[Devel] [PATCH RHEL COMMIT] ve: Implement current_user_ns_initial() helper

Wed Sep 22 14:50:57 MSK 2021

The commit is pushed to "branch-rh9-5.14.vz9.1.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after ark-5.14
------>
commit a22aa5f9b3382ad49e512bd9e66d9d5c7ecdd003
Author: Konstantin Khorenko <khorenko at virtuozzo.com>
Date:   Wed Sep 22 14:50:56 2021 +0300

    ve: Implement current_user_ns_initial() helper
    
    Add a helper which checks if current user_ns is
    the same as ve init_cred's. Will be used in next
    patch.
    
    Signed-off-by: Kirill Tkhai <ktkhai at odin.com>
    
    Signed-off-by: Andrei Vagin <avagin at virtuozzo.com>
    
    Signed-off-by: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>
    
    (cherry picked from vz8 commit 2fb1d96c8cc6f00dba3dba1f6bec202b2e97b9fb)
    Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
 include/linux/ve.h |  7 +++++++
 kernel/ve/ve.c     | 18 ++++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/include/linux/ve.h b/include/linux/ve.h
index 92daafbd9e44..ba3d1e517152 100644
--- a/include/linux/ve.h
+++ b/include/linux/ve.h
@@ -72,6 +72,8 @@ extern struct cgroup_subsys_state *ve_get_init_css(struct ve_struct *ve, int sub
 #define ve_feature_set(ve, f)			\
 	!!((ve)->features & VE_FEATURE_##f)
 
+extern bool current_user_ns_initial(void);
+
 extern struct cgroup *cgroup_get_ve_root1(struct cgroup *cgrp);
 
 #else	/* CONFIG_VE */
@@ -83,6 +85,11 @@ static inline void ve_exit_ns(struct pid_namespace *ns) { }
 
 #define ve_feature_set(ve, f)		{ true; }
 
+static inline bool current_user_ns_initial(void)
+{
+	return current_user_ns() == init_cred.user_ns;
+}
+
 static inline struct cgroup *cgroup_get_ve_root1(struct cgroup *cgrp)
 {
 	return NULL;
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index e9148116a019..ff51f5678a83 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -121,6 +121,24 @@ struct ve_struct *get_ve_by_id(envid_t veid)
 }
 EXPORT_SYMBOL(get_ve_by_id);
 
+/* Check if current user_ns is initial for current ve */
+bool current_user_ns_initial(void)
+{
+	struct ve_struct *ve = get_exec_env();
+	bool ret = false;
+
+	if (current_user_ns() == &init_user_ns)
+		return true;
+
+	rcu_read_lock();
+	if (ve->ve_ns && ve->init_cred->user_ns == current_user_ns())
+		ret = true;
+	rcu_read_unlock();
+
+	return ret;
+}
+EXPORT_SYMBOL(current_user_ns_initial);
+
 int nr_threads_ve(struct ve_struct *ve)
 {
         return cgroup_task_count(ve->css.cgroup);
