diff options
author | Kirill Korotaev <dev@openvz.org> | 2006-10-02 02:18:19 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-10-02 07:57:22 -0700 |
commit | 25b21cb2f6d69b0475b134e0a3e8e269137270fa (patch) | |
tree | cd9c3966408c0ca5903249437c35ff35961de544 /include | |
parent | c0b2fc316599d6cd875b6b8cafa67f03b9512b4d (diff) | |
download | kernel-crypto-25b21cb2f6d69b0475b134e0a3e8e269137270fa.tar.gz kernel-crypto-25b21cb2f6d69b0475b134e0a3e8e269137270fa.tar.xz kernel-crypto-25b21cb2f6d69b0475b134e0a3e8e269137270fa.zip |
[PATCH] IPC namespace core
This patch set allows to unshare IPCs and have a private set of IPC objects
(sem, shm, msg) inside namespace. Basically, it is another building block of
containers functionality.
This patch implements core IPC namespace changes:
- ipc_namespace structure
- new config option CONFIG_IPC_NS
- adds CLONE_NEWIPC flag
- unshare support
[clg@fr.ibm.com: small fix for unshare of ipc namespace]
[akpm@osdl.org: build fix]
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
Signed-off-by: Kirill Korotaev <dev@openvz.org>
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/init_task.h | 1 | ||||
-rw-r--r-- | include/linux/ipc.h | 36 | ||||
-rw-r--r-- | include/linux/nsproxy.h | 2 | ||||
-rw-r--r-- | include/linux/sched.h | 1 |
4 files changed, 40 insertions, 0 deletions
diff --git a/include/linux/init_task.h b/include/linux/init_task.h index e08531ec32f..ceecf69dfa3 100644 --- a/include/linux/init_task.h +++ b/include/linux/init_task.h @@ -74,6 +74,7 @@ extern struct nsproxy init_nsproxy; .count = ATOMIC_INIT(1), \ .nslock = SPIN_LOCK_UNLOCKED, \ .uts_ns = &init_uts_ns, \ + .ipc_ns = &init_ipc_ns, \ .namespace = NULL, \ } diff --git a/include/linux/ipc.h b/include/linux/ipc.h index b291189737e..36027b10f28 100644 --- a/include/linux/ipc.h +++ b/include/linux/ipc.h @@ -2,6 +2,7 @@ #define _LINUX_IPC_H #include <linux/types.h> +#include <linux/kref.h> #define IPC_PRIVATE ((__kernel_key_t) 0) @@ -68,6 +69,41 @@ struct kern_ipc_perm void *security; }; +struct ipc_ids; +struct ipc_namespace { + struct kref kref; + struct ipc_ids *ids[3]; + + int sem_ctls[4]; + int used_sems; + + int msg_ctlmax; + int msg_ctlmnb; + int msg_ctlmni; + + size_t shm_ctlmax; + size_t shm_ctlall; + int shm_ctlmni; + int shm_tot; +}; + +extern struct ipc_namespace init_ipc_ns; +extern void free_ipc_ns(struct kref *kref); +extern int copy_ipcs(unsigned long flags, struct task_struct *tsk); +extern int unshare_ipcs(unsigned long flags, struct ipc_namespace **ns); + +static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) +{ + if (ns) + kref_get(&ns->kref); + return ns; +} + +static inline void put_ipc_ns(struct ipc_namespace *ns) +{ + kref_put(&ns->kref, free_ipc_ns); +} + #endif /* __KERNEL__ */ #endif /* _LINUX_IPC_H */ diff --git a/include/linux/nsproxy.h b/include/linux/nsproxy.h index 9c2e0ad508d..f6baecdeecd 100644 --- a/include/linux/nsproxy.h +++ b/include/linux/nsproxy.h @@ -6,6 +6,7 @@ struct namespace; struct uts_namespace; +struct ipc_namespace; /* * A structure to contain pointers to all per-process @@ -23,6 +24,7 @@ struct nsproxy { atomic_t count; spinlock_t nslock; struct uts_namespace *uts_ns; + struct ipc_namespace *ipc_ns; struct namespace *namespace; }; extern struct nsproxy init_nsproxy; diff --git a/include/linux/sched.h b/include/linux/sched.h index a973e701231..9ba959e3426 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -25,6 +25,7 @@ #define CLONE_CHILD_SETTID 0x01000000 /* set the TID in the child */ #define CLONE_STOPPED 0x02000000 /* Start in stopped state */ #define CLONE_NEWUTS 0x04000000 /* New utsname group? */ +#define CLONE_NEWIPC 0x08000000 /* New ipcs */ /* * Scheduling policies |