tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

ns: move namespace types into separate header

Add a dedicated header for namespace types.

Link: https://patch.msgid.link/20251110-work-namespace-nstree-fixes-v1-1-e8a9264e0fb9@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>

Christian Brauner 2b9a0f21 a67ee4e2

+206 -195
+205
include/linux/ns/ns_common_types.h
··· 1 + /* SPDX-License-Identifier: GPL-2.0 */ 2 + #ifndef _LINUX_NS_COMMON_TYPES_H 3 + #define _LINUX_NS_COMMON_TYPES_H 4 + 5 + #include <linux/atomic.h> 6 + #include <linux/rbtree.h> 7 + #include <linux/refcount.h> 8 + #include <linux/types.h> 9 + 10 + struct cgroup_namespace; 11 + struct dentry; 12 + struct ipc_namespace; 13 + struct mnt_namespace; 14 + struct net; 15 + struct pid_namespace; 16 + struct proc_ns_operations; 17 + struct time_namespace; 18 + struct user_namespace; 19 + struct uts_namespace; 20 + 21 + extern struct cgroup_namespace init_cgroup_ns; 22 + extern struct ipc_namespace init_ipc_ns; 23 + extern struct mnt_namespace init_mnt_ns; 24 + extern struct net init_net; 25 + extern struct pid_namespace init_pid_ns; 26 + extern struct time_namespace init_time_ns; 27 + extern struct user_namespace init_user_ns; 28 + extern struct uts_namespace init_uts_ns; 29 + 30 + extern const struct proc_ns_operations cgroupns_operations; 31 + extern const struct proc_ns_operations ipcns_operations; 32 + extern const struct proc_ns_operations mntns_operations; 33 + extern const struct proc_ns_operations netns_operations; 34 + extern const struct proc_ns_operations pidns_operations; 35 + extern const struct proc_ns_operations pidns_for_children_operations; 36 + extern const struct proc_ns_operations timens_operations; 37 + extern const struct proc_ns_operations timens_for_children_operations; 38 + extern const struct proc_ns_operations userns_operations; 39 + extern const struct proc_ns_operations utsns_operations; 40 + 41 + /* 42 + * Namespace lifetimes are managed via a two-tier reference counting model: 43 + * 44 + * (1) __ns_ref (refcount_t): Main reference count tracking memory 45 + * lifetime. Controls when the namespace structure itself is freed. 46 + * It also pins the namespace on the namespace trees whereas (2) 47 + * only regulates their visibility to userspace. 48 + * 49 + * (2) __ns_ref_active (atomic_t): Reference count tracking active users. 50 + * Controls visibility of the namespace in the namespace trees. 51 + * Any live task that uses the namespace (via nsproxy or cred) holds 52 + * an active reference. Any open file descriptor or bind-mount of 53 + * the namespace holds an active reference. Once all tasks have 54 + * called exited their namespaces and all file descriptors and 55 + * bind-mounts have been released the active reference count drops 56 + * to zero and the namespace becomes inactive. IOW, the namespace 57 + * cannot be listed or opened via file handles anymore. 58 + * 59 + * Note that it is valid to transition from active to inactive and 60 + * back from inactive to active e.g., when resurrecting an inactive 61 + * namespace tree via the SIOCGSKNS ioctl(). 62 + * 63 + * Relationship and lifecycle states: 64 + * 65 + * - Active (__ns_ref_active > 0): 66 + * Namespace is actively used and visible to userspace. The namespace 67 + * can be reopened via /proc/<pid>/ns/<ns_type>, via namespace file 68 + * handles, or discovered via listns(). 69 + * 70 + * - Inactive (__ns_ref_active == 0, __ns_ref > 0): 71 + * No tasks are actively using the namespace and it isn't pinned by 72 + * any bind-mounts or open file descriptors anymore. But the namespace 73 + * is still kept alive by internal references. For example, the user 74 + * namespace could be pinned by an open file through file->f_cred 75 + * references when one of the now defunct tasks had opened a file and 76 + * handed the file descriptor off to another process via a UNIX 77 + * sockets. Such references keep the namespace structure alive through 78 + * __ns_ref but will not hold an active reference. 79 + * 80 + * - Destroyed (__ns_ref == 0): 81 + * No references remain. The namespace is removed from the tree and freed. 82 + * 83 + * State transitions: 84 + * 85 + * Active -> Inactive: 86 + * When the last task using the namespace exits it drops its active 87 + * references to all namespaces. However, user and pid namespaces 88 + * remain accessible until the task has been reaped. 89 + * 90 + * Inactive -> Active: 91 + * An inactive namespace tree might be resurrected due to e.g., the 92 + * SIOCGSKNS ioctl() on a socket. 93 + * 94 + * Inactive -> Destroyed: 95 + * When __ns_ref drops to zero the namespace is removed from the 96 + * namespaces trees and the memory is freed (after RCU grace period). 97 + * 98 + * Initial namespaces: 99 + * Boot-time namespaces (init_net, init_pid_ns, etc.) start with 100 + * __ns_ref_active = 1 and remain active forever. 101 + */ 102 + struct ns_common { 103 + u32 ns_type; 104 + struct dentry *stashed; 105 + const struct proc_ns_operations *ops; 106 + unsigned int inum; 107 + refcount_t __ns_ref; /* do not use directly */ 108 + union { 109 + struct { 110 + u64 ns_id; 111 + struct /* global namespace rbtree and list */ { 112 + struct rb_node ns_unified_tree_node; 113 + struct list_head ns_unified_list_node; 114 + }; 115 + struct /* per type rbtree and list */ { 116 + struct rb_node ns_tree_node; 117 + struct list_head ns_list_node; 118 + }; 119 + struct /* namespace ownership rbtree and list */ { 120 + struct rb_root ns_owner_tree; /* rbtree of namespaces owned by this namespace */ 121 + struct list_head ns_owner; /* list of namespaces owned by this namespace */ 122 + struct rb_node ns_owner_tree_node; /* node in the owner namespace's rbtree */ 123 + struct list_head ns_owner_entry; /* node in the owner namespace's ns_owned list */ 124 + }; 125 + atomic_t __ns_ref_active; /* do not use directly */ 126 + }; 127 + struct rcu_head ns_rcu; 128 + }; 129 + }; 130 + 131 + #define to_ns_common(__ns) \ 132 + _Generic((__ns), \ 133 + struct cgroup_namespace *: &(__ns)->ns, \ 134 + const struct cgroup_namespace *: &(__ns)->ns, \ 135 + struct ipc_namespace *: &(__ns)->ns, \ 136 + const struct ipc_namespace *: &(__ns)->ns, \ 137 + struct mnt_namespace *: &(__ns)->ns, \ 138 + const struct mnt_namespace *: &(__ns)->ns, \ 139 + struct net *: &(__ns)->ns, \ 140 + const struct net *: &(__ns)->ns, \ 141 + struct pid_namespace *: &(__ns)->ns, \ 142 + const struct pid_namespace *: &(__ns)->ns, \ 143 + struct time_namespace *: &(__ns)->ns, \ 144 + const struct time_namespace *: &(__ns)->ns, \ 145 + struct user_namespace *: &(__ns)->ns, \ 146 + const struct user_namespace *: &(__ns)->ns, \ 147 + struct uts_namespace *: &(__ns)->ns, \ 148 + const struct uts_namespace *: &(__ns)->ns) 149 + 150 + #define ns_init_inum(__ns) \ 151 + _Generic((__ns), \ 152 + struct cgroup_namespace *: CGROUP_NS_INIT_INO, \ 153 + struct ipc_namespace *: IPC_NS_INIT_INO, \ 154 + struct mnt_namespace *: MNT_NS_INIT_INO, \ 155 + struct net *: NET_NS_INIT_INO, \ 156 + struct pid_namespace *: PID_NS_INIT_INO, \ 157 + struct time_namespace *: TIME_NS_INIT_INO, \ 158 + struct user_namespace *: USER_NS_INIT_INO, \ 159 + struct uts_namespace *: UTS_NS_INIT_INO) 160 + 161 + #define ns_init_ns(__ns) \ 162 + _Generic((__ns), \ 163 + struct cgroup_namespace *: &init_cgroup_ns, \ 164 + struct ipc_namespace *: &init_ipc_ns, \ 165 + struct mnt_namespace *: &init_mnt_ns, \ 166 + struct net *: &init_net, \ 167 + struct pid_namespace *: &init_pid_ns, \ 168 + struct time_namespace *: &init_time_ns, \ 169 + struct user_namespace *: &init_user_ns, \ 170 + struct uts_namespace *: &init_uts_ns) 171 + 172 + #define ns_init_id(__ns) \ 173 + _Generic((__ns), \ 174 + struct cgroup_namespace *: CGROUP_NS_INIT_ID, \ 175 + struct ipc_namespace *: IPC_NS_INIT_ID, \ 176 + struct mnt_namespace *: MNT_NS_INIT_ID, \ 177 + struct net *: NET_NS_INIT_ID, \ 178 + struct pid_namespace *: PID_NS_INIT_ID, \ 179 + struct time_namespace *: TIME_NS_INIT_ID, \ 180 + struct user_namespace *: USER_NS_INIT_ID, \ 181 + struct uts_namespace *: UTS_NS_INIT_ID) 182 + 183 + #define to_ns_operations(__ns) \ 184 + _Generic((__ns), \ 185 + struct cgroup_namespace *: (IS_ENABLED(CONFIG_CGROUPS) ? &cgroupns_operations : NULL), \ 186 + struct ipc_namespace *: (IS_ENABLED(CONFIG_IPC_NS) ? &ipcns_operations : NULL), \ 187 + struct mnt_namespace *: &mntns_operations, \ 188 + struct net *: (IS_ENABLED(CONFIG_NET_NS) ? &netns_operations : NULL), \ 189 + struct pid_namespace *: (IS_ENABLED(CONFIG_PID_NS) ? &pidns_operations : NULL), \ 190 + struct time_namespace *: (IS_ENABLED(CONFIG_TIME_NS) ? &timens_operations : NULL), \ 191 + struct user_namespace *: (IS_ENABLED(CONFIG_USER_NS) ? &userns_operations : NULL), \ 192 + struct uts_namespace *: (IS_ENABLED(CONFIG_UTS_NS) ? &utsns_operations : NULL)) 193 + 194 + #define ns_common_type(__ns) \ 195 + _Generic((__ns), \ 196 + struct cgroup_namespace *: CLONE_NEWCGROUP, \ 197 + struct ipc_namespace *: CLONE_NEWIPC, \ 198 + struct mnt_namespace *: CLONE_NEWNS, \ 199 + struct net *: CLONE_NEWNET, \ 200 + struct pid_namespace *: CLONE_NEWPID, \ 201 + struct time_namespace *: CLONE_NEWTIME, \ 202 + struct user_namespace *: CLONE_NEWUSER, \ 203 + struct uts_namespace *: CLONE_NEWUTS) 204 + 205 + #endif /* _LINUX_NS_COMMON_TYPES_H */
+1 -195
include/linux/ns_common.h
··· 2 2 #ifndef _LINUX_NS_COMMON_H 3 3 #define _LINUX_NS_COMMON_H 4 4 5 + #include <linux/ns/ns_common_types.h> 5 6 #include <linux/refcount.h> 6 - #include <linux/rbtree.h> 7 7 #include <linux/vfsdebug.h> 8 8 #include <uapi/linux/sched.h> 9 9 #include <uapi/linux/nsfs.h> 10 - 11 - struct proc_ns_operations; 12 - 13 - struct cgroup_namespace; 14 - struct ipc_namespace; 15 - struct mnt_namespace; 16 - struct net; 17 - struct pid_namespace; 18 - struct time_namespace; 19 - struct user_namespace; 20 - struct uts_namespace; 21 - 22 - extern struct cgroup_namespace init_cgroup_ns; 23 - extern struct ipc_namespace init_ipc_ns; 24 - extern struct mnt_namespace init_mnt_ns; 25 - extern struct net init_net; 26 - extern struct pid_namespace init_pid_ns; 27 - extern struct time_namespace init_time_ns; 28 - extern struct user_namespace init_user_ns; 29 - extern struct uts_namespace init_uts_ns; 30 - 31 - extern const struct proc_ns_operations netns_operations; 32 - extern const struct proc_ns_operations utsns_operations; 33 - extern const struct proc_ns_operations ipcns_operations; 34 - extern const struct proc_ns_operations pidns_operations; 35 - extern const struct proc_ns_operations pidns_for_children_operations; 36 - extern const struct proc_ns_operations userns_operations; 37 - extern const struct proc_ns_operations mntns_operations; 38 - extern const struct proc_ns_operations cgroupns_operations; 39 - extern const struct proc_ns_operations timens_operations; 40 - extern const struct proc_ns_operations timens_for_children_operations; 41 - 42 - /* 43 - * Namespace lifetimes are managed via a two-tier reference counting model: 44 - * 45 - * (1) __ns_ref (refcount_t): Main reference count tracking memory 46 - * lifetime. Controls when the namespace structure itself is freed. 47 - * It also pins the namespace on the namespace trees whereas (2) 48 - * only regulates their visibility to userspace. 49 - * 50 - * (2) __ns_ref_active (atomic_t): Reference count tracking active users. 51 - * Controls visibility of the namespace in the namespace trees. 52 - * Any live task that uses the namespace (via nsproxy or cred) holds 53 - * an active reference. Any open file descriptor or bind-mount of 54 - * the namespace holds an active reference. Once all tasks have 55 - * called exited their namespaces and all file descriptors and 56 - * bind-mounts have been released the active reference count drops 57 - * to zero and the namespace becomes inactive. IOW, the namespace 58 - * cannot be listed or opened via file handles anymore. 59 - * 60 - * Note that it is valid to transition from active to inactive and 61 - * back from inactive to active e.g., when resurrecting an inactive 62 - * namespace tree via the SIOCGSKNS ioctl(). 63 - * 64 - * Relationship and lifecycle states: 65 - * 66 - * - Active (__ns_ref_active > 0): 67 - * Namespace is actively used and visible to userspace. The namespace 68 - * can be reopened via /proc/<pid>/ns/<ns_type>, via namespace file 69 - * handles, or discovered via listns(). 70 - * 71 - * - Inactive (__ns_ref_active == 0, __ns_ref > 0): 72 - * No tasks are actively using the namespace and it isn't pinned by 73 - * any bind-mounts or open file descriptors anymore. But the namespace 74 - * is still kept alive by internal references. For example, the user 75 - * namespace could be pinned by an open file through file->f_cred 76 - * references when one of the now defunct tasks had opened a file and 77 - * handed the file descriptor off to another process via a UNIX 78 - * sockets. Such references keep the namespace structure alive through 79 - * __ns_ref but will not hold an active reference. 80 - * 81 - * - Destroyed (__ns_ref == 0): 82 - * No references remain. The namespace is removed from the tree and freed. 83 - * 84 - * State transitions: 85 - * 86 - * Active -> Inactive: 87 - * When the last task using the namespace exits it drops its active 88 - * references to all namespaces. However, user and pid namespaces 89 - * remain accessible until the task has been reaped. 90 - * 91 - * Inactive -> Active: 92 - * An inactive namespace tree might be resurrected due to e.g., the 93 - * SIOCGSKNS ioctl() on a socket. 94 - * 95 - * Inactive -> Destroyed: 96 - * When __ns_ref drops to zero the namespace is removed from the 97 - * namespaces trees and the memory is freed (after RCU grace period). 98 - * 99 - * Initial namespaces: 100 - * Boot-time namespaces (init_net, init_pid_ns, etc.) start with 101 - * __ns_ref_active = 1 and remain active forever. 102 - */ 103 - struct ns_common { 104 - u32 ns_type; 105 - struct dentry *stashed; 106 - const struct proc_ns_operations *ops; 107 - unsigned int inum; 108 - refcount_t __ns_ref; /* do not use directly */ 109 - union { 110 - struct { 111 - u64 ns_id; 112 - struct /* global namespace rbtree and list */ { 113 - struct rb_node ns_unified_tree_node; 114 - struct list_head ns_unified_list_node; 115 - }; 116 - struct /* per type rbtree and list */ { 117 - struct rb_node ns_tree_node; 118 - struct list_head ns_list_node; 119 - }; 120 - struct /* namespace ownership rbtree and list */ { 121 - struct rb_root ns_owner_tree; /* rbtree of namespaces owned by this namespace */ 122 - struct list_head ns_owner; /* list of namespaces owned by this namespace */ 123 - struct rb_node ns_owner_tree_node; /* node in the owner namespace's rbtree */ 124 - struct list_head ns_owner_entry; /* node in the owner namespace's ns_owned list */ 125 - }; 126 - atomic_t __ns_ref_active; /* do not use directly */ 127 - }; 128 - struct rcu_head ns_rcu; 129 - }; 130 - }; 131 10 132 11 bool is_current_namespace(struct ns_common *ns); 133 12 int __ns_common_init(struct ns_common *ns, u32 ns_type, const struct proc_ns_operations *ops, int inum); ··· 26 147 return ns->ns_id <= NS_LAST_INIT_ID; 27 148 } 28 149 29 - #define to_ns_common(__ns) \ 30 - _Generic((__ns), \ 31 - struct cgroup_namespace *: &(__ns)->ns, \ 32 - const struct cgroup_namespace *: &(__ns)->ns, \ 33 - struct ipc_namespace *: &(__ns)->ns, \ 34 - const struct ipc_namespace *: &(__ns)->ns, \ 35 - struct mnt_namespace *: &(__ns)->ns, \ 36 - const struct mnt_namespace *: &(__ns)->ns, \ 37 - struct net *: &(__ns)->ns, \ 38 - const struct net *: &(__ns)->ns, \ 39 - struct pid_namespace *: &(__ns)->ns, \ 40 - const struct pid_namespace *: &(__ns)->ns, \ 41 - struct time_namespace *: &(__ns)->ns, \ 42 - const struct time_namespace *: &(__ns)->ns, \ 43 - struct user_namespace *: &(__ns)->ns, \ 44 - const struct user_namespace *: &(__ns)->ns, \ 45 - struct uts_namespace *: &(__ns)->ns, \ 46 - const struct uts_namespace *: &(__ns)->ns) 47 - 48 - #define ns_init_inum(__ns) \ 49 - _Generic((__ns), \ 50 - struct cgroup_namespace *: CGROUP_NS_INIT_INO, \ 51 - struct ipc_namespace *: IPC_NS_INIT_INO, \ 52 - struct mnt_namespace *: MNT_NS_INIT_INO, \ 53 - struct net *: NET_NS_INIT_INO, \ 54 - struct pid_namespace *: PID_NS_INIT_INO, \ 55 - struct time_namespace *: TIME_NS_INIT_INO, \ 56 - struct user_namespace *: USER_NS_INIT_INO, \ 57 - struct uts_namespace *: UTS_NS_INIT_INO) 58 - 59 - #define ns_init_ns(__ns) \ 60 - _Generic((__ns), \ 61 - struct cgroup_namespace *: &init_cgroup_ns, \ 62 - struct ipc_namespace *: &init_ipc_ns, \ 63 - struct mnt_namespace *: &init_mnt_ns, \ 64 - struct net *: &init_net, \ 65 - struct pid_namespace *: &init_pid_ns, \ 66 - struct time_namespace *: &init_time_ns, \ 67 - struct user_namespace *: &init_user_ns, \ 68 - struct uts_namespace *: &init_uts_ns) 69 - 70 - #define ns_init_id(__ns) \ 71 - _Generic((__ns), \ 72 - struct cgroup_namespace *: CGROUP_NS_INIT_ID, \ 73 - struct ipc_namespace *: IPC_NS_INIT_ID, \ 74 - struct mnt_namespace *: MNT_NS_INIT_ID, \ 75 - struct net *: NET_NS_INIT_ID, \ 76 - struct pid_namespace *: PID_NS_INIT_ID, \ 77 - struct time_namespace *: TIME_NS_INIT_ID, \ 78 - struct user_namespace *: USER_NS_INIT_ID, \ 79 - struct uts_namespace *: UTS_NS_INIT_ID) 80 - 81 - #define to_ns_operations(__ns) \ 82 - _Generic((__ns), \ 83 - struct cgroup_namespace *: (IS_ENABLED(CONFIG_CGROUPS) ? &cgroupns_operations : NULL), \ 84 - struct ipc_namespace *: (IS_ENABLED(CONFIG_IPC_NS) ? &ipcns_operations : NULL), \ 85 - struct mnt_namespace *: &mntns_operations, \ 86 - struct net *: (IS_ENABLED(CONFIG_NET_NS) ? &netns_operations : NULL), \ 87 - struct pid_namespace *: (IS_ENABLED(CONFIG_PID_NS) ? &pidns_operations : NULL), \ 88 - struct time_namespace *: (IS_ENABLED(CONFIG_TIME_NS) ? &timens_operations : NULL), \ 89 - struct user_namespace *: (IS_ENABLED(CONFIG_USER_NS) ? &userns_operations : NULL), \ 90 - struct uts_namespace *: (IS_ENABLED(CONFIG_UTS_NS) ? &utsns_operations : NULL)) 91 - 92 - #define ns_common_type(__ns) \ 93 - _Generic((__ns), \ 94 - struct cgroup_namespace *: CLONE_NEWCGROUP, \ 95 - struct ipc_namespace *: CLONE_NEWIPC, \ 96 - struct mnt_namespace *: CLONE_NEWNS, \ 97 - struct net *: CLONE_NEWNET, \ 98 - struct pid_namespace *: CLONE_NEWPID, \ 99 - struct time_namespace *: CLONE_NEWTIME, \ 100 - struct user_namespace *: CLONE_NEWUSER, \ 101 - struct uts_namespace *: CLONE_NEWUTS) 102 150 103 151 #define NS_COMMON_INIT(nsname, refs) \ 104 152 { \