Commit aee16ce7 authored by Pavel Emelyanov's avatar Pavel Emelyanov Committed by Linus Torvalds

namespaces: cleanup the code managed with the USER_NS option

Make the user_namespace.o compilation depend on this option and move the
init_user_ns into user.c file to make the kernel compile and work without the
namespaces support.  This make the user namespace code be organized similar to
other namespaces'.

Also mask the USER_NS option as "depend on NAMESPACES".

[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: default avatarPavel Emelyanov <xemul@openvz.org>
Acked-by: default avatarSerge Hallyn <serue@us.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Kirill Korotaev <dev@sw.ru>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent ae5e1b22
...@@ -214,15 +214,6 @@ config TASK_IO_ACCOUNTING ...@@ -214,15 +214,6 @@ config TASK_IO_ACCOUNTING
Say N if unsure. Say N if unsure.
config USER_NS
bool "User Namespaces (EXPERIMENTAL)"
default n
depends on EXPERIMENTAL
help
Support user namespaces. This allows containers, i.e.
vservers, to use user namespaces to provide different
user info for different servers. If unsure, say N.
config PID_NS config PID_NS
bool "PID Namespaces (EXPERIMENTAL)" bool "PID Namespaces (EXPERIMENTAL)"
default n default n
...@@ -443,6 +434,14 @@ config IPC_NS ...@@ -443,6 +434,14 @@ config IPC_NS
In this namespace tasks work with IPC ids which correspond to In this namespace tasks work with IPC ids which correspond to
different IPC objects in different namespaces different IPC objects in different namespaces
config USER_NS
bool "User namespace (EXPERIMENTAL)"
depends on NAMESPACES && EXPERIMENTAL
help
This allows containers, i.e. vservers, to use user namespaces
to provide different user info for different servers.
If unsure, say N.
config BLK_DEV_INITRD config BLK_DEV_INITRD
bool "Initial RAM filesystem and RAM disk (initramfs/initrd) support" bool "Initial RAM filesystem and RAM disk (initramfs/initrd) support"
depends on BROKEN || !FRV depends on BROKEN || !FRV
......
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
obj-y = sched.o fork.o exec_domain.o panic.o printk.o profile.o \ obj-y = sched.o fork.o exec_domain.o panic.o printk.o profile.o \
exit.o itimer.o time.o softirq.o resource.o \ exit.o itimer.o time.o softirq.o resource.o \
sysctl.o capability.o ptrace.o timer.o user.o user_namespace.o \ sysctl.o capability.o ptrace.o timer.o user.o \
signal.o sys.o kmod.o workqueue.o pid.o \ signal.o sys.o kmod.o workqueue.o pid.o \
rcupdate.o extable.o params.o posix-timers.o \ rcupdate.o extable.o params.o posix-timers.o \
kthread.o wait.o kfifo.o sys_ni.o posix-cpu-timers.o mutex.o \ kthread.o wait.o kfifo.o sys_ni.o posix-cpu-timers.o mutex.o \
...@@ -33,7 +33,6 @@ obj-$(CONFIG_PROVE_LOCKING) += spinlock.o ...@@ -33,7 +33,6 @@ obj-$(CONFIG_PROVE_LOCKING) += spinlock.o
obj-$(CONFIG_UID16) += uid16.o obj-$(CONFIG_UID16) += uid16.o
obj-$(CONFIG_MODULES) += module.o obj-$(CONFIG_MODULES) += module.o
obj-$(CONFIG_KALLSYMS) += kallsyms.o obj-$(CONFIG_KALLSYMS) += kallsyms.o
obj-$(CONFIG_UTS_NS) += utsname.o
obj-$(CONFIG_PM) += power/ obj-$(CONFIG_PM) += power/
obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o
obj-$(CONFIG_KEXEC) += kexec.o obj-$(CONFIG_KEXEC) += kexec.o
...@@ -43,6 +42,8 @@ obj-$(CONFIG_CGROUPS) += cgroup.o ...@@ -43,6 +42,8 @@ obj-$(CONFIG_CGROUPS) += cgroup.o
obj-$(CONFIG_CGROUP_DEBUG) += cgroup_debug.o obj-$(CONFIG_CGROUP_DEBUG) += cgroup_debug.o
obj-$(CONFIG_CPUSETS) += cpuset.o obj-$(CONFIG_CPUSETS) += cpuset.o
obj-$(CONFIG_CGROUP_NS) += ns_cgroup.o obj-$(CONFIG_CGROUP_NS) += ns_cgroup.o
obj-$(CONFIG_UTS_NS) += utsname.o
obj-$(CONFIG_USER_NS) += user_namespace.o
obj-$(CONFIG_IKCONFIG) += configs.o obj-$(CONFIG_IKCONFIG) += configs.o
obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o obj-$(CONFIG_RESOURCE_COUNTERS) += res_counter.o
obj-$(CONFIG_STOP_MACHINE) += stop_machine.o obj-$(CONFIG_STOP_MACHINE) += stop_machine.o
......
...@@ -17,6 +17,14 @@ ...@@ -17,6 +17,14 @@
#include <linux/module.h> #include <linux/module.h>
#include <linux/user_namespace.h> #include <linux/user_namespace.h>
struct user_namespace init_user_ns = {
.kref = {
.refcount = ATOMIC_INIT(2),
},
.root_user = &root_user,
};
EXPORT_SYMBOL_GPL(init_user_ns);
/* /*
* UID task count cache, to get fast user lookup in "alloc_uid" * UID task count cache, to get fast user lookup in "alloc_uid"
* when changing user ID's (ie setuid() and friends). * when changing user ID's (ie setuid() and friends).
...@@ -427,6 +435,7 @@ void switch_uid(struct user_struct *new_user) ...@@ -427,6 +435,7 @@ void switch_uid(struct user_struct *new_user)
suid_keys(current); suid_keys(current);
} }
#ifdef CONFIG_USER_NS
void release_uids(struct user_namespace *ns) void release_uids(struct user_namespace *ns)
{ {
int i; int i;
...@@ -451,6 +460,7 @@ void release_uids(struct user_namespace *ns) ...@@ -451,6 +460,7 @@ void release_uids(struct user_namespace *ns)
free_uid(ns->root_user); free_uid(ns->root_user);
} }
#endif
static int __init uid_cache_init(void) static int __init uid_cache_init(void)
{ {
......
...@@ -10,17 +10,6 @@ ...@@ -10,17 +10,6 @@
#include <linux/nsproxy.h> #include <linux/nsproxy.h>
#include <linux/user_namespace.h> #include <linux/user_namespace.h>
struct user_namespace init_user_ns = {
.kref = {
.refcount = ATOMIC_INIT(2),
},
.root_user = &root_user,
};
EXPORT_SYMBOL_GPL(init_user_ns);
#ifdef CONFIG_USER_NS
/* /*
* Clone a new ns copying an original user ns, setting refcount to 1 * Clone a new ns copying an original user ns, setting refcount to 1
* @old_ns: namespace to clone * @old_ns: namespace to clone
...@@ -84,5 +73,3 @@ void free_user_ns(struct kref *kref) ...@@ -84,5 +73,3 @@ void free_user_ns(struct kref *kref)
release_uids(ns); release_uids(ns);
kfree(ns); kfree(ns);
} }
#endif /* CONFIG_USER_NS */
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment