summaryrefslogtreecommitdiff
path: root/include/linux/user_namespace.h
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2017-11-16 12:20:15 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2017-11-16 12:20:15 -0800
commit758f875848d78148cf9a9cdb3ff1ddf29b234056 (patch)
tree78d6b1b0a1d82376f9dea8d73c2b900cb5b89679 /include/linux/user_namespace.h
parenta02cd4229e298aadbe8f5cf286edee8058d87116 (diff)
parent3fda0e737e906ce73220b20c27e7f792d0aac6a8 (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull user namespace update from Eric Biederman: "The only change that is production ready this round is the work to increase the number of uid and gid mappings a user namespace can support from 5 to 340. This code was carefully benchmarked and it was confirmed that in the existing cases the performance remains the same. In the worst case with 340 mappings an cache cold stat times go from 158ns to 248ns. That is noticable but still quite small, and only the people who are doing crazy things pay the cost. This work uncovered some documentation and cleanup opportunities in the mapping code, and patches to make those cleanups and improve the documentation will be coming in the next merge window" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: userns: Simplify insert_extent userns: Make map_id_down a wrapper for map_id_range_down userns: Don't read extents twice in m_start userns: Simplify the user and group mapping functions userns: Don't special case a count of 0 userns: bump idmap limits to 340 userns: use union in {g,u}idmap struct
Diffstat (limited to 'include/linux/user_namespace.h')
-rw-r--r--include/linux/user_namespace.h23
1 files changed, 16 insertions, 7 deletions
diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
index 3fe714da7f5a..d6b74b91096b 100644
--- a/include/linux/user_namespace.h
+++ b/include/linux/user_namespace.h
@@ -11,15 +11,24 @@
#include <linux/sysctl.h>
#include <linux/err.h>
-#define UID_GID_MAP_MAX_EXTENTS 5
+#define UID_GID_MAP_MAX_BASE_EXTENTS 5
+#define UID_GID_MAP_MAX_EXTENTS 340
-struct uid_gid_map { /* 64 bytes -- 1 cache line */
+struct uid_gid_extent {
+ u32 first;
+ u32 lower_first;
+ u32 count;
+};
+
+struct uid_gid_map { /* 64 bytes -- 1 cache line */
u32 nr_extents;
- struct uid_gid_extent {
- u32 first;
- u32 lower_first;
- u32 count;
- } extent[UID_GID_MAP_MAX_EXTENTS];
+ union {
+ struct uid_gid_extent extent[UID_GID_MAP_MAX_BASE_EXTENTS];
+ struct {
+ struct uid_gid_extent *forward;
+ struct uid_gid_extent *reverse;
+ };
+ };
};
#define USERNS_SETGROUPS_ALLOWED 1UL