Root/
Source at commit b386be689295730688885552666ea40b2e639b14 created 11 years 11 months ago. By Maarten ter Huurne, Revert "MIPS: JZ4740: reset: Initialize hibernate wakeup counters." | |
---|---|
1 | /* |
2 | * This program is free software; you can redistribute it and/or |
3 | * modify it under the terms of the GNU General Public License as |
4 | * published by the Free Software Foundation, version 2 of the |
5 | * License. |
6 | */ |
7 | |
8 | #include <linux/export.h> |
9 | #include <linux/nsproxy.h> |
10 | #include <linux/slab.h> |
11 | #include <linux/user_namespace.h> |
12 | #include <linux/highuid.h> |
13 | #include <linux/cred.h> |
14 | |
15 | static struct kmem_cache *user_ns_cachep __read_mostly; |
16 | |
17 | /* |
18 | * Create a new user namespace, deriving the creator from the user in the |
19 | * passed credentials, and replacing that user with the new root user for the |
20 | * new namespace. |
21 | * |
22 | * This is called by copy_creds(), which will finish setting the target task's |
23 | * credentials. |
24 | */ |
25 | int create_user_ns(struct cred *new) |
26 | { |
27 | struct user_namespace *ns; |
28 | struct user_struct *root_user; |
29 | int n; |
30 | |
31 | ns = kmem_cache_alloc(user_ns_cachep, GFP_KERNEL); |
32 | if (!ns) |
33 | return -ENOMEM; |
34 | |
35 | kref_init(&ns->kref); |
36 | |
37 | for (n = 0; n < UIDHASH_SZ; ++n) |
38 | INIT_HLIST_HEAD(ns->uidhash_table + n); |
39 | |
40 | /* Alloc new root user. */ |
41 | root_user = alloc_uid(ns, 0); |
42 | if (!root_user) { |
43 | kmem_cache_free(user_ns_cachep, ns); |
44 | return -ENOMEM; |
45 | } |
46 | |
47 | /* set the new root user in the credentials under preparation */ |
48 | ns->creator = new->user; |
49 | new->user = root_user; |
50 | new->uid = new->euid = new->suid = new->fsuid = 0; |
51 | new->gid = new->egid = new->sgid = new->fsgid = 0; |
52 | put_group_info(new->group_info); |
53 | new->group_info = get_group_info(&init_groups); |
54 | #ifdef CONFIG_KEYS |
55 | key_put(new->request_key_auth); |
56 | new->request_key_auth = NULL; |
57 | #endif |
58 | /* tgcred will be cleared in our caller bc CLONE_THREAD won't be set */ |
59 | |
60 | /* root_user holds a reference to ns, our reference can be dropped */ |
61 | put_user_ns(ns); |
62 | |
63 | return 0; |
64 | } |
65 | |
66 | /* |
67 | * Deferred destructor for a user namespace. This is required because |
68 | * free_user_ns() may be called with uidhash_lock held, but we need to call |
69 | * back to free_uid() which will want to take the lock again. |
70 | */ |
71 | static void free_user_ns_work(struct work_struct *work) |
72 | { |
73 | struct user_namespace *ns = |
74 | container_of(work, struct user_namespace, destroyer); |
75 | free_uid(ns->creator); |
76 | kmem_cache_free(user_ns_cachep, ns); |
77 | } |
78 | |
79 | void free_user_ns(struct kref *kref) |
80 | { |
81 | struct user_namespace *ns = |
82 | container_of(kref, struct user_namespace, kref); |
83 | |
84 | INIT_WORK(&ns->destroyer, free_user_ns_work); |
85 | schedule_work(&ns->destroyer); |
86 | } |
87 | EXPORT_SYMBOL(free_user_ns); |
88 | |
89 | uid_t user_ns_map_uid(struct user_namespace *to, const struct cred *cred, uid_t uid) |
90 | { |
91 | struct user_namespace *tmp; |
92 | |
93 | if (likely(to == cred->user->user_ns)) |
94 | return uid; |
95 | |
96 | |
97 | /* Is cred->user the creator of the target user_ns |
98 | * or the creator of one of it's parents? |
99 | */ |
100 | for ( tmp = to; tmp != &init_user_ns; |
101 | tmp = tmp->creator->user_ns ) { |
102 | if (cred->user == tmp->creator) { |
103 | return (uid_t)0; |
104 | } |
105 | } |
106 | |
107 | /* No useful relationship so no mapping */ |
108 | return overflowuid; |
109 | } |
110 | |
111 | gid_t user_ns_map_gid(struct user_namespace *to, const struct cred *cred, gid_t gid) |
112 | { |
113 | struct user_namespace *tmp; |
114 | |
115 | if (likely(to == cred->user->user_ns)) |
116 | return gid; |
117 | |
118 | /* Is cred->user the creator of the target user_ns |
119 | * or the creator of one of it's parents? |
120 | */ |
121 | for ( tmp = to; tmp != &init_user_ns; |
122 | tmp = tmp->creator->user_ns ) { |
123 | if (cred->user == tmp->creator) { |
124 | return (gid_t)0; |
125 | } |
126 | } |
127 | |
128 | /* No useful relationship so no mapping */ |
129 | return overflowgid; |
130 | } |
131 | |
132 | static __init int user_namespaces_init(void) |
133 | { |
134 | user_ns_cachep = KMEM_CACHE(user_namespace, SLAB_PANIC); |
135 | return 0; |
136 | } |
137 | module_init(user_namespaces_init); |
138 |
Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master
Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9