[Devel] [PATCH RHEL7 COMMIT] ms: common object embedded into various struct ....ns
Konstantin Khorenko
khorenko at virtuozzo.com
Thu Jun 11 19:19:57 MSK 2020
The commit is pushed to "branch-rh7-3.10.0-1127.10.1.vz7.162.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1127.10.1.vz7.162.2
------>
commit a1c3378c7e8059913b631559ff29582f9fdb512b
Author: Al Viro <viro at zeniv.linux.org.uk>
Date: Thu Jun 11 19:19:57 2020 +0300
ms: common object embedded into various struct ....ns
for now - just move corresponding ->proc_inum instances over there
Acked-by: "Eric W. Biederman" <ebiederm at xmission.com>
Signed-off-by: Al Viro <viro at zeniv.linux.org.uk>
(cherry picked from VZ8 commit 435d5f4bb2ccba3b791d9ef61d2590e30b8e806e)
https://jira.sw.ru/browse/PSBM-102357
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
=====================
Patchset description:
port nsfs from vz8
We have problems with /proc/pid/ns/name bind-mounts in CRIU
1) Currently (without nsfs) such a bind mount have same superblock with
/proc mount, but in case of nested pid-namespaces container can have
multiple different /proc mounts and for ns-bind-mount we need to bind it
from the right pidns. So we will need to enter proper pid-namespace to
reopen ns-file fd from proper proc, it looks too complex.
If we port nsfs ns-bind-mounts will be all on the same superblock which
does not depend from procfs's we opened the ns-file on.
2) Bigger problem will come then we will wan't to migrate ns-bind-mounts
from non-nsfs to nsfs (vz8) kernel this would bring a lot of crutches,
we will need to workaround the fact that before migration mounts were
with same superblock and after migration they can't be.
To overcome those we can port nsfs to vz7 and do ns-bind-mount support in
a new world of nsfs, looks like it would be easier.
First we need to revert all patches which depend from nsfs:
8782a0069f1b proc: add a proc_show_path method to fix mountinfo
b823f8df2fcb ms/tun: Add ioctl() TUNGETDEVNETNS cmd to allow obtaining real net ns of tun device
302889fa2e3d ms/net: add an ioctl to get a socket network namespace
7cb9e7ae7041 ms/tun: Add ioctl() SIOCGSKNS cmd to allow obtaining net ns of tun device
ac08c64138ac nsfs: add ioctl to get a parent namespace
a8e0dd94d5cd nsfs: add ioctl to get an owning user namespace for ns file descriptor
93dca538d184 kernel: add a helper to get an owning user namespace for a namespace
edaecdb8adac ms/pidns: expose task pid_ns_for_children to userspace
2b151c3f8909 ms/ns: allow ns_entries to have custom symlink content
Cherry-pick nsfs from VZ8:
435d5f4bb2cc common object embedded into various struct ....ns
58be28256d98 make mntns ->get()/->put()/->install()/->inum() work with &mnt_ns->ns
ff24870f46d5 netns: switch ->get()/->put()/->install()/->inum() to working with &net->ns
3c0411846118 switch the rest of proc_ns_operations to working with &...->ns
64964528b24e make proc_ns_operations work with struct ns_common * instead of void *
6344c433a452 new helpers: ns_alloc_inum/ns_free_inum
33c429405a2c copy address of proc_ns_ops into ns_common
f77c80142e1a bury struct proc_ns in fs/proc
292662014509 dcache.c: call ->d_prune() regardless of d_unhashed()
e149ed2b805f take the targets of /proc/*/ns/* symlinks to separate fs
Cherry-pick part of reverted patches back from VZ8:
bcac25a58bfc kernel: add a helper to get an owning user namespace for a namespace
6786741dbf99 nsfs: add ioctl to get an owning user namespace for ns file descriptor
a7306ed8d94a nsfs: add ioctl to get a parent namespace
c62cce2caee5 net: add an ioctl to get a socket network namespace
25b14e92af1a ns: allow ns_entries to have custom symlink content
eaa0d190bfe1 pidns: expose task pid_ns_for_children to userspace
Cherry-pick reverted patches back from MS (we also need them to vz8):
75509fd88fbd nsfs: Add a show_path method to fix mountinfo
24dce0800baa net: Export open_related_ns()
d8d211a2a0c3 net: Make extern and export get_net_ns()
f2780d6d7475 tun: Add ioctl() SIOCGSKNS cmd to allow obtaining net ns of tun device
0c3e0e3bb623 tun: Add ioctl() TUNGETDEVNETNS cmd to allow obtaining real net ns of tun device
073c516ff735 nsfs: mark dentry with DCACHE_RCUACCESS
On this kernel I've runed zdtm, so the change should not break interfaces.
https://jira.sw.ru/browse/PSBM-102357
Al Viro (10):
ms: common object embedded into various struct ....ns
make mntns ->get()/->put()/->install()/->inum() work with &mnt_ns->ns
netns: switch ->get()/->put()/->install()/->inum() to working with
&net->ns
switch the rest of proc_ns_operations to working with &...->ns
make proc_ns_operations work with struct ns_common * instead of void *
new helpers: ns_alloc_inum/ns_free_inum
copy address of proc_ns_ops into ns_common
bury struct proc_ns in fs/proc
dcache.c: call ->d_prune() regardless of d_unhashed()
take the targets of /proc/*/ns/* symlinks to separate fs
Andrey Vagin (4):
kernel: add a helper to get an owning user namespace for a namespace
nsfs: add ioctl to get an owning user namespace for ns file descriptor
nsfs: add ioctl to get a parent namespace
net: add an ioctl to get a socket network namespace
Cong Wang (1):
nsfs: mark dentry with DCACHE_RCUACCESS
Eric W. Biederman (1):
nsfs: Add a show_path method to fix mountinfo
Kirill Tkhai (6):
ns: allow ns_entries to have custom symlink content
pidns: expose task pid_ns_for_children to userspace
net: Export open_related_ns()
net: Make extern and export get_net_ns()
tun: Add ioctl() SIOCGSKNS cmd to allow obtaining net ns of tun device
tun: Add ioctl() TUNGETDEVNETNS cmd to allow obtaining real net ns of
tun device
Pavel Tikhomirov (10):
Revert "proc: add a proc_show_path method to fix mountinfo"
Revert "ms/tun: Add ioctl() TUNGETDEVNETNS cmd to allow obtaining real
net ns of tun device"
Revert "ms/net: add an ioctl to get a socket network namespace"
Revert "ms/tun: Add ioctl() SIOCGSKNS cmd to allow obtaining net ns of
tun device"
Revert "nsfs: add ioctl to get a parent namespace"
Revert "nsfs: add ioctl to get an owning user namespace for ns file
descriptor"
Revert "kernel: add a helper to get an owning user namespace for a
namespace"
Revert "ms/pidns: expose task pid_ns_for_children to userspace"
Revert "ms/ns: allow ns_entries to have custom symlink content"
userns: move EXPORT_SYMBOL closer to current_in_userns
---
fs/mount.h | 3 ++-
fs/namespace.c | 6 +++---
fs/nfs_common/grace.c | 2 +-
fs/nfsd/nfs4recover.c | 2 +-
include/linux/ipc_namespace.h | 3 ++-
include/linux/ns_common.h | 8 ++++++++
include/linux/pid_namespace.h | 3 ++-
include/linux/user_namespace.h | 3 ++-
include/linux/utsname.h | 3 ++-
include/net/net_namespace.h | 3 ++-
init/version.c | 2 +-
ipc/msgutil.c | 2 +-
ipc/namespace.c | 8 ++++----
kernel/pid.c | 2 +-
kernel/pid_namespace.c | 6 +++---
kernel/user.c | 2 +-
kernel/user_namespace.c | 10 +++++-----
kernel/utsname.c | 6 +++---
net/core/net_namespace.c | 6 +++---
19 files changed, 47 insertions(+), 33 deletions(-)
diff --git a/fs/mount.h b/fs/mount.h
index 0c4448dbe5d1f..3e0e6a2567daa 100644
--- a/fs/mount.h
+++ b/fs/mount.h
@@ -1,12 +1,13 @@
#include <linux/mount.h>
#include <linux/seq_file.h>
#include <linux/poll.h>
+#include <linux/ns_common.h>
#include <linux/fs_pin.h>
#include <linux/rh_kabi.h>
struct mnt_namespace {
atomic_t count;
- unsigned int proc_inum;
+ struct ns_common ns;
struct mount * root;
struct list_head list;
struct user_namespace *user_ns;
diff --git a/fs/namespace.c b/fs/namespace.c
index 623466063ff2a..cd08475300ef1 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -3245,7 +3245,7 @@ static void dec_mnt_namespaces(struct ucounts *ucounts)
static void free_mnt_ns(struct mnt_namespace *ns)
{
- proc_free_inum(ns->proc_inum);
+ proc_free_inum(ns->ns.inum);
dec_mnt_namespaces(ns->ucounts);
put_user_ns(ns->user_ns);
@@ -3280,7 +3280,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns)
dec_mnt_namespaces(ucounts);
return ERR_PTR(-ENOMEM);
}
- ret = proc_alloc_inum(&new_ns->proc_inum);
+ ret = proc_alloc_inum(&new_ns->ns.inum);
if (ret) {
kfree(new_ns);
dec_mnt_namespaces(ucounts);
@@ -3911,7 +3911,7 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns)
static unsigned int mntns_inum(void *ns)
{
struct mnt_namespace *mnt_ns = ns;
- return mnt_ns->proc_inum;
+ return mnt_ns->ns.inum;
}
const struct proc_ns_operations mntns_operations = {
diff --git a/fs/nfs_common/grace.c b/fs/nfs_common/grace.c
index 9317c6445f7a6..da03f591eaa75 100644
--- a/fs/nfs_common/grace.c
+++ b/fs/nfs_common/grace.c
@@ -34,7 +34,7 @@ locks_start_grace(struct net *net, struct lock_manager *lm)
list_add(&lm->list, grace_list);
else
WARN(1, "double list_add attempt detected in net %x %s\n",
- net->proc_inum, (net == &init_net) ? "(init_net)" : "");
+ net->ns.inum, (net == &init_net) ? "(init_net)" : "");
spin_unlock(&grace_lock);
}
EXPORT_SYMBOL_GPL(locks_start_grace);
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index 95b5c8d0ee939..2e313ba31e86a 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -1262,7 +1262,7 @@ nfsd4_umh_cltrack_init(struct net *net)
if (!net_eq(net, get_exec_env()->ve_netns)) {
pr_warn("NFSD: attempt to initialize umh client tracking "
"in Container %s netns %u ignored.\n",
- get_exec_env()->ve_name, net->proc_inum);
+ get_exec_env()->ve_name, net->ns.inum);
kfree(grace_start);
return -EINVAL;
}
diff --git a/include/linux/ipc_namespace.h b/include/linux/ipc_namespace.h
index 4fe18b89714be..f29024310beeb 100644
--- a/include/linux/ipc_namespace.h
+++ b/include/linux/ipc_namespace.h
@@ -6,6 +6,7 @@
#include <linux/rwsem.h>
#include <linux/notifier.h>
#include <linux/nsproxy.h>
+#include <linux/ns_common.h>
struct user_namespace;
@@ -62,7 +63,7 @@ struct ipc_namespace {
/* user_ns which owns the ipc ns */
struct user_namespace *user_ns;
- unsigned int proc_inum;
+ struct ns_common ns;
RH_KABI_EXTEND(struct ucounts *ucounts)
};
diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h
new file mode 100644
index 0000000000000..e7db1cd540474
--- /dev/null
+++ b/include/linux/ns_common.h
@@ -0,0 +1,8 @@
+#ifndef _LINUX_NS_COMMON_H
+#define _LINUX_NS_COMMON_H
+
+struct ns_common {
+ unsigned int inum;
+};
+
+#endif
diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h
index f2e7bee5ca01a..9b3300194ade4 100644
--- a/include/linux/pid_namespace.h
+++ b/include/linux/pid_namespace.h
@@ -8,6 +8,7 @@
#include <linux/threads.h>
#include <linux/nsproxy.h>
#include <linux/kref.h>
+#include <linux/ns_common.h>
struct pidmap {
atomic_t nr_free;
@@ -44,7 +45,7 @@ struct pid_namespace {
int hide_pid;
int hide_pidns;
int reboot; /* group exit code if this pidns was rebooted */
- unsigned int proc_inum;
+ struct ns_common ns;
RH_KABI_EXTEND(struct rcu_head rcu)
RH_KABI_EXTEND(struct ucounts *ucounts)
};
diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
index e858abca62677..30f05fa393f73 100644
--- a/include/linux/user_namespace.h
+++ b/include/linux/user_namespace.h
@@ -3,6 +3,7 @@
#include <linux/kref.h>
#include <linux/nsproxy.h>
+#include <linux/ns_common.h>
#include <linux/sched.h>
#include <linux/err.h>
#include <linux/rh_kabi.h>
@@ -56,7 +57,7 @@ struct user_namespace {
struct user_namespace *parent;
kuid_t owner;
kgid_t group;
- unsigned int proc_inum;
+ struct ns_common ns;
RH_KABI_DEPRECATE(bool, may_mount_sysfs)
RH_KABI_DEPRECATE(bool, may_mount_proc)
diff --git a/include/linux/utsname.h b/include/linux/utsname.h
index 5de42fbc70b02..02480182fca0b 100644
--- a/include/linux/utsname.h
+++ b/include/linux/utsname.h
@@ -5,6 +5,7 @@
#include <linux/sched.h>
#include <linux/kref.h>
#include <linux/nsproxy.h>
+#include <linux/ns_common.h>
#include <linux/err.h>
#include <uapi/linux/utsname.h>
@@ -33,7 +34,7 @@ struct uts_namespace {
struct kref kref;
struct new_utsname name;
struct user_namespace *user_ns;
- unsigned int proc_inum;
+ struct ns_common ns;
RH_KABI_EXTEND(struct ucounts *ucounts)
#ifdef CONFIG_X86
struct uts_vdso vdso;
diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index e40d8f6e0b392..fd9e0874ddce4 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -27,6 +27,7 @@
#endif
#include <net/netns/nftables.h>
#include <net/netns/xfrm.h>
+#include <linux/ns_common.h>
#include <linux/idr.h>
#include <linux/skbuff.h>
@@ -60,7 +61,7 @@ struct net {
struct user_namespace *user_ns; /* Owning user namespace */
- unsigned int proc_inum;
+ struct ns_common ns;
struct proc_dir_entry *proc_net;
struct proc_dir_entry *proc_net_stat;
diff --git a/init/version.c b/init/version.c
index 748b9c166edfa..200bf28894e66 100644
--- a/init/version.c
+++ b/init/version.c
@@ -36,7 +36,7 @@ struct uts_namespace init_uts_ns = {
.domainname = UTS_DOMAINNAME,
},
.user_ns = &init_user_ns,
- .proc_inum = PROC_UTS_INIT_INO,
+ .ns.inum = PROC_UTS_INIT_INO,
};
EXPORT_SYMBOL_GPL(init_uts_ns);
diff --git a/ipc/msgutil.c b/ipc/msgutil.c
index 28717136e3aae..ac4d7fba7e41d 100644
--- a/ipc/msgutil.c
+++ b/ipc/msgutil.c
@@ -31,7 +31,7 @@ DEFINE_SPINLOCK(mq_lock);
struct ipc_namespace init_ipc_ns = {
.count = ATOMIC_INIT(1),
.user_ns = &init_user_ns,
- .proc_inum = PROC_IPC_INIT_INO,
+ .ns.inum = PROC_IPC_INIT_INO,
};
atomic_t nr_ipc_ns = ATOMIC_INIT(1);
diff --git a/ipc/namespace.c b/ipc/namespace.c
index 41bbfaecc99fd..a9e2f64d56eaf 100644
--- a/ipc/namespace.c
+++ b/ipc/namespace.c
@@ -43,7 +43,7 @@ static struct ipc_namespace *create_ipc_ns(struct user_namespace *user_ns,
if (ns == NULL)
goto fail_dec;
- err = proc_alloc_inum(&ns->proc_inum);
+ err = proc_alloc_inum(&ns->ns.inum);
if (err)
goto fail_free;
@@ -64,7 +64,7 @@ static struct ipc_namespace *create_ipc_ns(struct user_namespace *user_ns,
fail_put:
put_user_ns(ns->user_ns);
- proc_free_inum(ns->proc_inum);
+ proc_free_inum(ns->ns.inum);
fail_free:
kfree(ns);
fail_dec:
@@ -121,7 +121,7 @@ static void free_ipc_ns(struct ipc_namespace *ns)
dec_ipc_namespaces(ns->ucounts);
put_user_ns(ns->user_ns);
- proc_free_inum(ns->proc_inum);
+ proc_free_inum(ns->ns.inum);
kfree(ns);
}
@@ -188,7 +188,7 @@ static unsigned int ipcns_inum(void *vp)
{
struct ipc_namespace *ns = vp;
- return ns->proc_inum;
+ return ns->ns.inum;
}
const struct proc_ns_operations ipcns_operations = {
diff --git a/kernel/pid.c b/kernel/pid.c
index e8c835b188c08..48c315ff1d8d3 100644
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -76,7 +76,7 @@ struct pid_namespace init_pid_ns = {
.level = 0,
.child_reaper = &init_task,
.user_ns = &init_user_ns,
- .proc_inum = PROC_PID_INIT_INO,
+ .ns.inum = PROC_PID_INIT_INO,
};
EXPORT_SYMBOL_GPL(init_pid_ns);
diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
index 482b6c3e0143d..d50a926eee000 100644
--- a/kernel/pid_namespace.c
+++ b/kernel/pid_namespace.c
@@ -124,7 +124,7 @@ static struct pid_namespace *create_pid_namespace(struct user_namespace *user_ns
if (ns->pid_cachep == NULL)
goto out_free_map;
- err = proc_alloc_inum(&ns->proc_inum);
+ err = proc_alloc_inum(&ns->ns.inum);
if (err)
goto out_free_map;
@@ -165,7 +165,7 @@ static void destroy_pid_namespace(struct pid_namespace *ns)
{
int i;
- proc_free_inum(ns->proc_inum);
+ proc_free_inum(ns->ns.inum);
for (i = 0; i < PIDMAP_ENTRIES; i++)
kfree(ns->pidmap[i].page);
dec_pid_namespaces(ns->ucounts);
@@ -394,7 +394,7 @@ static int pidns_install(struct nsproxy *nsproxy, void *ns)
static unsigned int pidns_inum(void *ns)
{
struct pid_namespace *pid_ns = ns;
- return pid_ns->proc_inum;
+ return pid_ns->ns.inum;
}
const struct proc_ns_operations pidns_operations = {
diff --git a/kernel/user.c b/kernel/user.c
index 6b0cd1ad732db..88b4eed722861 100644
--- a/kernel/user.c
+++ b/kernel/user.c
@@ -50,7 +50,7 @@ struct user_namespace init_user_ns = {
.count = ATOMIC_INIT(3),
.owner = GLOBAL_ROOT_UID,
.group = GLOBAL_ROOT_GID,
- .proc_inum = PROC_USER_INIT_INO,
+ .ns.inum = PROC_USER_INIT_INO,
.flags = USERNS_INIT_FLAGS,
#ifdef CONFIG_PERSISTENT_KEYRINGS
.persistent_keyring_register_sem =
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
index 824e0cd0b7dd4..7f433288ddae6 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
@@ -121,7 +121,7 @@ int create_user_ns(struct cred *new)
if (!ns)
goto fail_dec;
- ret = proc_alloc_inum(&ns->proc_inum);
+ ret = proc_alloc_inum(&ns->ns.inum);
if (ret)
goto fail_free;
@@ -130,7 +130,7 @@ int create_user_ns(struct cred *new)
new_user = alloc_uid_ns(ns, owner);
if (!new_user) {
- proc_free_inum(ns->proc_inum);
+ proc_free_inum(ns->ns.inum);
kmem_cache_free(user_ns_cachep, ns);
return -ENOMEM;
}
@@ -170,7 +170,7 @@ int create_user_ns(struct cred *new)
key_put(ns->persistent_keyring_register);
#endif
fail_free:
- proc_free_inum(ns->proc_inum);
+ proc_free_inum(ns->ns.inum);
kmem_cache_free(user_ns_cachep, ns);
fail_dec:
dec_user_namespaces(ucounts);
@@ -210,7 +210,7 @@ static void free_user_ns(struct work_struct *work)
#ifdef CONFIG_PERSISTENT_KEYRINGS
key_put(ns->persistent_keyring_register);
#endif
- proc_free_inum(ns->proc_inum);
+ proc_free_inum(ns->ns.inum);
kmem_cache_free(user_ns_cachep, ns);
dec_user_namespaces(ucounts);
ns = parent;
@@ -1076,7 +1076,7 @@ static int userns_install(struct nsproxy *nsproxy, void *ns)
static unsigned int userns_inum(void *ns)
{
struct user_namespace *user_ns = ns;
- return user_ns->proc_inum;
+ return user_ns->ns.inum;
}
const struct proc_ns_operations userns_operations = {
diff --git a/kernel/utsname.c b/kernel/utsname.c
index ec7adcdca3860..c4d9fbd983036 100644
--- a/kernel/utsname.c
+++ b/kernel/utsname.c
@@ -69,7 +69,7 @@ static struct uts_namespace *clone_uts_ns(struct user_namespace *user_ns,
if (!ns)
goto fail_dec;
- err = proc_alloc_inum(&ns->proc_inum);
+ err = proc_alloc_inum(&ns->ns.inum);
if (err)
goto fail_free;
@@ -119,7 +119,7 @@ void free_uts_ns(struct kref *kref)
ns = container_of(kref, struct uts_namespace, kref);
dec_uts_namespaces(ns->ucounts);
put_user_ns(ns->user_ns);
- proc_free_inum(ns->proc_inum);
+ proc_free_inum(ns->ns.inum);
#ifdef CONFIG_X86
#ifdef CONFIG_X86_64
if (ns->vdso.pages) {
@@ -181,7 +181,7 @@ static unsigned int utsns_inum(void *vp)
{
struct uts_namespace *ns = vp;
- return ns->proc_inum;
+ return ns->ns.inum;
}
const struct proc_ns_operations utsns_operations = {
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
index 13b8897cbec4a..d7dc5a108acae 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
@@ -613,12 +613,12 @@ EXPORT_SYMBOL_GPL(get_net_ns_by_pid);
static __net_init int net_ns_net_init(struct net *net)
{
- return proc_alloc_inum(&net->proc_inum);
+ return proc_alloc_inum(&net->ns.inum);
}
static __net_exit void net_ns_net_exit(struct net *net)
{
- proc_free_inum(net->proc_inum);
+ proc_free_inum(net->ns.inum);
}
static struct pernet_operations __net_initdata net_ns_ops = {
@@ -1085,7 +1085,7 @@ static int netns_install(struct nsproxy *nsproxy, void *ns)
static unsigned int netns_inum(void *ns)
{
struct net *net = ns;
- return net->proc_inum;
+ return net->ns.inum;
}
const struct proc_ns_operations netns_operations = {
More information about the Devel
mailing list