Merge sys_clone()/sys_unshare() nsproxy and namespace handling
sys_clone() and sys_unshare() both makes copies of nsproxy and its associated
namespaces. But they have different code paths.
This patch merges all the nsproxy and its associated namespace copy/clone
handling (as much as possible). Posted on container list earlier for
feedback.
- Create a new nsproxy and its associated namespaces and pass it back to
caller to attach it to right process.
- Changed all copy_*_ns() routines to return a new copy of namespace
instead of attaching it to task->nsproxy.
- Moved the CAP_SYS_ADMIN checks out of copy_*_ns() routines.
- Removed unnessary !ns checks from copy_*_ns() and added BUG_ON()
just incase.
- Get rid of all individual unshare_*_ns() routines and make use of
copy_*_ns() instead.
[
[email protected]: cleanups, warning fix]
[
[email protected]: remove dup_namespaces() declaration]
[
[email protected]: fix CONFIG_IPC_NS=n, clone(CLONE_NEWIPC) retval]
[
[email protected]: fix build with CONFIG_SYSVIPC=n]
Signed-off-by: Badari Pulavarty <[email protected]>
Signed-off-by: Serge Hallyn <[email protected]>
Cc: Cedric Le Goater <[email protected]>
Cc: "Eric W. Biederman" <[email protected]>
Cc: <[email protected]>
Signed-off-by: Cedric Le Goater <[email protected]>
Cc: Oleg Nesterov <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
projects / linux.git / commit