diff options
author | Pavel Emelyanov <xemul@openvz.org> | 2008-02-08 04:18:22 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2008-02-08 09:22:23 -0800 |
commit | ae5e1b22f17983da929a0d0178896269e19da186 (patch) | |
tree | e9937e2060167a430cf90955327d1a5a2e7b2303 | |
parent | 58bfdd6deeec02b73691ea2c951a3c5d743bca63 (diff) | |
download | kernel-crypto-ae5e1b22f17983da929a0d0178896269e19da186.tar.gz kernel-crypto-ae5e1b22f17983da929a0d0178896269e19da186.tar.xz kernel-crypto-ae5e1b22f17983da929a0d0178896269e19da186.zip |
namespaces: move the IPC namespace under IPC_NS option
Currently the IPC namespace management code is spread over the ipc/*.c files.
I moved this code into ipc/namespace.c file which is compiled out when needed.
The linux/ipc_namespace.h file is used to store the prototypes of the
functions in namespace.c and the stubs for NAMESPACES=n case. This is done
so, because the stub for copy_ipc_namespace requires the knowledge of the
CLONE_NEWIPC flag, which is in sched.h. But the linux/ipc.h file itself in
included into many many .c files via the sys.h->sem.h sequence so adding the
sched.h into it will make all these .c depend on sched.h which is not that
good. On the other hand the knowledge about the namespaces stuff is required
in 4 .c files only.
Besides, this patch compiles out some auxiliary functions from ipc/sem.c,
msg.c and shm.c files. It turned out that moving these functions into
namespaces.c is not that easy because they use many other calls and macros
from the original file. Moving them would make this patch complicated. On
the other hand all these functions can be consolidated, so I will send a
separate patch doing this a bit later.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Kirill Korotaev <dev@sw.ru>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | include/linux/ipc.h | 52 | ||||
-rw-r--r-- | include/linux/ipc_namespace.h | 69 | ||||
-rw-r--r-- | init/Kconfig | 7 | ||||
-rw-r--r-- | ipc/Makefile | 1 | ||||
-rw-r--r-- | ipc/ipc_sysctl.c | 1 | ||||
-rw-r--r-- | ipc/msg.c | 3 | ||||
-rw-r--r-- | ipc/namespace.c | 73 | ||||
-rw-r--r-- | ipc/sem.c | 3 | ||||
-rw-r--r-- | ipc/shm.c | 3 | ||||
-rw-r--r-- | ipc/util.c | 61 | ||||
-rw-r--r-- | ipc/util.h | 2 | ||||
-rw-r--r-- | kernel/nsproxy.c | 1 |
12 files changed, 164 insertions, 112 deletions
diff --git a/include/linux/ipc.h b/include/linux/ipc.h index 408696ea518..b8826107b51 100644 --- a/include/linux/ipc.h +++ b/include/linux/ipc.h @@ -100,58 +100,6 @@ struct kern_ipc_perm void *security; }; -struct ipc_ids; -struct ipc_namespace { - struct kref kref; - struct ipc_ids *ids[3]; - - int sem_ctls[4]; - int used_sems; - - int msg_ctlmax; - int msg_ctlmnb; - int msg_ctlmni; - atomic_t msg_bytes; - atomic_t msg_hdrs; - - size_t shm_ctlmax; - size_t shm_ctlall; - int shm_ctlmni; - int shm_tot; -}; - -extern struct ipc_namespace init_ipc_ns; - -#ifdef CONFIG_SYSVIPC -#define INIT_IPC_NS(ns) .ns = &init_ipc_ns, -extern void free_ipc_ns(struct kref *kref); -extern struct ipc_namespace *copy_ipcs(unsigned long flags, - struct ipc_namespace *ns); -#else -#define INIT_IPC_NS(ns) -static inline struct ipc_namespace *copy_ipcs(unsigned long flags, - struct ipc_namespace *ns) -{ - return ns; -} -#endif - -static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) -{ -#ifdef CONFIG_SYSVIPC - if (ns) - kref_get(&ns->kref); -#endif - return ns; -} - -static inline void put_ipc_ns(struct ipc_namespace *ns) -{ -#ifdef CONFIG_SYSVIPC - kref_put(&ns->kref, free_ipc_ns); -#endif -} - #endif /* __KERNEL__ */ #endif /* _LINUX_IPC_H */ diff --git a/include/linux/ipc_namespace.h b/include/linux/ipc_namespace.h new file mode 100644 index 00000000000..a491fc9dd23 --- /dev/null +++ b/include/linux/ipc_namespace.h @@ -0,0 +1,69 @@ +#ifndef __IPC_NAMESPACE_H__ +#define __IPC_NAMESPACE_H__ + +#include <linux/err.h> + +struct ipc_ids; +struct ipc_namespace { + struct kref kref; + struct ipc_ids *ids[3]; + + int sem_ctls[4]; + int used_sems; + + int msg_ctlmax; + int msg_ctlmnb; + int msg_ctlmni; + atomic_t msg_bytes; + atomic_t msg_hdrs; + + size_t shm_ctlmax; + size_t shm_ctlall; + int shm_ctlmni; + int shm_tot; +}; + +extern struct ipc_namespace init_ipc_ns; + +#ifdef CONFIG_SYSVIPC +#define INIT_IPC_NS(ns) .ns = &init_ipc_ns, +#else +#define INIT_IPC_NS(ns) +#endif + +#if defined(CONFIG_SYSVIPC) && defined(CONFIG_IPC_NS) +extern void free_ipc_ns(struct kref *kref); +extern struct ipc_namespace *copy_ipcs(unsigned long flags, + struct ipc_namespace *ns); + +static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) +{ + if (ns) + kref_get(&ns->kref); + return ns; +} + +static inline void put_ipc_ns(struct ipc_namespace *ns) +{ + kref_put(&ns->kref, free_ipc_ns); +} +#else +static inline struct ipc_namespace *copy_ipcs(unsigned long flags, + struct ipc_namespace *ns) +{ + if (flags & CLONE_NEWIPC) + return ERR_PTR(-EINVAL); + + return ns; +} + +static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) +{ + return ns; +} + +static inline void put_ipc_ns(struct ipc_namespace *ns) +{ +} +#endif +#endif diff --git a/init/Kconfig b/init/Kconfig index fef641af78c..47879a87496 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -436,6 +436,13 @@ config UTS_NS In this namespace tasks see different info provided with the uname() system call +config IPC_NS + bool "IPC namespace" + depends on NAMESPACES && SYSVIPC + help + In this namespace tasks work with IPC ids which correspond to + different IPC objects in different namespaces + config BLK_DEV_INITRD bool "Initial RAM filesystem and RAM disk (initramfs/initrd) support" depends on BROKEN || !FRV diff --git a/ipc/Makefile b/ipc/Makefile index b93bba6652f..5fc5e33ea04 100644 --- a/ipc/Makefile +++ b/ipc/Makefile @@ -7,4 +7,5 @@ obj-$(CONFIG_SYSVIPC) += util.o msgutil.o msg.o sem.o shm.o obj-$(CONFIG_SYSVIPC_SYSCTL) += ipc_sysctl.o obj_mq-$(CONFIG_COMPAT) += compat_mq.o obj-$(CONFIG_POSIX_MQUEUE) += mqueue.o msgutil.o $(obj_mq-y) +obj-$(CONFIG_IPC_NS) += namespace.o diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c index 79e24e878c1..7f4235bed51 100644 --- a/ipc/ipc_sysctl.c +++ b/ipc/ipc_sysctl.c @@ -14,6 +14,7 @@ #include <linux/nsproxy.h> #include <linux/sysctl.h> #include <linux/uaccess.h> +#include <linux/ipc_namespace.h> static void *get_ipc(ctl_table *table) { diff --git a/ipc/msg.c b/ipc/msg.c index ec0c724054b..5879bfeb79c 100644 --- a/ipc/msg.c +++ b/ipc/msg.c @@ -36,6 +36,7 @@ #include <linux/seq_file.h> #include <linux/rwsem.h> #include <linux/nsproxy.h> +#include <linux/ipc_namespace.h> #include <asm/current.h> #include <asm/uaccess.h> @@ -90,6 +91,7 @@ static void __msg_init_ns(struct ipc_namespace *ns, struct ipc_ids *ids) ipc_init_ids(ids); } +#ifdef CONFIG_IPC_NS int msg_init_ns(struct ipc_namespace *ns) { struct ipc_ids *ids; @@ -128,6 +130,7 @@ void msg_exit_ns(struct ipc_namespace *ns) kfree(ns->ids[IPC_MSG_IDS]); ns->ids[IPC_MSG_IDS] = NULL; } +#endif void __init msg_init(void) { diff --git a/ipc/namespace.c b/ipc/namespace.c new file mode 100644 index 00000000000..cef1139e6c9 --- /dev/null +++ b/ipc/namespace.c @@ -0,0 +1,73 @@ +/* + * linux/ipc/namespace.c + * Copyright (C) 2006 Pavel Emelyanov <xemul@openvz.org> OpenVZ, SWsoft Inc. + */ + +#include <linux/ipc.h> +#include <linux/msg.h> +#include <linux/ipc_namespace.h> +#include <linux/rcupdate.h> +#include <linux/nsproxy.h> +#include <linux/slab.h> + +#include "util.h" + +static struct ipc_namespace *clone_ipc_ns(struct ipc_namespace *old_ns) +{ + int err; + struct ipc_namespace *ns; + + err = -ENOMEM; + ns = kmalloc(sizeof(struct ipc_namespace), GFP_KERNEL); + if (ns == NULL) + goto err_mem; + + err = sem_init_ns(ns); + if (err) + goto err_sem; + err = msg_init_ns(ns); + if (err) + goto err_msg; + err = shm_init_ns(ns); + if (err) + goto err_shm; + + kref_init(&ns->kref); + return ns; + +err_shm: + msg_exit_ns(ns); +err_msg: + sem_exit_ns(ns); +err_sem: + kfree(ns); +err_mem: + return ERR_PTR(err); +} + +struct ipc_namespace *copy_ipcs(unsigned long flags, struct ipc_namespace *ns) +{ + struct ipc_namespace *new_ns; + + BUG_ON(!ns); + get_ipc_ns(ns); + + if (!(flags & CLONE_NEWIPC)) + return ns; + + new_ns = clone_ipc_ns(ns); + + put_ipc_ns(ns); + return new_ns; +} + +void free_ipc_ns(struct kref *kref) +{ + struct ipc_namespace *ns; + + ns = container_of(kref, struct ipc_namespace, kref); + sem_exit_ns(ns); + msg_exit_ns(ns); + shm_exit_ns(ns); + kfree(ns); +} diff --git a/ipc/sem.c b/ipc/sem.c index d65e285b7e3..84c701fe500 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -82,6 +82,7 @@ #include <linux/seq_file.h> #include <linux/rwsem.h> #include <linux/nsproxy.h> +#include <linux/ipc_namespace.h> #include <asm/uaccess.h> #include "util.h" @@ -128,6 +129,7 @@ static void __sem_init_ns(struct ipc_namespace *ns, struct ipc_ids *ids) ipc_init_ids(ids); } +#ifdef CONFIG_IPC_NS int sem_init_ns(struct ipc_namespace *ns) { struct ipc_ids *ids; @@ -165,6 +167,7 @@ void sem_exit_ns(struct ipc_namespace *ns) kfree(ns->ids[IPC_SEM_IDS]); ns->ids[IPC_SEM_IDS] = NULL; } +#endif void __init sem_init (void) { diff --git a/ipc/shm.c b/ipc/shm.c index 65c3a294aba..07f4b7abc80 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -38,6 +38,7 @@ #include <linux/rwsem.h> #include <linux/nsproxy.h> #include <linux/mount.h> +#include <linux/ipc_namespace.h> #include <asm/uaccess.h> @@ -96,6 +97,7 @@ static void do_shm_rmid(struct ipc_namespace *ns, struct shmid_kernel *shp) shm_destroy(ns, shp); } +#ifdef CONFIG_IPC_NS int shm_init_ns(struct ipc_namespace *ns) { struct ipc_ids *ids; @@ -133,6 +135,7 @@ void shm_exit_ns(struct ipc_namespace *ns) kfree(ns->ids[IPC_SHM_IDS]); ns->ids[IPC_SHM_IDS] = NULL; } +#endif void __init shm_init (void) { diff --git a/ipc/util.c b/ipc/util.c index 76c1f3461e2..5432b8e34c9 100644 --- a/ipc/util.c +++ b/ipc/util.c @@ -33,6 +33,7 @@ #include <linux/audit.h> #include <linux/nsproxy.h> #include <linux/rwsem.h> +#include <linux/ipc_namespace.h> #include <asm/unistd.h> @@ -51,66 +52,6 @@ struct ipc_namespace init_ipc_ns = { }, }; -static struct ipc_namespace *clone_ipc_ns(struct ipc_namespace *old_ns) -{ - int err; - struct ipc_namespace *ns; - - err = -ENOMEM; - ns = kmalloc(sizeof(struct ipc_namespace), GFP_KERNEL); - if (ns == NULL) - goto err_mem; - - err = sem_init_ns(ns); - if (err) - goto err_sem; - err = msg_init_ns(ns); - if (err) - goto err_msg; - err = shm_init_ns(ns); - if (err) - goto err_shm; - - kref_init(&ns->kref); - return ns; - -err_shm: - msg_exit_ns(ns); -err_msg: - sem_exit_ns(ns); -err_sem: - kfree(ns); -err_mem: - return ERR_PTR(err); -} - -struct ipc_namespace *copy_ipcs(unsigned long flags, struct ipc_namespace *ns) -{ - struct ipc_namespace *new_ns; - - BUG_ON(!ns); - get_ipc_ns(ns); - - if (!(flags & CLONE_NEWIPC)) - return ns; - - new_ns = clone_ipc_ns(ns); - - put_ipc_ns(ns); - return new_ns; -} - -void free_ipc_ns(struct kref *kref) -{ - struct ipc_namespace *ns; - - ns = container_of(kref, struct ipc_namespace, kref); - sem_exit_ns(ns); - msg_exit_ns(ns); - shm_exit_ns(ns); - kfree(ns); -} - /** * ipc_init - initialise IPC subsystem * diff --git a/ipc/util.h b/ipc/util.h index 9ffea40457c..fc6b7294f76 100644 --- a/ipc/util.h +++ b/ipc/util.h @@ -20,6 +20,8 @@ void sem_init (void); void msg_init (void); void shm_init (void); +struct ipc_namespace; + int sem_init_ns(struct ipc_namespace *ns); int msg_init_ns(struct ipc_namespace *ns); int shm_init_ns(struct ipc_namespace *ns); diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c index 79f871bc0ef..f5d332cf8c6 100644 --- a/kernel/nsproxy.c +++ b/kernel/nsproxy.c @@ -21,6 +21,7 @@ #include <linux/utsname.h> #include <linux/pid_namespace.h> #include <net/net_namespace.h> +#include <linux/ipc_namespace.h> static struct kmem_cache *nsproxy_cachep; |