linux-toradex.git/fs/proc/namespaces.c, branch v3.2.13-rt22 Linux kernel for Apalis and Colibri modules proc: Fix Oops on stat of /proc/<zombie pid>/ns/net 2011-06-15T21:35:29+00:00 Eric W. Biederman ebiederm@xmission.com 2011-06-15T19:47:04+00:00 793925334f32e9026c22baee5c3c340f47d4ef7e Don't call iput with the inode half setup to be a namespace filedescriptor. Instead rearrange the code so that we don't initialize ei->ns_ops until after I ns_ops->get succeeds, preventing us from invoking ns_ops->put when ns_ops->get failed. Reported-by: Ingo Saitz <Ingo.Saitz@stud.uni-hannover.de> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> 
Don't call iput with the inode half setup to be a namespace filedescriptor.
Instead rearrange the code so that we don't initialize ei->ns_ops until
after I ns_ops->get succeeds, preventing us from invoking ns_ops->put
when ns_ops->get failed.

Reported-by: Ingo Saitz <Ingo.Saitz@stud.uni-hannover.de>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
ns proc: Return -ENOENT for a nonexistent /proc/self/ns/ entry. 2011-05-24T22:30:33+00:00 Eric W. Biederman ebiederm@xmission.com 2011-05-11T22:42:08+00:00 62ca24baf1417e56fd2ae4ff07adfe7f6a2e42fc Spotted-by: Nathan Lynch <ntl@pobox.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> 
Spotted-by: Nathan Lynch <ntl@pobox.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
ns proc: Add support for the ipc namespace 2011-05-10T21:35:47+00:00 Eric W. Biederman ebiederm@xmission.com 2010-03-08T02:48:39+00:00 a00eaf11a223c63fbb212369d6db69ce4c55a2d1 Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> 
Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
ns proc: Add support for the uts namespace 2011-05-10T21:35:35+00:00 Eric W. Biederman ebiederm@xmission.com 2010-03-08T02:43:27+00:00 34482e89a5218f0f9317abf1cfba3bb38b5c29dd Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> 
Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
ns proc: Add support for the network namespace. 2011-05-10T21:34:26+00:00 Eric W. Biederman ebiederm@xmission.com 2010-03-08T02:14:23+00:00 13b6f57623bc485e116344fe91fbcb29f149242b Implementing file descriptors for the network namespace is simple and straight forward. Acked-by: David S. Miller <davem@davemloft.net> Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> 
Implementing file descriptors for the network namespace
is simple and straight forward.

Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
ns: proc files for namespace naming policy. 2011-05-10T21:31:44+00:00 Eric W. Biederman ebiederm@xmission.com 2010-03-08T00:41:34+00:00 6b4e306aa3dc94a0545eb9279475b1ab6209a31f Create files under /proc/<pid>/ns/ to allow controlling the namespaces of a process. This addresses three specific problems that can make namespaces hard to work with. - Namespaces require a dedicated process to pin them in memory. - It is not possible to use a namespace unless you are the child of the original creator. - Namespaces don't have names that userspace can use to talk about them. The namespace files under /proc/<pid>/ns/ can be opened and the file descriptor can be used to talk about a specific namespace, and to keep the specified namespace alive. A namespace can be kept alive by either holding the file descriptor open or bind mounting the file someplace else. aka: mount --bind /proc/self/ns/net /some/filesystem/path mount --bind /proc/self/fd/<N> /some/filesystem/path This allows namespaces to be named with userspace policy. It requires additional support to make use of these filedescriptors and that will be comming in the following patches. Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> 
Create files under /proc/<pid>/ns/ to allow controlling the
namespaces of a process.

This addresses three specific problems that can make namespaces hard to
work with.
- Namespaces require a dedicated process to pin them in memory.
- It is not possible to use a namespace unless you are the child
  of the original creator.
- Namespaces don't have names that userspace can use to talk about
  them.

The namespace files under /proc/<pid>/ns/ can be opened and the
file descriptor can be used to talk about a specific namespace, and
to keep the specified namespace alive.

A namespace can be kept alive by either holding the file descriptor
open or bind mounting the file someplace else.  aka:
mount --bind /proc/self/ns/net /some/filesystem/path
mount --bind /proc/self/fd/<N> /some/filesystem/path

This allows namespaces to be named with userspace policy.

It requires additional support to make use of these filedescriptors
and that will be comming in the following patches.

Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>