[RFC PATCH v4 09/12] nfs - cache_lib use namespace if not executing in init namespace

From: Ian Kent
Date: Mon Mar 16 2015 - 22:47:05 EST


From: Ian Kent <ikent@xxxxxxxxxx>

If pipefs is registered within a namespace other than the root init
namespace subsequent pipefs requests should be run within the init
namespace of registration.

Signed-off-by: Ian Kent <ikent@xxxxxxxxxx>
Cc: Benjamin Coddington <bcodding@xxxxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: J. Bruce Fields <bfields@xxxxxxxxxxxx>
Cc: David Howells <dhowells@xxxxxxxxxx>
Cc: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx>
Cc: Oleg Nesterov <onestero@xxxxxxxxxx>
Cc: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
Cc: Jeff Layton <jeff.layton@xxxxxxxxxxxxxxx>
---
fs/nfs/cache_lib.c | 7 ++++++-
include/linux/sunrpc/cache.h | 2 ++
net/sunrpc/cache.c | 5 +++++
3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/fs/nfs/cache_lib.c b/fs/nfs/cache_lib.c
index 5f7b053..4f381ad 100644
--- a/fs/nfs/cache_lib.c
+++ b/fs/nfs/cache_lib.c
@@ -48,7 +48,12 @@ int nfs_cache_upcall(struct cache_detail *cd, char *entry_name)

if (nfs_cache_getent_prog[0] == '\0')
goto out;
- ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);
+ if (cd->u.pipefs.umh_token) {
+ long token = cd->u.pipefs.umh_token;
+ ret = call_usermodehelper_ns(argv[0], argv, envp,
+ UMH_WAIT_EXEC, token);
+ } else
+ ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);
/*
* Disable the upcall mechanism if we're getting an ENOENT or
* EACCES error. The admin can re-enable it on the fly by using
diff --git a/include/linux/sunrpc/cache.h b/include/linux/sunrpc/cache.h
index 437ddb6..f6c1eb2 100644
--- a/include/linux/sunrpc/cache.h
+++ b/include/linux/sunrpc/cache.h
@@ -68,6 +68,8 @@ struct cache_detail_procfs {

struct cache_detail_pipefs {
struct dentry *dir;
+ /* Namespace token */
+ long umh_token;
};

struct cache_detail {
diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c
index 5199bb1..a635efb 100644
--- a/net/sunrpc/cache.c
+++ b/net/sunrpc/cache.c
@@ -1811,6 +1811,9 @@ int sunrpc_cache_register_pipefs(struct dentry *parent,
if (IS_ERR(dir))
return PTR_ERR(dir);
cd->u.pipefs.dir = dir;
+ if (cd->net != &init_net)
+ cd->u.pipefs.umh_token =
+ umh_ns_get_token(cd->u.pipefs.umh_token);
return 0;
}
EXPORT_SYMBOL_GPL(sunrpc_cache_register_pipefs);
@@ -1819,6 +1822,8 @@ void sunrpc_cache_unregister_pipefs(struct cache_detail *cd)
{
rpc_remove_cache_dir(cd->u.pipefs.dir);
cd->u.pipefs.dir = NULL;
+ umh_ns_put_token(cd->u.pipefs.umh_token);
+ cd->u.pipefs.umh_token = 0;
}
EXPORT_SYMBOL_GPL(sunrpc_cache_unregister_pipefs);


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/