lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6a5dyxarvdri6ykizyvr3mmfe5h2hsljcm426o6odao7ljujxn@xwk6n46qr6ww>
Date: Mon, 22 Sep 2025 15:41:41 +0200
From: Jan Kara <jack@...e.cz>
To: Christian Brauner <brauner@...nel.org>
Cc: linux-fsdevel@...r.kernel.org, Amir Goldstein <amir73il@...il.com>, 
	Josef Bacik <josef@...icpanda.com>, Jeff Layton <jlayton@...nel.org>, Mike Yuan <me@...dnzj.com>, 
	Zbigniew Jędrzejewski-Szmek <zbyszek@...waw.pl>, Lennart Poettering <mzxreary@...inter.de>, 
	Aleksa Sarai <cyphar@...har.com>, Alexander Viro <viro@...iv.linux.org.uk>, 
	Jan Kara <jack@...e.cz>, Tejun Heo <tj@...nel.org>, Johannes Weiner <hannes@...xchg.org>, 
	Michal Koutný <mkoutny@...e.com>, Jakub Kicinski <kuba@...nel.org>, 
	Anna-Maria Behnsen <anna-maria@...utronix.de>, Frederic Weisbecker <frederic@...nel.org>, 
	Thomas Gleixner <tglx@...utronix.de>, cgroups@...r.kernel.org, linux-kernel@...r.kernel.org, 
	netdev@...r.kernel.org
Subject: Re: [PATCH 2/3] ns: simplify ns_common_init() further

On Mon 22-09-25 14:42:36, Christian Brauner wrote:
> Simply derive the ns operations from the namespace type.
> 
> Signed-off-by: Christian Brauner <brauner@...nel.org>

Nice! As much as I already feel pity for the guy who'll be reading all
these macros to figure out how some ns gets initialized :) feel free to
add:

Reviewed-by: Jan Kara <jack@...e.cz>

								Honza

> ---
>  fs/namespace.c            |  4 ++--
>  include/linux/ns_common.h | 30 ++++++++++++++++++++++++++----
>  ipc/namespace.c           |  2 +-
>  kernel/cgroup/namespace.c |  2 +-
>  kernel/pid_namespace.c    |  2 +-
>  kernel/time/namespace.c   |  2 +-
>  kernel/user_namespace.c   |  2 +-
>  kernel/utsname.c          |  2 +-
>  net/core/net_namespace.c  |  9 +--------
>  9 files changed, 35 insertions(+), 20 deletions(-)
> 
> diff --git a/fs/namespace.c b/fs/namespace.c
> index 271cd6294c8a..d65917ec5544 100644
> --- a/fs/namespace.c
> +++ b/fs/namespace.c
> @@ -4104,9 +4104,9 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns, bool a
>  	}
>  
>  	if (anon)
> -		ret = ns_common_init_inum(new_ns, &mntns_operations, MNT_NS_ANON_INO);
> +		ret = ns_common_init_inum(new_ns, MNT_NS_ANON_INO);
>  	else
> -		ret = ns_common_init(new_ns, &mntns_operations);
> +		ret = ns_common_init(new_ns);
>  	if (ret) {
>  		kfree(new_ns);
>  		dec_mnt_namespaces(ucounts);
> diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h
> index aea8528d799a..56492cd9ff8d 100644
> --- a/include/linux/ns_common.h
> +++ b/include/linux/ns_common.h
> @@ -25,6 +25,17 @@ extern struct time_namespace init_time_ns;
>  extern struct user_namespace init_user_ns;
>  extern struct uts_namespace init_uts_ns;
>  
> +extern const struct proc_ns_operations netns_operations;
> +extern const struct proc_ns_operations utsns_operations;
> +extern const struct proc_ns_operations ipcns_operations;
> +extern const struct proc_ns_operations pidns_operations;
> +extern const struct proc_ns_operations pidns_for_children_operations;
> +extern const struct proc_ns_operations userns_operations;
> +extern const struct proc_ns_operations mntns_operations;
> +extern const struct proc_ns_operations cgroupns_operations;
> +extern const struct proc_ns_operations timens_operations;
> +extern const struct proc_ns_operations timens_for_children_operations;
> +
>  struct ns_common {
>  	struct dentry *stashed;
>  	const struct proc_ns_operations *ops;
> @@ -84,10 +95,21 @@ void __ns_common_free(struct ns_common *ns);
>  		struct user_namespace *:   &init_user_ns,   \
>  		struct uts_namespace *:    &init_uts_ns)
>  
> -#define ns_common_init(__ns, __ops) \
> -	__ns_common_init(to_ns_common(__ns), __ops, (((__ns) == ns_init_ns(__ns)) ? ns_init_inum(__ns) : 0))
> -
> -#define ns_common_init_inum(__ns, __ops, __inum) __ns_common_init(to_ns_common(__ns), __ops, __inum)
> +#define to_ns_operations(__ns)                                                                         \
> +	_Generic((__ns),                                                                               \
> +		struct cgroup_namespace *: (IS_ENABLED(CONFIG_CGROUPS) ? &cgroupns_operations : NULL), \
> +		struct ipc_namespace *:    (IS_ENABLED(CONFIG_IPC_NS)  ? &ipcns_operations    : NULL), \
> +		struct mnt_namespace *:    &mntns_operations,                                          \
> +		struct net *:              (IS_ENABLED(CONFIG_NET_NS)  ? &netns_operations    : NULL), \
> +		struct pid_namespace *:    (IS_ENABLED(CONFIG_PID_NS)  ? &pidns_operations    : NULL), \
> +		struct time_namespace *:   (IS_ENABLED(CONFIG_TIME_NS) ? &timens_operations   : NULL), \
> +		struct user_namespace *:   (IS_ENABLED(CONFIG_USER_NS) ? &userns_operations   : NULL), \
> +		struct uts_namespace *:    (IS_ENABLED(CONFIG_UTS_NS)  ? &utsns_operations    : NULL))
> +
> +#define ns_common_init(__ns) \
> +	__ns_common_init(to_ns_common(__ns), to_ns_operations(__ns), (((__ns) == ns_init_ns(__ns)) ? ns_init_inum(__ns) : 0))
> +
> +#define ns_common_init_inum(__ns, __inum) __ns_common_init(to_ns_common(__ns), to_ns_operations(__ns), __inum)
>  
>  #define ns_common_free(__ns) __ns_common_free(to_ns_common((__ns)))
>  
> diff --git a/ipc/namespace.c b/ipc/namespace.c
> index bd85d1c9d2c2..d89dfd718d2b 100644
> --- a/ipc/namespace.c
> +++ b/ipc/namespace.c
> @@ -62,7 +62,7 @@ static struct ipc_namespace *create_ipc_ns(struct user_namespace *user_ns,
>  	if (ns == NULL)
>  		goto fail_dec;
>  
> -	err = ns_common_init(ns, &ipcns_operations);
> +	err = ns_common_init(ns);
>  	if (err)
>  		goto fail_free;
>  
> diff --git a/kernel/cgroup/namespace.c b/kernel/cgroup/namespace.c
> index 16ead7508371..04c98338ac08 100644
> --- a/kernel/cgroup/namespace.c
> +++ b/kernel/cgroup/namespace.c
> @@ -27,7 +27,7 @@ static struct cgroup_namespace *alloc_cgroup_ns(void)
>  	new_ns = kzalloc(sizeof(struct cgroup_namespace), GFP_KERNEL_ACCOUNT);
>  	if (!new_ns)
>  		return ERR_PTR(-ENOMEM);
> -	ret = ns_common_init(new_ns, &cgroupns_operations);
> +	ret = ns_common_init(new_ns);
>  	if (ret)
>  		return ERR_PTR(ret);
>  	ns_tree_add(new_ns);
> diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
> index 162f5fb63d75..a262a3f19443 100644
> --- a/kernel/pid_namespace.c
> +++ b/kernel/pid_namespace.c
> @@ -103,7 +103,7 @@ static struct pid_namespace *create_pid_namespace(struct user_namespace *user_ns
>  	if (ns->pid_cachep == NULL)
>  		goto out_free_idr;
>  
> -	err = ns_common_init(ns, &pidns_operations);
> +	err = ns_common_init(ns);
>  	if (err)
>  		goto out_free_idr;
>  
> diff --git a/kernel/time/namespace.c b/kernel/time/namespace.c
> index 7aa4d6fedd49..9f26e61be044 100644
> --- a/kernel/time/namespace.c
> +++ b/kernel/time/namespace.c
> @@ -97,7 +97,7 @@ static struct time_namespace *clone_time_ns(struct user_namespace *user_ns,
>  	if (!ns->vvar_page)
>  		goto fail_free;
>  
> -	err = ns_common_init(ns, &timens_operations);
> +	err = ns_common_init(ns);
>  	if (err)
>  		goto fail_free_page;
>  
> diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
> index f9df45c46235..e1559e8a8a02 100644
> --- a/kernel/user_namespace.c
> +++ b/kernel/user_namespace.c
> @@ -126,7 +126,7 @@ int create_user_ns(struct cred *new)
>  
>  	ns->parent_could_setfcap = cap_raised(new->cap_effective, CAP_SETFCAP);
>  
> -	ret = ns_common_init(ns, &userns_operations);
> +	ret = ns_common_init(ns);
>  	if (ret)
>  		goto fail_free;
>  
> diff --git a/kernel/utsname.c b/kernel/utsname.c
> index 95d733eb2c98..00001592ad13 100644
> --- a/kernel/utsname.c
> +++ b/kernel/utsname.c
> @@ -50,7 +50,7 @@ static struct uts_namespace *clone_uts_ns(struct user_namespace *user_ns,
>  	if (!ns)
>  		goto fail_dec;
>  
> -	err = ns_common_init(ns, &utsns_operations);
> +	err = ns_common_init(ns);
>  	if (err)
>  		goto fail_free;
>  
> diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
> index d5e3fd819163..bdea7d5fac56 100644
> --- a/net/core/net_namespace.c
> +++ b/net/core/net_namespace.c
> @@ -400,16 +400,9 @@ static __net_init void preinit_net_sysctl(struct net *net)
>  /* init code that must occur even if setup_net() is not called. */
>  static __net_init int preinit_net(struct net *net, struct user_namespace *user_ns)
>  {
> -	const struct proc_ns_operations *ns_ops;
>  	int ret;
>  
> -#ifdef CONFIG_NET_NS
> -	ns_ops = &netns_operations;
> -#else
> -	ns_ops = NULL;
> -#endif
> -
> -	ret = ns_common_init(net, ns_ops);
> +	ret = ns_common_init(net);
>  	if (ret)
>  		return ret;
>  
> 
> -- 
> 2.47.3
> 
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ