nsfs: support exhaustive file handles

Pidfd file handles are exhaustive meaning they don't require a handle on
another pidfd to pass to open_by_handle_at() so it can derive the
filesystem to decode in. Instead it can be derived from the file
handle itself. The same is possible for namespace file handles.

Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>

diff --git a/fs/fhandle.c b/fs/fhandle.c
index 68a7d2861c58fe620d07276b64e1a12f3f4b1ed1..dd734d8828d04aca7c389c343579a2d455d8a081 100644 (file)
--- a/fs/fhandle.c
+++ b/fs/fhandle.c
@@ -11,6 +11,7 @@
 #include <linux/personality.h>
 #include <linux/uaccess.h>
 #include <linux/compat.h>
+#include <linux/nsfs.h>
 #include "internal.h"
 #include "mount.h"
 
@@ -189,6 +190,11 @@ static int get_path_anchor(int fd, struct path *root)
                return 0;
        }
 
+       if (fd == FD_NSFS_ROOT) {
+               nsfs_get_root(root);
+               return 0;
+       }
+
        return -EBADF;
 }
 

diff --git a/fs/internal.h b/fs/internal.h
index 38e8aab27bbda37995ac377b1d4c3379a614019d..a33d18ee5b74d2b5de53abc26ad99b428a66eb2c 100644 (file)
--- a/fs/internal.h
+++ b/fs/internal.h
@@ -355,3 +355,4 @@ int anon_inode_getattr(struct mnt_idmap *idmap, const struct path *path,
 int anon_inode_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
                       struct iattr *attr);
 void pidfs_get_root(struct path *path);
+void nsfs_get_root(struct path *path);

diff --git a/fs/nsfs.c b/fs/nsfs.c
index 926e2680414ed47b181c4382e8ccea116289a871..22765fcab18e6d6d861a5afe23213e5d46251737 100644 (file)
--- a/fs/nsfs.c
+++ b/fs/nsfs.c
@@ -25,6 +25,14 @@
 
 static struct vfsmount *nsfs_mnt;
 
+static struct path nsfs_root_path = {};
+
+void nsfs_get_root(struct path *path)
+{
+       *path = nsfs_root_path;
+       path_get(path);
+}
+
 static long ns_ioctl(struct file *filp, unsigned int ioctl,
                        unsigned long arg);
 static const struct file_operations ns_file_operations = {
@@ -598,4 +606,6 @@ void __init nsfs_init(void)
        if (IS_ERR(nsfs_mnt))
                panic("can't set nsfs up\n");
        nsfs_mnt->mnt_sb->s_flags &= ~SB_NOUSER;
+       nsfs_root_path.mnt = nsfs_mnt;
+       nsfs_root_path.dentry = nsfs_mnt->mnt_root;
 }

diff --git a/include/uapi/linux/fcntl.h b/include/uapi/linux/fcntl.h
index f291ab4f94ebccacfd966de03a08c4948aa89e60..3741ea1b73d8500061567b6590ccf5fb4c6770f0 100644 (file)
--- a/include/uapi/linux/fcntl.h
+++ b/include/uapi/linux/fcntl.h
@@ -111,6 +111,7 @@
 #define PIDFD_SELF_THREAD_GROUP                -10001 /* Current thread group leader. */
 
 #define FD_PIDFS_ROOT                  -10002 /* Root of the pidfs filesystem */
+#define FD_NSFS_ROOT                   -10003 /* Root of the nsfs filesystem */
 #define FD_INVALID                     -10009 /* Invalid file descriptor: -10000 - EBADF = -10009 */
 
 /* Generic flags for the *at(2) family of syscalls. */