Eric Lee / linux-smarc-t335x-v3.2

Download as
Browse Code ยป

Commit 57d5f66b86079efac5c9a7843cce2a9bcbe58fb8

Authored by Eric W. Biederman
Committed by Linus Torvalds
1 parent 42614fcde7
Exists in master and in 4 other branches v3.2_AM335xPSP_04.06.00.11, v3.2_NEWT335xPSP_04.06.00.11, v3.2_SBC_SMARTMEN, v3.2_SMARCT335xPSP_04.06.00.11

pidns: Place under CONFIG_EXPERIMENTAL 

This is my trivial patch to swat innumerable little bugs with a single
blow.

After some intensive review (my apologies for not having gotten to this
sooner) what we have looks like a good base to build on with the current
pid namespace code but it is not complete, and it is still much to simple
to find issues where the kernel does the wrong thing outside of the initial
pid namespace.

Until the dust settles and we are certain we have the ABI and the
implementation is as correct as humanly possible let's keep process ID
namespaces behind CONFIG_EXPERIMENTAL.

Allowing us the option of fixing any ABI or other bugs we find as long as
they are minor.

Allowing users of the kernel to avoid those bugs simply by ensuring their
kernel does not have support for multiple pid namespaces.

[akpm@linux-foundation.org: coding-style cleanups]
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Cc: Adrian Bunk <bunk@kernel.org>
Cc: Jeremy Fitzhardinge <jeremy@goop.org>
Cc: Kir Kolyshkin <kir@swsoft.com>
Cc: Kirill Korotaev <dev@sw.ru>
Cc: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Showing 3 changed files with 37 additions and 0 deletions Side-by-side Diff

include/linux/pid_namespace.h
Diff comments   View file @ 57d5f66
... ... @@ -29,6 +29,7 @@
29 29  
30 30 extern struct pid_namespace init_pid_ns;
31 31  
  32 +#ifdef CONFIG_PID_NS
32 33 static inline struct pid_namespace *get_pid_ns(struct pid_namespace *ns)
33 34 {
34 35 if (ns != &init_pid_ns)
... ... @@ -44,6 +45,28 @@
44 45 if (ns != &init_pid_ns)
45 46 kref_put(&ns->kref, free_pid_ns);
46 47 }
  48 +
  49 +#else /* !CONFIG_PID_NS */
  50 +#include <linux/err.h>
  51 +
  52 +static inline struct pid_namespace *get_pid_ns(struct pid_namespace *ns)
  53 +{
  54 + return ns;
  55 +}
  56 +
  57 +static inline struct pid_namespace *
  58 +copy_pid_ns(unsigned long flags, struct pid_namespace *ns)
  59 +{
  60 + if (flags & CLONE_NEWPID)
  61 + ns = ERR_PTR(-EINVAL);
  62 + return ns;
  63 +}
  64 +
  65 +static inline void put_pid_ns(struct pid_namespace *ns)
  66 +{
  67 +}
  68 +
  69 +#endif /* CONFIG_PID_NS */
47 70  
48 71 static inline struct pid_namespace *task_active_pid_ns(struct task_struct *tsk)
49 72 {
... ... @@ -215,6 +215,18 @@
215 215 vservers, to use user namespaces to provide different
216 216 user info for different servers. If unsure, say N.
217 217  
  218 +config PID_NS
  219 + bool "PID Namespaces (EXPERIMENTAL)"
  220 + default n
  221 + depends on EXPERIMENTAL
  222 + help
  223 + Suport process id namespaces. This allows having multiple
  224 + process with the same pid as long as they are in different
  225 + pid namespaces. This is a building block of containers.
  226 +
  227 + Unless you want to work with an experimental feature
  228 + say N here.
  229 +
218 230 config AUDIT
219 231 bool "Auditing support"
220 232 depends on NET
... ... @@ -537,6 +537,7 @@
537 537 return NULL;
538 538 }
539 539  
  540 +#ifdef CONFIG_PID_NS
540 541 static struct pid_namespace *create_pid_namespace(int level)
541 542 {
542 543 struct pid_namespace *ns;
... ... @@ -621,6 +622,7 @@
621 622 if (parent != NULL)
622 623 put_pid_ns(parent);
623 624 }
  625 +#endif /* CONFIG_PID_NS */
624 626  
625 627 void zap_pid_ns_processes(struct pid_namespace *pid_ns)
626 628 {