summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorAlexey Gladkov <legion@kernel.org>2022-02-14 19:18:15 +0100
committerEric W. Biederman <ebiederm@xmission.com>2022-03-08 20:39:40 +0100
commit1f5c135ee509e89e0cc274333a65f73c62cb16e5 (patch)
tree9a3b82b103e80cf59b387c87da6b75ba75cdfc1f /include
parentipc: Store mqueue sysctls in the ipc namespace (diff)
downloadlinux-1f5c135ee509e89e0cc274333a65f73c62cb16e5.tar.xz
linux-1f5c135ee509e89e0cc274333a65f73c62cb16e5.zip
ipc: Store ipc sysctls in the ipc namespace
The ipc sysctls are not available for modification inside the user namespace. Following the mqueue sysctls, we changed the implementation to be more userns friendly. So far, the changes do not provide additional access to files. This will be done in a future patch. Signed-off-by: Alexey Gladkov <legion@kernel.org> Link: https://lkml.kernel.org/r/be6f9d014276f4dddd0c3aa05a86052856c1c555.1644862280.git.legion@kernel.org Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'include')
-rw-r--r--include/linux/ipc_namespace.h21
1 files changed, 21 insertions, 0 deletions
diff --git a/include/linux/ipc_namespace.h b/include/linux/ipc_namespace.h
index fa787d97d60a..e3e8c8662b49 100644
--- a/include/linux/ipc_namespace.h
+++ b/include/linux/ipc_namespace.h
@@ -67,6 +67,9 @@ struct ipc_namespace {
struct ctl_table_set mq_set;
struct ctl_table_header *mq_sysctls;
+ struct ctl_table_set ipc_set;
+ struct ctl_table_header *ipc_sysctls;
+
/* user_ns which owns the ipc ns */
struct user_namespace *user_ns;
struct ucounts *ucounts;
@@ -188,4 +191,22 @@ static inline bool setup_mq_sysctls(struct ipc_namespace *ns)
}
#endif /* CONFIG_POSIX_MQUEUE_SYSCTL */
+
+#ifdef CONFIG_SYSVIPC_SYSCTL
+
+bool setup_ipc_sysctls(struct ipc_namespace *ns);
+void retire_ipc_sysctls(struct ipc_namespace *ns);
+
+#else /* CONFIG_SYSVIPC_SYSCTL */
+
+static inline void retire_ipc_sysctls(struct ipc_namespace *ns)
+{
+}
+
+static inline bool setup_ipc_sysctls(struct ipc_namespace *ns)
+{
+ return true;
+}
+
+#endif /* CONFIG_SYSVIPC_SYSCTL */
#endif