Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ddf75ae3 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 

Pull namespace fixes from Eric Biederman:
 "This tree includes two bug fixes for problems Oleg spotted on his
  review of the recent pid namespace work.  A small fix to not enable
  bottom halves with irqs disabled, and a trivial build fix for f2fs
  with user namespaces enabled."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  f2fs: Don't assign e_id in f2fs_acl_from_disk
  proc: Allow proc_free_inum to be called from any context
  pidns: Stop pid allocation when init dies
  pidns: Outlaw thread creation after unshare(CLONE_NEWPID)
parents 7fd83b47 48c6d121

fs/f2fs/acl.c

+0 −1
Original line number Diff line number Diff line
@@ -82,7 +82,6 @@ static struct posix_acl *f2fs_acl_from_disk(const char *value, size_t size) 
		case ACL_GROUP_OBJ:

		case ACL_MASK:

		case ACL_OTHER:

			acl->a_entries[i].e_id = ACL_UNDEFINED_ID;

			entry = (struct f2fs_acl_entry *)((char *)entry +

					sizeof(struct f2fs_acl_entry_short));

			break;

fs/proc/generic.c

+7 −6
Original line number Diff line number Diff line
@@ -352,18 +352,18 @@ int proc_alloc_inum(unsigned int *inum) 
	if (!ida_pre_get(&proc_inum_ida, GFP_KERNEL))

		return -ENOMEM;



	spin_lock_bh(&proc_inum_lock);

	spin_lock_irq(&proc_inum_lock);

	error = ida_get_new(&proc_inum_ida, &i);

	spin_unlock_bh(&proc_inum_lock);

	spin_unlock_irq(&proc_inum_lock);

	if (error == -EAGAIN)

		goto retry;

	else if (error)

		return error;



	if (i > UINT_MAX - PROC_DYNAMIC_FIRST) {

		spin_lock_bh(&proc_inum_lock);

		spin_lock_irq(&proc_inum_lock);

		ida_remove(&proc_inum_ida, i);

		spin_unlock_bh(&proc_inum_lock);

		spin_unlock_irq(&proc_inum_lock);

		return -ENOSPC;

	}

	*inum = PROC_DYNAMIC_FIRST + i;
@@ -372,9 +372,10 @@ int proc_alloc_inum(unsigned int *inum) 


void proc_free_inum(unsigned int inum)

{

	spin_lock_bh(&proc_inum_lock);

	unsigned long flags;

	spin_lock_irqsave(&proc_inum_lock, flags);

	ida_remove(&proc_inum_ida, inum - PROC_DYNAMIC_FIRST);

	spin_unlock_bh(&proc_inum_lock);

	spin_unlock_irqrestore(&proc_inum_lock, flags);

}



static void *proc_follow_link(struct dentry *dentry, struct nameidata *nd)

include/linux/pid.h

+1 −0
Original line number Diff line number Diff line
@@ -121,6 +121,7 @@ int next_pidmap(struct pid_namespace *pid_ns, unsigned int last); 


extern struct pid *alloc_pid(struct pid_namespace *ns);

extern void free_pid(struct pid *pid);

extern void disable_pid_allocation(struct pid_namespace *ns);



/*

 * ns_of_pid() returns the pid namespace in which the specified pid was

include/linux/pid_namespace.h

+3 −1
Original line number Diff line number Diff line
@@ -21,7 +21,7 @@ struct pid_namespace { 
	struct kref kref;

	struct pidmap pidmap[PIDMAP_ENTRIES];

	int last_pid;

	int nr_hashed;

	unsigned int nr_hashed;

	struct task_struct *child_reaper;

	struct kmem_cache *pid_cachep;

	unsigned int level;
@@ -42,6 +42,8 @@ struct pid_namespace { 


extern struct pid_namespace init_pid_ns;



#define PIDNS_HASH_ADDING (1U << 31)



#ifdef CONFIG_PID_NS

static inline struct pid_namespace *get_pid_ns(struct pid_namespace *ns)

{

kernel/fork.c

+8 −0
Original line number Diff line number Diff line
@@ -1166,6 +1166,14 @@ static struct task_struct *copy_process(unsigned long clone_flags, 
				current->signal->flags & SIGNAL_UNKILLABLE)

		return ERR_PTR(-EINVAL);



	/*

	 * If the new process will be in a different pid namespace

	 * don't allow the creation of threads.

	 */

	if ((clone_flags & (CLONE_VM|CLONE_NEWPID)) &&

	    (task_active_pid_ns(current) != current->nsproxy->pid_ns))

		return ERR_PTR(-EINVAL);



	retval = security_task_create(clone_flags);

	if (retval)

		goto fork_out;