Provide the interception and virtualization of the proc interface.
In particular, from within the container the processes need to be
identified as virtual under /proc as well as we need to limit the
ones shown to the ones in the container.
NOTE: This is only temporarily since this exhibits some performance problems.
Signed-off-by: Cedric Le Goater <[email protected]>
Signed-off-by: Serge E Hallyn <[email protected]>
---
base.c | 2 ++
inode.c | 28 ++++++++++++++++++++++++++++
2 files changed, 30 insertions(+)
Index: linux-2.6.15/fs/proc/inode.c
===================================================================
--- linux-2.6.15.orig/fs/proc/inode.c 2006-01-17 08:17:28.000000000 -0500
+++ linux-2.6.15/fs/proc/inode.c 2006-01-17 08:37:10.000000000 -0500
@@ -190,6 +190,33 @@
return NULL;
}
+/* This service performs checks on virtualization marker to allow multiple
+ * dentries with the same name in the dcache.
+ */
+
+#define procpid_check_marker(task, data) (task->container == data)
+static int proc_root_compare(struct dentry *dentry, struct qstr *a,
+ struct qstr *b)
+{
+ /* CAUTION: to evaluate pointer of target dentry, we assume parameter
+ * 'a' is its 'd_name' field. This is always the case anyway.
+ */
+ struct dentry* d = (struct dentry *)
+ ((unsigned long) a -
+ ((unsigned long) &dentry->d_name - (unsigned long) dentry));
+ int result = 1;
+
+ if (a->len == b->len && !memcmp(a->name, b->name, a->len))
+ result = !procpid_check_marker(current, d->d_fsdata);
+
+ return result;
+}
+
+static struct dentry_operations root_dentry_operations =
+{
+ d_compare: proc_root_compare,
+};
+
int proc_fill_super(struct super_block *s, void *data, int silent)
{
struct inode * root_inode;
@@ -213,6 +240,7 @@
s->s_root = d_alloc_root(root_inode);
if (!s->s_root)
goto out_no_root;
+ s->s_root->d_op = &root_dentry_operations;
return 0;
out_no_root:
Index: linux-2.6.15/fs/proc/base.c
===================================================================
--- linux-2.6.15.orig/fs/proc/base.c 2006-01-17 08:37:09.000000000 -0500
+++ linux-2.6.15/fs/proc/base.c 2006-01-17 08:37:10.000000000 -0500
@@ -1497,6 +1497,7 @@
inode->i_op = &proc_pid_link_inode_operations;
inode->i_size = 64;
ei->op.proc_get_link = proc_fd_link;
+ dentry->d_fsdata = current->container;
dentry->d_op = &tid_fd_dentry_operations;
d_add(dentry, inode);
return NULL;
@@ -2002,6 +2003,7 @@
inode->i_nlink = 4;
#endif
+ dentry->d_fsdata = current->container;
dentry->d_op = &pid_base_dentry_operations;
died = 0;
--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
