Skip to content
Commits on May 10, 2011
  1. @ebiederm

    ns proc: Add support for the ipc namespace

    ebiederm committed Mar 7, 2010
    Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
    Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Commits on Mar 26, 2011
  1. @torvalds

    ipcns: fix use after free in free_ipc_ns()

    Xiaotian Feng committed with torvalds Mar 25, 2011
    commit b515498 ("userns: add a user namespace owner of ipc ns") added a
    user namespace owner of ipc ns, but it also introduced a use after free in
    free_ipc_ns().
    
    Signed-off-by: Xiaotian Feng <dfeng@redhat.com>
    Acked-by: "Serge E. Hallyn" <serge.hallyn@canonical.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Cc: "Eric W. Biederman" <ebiederm@xmission.com>
    Cc: Daniel Lezcano <daniel.lezcano@free.fr>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on Mar 24, 2011
  1. @hallyn @torvalds

    userns: user namespaces: convert several capable() calls

    hallyn committed with torvalds Mar 23, 2011
    CAP_IPC_OWNER and CAP_IPC_LOCK can be checked against current_user_ns(),
    because the resource comes from current's own ipc namespace.
    
    setuid/setgid are to uids in own namespace, so again checks can be against
    current_user_ns().
    
    Changelog:
    	Jan 11: Use task_ns_capable() in place of sched_capable().
    	Jan 11: Use nsown_capable() as suggested by Bastian Blank.
    	Jan 11: Clarify (hopefully) some logic in futex and sched.c
    	Feb 15: use ns_capable for ipc, not nsown_capable
    	Feb 23: let copy_ipcs handle setting ipc_ns->user_ns
    	Feb 23: pass ns down rather than taking it from current
    
    [akpm@linux-foundation.org: coding-style fixes]
    Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
    Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
    Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
    Acked-by: David Howells <dhowells@redhat.com>
    Cc: James Morris <jmorris@namei.org>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  2. @hallyn @torvalds

    userns: add a user namespace owner of ipc ns

    hallyn committed with torvalds Mar 23, 2011
    Changelog:
    	Feb 15: Don't set new ipc->user_ns if we didn't create a new
    		ipc_ns.
    	Feb 23: Move extern declaration to ipc_namespace.h, and group
    		fwd declarations at top.
    
    Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
    Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
    Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
    Acked-by: David Howells <dhowells@redhat.com>
    Cc: James Morris <jmorris@namei.org>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on Jun 18, 2009
  1. @torvalds

    ipcns: make free_ipc_ns() static

    Alexey Dobriyan committed with torvalds Jun 17, 2009
    Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
    Reviewed-by: WANG Cong <xiyou.wangcong@gmail.com>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  2. @torvalds

    ipcns: extract create_ipc_ns()

    Alexey Dobriyan committed with torvalds Jun 17, 2009
    clone_ipc_ns() is misnamed, it doesn't clone anything and doesn't use
    passed parameter.  Rename it.
    
    create_ipc_ns() will be used by C/R to create fresh ipcns.
    
    Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
    Acked-by: Serge Hallyn <serue@us.ibm.com>
    Reviewed-by: WANG Cong <xiyou.wangcong@gmail.com>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  3. @torvalds

    ipcns: remove useless get/put while CLONE_NEWIPC

    Alexey Dobriyan committed with torvalds Jun 17, 2009
    copy_ipcs() doesn't actually copy anything. If new ipcns is created, it's
    created from scratch, in this case get/put on old ipcns isn't needed.
    
    Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
    Acked-by: Serge Hallyn <serue@us.ibm.com>
    Reviewed-by: WANG Cong <xiyou.wangcong@gmail.com>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on Apr 7, 2009
  1. @torvalds

    namespaces: ipc namespaces: implement support for posix msqueues

    Serge E. Hallyn committed with torvalds Apr 6, 2009
    Implement multiple mounts of the mqueue file system, and link it to usage
    of CLONE_NEWIPC.
    
    Each ipc ns has a corresponding mqueuefs superblock.  When a user does
    clone(CLONE_NEWIPC) or unshare(CLONE_NEWIPC), the unshare will cause an
    internal mount of a new mqueuefs sb linked to the new ipc ns.
    
    When a user does 'mount -t mqueue mqueue /dev/mqueue', he mounts the
    mqueuefs superblock.
    
    Posix message queues can be worked with both through the mq_* system calls
    (see mq_overview(7)), and through the VFS through the mqueue mount.  Any
    usage of mq_open() and friends will work with the acting task's ipc
    namespace.  Any actions through the VFS will work with the mqueuefs in
    which the file was created.  So if a user doesn't remount mqueuefs after
    unshare(CLONE_NEWIPC), mq_open("/ab") will not be reflected in "ls
    /dev/mqueue".
    
    If task a mounts mqueue for ipc_ns:1, then clones task b with a new ipcns,
    ipcns:2, and then task a is the last task in ipc_ns:1 to exit, then (1)
    ipc_ns:1 will be freed, (2) it's superblock will live on until task b
    umounts the corresponding mqueuefs, and vfs actions will continue to
    succeed, but (3) sb->s_fs_info will be NULL for the sb corresponding to
    the deceased ipc_ns:1.
    
    To make this happen, we must protect the ipc reference count when
    
    a) a task exits and drops its ipcns->count, since it might be dropping
       it to 0 and freeing the ipcns
    
    b) a task accesses the ipcns through its mqueuefs interface, since it
       bumps the ipcns refcount and might race with the last task in the ipcns
       exiting.
    
    So the kref is changed to an atomic_t so we can use
    atomic_dec_and_lock(&ns->count,mq_lock), and every access to the ipcns
    through ns = mqueuefs_sb->s_fs_info is protected by the same lock.
    
    Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
    Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
    Cc: Alexey Dobriyan <adobriyan@gmail.com>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  2. @torvalds

    namespaces: mqueue ns: move mqueue_mnt into struct ipc_namespace

    Serge E. Hallyn committed with torvalds Apr 6, 2009
    Move mqueue vfsmount plus a few tunables into the ipc_namespace struct.
    The CONFIG_IPC_NS boolean and the ipc_namespace struct will serve both the
    posix message queue namespaces and the SYSV ipc namespaces.
    
    The sysctl code will be fixed separately in patch 3.  After just this
    patch, making a change to posix mqueue tunables always changes the values
    in the initial ipc namespace.
    
    Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
    Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
    Cc: Alexey Dobriyan <adobriyan@gmail.com>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on Apr 29, 2008
  1. @torvalds

    ipc: recompute msgmni on ipc namespace creation/removal

    Nadia Derbey committed with torvalds Apr 29, 2008
    Introduce a notification mechanism that aims at recomputing msgmni each time
    an ipc namespace is created or removed.
    
    The ipc namespace notifier chain already defined for memory hotplug management
    is used for that purpose too.
    
    Each time a new ipc namespace is allocated or an existing ipc namespace is
    removed, the ipcns notifier chain is notified.  The callback routine for each
    registered ipc namespace is then activated in order to recompute msgmni for
    that namespace.
    
    Signed-off-by: Nadia Derbey <Nadia.Derbey@bull.net>
    Cc: Yasunori Goto <y-goto@jp.fujitsu.com>
    Cc: Matt Helsley <matthltc@us.ibm.com>
    Cc: Mingming Cao <cmm@us.ibm.com>
    Cc: Pierre Peiffer <pierre.peiffer@bull.net>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  2. @torvalds

    ipc: recompute msgmni on memory add / remove

    Nadia Derbey committed with torvalds Apr 29, 2008
    Introduce the registration of a callback routine that recomputes msg_ctlmni
    upon memory add / remove.
    
    A single notifier block is registered in the hotplug memory chain for all the
    ipc namespaces.
    
    Since the ipc namespaces are not linked together, they have their own
    notification chain: one notifier_block is defined per ipc namespace.
    
    Each time an ipc namespace is created (removed) it registers (unregisters) its
    notifier block in (from) the ipcns chain.  The callback routine registered in
    the memory chain invokes the ipcns notifier chain with the IPCNS_LOWMEM event.
     Each callback routine registered in the ipcns namespace, in turn, recomputes
    msgmni for the owning namespace.
    
    Signed-off-by: Nadia Derbey <Nadia.Derbey@bull.net>
    Cc: Yasunori Goto <y-goto@jp.fujitsu.com>
    Cc: Matt Helsley <matthltc@us.ibm.com>
    Cc: Mingming Cao <cmm@us.ibm.com>
    Cc: Pierre Peiffer <pierre.peiffer@bull.net>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  3. @torvalds

    ipc: scale msgmni to the number of ipc namespaces

    Nadia Derbey committed with torvalds Apr 29, 2008
    Since all the namespaces see the same amount of memory (the total one) this
    patch introduces a new variable that counts the ipc namespaces and divides
    msg_ctlmni by this counter.
    
    Signed-off-by: Nadia Derbey <Nadia.Derbey@bull.net>
    Cc: Yasunori Goto <y-goto@jp.fujitsu.com>
    Cc: Matt Helsley <matthltc@us.ibm.com>
    Cc: Mingming Cao <cmm@us.ibm.com>
    Cc: Pierre Peiffer <pierre.peiffer@bull.net>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on Feb 8, 2008
  1. IPC: consolidate sem_exit_ns(), msg_exit_ns() and shm_exit_ns()

    Pierre Peiffer committed with Linus Torvalds Feb 8, 2008
    sem_exit_ns(), msg_exit_ns() and shm_exit_ns() are all called when an
    ipc_namespace is released to free all ipcs of each type.  But in fact, they
    do the same thing: they loop around all ipcs to free them individually by
    calling a specific routine.
    
    This patch proposes to consolidate this by introducing a common function,
    free_ipcs(), that do the job.  The specific routine to call on each
    individual ipcs is passed as parameter.  For this, these ipc-specific
    'free' routines are reworked to take a generic 'struct ipc_perm' as
    parameter.
    
    Signed-off-by: Pierre Peiffer <pierre.peiffer@bull.net>
    Cc: Cedric Le Goater <clg@fr.ibm.com>
    Cc: Pavel Emelyanov <xemul@openvz.org>
    Cc: Nadia Derbey <Nadia.Derbey@bull.net>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  2. IPC: make struct ipc_ids static in ipc_namespace

    Pierre Peiffer committed with Linus Torvalds Feb 8, 2008
    Each ipc_namespace contains a table of 3 pointers to struct ipc_ids (3 for
    msg, sem and shm, structure used to store all ipcs) These 'struct ipc_ids'
    are dynamically allocated for each icp_namespace as the ipc_namespace
    itself (for the init namespace, they are initialized with pointers to
    static variables instead)
    
    It is so for historical reason: in fact, before the use of idr to store the
    ipcs, the ipcs were stored in tables of variable length, depending of the
    maximum number of ipc allowed.  Now, these 'struct ipc_ids' have a fixed
    size.  As they are allocated in any cases for each new ipc_namespace, there
    is no gain of memory in having them allocated separately of the struct
    ipc_namespace.
    
    This patch proposes to make this table static in the struct ipc_namespace.
    Thus, we can allocate all in once and get rid of all the code needed to
    allocate and free these ipc_ids separately.
    
    Signed-off-by: Pierre Peiffer <pierre.peiffer@bull.net>
    Acked-by: Cedric Le Goater <clg@fr.ibm.com>
    Cc: Pavel Emelyanov <xemul@openvz.org>
    Cc: Nadia Derbey <Nadia.Derbey@bull.net>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  3. @xemul

    namespaces: move the IPC namespace under IPC_NS option

    xemul committed with Linus Torvalds Feb 8, 2008
    Currently the IPC namespace management code is spread over the ipc/*.c files.
    I moved this code into ipc/namespace.c file which is compiled out when needed.
    
    The linux/ipc_namespace.h file is used to store the prototypes of the
    functions in namespace.c and the stubs for NAMESPACES=n case.  This is done
    so, because the stub for copy_ipc_namespace requires the knowledge of the
    CLONE_NEWIPC flag, which is in sched.h.  But the linux/ipc.h file itself in
    included into many many .c files via the sys.h->sem.h sequence so adding the
    sched.h into it will make all these .c depend on sched.h which is not that
    good.  On the other hand the knowledge about the namespaces stuff is required
    in 4 .c files only.
    
    Besides, this patch compiles out some auxiliary functions from ipc/sem.c,
    msg.c and shm.c files.  It turned out that moving these functions into
    namespaces.c is not that easy because they use many other calls and macros
    from the original file.  Moving them would make this patch complicated.  On
    the other hand all these functions can be consolidated, so I will send a
    separate patch doing this a bit later.
    
    Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
    Acked-by: Serge Hallyn <serue@us.ibm.com>
    Cc: Cedric Le Goater <clg@fr.ibm.com>
    Cc: "Eric W. Biederman" <ebiederm@xmission.com>
    Cc: Herbert Poetzl <herbert@13thfloor.at>
    Cc: Kirill Korotaev <dev@sw.ru>
    Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Something went wrong with that request. Please try again.