From: Cedric Le Goater <clg@fr.ibm.com>
To: linux-kernel@vger.kernel.org
Cc: Andrew Morton <akpm@osdl.org>, Cedric Le Goater <clg@fr.ibm.com>,
Kirill Korotaev <dev@openvz.org>, Andrey Savochkin <saw@sw.ru>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Herbert Poetzl <herbert@13thfloor.at>,
Sam Vilain <sam.vilain@catalyst.net.nz>,
"Serge E. Hallyn" <serue@us.ibm.com>,
Dave Hansen <haveblue@us.ibm.com>
Subject: [PATCH -mm 1/7] add execns syscall core routine
Date: Tue, 11 Jul 2006 09:50:52 +0200 [thread overview]
Message-ID: <20060711075400.915074000@localhost.localdomain> (raw)
In-Reply-To: 20060711075051.382004000@localhost.localdomain
[-- Attachment #1: execns-syscall-core.patch --]
[-- Type: text/plain, Size: 6623 bytes --]
This patch adds the execns syscall core routine.
This new syscall is very similar to execve(). It takes an extra
CLONE_* flag argument which defines which namespaces are unshared
during the execve() call.
The purpose of such a syscall is to make sure that a process unsharing
a namespace is free from any reference in the previous namespace. the
execve() semantic seems to be the best candidate as it already flushes
the previous process context.
The purpose of flush_all_old_files() is to close *all* files even the
files without the close-on-exec flag. To be done.
sample user program :
#include <stdio.h>
#include <stdlib.h>
#include <sched.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <linux/unistd.h>
#ifndef __NR_execns
#if __i386__
# define __NR_execns 318
#elif __x86_64__
# define __NR_execns 280
#elif __s390x__
# define __NR_execns 310
#else
# error "Architecture not supported"
#endif
#endif
static inline _syscall4(int,execns,int,flags,const char *,file,char **,argv,char **,envp)
#ifndef CLONE_NEWIPC
#define CLONE_NEWIPC 0x08000000
#endif
#ifndef CLONE_NEWUSER
#define CLONE_NEWUSER 0x10000000
#endif
static void usage(const char *name)
{
printf("usage: %s [-iu] <command>\n", name);
printf("\t-i : unshare ipc namespace.\n");
printf("\t-u : unshare user namespace.\n");
printf("\n");
printf("(C) Copyright IBM Corp, 2006\n");
printf("\n");
exit(1);
}
int main(int argc, char* argv[])
{
int flags = 0;
int c;
while ((c = getopt(argc, argv, "+iuh")) != EOF) {
switch (c) {
case 'i': flags |= CLONE_NEWIPC; break;
case 'u': flags |= CLONE_NEWUSER; break;
case 'h':
default:
usage(argv[0]);
}
};
argv = &argv[optind];
argc = argc - optind;
execns(flags, argv[0], argv, __environ);
fprintf(stderr, "execns(%s) : %s\n", argv[0], strerror(errno));
return 1;
}
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Andrey Savochkin <saw@sw.ru>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Sam Vilain <sam.vilain@catalyst.net.nz>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
---
fs/exec.c | 82 +++++++++++++++++++++++++++++++++++++++++++++++
include/linux/sched.h | 1
include/linux/syscalls.h | 3 +
kernel/sys_ni.c | 2 +
4 files changed, 88 insertions(+)
Index: 2.6.18-rc1-mm1/fs/exec.c
===================================================================
--- 2.6.18-rc1-mm1.orig/fs/exec.c
+++ 2.6.18-rc1-mm1/fs/exec.c
@@ -49,6 +49,7 @@
#include <linux/acct.h>
#include <linux/audit.h>
#include <linux/notifier.h>
+#include <linux/user.h>
#include <asm/uaccess.h>
#include <asm/mmu_context.h>
@@ -805,6 +806,11 @@ static void flush_old_files(struct files
spin_unlock(&files->file_lock);
}
+static void flush_all_old_files(struct files_struct * files)
+{
+ /* flush it all even close_on_exec == 0 */
+}
+
void get_task_comm(char *buf, struct task_struct *tsk)
{
/* buf must be at least sizeof(tsk->comm) in size */
@@ -1235,6 +1241,82 @@ out_ret:
return retval;
}
+/*
+ * sys_execns() executes a new program and unshares selected
+ * namespaces.
+ */
+int do_execns(int unshare_flags, char * filename,
+ char __user *__user *argv,
+ char __user *__user *envp,
+ struct pt_regs * regs)
+{
+ int err = 0;
+ struct nsproxy *new_nsproxy = NULL, *old_nsproxy = NULL;
+ struct uts_namespace *uts, *new_uts = NULL;
+ struct ipc_namespace *ipc, *new_ipc = NULL;
+
+ err = unshare_utsname(unshare_flags, &new_uts);
+ if (err)
+ goto bad_execns_out;
+ err = unshare_ipcs(unshare_flags, &new_ipc);
+ if (err)
+ goto bad_execns_cleanup_uts;
+
+ if (new_uts || new_ipc) {
+ old_nsproxy = current->nsproxy;
+ new_nsproxy = dup_namespaces(old_nsproxy);
+ if (!new_nsproxy) {
+ err = -ENOMEM;
+ goto bad_execns_cleanup_ipc;
+ }
+ }
+
+ err = do_execve(filename, argv, envp, regs);
+ if (err)
+ goto bad_execns_cleanup_ipc;
+
+ /* make sure all files are flushed */
+ flush_all_old_files(current->files);
+
+ if (new_uts || new_ipc) {
+
+ task_lock(current);
+
+ if (new_nsproxy) {
+ current->nsproxy = new_nsproxy;
+ new_nsproxy = old_nsproxy;
+ }
+
+ if (new_uts) {
+ uts = current->nsproxy->uts_ns;
+ current->nsproxy->uts_ns = new_uts;
+ new_uts = uts;
+ }
+
+ if (new_ipc) {
+ ipc = current->nsproxy->ipc_ns;
+ current->nsproxy->ipc_ns = new_ipc;
+ new_ipc = ipc;
+ }
+
+ task_unlock(current);
+ }
+
+ if (new_nsproxy)
+ put_nsproxy(new_nsproxy);
+
+bad_execns_cleanup_ipc:
+ if (new_ipc)
+ put_ipc_ns(new_ipc);
+
+bad_execns_cleanup_uts:
+ if (new_uts)
+ put_uts_ns(new_uts);
+
+bad_execns_out:
+ return err;
+}
+
int set_binfmt(struct linux_binfmt *new)
{
struct linux_binfmt *old = current->binfmt;
Index: 2.6.18-rc1-mm1/include/linux/sched.h
===================================================================
--- 2.6.18-rc1-mm1.orig/include/linux/sched.h
+++ 2.6.18-rc1-mm1/include/linux/sched.h
@@ -1335,6 +1335,7 @@ extern int disallow_signal(int);
extern struct task_struct *child_reaper;
extern int do_execve(char *, char __user * __user *, char __user * __user *, struct pt_regs *);
+extern int do_execns(int, char *, char __user * __user *, char __user * __user *, struct pt_regs *);
extern long do_fork(unsigned long, unsigned long, struct pt_regs *, unsigned long, int __user *, int __user *);
struct task_struct *fork_idle(int);
Index: 2.6.18-rc1-mm1/include/linux/syscalls.h
===================================================================
--- 2.6.18-rc1-mm1.orig/include/linux/syscalls.h
+++ 2.6.18-rc1-mm1/include/linux/syscalls.h
@@ -64,6 +64,7 @@ struct robust_list_head;
#include <asm/signal.h>
#include <linux/quota.h>
#include <linux/key.h>
+#include <asm/ptrace.h>
asmlinkage long sys_time(time_t __user *tloc);
asmlinkage long sys_stime(time_t __user *tptr);
@@ -597,4 +598,6 @@ asmlinkage long sys_get_robust_list(int
asmlinkage long sys_set_robust_list(struct robust_list_head __user *head,
size_t len);
+asmlinkage long sys_execns(int flags, char *name, char **argv, char **envp,
+ struct pt_regs regs);
#endif
Index: 2.6.18-rc1-mm1/kernel/sys_ni.c
===================================================================
--- 2.6.18-rc1-mm1.orig/kernel/sys_ni.c
+++ 2.6.18-rc1-mm1/kernel/sys_ni.c
@@ -134,3 +134,5 @@ cond_syscall(sys_madvise);
cond_syscall(sys_mremap);
cond_syscall(sys_remap_file_pages);
cond_syscall(compat_sys_move_pages);
+
+cond_syscall(sys_execns);
--
next prev parent reply other threads:[~2006-07-11 7:54 UTC|newest]
Thread overview: 104+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-11 7:50 [PATCH -mm 0/7] execns syscall and user namespace Cedric Le Goater
2006-07-11 7:50 ` Cedric Le Goater [this message]
2006-07-11 7:50 ` [PATCH -mm 2/7] add execns syscall to s390 Cedric Le Goater
2006-07-11 13:44 ` Martin Schwidefsky
2006-07-11 13:44 ` Martin Schwidefsky
2006-07-11 14:44 ` Cedric Le Goater
2006-07-11 14:54 ` Martin Schwidefsky
2006-07-11 15:43 ` Cedric Le Goater
2006-07-11 7:50 ` [PATCH -mm 3/7] add execns syscall to x86_64 Cedric Le Goater
2006-07-11 7:50 ` [PATCH -mm 4/7] add execns syscall to i386 Cedric Le Goater
2006-07-11 7:50 ` [PATCH -mm 5/7] add user namespace Cedric Le Goater
2006-07-11 16:39 ` Kirill Korotaev
2006-07-11 17:38 ` Cedric Le Goater
2006-07-12 11:21 ` Kirill Korotaev
2006-07-13 16:01 ` Cedric Le Goater
2006-07-12 3:33 ` Eric W. Biederman
2006-07-12 11:13 ` Kirill Korotaev
2006-07-12 18:10 ` Eric W. Biederman
2006-07-13 17:00 ` Cedric Le Goater
2006-07-13 18:07 ` Eric W. Biederman
2006-07-13 18:21 ` Eric W. Biederman
2006-07-13 18:31 ` Dave Hansen
2006-07-13 18:54 ` Eric W. Biederman
2006-07-12 3:46 ` Eric W. Biederman
2006-07-12 12:05 ` Herbert Poetzl
2006-07-12 17:09 ` Eric W. Biederman
2006-07-12 14:00 ` Cedric Le Goater
2006-07-12 17:24 ` Eric W. Biederman
2006-07-13 17:36 ` Cedric Le Goater
2006-07-13 17:47 ` Serge E. Hallyn
2006-07-13 18:14 ` Eric W. Biederman
2006-07-13 18:29 ` Dave Hansen
2006-07-13 19:02 ` Eric W. Biederman
2006-07-13 20:03 ` Dave Hansen
2006-07-14 3:45 ` Eric W. Biederman
2006-07-14 14:28 ` Dave Hansen
2006-07-14 15:13 ` Eric W. Biederman
2006-07-14 16:29 ` Serge E. Hallyn
2006-07-14 16:49 ` Eric W. Biederman
2006-07-14 16:55 ` Dave Hansen
2006-07-14 17:08 ` Serge E. Hallyn
2006-07-14 17:19 ` Dave Hansen
2006-07-14 17:36 ` Eric W. Biederman
2006-07-14 18:15 ` Trond Myklebust
2006-07-14 18:40 ` Eric W. Biederman
2006-07-14 21:04 ` Trond Myklebust
2006-07-15 4:09 ` Eric W. Biederman
2006-07-15 4:35 ` Kyle Moffett
2006-07-15 12:35 ` Eric W. Biederman
2006-07-15 13:25 ` Kyle Moffett
2006-07-15 15:54 ` Dave Hansen
2006-07-15 17:01 ` Trond Myklebust
2006-07-15 23:29 ` Eric W. Biederman
2006-07-16 16:18 ` Dave Hansen
2006-07-14 17:14 ` Eric W. Biederman
2006-07-16 8:36 ` Kirill Korotaev
2006-07-16 10:08 ` Eric W. Biederman
2006-07-14 17:05 ` Serge E. Hallyn
2006-07-14 17:50 ` Kyle Moffett
2006-07-15 11:33 ` Serge E. Hallyn
2006-07-14 17:56 ` Eric W. Biederman
2006-07-14 16:35 ` Dave Hansen
2006-07-13 21:41 ` Serge E. Hallyn
2006-07-14 3:52 ` Eric W. Biederman
2006-07-14 14:02 ` Serge E. Hallyn
2006-07-14 14:50 ` Eric W. Biederman
2006-07-14 16:39 ` Serge E. Hallyn
2006-07-14 17:18 ` Eric W. Biederman
2006-07-14 17:24 ` Dave Hansen
2006-07-14 18:06 ` Eric W. Biederman
2006-07-14 18:42 ` Dave Hansen
2006-07-14 19:07 ` Eric W. Biederman
2006-07-13 17:59 ` Eric W. Biederman
2006-07-13 21:22 ` Serge E. Hallyn
2006-07-14 3:50 ` Eric W. Biederman
2006-07-14 14:17 ` Serge E. Hallyn
2006-07-14 15:05 ` Eric W. Biederman
2006-07-14 16:46 ` Serge E. Hallyn
2006-07-14 16:58 ` Eric W. Biederman
2006-07-14 15:43 ` Kyle Moffett
2006-07-14 16:13 ` Eric W. Biederman
2006-07-11 7:50 ` [PATCH -mm 6/7] add the user namespace to the execns syscall Cedric Le Goater
2006-07-11 7:50 ` [PATCH -mm 7/7] forbid the use of the unshare syscall on ipc namespaces Cedric Le Goater
2006-07-11 14:10 ` Kirill Korotaev
2006-07-11 15:06 ` Cedric Le Goater
2006-07-11 8:02 ` [PATCH -mm 0/7] execns syscall and user namespace Arjan van de Ven
2006-07-11 8:42 ` Cedric Le Goater
2006-07-11 18:12 ` H. Peter Anvin
2006-07-11 18:26 ` Cedric Le Goater
2006-07-11 18:28 ` H. Peter Anvin
2006-07-11 19:50 ` Ulrich Drepper
2006-07-11 21:50 ` Cedric Le Goater
2006-07-11 21:57 ` H. Peter Anvin
2006-07-12 0:16 ` Ulrich Drepper
2006-07-12 0:25 ` H. Peter Anvin
2006-07-12 0:28 ` H. Peter Anvin
2006-07-11 20:22 ` Eric W. Biederman
2006-07-11 21:28 ` Cedric Le Goater
2006-07-12 3:24 ` Eric W. Biederman
2006-07-12 13:05 ` Cedric Le Goater
2006-07-12 16:56 ` Eric W. Biederman
2006-07-13 16:13 ` Cedric Le Goater
2006-07-12 11:11 ` Kirill Korotaev
2006-07-12 13:10 ` Cedric Le Goater
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060711075400.915074000@localhost.localdomain \
--to=clg@fr.ibm.com \
--cc=akpm@osdl.org \
--cc=dev@openvz.org \
--cc=ebiederm@xmission.com \
--cc=haveblue@us.ibm.com \
--cc=herbert@13thfloor.at \
--cc=linux-kernel@vger.kernel.org \
--cc=sam.vilain@catalyst.net.nz \
--cc=saw@sw.ru \
--cc=serue@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox