[PATCH 1/4] kernel: add a helper to get an owning user namespace for a namespace

2016-09-06 Thread Andrei Vagin
From: Andrey Vagin Return -EPERM if an owning user namespace is outside of a process current user namespace. v2: In a first version ns_get_owner returned ENOENT for init_user_ns. This special cases was removed from this version. There is nothing outside of init_user_ns, so we can return

Re: [PATCH 1/4] kernel: add a helper to get an owning user namespace for a namespace

2016-08-31 Thread Serge E. Hallyn
On Wed, Aug 31, 2016 at 01:38:35PM -0700, Andrey Vagin wrote: > On Tue, Aug 30, 2016 at 7:56 PM, Serge E. Hallyn wrote: > > On Fri, Aug 26, 2016 at 04:08:08PM -0700, Andrei Vagin wrote: > >> +struct ns_common *ns_get_owner(struct ns_common *ns) > >> +{ > >> + struct user_namespace *my_user_ns

Re: [PATCH 1/4] kernel: add a helper to get an owning user namespace for a namespace

2016-08-31 Thread Serge E. Hallyn
Quoting Andrey Vagin (ava...@openvz.org): > On Tue, Aug 30, 2016 at 7:41 PM, Serge E. Hallyn wrote: > > On Fri, Aug 26, 2016 at 04:08:08PM -0700, Andrei Vagin wrote: > >> From: Andrey Vagin > >> > >> Return -EPERM if an owning user namespace is outside of a process > >> current user namespace. >

Re: [PATCH 1/4] kernel: add a helper to get an owning user namespace for a namespace

2016-08-31 Thread Andrey Vagin
On Tue, Aug 30, 2016 at 7:41 PM, Serge E. Hallyn wrote: > On Fri, Aug 26, 2016 at 04:08:08PM -0700, Andrei Vagin wrote: >> From: Andrey Vagin >> >> Return -EPERM if an owning user namespace is outside of a process >> current user namespace. >> >> v2: In a first version ns_get_owner returned ENOEN

Re: [PATCH 1/4] kernel: add a helper to get an owning user namespace for a namespace

2016-08-31 Thread Andrey Vagin
On Tue, Aug 30, 2016 at 7:56 PM, Serge E. Hallyn wrote: > On Fri, Aug 26, 2016 at 04:08:08PM -0700, Andrei Vagin wrote: >> +struct ns_common *ns_get_owner(struct ns_common *ns) >> +{ >> + struct user_namespace *my_user_ns = current_user_ns(); >> + struct user_namespace *owner, *p; >> + >>

Re: [PATCH 1/4] kernel: add a helper to get an owning user namespace for a namespace

2016-08-30 Thread Serge E. Hallyn
On Fri, Aug 26, 2016 at 04:08:08PM -0700, Andrei Vagin wrote: > +struct ns_common *ns_get_owner(struct ns_common *ns) > +{ > + struct user_namespace *my_user_ns = current_user_ns(); > + struct user_namespace *owner, *p; > + > + /* See if the owner is in the current user namespace */ > +

Re: [PATCH 1/4] kernel: add a helper to get an owning user namespace for a namespace

2016-08-30 Thread Serge E. Hallyn
On Fri, Aug 26, 2016 at 04:08:08PM -0700, Andrei Vagin wrote: > From: Andrey Vagin > > Return -EPERM if an owning user namespace is outside of a process > current user namespace. > > v2: In a first version ns_get_owner returned ENOENT for init_user_ns. > This special cases was removed from t

[PATCH 1/4] kernel: add a helper to get an owning user namespace for a namespace

2016-08-26 Thread Andrei Vagin
From: Andrey Vagin Return -EPERM if an owning user namespace is outside of a process current user namespace. v2: In a first version ns_get_owner returned ENOENT for init_user_ns. This special cases was removed from this version. There is nothing outside of init_user_ns, so we can return