mirror of
git://git.yoctoproject.org/linux-yocto.git
synced 2025-10-22 23:13:01 +02:00
9020d0d844
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCZuQEmwAKCRCRxhvAZXjc
otRsAQCUdlBS/ky2JiYn3ePURKYVBgRq/+PnmhRrBNDuv+ToZwD+NRLNlOM8FzQy
c8BMSq0rkwO2C5Aax3kGxgTPMEuuCwc=
=QLvm
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.12.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull vfs mount updates from Christian Brauner:
"Recently, we added the ability to list mounts in other mount
namespaces and the ability to retrieve namespace file descriptors
without having to go through procfs by deriving them from pidfds.
This extends nsfs in two ways:
(1) Add the ability to retrieve information about a mount namespace
via NS_MNT_GET_INFO.
This will return the mount namespace id and the number of mounts
currently in the mount namespace. The number of mounts can be
used to size the buffer that needs to be used for listmount() and
is in general useful without having to actually iterate through
all the mounts.
The structure is extensible.
(2) Add the ability to iterate through all mount namespaces over
which the caller holds privilege returning the file descriptor
for the next or previous mount namespace.
To retrieve a mount namespace the caller must be privileged wrt
to it's owning user namespace. This means that PID 1 on the host
can list all mounts in all mount namespaces or that a container
can list all mounts of its nested containers.
Optionally pass a structure for NS_MNT_GET_INFO with
NS_MNT_GET_{PREV,NEXT} to retrieve information about the mount
namespace in one go.
(1) and (2) can be implemented for other namespace types easily.
Together with recent api additions this means one can iterate through
all mounts in all mount namespaces without ever touching procfs.
The commit message in 49224a345c ('Merge patch series "nsfs: iterate
through mount namespaces"') contains example code how to do this"
* tag 'vfs-6.12.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
nsfs: iterate through mount namespaces
file: add fput() cleanup helper
fs: add put_mnt_ns() cleanup helper
fs: allow mount namespace fd
46 lines
1.6 KiB
C
46 lines
1.6 KiB
C
/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
|
|
#ifndef __LINUX_NSFS_H
|
|
#define __LINUX_NSFS_H
|
|
|
|
#include <linux/ioctl.h>
|
|
#include <linux/types.h>
|
|
|
|
#define NSIO 0xb7
|
|
|
|
/* Returns a file descriptor that refers to an owning user namespace */
|
|
#define NS_GET_USERNS _IO(NSIO, 0x1)
|
|
/* Returns a file descriptor that refers to a parent namespace */
|
|
#define NS_GET_PARENT _IO(NSIO, 0x2)
|
|
/* Returns the type of namespace (CLONE_NEW* value) referred to by
|
|
file descriptor */
|
|
#define NS_GET_NSTYPE _IO(NSIO, 0x3)
|
|
/* Get owner UID (in the caller's user namespace) for a user namespace */
|
|
#define NS_GET_OWNER_UID _IO(NSIO, 0x4)
|
|
/* Get the id for a mount namespace */
|
|
#define NS_GET_MNTNS_ID _IOR(NSIO, 0x5, __u64)
|
|
/* Translate pid from target pid namespace into the caller's pid namespace. */
|
|
#define NS_GET_PID_FROM_PIDNS _IOR(NSIO, 0x6, int)
|
|
/* Return thread-group leader id of pid in the callers pid namespace. */
|
|
#define NS_GET_TGID_FROM_PIDNS _IOR(NSIO, 0x7, int)
|
|
/* Translate pid from caller's pid namespace into a target pid namespace. */
|
|
#define NS_GET_PID_IN_PIDNS _IOR(NSIO, 0x8, int)
|
|
/* Return thread-group leader id of pid in the target pid namespace. */
|
|
#define NS_GET_TGID_IN_PIDNS _IOR(NSIO, 0x9, int)
|
|
|
|
struct mnt_ns_info {
|
|
__u32 size;
|
|
__u32 nr_mounts;
|
|
__u64 mnt_ns_id;
|
|
};
|
|
|
|
#define MNT_NS_INFO_SIZE_VER0 16 /* size of first published struct */
|
|
|
|
/* Get information about namespace. */
|
|
#define NS_MNT_GET_INFO _IOR(NSIO, 10, struct mnt_ns_info)
|
|
/* Get next namespace. */
|
|
#define NS_MNT_GET_NEXT _IOR(NSIO, 11, struct mnt_ns_info)
|
|
/* Get previous namespace. */
|
|
#define NS_MNT_GET_PREV _IOR(NSIO, 12, struct mnt_ns_info)
|
|
|
|
#endif /* __LINUX_NSFS_H */
|