From: Rui Xiang <rui.xiang-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
To: <containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>,
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Cc: netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
serge.hallyn-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org,
libo.chen-hv44wF8Li93QT0dZR+AlfA@public.gmane.org,
netfilter-devel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org,
guz.fnst-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org,
akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org
Subject: [PATCH v3 03/11] syslog_ns: add init syslog_ns for global syslog
Date: Wed, 7 Aug 2013 15:37:07 +0800 [thread overview]
Message-ID: <1375861035-24320-4-git-send-email-rui.xiang@huawei.com> (raw)
In-Reply-To: <1375861035-24320-1-git-send-email-rui.xiang-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
Add init_syslog_ns to manage host log buffer, and
initilize its fileds as the global variables.
Printk by default in kernel will continue to be
targeted at init_syslog_ns. So the buf of init
ns is just the same as the original global buf.
Signed-off-by: Rui Xiang <rui.xiang-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
---
include/linux/syslog.h | 1 +
include/linux/user_namespace.h | 1 +
kernel/printk.c | 18 ++++++++++++++++++
kernel/user.c | 3 +++
kernel/user_namespace.c | 4 ++++
5 files changed, 27 insertions(+)
diff --git a/include/linux/syslog.h b/include/linux/syslog.h
index 62ce47f..363bc56 100644
--- a/include/linux/syslog.h
+++ b/include/linux/syslog.h
@@ -122,4 +122,5 @@ static inline void put_syslog_ns(struct syslog_namespace *ns)
int do_syslog(int type, char __user *buf, int count, bool from_file);
+extern struct syslog_namespace init_syslog_ns;
#endif /* _LINUX_SYSLOG_H */
diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
index ce2de5b..4b5e190 100644
--- a/include/linux/user_namespace.h
+++ b/include/linux/user_namespace.h
@@ -32,6 +32,7 @@ struct user_namespace {
};
extern struct user_namespace init_user_ns;
+extern struct syslog_namespace init_syslog_ns;
#ifdef CONFIG_USER_NS
diff --git a/kernel/printk.c b/kernel/printk.c
index 665cfdc..f288934 100644
--- a/kernel/printk.c
+++ b/kernel/printk.c
@@ -45,6 +45,8 @@
#include <linux/poll.h>
#include <linux/irq_work.h>
#include <linux/utsname.h>
+#include <linux/cred.h>
+#include <linux/user_namespace.h>
#include <asm/uaccess.h>
@@ -251,6 +253,22 @@ static u32 log_buf_len = __LOG_BUF_LEN;
/* cpu currently holding logbuf_lock */
static volatile unsigned int logbuf_cpu = UINT_MAX;
+struct syslog_namespace init_syslog_ns = {
+ .kref = {
+ .refcount = ATOMIC_INIT(2),
+ },
+ .logbuf_lock = __RAW_SPIN_LOCK_UNLOCKED(init_syslog_ns.logbuf_lock),
+ .logbuf_cpu = UINT_MAX,
+ .log_buf_len = __LOG_BUF_LEN,
+ .log_buf = __log_buf,
+ .owner = &init_user_ns,
+#ifdef CONFIG_SECURITY_DMESG_RESTRICT
+ .dmesg_restrict = 1,
+#else
+ .dmesg_restrict = 0,
+#endif
+};
+
/* human readable text of the record */
static char *log_text(const struct log *msg)
{
diff --git a/kernel/user.c b/kernel/user.c
index 69b4c3d..0bbd4f7 100644
--- a/kernel/user.c
+++ b/kernel/user.c
@@ -18,6 +18,8 @@
#include <linux/user_namespace.h>
#include <linux/proc_ns.h>
+struct syslog_namespace;
+
/*
* userns count is 1 for root user, 1 for init_uts_ns,
* and 1 for... ?
@@ -53,6 +55,7 @@ struct user_namespace init_user_ns = {
.proc_inum = PROC_USER_INIT_INO,
.may_mount_sysfs = true,
.may_mount_proc = true,
+ .syslog_ns = &init_syslog_ns,
};
EXPORT_SYMBOL_GPL(init_user_ns);
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
index d8c30db..20f402f 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
@@ -22,6 +22,7 @@
#include <linux/ctype.h>
#include <linux/projid.h>
#include <linux/fs_struct.h>
+#include <linux/syslog.h>
static struct kmem_cache *user_ns_cachep __read_mostly;
@@ -95,6 +96,8 @@ int create_user_ns(struct cred *new)
ns->owner = owner;
ns->group = group;
+ ns->syslog_ns = get_syslog_ns(parent_ns->syslog_ns);
+
set_cred_user_ns(new, ns);
update_mnt_policy(ns);
@@ -122,6 +125,7 @@ void free_user_ns(struct user_namespace *ns)
struct user_namespace *parent;
do {
+ put_syslog_ns(ns->syslog_ns);
parent = ns->parent;
proc_free_inum(ns->proc_inum);
kmem_cache_free(user_ns_cachep, ns);
--
1.8.2.2
next prev parent reply other threads:[~2013-08-07 7:37 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-07 7:37 [PATCH v3 00/11] Add namespace support for syslog Rui Xiang
2013-08-07 7:37 ` [PATCH v3 04/11] syslog_ns: make syslog handling per namespace Rui Xiang
[not found] ` <1375861035-24320-5-git-send-email-rui.xiang-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2013-08-07 18:52 ` Ben Hutchings
2013-08-07 7:37 ` [PATCH v3 05/11] syslog_ns: make permisiion check per user namespace Rui Xiang
2013-08-07 18:41 ` Ben Hutchings
2013-08-07 7:37 ` [PATCH v3 08/11] syslog_ns: implement ns_printk for specific syslog_ns Rui Xiang
2013-08-07 7:37 ` [PATCH v3 09/11] syslog_ns: implement ns_printk_emit " Rui Xiang
2013-08-07 7:37 ` [PATCH v3 10/11] syslog_ns: implement ns_console_unlock " Rui Xiang
[not found] ` <1375861035-24320-1-git-send-email-rui.xiang-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2013-08-07 7:37 ` [PATCH v3 01/11] syslog_ns: add syslog_namespace and put/get_syslog_ns Rui Xiang
2013-08-07 7:37 ` [PATCH v3 02/11] syslog_ns: add syslog_ns into user_namespace Rui Xiang
2013-08-07 7:37 ` Rui Xiang [this message]
2013-08-07 7:37 ` [PATCH v3 06/11] syslog_ns: use init syslog_ns for console action Rui Xiang
2013-08-07 7:37 ` [PATCH v3 07/11] syslog_ns: implement function for creating syslog ns Rui Xiang
[not found] ` <1375861035-24320-8-git-send-email-rui.xiang-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2013-08-07 18:59 ` Ben Hutchings
2013-08-07 7:37 ` [PATCH v3 11/11] netfilter: use ns_printk in iptable context Rui Xiang
2013-08-07 9:17 ` Pablo Neira Ayuso
2013-08-07 7:55 ` [PATCH v3 00/11] Add namespace support for syslog Eric W. Biederman
2013-08-07 13:48 ` Serge Hallyn
[not found] ` <878v0evssv.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2013-08-08 1:37 ` Gao feng
[not found] ` <5202F65F.40002-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2013-08-08 11:13 ` Rui Xiang
[not found] ` <52037D50.2050109-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2013-08-14 15:30 ` Serge E. Hallyn
[not found] ` <20130814153017.GA18403-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2013-08-14 19:21 ` Eric W. Biederman
[not found] ` <87a9kkcc38.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2013-08-17 13:38 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1375861035-24320-4-git-send-email-rui.xiang@huawei.com \
--to=rui.xiang-hv44wf8li93qt0dzr+alfa@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=guz.fnst-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org \
--cc=libo.chen-hv44wF8Li93QT0dZR+AlfA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=netfilter-devel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=serge.hallyn-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).