[GIT PULL] thread changes for v5.9

[Christian Brauner]

Hi Linus,

Here are the changes for v5.9:

/* Summary */
This contains the changes to add the missing support for attaching to time
namespaces via pidfds. Last cycle setns() was changed to support attaching to
multiple namespaces atomically. This requires all namespaces to have a point of
no return where they can't fail anymore. Specifically,
<namespace-type>_install() is allowed to perform permission checks and install
the namespace into the new struct nsset that it has been given but it is not
allowed to make visible changes to the affected task. Once
<namespace-type>_install() returns, anything that the given namespace type
additionally requires to be setup needs to ideally be done in a function that
can't fail or if it fails the failure must be non-fatal. For time namespaces
the relevant functions that fell into this category were timens_set_vvar_page()
and vdso_join_timens(). The latter could still fail although it didn't had to.
This function is only implemented for vdso_join_timens() in current mainline.
As discussed on-list (cf. [1]), in order to make setns() support time
namespaces when attaching to multiple namespaces at once properly we changed
vdso_join_timens() to always succeed. So vdso_join_timens() replaces the
mmap_write_lock_killable() with mmap_read_lock().

Please note that arm is about to grow vdso support for time namespaces
(possibly this merge window). We've synced on this change and arm64 also uses
mmap_read_locK(), i.e. makes vdso_join_timens() a function that can't fail.
Once the changes here and the arm64 changes have landed, vdso_join_timens()
should be turned into a void function so it's obvious to callers and
implementers on other architectures that the expectation is that it can't fail.
We didn't do this right away because it would've introduced unnecessary merge
conflicts between the two trees for no major gain.

As always, tests included.

[1]: https://lore.kernel.org/lkml/20200611110221.pgd3r5qkjrjmfqa2@wittgenstein

/* Testing */
All patches are based on v5.8-rc4 and have been sitting in linux-next. No build
failures or warnings were observed. All old and new tests are passing.

/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next and no merge conflicts showed up doing a test-merge with current
mainline bcf876870b95 ("Linux 5.8").

The following changes since commit dcb7fd82c75ee2d6e6f9d8cc71c52519ed52e258:

  Linux 5.8-rc4 (2020-07-05 16:20:22 -0700)

are available in the Git repository at:

  git@xxxxxxxxxxxxxxxxxxx:pub/scm/linux/kernel/git/brauner/linux tags/threads-v5.9

for you to fetch changes up to 55d9ad97e417cc2604654913e902d26f942bde00:

  tests: add CLONE_NEWTIME setns tests (2020-07-08 11:14:22 +0200)

Please consider pulling these changes from the signed threads-v5.9 tag.

Thanks!
Christian

----------------------------------------------------------------
threads-v5.9

----------------------------------------------------------------
Christian Brauner (4):
      timens: make vdso_join_timens() always succeed
      timens: add timens_commit() helper
      nsproxy: support CLONE_NEWTIME with setns()
      tests: add CLONE_NEWTIME setns tests

 arch/x86/entry/vdso/vma.c                        |  5 +-
 include/linux/time_namespace.h                   |  6 ++
 kernel/nsproxy.c                                 | 21 ++++++-
 kernel/time/namespace.c                          | 22 +++----
 tools/testing/selftests/pidfd/pidfd.h            |  4 ++
 tools/testing/selftests/pidfd/pidfd_setns_test.c | 76 ++++++++++++++++++++++++
 6 files changed, 115 insertions(+), 19 deletions(-)