From: Stanislav Kinsbursky <skinsbursky@parallels.com>
To: viro@zeniv.linux.org.uk
Cc: serge.hallyn@canonical.com, jlayton@redhat.com,
lucas.demarchi@profusion.mobi, rusty@rustcorp.com.au,
linux-kernel@vger.kernel.org, oleg@redhat.com,
bfields@fieldses.org, ebiederm@xmission.com,
bharrosh@panasas.com, linux-fsdevel@vger.kernel.org,
akpm@linux-foundation.org, devel@openvz.org
Subject: [RFC PATCH] fs: call_usermodehelper_root helper introduced
Date: Wed, 22 May 2013 11:29:18 +0400 [thread overview]
Message-ID: <20130522072840.27720.85023.stgit@localhost.localdomain> (raw)
Usermode helper executes all binaries in global "init" root context. This
doesn't allow to call a binary from other root context (for example in a
container).
Currently, both containerized NFS client and NFS server requires an ability to
execute a binary in a container's root context. Root swap can be done in
"init" callback, passed by UMH caller.
But since we have 2 callers already (and more of them are expected to appear
in future) and because set_fs_root() in not exported, it looks reasonable to
add one more generic UMH helper to generic fs code.
Root path reference must be hold by the caller, since it will be put on UMH
thread exit.
Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com>
---
fs/fs_struct.c | 28 ++++++++++++++++++++++++++++
include/linux/fs_struct.h | 4 ++++
2 files changed, 32 insertions(+), 0 deletions(-)
diff --git a/fs/fs_struct.c b/fs/fs_struct.c
index d8ac61d..cd1de8e 100644
--- a/fs/fs_struct.c
+++ b/fs/fs_struct.c
@@ -4,6 +4,7 @@
#include <linux/path.h>
#include <linux/slab.h>
#include <linux/fs_struct.h>
+#include <linux/kmod.h>
#include "internal.h"
/*
@@ -157,6 +158,33 @@ int current_umask(void)
}
EXPORT_SYMBOL(current_umask);
+static int umh_set_fs_root(struct subprocess_info *info, struct cred *new)
+{
+ set_fs_root(current->fs, info->data);
+ return 0;
+}
+
+/*
+ * Call a usermode helper with a specific fs root.
+ *
+ * The caller must hold extra reference to it otherwise, because it will be
+ * put on usermodehelper thread exit.
+ */
+int call_usermodehelper_root(char *path, char **argv, char **envp,
+ struct path *root, int wait)
+{
+ struct subprocess_info *info;
+ gfp_t gfp_mask = (wait == UMH_NO_WAIT) ? GFP_ATOMIC : GFP_KERNEL;
+
+ info = call_usermodehelper_setup(path, argv, envp, gfp_mask,
+ umh_set_fs_root, NULL, root);
+ if (info == NULL)
+ return -ENOMEM;
+
+ return call_usermodehelper_exec(info, wait);
+}
+EXPORT_SYMBOL(call_usermodehelper_root);
+
/* to be mentioned only in INIT_TASK */
struct fs_struct init_fs = {
.users = 1,
diff --git a/include/linux/fs_struct.h b/include/linux/fs_struct.h
index 2b93a9a..cead51e 100644
--- a/include/linux/fs_struct.h
+++ b/include/linux/fs_struct.h
@@ -52,4 +52,8 @@ static inline void get_fs_root_and_pwd(struct fs_struct *fs, struct path *root,
extern bool current_chrooted(void);
+extern int
+call_usermodehelper_root(char *path, char **argv, char **envp,
+ struct path *root, int wait);
+
#endif /* _LINUX_FS_STRUCT_H */
next reply other threads:[~2013-05-22 7:30 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-22 7:29 Stanislav Kinsbursky [this message]
2013-05-22 16:03 ` [RFC PATCH] fs: call_usermodehelper_root helper introduced Oleg Nesterov
2013-05-22 17:33 ` Eric W. Biederman
2013-05-22 18:35 ` Eric W. Biederman
2013-05-22 19:23 ` J. Bruce Fields
2013-05-23 3:37 ` Eric W. Biederman
2013-05-23 19:06 ` J. Bruce Fields
2013-05-23 8:11 ` Stanislav Kinsbursky
2013-05-23 8:07 ` Stanislav Kinsbursky
2013-05-23 10:00 ` Eric W. Biederman
2013-05-23 10:35 ` Stanislav Kinsbursky
2013-05-23 11:31 ` Jeff Layton
2013-05-23 11:38 ` Stanislav Kinsbursky
2013-05-23 11:56 ` Jeff Layton
2013-05-23 11:58 ` Stanislav Kinsbursky
2013-05-23 12:25 ` Boaz Harrosh
2013-05-23 13:05 ` Jeff Layton
2013-05-23 19:55 ` J. Bruce Fields
2013-05-23 20:14 ` J. Bruce Fields
2013-05-23 21:32 ` Eric W. Biederman
2013-05-24 6:04 ` Stanislav Kinsbursky
2013-11-08 11:58 ` Jeff Layton
2013-05-24 5:44 ` Stanislav Kinsbursky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130522072840.27720.85023.stgit@localhost.localdomain \
--to=skinsbursky@parallels.com \
--cc=akpm@linux-foundation.org \
--cc=bfields@fieldses.org \
--cc=bharrosh@panasas.com \
--cc=devel@openvz.org \
--cc=ebiederm@xmission.com \
--cc=jlayton@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lucas.demarchi@profusion.mobi \
--cc=oleg@redhat.com \
--cc=rusty@rustcorp.com.au \
--cc=serge.hallyn@canonical.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).