diff --git a/include/linux/ipc.h b/include/linux/ipc.h index 408696ea51892f0deaf7a866f7e5ec99619c5770..b8826107b5180e78b163e3b92f605bf7dcd22faf 100644 --- a/include/linux/ipc.h +++ b/include/linux/ipc.h @@ -100,58 +100,6 @@ struct kern_ipc_perm void *security; }; -struct ipc_ids; -struct ipc_namespace { - struct kref kref; - struct ipc_ids *ids[3]; - - int sem_ctls[4]; - int used_sems; - - int msg_ctlmax; - int msg_ctlmnb; - int msg_ctlmni; - atomic_t msg_bytes; - atomic_t msg_hdrs; - - size_t shm_ctlmax; - size_t shm_ctlall; - int shm_ctlmni; - int shm_tot; -}; - -extern struct ipc_namespace init_ipc_ns; - -#ifdef CONFIG_SYSVIPC -#define INIT_IPC_NS(ns) .ns = &init_ipc_ns, -extern void free_ipc_ns(struct kref *kref); -extern struct ipc_namespace *copy_ipcs(unsigned long flags, - struct ipc_namespace *ns); -#else -#define INIT_IPC_NS(ns) -static inline struct ipc_namespace *copy_ipcs(unsigned long flags, - struct ipc_namespace *ns) -{ - return ns; -} -#endif - -static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) -{ -#ifdef CONFIG_SYSVIPC - if (ns) - kref_get(&ns->kref); -#endif - return ns; -} - -static inline void put_ipc_ns(struct ipc_namespace *ns) -{ -#ifdef CONFIG_SYSVIPC - kref_put(&ns->kref, free_ipc_ns); -#endif -} - #endif /* __KERNEL__ */ #endif /* _LINUX_IPC_H */ diff --git a/include/linux/ipc_namespace.h b/include/linux/ipc_namespace.h new file mode 100644 index 0000000000000000000000000000000000000000..a491fc9dd2319b7c90fa19b05a111abc7ba747c2 --- /dev/null +++ b/include/linux/ipc_namespace.h @@ -0,0 +1,69 @@ +#ifndef __IPC_NAMESPACE_H__ +#define __IPC_NAMESPACE_H__ + +#include + +struct ipc_ids; +struct ipc_namespace { + struct kref kref; + struct ipc_ids *ids[3]; + + int sem_ctls[4]; + int used_sems; + + int msg_ctlmax; + int msg_ctlmnb; + int msg_ctlmni; + atomic_t msg_bytes; + atomic_t msg_hdrs; + + size_t shm_ctlmax; + size_t shm_ctlall; + int shm_ctlmni; + int shm_tot; +}; + +extern struct ipc_namespace init_ipc_ns; + +#ifdef CONFIG_SYSVIPC +#define INIT_IPC_NS(ns) .ns = &init_ipc_ns, +#else +#define INIT_IPC_NS(ns) +#endif + +#if defined(CONFIG_SYSVIPC) && defined(CONFIG_IPC_NS) +extern void free_ipc_ns(struct kref *kref); +extern struct ipc_namespace *copy_ipcs(unsigned long flags, + struct ipc_namespace *ns); + +static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) +{ + if (ns) + kref_get(&ns->kref); + return ns; +} + +static inline void put_ipc_ns(struct ipc_namespace *ns) +{ + kref_put(&ns->kref, free_ipc_ns); +} +#else +static inline struct ipc_namespace *copy_ipcs(unsigned long flags, + struct ipc_namespace *ns) +{ + if (flags & CLONE_NEWIPC) + return ERR_PTR(-EINVAL); + + return ns; +} + +static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns) +{ + return ns; +} + +static inline void put_ipc_ns(struct ipc_namespace *ns) +{ +} +#endif +#endif diff --git a/init/Kconfig b/init/Kconfig index fef641af78c2748a6725fbf795adcf52f88d6230..47879a874966bc8e29e916b976c1e5b37bb8e367 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -436,6 +436,13 @@ config UTS_NS In this namespace tasks see different info provided with the uname() system call +config IPC_NS + bool "IPC namespace" + depends on NAMESPACES && SYSVIPC + help + In this namespace tasks work with IPC ids which correspond to + different IPC objects in different namespaces + config BLK_DEV_INITRD bool "Initial RAM filesystem and RAM disk (initramfs/initrd) support" depends on BROKEN || !FRV diff --git a/ipc/Makefile b/ipc/Makefile index b93bba6652f1e7abc068d96ea3490e9491939684..5fc5e33ea047c9f46b18948d06e0133733dba8dc 100644 --- a/ipc/Makefile +++ b/ipc/Makefile @@ -7,4 +7,5 @@ obj-$(CONFIG_SYSVIPC) += util.o msgutil.o msg.o sem.o shm.o obj-$(CONFIG_SYSVIPC_SYSCTL) += ipc_sysctl.o obj_mq-$(CONFIG_COMPAT) += compat_mq.o obj-$(CONFIG_POSIX_MQUEUE) += mqueue.o msgutil.o $(obj_mq-y) +obj-$(CONFIG_IPC_NS) += namespace.o diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c index 79e24e878c1eae6d2dc1247f72dec8de71ce2108..7f4235bed51bd92323cc6807ca68171c283633e2 100644 --- a/ipc/ipc_sysctl.c +++ b/ipc/ipc_sysctl.c @@ -14,6 +14,7 @@ #include #include #include +#include static void *get_ipc(ctl_table *table) { diff --git a/ipc/msg.c b/ipc/msg.c index ec0c724054b95ce733eee1510d044df7d95bea20..5879bfeb79ca77527b48b1e074ebe2aad0e2b8fa 100644 --- a/ipc/msg.c +++ b/ipc/msg.c @@ -36,6 +36,7 @@ #include #include #include +#include #include #include @@ -90,6 +91,7 @@ static void __msg_init_ns(struct ipc_namespace *ns, struct ipc_ids *ids) ipc_init_ids(ids); } +#ifdef CONFIG_IPC_NS int msg_init_ns(struct ipc_namespace *ns) { struct ipc_ids *ids; @@ -128,6 +130,7 @@ void msg_exit_ns(struct ipc_namespace *ns) kfree(ns->ids[IPC_MSG_IDS]); ns->ids[IPC_MSG_IDS] = NULL; } +#endif void __init msg_init(void) { diff --git a/ipc/namespace.c b/ipc/namespace.c new file mode 100644 index 0000000000000000000000000000000000000000..cef1139e6c96f49162cff04e32026257597d6f2d --- /dev/null +++ b/ipc/namespace.c @@ -0,0 +1,73 @@ +/* + * linux/ipc/namespace.c + * Copyright (C) 2006 Pavel Emelyanov OpenVZ, SWsoft Inc. + */ + +#include +#include +#include +#include +#include +#include + +#include "util.h" + +static struct ipc_namespace *clone_ipc_ns(struct ipc_namespace *old_ns) +{ + int err; + struct ipc_namespace *ns; + + err = -ENOMEM; + ns = kmalloc(sizeof(struct ipc_namespace), GFP_KERNEL); + if (ns == NULL) + goto err_mem; + + err = sem_init_ns(ns); + if (err) + goto err_sem; + err = msg_init_ns(ns); + if (err) + goto err_msg; + err = shm_init_ns(ns); + if (err) + goto err_shm; + + kref_init(&ns->kref); + return ns; + +err_shm: + msg_exit_ns(ns); +err_msg: + sem_exit_ns(ns); +err_sem: + kfree(ns); +err_mem: + return ERR_PTR(err); +} + +struct ipc_namespace *copy_ipcs(unsigned long flags, struct ipc_namespace *ns) +{ + struct ipc_namespace *new_ns; + + BUG_ON(!ns); + get_ipc_ns(ns); + + if (!(flags & CLONE_NEWIPC)) + return ns; + + new_ns = clone_ipc_ns(ns); + + put_ipc_ns(ns); + return new_ns; +} + +void free_ipc_ns(struct kref *kref) +{ + struct ipc_namespace *ns; + + ns = container_of(kref, struct ipc_namespace, kref); + sem_exit_ns(ns); + msg_exit_ns(ns); + shm_exit_ns(ns); + kfree(ns); +} diff --git a/ipc/sem.c b/ipc/sem.c index d65e285b7e309de03d68cbef348929d0b23f961f..84c701fe5004f461ff27d7d073ee268180def732 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -82,6 +82,7 @@ #include #include #include +#include #include #include "util.h" @@ -128,6 +129,7 @@ static void __sem_init_ns(struct ipc_namespace *ns, struct ipc_ids *ids) ipc_init_ids(ids); } +#ifdef CONFIG_IPC_NS int sem_init_ns(struct ipc_namespace *ns) { struct ipc_ids *ids; @@ -165,6 +167,7 @@ void sem_exit_ns(struct ipc_namespace *ns) kfree(ns->ids[IPC_SEM_IDS]); ns->ids[IPC_SEM_IDS] = NULL; } +#endif void __init sem_init (void) { diff --git a/ipc/shm.c b/ipc/shm.c index 65c3a294aba5cf265823f3d6f369b7b206643d22..07f4b7abc80a41024774c5ccd842a264f9159d8e 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -38,6 +38,7 @@ #include #include #include +#include #include @@ -96,6 +97,7 @@ static void do_shm_rmid(struct ipc_namespace *ns, struct shmid_kernel *shp) shm_destroy(ns, shp); } +#ifdef CONFIG_IPC_NS int shm_init_ns(struct ipc_namespace *ns) { struct ipc_ids *ids; @@ -133,6 +135,7 @@ void shm_exit_ns(struct ipc_namespace *ns) kfree(ns->ids[IPC_SHM_IDS]); ns->ids[IPC_SHM_IDS] = NULL; } +#endif void __init shm_init (void) { diff --git a/ipc/util.c b/ipc/util.c index 76c1f3461e22603496652242299af80d0e17d860..5432b8e34c9b9506757174ba513a7c079641baab 100644 --- a/ipc/util.c +++ b/ipc/util.c @@ -33,6 +33,7 @@ #include #include #include +#include #include @@ -51,66 +52,6 @@ struct ipc_namespace init_ipc_ns = { }, }; -static struct ipc_namespace *clone_ipc_ns(struct ipc_namespace *old_ns) -{ - int err; - struct ipc_namespace *ns; - - err = -ENOMEM; - ns = kmalloc(sizeof(struct ipc_namespace), GFP_KERNEL); - if (ns == NULL) - goto err_mem; - - err = sem_init_ns(ns); - if (err) - goto err_sem; - err = msg_init_ns(ns); - if (err) - goto err_msg; - err = shm_init_ns(ns); - if (err) - goto err_shm; - - kref_init(&ns->kref); - return ns; - -err_shm: - msg_exit_ns(ns); -err_msg: - sem_exit_ns(ns); -err_sem: - kfree(ns); -err_mem: - return ERR_PTR(err); -} - -struct ipc_namespace *copy_ipcs(unsigned long flags, struct ipc_namespace *ns) -{ - struct ipc_namespace *new_ns; - - BUG_ON(!ns); - get_ipc_ns(ns); - - if (!(flags & CLONE_NEWIPC)) - return ns; - - new_ns = clone_ipc_ns(ns); - - put_ipc_ns(ns); - return new_ns; -} - -void free_ipc_ns(struct kref *kref) -{ - struct ipc_namespace *ns; - - ns = container_of(kref, struct ipc_namespace, kref); - sem_exit_ns(ns); - msg_exit_ns(ns); - shm_exit_ns(ns); - kfree(ns); -} - /** * ipc_init - initialise IPC subsystem * diff --git a/ipc/util.h b/ipc/util.h index 9ffea40457cedb17eca4cc9df13ed1b3a5f1a3f7..fc6b7294f764e6144e4178bc8c802e0cf0225b82 100644 --- a/ipc/util.h +++ b/ipc/util.h @@ -20,6 +20,8 @@ void sem_init (void); void msg_init (void); void shm_init (void); +struct ipc_namespace; + int sem_init_ns(struct ipc_namespace *ns); int msg_init_ns(struct ipc_namespace *ns); int shm_init_ns(struct ipc_namespace *ns); diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c index 79f871bc0ef40026e111df575622cbc6b11031c3..f5d332cf8c631704b1ee440c35317644e4f6eff9 100644 --- a/kernel/nsproxy.c +++ b/kernel/nsproxy.c @@ -21,6 +21,7 @@ #include #include #include +#include static struct kmem_cache *nsproxy_cachep;