[Devel] [PATCH rh7] fuse: allow to mount fuse filesystems inside CT
Stanislav Kinsburskiy
skinsbursky at odin.com
Wed Nov 11 06:54:26 PST 2015
11.11.2015 15:40, Konstantin Khorenko пишет:
> On 11/10/2015 05:56 PM, Andrey Ryabinin wrote:
>> On 11/10/2015 05:52 PM, Stanislav Kinsburskiy wrote:
>>>> goto err;
>>>> + if (get_exec_env()->init_cred)
>>>> + root_user_ns = get_exec_env()->init_cred->user_ns;
>>>> + else
>>>> + root_user_ns = &init_user_ns;
>>>> +
>>>
>>> We have some helper for this, if I'm not mistaken.
>>> Probably this one:
>>>
>>> current_user_ns_initial()
>>
>> current_user_ns_initial() check if current user_ns is initial for
>> current ve.
>> We need to check if file's user_ns is initial for current ve, so it
>> doesn't fit here.
>
> Stas, agree? Ack?
>
Sorry for the delay.
I definitely experience some problems with IMAP, because received this
mails only an hour ago.
Basically yes, I have nothing against. And I was mistaken: we don't have
such a helper.
But I would like to note, that from my POW it worth to create a helper
similar to this:
+ struct user_namespace *ve_init_user_ns(void)
+ {
+ if (get_exec_env()->init_cred)
+ return get_exec_env()->init_cred->user_ns;
+ return &init_user_ns;
+}
And use it here and also in do_new_mount(), where we have the same chunk.
I expect, that we will have more places, where it could be useful.
>
>>>> if ((file->f_op != &fuse_dev_operations) ||
>>>> - (file->f_cred->user_ns != &init_user_ns))
>>>> + (file->f_cred->user_ns != root_user_ns))
>>>> goto err_fput;
>>>> fc = kmalloc(sizeof(*fc), GFP_KERNEL);
>>>
>>
More information about the Devel
mailing list