Loading ipc/namespace.c +9 −6 Original line number Diff line number Diff line Loading @@ -149,6 +149,11 @@ void put_ipc_ns(struct ipc_namespace *ns) } } static inline struct ipc_namespace *to_ipc_ns(struct ns_common *ns) { return container_of(ns, struct ipc_namespace, ns); } static void *ipcns_get(struct task_struct *task) { struct ipc_namespace *ns = NULL; Loading @@ -160,17 +165,17 @@ static void *ipcns_get(struct task_struct *task) ns = get_ipc_ns(nsproxy->ipc_ns); task_unlock(task); return ns; return ns ? &ns->ns : NULL; } static void ipcns_put(void *ns) { return put_ipc_ns(ns); return put_ipc_ns(to_ipc_ns(ns)); } static int ipcns_install(struct nsproxy *nsproxy, void *new) { struct ipc_namespace *ns = new; struct ipc_namespace *ns = to_ipc_ns(new); if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) return -EPERM; Loading @@ -184,9 +189,7 @@ static int ipcns_install(struct nsproxy *nsproxy, void *new) static unsigned int ipcns_inum(void *vp) { struct ipc_namespace *ns = vp; return ns->ns.inum; return ((struct ns_common *)vp)->inum; } const struct proc_ns_operations ipcns_operations = { Loading kernel/pid_namespace.c +9 −5 Original line number Diff line number Diff line Loading @@ -313,6 +313,11 @@ int reboot_pid_ns(struct pid_namespace *pid_ns, int cmd) return 0; } static inline struct pid_namespace *to_pid_ns(struct ns_common *ns) { return container_of(ns, struct pid_namespace, ns); } static void *pidns_get(struct task_struct *task) { struct pid_namespace *ns; Loading @@ -323,18 +328,18 @@ static void *pidns_get(struct task_struct *task) get_pid_ns(ns); rcu_read_unlock(); return ns; return ns ? &ns->ns : NULL; } static void pidns_put(void *ns) { put_pid_ns(ns); put_pid_ns(to_pid_ns(ns)); } static int pidns_install(struct nsproxy *nsproxy, void *ns) { struct pid_namespace *active = task_active_pid_ns(current); struct pid_namespace *ancestor, *new = ns; struct pid_namespace *ancestor, *new = to_pid_ns(ns); if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) || !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) Loading Loading @@ -364,8 +369,7 @@ static int pidns_install(struct nsproxy *nsproxy, void *ns) static unsigned int pidns_inum(void *ns) { struct pid_namespace *pid_ns = ns; return pid_ns->ns.inum; return ((struct ns_common *)ns)->inum; } const struct proc_ns_operations pidns_operations = { Loading kernel/user_namespace.c +9 −5 Original line number Diff line number Diff line Loading @@ -841,6 +841,11 @@ static bool new_idmap_permitted(const struct file *file, return false; } static inline struct user_namespace *to_user_ns(struct ns_common *ns) { return container_of(ns, struct user_namespace, ns); } static void *userns_get(struct task_struct *task) { struct user_namespace *user_ns; Loading @@ -849,17 +854,17 @@ static void *userns_get(struct task_struct *task) user_ns = get_user_ns(__task_cred(task)->user_ns); rcu_read_unlock(); return user_ns; return user_ns ? &user_ns->ns : NULL; } static void userns_put(void *ns) { put_user_ns(ns); put_user_ns(to_user_ns(ns)); } static int userns_install(struct nsproxy *nsproxy, void *ns) { struct user_namespace *user_ns = ns; struct user_namespace *user_ns = to_user_ns(ns); struct cred *cred; /* Don't allow gaining capabilities by reentering Loading Loading @@ -890,8 +895,7 @@ static int userns_install(struct nsproxy *nsproxy, void *ns) static unsigned int userns_inum(void *ns) { struct user_namespace *user_ns = ns; return user_ns->ns.inum; return ((struct ns_common *)ns)->inum; } const struct proc_ns_operations userns_operations = { Loading kernel/utsname.c +9 −6 Original line number Diff line number Diff line Loading @@ -88,6 +88,11 @@ void free_uts_ns(struct kref *kref) kfree(ns); } static inline struct uts_namespace *to_uts_ns(struct ns_common *ns) { return container_of(ns, struct uts_namespace, ns); } static void *utsns_get(struct task_struct *task) { struct uts_namespace *ns = NULL; Loading @@ -101,17 +106,17 @@ static void *utsns_get(struct task_struct *task) } task_unlock(task); return ns; return ns ? &ns->ns : NULL; } static void utsns_put(void *ns) { put_uts_ns(ns); put_uts_ns(to_uts_ns(ns)); } static int utsns_install(struct nsproxy *nsproxy, void *new) { struct uts_namespace *ns = new; struct uts_namespace *ns = to_uts_ns(new); if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) Loading @@ -125,9 +130,7 @@ static int utsns_install(struct nsproxy *nsproxy, void *new) static unsigned int utsns_inum(void *vp) { struct uts_namespace *ns = vp; return ns->ns.inum; return ((struct ns_common *)vp)->inum; } const struct proc_ns_operations utsns_operations = { Loading Loading
ipc/namespace.c +9 −6 Original line number Diff line number Diff line Loading @@ -149,6 +149,11 @@ void put_ipc_ns(struct ipc_namespace *ns) } } static inline struct ipc_namespace *to_ipc_ns(struct ns_common *ns) { return container_of(ns, struct ipc_namespace, ns); } static void *ipcns_get(struct task_struct *task) { struct ipc_namespace *ns = NULL; Loading @@ -160,17 +165,17 @@ static void *ipcns_get(struct task_struct *task) ns = get_ipc_ns(nsproxy->ipc_ns); task_unlock(task); return ns; return ns ? &ns->ns : NULL; } static void ipcns_put(void *ns) { return put_ipc_ns(ns); return put_ipc_ns(to_ipc_ns(ns)); } static int ipcns_install(struct nsproxy *nsproxy, void *new) { struct ipc_namespace *ns = new; struct ipc_namespace *ns = to_ipc_ns(new); if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) return -EPERM; Loading @@ -184,9 +189,7 @@ static int ipcns_install(struct nsproxy *nsproxy, void *new) static unsigned int ipcns_inum(void *vp) { struct ipc_namespace *ns = vp; return ns->ns.inum; return ((struct ns_common *)vp)->inum; } const struct proc_ns_operations ipcns_operations = { Loading
kernel/pid_namespace.c +9 −5 Original line number Diff line number Diff line Loading @@ -313,6 +313,11 @@ int reboot_pid_ns(struct pid_namespace *pid_ns, int cmd) return 0; } static inline struct pid_namespace *to_pid_ns(struct ns_common *ns) { return container_of(ns, struct pid_namespace, ns); } static void *pidns_get(struct task_struct *task) { struct pid_namespace *ns; Loading @@ -323,18 +328,18 @@ static void *pidns_get(struct task_struct *task) get_pid_ns(ns); rcu_read_unlock(); return ns; return ns ? &ns->ns : NULL; } static void pidns_put(void *ns) { put_pid_ns(ns); put_pid_ns(to_pid_ns(ns)); } static int pidns_install(struct nsproxy *nsproxy, void *ns) { struct pid_namespace *active = task_active_pid_ns(current); struct pid_namespace *ancestor, *new = ns; struct pid_namespace *ancestor, *new = to_pid_ns(ns); if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) || !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) Loading Loading @@ -364,8 +369,7 @@ static int pidns_install(struct nsproxy *nsproxy, void *ns) static unsigned int pidns_inum(void *ns) { struct pid_namespace *pid_ns = ns; return pid_ns->ns.inum; return ((struct ns_common *)ns)->inum; } const struct proc_ns_operations pidns_operations = { Loading
kernel/user_namespace.c +9 −5 Original line number Diff line number Diff line Loading @@ -841,6 +841,11 @@ static bool new_idmap_permitted(const struct file *file, return false; } static inline struct user_namespace *to_user_ns(struct ns_common *ns) { return container_of(ns, struct user_namespace, ns); } static void *userns_get(struct task_struct *task) { struct user_namespace *user_ns; Loading @@ -849,17 +854,17 @@ static void *userns_get(struct task_struct *task) user_ns = get_user_ns(__task_cred(task)->user_ns); rcu_read_unlock(); return user_ns; return user_ns ? &user_ns->ns : NULL; } static void userns_put(void *ns) { put_user_ns(ns); put_user_ns(to_user_ns(ns)); } static int userns_install(struct nsproxy *nsproxy, void *ns) { struct user_namespace *user_ns = ns; struct user_namespace *user_ns = to_user_ns(ns); struct cred *cred; /* Don't allow gaining capabilities by reentering Loading Loading @@ -890,8 +895,7 @@ static int userns_install(struct nsproxy *nsproxy, void *ns) static unsigned int userns_inum(void *ns) { struct user_namespace *user_ns = ns; return user_ns->ns.inum; return ((struct ns_common *)ns)->inum; } const struct proc_ns_operations userns_operations = { Loading
kernel/utsname.c +9 −6 Original line number Diff line number Diff line Loading @@ -88,6 +88,11 @@ void free_uts_ns(struct kref *kref) kfree(ns); } static inline struct uts_namespace *to_uts_ns(struct ns_common *ns) { return container_of(ns, struct uts_namespace, ns); } static void *utsns_get(struct task_struct *task) { struct uts_namespace *ns = NULL; Loading @@ -101,17 +106,17 @@ static void *utsns_get(struct task_struct *task) } task_unlock(task); return ns; return ns ? &ns->ns : NULL; } static void utsns_put(void *ns) { put_uts_ns(ns); put_uts_ns(to_uts_ns(ns)); } static int utsns_install(struct nsproxy *nsproxy, void *new) { struct uts_namespace *ns = new; struct uts_namespace *ns = to_uts_ns(new); if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) Loading @@ -125,9 +130,7 @@ static int utsns_install(struct nsproxy *nsproxy, void *new) static unsigned int utsns_inum(void *vp) { struct uts_namespace *ns = vp; return ns->ns.inum; return ((struct ns_common *)vp)->inum; } const struct proc_ns_operations utsns_operations = { Loading
Al Viro <viro@zeniv.linux.org.uk>Al Viro <viro@zeniv.linux.org.uk>