All of lore.kernel.org
 help / color / mirror / Atom feed
From: Pavel Emelyanov <xemul@parallels.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>,
	Daniel Lezcano <dlezcano@fr.ibm.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	"Serge E. Hallyn" <serge@hallyn.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCH 2/2] ns: Add proc_ns_operations for mount namespaces
Date: Fri, 11 May 2012 16:25:57 +0400	[thread overview]
Message-ID: <4FAD0555.4090906@parallels.com> (raw)
In-Reply-To: <4FAD0524.3000307@parallels.com>

Currently LXC by default creates a container in a new mount
namespace. Thus in order to explore it we have to

a) find out, that a new mount namespace is in use
b) enter this other namespace

This patch solves both -- allows us to distinguish one mount
namespace from another by comparing its inode numbers and lets
us enter a mount namespace with the setns system call.

Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
---
 fs/namespace.c          |   45 +++++++++++++++++++++++++++++++++++++++++++++
 fs/proc/namespaces.c    |    1 +
 include/linux/proc_fs.h |    2 ++
 3 files changed, 48 insertions(+), 0 deletions(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index e608199..9467904 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -20,6 +20,7 @@
 #include <linux/fs_struct.h>	/* get_fs_root et.al. */
 #include <linux/fsnotify.h>	/* fsnotify_vfsmount_delete */
 #include <linux/uaccess.h>
+#include <linux/proc_fs.h>
 #include "pnode.h"
 #include "internal.h"
 
@@ -2633,3 +2634,47 @@ bool our_mnt(struct vfsmount *mnt)
 {
 	return check_mnt(real_mount(mnt));
 }
+
+static void *mntns_get(struct task_struct *task)
+{
+	struct mnt_namespace *mn = NULL;
+	struct nsproxy *nsproxy;
+
+	rcu_read_lock();
+	nsproxy = task_nsproxy(task);
+	if (nsproxy) {
+		mn = nsproxy->mnt_ns;
+		get_mnt_ns(mn);
+	}
+	rcu_read_unlock();
+
+	return mn;
+}
+
+static void mntns_put(void *ns)
+{
+	put_mnt_ns(ns);
+}
+
+static int mntns_install(struct nsproxy *nsproxy, void *ns)
+{
+	put_mnt_ns(nsproxy->mnt_ns);
+	get_mnt_ns(ns);
+	nsproxy->mnt_ns = ns;
+	return 0;
+}
+
+static u64 mntns_get_id(void *_ns)
+{
+	struct mnt_namespace *ns = _ns;
+	return ns->root->mnt_id;
+}
+
+const struct proc_ns_operations mntns_operations = {
+	.name		= "mnt",
+	.type		= CLONE_NEWNS,
+	.get		= mntns_get,
+	.put		= mntns_put,
+	.install	= mntns_install,
+	.get_id		= mntns_get_id,
+};
diff --git a/fs/proc/namespaces.c b/fs/proc/namespaces.c
index b6c7560..e0399dd 100644
--- a/fs/proc/namespaces.c
+++ b/fs/proc/namespaces.c
@@ -24,6 +24,7 @@ static const struct proc_ns_operations *ns_entries[] = {
 #ifdef CONFIG_IPC_NS
 	&ipcns_operations,
 #endif
+	&mntns_operations,
 };
 
 static const struct file_operations ns_file_operations = {
diff --git a/include/linux/proc_fs.h b/include/linux/proc_fs.h
index e5ee83a..f6311b4 100644
--- a/include/linux/proc_fs.h
+++ b/include/linux/proc_fs.h
@@ -252,6 +252,8 @@ struct proc_ns_operations {
 extern const struct proc_ns_operations netns_operations;
 extern const struct proc_ns_operations utsns_operations;
 extern const struct proc_ns_operations ipcns_operations;
+extern const struct proc_ns_operations mntns_operations;
+
 
 union proc_op {
 	int (*proc_get_link)(struct dentry *, struct path *);
-- 
1.7.6.5

  reply	other threads:[~2012-05-11 12:26 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-05-11 12:25 [PATCH 1/2] proc: Show ns-based inode numbers for /proc/pid/ns/* files Pavel Emelyanov
2012-05-11 12:25 ` Pavel Emelyanov [this message]
2012-05-11 17:05   ` [PATCH 2/2] ns: Add proc_ns_operations for mount namespaces Eric W. Biederman
2012-05-12 11:42     ` Pavel Emelyanov
     [not found]   ` <87mx5e5tho.fsf_-_@xmission.com>
2012-05-12 11:41     ` [PATCH] vfs: Add setns support for the mount namespace Pavel Emelyanov
2012-05-18 19:44       ` Serge E. Hallyn
2012-05-18 22:47         ` Eric W. Biederman
2012-05-11 17:07 ` [PATCH 1/2] proc: Show ns-based inode numbers for /proc/pid/ns/* files Eric W. Biederman
2012-05-12 11:40   ` Pavel Emelyanov
2012-05-26 15:14     ` Eric W. Biederman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4FAD0555.4090906@parallels.com \
    --to=xemul@parallels.com \
    --cc=akpm@linux-foundation.org \
    --cc=dlezcano@fr.ibm.com \
    --cc=ebiederm@xmission.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=serge@hallyn.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.