From 3ff195b011d7decf501a4d55aeed312731094796 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Tue, 30 Mar 2010 11:31:26 -0700 Subject: sysfs: Implement sysfs tagged directory support. The problem. When implementing a network namespace I need to be able to have multiple network devices with the same name. Currently this is a problem for /sys/class/net/*, /sys/devices/virtual/net/*, and potentially a few other directories of the form /sys/ ... /net/*. What this patch does is to add an additional tag field to the sysfs dirent structure. For directories that should show different contents depending on the context such as /sys/class/net/, and /sys/devices/virtual/net/ this tag field is used to specify the context in which those directories should be visible. Effectively this is the same as creating multiple distinct directories with the same name but internally to sysfs the result is nicer. I am calling the concept of a single directory that looks like multiple directories all at the same path in the filesystem tagged directories. For the networking namespace the set of directories whose contents I need to filter with tags can depend on the presence or absence of hotplug hardware or which modules are currently loaded. Which means I need a simple race free way to setup those directories as tagged. To achieve a reace free design all tagged directories are created and managed by sysfs itself. Users of this interface: - define a type in the sysfs_tag_type enumeration. - call sysfs_register_ns_types with the type and it's operations - sysfs_exit_ns when an individual tag is no longer valid - Implement mount_ns() which returns the ns of the calling process so we can attach it to a sysfs superblock. - Implement ktype.namespace() which returns the ns of a syfs kobject. Everything else is left up to sysfs and the driver layer. For the network namespace mount_ns and namespace() are essentially one line functions, and look to remain that. Tags are currently represented a const void * pointers as that is both generic, prevides enough information for equality comparisons, and is trivial to create for current users, as it is just the existing namespace pointer. The work needed in sysfs is more extensive. At each directory or symlink creating I need to check if the directory it is being created in is a tagged directory and if so generate the appropriate tag to place on the sysfs_dirent. Likewise at each symlink or directory removal I need to check if the sysfs directory it is being removed from is a tagged directory and if so figure out which tag goes along with the name I am deleting. Currently only directories which hold kobjects, and symlinks are supported. There is not enough information in the current file attribute interfaces to give us anything to discriminate on which makes it useless, and there are no potential users which makes it an uninteresting problem to solve. Signed-off-by: Eric W. Biederman Signed-off-by: Benjamin Thery Signed-off-by: Greg Kroah-Hartman --- include/linux/sysfs.h | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'include/linux/sysfs.h') diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index f0496b3d1811..1885d21b0c80 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -20,6 +20,7 @@ struct kobject; struct module; +enum kobj_ns_type; /* FIXME * The *owner field is no longer used. @@ -168,10 +169,14 @@ void sysfs_remove_file_from_group(struct kobject *kobj, void sysfs_notify(struct kobject *kobj, const char *dir, const char *attr); void sysfs_notify_dirent(struct sysfs_dirent *sd); struct sysfs_dirent *sysfs_get_dirent(struct sysfs_dirent *parent_sd, + const void *ns, const unsigned char *name); struct sysfs_dirent *sysfs_get(struct sysfs_dirent *sd); void sysfs_put(struct sysfs_dirent *sd); void sysfs_printk_last_file(void); + +void sysfs_exit_ns(enum kobj_ns_type type, const void *tag); + int __must_check sysfs_init(void); #else /* CONFIG_SYSFS */ @@ -301,6 +306,7 @@ static inline void sysfs_notify_dirent(struct sysfs_dirent *sd) } static inline struct sysfs_dirent *sysfs_get_dirent(struct sysfs_dirent *parent_sd, + const void *ns, const unsigned char *name) { return NULL; @@ -313,6 +319,10 @@ static inline void sysfs_put(struct sysfs_dirent *sd) { } +static inline void sysfs_exit_ns(enum kobj_ns_type type, const void *tag) +{ +} + static inline int __must_check sysfs_init(void) { return 0; -- cgit v1.2.3 From 746edb7ae8a1abdd39be2b28c03aa073183340db Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Tue, 30 Mar 2010 11:31:28 -0700 Subject: sysfs: Implement sysfs_delete_link When removing a symlink sysfs_remove_link does not provide enough information to figure out which tagged directory the symlink falls in. So I need sysfs_delete_link which is passed the target of the symlink to delete. sysfs_rename_link is updated to call sysfs_delete_link instead of sysfs_remove_link as we have all of the information necessary and the callers are interesting. Both of these functions now have enough information to find a symlink in a tagged directory. The only restriction is that they must be called before the target kobject is renamed or deleted. If they are called later I loose track of which tag the target kobject was marked with and can no longer find the old symlink to remove it. This patch was split from an earlier patch. Signed-off-by: Eric W. Biederman Signed-off-by: Benjamin Thery Signed-off-by: Daniel Lezcano Acked-by: Tejun Heo Signed-off-by: Greg Kroah-Hartman --- include/linux/sysfs.h | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'include/linux/sysfs.h') diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index 1885d21b0c80..976c4664b216 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -155,6 +155,9 @@ void sysfs_remove_link(struct kobject *kobj, const char *name); int sysfs_rename_link(struct kobject *kobj, struct kobject *target, const char *old_name, const char *new_name); +void sysfs_delete_link(struct kobject *dir, struct kobject *targ, + const char *name); + int __must_check sysfs_create_group(struct kobject *kobj, const struct attribute_group *grp); int sysfs_update_group(struct kobject *kobj, @@ -269,6 +272,11 @@ static inline int sysfs_rename_link(struct kobject *k, struct kobject *t, return 0; } +static inline void sysfs_delete_link(struct kobject *k, struct kobject *t, + const char *name) +{ +} + static inline int sysfs_create_group(struct kobject *kobj, const struct attribute_group *grp) { -- cgit v1.2.3 From be867b194a3ae3c680c29521287ae49b4d44d420 Mon Sep 17 00:00:00 2001 From: "Serge E. Hallyn" Date: Mon, 3 May 2010 16:23:15 -0500 Subject: sysfs: Comment sysfs directory tagging logic Add some in-line comments to explain the new infrastructure, which was introduced to support sysfs directory tagging with namespaces. I think an overall description someplace might be good too, but it didn't really seem to fit into Documentation/filesystems/sysfs.txt, which appears more geared toward users, rather than maintainers, of sysfs. (Tejun, please let me know if I can make anything clearer or failed altogether to comment something that should be commented.) Signed-off-by: Serge E. Hallyn Cc: Eric W. Biederman Cc: Tejun Heo Signed-off-by: Greg Kroah-Hartman --- include/linux/sysfs.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux/sysfs.h') diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index 976c4664b216..47f1c95b5298 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -178,6 +178,7 @@ struct sysfs_dirent *sysfs_get(struct sysfs_dirent *sd); void sysfs_put(struct sysfs_dirent *sd); void sysfs_printk_last_file(void); +/* Called to clear a ns tag when it is no longer valid */ void sysfs_exit_ns(enum kobj_ns_type type, const void *tag); int __must_check sysfs_init(void); -- cgit v1.2.3 From 27eabc7cb4b357c68e4ce77d0b014f7a23add752 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Wed, 5 May 2010 14:54:00 -0700 Subject: sysfs: Don't use enums in inline function declaration. It appears gcc can't cope with using an enum that is only declared in an inline function declaration, that doesn't even use the variable that is so declared. Avoid the silliness and replace the enum with an int, and make gcc happy. Signed-off-by: Eric W. Biederman Acked-by: Randy Dunlap Signed-off-by: Greg Kroah-Hartman --- include/linux/sysfs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/linux/sysfs.h') diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index 47f1c95b5298..6903e9204032 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -328,7 +328,7 @@ static inline void sysfs_put(struct sysfs_dirent *sd) { } -static inline void sysfs_exit_ns(enum kobj_ns_type type, const void *tag) +static inline void sysfs_exit_ns(int type, const void *tag) { } -- cgit v1.2.3 From 2c3c8bea608866d8bd9dcf92657d57fdcac011c5 Mon Sep 17 00:00:00 2001 From: Chris Wright Date: Wed, 12 May 2010 18:28:57 -0700 Subject: sysfs: add struct file* to bin_attr callbacks This allows bin_attr->read,write,mmap callbacks to check file specific data (such as inode owner) as part of any privilege validation. Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman --- include/linux/sysfs.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'include/linux/sysfs.h') diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index 6903e9204032..f2694eb4dd3d 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -87,17 +87,18 @@ struct attribute_group { #define attr_name(_attr) (_attr).attr.name +struct file; struct vm_area_struct; struct bin_attribute { struct attribute attr; size_t size; void *private; - ssize_t (*read)(struct kobject *, struct bin_attribute *, + ssize_t (*read)(struct file *, struct kobject *, struct bin_attribute *, char *, loff_t, size_t); - ssize_t (*write)(struct kobject *, struct bin_attribute *, + ssize_t (*write)(struct file *,struct kobject *, struct bin_attribute *, char *, loff_t, size_t); - int (*mmap)(struct kobject *, struct bin_attribute *attr, + int (*mmap)(struct file *, struct kobject *, struct bin_attribute *attr, struct vm_area_struct *vma); }; -- cgit v1.2.3