5762482f5496cb1dd86acd2aace3ea25d1404e1f |
|
12-Sep-2013 |
Linus Torvalds <torvalds@linux-foundation.org> |
vfs: move get_fs_root_and_pwd() to single caller Let's not pollute the include files with inline functions that are only used in a single place. Especially not if we decide we might want to change the semantics of said function to make it more efficient.. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
3151527ee007b73a0ebd296010f1c0454a919c7d |
|
15-Mar-2013 |
Eric W. Biederman <ebiederm@xmission.com> |
userns: Don't allow creation if the user is chrooted Guarantee that the policy of which files may be access that is established by setting the root directory will not be violated by user namespaces by verifying that the root directory points to the root of the mount namespace at the time of user namespace creation. Changing the root is a privileged operation, and as a matter of policy it serves to limit unprivileged processes to files below the current root directory. For reasons of simplicity and comprehensibility the privilege to change the root directory is gated solely on the CAP_SYS_CHROOT capability in the user namespace. Therefore when creating a user namespace we must ensure that the policy of which files may be access can not be violated by changing the root directory. Anyone who runs a processes in a chroot and would like to use user namespace can setup the same view of filesystems with a mount namespace instead. With this result that this is not a practical limitation for using user namespaces. Cc: stable@vger.kernel.org Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Reported-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
dcf787f39162ce32ca325b3e784aba2d2444619a |
|
02-Mar-2013 |
Al Viro <viro@zeniv.linux.org.uk> |
constify path_get/path_put and fs_struct.c stuff Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
c4144670fd9b34d6eae22c9f83751745898e8243 |
|
02-Oct-2012 |
Al Viro <viro@zeniv.linux.org.uk> |
kill daemonize() Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
c28cc36469554dc55540f059fbdc7fa22a2c31fc |
|
07-Jan-2011 |
Nick Piggin <npiggin@kernel.dk> |
fs: fs_struct use seqlock Use a seqlock in the fs_struct to enable us to take an atomic copy of the complete cwd and root paths. Use this in the RCU lookup path to avoid a thread-shared spinlock in RCU lookup operations. Multi-threaded apps may now perform path lookups with scalability matching multi-process apps. Operations such as stat(2) become very scalable for multi-threaded workload. Signed-off-by: Nick Piggin <npiggin@kernel.dk>
|
2a4419b5b2a77f3f4537c14f7ad7df95770655dd |
|
17-Aug-2010 |
Nick Piggin <npiggin@kernel.dk> |
fs: fs_struct rwlock to spinlock fs: fs_struct rwlock to spinlock struct fs_struct.lock is an rwlock with the read-side used to protect root and pwd members while taking references to them. Taking a reference to a path typically requires just 2 atomic ops, so the critical section is very small. Parallel read-side operations would have cacheline contention on the lock, the dentry, and the vfsmount cachelines, so the rwlock is unlikely to ever give a real parallelism increase. Replace it with a spinlock to avoid one or two atomic operations in typical path lookup fastpath. Signed-off-by: Nick Piggin <npiggin@kernel.dk> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
f7ad3c6be90809b53b7f0ae9d4eaa45ce2564a79 |
|
10-Aug-2010 |
Miklos Szeredi <mszeredi@suse.cz> |
vfs: add helpers to get root and pwd Add three helpers that retrieve a refcounted copy of the root and cwd from the supplied fs_struct. get_fs_root() get_fs_pwd() get_fs_root_and_pwd() Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
498052bba55ecaff58db6a1436b0e25bfd75a7ff |
|
30-Mar-2009 |
Al Viro <viro@zeniv.linux.org.uk> |
New locking/refcounting for fs_struct * all changes of current->fs are done under task_lock and write_lock of old fs->lock * refcount is not atomic anymore (same protection) * its decrements are done when removing reference from current; at the same time we decide whether to free it. * put_fs_struct() is gone * new field - ->in_exec. Set by check_unsafe_exec() if we are trying to do execve() and only subthreads share fs_struct. Cleared when finishing exec (success and failure alike). Makes CLONE_FS fail with -EAGAIN if set. * check_unsafe_exec() may fail with -EAGAIN if another execve() from subthread is in progress. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
3e93cd671813e204c258f1e6c797959920cf7772 |
|
30-Mar-2009 |
Al Viro <viro@zeniv.linux.org.uk> |
Take fs_struct handling to new file (fs/fs_struct.c) Pure code move; two new helper functions for nfsd and daemonize (unshare_fs_struct() and daemonize_fs_struct() resp.; for now - the same code as used to be in callers). unshare_fs_struct() exported (for nfsd, as copy_fs_struct()/exit_fs() used to be), copy_fs_struct() and exit_fs() don't need exports anymore. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
795e2fe0a3b69dbc040d7efcf517e0cbad6901d0 |
|
29-Mar-2009 |
David Howells <dhowells@redhat.com> |
Annotate struct fs_struct's usage count restriction Annotate struct fs_struct's usage count to indicate the restrictions upon it. It may not be incremented, except by clone(CLONE_FS), as this affects the check in check_unsafe_exec() in fs/exec.c. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Hugh Dickins <hugh@veritas.com> Cc: stable@kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
18d8fda7c3c9439be04d7ea2e82da2513b121acb |
|
26-Dec-2008 |
Al Viro <viro@zeniv.linux.org.uk> |
take init_fs to saner place Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
7f2da1e7d0330395e5e9e350b879b98a1ea495df |
|
11-May-2008 |
Al Viro <viro@zeniv.linux.org.uk> |
[PATCH] kill altroot long overdue... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
ac748a09fc873915254ed69fe83f1a95436ee30a |
|
15-Feb-2008 |
Jan Blunck <jblunck@suse.de> |
Make set_fs_{root,pwd} take a struct path In nearly all cases the set_fs_{root,pwd}() calls work on a struct path. Change the function to reflect this and use path_get() here. Signed-off-by: Jan Blunck <jblunck@suse.de> Signed-off-by: Andreas Gruenbacher <agruen@suse.de> Acked-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
6ac08c39a16f72c2d3e845cb6849a1392fa03e80 |
|
15-Feb-2008 |
Jan Blunck <jblunck@suse.de> |
Use struct path in fs_struct * Use struct path in fs_struct. Signed-off-by: Andreas Gruenbacher <agruen@suse.de> Signed-off-by: Jan Blunck <jblunck@suse.de> Acked-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
aa362a83e78d2e9320da588805cf2a0b53356bc3 |
|
07-Dec-2006 |
Christoph Lameter <clameter@sgi.com> |
[PATCH] Move fs_cachep to linux/fs_struct.h fs_cachep is only used in kernel/exit.c and in kernel/fork.c. It is used to store fs_struct items so it should be placed in linux/fs_struct.h Signed-off-by: Christoph Lameter <clameter@sgi.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 |
|
17-Apr-2005 |
Linus Torvalds <torvalds@ppc970.osdl.org> |
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!
|