userns: Implement unshare of the user namespace - Add CLONE_THREAD to the unshare flags if CLONE_NEWUSER is selected As changing user namespaces is only valid if all there is only a single thread. - Restore the code to add CLONE_VM if CLONE_THREAD is selected and the code to addCLONE_SIGHAND if CLONE_VM is selected. Making the constraints in the code clear. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>

commit: b2e0d98705e60e45bbb3c0032c48824ad7ae0704 [log] [tgz]
author: Eric W. Biederman <ebiederm@xmission.com> Thu Jul 26 05:15:35 2012 -0700
committer: Eric W. Biederman <ebiederm@xmission.com> Tue Nov 20 04:18:14 2012 -0800
tree: e187c82e1c3babd34095f2b946614131719bbb03
parent: cde1975bc242f3e1072bde623ef378e547b73f91 [diff] [blame]
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
index a946077..ce92f7e 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c

@@ -82,6 +82,21 @@
 	return 0;
 }
 
+int unshare_userns(unsigned long unshare_flags, struct cred **new_cred)
+{
+	struct cred *cred;
+
+	if (!(unshare_flags & CLONE_NEWUSER))
+		return 0;
+
+	cred = prepare_creds();
+	if (!cred)
+		return -ENOMEM;
+
+	*new_cred = cred;
+	return create_user_ns(cred);
+}
+
 void free_user_ns(struct kref *kref)
 {
 	struct user_namespace *parent, *ns =
commit	b2e0d98705e60e45bbb3c0032c48824ad7ae0704	[log] [tgz]
author	Eric W. Biederman <ebiederm@xmission.com>	Thu Jul 26 05:15:35 2012 -0700
committer	Eric W. Biederman <ebiederm@xmission.com>	Tue Nov 20 04:18:14 2012 -0800
tree	e187c82e1c3babd34095f2b946614131719bbb03
parent	cde1975bc242f3e1072bde623ef378e547b73f91 [diff] [blame]