Merge patch series "ns: minor tweaks"

brauner · brauner · commit d969328c513c · 2025-09-22T14:47:25.000+02:00
Christian Brauner <brauner@kernel.org> says: * Add a missing include into the cgroup namespace header. * Simplify ns_common_init{_inum}() and derive the namespace operations from the namespace type. * Add debug asserts into ns_common_init{_inum}() to catch bugs. * patches from https://lore.kernel.org/20250922-work-namespace-ns_common-fixes-v1-0-3c26aeb30831@kernel.org: ns: add ns_debug() ns: simplify ns_common_init() further cgroup: add missing ns_common include Signed-off-by: Christian Brauner <brauner@kernel.org>
diff --git a/fs/namespace.c b/fs/namespace.c
@@ -4104,9 +4104,9 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns, bool a
 	}
 
 	if (anon)
-		ret = ns_common_init_inum(new_ns, &mntns_operations, MNT_NS_ANON_INO);
+		ret = ns_common_init_inum(new_ns, MNT_NS_ANON_INO);
 	else
-		ret = ns_common_init(new_ns, &mntns_operations);
+		ret = ns_common_init(new_ns);
 	if (ret) {
 		kfree(new_ns);
 		dec_mnt_namespaces(ucounts);
diff --git a/include/linux/cgroup_namespace.h b/include/linux/cgroup_namespace.h
@@ -2,6 +2,8 @@
 #ifndef _LINUX_CGROUP_NAMESPACE_H
 #define _LINUX_CGROUP_NAMESPACE_H
 
+#include <linux/ns_common.h>
+
 struct cgroup_namespace {
 	struct ns_common	ns;
 	struct user_namespace	*user_ns;
diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h
@@ -25,6 +25,17 @@ extern struct time_namespace init_time_ns;
 extern struct user_namespace init_user_ns;
 extern struct uts_namespace init_uts_ns;
 
+extern const struct proc_ns_operations netns_operations;
+extern const struct proc_ns_operations utsns_operations;
+extern const struct proc_ns_operations ipcns_operations;
+extern const struct proc_ns_operations pidns_operations;
+extern const struct proc_ns_operations pidns_for_children_operations;
+extern const struct proc_ns_operations userns_operations;
+extern const struct proc_ns_operations mntns_operations;
+extern const struct proc_ns_operations cgroupns_operations;
+extern const struct proc_ns_operations timens_operations;
+extern const struct proc_ns_operations timens_for_children_operations;
+
 struct ns_common {
 	struct dentry *stashed;
 	const struct proc_ns_operations *ops;
@@ -84,10 +95,21 @@ void __ns_common_free(struct ns_common *ns);
 		struct user_namespace *:   &init_user_ns,   \
 		struct uts_namespace *:    &init_uts_ns)
 
-#define ns_common_init(__ns, __ops) \
-	__ns_common_init(to_ns_common(__ns), __ops, (((__ns) == ns_init_ns(__ns)) ? ns_init_inum(__ns) : 0))
-
-#define ns_common_init_inum(__ns, __ops, __inum) __ns_common_init(to_ns_common(__ns), __ops, __inum)
+#define to_ns_operations(__ns)                                                                         \
+	_Generic((__ns),                                                                               \
+		struct cgroup_namespace *: (IS_ENABLED(CONFIG_CGROUPS) ? &cgroupns_operations : NULL), \
+		struct ipc_namespace *:    (IS_ENABLED(CONFIG_IPC_NS)  ? &ipcns_operations    : NULL), \
+		struct mnt_namespace *:    &mntns_operations,                                          \
+		struct net *:              (IS_ENABLED(CONFIG_NET_NS)  ? &netns_operations    : NULL), \
+		struct pid_namespace *:    (IS_ENABLED(CONFIG_PID_NS)  ? &pidns_operations    : NULL), \
+		struct time_namespace *:   (IS_ENABLED(CONFIG_TIME_NS) ? &timens_operations   : NULL), \
+		struct user_namespace *:   (IS_ENABLED(CONFIG_USER_NS) ? &userns_operations   : NULL), \
+		struct uts_namespace *:    (IS_ENABLED(CONFIG_UTS_NS)  ? &utsns_operations    : NULL))
+
+#define ns_common_init(__ns) \
+	__ns_common_init(to_ns_common(__ns), to_ns_operations(__ns), (((__ns) == ns_init_ns(__ns)) ? ns_init_inum(__ns) : 0))
+
+#define ns_common_init_inum(__ns, __inum) __ns_common_init(to_ns_common(__ns), to_ns_operations(__ns), __inum)
 
 #define ns_common_free(__ns) __ns_common_free(to_ns_common((__ns)))
 
diff --git a/ipc/namespace.c b/ipc/namespace.c
@@ -62,7 +62,7 @@ static struct ipc_namespace *create_ipc_ns(struct user_namespace *user_ns,
 	if (ns == NULL)
 		goto fail_dec;
 
-	err = ns_common_init(ns, &ipcns_operations);
+	err = ns_common_init(ns);
 	if (err)
 		goto fail_free;
 
diff --git a/kernel/cgroup/namespace.c b/kernel/cgroup/namespace.c
@@ -27,7 +27,7 @@ static struct cgroup_namespace *alloc_cgroup_ns(void)
 	new_ns = kzalloc(sizeof(struct cgroup_namespace), GFP_KERNEL_ACCOUNT);
 	if (!new_ns)
 		return ERR_PTR(-ENOMEM);
-	ret = ns_common_init(new_ns, &cgroupns_operations);
+	ret = ns_common_init(new_ns);
 	if (ret)
 		return ERR_PTR(ret);
 	ns_tree_add(new_ns);
diff --git a/kernel/nscommon.c b/kernel/nscommon.c
@@ -2,6 +2,55 @@
 
 #include <linux/ns_common.h>
 #include <linux/proc_ns.h>
+#include <linux/vfsdebug.h>
+
+#ifdef CONFIG_DEBUG_VFS
+static void ns_debug(struct ns_common *ns, const struct proc_ns_operations *ops)
+{
+	switch (ns->ops->type) {
+#ifdef CONFIG_CGROUPS
+	case CLONE_NEWCGROUP:
+		VFS_WARN_ON_ONCE(ops != &cgroupns_operations);
+		break;
+#endif
+#ifdef CONFIG_IPC_NS
+	case CLONE_NEWIPC:
+		VFS_WARN_ON_ONCE(ops != &ipcns_operations);
+		break;
+#endif
+	case CLONE_NEWNS:
+		VFS_WARN_ON_ONCE(ops != &mntns_operations);
+		break;
+#ifdef CONFIG_NET_NS
+	case CLONE_NEWNET:
+		VFS_WARN_ON_ONCE(ops != &netns_operations);
+		break;
+#endif
+#ifdef CONFIG_PID_NS
+	case CLONE_NEWPID:
+		VFS_WARN_ON_ONCE(ops != &pidns_operations);
+		break;
+#endif
+#ifdef CONFIG_TIME_NS
+	case CLONE_NEWTIME:
+		VFS_WARN_ON_ONCE(ops != &timens_operations);
+		break;
+#endif
+#ifdef CONFIG_USER_NS
+	case CLONE_NEWUSER:
+		VFS_WARN_ON_ONCE(ops != &userns_operations);
+		break;
+#endif
+#ifdef CONFIG_UTS_NS
+	case CLONE_NEWUTS:
+		VFS_WARN_ON_ONCE(ops != &utsns_operations);
+		break;
+#endif
+	default:
+		VFS_WARN_ON_ONCE(true);
+	}
+}
+#endif
 
 int __ns_common_init(struct ns_common *ns, const struct proc_ns_operations *ops, int inum)
 {
@@ -12,6 +61,10 @@ int __ns_common_init(struct ns_common *ns, const struct proc_ns_operations *ops,
 	RB_CLEAR_NODE(&ns->ns_tree_node);
 	INIT_LIST_HEAD(&ns->ns_list_node);
 
+#ifdef CONFIG_DEBUG_VFS
+	ns_debug(ns, ops);
+#endif
+
 	if (inum) {
 		ns->inum = inum;
 		return 0;
diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
@@ -103,7 +103,7 @@ static struct pid_namespace *create_pid_namespace(struct user_namespace *user_ns
 	if (ns->pid_cachep == NULL)
 		goto out_free_idr;
 
-	err = ns_common_init(ns, &pidns_operations);
+	err = ns_common_init(ns);
 	if (err)
 		goto out_free_idr;
 
diff --git a/kernel/time/namespace.c b/kernel/time/namespace.c
@@ -97,7 +97,7 @@ static struct time_namespace *clone_time_ns(struct user_namespace *user_ns,
 	if (!ns->vvar_page)
 		goto fail_free;
 
-	err = ns_common_init(ns, &timens_operations);
+	err = ns_common_init(ns);
 	if (err)
 		goto fail_free_page;
 
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
@@ -126,7 +126,7 @@ int create_user_ns(struct cred *new)
 
 	ns->parent_could_setfcap = cap_raised(new->cap_effective, CAP_SETFCAP);
 
-	ret = ns_common_init(ns, &userns_operations);
+	ret = ns_common_init(ns);
 	if (ret)
 		goto fail_free;
 
diff --git a/kernel/utsname.c b/kernel/utsname.c
@@ -50,7 +50,7 @@ static struct uts_namespace *clone_uts_ns(struct user_namespace *user_ns,
 	if (!ns)
 		goto fail_dec;
 
-	err = ns_common_init(ns, &utsns_operations);
+	err = ns_common_init(ns);
 	if (err)
 		goto fail_free;
 
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
@@ -400,16 +400,9 @@ static __net_init void preinit_net_sysctl(struct net *net)
 /* init code that must occur even if setup_net() is not called. */
 static __net_init int preinit_net(struct net *net, struct user_namespace *user_ns)
 {
-	const struct proc_ns_operations *ns_ops;
 	int ret;
 
-#ifdef CONFIG_NET_NS
-	ns_ops = &netns_operations;
-#else
-	ns_ops = NULL;
-#endif
-
-	ret = ns_common_init(net, ns_ops);
+	ret = ns_common_init(net);
 	if (ret)
 		return ret;
 
