diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2011-06-15 19:21:48 +0200 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-11-20 13:19:49 +0100 |
commit | 98f842e675f96ffac96e6c50315790912b2812be (patch) | |
tree | ed4dee9a6e54e3443e9f3f1614c8a2fcf9b31e0a /ipc/msgutil.c | |
parent | proc: Fix the namespace inode permission checks. (diff) | |
download | linux-98f842e675f96ffac96e6c50315790912b2812be.tar.xz linux-98f842e675f96ffac96e6c50315790912b2812be.zip |
proc: Usable inode numbers for the namespace file descriptors.
Assign a unique proc inode to each namespace, and use that
inode number to ensure we only allocate at most one proc
inode for every namespace in proc.
A single proc inode per namespace allows userspace to test
to see if two processes are in the same namespace.
This has been a long requested feature and only blocked because
a naive implementation would put the id in a global space and
would ultimately require having a namespace for the names of
namespaces, making migration and certain virtualization tricks
impossible.
We still don't have per superblock inode numbers for proc, which
appears necessary for application unaware checkpoint/restart and
migrations (if the application is using namespace file descriptors)
but that is now allowd by the design if it becomes important.
I have preallocated the ipc and uts initial proc inode numbers so
their structures can be statically initialized.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'ipc/msgutil.c')
-rw-r--r-- | ipc/msgutil.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ipc/msgutil.c b/ipc/msgutil.c index 26143d377c95..6471f1bdae96 100644 --- a/ipc/msgutil.c +++ b/ipc/msgutil.c @@ -16,6 +16,7 @@ #include <linux/msg.h> #include <linux/ipc_namespace.h> #include <linux/utsname.h> +#include <linux/proc_fs.h> #include <asm/uaccess.h> #include "util.h" @@ -30,6 +31,7 @@ DEFINE_SPINLOCK(mq_lock); struct ipc_namespace init_ipc_ns = { .count = ATOMIC_INIT(1), .user_ns = &init_user_ns, + .proc_inum = PROC_IPC_INIT_INO, }; atomic_t nr_ipc_ns = ATOMIC_INIT(1); |