From 435d5f4bb2ccba3b791d9ef61d2590e30b8e806e Mon Sep 17 00:00:00 2001 From: Al Viro Date: Fri, 31 Oct 2014 22:56:04 -0400 Subject: common object embedded into various struct ....ns for now - just move corresponding ->proc_inum instances over there Acked-by: "Eric W. Biederman" Signed-off-by: Al Viro --- include/linux/ipc_namespace.h | 3 ++- include/linux/ns_common.h | 8 ++++++++ include/linux/pid_namespace.h | 3 ++- include/linux/user_namespace.h | 3 ++- include/linux/utsname.h | 3 ++- include/net/net_namespace.h | 3 ++- 6 files changed, 18 insertions(+), 5 deletions(-) create mode 100644 include/linux/ns_common.h (limited to 'include') diff --git a/include/linux/ipc_namespace.h b/include/linux/ipc_namespace.h index 35e7eca4e33b..52a640128151 100644 --- a/include/linux/ipc_namespace.h +++ b/include/linux/ipc_namespace.h @@ -6,6 +6,7 @@ #include #include #include +#include /* * ipc namespace events @@ -68,7 +69,7 @@ struct ipc_namespace { /* user_ns which owns the ipc ns */ struct user_namespace *user_ns; - unsigned int proc_inum; + struct ns_common ns; }; extern struct ipc_namespace init_ipc_ns; diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h new file mode 100644 index 000000000000..e7db1cd54047 --- /dev/null +++ b/include/linux/ns_common.h @@ -0,0 +1,8 @@ +#ifndef _LINUX_NS_COMMON_H +#define _LINUX_NS_COMMON_H + +struct ns_common { + unsigned int inum; +}; + +#endif diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h index 1997ffc295a7..b9cf6c51b181 100644 --- a/include/linux/pid_namespace.h +++ b/include/linux/pid_namespace.h @@ -8,6 +8,7 @@ #include #include #include +#include struct pidmap { atomic_t nr_free; @@ -43,7 +44,7 @@ struct pid_namespace { kgid_t pid_gid; int hide_pid; int reboot; /* group exit code if this pidns was rebooted */ - unsigned int proc_inum; + struct ns_common ns; }; extern struct pid_namespace init_pid_ns; diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h index e95372654f09..4cf06c140e21 100644 --- a/include/linux/user_namespace.h +++ b/include/linux/user_namespace.h @@ -3,6 +3,7 @@ #include #include +#include #include #include @@ -26,7 +27,7 @@ struct user_namespace { int level; kuid_t owner; kgid_t group; - unsigned int proc_inum; + struct ns_common ns; /* Register of per-UID persistent keyrings for this namespace */ #ifdef CONFIG_PERSISTENT_KEYRINGS diff --git a/include/linux/utsname.h b/include/linux/utsname.h index 239e27733d6c..5093f58ae192 100644 --- a/include/linux/utsname.h +++ b/include/linux/utsname.h @@ -5,6 +5,7 @@ #include #include #include +#include #include #include @@ -23,7 +24,7 @@ struct uts_namespace { struct kref kref; struct new_utsname name; struct user_namespace *user_ns; - unsigned int proc_inum; + struct ns_common ns; }; extern struct uts_namespace init_uts_ns; diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index e0d64667a4b3..2e8756b8c775 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -26,6 +26,7 @@ #endif #include #include +#include struct user_namespace; struct proc_dir_entry; @@ -60,7 +61,7 @@ struct net { struct user_namespace *user_ns; /* Owning user namespace */ - unsigned int proc_inum; + struct ns_common ns; struct proc_dir_entry *proc_net; struct proc_dir_entry *proc_net_stat; -- cgit v1.2.3 From 64964528b24ea390824f0e5ce9d34b8d39b28cde Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 1 Nov 2014 00:37:32 -0400 Subject: make proc_ns_operations work with struct ns_common * instead of void * We can do that now. And kill ->inum(), while we are at it - all instances are identical. Signed-off-by: Al Viro --- include/linux/proc_ns.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h index 34a1e105bef4..f284959391fd 100644 --- a/include/linux/proc_ns.h +++ b/include/linux/proc_ns.h @@ -6,18 +6,18 @@ struct pid_namespace; struct nsproxy; +struct ns_common; struct proc_ns_operations { const char *name; int type; - void *(*get)(struct task_struct *task); - void (*put)(void *ns); - int (*install)(struct nsproxy *nsproxy, void *ns); - unsigned int (*inum)(void *ns); + struct ns_common *(*get)(struct task_struct *task); + void (*put)(struct ns_common *ns); + int (*install)(struct nsproxy *nsproxy, struct ns_common *ns); }; struct proc_ns { - void *ns; + struct ns_common *ns; const struct proc_ns_operations *ns_ops; }; -- cgit v1.2.3 From 6344c433a452b1a05d03a61a6a85d89f793bb7b8 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 1 Nov 2014 00:45:45 -0400 Subject: new helpers: ns_alloc_inum/ns_free_inum take struct ns_common *, for now simply wrappers around proc_{alloc,free}_inum() Signed-off-by: Al Viro --- include/linux/proc_ns.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include') diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h index f284959391fd..f5780ee7f8f7 100644 --- a/include/linux/proc_ns.h +++ b/include/linux/proc_ns.h @@ -71,4 +71,7 @@ static inline bool proc_ns_inode(struct inode *inode) { return false; } #endif /* CONFIG_PROC_FS */ +#define ns_alloc_inum(ns) proc_alloc_inum(&(ns)->inum) +#define ns_free_inum(ns) proc_free_inum((ns)->inum) + #endif /* _LINUX_PROC_NS_H */ -- cgit v1.2.3 From 33c429405a2c8d9e42afb9fee88a63cfb2de1e98 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 1 Nov 2014 02:32:53 -0400 Subject: copy address of proc_ns_ops into ns_common Signed-off-by: Al Viro --- include/linux/ns_common.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include') diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h index e7db1cd54047..ce23cf4bbe69 100644 --- a/include/linux/ns_common.h +++ b/include/linux/ns_common.h @@ -1,7 +1,10 @@ #ifndef _LINUX_NS_COMMON_H #define _LINUX_NS_COMMON_H +struct proc_ns_operations; + struct ns_common { + const struct proc_ns_operations *ops; unsigned int inum; }; -- cgit v1.2.3 From f77c80142e1afe6d5c16975ca5d7d1fc324b16f9 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 1 Nov 2014 03:13:17 -0400 Subject: bury struct proc_ns in fs/proc a) make get_proc_ns() return a pointer to struct ns_common b) mirror ns_ops in dentry->d_fsdata of ns dentries, so that is_mnt_ns_file() could get away with fewer dereferences. That way struct proc_ns becomes invisible outside of fs/proc/*.c Signed-off-by: Al Viro --- include/linux/proc_ns.h | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h index f5780ee7f8f7..2837ff41cfe3 100644 --- a/include/linux/proc_ns.h +++ b/include/linux/proc_ns.h @@ -16,11 +16,6 @@ struct proc_ns_operations { int (*install)(struct nsproxy *nsproxy, struct ns_common *ns); }; -struct proc_ns { - struct ns_common *ns; - const struct proc_ns_operations *ns_ops; -}; - extern const struct proc_ns_operations netns_operations; extern const struct proc_ns_operations utsns_operations; extern const struct proc_ns_operations ipcns_operations; @@ -44,7 +39,7 @@ enum { extern int pid_ns_prepare_proc(struct pid_namespace *ns); extern void pid_ns_release_proc(struct pid_namespace *ns); extern struct file *proc_ns_fget(int fd); -extern struct proc_ns *get_proc_ns(struct inode *); +extern struct ns_common *get_proc_ns(struct inode *); extern int proc_alloc_inum(unsigned int *pino); extern void proc_free_inum(unsigned int inum); extern bool proc_ns_inode(struct inode *inode); @@ -59,7 +54,7 @@ static inline struct file *proc_ns_fget(int fd) return ERR_PTR(-EINVAL); } -static inline struct proc_ns *get_proc_ns(struct inode *inode) { return NULL; } +static inline struct ns_common *get_proc_ns(struct inode *inode) { return NULL; } static inline int proc_alloc_inum(unsigned int *inum) { -- cgit v1.2.3 From e149ed2b805fefdccf7ccdfc19eca22fdd4514ac Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 1 Nov 2014 10:57:28 -0400 Subject: take the targets of /proc/*/ns/* symlinks to separate fs New pseudo-filesystem: nsfs. Targets of /proc/*/ns/* live there now. It's not mountable (not even registered, so it's not in /proc/filesystems, etc.). Files on it *are* bindable - we explicitly permit that in do_loopback(). This stuff lives in fs/nsfs.c now; proc_ns_fget() moved there as well. get_proc_ns() is a macro now (it's simply returning ->i_private; would have been an inline, if not for header ordering headache). proc_ns_inode() is an ex-parrot. The interface used in procfs is ns_get_path(path, task, ops) and ns_get_name(buf, size, task, ops). Dentries and inodes are never hashed; a non-counting reference to dentry is stashed in ns_common (removed by ->d_prune()) and reused by ns_get_path() if present. See ns_get_path()/ns_prune_dentry/nsfs_evict() for details of that mechanism. As the result, proc_ns_follow_link() has stopped poking in nd->path.mnt; it does nd_jump_link() on a consistent pair it gets from ns_get_path(). Signed-off-by: Al Viro --- include/linux/ns_common.h | 1 + include/linux/proc_ns.h | 31 ++++++++++++++++++------------- include/uapi/linux/magic.h | 1 + 3 files changed, 20 insertions(+), 13 deletions(-) (limited to 'include') diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h index ce23cf4bbe69..85a5c8c16be9 100644 --- a/include/linux/ns_common.h +++ b/include/linux/ns_common.h @@ -4,6 +4,7 @@ struct proc_ns_operations; struct ns_common { + atomic_long_t stashed; const struct proc_ns_operations *ops; unsigned int inum; }; diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h index 2837ff41cfe3..42dfc615dbf8 100644 --- a/include/linux/proc_ns.h +++ b/include/linux/proc_ns.h @@ -4,9 +4,11 @@ #ifndef _LINUX_PROC_NS_H #define _LINUX_PROC_NS_H +#include + struct pid_namespace; struct nsproxy; -struct ns_common; +struct path; struct proc_ns_operations { const char *name; @@ -38,35 +40,38 @@ enum { extern int pid_ns_prepare_proc(struct pid_namespace *ns); extern void pid_ns_release_proc(struct pid_namespace *ns); -extern struct file *proc_ns_fget(int fd); -extern struct ns_common *get_proc_ns(struct inode *); extern int proc_alloc_inum(unsigned int *pino); extern void proc_free_inum(unsigned int inum); -extern bool proc_ns_inode(struct inode *inode); #else /* CONFIG_PROC_FS */ static inline int pid_ns_prepare_proc(struct pid_namespace *ns) { return 0; } static inline void pid_ns_release_proc(struct pid_namespace *ns) {} -static inline struct file *proc_ns_fget(int fd) -{ - return ERR_PTR(-EINVAL); -} - -static inline struct ns_common *get_proc_ns(struct inode *inode) { return NULL; } - static inline int proc_alloc_inum(unsigned int *inum) { *inum = 1; return 0; } static inline void proc_free_inum(unsigned int inum) {} -static inline bool proc_ns_inode(struct inode *inode) { return false; } #endif /* CONFIG_PROC_FS */ -#define ns_alloc_inum(ns) proc_alloc_inum(&(ns)->inum) +static inline int ns_alloc_inum(struct ns_common *ns) +{ + atomic_long_set(&ns->stashed, 0); + return proc_alloc_inum(&ns->inum); +} + #define ns_free_inum(ns) proc_free_inum((ns)->inum) +extern struct file *proc_ns_fget(int fd); +#define get_proc_ns(inode) ((struct ns_common *)(inode)->i_private) +extern void *ns_get_path(struct path *path, struct task_struct *task, + const struct proc_ns_operations *ns_ops); + +extern int ns_get_name(char *buf, size_t size, struct task_struct *task, + const struct proc_ns_operations *ns_ops); +extern void nsfs_init(void); + #endif /* _LINUX_PROC_NS_H */ diff --git a/include/uapi/linux/magic.h b/include/uapi/linux/magic.h index 77c60311a6c6..7d664ea85ebd 100644 --- a/include/uapi/linux/magic.h +++ b/include/uapi/linux/magic.h @@ -72,5 +72,6 @@ #define MTD_INODE_FS_MAGIC 0x11307854 #define ANON_INODE_FS_MAGIC 0x09041934 #define BTRFS_TEST_MAGIC 0x73727279 +#define NSFS_MAGIC 0x6e736673 #endif /* __LINUX_MAGIC_H__ */ -- cgit v1.2.3 From 1f55a6ec940fb45e3edaa52b6e9fc40cf8e18dcb Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 1 Nov 2014 19:30:41 -0400 Subject: make nameidata completely opaque outside of fs/namei.c Signed-off-by: Al Viro --- include/linux/namei.h | 25 +++---------------------- 1 file changed, 3 insertions(+), 22 deletions(-) (limited to 'include') diff --git a/include/linux/namei.h b/include/linux/namei.h index 492de72560fa..c8990779f0c3 100644 --- a/include/linux/namei.h +++ b/include/linux/namei.h @@ -7,21 +7,10 @@ #include struct vfsmount; +struct nameidata; enum { MAX_NESTED_LINKS = 8 }; -struct nameidata { - struct path path; - struct qstr last; - struct path root; - struct inode *inode; /* path.dentry.d_inode */ - unsigned int flags; - unsigned seq, m_seq; - int last_type; - unsigned depth; - char *saved_names[MAX_NESTED_LINKS + 1]; -}; - /* * Type of the last component on LOOKUP_PARENT */ @@ -82,16 +71,8 @@ extern struct dentry *lock_rename(struct dentry *, struct dentry *); extern void unlock_rename(struct dentry *, struct dentry *); extern void nd_jump_link(struct nameidata *nd, struct path *path); - -static inline void nd_set_link(struct nameidata *nd, char *path) -{ - nd->saved_names[nd->depth] = path; -} - -static inline char *nd_get_link(struct nameidata *nd) -{ - return nd->saved_names[nd->depth]; -} +extern void nd_set_link(struct nameidata *nd, char *path); +extern char *nd_get_link(struct nameidata *nd); static inline void nd_terminate_link(void *name, size_t len, size_t maxlen) { -- cgit v1.2.3 From bd9b51e79cb0b8bc00a7e0076a4a8963ca4a797c Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 18 Nov 2014 23:38:21 -0500 Subject: make default ->i_fop have ->open() fail with ENXIO As it is, default ->i_fop has NULL ->open() (along with all other methods). The only case where it matters is reopening (via procfs symlink) a file that didn't get its ->f_op from ->i_fop - anything else will have ->i_fop assigned to something sane (default would fail on read/write/ioctl/etc.). Unfortunately, such case exists - alloc_file() users, especially anon_get_file() ones. There we have tons of opened files of very different kinds sharing the same inode. As the result, attempt to reopen those via procfs succeeds and you get a descriptor you can't do anything with. Moreover, in case of sockets we set ->i_fop that will only be used on such reopen attempts - and put a failing ->open() into it to make sure those do not succeed. It would be simpler to put such ->open() into default ->i_fop and leave it unchanged both for anon inode (as we do anyway) and for socket ones. Result: * everything going through do_dentry_open() works as it used to * sock_no_open() kludge is gone * attempts to reopen anon-inode files fail as they really ought to * ditto for aio_private_file() * ditto for perfmon - this one actually tried to imitate sock_no_open() trick, but failed to set ->i_fop, so in the current tree reopens succeed and yield completely useless descriptor. Intent clearly had been to fail with -ENXIO on such reopens; now it actually does. * everything else that used alloc_file() keeps working - it has ->i_fop set for its inodes anyway Signed-off-by: Al Viro --- include/linux/fs.h | 1 - 1 file changed, 1 deletion(-) (limited to 'include') diff --git a/include/linux/fs.h b/include/linux/fs.h index 2beddc284bc2..b37beaf7a3a5 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2151,7 +2151,6 @@ static inline int sb_is_blkdev_sb(struct super_block *sb) extern int sync_filesystem(struct super_block *); extern const struct file_operations def_blk_fops; extern const struct file_operations def_chr_fops; -extern const struct file_operations bad_sock_fops; #ifdef CONFIG_BLOCK extern int ioctl_by_bdev(struct block_device *, unsigned, unsigned long); extern int blkdev_ioctl(struct block_device *, fmode_t, unsigned, unsigned long); -- cgit v1.2.3