• E
    proc: Usable inode numbers for the namespace file descriptors. · 98f842e6
    Eric W. Biederman 提交于
    Assign a unique proc inode to each namespace, and use that
    inode number to ensure we only allocate at most one proc
    inode for every namespace in proc.
    
    A single proc inode per namespace allows userspace to test
    to see if two processes are in the same namespace.
    
    This has been a long requested feature and only blocked because
    a naive implementation would put the id in a global space and
    would ultimately require having a namespace for the names of
    namespaces, making migration and certain virtualization tricks
    impossible.
    
    We still don't have per superblock inode numbers for proc, which
    appears necessary for application unaware checkpoint/restart and
    migrations (if the application is using namespace file descriptors)
    but that is now allowd by the design if it becomes important.
    
    I have preallocated the ipc and uts initial proc inode numbers so
    their structures can be statically initialized.
    Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
    98f842e6
user_namespace.c 21.2 KB