userns: Make create_new_namespaces take a user_ns parameter
Modify create_new_namespaces to explicitly take a user namespace parameter, instead of implicitly through the task_struct. This allows an implementation of unshare(CLONE_NEWUSER) where the new user namespace is not stored onto the current task_struct until after all of the namespaces are created. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
This commit is contained in:
Eric W. Biederman
@@ -16,7 +16,7 @@
|
||||
|
||||
#include "util.h"
|
||||
|
||||
static struct ipc_namespace *create_ipc_ns(struct task_struct *tsk,
|
||||
static struct ipc_namespace *create_ipc_ns(struct user_namespace *user_ns,
|
||||
struct ipc_namespace *old_ns)
|
||||
{
|
||||
struct ipc_namespace *ns;
|
||||
@@ -46,19 +46,17 @@ static struct ipc_namespace *create_ipc_ns(struct task_struct *tsk,
|
||||
ipcns_notify(IPCNS_CREATED);
|
||||
register_ipcns_notifier(ns);
|
||||
|
||||
ns->user_ns = get_user_ns(task_cred_xxx(tsk, user_ns));
|
||||
ns->user_ns = get_user_ns(user_ns);
|
||||
|
||||
return ns;
|
||||
}
|
||||
|
||||
struct ipc_namespace *copy_ipcs(unsigned long flags,
|
||||
struct task_struct *tsk)
|
||||
struct user_namespace *user_ns, struct ipc_namespace *ns)
|
||||
{
|
||||
struct ipc_namespace *ns = tsk->nsproxy->ipc_ns;
|
||||
|
||||
if (!(flags & CLONE_NEWIPC))
|
||||
return get_ipc_ns(ns);
|
||||
return create_ipc_ns(tsk, ns);
|
||||
return create_ipc_ns(user_ns, ns);
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
Reference in New Issue
Block a user