm.comm, task);
return true;
}
@@ -231,8 +242,10 @@ void proc_comm_connector(struct task_struct *task)
static bool fill_coredump_event(struct proc_event *ev, struct ve_struct *ve,
struct task_struct *task, int unused)
{
- ev->event_data.coredump.process_pid = task_pid_nr_ns(task,
&init_pid_ns);
- ev->event_data.coredump.process_tgid = task_tgid_nr_ns(task,
&init_pid_ns);
+ struct pid_namespace *pid_ns = ve->ve_ns->pid_ns;
+
+ ev->event_data.coredump.process_pid = task_pid_nr_ns(task, pid_ns);
+ ev->event_data.coredump.process_tgid = task_tgid_nr_ns(task, pid_ns);
return true;
}
@@ -244,8 +257,10 @@ void proc_coredump_connector(struct task_struct *task)
static bool fill_exit_event(struct proc_event *ev, struct ve_struct *ve,
struct task_struct *task, int unused)
{
- ev->event_data.exit.process_pid = task_pid_nr_ns(task, &init_pid_ns);
- ev->event_data.exit.process_tgid = task_tgid_nr_ns(task, &init_pid_ns);
+ struct pid_namespace *pid_ns = ve->ve_ns->pid_ns;
+
+ ev->event_data.exit.process_pid = task_pid_nr_ns(task, pid_ns);
+ ev->event_data.exit.process_tgid = task_tgid_nr_ns(task, pid_ns);
ev->event_data.exit.exit_code = task->exit_code;
ev->event_data.exit.exit_signal = task->exit_signal;
return true;
@@ -309,12 +324,12 @@ static void cn_proc_mcast_ctl(struct cn_msg *msg,
* and user namespaces so ignore requestors from
* other namespaces.
*/
- if ((current_user_ns() != &init_user_ns) ||
- (task_active_pid_ns(current) != &init_pid_ns))
+ if (!current_user_ns_initial() ||
+ (task_active_pid_ns(current) != ve->ve_ns->pid_ns))
return;
/* Can only change if privileged. */
- if (!__netlink_ns_capable(nsp, &init_user_ns, CAP_NET_ADMIN)) {
+ if (!__netlink_ns_capable(nsp, ve_init_user_ns(), CAP_NET_ADMIN)) {
err = EPERM;
goto out;
}
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
