linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [RFC PATCH] fs: call_usermodehelper_root helper introduced
@ 2013-05-22  7:29 Stanislav Kinsbursky
  2013-05-22 16:03 ` Oleg Nesterov
  2013-05-22 17:33 ` Eric W. Biederman
  0 siblings, 2 replies; 23+ messages in thread
From: Stanislav Kinsbursky @ 2013-05-22  7:29 UTC (permalink / raw)
  To: viro
  Cc: serge.hallyn, jlayton, lucas.demarchi, rusty, linux-kernel, oleg,
	bfields, ebiederm, bharrosh, linux-fsdevel, akpm, devel

Usermode helper executes all binaries in global "init" root context. This
doesn't allow to call a binary from other root context (for example in a
container).
Currently, both containerized NFS client and NFS server requires an ability to
execute a binary in a container's root context. Root swap can be done in
"init" callback, passed by UMH caller.
But since we have 2 callers already (and more of them are expected to appear
in future) and because set_fs_root() in not exported, it looks reasonable to
add one more generic UMH helper to generic fs code.
Root path reference must be hold by the caller, since it will be put on UMH
thread exit.

Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com>
---
 fs/fs_struct.c            |   28 ++++++++++++++++++++++++++++
 include/linux/fs_struct.h |    4 ++++
 2 files changed, 32 insertions(+), 0 deletions(-)

diff --git a/fs/fs_struct.c b/fs/fs_struct.c
index d8ac61d..cd1de8e 100644
--- a/fs/fs_struct.c
+++ b/fs/fs_struct.c
@@ -4,6 +4,7 @@
 #include <linux/path.h>
 #include <linux/slab.h>
 #include <linux/fs_struct.h>
+#include <linux/kmod.h>
 #include "internal.h"
 
 /*
@@ -157,6 +158,33 @@ int current_umask(void)
 }
 EXPORT_SYMBOL(current_umask);
 
+static int umh_set_fs_root(struct subprocess_info *info, struct cred *new)
+{
+	set_fs_root(current->fs, info->data);
+	return 0;
+}
+
+/*
+ * Call a usermode helper with a specific fs root.
+ *
+ * The caller must hold extra reference to it otherwise, because it will be
+ * put on usermodehelper thread exit.
+ */
+int call_usermodehelper_root(char *path, char **argv, char **envp,
+			     struct path *root, int wait)
+{
+	struct subprocess_info *info;
+	gfp_t gfp_mask = (wait == UMH_NO_WAIT) ? GFP_ATOMIC : GFP_KERNEL;
+
+	info = call_usermodehelper_setup(path, argv, envp, gfp_mask,
+					      umh_set_fs_root, NULL, root);
+	if (info == NULL)
+		return -ENOMEM;
+
+	return call_usermodehelper_exec(info, wait);
+}
+EXPORT_SYMBOL(call_usermodehelper_root);
+
 /* to be mentioned only in INIT_TASK */
 struct fs_struct init_fs = {
 	.users		= 1,
diff --git a/include/linux/fs_struct.h b/include/linux/fs_struct.h
index 2b93a9a..cead51e 100644
--- a/include/linux/fs_struct.h
+++ b/include/linux/fs_struct.h
@@ -52,4 +52,8 @@ static inline void get_fs_root_and_pwd(struct fs_struct *fs, struct path *root,
 
 extern bool current_chrooted(void);
 
+extern int
+call_usermodehelper_root(char *path, char **argv, char **envp,
+			 struct path *root, int wait);
+
 #endif /* _LINUX_FS_STRUCT_H */


^ permalink raw reply related	[flat|nested] 23+ messages in thread

end of thread, other threads:[~2013-11-08 11:58 UTC | newest]

Thread overview: 23+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-05-22  7:29 [RFC PATCH] fs: call_usermodehelper_root helper introduced Stanislav Kinsbursky
2013-05-22 16:03 ` Oleg Nesterov
2013-05-22 17:33 ` Eric W. Biederman
2013-05-22 18:35   ` Eric W. Biederman
2013-05-22 19:23     ` J. Bruce Fields
2013-05-23  3:37       ` Eric W. Biederman
2013-05-23 19:06         ` J. Bruce Fields
2013-05-23  8:11     ` Stanislav Kinsbursky
2013-05-23  8:07   ` Stanislav Kinsbursky
2013-05-23 10:00     ` Eric W. Biederman
2013-05-23 10:35       ` Stanislav Kinsbursky
2013-05-23 11:31         ` Jeff Layton
2013-05-23 11:38           ` Stanislav Kinsbursky
2013-05-23 11:56             ` Jeff Layton
2013-05-23 11:58               ` Stanislav Kinsbursky
2013-05-23 12:25                 ` Boaz Harrosh
2013-05-23 13:05                   ` Jeff Layton
2013-05-23 19:55                     ` J. Bruce Fields
2013-05-23 20:14                       ` J. Bruce Fields
2013-05-23 21:32                         ` Eric W. Biederman
2013-05-24  6:04                           ` Stanislav Kinsbursky
2013-11-08 11:58                           ` Jeff Layton
2013-05-24  5:44                       ` Stanislav Kinsbursky

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).