Re: [PATCH -mm 1/9] unshare system call: system call handler function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Eric W. Biederman wrote:


JANAK DESAI <[email protected]> writes:
[PATCH -mm 1/9] unshare system call: system call handler function 
sys_unshare system call handler function accepts the same flags as
clone system call, checks constraints on each of the flags and invokes
corresponding unshare functions to disassociate respective process
context if it was being shared with another task. 
Changes since the first submission of this patch on 12/12/05:
	- Moved cleaning up of old shared structures outside of the
	  block that holds task_lock (12/13/05)

Signed-off-by: Janak Desai <[email protected]>

---

fork.c | 232 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 232 insertions(+)

diff -Naurp 2.6.15-rc5-mm2/kernel/fork.c 2.6.15-rc5-mm2+patch/kernel/fork.c
--- 2.6.15-rc5-mm2/kernel/fork.c	2005-12-12 03:05:59.000000000 +0000
+++ 2.6.15-rc5-mm2+patch/kernel/fork.c	2005-12-13 18:38:26.000000000 +0000
@@ -1330,3 +1330,235 @@ void __init proc_caches_init(void)
			sizeof(struct mm_struct), 0,
			SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL, NULL);
}
+
+
+/*
+ * Check constraints on flags passed to the unshare system call and
+ * force unsharing of additional process context as appropriate.
+ */


If it isn't legal how about we deny the unshare call.
Then we can share this code with clone.

Eric
unshare is doing the reverse of what clone does. So if you are unsharing namespace you want to make sure that you are not sharing fs. That's why the CLONE_FS flag is forced (meaning you are also going to unshare fs). Since namespace is shared by default and fs is not, if clone is called with CLONE_NEWNS, the intent is to 
create a new namespace, which means you cannot share fs. clone checks to
makes sure that CLONE_NEWNS and CLONE_FS are not specified together, while
unshare will force CLONE_FS if CLONE_NEWNS is spefcified. Basically you
can have a shared namespace and non shared fs, but not the other way around and since clone and unshare are doing opposite things, sharing code between them that 
checks constraints on the flags can get convoluted.

-Janak
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux