[Devel] [PATCH net-next] [RFC] netns: enable cross-ve Unix sockets

Denis V. Lunev den at openvz.org
Wed Oct 1 03:54:14 PDT 2008


This patch opens a way to connect via Unix socket from one namespace
to another if these sockets are opened via conventional filesystem
interface. Such approach allows to share important services between
namespaces in efficient way.

This breach is controlled by the means of shared filesystem, i.e. if
somebody really wants to isolate containers, he should start from
filesystem separation.

Signed-off-by: Denis V. Lunev <den at openvz.org>
---
 net/unix/af_unix.c |    3 ---
 1 files changed, 0 insertions(+), 3 deletions(-)

diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 39d2173..0e1eccd 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -297,9 +297,6 @@ static struct sock *unix_find_socket_byinode(struct net *net, struct inode *i)
 		    &unix_socket_table[i->i_ino & (UNIX_HASH_SIZE - 1)]) {
 		struct dentry *dentry = unix_sk(s)->dentry;
 
-		if (!net_eq(sock_net(s), net))
-			continue;
-
 		if(dentry && dentry->d_inode == i)
 		{
 			sock_hold(s);
-- 
1.5.3.rc5

_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers




More information about the Devel mailing list