diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2013-03-09 16:15:23 -0800 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2013-08-30 17:30:38 -0700 |
commit | dbef0c1c4c5f8ce5d1f5bd8cee092a7afb4ac21b (patch) | |
tree | 3eaa0a5a45ba52fae938e42e0031f25ac96a482f /kernel/nsproxy.c | |
parent | a606488513543312805fab2b93070cefe6a3016c (diff) | |
download | talos-op-linux-dbef0c1c4c5f8ce5d1f5bd8cee092a7afb4ac21b.tar.gz talos-op-linux-dbef0c1c4c5f8ce5d1f5bd8cee092a7afb4ac21b.zip |
namespaces: Simplify copy_namespaces so it is clear what is going on.
Remove the test for the impossible case where tsk->nsproxy == NULL. Fork
will never be called with tsk->nsproxy == NULL.
Only call get_nsproxy when we don't need to generate a new_nsproxy,
and mark the case where we don't generate a new nsproxy as likely.
Remove the code to drop an unnecessarily acquired nsproxy value.
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'kernel/nsproxy.c')
-rw-r--r-- | kernel/nsproxy.c | 35 |
1 files changed, 11 insertions, 24 deletions
diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c index d9afd256318f..a1ed01139276 100644 --- a/kernel/nsproxy.c +++ b/kernel/nsproxy.c @@ -125,22 +125,16 @@ int copy_namespaces(unsigned long flags, struct task_struct *tsk) struct nsproxy *old_ns = tsk->nsproxy; struct user_namespace *user_ns = task_cred_xxx(tsk, user_ns); struct nsproxy *new_ns; - int err = 0; - if (!old_ns) + if (likely(!(flags & (CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC | + CLONE_NEWPID | CLONE_NEWNET)))) { + get_nsproxy(old_ns); return 0; - - get_nsproxy(old_ns); - - if (!(flags & (CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC | - CLONE_NEWPID | CLONE_NEWNET))) - return 0; - - if (!ns_capable(user_ns, CAP_SYS_ADMIN)) { - err = -EPERM; - goto out; } + if (!ns_capable(user_ns, CAP_SYS_ADMIN)) + return -EPERM; + /* * CLONE_NEWIPC must detach from the undolist: after switching * to a new ipc namespace, the semaphore arrays from the old @@ -149,22 +143,15 @@ int copy_namespaces(unsigned long flags, struct task_struct *tsk) * it along with CLONE_NEWIPC. */ if ((flags & (CLONE_NEWIPC | CLONE_SYSVSEM)) == - (CLONE_NEWIPC | CLONE_SYSVSEM)) { - err = -EINVAL; - goto out; - } + (CLONE_NEWIPC | CLONE_SYSVSEM)) + return -EINVAL; new_ns = create_new_namespaces(flags, tsk, user_ns, tsk->fs); - if (IS_ERR(new_ns)) { - err = PTR_ERR(new_ns); - goto out; - } + if (IS_ERR(new_ns)) + return PTR_ERR(new_ns); tsk->nsproxy = new_ns; - -out: - put_nsproxy(old_ns); - return err; + return 0; } void free_nsproxy(struct nsproxy *ns) |