From: Cedric Le Goater <clg@fr.ibm.com>
To: linux-kernel@vger.kernel.org
Cc: Kirill Korotaev <dev@openvz.org>,
Cedric Le Goater <clg@fr.ibm.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Herbert Poetzl <herbert@13thfloor.at>,
Sukadev Bhattiprolu <sukadev@us.ibm.com>,
Andrew Morton <akpm@osdl.org>
Subject: [patch -mm 5/7] add pid_namespace to nsproxy
Date: Tue, 17 Oct 2006 22:30:09 +0200 [thread overview]
Message-ID: <20061017205316.160133000@localhost.localdomain> (raw)
In-Reply-To: 20061017203004.555659000@localhost.localdomain
[-- Attachment #1: pid-namespace.patch --]
[-- Type: text/plain, Size: 5552 bytes --]
This patch adds the pid namespace framework to the nsproxy object. The
copy of the pid namespace only increases the refcount on the global
pid namespace, init_pid_ns, and unshare is not implemented.
There is no configuration option to activate or deactivate this
feature because this not relevant for the moment.
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Andrew Morton <akpm@osdl.org>
---
include/linux/init_task.h | 2 ++
include/linux/nsproxy.h | 2 ++
include/linux/pid_namespace.h | 20 ++++++++++++++++++--
kernel/nsproxy.c | 26 +++++++++++++++++++-------
kernel/pid.c | 23 +++++++++++++++++++++++
5 files changed, 64 insertions(+), 9 deletions(-)
Index: 2.6.19-rc2-mm1/include/linux/init_task.h
===================================================================
--- 2.6.19-rc2-mm1.orig/include/linux/init_task.h
+++ 2.6.19-rc2-mm1/include/linux/init_task.h
@@ -7,6 +7,7 @@
#include <linux/utsname.h>
#include <linux/lockdep.h>
#include <linux/ipc.h>
+#include <linux/pid_namespace.h>
#define INIT_FDTABLE \
{ \
@@ -70,6 +71,7 @@
extern struct nsproxy init_nsproxy;
#define INIT_NSPROXY(nsproxy) { \
+ .pid_ns = &init_pid_ns, \
.count = ATOMIC_INIT(1), \
.nslock = SPIN_LOCK_UNLOCKED, \
.id = 0, \
Index: 2.6.19-rc2-mm1/include/linux/nsproxy.h
===================================================================
--- 2.6.19-rc2-mm1.orig/include/linux/nsproxy.h
+++ 2.6.19-rc2-mm1/include/linux/nsproxy.h
@@ -7,6 +7,7 @@
struct mnt_namespace;
struct uts_namespace;
struct ipc_namespace;
+struct pid_namespace;
/*
* A structure to contain pointers to all per-process
@@ -27,6 +28,7 @@ struct nsproxy {
struct uts_namespace *uts_ns;
struct ipc_namespace *ipc_ns;
struct mnt_namespace *mnt_ns;
+ struct pid_namespace *pid_ns;
};
extern struct nsproxy init_nsproxy;
Index: 2.6.19-rc2-mm1/include/linux/pid_namespace.h
===================================================================
--- 2.6.19-rc2-mm1.orig/include/linux/pid_namespace.h
+++ 2.6.19-rc2-mm1/include/linux/pid_namespace.h
@@ -5,6 +5,8 @@
#include <linux/mm.h>
#include <linux/threads.h>
#include <linux/pid.h>
+#include <linux/nsproxy.h>
+#include <linux/kref.h>
struct pidmap {
atomic_t nr_free;
@@ -14,10 +16,24 @@ struct pidmap {
#define PIDMAP_ENTRIES ((PID_MAX_LIMIT + 8*PAGE_SIZE - 1)/PAGE_SIZE/8)
struct pid_namespace {
- struct pidmap pidmap[PIDMAP_ENTRIES];
- int last_pid;
+ struct kref kref;
+ struct pidmap pidmap[PIDMAP_ENTRIES];
+ int last_pid;
};
extern struct pid_namespace init_pid_ns;
+static inline void get_pid_ns(struct pid_namespace *ns)
+{
+ kref_get(&ns->kref);
+}
+
+extern int copy_pid_ns(int flags, struct task_struct *tsk);
+extern void free_pid_ns(struct kref *kref);
+
+static inline void put_pid_ns(struct pid_namespace *ns)
+{
+ kref_put(&ns->kref, free_pid_ns);
+}
+
#endif /* _LINUX_PID_NS_H */
Index: 2.6.19-rc2-mm1/kernel/nsproxy.c
===================================================================
--- 2.6.19-rc2-mm1.orig/kernel/nsproxy.c
+++ 2.6.19-rc2-mm1/kernel/nsproxy.c
@@ -19,6 +19,7 @@
#include <linux/init_task.h>
#include <linux/mnt_namespace.h>
#include <linux/utsname.h>
+#include <linux/pid_namespace.h>
struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
@@ -69,6 +70,8 @@ struct nsproxy *dup_namespaces(struct ns
get_uts_ns(ns->uts_ns);
if (ns->ipc_ns)
get_ipc_ns(ns->ipc_ns);
+ if (ns->pid_ns)
+ get_pid_ns(ns->pid_ns);
}
return ns;
@@ -112,10 +115,17 @@ int copy_namespaces(int flags, struct ta
if (err)
goto out_ipc;
+ err = copy_pid_ns(flags, tsk);
+ if (err)
+ goto out_pid;
+
out:
put_nsproxy(old_ns);
return err;
+out_pid:
+ if (new_ns->ipc_ns)
+ put_ipc_ns(new_ns->ipc_ns);
out_ipc:
if (new_ns->uts_ns)
put_uts_ns(new_ns->uts_ns);
@@ -130,11 +140,13 @@ out_ns:
void free_nsproxy(struct nsproxy *ns)
{
- if (ns->mnt_ns)
- put_mnt_ns(ns->mnt_ns);
- if (ns->uts_ns)
- put_uts_ns(ns->uts_ns);
- if (ns->ipc_ns)
- put_ipc_ns(ns->ipc_ns);
- kfree(ns);
+ if (ns->mnt_ns)
+ put_mnt_ns(ns->mnt_ns);
+ if (ns->uts_ns)
+ put_uts_ns(ns->uts_ns);
+ if (ns->ipc_ns)
+ put_ipc_ns(ns->ipc_ns);
+ if (ns->pid_ns)
+ put_pid_ns(ns->pid_ns);
+ kfree(ns);
}
Index: 2.6.19-rc2-mm1/kernel/pid.c
===================================================================
--- 2.6.19-rc2-mm1.orig/kernel/pid.c
+++ 2.6.19-rc2-mm1/kernel/pid.c
@@ -59,6 +59,9 @@ static inline int mk_pid(struct pid_name
* the scheme scales to up to 4 million PIDs, runtime.
*/
struct pid_namespace init_pid_ns = {
+ .kref = {
+ .refcount = ATOMIC_INIT(2),
+ },
.pidmap = {
[ 0 ... PIDMAP_ENTRIES-1] = { ATOMIC_INIT(BITS_PER_PAGE), NULL }
},
@@ -357,6 +360,26 @@ struct pid *find_ge_pid(int nr)
}
EXPORT_SYMBOL_GPL(find_get_pid);
+int copy_pid_ns(int flags, struct task_struct *tsk)
+{
+ struct pid_namespace *old_ns = tsk->nsproxy->pid_ns;
+ int err = 0;
+
+ if (!old_ns)
+ return 0;
+
+ get_pid_ns(old_ns);
+ return err;
+}
+
+void free_pid_ns(struct kref *kref)
+{
+ struct pid_namespace *ns;
+
+ ns = container_of(kref, struct pid_namespace, kref);
+ kfree(ns);
+}
+
/*
* The pid hash table is scaled according to the amount of memory in the
* machine. From a minimum of 16 slots up to 4096 slots at one gigabyte or
--
next prev parent reply other threads:[~2006-10-17 20:53 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-10-17 20:30 [patch -mm 0/7] pid namespace and namespace cleanups Cedric Le Goater
2006-10-17 20:30 ` [patch -mm 1/7] add process_session() helper routine Cedric Le Goater
2006-10-17 20:30 ` [patch -mm 2/7] rename struct namespace to struct mnt_namespace Cedric Le Goater
2006-10-17 21:17 ` Cedric Le Goater
2006-10-17 20:30 ` [patch -mm 3/7] add an identifier to nsproxy Cedric Le Goater
2006-10-17 20:30 ` [patch -mm 4/7] rename struct pspace to struct pid_namespace Cedric Le Goater
2006-10-17 21:19 ` Cedric Le Goater
2006-10-17 20:30 ` Cedric Le Goater [this message]
2006-10-17 20:30 ` [patch -mm 6/7] use current->nsproxy->pid_ns Cedric Le Goater
2006-10-17 20:30 ` [patch -mm 7/7] add child reaper to pid_namespace Cedric Le Goater
2006-10-17 21:21 ` Cedric Le Goater
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20061017205316.160133000@localhost.localdomain \
--to=clg@fr.ibm.com \
--cc=akpm@osdl.org \
--cc=dev@openvz.org \
--cc=ebiederm@xmission.com \
--cc=herbert@13thfloor.at \
--cc=linux-kernel@vger.kernel.org \
--cc=sukadev@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.