From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 35B4333B971; Wed, 29 Oct 2025 12:20:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740443; cv=none; b=HUBu7dSMg+8lFlF1XECPjETCIyOQqGSgfvfrUh2v3Ynv8fCjQQ+d1x3ehC6qfVLBCSyL8jMWSC6TbYzEv5VGXVEjkIKJjWMzbmaizqmufL6C72M6v9v/ASVtZKYOAHUPj0P/quGdno2vfbQnx97NFrHYq5T54oXaE5woSm17ODk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740443; c=relaxed/simple; bh=wpu8fA7qXxdZSYnV2Wt9hfd/qe1FdRoJcNk3AI3VvA4=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Z1pBrtCGn8AuMBjMqdDDn7CtAEc+L5AK5qgjMRnn32eGjurb8S7TMfMYjxi+3AZbU3wAlfG3J6i8PjauTOmeBPH1Ks93iGCE9lboxRG/KSgYQMY+52/mw2Mdziw+zLPEfEeUmYdOvU7tIVFLd6ijIo/+t5EUEukJeTbA48Rgn7E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=tc8vqCxM; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="tc8vqCxM" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4141CC4CEF7; Wed, 29 Oct 2025 12:20:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740442; bh=wpu8fA7qXxdZSYnV2Wt9hfd/qe1FdRoJcNk3AI3VvA4=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=tc8vqCxM3PhDFWtRlgQKuHa3BkNGSFYezyU2mvv/D96l5xM5ui4AdIaBcridhYyAm Z6P5Lj/Ze0AXCz0OCZCiSGE9Pm4/EOKzgZXxVA9lzBpqy9HKPZ6xSYbdi7X63qyvs+ QX+oEBIT5tcTeQ0vLXny/3/xMXUPUp1L5anZtajdvMUA6HQYq9zKEtv2wz+rLDC+Na sC0IySlGVOeto2JAaLnkUNll422XIJa+tiIOtB8U3t5SL4CrUyU7J5wKFjquOWVJRK O6wiRWvIoxjZkhFWJUIBo43eHS3IObkSZPEJFXwyCRdvwEOEz5So6ekDj0gB6P6M8x SV74gAQpCLYZQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:14 +0100 Subject: [PATCH v4 01/72] libfs: allow to specify s_d_flags Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-1-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1073; i=brauner@kernel.org; h=from:subject:message-id; bh=wpu8fA7qXxdZSYnV2Wt9hfd/qe1FdRoJcNk3AI3VvA4=; b=kA0DAAoWkcYbwGV43KIByyZiAGkCBougAjDiXYgqCRIZaGzXup9wqsN5vCdWUL+Tr38iLZdOo oh1BAAWCgAdFiEEQIc0Vx6nDHizMmkokcYbwGV43KIFAmkCBosACgkQkcYbwGV43KL7bwD8D27M 4wpDwoRBW2EgzGDw0yzYqq9jEb7V+aKU05lMd5kA/3slaCdfVtPZPIIYG0f0rD5Xxz9ylCPgpOG xxGgKym4M X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Make it possible for pseudo filesystems to specify default dentry flags. Signed-off-by: Christian Brauner --- fs/libfs.c | 1 + include/linux/pseudo_fs.h | 1 + 2 files changed, 2 insertions(+) diff --git a/fs/libfs.c b/fs/libfs.c index ce8c496a6940..4bb4d8a313e7 100644 --- a/fs/libfs.c +++ b/fs/libfs.c @@ -680,6 +680,7 @@ static int pseudo_fs_fill_super(struct super_block *s, = struct fs_context *fc) s->s_export_op =3D ctx->eops; s->s_xattr =3D ctx->xattr; s->s_time_gran =3D 1; + s->s_d_flags |=3D ctx->s_d_flags; root =3D new_inode(s); if (!root) return -ENOMEM; diff --git a/include/linux/pseudo_fs.h b/include/linux/pseudo_fs.h index 2503f7625d65..a651e60d9410 100644 --- a/include/linux/pseudo_fs.h +++ b/include/linux/pseudo_fs.h @@ -9,6 +9,7 @@ struct pseudo_fs_context { const struct xattr_handler * const *xattr; const struct dentry_operations *dops; unsigned long magic; + unsigned int s_d_flags; }; =20 struct pseudo_fs_context *init_pseudo(struct fs_context *fc, --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DEE9F33C503; Wed, 29 Oct 2025 12:20:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740448; cv=none; b=s4vMfz5CANBQeqYiXBQHXUI908XUD6Cv1ZjvkTCGVbrIf5Pnea8boPZWoyvxmerTywYhvjoSGTcnbfrYmPx4QJSqdU8FLlfvIehX1YLu7Y5S35I5gnr7EzuUdhuFUBZqB34RufR2MUYiGAZVRwiIdc4/xSveuISJMIoBxCTAagM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740448; c=relaxed/simple; bh=jSqJBpD/6utq5kB6r0uVAxUcKbpMKsXXqLyZPGG0ICk=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=QZXYtHL0Ocdd2jGgpMH1Cd9FtMj/AuMK/pO8rsikl5X0LwWPOmKv3/0nnBxMlmpOzTCmnapc5yHDoWL326SW0nUrGT8IrhGM3Pf8LiFVhl3shDvpeheG8jzK73M8J+plTXrfRe9iCZDRO4eGLRf/Xr6shYwRHVQL6hXME+12158= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Qxgy3DIH; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Qxgy3DIH" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4B312C4CEFD; Wed, 29 Oct 2025 12:20:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740447; bh=jSqJBpD/6utq5kB6r0uVAxUcKbpMKsXXqLyZPGG0ICk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=Qxgy3DIHqEwU4kquMlAwvKrC7PGGakpDD+e55kpDEdYHj1FBSQavXnYHK1KQ8Gviy 4GcNeqkSlso0Frx75ImXwblmzisT3iH/9jtMK+aCGZb5WJt/MWFl+Ehqb0HJvw01dM YqO1M9G+vqSZrmwLuv79YrlJiivM03rhH7paXIsbu2r/bYzTV+Looq+1buC433Q99b ldStNN3NaFVaHICj+tisPo7jat1SK5OpTijM/Z9guyksNw584BzGTcpUqioaiAHP4E 5CypqmkTTlUmOzhU7nIXAfpx2+AbimYrIMIuFbeeyv5WyyOq+/OOnwQTRIBPczGnzi 4RjCUNUoMyCeg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:15 +0100 Subject: [PATCH v4 02/72] nsfs: use inode_just_drop() Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-2-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=930; i=brauner@kernel.org; h=from:subject:message-id; bh=jSqJBpD/6utq5kB6r0uVAxUcKbpMKsXXqLyZPGG0ICk=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXcWZKpdvatI8dx39R3dosmVEcUzp7+fpqZ8bIE6 9SlloZTOkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACbCL8jwz2SB9Ybk2nsf1cyV bi9p5bgz8+Oyr+4BslsL182/r7D8kQkjwyvXKxsOOa9l9fnQUemy85no9S23VzBvkDnZaH3s5BU JTl4A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Currently nsfs uses the default inode_generic_drop() fallback which drops the inode when it's unlinked or when it's unhashed. Since nsfs never hashes inodes that always amounts to dropping the inode. But that's just annoying to have to reason through every time we look at this code. Switch to inode_just_drop() which always drops the inode explicitly. This also aligns the behavior with pidfs which does the same. Signed-off-by: Christian Brauner --- fs/nsfs.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/nsfs.c b/fs/nsfs.c index 648dc59bef7f..4e77eba0c8fc 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -408,6 +408,7 @@ static const struct super_operations nsfs_ops =3D { .statfs =3D simple_statfs, .evict_inode =3D nsfs_evict, .show_path =3D nsfs_show_path, + .drop_inode =3D inode_just_drop, }; =20 static int nsfs_init_inode(struct inode *inode, void *data) --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1E66E33C503; Wed, 29 Oct 2025 12:20:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740453; cv=none; b=DtVSkHfJm7sDHOVcXIH3RU+haxpYJSUavboYykv/OE6ypdDGh48k6H1SdihP//wi+QmKJmVJtT0OpaIxqIKKynCru5SbNa3HEWGGG3IOCxfnso/vyac1YzX3DHgtdjQA541KXY2FtRvXvANo1uqPj3T0gkd6+4JGoE600Jz3stQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740453; c=relaxed/simple; bh=VMCLQ5Neu+JsCPfFhnjTC4pvJzkr6RMBoSrPUgoYfJM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=uiZ4iP9bf9Xza+zH4XXAN4M1U0WrG3DucHp2RpxTFuXKONRmmdm3uS+bXjERPTRh9RIg86uLxL4lHmWYyqwA2b4+HCOAqgRr0Vt/vjvsjFbJnGlnD4kKvjscK04lJdEsxAwuVTf4+pBNO7PD1AaMWl4p4pGivKM6OCfUQJG5q0U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=hf7NX1yJ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="hf7NX1yJ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3B38CC4CEFF; Wed, 29 Oct 2025 12:20:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740452; bh=VMCLQ5Neu+JsCPfFhnjTC4pvJzkr6RMBoSrPUgoYfJM=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=hf7NX1yJCma63j4SYnoVXZpjjvUouirA75Lxzaxq+Geqh64CAu9kfje9yZ13SF5Rp wijgw38NTK43WoCt52H5YtDd3YT8Kbzy5bwnCRbjyPZy6ICJRDP8lBVlC4rmoN7QT6 7BUzjMCaj/9SCrZfNFmC/iWQgGT+6y4CJLVecb8+CncM4WX0C06b8w3zDldzhUPIc/ jz9pzMC7lnUG0JFj3u9oSk3bq/neP1FLt/mgviIwpPWiaTrnppaw/iErouram6fSrk zHRK9eMo3y/jskjfADEQDNjjGujD2VK1qH7Egk81bX7jQGotsdz2IGmes8fhmGmIsl Z68AHtBUygv3w== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:16 +0100 Subject: [PATCH v4 03/72] nsfs: raise DCACHE_DONTCACHE explicitly Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-3-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=840; i=brauner@kernel.org; h=from:subject:message-id; bh=VMCLQ5Neu+JsCPfFhnjTC4pvJzkr6RMBoSrPUgoYfJM=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUw98dyCkyXXhK7omlnfn1ev0ieX4G/1iHR5Xwv/ /V5TCnrKGVhEONikBVTZHFoNwmXW85TsdkoUwNmDisTyBAGLk4BmMh+bYb/4csMD8zOm3gk65G7 xmWDu3UH+H4lWigtarulu0g+89SzKEaG6yrR7bel2K0uHL8ZFzYlrKl4m8kcPslb4dPXWeX7Wte xAgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 While nsfs dentries are never hashed and thus retain_dentry() will never consider them for placing them on the LRU it isn't great to always have to go and remember that. Raise DCACHE_DONTCACHE explicitly as a visual marker that dentries aren't kept but freed immediately instead. Signed-off-by: Christian Brauner --- fs/nsfs.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/nsfs.c b/fs/nsfs.c index 4e77eba0c8fc..0e3fe8fda5bf 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -589,6 +589,7 @@ static int nsfs_init_fs_context(struct fs_context *fc) struct pseudo_fs_context *ctx =3D init_pseudo(fc, NSFS_MAGIC); if (!ctx) return -ENOMEM; + ctx->s_d_flags |=3D DCACHE_DONTCACHE; ctx->ops =3D &nsfs_ops; ctx->eops =3D &nsfs_export_operations; ctx->dops =3D &ns_dentry_operations; --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4F79F33B95C; Wed, 29 Oct 2025 12:20:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740458; cv=none; b=bd5BE8WdA1eHlV3fGFJxWELnMlWkoUZ4ZzAReoYH0Eiaw89Y6GpU4Hr98G7qL6wij4xkbzRS0TPKcl+eYUbrpmVlajoMTEY4Qa9viJeEi4S/SJu1/9a+jqQ7YDVCIFnnLtzgIg/Ul4IKunMbBjirbA0A1qgMem9fmYuZ7UykhA0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740458; c=relaxed/simple; bh=LCe8V3QgmxQPWsHxmkO/HYNSTPj5l9bqGO1onywb9Xk=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=euRChcNZDrZBxKeZG+v1guKA+zxyhPxIdmiY2rufA2g+q9wZb/JDIWcYMtaAoX8qgfcDOcmifZJxF7L5RM9GfdeZfj1y/kCQxKTpBYKB9afYHbwCX1qfZNByfsx8Z3UhXSmwkmUgBG9WImjliBoUQVrpWgWS0ZCr0ksZG349k9A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mMTPu2bN; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mMTPu2bN" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 34849C4CEFD; Wed, 29 Oct 2025 12:20:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740458; bh=LCe8V3QgmxQPWsHxmkO/HYNSTPj5l9bqGO1onywb9Xk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=mMTPu2bNqJYk3z9tG/iuJ4nYdSDV85gEZL1C6DNu8xzqRyyTznoiiELCZLXzpikh/ USruXCAOkEL9wkNrMlQm9nP5WhqDVH1IJQm7GKFLgVUM3mpH5vJxqAotW16jesKMR6 xQSFSj+Bilu+P3v2LD5bFf52qrDvbeK4U1bCvVdQV+mcH8GjECbCHqJ9b+LC2Xzc5a hsjYPOlu17x+jJXzkZeT1ojFk1Hgk0SOT4e9dOQ15or4/XVxvEhLl0V5IMtg820l8O UJCGgyvVr2gJp8DXecTQVageti/FrYwjh39sgXWamM25k/DxQTj/KzOTEt+cWH4k4q g4vQR5DNvMmGw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:17 +0100 Subject: [PATCH v4 04/72] pidfs: raise DCACHE_DONTCACHE explicitly Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-4-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=824; i=brauner@kernel.org; h=from:subject:message-id; bh=LCe8V3QgmxQPWsHxmkO/HYNSTPj5l9bqGO1onywb9Xk=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfU8WDTDV2jGlxfhfadWtV47U1Eb1s4VEu9kUfBAu vOo3cZdHaUsDGJcDLJiiiwO7Sbhcst5KjYbZWrAzGFlAhnCwMUpABM5qMfw3/lKJUvgyUfdkvM1 1sw4FyB1dEFh2ATte54V4cVGn/kdFBgZ5jxfN/+hyJovLozqNt86I0XPbp2gffbv8lTlBUzaE/6 aMAIA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 While pidfs dentries are never hashed and thus retain_dentry() will never consider them for placing them on the LRU it isn't great to always have to go and remember that. Raise DCACHE_DONTCACHE explicitly as a visual marker that dentries aren't kept but freed immediately instead. Signed-off-by: Christian Brauner --- fs/pidfs.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/pidfs.c b/fs/pidfs.c index 0ef5b47d796a..db236427fc2c 100644 --- a/fs/pidfs.c +++ b/fs/pidfs.c @@ -1022,6 +1022,7 @@ static int pidfs_init_fs_context(struct fs_context *f= c) =20 fc->s_iflags |=3D SB_I_NOEXEC; fc->s_iflags |=3D SB_I_NODEV; + ctx->s_d_flags |=3D DCACHE_DONTCACHE; ctx->ops =3D &pidfs_sops; ctx->eops =3D &pidfs_export_operations; ctx->dops =3D &pidfs_dentry_operations; --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8938E338F20; Wed, 29 Oct 2025 12:21:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740463; cv=none; b=PDJqaFdIxNjK5o5jEZsPx6zMkcIbTKTt686vjwLF41rijzKCyBiDTvaP9hJQ2ayXK+dNp2msKiV5l+mvw1USZADTCY//3UQt1zHB8brSO9dCi9miQkFn606gQv6Odfr+x5KkDLFhS1zShzPVSh/+4DzXhDE8+X4ERfAWxnNZxc0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740463; c=relaxed/simple; bh=m75eXqeDmMvm5b7r1HJsIkrDxEr0RA5dkfPo14u0VyE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=DXOW01gA/vc5nJBzEXufcHYL+2eZL5Dm9HiNWgOoXHn7QJHoQH8StOOB/P964eJxqKwRISXmQQwJoUh1LJVtQU31fwcWcoXxrEU0Dj/FtR6xYHBM8ynqHh4Watfp0sCarad1dUV/xqIgmjSqhiXNdRqYH+7mxabGHjR3uNZnz6g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=u4T2WXJG; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="u4T2WXJG" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 981A8C116B1; Wed, 29 Oct 2025 12:20:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740463; bh=m75eXqeDmMvm5b7r1HJsIkrDxEr0RA5dkfPo14u0VyE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=u4T2WXJG5fDPT1OuGF7nqAbnxfh3m1ThgpI8iXmrJzEkEOksPRhiT0bxmqdrVxRh3 dJ/CbLWwvvbmsdMLg3GIph8kib2nF3ktnDyjTujyg2gw/0HxxSrTlg7OXgtkXkjtDd e8Ms0DI0ILRFDrqhxDd6y3FKskhbSIRkiUzMHOkNwRkk0iy6fvMd46DAQWCdu4Q3Hm NU8MrfPro0HsX8doXatToimIcbupWurkc7g4RhyGCZgxPsY2KvC/ST2eag+7iLYWvV 3VCIfb2SlN8GwRC3CcMIOk0H8Qol263PH4kG+T2zZXP3H/wvez87hWM+zmH1zahaDa EUaZq8eSszBew== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:18 +0100 Subject: [PATCH v4 05/72] nsfs: raise SB_I_NODEV and SB_I_NOEXEC Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-5-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=627; i=brauner@kernel.org; h=from:subject:message-id; bh=m75eXqeDmMvm5b7r1HJsIkrDxEr0RA5dkfPo14u0VyE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWcZu7QuNdqYVBzoniT8H3WpXOb53PcWPnoUuW0o rkb2uwmdJSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAExk/2ZGhnOqW6fn3M07N3OV OlOwaGGT1FnDSfeiOHZFqsw17H74146R4ev83WfXKr3aI3nbNufMfr1JBUfuXt1w80LRLoW/J5m t/vADAA== X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 There's zero need for nsfs to allow device nodes or execution. Signed-off-by: Christian Brauner --- fs/nsfs.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/nsfs.c b/fs/nsfs.c index 0e3fe8fda5bf..6889922d8175 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -589,6 +589,7 @@ static int nsfs_init_fs_context(struct fs_context *fc) struct pseudo_fs_context *ctx =3D init_pseudo(fc, NSFS_MAGIC); if (!ctx) return -ENOMEM; + fc->s_iflags |=3D SB_I_NOEXEC | SB_I_NODEV; ctx->s_d_flags |=3D DCACHE_DONTCACHE; ctx->ops =3D &nsfs_ops; ctx->eops =3D &nsfs_export_operations; --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 811E12FB97F; Wed, 29 Oct 2025 12:21:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740468; cv=none; b=rjv9q1yID4UWUicP7vPFYPyDbDtmiFwsCzVyzIypNOAmnqpvCXscarXF9ot9JmyaFpibyn2CjmHnAhsU1jSFxivh8yG0oDDvgnhn+jmxlxHu2PoIkwsHqMlq1Us/+GYgMcT2MHT63UZ9K/Pb7TjwkHpMX8YnWk8z4/4TFIfOO5E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740468; c=relaxed/simple; bh=74AZcYyOqxtykIDy/RGdL2vrgfuHMaAEm8WcGrCjYG4=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=nlLuSfMIH1El+mf3G0LeryfsNB4qXjSrdn4AdGZJdmRQNJ7R/0rTUTu9lolOv5LIe6YtXqxtnVClB7wlo+LNDPLsKoiO6Hh/cxGPP2mmOK3ZWNe/+s35KzYQyO+kFlQ/UiMPrOvSxBF+f9xblYj0d8gP3SgVYZCtkNybff/3crQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=WfQoxu1F; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="WfQoxu1F" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A15AEC4CEF7; Wed, 29 Oct 2025 12:21:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740468; bh=74AZcYyOqxtykIDy/RGdL2vrgfuHMaAEm8WcGrCjYG4=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=WfQoxu1Fr9KYAvKbDOOFWpWqct56ailzDn7rYJrmQcCmqex2sTmgVVJdaUgMJd7jR zUK0WJXtwHIQCYchtlLhLvyFt+R9rWgpy8GAdudjXuVJxkbatU+0lcPSb7j8reC8vg s+ZFK607951sMTW298wUZExI1zvQCYzIZACT1f4hiEo7iTcIYRm129/vUf4NOSKZid 0PQijqpEub6FXD5Tvl+8KVmu0pw0pSVHOv1fqURHJTGYXJg75usobwxNmrVU0exGBf COXQ2J7FoeCOzaIYzFB/n/KDYf/5yob4Wu13iDymNtp2BWVPrJG/74F/HdwEumCwkH QWF5IbdtjzypQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:19 +0100 Subject: [PATCH v4 06/72] cgroup: add cgroup namespace to tree after owner is set Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-6-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=835; i=brauner@kernel.org; h=from:subject:message-id; bh=74AZcYyOqxtykIDy/RGdL2vrgfuHMaAEm8WcGrCjYG4=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfV82Nh2Kt3x2J19H7L4Igs2fGiJibvRJv+M5c3Za CEX1sqEjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgImk6zH89+T+NDUtwqmBQe2V T7LH+6mxXs4s5d78Cp/O6SjIXXrvzcjQ3mBQfeJvdcVpj9OHb03c5Jgqsbd70ZVYGxlR0bVP9vx jBQA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Otherwise we trip VFS_WARN_ON_ONC() in __ns_tree_add_raw(). Fixes: 7c6059398533 ("cgroup: support ns lookup") Signed-off-by: Christian Brauner --- kernel/cgroup/namespace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/cgroup/namespace.c b/kernel/cgroup/namespace.c index fdbe57578e68..db9617556dd7 100644 --- a/kernel/cgroup/namespace.c +++ b/kernel/cgroup/namespace.c @@ -30,7 +30,6 @@ static struct cgroup_namespace *alloc_cgroup_ns(void) ret =3D ns_common_init(new_ns); if (ret) return ERR_PTR(ret); - ns_tree_add(new_ns); return no_free_ptr(new_ns); } =20 @@ -86,6 +85,7 @@ struct cgroup_namespace *copy_cgroup_ns(u64 flags, new_ns->ucounts =3D ucounts; new_ns->root_cset =3D cset; =20 + ns_tree_add(new_ns); return new_ns; } =20 --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 830F233FE26; Wed, 29 Oct 2025 12:21:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740473; cv=none; b=Rkrv4rkH1zuxVcCHjW8upE0+4ERu5u2pBtvDS/n75Fiv+cLOZ5iUAMMB0rXV/hxiHt0GLjom7U9/2/d/R1ABYJddFKx0D4p2z1N+rSti9EW+TnzH7Lb8xb6D5FpzQ+qqsqKeSrvQ0j5ejTLehMn2RQTAt9nQnoOLuxKoButqqTw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740473; c=relaxed/simple; bh=7aAHCcaecm2VZuosAD5WF6qVRIAZipjG6VYIR7g9o5A=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=apxAi+fDO18A+/Wb5XruGVKIl7zD1jVSWUifCR5+OQWzdRK7KdLT5qLGqhXoqZwxySRjP/YOdeq+lfBtllx2joPvoQnP21PvEGNvH+N6hfKi/gDdPaOpTE+M4cwye+TvkKympTkTlCCZURzHLRXj4asTo0anbDFIBUB/kzfWfi0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=QysMhgKF; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="QysMhgKF" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D29FCC4CEFD; Wed, 29 Oct 2025 12:21:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740473; bh=7aAHCcaecm2VZuosAD5WF6qVRIAZipjG6VYIR7g9o5A=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=QysMhgKFHXy+MbUYKRoJBcQAac5y/bDxpqUezj32fQNyI1ospix3GKtZNRo8cTuaL frTVDYkKXcs4INnd4JpKF5D/fLX6NarWdNZo6PyGySNW7JJdwb8mIf+dVqPAM7adfF X1qsUD9d1ZdaKmfu3AU+IsTO1jpdDiSjmDVOhxWkMD1SiQOTSwZyLo0Mxtvn4TRtpG dZKTnppgKq4vfhEOPga9jVHTR9V3Z6SOAZqWw+zuWZ54CXYaz2+5ycU9MN/LKYO7K8 8QmnA1n3c+PO/eyotADLbyuwAWmuGFX0seIcUzTCiLOhzw0OO0GSJTH3GG+XvxamWM KLR8cY+ipwHSQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:20 +0100 Subject: [PATCH v4 07/72] nstree: simplify return Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-7-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=670; i=brauner@kernel.org; h=from:subject:message-id; bh=7aAHCcaecm2VZuosAD5WF6qVRIAZipjG6VYIR7g9o5A=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVcODejdaHzbpMbPAs38qVqKF9WX6B2l3+J9f/Xe UXvzfLDO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACYy9RojQ5P0yY+z/5X5n/m0 5KaMtuBP/gUv9t868nHF1YYcBhNrxy+MDLsV0qM3hPBe2bfY+ffVjyEaOzae2nDzxPPWA2+cZ6r G93ICAA== X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 node_to_ns() checks for NULL and the assert isn't really helpful and will have to be dropped later anyway. Signed-off-by: Christian Brauner --- kernel/nstree.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/kernel/nstree.c b/kernel/nstree.c index b24a320a11a6..369fd1675c6a 100644 --- a/kernel/nstree.c +++ b/kernel/nstree.c @@ -194,11 +194,6 @@ struct ns_common *ns_tree_lookup_rcu(u64 ns_id, int ns= _type) break; } while (read_seqretry(&ns_tree->ns_tree_lock, seq)); =20 - if (!node) - return NULL; - - VFS_WARN_ON_ONCE(node_to_ns(node)->ns_type !=3D ns_type); - return node_to_ns(node); } =20 --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F1F7533FE26; Wed, 29 Oct 2025 12:21:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740479; cv=none; b=Cjaf2HQp3euB/64eKBxgPeZytShTrNj9LBSbOh3fbVcjsHOlqRxw80FzenNYtya0Gh4dpudqf4uHY9kwSB5Mxj/EwoPMggANAnVu1wx+GCpxwKNGn/6CSIsiMwu6Y38Ze8jNCW5eTggiiMXS46dhFG3zYNE0OECj7BU2CxpYQfI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740479; c=relaxed/simple; bh=GmTU8Q/fclIPwxUSGwafLrmOAHz2L+FN5rNlGUSGB9Y=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=o9+GXRhxUz07eAWvtMS+qdTRGDaAdVMgAYDq2Z8AaMgnWQX/N369zihrmFEsU/3ka/UUSLQ00RDn8AAjTN4JPxfpjNb6nZ55VlQPIDGlmVP7JK7PnuMcRq+W7kzhOuShNMFchmtMgl0EijUTNRVCKCsuzsedsOuTHAEe3SxTDUM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kY47KAOA; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kY47KAOA" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D1C73C4CEF7; Wed, 29 Oct 2025 12:21:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740478; bh=GmTU8Q/fclIPwxUSGwafLrmOAHz2L+FN5rNlGUSGB9Y=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=kY47KAOA9u76tdN+uFKZpHtgxLwPgvA0VD1JK9a5TO6S4pe902kh+Em6lBQIkSPwz 5nxut8Gan8C5dozXSMk//Jr3yLN0HioTt+z3ptLr7/zefSDsAL7mJs4oaVcoLKehHs 5nzkRlexHwxaP0AequIiaE8Z2Js8UFM9cBbC+tkqb0zgTfjEDKerM993fkMJT1reHy 2qh1qV5CXtrha3Bjp7f6ItkJzXoQ5aOyG24XLQLpJA8DgT4y1QN2l75MfJqfzPD4GE ovR1l/pIZFw9uOjCK9wR081MNvFPukriA0NXn604oNsFa0unk6P5/jdLhTpnjsFq9Q tDxvIQmarHLSQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:21 +0100 Subject: [PATCH v4 08/72] ns: initialize ns_list_node for initial namespaces Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-8-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3505; i=brauner@kernel.org; h=from:subject:message-id; bh=GmTU8Q/fclIPwxUSGwafLrmOAHz2L+FN5rNlGUSGB9Y=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWkWDXr7WORMo8xunQ8VdQndb9XKet7tZOe03/fm cMR8+JbRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwETuRzH84ZSfta3BVjIp4H3n DHmHnb1ic/wis4tFlVmeGFhuawx5xPA//2vYNnf3PZdfzfVe+/XawZ3Piyr+T+djsvda0Hko3fU 0EwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Make sure that the list is always initialized for initial namespaces. Fixes: 885fc8ac0a4d ("nstree: make iterator generic") Signed-off-by: Christian Brauner --- fs/namespace.c | 1 + init/version-timestamp.c | 1 + ipc/msgutil.c | 1 + kernel/cgroup/cgroup.c | 1 + kernel/pid.c | 1 + kernel/time/namespace.c | 1 + kernel/user.c | 1 + 7 files changed, 7 insertions(+) diff --git a/fs/namespace.c b/fs/namespace.c index d82910f33dc4..8ef8ba3dd316 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -5993,6 +5993,7 @@ struct mnt_namespace init_mnt_ns =3D { .passive =3D REFCOUNT_INIT(1), .mounts =3D RB_ROOT, .poll =3D __WAIT_QUEUE_HEAD_INITIALIZER(init_mnt_ns.poll), + .ns.ns_list_node =3D LIST_HEAD_INIT(init_mnt_ns.ns.ns_list_node), }; =20 static void __init init_mount_tree(void) diff --git a/init/version-timestamp.c b/init/version-timestamp.c index d071835121c2..61b2405d97f9 100644 --- a/init/version-timestamp.c +++ b/init/version-timestamp.c @@ -20,6 +20,7 @@ struct uts_namespace init_uts_ns =3D { }, .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_uts_ns), + .ns.ns_list_node =3D LIST_HEAD_INIT(init_uts_ns.ns.ns_list_node), #ifdef CONFIG_UTS_NS .ns.ops =3D &utsns_operations, #endif diff --git a/ipc/msgutil.c b/ipc/msgutil.c index 7a03f6d03de3..c9469fbce27c 100644 --- a/ipc/msgutil.c +++ b/ipc/msgutil.c @@ -30,6 +30,7 @@ struct ipc_namespace init_ipc_ns =3D { .ns.__ns_ref =3D REFCOUNT_INIT(1), .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_ipc_ns), + .ns.ns_list_node =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_list_node), #ifdef CONFIG_IPC_NS .ns.ops =3D &ipcns_operations, #endif diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 6ae5f48cf64e..a82918da8bae 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -256,6 +256,7 @@ struct cgroup_namespace init_cgroup_ns =3D { .ns.inum =3D ns_init_inum(&init_cgroup_ns), .root_cset =3D &init_css_set, .ns.ns_type =3D ns_common_type(&init_cgroup_ns), + .ns.ns_list_node =3D LIST_HEAD_INIT(init_cgroup_ns.ns.ns_list_node), }; =20 static struct file_system_type cgroup2_fs_type; diff --git a/kernel/pid.c b/kernel/pid.c index 4fffec767a63..cb7574ca00f7 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -78,6 +78,7 @@ struct pid_namespace init_pid_ns =3D { .child_reaper =3D &init_task, .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_pid_ns), + .ns.ns_list_node =3D LIST_HEAD_INIT(init_pid_ns.ns.ns_list_node), #ifdef CONFIG_PID_NS .ns.ops =3D &pidns_operations, #endif diff --git a/kernel/time/namespace.c b/kernel/time/namespace.c index 5b6997f4dc3d..ee05cad288da 100644 --- a/kernel/time/namespace.c +++ b/kernel/time/namespace.c @@ -484,6 +484,7 @@ struct time_namespace init_time_ns =3D { .ns.inum =3D ns_init_inum(&init_time_ns), .ns.ops =3D &timens_operations, .frozen_offsets =3D true, + .ns.ns_list_node =3D LIST_HEAD_INIT(init_time_ns.ns.ns_list_node), }; =20 void __init time_ns_init(void) diff --git a/kernel/user.c b/kernel/user.c index 0163665914c9..b9cf3b056a71 100644 --- a/kernel/user.c +++ b/kernel/user.c @@ -70,6 +70,7 @@ struct user_namespace init_user_ns =3D { .owner =3D GLOBAL_ROOT_UID, .group =3D GLOBAL_ROOT_GID, .ns.inum =3D ns_init_inum(&init_user_ns), + .ns.ns_list_node =3D LIST_HEAD_INIT(init_user_ns.ns.ns_list_node), #ifdef CONFIG_USER_NS .ns.ops =3D &userns_operations, #endif --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 044D933C523; Wed, 29 Oct 2025 12:21:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740484; cv=none; b=O8rU4Xjz9MjN5M6qo4ncCOpwuq+QVRz91Pwt4z7HrEWg90QI1kANRYeFWPilNVBYa55A5+Gh4wRqNzUncajryBMilMPXP1IPSRn47ZJCdFrV8r7Ic/yXnSOzuONpXnvOKKfF4I3R9Sga/f9HLpF8xhkR6F97ZQy063IwmJqwjsI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740484; c=relaxed/simple; bh=QM8oyzyJ0QczVJ0uxGx22MIzfw44XMMyED0mCYHZDF8=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=J4JX2CrRzrgdSvJiHAjI61J4tgZgtSOW9fZQLBe8zg22I6WFVXaW28zelQ8uZTHTuTzTYIEdmyHrKBi8MTlXBuUtB4wp+kepUHi4cHCDDsINU1eq4bz1FHowgO0j7ee7nvYF3Y0zD0p1xVgE/LRhcXhR0bFlsP8b5GUmuAPnh2U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=t6Z74pOa; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="t6Z74pOa" Received: by smtp.kernel.org (Postfix) with ESMTPSA id F26F9C4CEFD; Wed, 29 Oct 2025 12:21:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740483; bh=QM8oyzyJ0QczVJ0uxGx22MIzfw44XMMyED0mCYHZDF8=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=t6Z74pOabQdKC5qU74fX7MuLZ9sUL/A45SgFEKxD1nRdhmPkTsz84mwb8Z2NO/co6 iY+rGuua1cg7qLVrjJodRJiQkOXe2hWo6n0IBPL8NmbD4R5SmL0HvRRhbq826bjxqG VHFenwX8I+d3/r8neycOKTvcSYfA/TFZMOvhzBPYqaqJschux79OGXboLAYJscuf9F ywjH2kBD6ZEKsc+aFrzfDaEuBgVBoT7iKOOSPdhBQ9S2MTfxWLsUxXGGLTDUrqqn59 606kojI9LTpwyq4oSe+DPJk73KzBIOM76Fw4rs+Ojk74eeY3+3Z6SF4MAFD7nGORNk TtrgvfkY+hdkg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:22 +0100 Subject: [PATCH v4 09/72] ns: add __ns_ref_read() Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-9-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1108; i=brauner@kernel.org; h=from:subject:message-id; bh=QM8oyzyJ0QczVJ0uxGx22MIzfw44XMMyED0mCYHZDF8=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUsa51w0eQ8a03a39ysrIP/n++Rmcb79LXHV7duh bvZNs/FO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACayzZyR4cEZDobzexhcd9hv PvRy3TyX3sN/Dl6TeBjOeF9u0v3NZ+YxMryI/B4pvXlxx/uVBz+1G2+N3vk+4oOo96tJC7TsWMR Na/gB X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Implement ns_ref_read() the same way as ns_ref_{get,put}(). No point in making that any more special or different from the other helpers. Signed-off-by: Christian Brauner --- include/linux/ns_common.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h index f5b68b8abb54..32114d5698dc 100644 --- a/include/linux/ns_common.h +++ b/include/linux/ns_common.h @@ -143,7 +143,12 @@ static __always_inline __must_check bool __ns_ref_get(= struct ns_common *ns) return refcount_inc_not_zero(&ns->__ns_ref); } =20 -#define ns_ref_read(__ns) refcount_read(&to_ns_common((__ns))->__ns_ref) +static __always_inline __must_check int __ns_ref_read(const struct ns_comm= on *ns) +{ + return refcount_read(&ns->__ns_ref); +} + +#define ns_ref_read(__ns) __ns_ref_read(to_ns_common((__ns))) #define ns_ref_inc(__ns) refcount_inc(&to_ns_common((__ns))->__ns_ref) #define ns_ref_get(__ns) __ns_ref_get(to_ns_common((__ns))) #define ns_ref_put(__ns) __ns_ref_put(to_ns_common((__ns))) --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0713F342C9D; Wed, 29 Oct 2025 12:21:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740489; cv=none; b=P2PArI/V3G3TGaeNo/U3qnjkck3DnpGQ6+oDFe9yB4qtKpeM0TOigB1DeBEBWFcM2GnPkeFDt30GMgBZY0ubF6kQEMRjdbnKR91Ez5s2k+uLLzovqQqCkTgpF/iW2/Sv8Fj7A7OcGaLg8LqkBt2zELcZHTWqMEw8hgrQAR+wDX8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740489; c=relaxed/simple; bh=PRr5aGNWRTH+10xraw3D5wgKQID6oDCbNnUrUcndNYk=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=tbsVp6xmUiMKPoYf1eiuLqAi1PFTirq4zgquKcHeLaoCoOdE794V+bW9nIQ7eaCNiRNH94vDweKiQxqqA/Lrw6PXkLabPQj4OMZI2PmQvwdYbi0y3dXWHWooiRc380ZJmL6Ies5IvpZgWCfX3Bu9oB/yJ8FnZmlpCOuCkdmH9d4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=tZkCvX8E; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="tZkCvX8E" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0C4EAC4CEFF; Wed, 29 Oct 2025 12:21:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740488; bh=PRr5aGNWRTH+10xraw3D5wgKQID6oDCbNnUrUcndNYk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=tZkCvX8Ezt9skrONwRfHO7x/hsnWbdExfREUqnEGXm2bSo3B0/mw2hOr0Yeql4uKc puQdWRGZaasI7cQEJ32nBx4w5uYpuFRmqwjo49yxs8ACvRFbrgWHjSW1HU2c6yUWvP clGbTSlgwVJrGBJyq526gZwCqAuY6XFCddngAjFKhLixl0k0IuEiCzuubKuv7al/5d E599uh/gtDZ07cGf84nTFhrT471Us+19U2R0FU4DE6AgiO1x4b0c93poIz9RzlyRFH lxAEkWbLa9t/IX50RfPet7ExkePVePElNQQ7BU2q00e5FPzccrrg7Rq26NGirQuiqS 7xc7l4TDQ6s/g== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:23 +0100 Subject: [PATCH v4 10/72] ns: rename to exit_nsproxy_namespaces() Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-10-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2954; i=brauner@kernel.org; h=from:subject:message-id; bh=PRr5aGNWRTH+10xraw3D5wgKQID6oDCbNnUrUcndNYk=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfW8rWcqOxTxYWK5yArHwqO9l10ZNbgZzO72bhUvX ryttymro5SFQYyLQVZMkcWh3SRcbjlPxWajTA2YOaxMIEMYuDgFYCJc5xkZVl6fMD3JMELW4P/b j+t29RsseF/V3X6dj6dR+NtW2TWRsQz/o/KMupeFM1kF75Ccc8RtfrP/nG2e3ILn//5YfWzT9au sPAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 The current naming is very misleading as this really isn't exiting all of the task's namespaces. It is only exiting the namespaces that hang of off nsproxy. Reflect that in the name. Signed-off-by: Christian Brauner --- include/linux/nsproxy.h | 2 +- kernel/cgroup/cgroup.c | 6 +++--- kernel/exit.c | 2 +- kernel/fork.c | 2 +- kernel/nsproxy.c | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/linux/nsproxy.h b/include/linux/nsproxy.h index bd118a187dec..538ba8dba184 100644 --- a/include/linux/nsproxy.h +++ b/include/linux/nsproxy.h @@ -93,7 +93,7 @@ static inline struct cred *nsset_cred(struct nsset *set) */ =20 int copy_namespaces(u64 flags, struct task_struct *tsk); -void exit_task_namespaces(struct task_struct *tsk); +void exit_nsproxy_namespaces(struct task_struct *tsk); void switch_task_namespaces(struct task_struct *tsk, struct nsproxy *new); int exec_task_namespaces(void); void free_nsproxy(struct nsproxy *ns); diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index a82918da8bae..ce4d227a9ca2 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -1523,9 +1523,9 @@ static struct cgroup *current_cgns_cgroup_dfl(void) } else { /* * NOTE: This function may be called from bpf_cgroup_from_id() - * on a task which has already passed exit_task_namespaces() and - * nsproxy =3D=3D NULL. Fall back to cgrp_dfl_root which will make all - * cgroups visible for lookups. + * on a task which has already passed exit_nsproxy_namespaces() + * and nsproxy =3D=3D NULL. Fall back to cgrp_dfl_root which will + * make all cgroups visible for lookups. */ return &cgrp_dfl_root.cgrp; } diff --git a/kernel/exit.c b/kernel/exit.c index 9f74e8f1c431..825998103520 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -962,7 +962,7 @@ void __noreturn do_exit(long code) exit_fs(tsk); if (group_dead) disassociate_ctty(1); - exit_task_namespaces(tsk); + exit_nsproxy_namespaces(tsk); exit_task_work(tsk); exit_thread(tsk); =20 diff --git a/kernel/fork.c b/kernel/fork.c index 3da0f08615a9..0926bfe4b8df 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -2453,7 +2453,7 @@ __latent_entropy struct task_struct *copy_process( if (p->io_context) exit_io_context(p); bad_fork_cleanup_namespaces: - exit_task_namespaces(p); + exit_nsproxy_namespaces(p); bad_fork_cleanup_mm: if (p->mm) { mm_clear_owner(p->mm, p); diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c index 19aa64ab08c8..6ce76a0278ab 100644 --- a/kernel/nsproxy.c +++ b/kernel/nsproxy.c @@ -241,7 +241,7 @@ void switch_task_namespaces(struct task_struct *p, stru= ct nsproxy *new) put_nsproxy(ns); } =20 -void exit_task_namespaces(struct task_struct *p) +void exit_nsproxy_namespaces(struct task_struct *p) { switch_task_namespaces(p, NULL); } --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A5BFB33A012; Wed, 29 Oct 2025 12:21:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740494; cv=none; b=lWNQAPcsTnspZQjHeqLdC/7w1Dxo7SVcANjMAgVuXyNVIrU7dpaqf3Z2ZrKzX4+2dpw8UPxW8ZuaGMHIaV0dHE1D7XbScTTtzE6DRfOcimnoOKkcP8F5sI9zkxEESzEBe4eb3XSASQjVIBv6phMUcV7NYYyZ1My9s0jzc/0J08w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740494; c=relaxed/simple; bh=yygvmTSdel4XascWqyj1AJnwzDzmuldVLk6I8U1LIYg=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=t6cYcq0RtZxzHRHdd7dIgCxZQVQVxiGAVhMesd/Lew7hpBeappjBj62QOIXFAfxmdv6lzCyCJyV7seiI28nexD4LGg7YKaeOBVi0Wi4w++shQSK3Gb5s9HxezG8G8W/+LCngdzUzhb8rt0AuCXECUrYGviTzsVcgZ0nhviGe+Z4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=oU6jZZXU; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="oU6jZZXU" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4E686C4CEF7; Wed, 29 Oct 2025 12:21:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740494; bh=yygvmTSdel4XascWqyj1AJnwzDzmuldVLk6I8U1LIYg=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=oU6jZZXUrDyHr3WWbqLVijTJDYX5x/2nOXoUU2ilfkqHMMkps2UzsgJK0aAse7Bh/ 8jPZoCb6pTGGgu7+296kcDRaox9zgiKOi57vFTL3ob1fcsd55sdeIj2MEnfhszORxR lNHSx+5oaYYpt3oMdDWSLfvaqYyduZq00q3MAbFzyz9YcEqEzOd7cQpPoiovPKcKDa 6fouymj6B53RBm7LgzeUclN1GUBUEmyVbFJAFAlkgtrJJaRLQnF3osOfFuDHNB9rJi JR+vXxZxCWCc4sij1lOFAwyElOxfN4SyWu0zNEYm56Zzu8S0q2WLty+QW3LyHhV+Qi D1ekd3aVXRqFQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:24 +0100 Subject: [PATCH v4 11/72] ns: add active reference count Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-11-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=33054; i=brauner@kernel.org; h=from:subject:message-id; bh=yygvmTSdel4XascWqyj1AJnwzDzmuldVLk6I8U1LIYg=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfU0iIb+2Vw9a+sU10aHg6ryKT0txx8yJJi0Ls/k/ 3w5jmViRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwES+6jEyXJ74+cLRzs/5nVER +7W//d6eMzk4w6urxP+daM3T904zFjH8U+SoTi7cx8he1ZuzKswhcMnGnFDOaCPWjV8yJd67fXr ICQA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 The namespace tree is, among other things, currently used to support file handles for namespaces. When a namespace is created it is placed on the namespace trees and when it is destroyed it is removed from the namespace trees. While a namespace is on the namespace trees with a valid reference count it is possible to reopen it through a namespace file handle. This is all fine but has some issues that should be addressed. On current kernels a namespace is visible to userspace in the following cases: (1) The namespace is in use by a task. (2) The namespace is persisted through a VFS object (namespace file descriptor or bind-mount). Note that (2) only cares about direct persistence of the namespace itself not indirectly via e.g., file->f_cred file references or similar. (3) The namespace is a hierarchical namespace type and is the parent of a single or multiple child namespaces. Case (3) is interesting because it is possible that a parent namespace might not fulfill any of (1) or (2), i.e., is invisible to userspace but it may still be resurrected through the NS_GET_PARENT ioctl(). Currently namespace file handles allow much broader access to namespaces than what is currently possible via (1)-(3). The reason is that namespaces may remain pinned for completely internal reasons yet are inaccessible to userspace. For example, a user namespace my remain pinned by get_cred() calls to stash the opener's credentials into file->f_cred. As it stands file handles allow to resurrect such a users namespace even though this should not be possible via (1)-(3). This is a fundamental uapi change that we shouldn't do if we don't have to. Consider the following insane case: Various architectures support the CONFIG_MMU_LAZY_TLB_REFCOUNT option which uses lazy TLB destruction. When this option is set a userspace task's struct mm_struct may be used for kernel threads such as the idle task and will only be destroyed once the cpu's runqueue switches back to another task. But because of ptrace() permission checks struct mm_struct stashes the user namespace of the task that struct mm_struct originally belonged to. The kernel thread will take a reference on the struct mm_struct and thus pin it. So on an idle system user namespaces can be persisted for arbitrary amounts of time which also means that they can be resurrected using namespace file handles. That makes no sense whatsoever. The problem is of course excarabted on large systems with a huge number of cpus. To handle this nicely we introduce an active reference count which tracks (1)-(3). This is easy to do as all of these things are already managed centrally. Only (1)-(3) will count towards the active reference count and only namespaces which are active may be opened via namespace file handles. The problem is that namespaces may be resurrected. Which means that they can become temporarily inactive and will be reactived some time later. Currently the only example of this is the SIOGCSKNS socket ioctl. The SIOCGSKNS ioctl allows to open a network namespace file descriptor based on a socket file descriptor. If a socket is tied to a network namespace that subsequently becomes inactive but that socket is persisted by another process in another network namespace (e.g., via SCM_RIGHTS of pidfd_getfd()) then the SIOCGSKNS ioctl will resurrect this network namespace. So calls to open_related_ns() and open_namespace() will end up resurrecting the corresponding namespace tree. Note that the active reference count does not regulate the lifetime of the namespace itself. This is still done by the normal reference count. The active reference count can only be elevated if the regular reference count is elevated. The active reference count also doesn't regulate the presence of a namespace on the namespace trees. It only regulates its visiblity to namespace file handles (and in later patches to listns()). A namespace remains on the namespace trees from creation until its actual destruction. This will allow the kernel to always reach any namespace trivially and it will also enable subsystems like bpf to walk the namespace lists on the system for tracing or general introspection purposes. Note that different namespaces have different visibility lifetimes on current kernels. While most namespace are immediately released when the last task using them exits, the user- and pid namespace are persisted and thus both remain accessible via /proc//ns/. The user namespace lifetime is aliged with struct cred and is only released through exit_creds(). However, it becomes inaccessible to userspace once the last task using it is reaped, i.e., when release_task() is called and all proc entries are flushed. Similarly, the pid namespace is also visible until the last task using it has been reaped and the associated pid numbers are freed. The active reference counts of the user- and pid namespace are decremented once the task is reaped. Signed-off-by: Christian Brauner --- fs/namespace.c | 1 + fs/nsfs.c | 48 ++++++++++- include/linux/ns_common.h | 140 +++++++++++++++++++++++++++++- include/linux/nsfs.h | 3 + include/linux/nsproxy.h | 3 + init/version-timestamp.c | 1 + ipc/msgutil.c | 1 + kernel/cgroup/cgroup.c | 1 + kernel/cred.c | 6 ++ kernel/exit.c | 1 + kernel/fork.c | 1 + kernel/nscommon.c | 214 ++++++++++++++++++++++++++++++++++++++++++= +++- kernel/nsproxy.c | 23 +++++ kernel/nstree.c | 8 ++ kernel/pid.c | 6 ++ kernel/time/namespace.c | 1 + kernel/user.c | 1 + 17 files changed, 455 insertions(+), 4 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 8ef8ba3dd316..85648dfce9be 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -5989,6 +5989,7 @@ struct mnt_namespace init_mnt_ns =3D { .ns.ops =3D &mntns_operations, .user_ns =3D &init_user_ns, .ns.__ns_ref =3D REFCOUNT_INIT(1), + .ns.__ns_ref_active =3D ATOMIC_INIT(1), .ns.ns_type =3D ns_common_type(&init_mnt_ns), .passive =3D REFCOUNT_INIT(1), .mounts =3D RB_ROOT, diff --git a/fs/nsfs.c b/fs/nsfs.c index 6889922d8175..a6a28d9cb55d 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -58,6 +58,8 @@ const struct dentry_operations ns_dentry_operations =3D { static void nsfs_evict(struct inode *inode) { struct ns_common *ns =3D inode->i_private; + + __ns_ref_active_put(ns); clear_inode(inode); ns->ops->put(ns); } @@ -419,6 +421,16 @@ static int nsfs_init_inode(struct inode *inode, void *= data) inode->i_mode |=3D S_IRUGO; inode->i_fop =3D &ns_file_operations; inode->i_ino =3D ns->inum; + + /* + * Bring the namespace subtree back to life if we have to. This + * can happen when e.g., all processes using a network namespace + * and all namespace files or namespace file bind-mounts have + * died but there are still sockets pinning it. The SIOCGSKNS + * ioctl on such a socket will resurrect the relevant namespace + * subtree. + */ + __ns_ref_active_resurrect(ns); return 0; } =20 @@ -493,7 +505,17 @@ static struct dentry *nsfs_fh_to_dentry(struct super_b= lock *sb, struct fid *fh, VFS_WARN_ON_ONCE(ns->ns_type !=3D fid->ns_type); VFS_WARN_ON_ONCE(ns->inum !=3D fid->ns_inum); =20 - if (!__ns_ref_get(ns)) + /* + * This is racy because we're not actually taking an + * active reference. IOW, it could happen that the + * namespace becomes inactive after this check. + * We don't care because nsfs_init_inode() will just + * resurrect the relevant namespace tree for us. If it + * has been active here we just allow it's resurrection. + * We could try to take an active reference here and + * then drop it again. But really, why bother. + */ + if (!ns_get_unless_inactive(ns)) return NULL; } =20 @@ -613,3 +635,27 @@ void __init nsfs_init(void) nsfs_root_path.mnt =3D nsfs_mnt; nsfs_root_path.dentry =3D nsfs_mnt->mnt_root; } + +void nsproxy_ns_active_get(struct nsproxy *ns) +{ + ns_ref_active_get(ns->mnt_ns); + ns_ref_active_get(ns->uts_ns); + ns_ref_active_get(ns->ipc_ns); + ns_ref_active_get(ns->pid_ns_for_children); + ns_ref_active_get(ns->cgroup_ns); + ns_ref_active_get(ns->net_ns); + ns_ref_active_get(ns->time_ns); + ns_ref_active_get(ns->time_ns_for_children); +} + +void nsproxy_ns_active_put(struct nsproxy *ns) +{ + ns_ref_active_put(ns->mnt_ns); + ns_ref_active_put(ns->uts_ns); + ns_ref_active_put(ns->ipc_ns); + ns_ref_active_put(ns->pid_ns_for_children); + ns_ref_active_put(ns->cgroup_ns); + ns_ref_active_put(ns->net_ns); + ns_ref_active_put(ns->time_ns); + ns_ref_active_put(ns->time_ns_for_children); +} diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h index 32114d5698dc..bec01741962d 100644 --- a/include/linux/ns_common.h +++ b/include/linux/ns_common.h @@ -4,7 +4,9 @@ =20 #include #include +#include #include +#include =20 struct proc_ns_operations; =20 @@ -37,6 +39,67 @@ extern const struct proc_ns_operations cgroupns_operatio= ns; extern const struct proc_ns_operations timens_operations; extern const struct proc_ns_operations timens_for_children_operations; =20 +/* + * Namespace lifetimes are managed via a two-tier reference counting model: + * + * (1) __ns_ref (refcount_t): Main reference count tracking memory + * lifetime. Controls when the namespace structure itself is freed. + * It also pins the namespace on the namespace trees whereas (2) + * only regulates their visibility to userspace. + * + * (2) __ns_ref_active (atomic_t): Reference count tracking active users. + * Controls visibility of the namespace in the namespace trees. + * Any live task that uses the namespace (via nsproxy or cred) holds + * an active reference. Any open file descriptor or bind-mount of + * the namespace holds an active reference. Once all tasks have + * called exited their namespaces and all file descriptors and + * bind-mounts have been released the active reference count drops + * to zero and the namespace becomes inactive. IOW, the namespace + * cannot be listed or opened via file handles anymore. + * + * Note that it is valid to transition from active to inactive and + * back from inactive to active e.g., when resurrecting an inactive + * namespace tree via the SIOCGSKNS ioctl(). + * + * Relationship and lifecycle states: + * + * - Active (__ns_ref_active > 0): + * Namespace is actively used and visible to userspace. The namespace + * can be reopened via /proc//ns/, via namespace file + * handles, or discovered via listns(). + * + * - Inactive (__ns_ref_active =3D=3D 0, __ns_ref > 0): + * No tasks are actively using the namespace and it isn't pinned by + * any bind-mounts or open file descriptors anymore. But the namespace + * is still kept alive by internal references. For example, the user + * namespace could be pinned by an open file through file->f_cred + * references when one of the now defunct tasks had opened a file and + * handed the file descriptor off to another process via a UNIX + * sockets. Such references keep the namespace structure alive through + * __ns_ref but will not hold an active reference. + * + * - Destroyed (__ns_ref =3D=3D 0): + * No references remain. The namespace is removed from the tree and free= d. + * + * State transitions: + * + * Active -> Inactive: + * When the last task using the namespace exits it drops its active + * references to all namespaces. However, user and pid namespaces + * remain accessible until the task has been reaped. + * + * Inactive -> Active: + * An inactive namespace tree might be resurrected due to e.g., the + * SIOCGSKNS ioctl() on a socket. + * + * Inactive -> Destroyed: + * When __ns_ref drops to zero the namespace is removed from the + * namespaces trees and the memory is freed (after RCU grace period). + * + * Initial namespaces: + * Boot-time namespaces (init_net, init_pid_ns, etc.) start with + * __ns_ref_active =3D 1 and remain active forever. + */ struct ns_common { u32 ns_type; struct dentry *stashed; @@ -48,6 +111,7 @@ struct ns_common { u64 ns_id; struct rb_node ns_tree_node; struct list_head ns_list_node; + atomic_t __ns_ref_active; /* do not use directly */ }; struct rcu_head ns_rcu; }; @@ -56,6 +120,13 @@ struct ns_common { int __ns_common_init(struct ns_common *ns, u32 ns_type, const struct proc_= ns_operations *ops, int inum); void __ns_common_free(struct ns_common *ns); =20 +static __always_inline bool is_initial_namespace(struct ns_common *ns) +{ + VFS_WARN_ON_ONCE(ns->inum =3D=3D 0); + return unlikely(in_range(ns->inum, MNT_NS_INIT_INO, + IPC_NS_INIT_INO - MNT_NS_INIT_INO + 1)); +} + #define to_ns_common(__ns) \ _Generic((__ns), \ struct cgroup_namespace *: &(__ns)->ns, \ @@ -133,14 +204,26 @@ void __ns_common_free(struct ns_common *ns); =20 #define ns_common_free(__ns) __ns_common_free(to_ns_common((__ns))) =20 +static __always_inline __must_check int __ns_ref_active_read(const struct = ns_common *ns) +{ + return atomic_read(&ns->__ns_ref_active); +} + static __always_inline __must_check bool __ns_ref_put(struct ns_common *ns) { - return refcount_dec_and_test(&ns->__ns_ref); + if (refcount_dec_and_test(&ns->__ns_ref)) { + VFS_WARN_ON_ONCE(__ns_ref_active_read(ns)); + return true; + } + return false; } =20 static __always_inline __must_check bool __ns_ref_get(struct ns_common *ns) { - return refcount_inc_not_zero(&ns->__ns_ref); + if (refcount_inc_not_zero(&ns->__ns_ref)) + return true; + VFS_WARN_ON_ONCE(__ns_ref_active_read(ns)); + return false; } =20 static __always_inline __must_check int __ns_ref_read(const struct ns_comm= on *ns) @@ -155,4 +238,57 @@ static __always_inline __must_check int __ns_ref_read(= const struct ns_common *ns #define ns_ref_put_and_lock(__ns, __lock) \ refcount_dec_and_lock(&to_ns_common((__ns))->__ns_ref, (__lock)) =20 +#define ns_ref_active_read(__ns) \ + ((__ns) ? __ns_ref_active_read(to_ns_common(__ns)) : 0) + +void __ns_ref_active_get_owner(struct ns_common *ns); + +static __always_inline void __ns_ref_active_get(struct ns_common *ns) +{ + WARN_ON_ONCE(atomic_add_negative(1, &ns->__ns_ref_active)); + VFS_WARN_ON_ONCE(is_initial_namespace(ns) && __ns_ref_active_read(ns) <= =3D 0); +} +#define ns_ref_active_get(__ns) \ + do { if (__ns) __ns_ref_active_get(to_ns_common(__ns)); } while (0) + +static __always_inline bool __ns_ref_active_get_not_zero(struct ns_common = *ns) +{ + if (atomic_inc_not_zero(&ns->__ns_ref_active)) { + VFS_WARN_ON_ONCE(!__ns_ref_read(ns)); + return true; + } + return false; +} + +#define ns_ref_active_get_owner(__ns) \ + do { if (__ns) __ns_ref_active_get_owner(to_ns_common(__ns)); } while (0) + +void __ns_ref_active_put_owner(struct ns_common *ns); + +static __always_inline void __ns_ref_active_put(struct ns_common *ns) +{ + if (atomic_dec_and_test(&ns->__ns_ref_active)) { + VFS_WARN_ON_ONCE(is_initial_namespace(ns)); + VFS_WARN_ON_ONCE(!__ns_ref_read(ns)); + __ns_ref_active_put_owner(ns); + } +} +#define ns_ref_active_put(__ns) \ + do { if (__ns) __ns_ref_active_put(to_ns_common(__ns)); } while (0) + +static __always_inline struct ns_common *__must_check ns_get_unless_inacti= ve(struct ns_common *ns) +{ + VFS_WARN_ON_ONCE(__ns_ref_active_read(ns) && !__ns_ref_read(ns)); + if (!__ns_ref_active_read(ns)) + return NULL; + if (!__ns_ref_get(ns)) + return NULL; + return ns; +} + +void __ns_ref_active_resurrect(struct ns_common *ns); + +#define ns_ref_active_resurrect(__ns) \ + do { if (__ns) __ns_ref_active_resurrect(to_ns_common(__ns)); } while (0) + #endif diff --git a/include/linux/nsfs.h b/include/linux/nsfs.h index e5a5fa83d36b..731b67fc2fec 100644 --- a/include/linux/nsfs.h +++ b/include/linux/nsfs.h @@ -37,4 +37,7 @@ void nsfs_init(void); =20 #define current_in_namespace(__ns) (__current_namespace_from_type(__ns) = =3D=3D __ns) =20 +void nsproxy_ns_active_get(struct nsproxy *ns); +void nsproxy_ns_active_put(struct nsproxy *ns); + #endif /* _LINUX_NSFS_H */ diff --git a/include/linux/nsproxy.h b/include/linux/nsproxy.h index 538ba8dba184..ac825eddec59 100644 --- a/include/linux/nsproxy.h +++ b/include/linux/nsproxy.h @@ -93,7 +93,10 @@ static inline struct cred *nsset_cred(struct nsset *set) */ =20 int copy_namespaces(u64 flags, struct task_struct *tsk); +void switch_cred_namespaces(const struct cred *old, const struct cred *new= ); void exit_nsproxy_namespaces(struct task_struct *tsk); +void get_cred_namespaces(struct task_struct *tsk); +void exit_cred_namespaces(struct task_struct *tsk); void switch_task_namespaces(struct task_struct *tsk, struct nsproxy *new); int exec_task_namespaces(void); void free_nsproxy(struct nsproxy *ns); diff --git a/init/version-timestamp.c b/init/version-timestamp.c index 61b2405d97f9..c38498f94646 100644 --- a/init/version-timestamp.c +++ b/init/version-timestamp.c @@ -10,6 +10,7 @@ struct uts_namespace init_uts_ns =3D { .ns.ns_type =3D ns_common_type(&init_uts_ns), .ns.__ns_ref =3D REFCOUNT_INIT(2), + .ns.__ns_ref_active =3D ATOMIC_INIT(1), .name =3D { .sysname =3D UTS_SYSNAME, .nodename =3D UTS_NODENAME, diff --git a/ipc/msgutil.c b/ipc/msgutil.c index c9469fbce27c..d7c66b430470 100644 --- a/ipc/msgutil.c +++ b/ipc/msgutil.c @@ -28,6 +28,7 @@ DEFINE_SPINLOCK(mq_lock); */ struct ipc_namespace init_ipc_ns =3D { .ns.__ns_ref =3D REFCOUNT_INIT(1), + .ns.__ns_ref_active =3D ATOMIC_INIT(1), .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_ipc_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_list_node), diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index ce4d227a9ca2..45e470011c77 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -251,6 +251,7 @@ bool cgroup_enable_per_threadgroup_rwsem __read_mostly; /* cgroup namespace for init task */ struct cgroup_namespace init_cgroup_ns =3D { .ns.__ns_ref =3D REFCOUNT_INIT(2), + .ns.__ns_ref_active =3D ATOMIC_INIT(1), .user_ns =3D &init_user_ns, .ns.ops =3D &cgroupns_operations, .ns.inum =3D ns_init_inum(&init_cgroup_ns), diff --git a/kernel/cred.c b/kernel/cred.c index dbf6b687dc5c..a6e7f580df14 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -306,6 +306,7 @@ int copy_creds(struct task_struct *p, u64 clone_flags) kdebug("share_creds(%p{%ld})", p->cred, atomic_long_read(&p->cred->usage)); inc_rlimit_ucounts(task_ucounts(p), UCOUNT_RLIMIT_NPROC, 1); + get_cred_namespaces(p); return 0; } =20 @@ -343,6 +344,8 @@ int copy_creds(struct task_struct *p, u64 clone_flags) =20 p->cred =3D p->real_cred =3D get_cred(new); inc_rlimit_ucounts(task_ucounts(p), UCOUNT_RLIMIT_NPROC, 1); + get_cred_namespaces(p); + return 0; =20 error_put: @@ -435,10 +438,13 @@ int commit_creds(struct cred *new) */ if (new->user !=3D old->user || new->user_ns !=3D old->user_ns) inc_rlimit_ucounts(new->ucounts, UCOUNT_RLIMIT_NPROC, 1); + rcu_assign_pointer(task->real_cred, new); rcu_assign_pointer(task->cred, new); if (new->user !=3D old->user || new->user_ns !=3D old->user_ns) dec_rlimit_ucounts(old->ucounts, UCOUNT_RLIMIT_NPROC, 1); + if (new->user_ns !=3D old->user_ns) + switch_cred_namespaces(old, new); =20 /* send notifications */ if (!uid_eq(new->uid, old->uid) || diff --git a/kernel/exit.c b/kernel/exit.c index 825998103520..988e16efd66b 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -291,6 +291,7 @@ void release_task(struct task_struct *p) write_unlock_irq(&tasklist_lock); /* @thread_pid can't go away until free_pids() below */ proc_flush_pid(thread_pid); + exit_cred_namespaces(p); add_device_randomness(&p->se.sum_exec_runtime, sizeof(p->se.sum_exec_runtime)); free_pids(post.pids); diff --git a/kernel/fork.c b/kernel/fork.c index 0926bfe4b8df..f1857672426e 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -2487,6 +2487,7 @@ __latent_entropy struct task_struct *copy_process( delayacct_tsk_free(p); bad_fork_cleanup_count: dec_rlimit_ucounts(task_ucounts(p), UCOUNT_RLIMIT_NPROC, 1); + exit_cred_namespaces(p); exit_creds(p); bad_fork_free: WRITE_ONCE(p->__state, TASK_DEAD); diff --git a/kernel/nscommon.c b/kernel/nscommon.c index c1fb2bad6d72..1935f640f05a 100644 --- a/kernel/nscommon.c +++ b/kernel/nscommon.c @@ -2,6 +2,7 @@ =20 #include #include +#include #include =20 #ifdef CONFIG_DEBUG_VFS @@ -52,6 +53,8 @@ static void ns_debug(struct ns_common *ns, const struct p= roc_ns_operations *ops) =20 int __ns_common_init(struct ns_common *ns, u32 ns_type, const struct proc_= ns_operations *ops, int inum) { + int ret; + refcount_set(&ns->__ns_ref, 1); ns->stashed =3D NULL; ns->ops =3D ops; @@ -68,10 +71,219 @@ int __ns_common_init(struct ns_common *ns, u32 ns_type= , const struct proc_ns_ope ns->inum =3D inum; return 0; } - return proc_alloc_inum(&ns->inum); + ret =3D proc_alloc_inum(&ns->inum); + if (ret) + return ret; + /* + * Tree ref starts at 0. It's incremented when namespace enters + * active use (installed in nsproxy) and decremented when all + * active uses are gone. Initial namespaces are always active. + */ + if (is_initial_namespace(ns)) + atomic_set(&ns->__ns_ref_active, 1); + else + atomic_set(&ns->__ns_ref_active, 0); + return 0; } =20 void __ns_common_free(struct ns_common *ns) { proc_free_inum(ns->inum); } + +static struct ns_common *ns_owner(struct ns_common *ns) +{ + struct user_namespace *owner; + + if (unlikely(!ns->ops)) + return NULL; + VFS_WARN_ON_ONCE(!ns->ops->owner); + owner =3D ns->ops->owner(ns); + VFS_WARN_ON_ONCE(!owner && ns !=3D to_ns_common(&init_user_ns)); + if (!owner) + return NULL; + /* Skip init_user_ns as it's always active */ + if (owner =3D=3D &init_user_ns) + return NULL; + return to_ns_common(owner); +} + +void __ns_ref_active_get_owner(struct ns_common *ns) +{ + ns =3D ns_owner(ns); + if (ns) + WARN_ON_ONCE(atomic_add_negative(1, &ns->__ns_ref_active)); +} + +/* + * The active reference count works by having each namespace that gets + * created take a single active reference on its owning user namespace. + * That single reference is only released once the child namespace's + * active count itself goes down. + * + * A regular namespace tree might look as follow: + * Legend: + * + : adding active reference + * - : dropping active reference + * x : always active (initial namespace) + * + * + * net_ns pid_ns + * \ / + * + + + * user_ns1 (2) + * | + * ipc_ns | uts_ns + * \ | / + * + + + + * user_ns2 (3) + * | + * cgroup_ns | mnt_ns + * \ | / + * x x x + * init_user_ns (1) + * + * If both net_ns and pid_ns put their last active reference on + * themselves it will cascade to user_ns1 dropping its own active + * reference and dropping one active reference on user_ns2: + * + * net_ns pid_ns + * \ / + * - - + * user_ns1 (0) + * | + * ipc_ns | uts_ns + * \ | / + * + - + + * user_ns2 (2) + * | + * cgroup_ns | mnt_ns + * \ | / + * x x x + * init_user_ns (1) + * + * The iteration stops once we reach a namespace that still has active + * references. + */ +void __ns_ref_active_put_owner(struct ns_common *ns) +{ + for (;;) { + ns =3D ns_owner(ns); + if (!ns) + return; + if (!atomic_dec_and_test(&ns->__ns_ref_active)) + return; + } +} + +/* + * The active reference count works by having each namespace that gets + * created take a single active reference on its owning user namespace. + * That single reference is only released once the child namespace's + * active count itself goes down. This makes it possible to efficiently + * resurrect a namespace tree: + * + * A regular namespace tree might look as follow: + * Legend: + * + : adding active reference + * - : dropping active reference + * x : always active (initial namespace) + * + * + * net_ns pid_ns + * \ / + * + + + * user_ns1 (2) + * | + * ipc_ns | uts_ns + * \ | / + * + + + + * user_ns2 (3) + * | + * cgroup_ns | mnt_ns + * \ | / + * x x x + * init_user_ns (1) + * + * If both net_ns and pid_ns put their last active reference on + * themselves it will cascade to user_ns1 dropping its own active + * reference and dropping one active reference on user_ns2: + * + * net_ns pid_ns + * \ / + * - - + * user_ns1 (0) + * | + * ipc_ns | uts_ns + * \ | / + * + - + + * user_ns2 (2) + * | + * cgroup_ns | mnt_ns + * \ | / + * x x x + * init_user_ns (1) + * + * Assume the whole tree is dead but all namespaces are still active: + * + * net_ns pid_ns + * \ / + * - - + * user_ns1 (0) + * | + * ipc_ns | uts_ns + * \ | / + * - - - + * user_ns2 (0) + * | + * cgroup_ns | mnt_ns + * \ | / + * x x x + * init_user_ns (1) + * + * Now assume the net_ns gets resurrected (.e.g., via the SIOCGSKNS ioctl(= )): + * + * net_ns pid_ns + * \ / + * + - + * user_ns1 (0) + * | + * ipc_ns | uts_ns + * \ | / + * - + - + * user_ns2 (0) + * | + * cgroup_ns | mnt_ns + * \ | / + * x x x + * init_user_ns (1) + * + * If net_ns had a zero reference count and we bumped it we also need to + * take another reference on its owning user namespace. Similarly, if + * pid_ns had a zero reference count it also needs to take another + * reference on its owning user namespace. So both net_ns and pid_ns + * will each have their own reference on the owning user namespace. + * + * If the owning user namespace user_ns1 had a zero reference count then + * it also needs to take another reference on its owning user namespace + * and so on. + */ +void __ns_ref_active_resurrect(struct ns_common *ns) +{ + /* If we didn't resurrect the namespace we're done. */ + if (atomic_fetch_add(1, &ns->__ns_ref_active)) + return; + + /* + * We did resurrect it. Walk the ownership hierarchy upwards + * until we found an owning user namespace that is active. + */ + for (;;) { + ns =3D ns_owner(ns); + if (!ns) + return; + + if (atomic_fetch_add(1, &ns->__ns_ref_active)) + return; + } +} diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c index 6ce76a0278ab..94c2cfe0afa1 100644 --- a/kernel/nsproxy.c +++ b/kernel/nsproxy.c @@ -26,6 +26,7 @@ #include #include #include +#include =20 static struct kmem_cache *nsproxy_cachep; =20 @@ -179,12 +180,15 @@ int copy_namespaces(u64 flags, struct task_struct *ts= k) if ((flags & CLONE_VM) =3D=3D 0) timens_on_fork(new_ns, tsk); =20 + nsproxy_ns_active_get(new_ns); tsk->nsproxy =3D new_ns; return 0; } =20 void free_nsproxy(struct nsproxy *ns) { + nsproxy_ns_active_put(ns); + put_mnt_ns(ns->mnt_ns); put_uts_ns(ns->uts_ns); put_ipc_ns(ns->ipc_ns); @@ -232,6 +236,9 @@ void switch_task_namespaces(struct task_struct *p, stru= ct nsproxy *new) =20 might_sleep(); =20 + if (new) + nsproxy_ns_active_get(new); + task_lock(p); ns =3D p->nsproxy; p->nsproxy =3D new; @@ -246,6 +253,22 @@ void exit_nsproxy_namespaces(struct task_struct *p) switch_task_namespaces(p, NULL); } =20 +void switch_cred_namespaces(const struct cred *old, const struct cred *new) +{ + ns_ref_active_get(new->user_ns); + ns_ref_active_put(old->user_ns); +} + +void get_cred_namespaces(struct task_struct *tsk) +{ + ns_ref_active_get(tsk->real_cred->user_ns); +} + +void exit_cred_namespaces(struct task_struct *tsk) +{ + ns_ref_active_put(tsk->real_cred->user_ns); +} + int exec_task_namespaces(void) { struct task_struct *tsk =3D current; diff --git a/kernel/nstree.c b/kernel/nstree.c index 369fd1675c6a..a231cd2e9368 100644 --- a/kernel/nstree.c +++ b/kernel/nstree.c @@ -122,6 +122,14 @@ void __ns_tree_add_raw(struct ns_common *ns, struct ns= _tree *ns_tree) write_sequnlock(&ns_tree->ns_tree_lock); =20 VFS_WARN_ON_ONCE(node); + + /* + * Take an active reference on the owner namespace. This ensures + * that the owner remains visible while any of its child namespaces + * are active. For init namespaces this is a no-op as ns_owner() + * returns NULL for namespaces owned by init_user_ns. + */ + __ns_ref_active_get_owner(ns); } =20 void __ns_tree_remove(struct ns_common *ns, struct ns_tree *ns_tree) diff --git a/kernel/pid.c b/kernel/pid.c index cb7574ca00f7..ec9051d387ee 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -72,6 +72,7 @@ static int pid_max_max =3D PID_MAX_LIMIT; */ struct pid_namespace init_pid_ns =3D { .ns.__ns_ref =3D REFCOUNT_INIT(2), + .ns.__ns_ref_active =3D ATOMIC_INIT(1), .idr =3D IDR_INIT(init_pid_ns.idr), .pid_allocated =3D PIDNS_ADDING, .level =3D 0, @@ -118,9 +119,13 @@ static void delayed_put_pid(struct rcu_head *rhp) void free_pid(struct pid *pid) { int i; + struct pid_namespace *active_ns; =20 lockdep_assert_not_held(&tasklist_lock); =20 + active_ns =3D pid->numbers[pid->level].ns; + ns_ref_active_put(active_ns); + spin_lock(&pidmap_lock); for (i =3D 0; i <=3D pid->level; i++) { struct upid *upid =3D pid->numbers + i; @@ -284,6 +289,7 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *= set_tid, } spin_unlock(&pidmap_lock); idr_preload_end(); + ns_ref_active_get(ns); =20 return pid; =20 diff --git a/kernel/time/namespace.c b/kernel/time/namespace.c index ee05cad288da..68b67c68670d 100644 --- a/kernel/time/namespace.c +++ b/kernel/time/namespace.c @@ -480,6 +480,7 @@ const struct proc_ns_operations timens_for_children_ope= rations =3D { struct time_namespace init_time_ns =3D { .ns.ns_type =3D ns_common_type(&init_time_ns), .ns.__ns_ref =3D REFCOUNT_INIT(3), + .ns.__ns_ref_active =3D ATOMIC_INIT(1), .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_time_ns), .ns.ops =3D &timens_operations, diff --git a/kernel/user.c b/kernel/user.c index b9cf3b056a71..bf60532856db 100644 --- a/kernel/user.c +++ b/kernel/user.c @@ -67,6 +67,7 @@ struct user_namespace init_user_ns =3D { }, .ns.ns_type =3D ns_common_type(&init_user_ns), .ns.__ns_ref =3D REFCOUNT_INIT(3), + .ns.__ns_ref_active =3D ATOMIC_INIT(1), .owner =3D GLOBAL_ROOT_UID, .group =3D GLOBAL_ROOT_GID, .ns.inum =3D ns_init_inum(&init_user_ns), --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A457D343D70; Wed, 29 Oct 2025 12:21:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740499; cv=none; b=QZm3EyzwoIzg2ysI1+myavzP9pjzuglem7BNFDWqtNr4nlfC/Qv7Zsl5o2ZsYKcpULZrO6U0lIXDIMOdpvMYEFjIXJGh4BWyBLkvSx/zFM2BtUM77AiAUSFZDYhBBur5omqG+wODdigMM5/gvjzzJcKkaj/PVAAXwNiJtIUjcpo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740499; c=relaxed/simple; bh=lN89dkAc1rJX+YACfmrA/G36BNwMab+4/KHiS7lDb0g=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=VEYtTcf46LeREvvCh9JQwzU+iZJyMd+U9Hum84pGGoEzNPQLfpxDE/Xz44g4w1K8xsRqkS5I+MxwGHRvRE48ecCLzW0vbHi1o4o2BdOFocgnI6K1I69athf45OYxDla7FDecwbTU1TEwK32MfTVJOl8u4qaXJWmgXDGvB5HwkvI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ubZripBN; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ubZripBN" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A60D1C4CEFF; Wed, 29 Oct 2025 12:21:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740499; bh=lN89dkAc1rJX+YACfmrA/G36BNwMab+4/KHiS7lDb0g=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ubZripBNNV11xLKcOL51HnpwGrLNf6h89ffYdkix6iUr6BLrpxWWvHTvMZq/S9Dgc jjlSIe5FhNrGWPIQyOIGdeyZf/QVZUtsdMRKXgn/NoIIgGuqmxJMbHgvGA9Op0E0YZ c/SwKk8vjtQoA99i+29sXHcAqDI23lxfu7y5LX5hGXfufLeLnDd5xod5yKNS7lByCs yqUy2rfTpjyKLMNooTa7gAP5P6e8LKD890Dma9n/F/g0MbZ80G2bw3tZNYhqUQ37tt PjMcmm4M/W+aD7X6vgP+dw6JD7ogD9PPiImlSygT5DH+HWKZRpDPP7IAXc1ZZoWLjP +SaK4Fy2xHTfA== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:25 +0100 Subject: [PATCH v4 12/72] ns: use anonymous struct to group list member Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-12-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=775; i=brauner@kernel.org; h=from:subject:message-id; bh=lN89dkAc1rJX+YACfmrA/G36BNwMab+4/KHiS7lDb0g=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVwuDVnOuzbuGdq+7+NpsuNO/dsmpMg3p22bNEWs XPfXy9f11HKwiDGxSArpsji0G4SLrecp2KzUaYGzBxWJpAhDFycAjARtgqG/9lmcb+eL7SYp3WT +dGXzxKKHK1XV3sw/IzU+M16+AkvawTDP1Wblo31HyJ/5FzetnmntNiiQOfTNntrdxX1rFhhZdE yjwUA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Make it easier to spot that they belong together conceptually. Signed-off-by: Christian Brauner --- include/linux/ns_common.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h index bec01741962d..adc3542042af 100644 --- a/include/linux/ns_common.h +++ b/include/linux/ns_common.h @@ -109,8 +109,10 @@ struct ns_common { union { struct { u64 ns_id; - struct rb_node ns_tree_node; - struct list_head ns_list_node; + struct /* per type rbtree and list */ { + struct rb_node ns_tree_node; + struct list_head ns_list_node; + }; atomic_t __ns_ref_active; /* do not use directly */ }; struct rcu_head ns_rcu; --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DF8B0344022; Wed, 29 Oct 2025 12:21:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740505; cv=none; b=o8ig7FXfVHt+u3ghBCbcmzeoVGtcnl1UhvE/4iPn1EmT635e5DH5mGio6DlxJpWdKmYtUnyKGxvYDKSdH7/a30Igxli7BhgUALhy/A9hPvztuzi+eilSLacXukr4DfdeNvgCXlezJTYg9ZumzJ8E7gk1A7yEVtCGIz8VDUB0AFk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740505; c=relaxed/simple; bh=gSgGIpCVPo6ljx2uG9Sli0vSC4D2sfzy0ATjD38IwRo=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=J20KXZ2PS7VC8Cg/L8M+NmIHROAz0qJ5GNJIRHIeBvfWA2E807hD0MXTaHmHO+8aU7innmSpKD4hcCACuIfIq6WbPkcWxxWb3dtpWNLh539jmbo4RRjC5uGmIV9DFh3MtHKuig1Zp0oGZNdJ/lcf1GzCD6WsOauq7KbFO7LX93A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ajawMwtQ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ajawMwtQ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 021CDC4CEFD; Wed, 29 Oct 2025 12:21:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740504; bh=gSgGIpCVPo6ljx2uG9Sli0vSC4D2sfzy0ATjD38IwRo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ajawMwtQkHSbh7ZMTwrx/5nDg5x/FGqqq7zkpC+2b1qQhju5Zpv8/pZmLUFpU4ABn cOoyVBwkykwZg3v+om8M6yRDobvK76id0GwXizpFbuAreCgSQjCnql6eqdeWHJLQRd wu5Y6okPhysYD5dCQJY4qoS5b7K0rEbZE7ha7hcsrUT/G7T0cKKnr1r9LqTTzSFC72 GQ0OhdBFltwHTwwacfKKxaiJ7KvKTl3qg0apMzjT5Tegw2wI4VugcfNWKL4yvHow4X 3wPkgKHBt9nFWh1iRIsH/YdUaPlidjSVkIGEx6SJpuw2/sXfnP9cUrW+gRXRPtUZOf kHxrY4FA6UodA== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:26 +0100 Subject: [PATCH v4 13/72] nstree: introduce a unified tree Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-13-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=8507; i=brauner@kernel.org; h=from:subject:message-id; bh=gSgGIpCVPo6ljx2uG9Sli0vSC4D2sfzy0ATjD38IwRo=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXE/1y8k9dERT/T2qfo1YUJ11gtSjVb71kt/r07Y MrEm0qtHaUsDGJcDLJiiiwO7Sbhcst5KjYbZWrAzGFlAhnCwMUpABNRWs7IsPvwwW1mzFL+jhcU Nr5sbmD95OVyQIKv80bLHbHFkd010xgZFh9ZN6FKrPLpAcGpsjxCX+3rHgY1PNxS9barZgHH0ts KDAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 This will allow userspace to lookup and stat a namespace simply by its identifier without having to know what type of namespace it is. Signed-off-by: Christian Brauner --- include/linux/ns_common.h | 4 ++ kernel/nscommon.c | 1 + kernel/nstree.c | 114 ++++++++++++++++++++++++++++++++++++------= ---- 3 files changed, 95 insertions(+), 24 deletions(-) diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h index adc3542042af..88f27b678b4e 100644 --- a/include/linux/ns_common.h +++ b/include/linux/ns_common.h @@ -109,6 +109,10 @@ struct ns_common { union { struct { u64 ns_id; + struct /* global namespace rbtree and list */ { + struct rb_node ns_unified_tree_node; + struct list_head ns_unified_list_node; + }; struct /* per type rbtree and list */ { struct rb_node ns_tree_node; struct list_head ns_list_node; diff --git a/kernel/nscommon.c b/kernel/nscommon.c index 1935f640f05a..98a237be64bc 100644 --- a/kernel/nscommon.c +++ b/kernel/nscommon.c @@ -61,6 +61,7 @@ int __ns_common_init(struct ns_common *ns, u32 ns_type, c= onst struct proc_ns_ope ns->ns_id =3D 0; ns->ns_type =3D ns_type; RB_CLEAR_NODE(&ns->ns_tree_node); + RB_CLEAR_NODE(&ns->ns_unified_tree_node); INIT_LIST_HEAD(&ns->ns_list_node); =20 #ifdef CONFIG_DEBUG_VFS diff --git a/kernel/nstree.c b/kernel/nstree.c index a231cd2e9368..dbe4fb18f021 100644 --- a/kernel/nstree.c +++ b/kernel/nstree.c @@ -4,75 +4,86 @@ #include #include =20 +__cacheline_aligned_in_smp DEFINE_SEQLOCK(ns_tree_lock); +static struct rb_root ns_unified_tree =3D RB_ROOT; /* protected by ns_tree= _lock */ + /** * struct ns_tree - Namespace tree * @ns_tree: Rbtree of namespaces of a particular type * @ns_list: Sequentially walkable list of all namespaces of this type - * @ns_tree_lock: Seqlock to protect the tree and list * @type: type of namespaces in this tree */ struct ns_tree { - struct rb_root ns_tree; - struct list_head ns_list; - seqlock_t ns_tree_lock; - int type; + struct rb_root ns_tree; + struct list_head ns_list; +#ifdef CONFIG_DEBUG_VFS + int type; +#endif }; =20 struct ns_tree mnt_ns_tree =3D { .ns_tree =3D RB_ROOT, .ns_list =3D LIST_HEAD_INIT(mnt_ns_tree.ns_list), - .ns_tree_lock =3D __SEQLOCK_UNLOCKED(mnt_ns_tree.ns_tree_lock), +#ifdef CONFIG_DEBUG_VFS .type =3D CLONE_NEWNS, +#endif }; =20 struct ns_tree net_ns_tree =3D { .ns_tree =3D RB_ROOT, .ns_list =3D LIST_HEAD_INIT(net_ns_tree.ns_list), - .ns_tree_lock =3D __SEQLOCK_UNLOCKED(net_ns_tree.ns_tree_lock), +#ifdef CONFIG_DEBUG_VFS .type =3D CLONE_NEWNET, +#endif }; EXPORT_SYMBOL_GPL(net_ns_tree); =20 struct ns_tree uts_ns_tree =3D { .ns_tree =3D RB_ROOT, .ns_list =3D LIST_HEAD_INIT(uts_ns_tree.ns_list), - .ns_tree_lock =3D __SEQLOCK_UNLOCKED(uts_ns_tree.ns_tree_lock), +#ifdef CONFIG_DEBUG_VFS .type =3D CLONE_NEWUTS, +#endif }; =20 struct ns_tree user_ns_tree =3D { .ns_tree =3D RB_ROOT, .ns_list =3D LIST_HEAD_INIT(user_ns_tree.ns_list), - .ns_tree_lock =3D __SEQLOCK_UNLOCKED(user_ns_tree.ns_tree_lock), +#ifdef CONFIG_DEBUG_VFS .type =3D CLONE_NEWUSER, +#endif }; =20 struct ns_tree ipc_ns_tree =3D { .ns_tree =3D RB_ROOT, .ns_list =3D LIST_HEAD_INIT(ipc_ns_tree.ns_list), - .ns_tree_lock =3D __SEQLOCK_UNLOCKED(ipc_ns_tree.ns_tree_lock), +#ifdef CONFIG_DEBUG_VFS .type =3D CLONE_NEWIPC, +#endif }; =20 struct ns_tree pid_ns_tree =3D { .ns_tree =3D RB_ROOT, .ns_list =3D LIST_HEAD_INIT(pid_ns_tree.ns_list), - .ns_tree_lock =3D __SEQLOCK_UNLOCKED(pid_ns_tree.ns_tree_lock), +#ifdef CONFIG_DEBUG_VFS .type =3D CLONE_NEWPID, +#endif }; =20 struct ns_tree cgroup_ns_tree =3D { .ns_tree =3D RB_ROOT, .ns_list =3D LIST_HEAD_INIT(cgroup_ns_tree.ns_list), - .ns_tree_lock =3D __SEQLOCK_UNLOCKED(cgroup_ns_tree.ns_tree_lock), +#ifdef CONFIG_DEBUG_VFS .type =3D CLONE_NEWCGROUP, +#endif }; =20 struct ns_tree time_ns_tree =3D { .ns_tree =3D RB_ROOT, .ns_list =3D LIST_HEAD_INIT(time_ns_tree.ns_list), - .ns_tree_lock =3D __SEQLOCK_UNLOCKED(time_ns_tree.ns_tree_lock), +#ifdef CONFIG_DEBUG_VFS .type =3D CLONE_NEWTIME, +#endif }; =20 DEFINE_COOKIE(namespace_cookie); @@ -84,6 +95,13 @@ static inline struct ns_common *node_to_ns(const struct = rb_node *node) return rb_entry(node, struct ns_common, ns_tree_node); } =20 +static inline struct ns_common *node_to_ns_unified(const struct rb_node *n= ode) +{ + if (!node) + return NULL; + return rb_entry(node, struct ns_common, ns_unified_tree_node); +} + static inline int ns_cmp(struct rb_node *a, const struct rb_node *b) { struct ns_common *ns_a =3D node_to_ns(a); @@ -98,15 +116,27 @@ static inline int ns_cmp(struct rb_node *a, const stru= ct rb_node *b) return 0; } =20 +static inline int ns_cmp_unified(struct rb_node *a, const struct rb_node *= b) +{ + struct ns_common *ns_a =3D node_to_ns_unified(a); + struct ns_common *ns_b =3D node_to_ns_unified(b); + u64 ns_id_a =3D ns_a->ns_id; + u64 ns_id_b =3D ns_b->ns_id; + + if (ns_id_a < ns_id_b) + return -1; + if (ns_id_a > ns_id_b) + return 1; + return 0; +} + void __ns_tree_add_raw(struct ns_common *ns, struct ns_tree *ns_tree) { struct rb_node *node, *prev; =20 VFS_WARN_ON_ONCE(!ns->ns_id); =20 - write_seqlock(&ns_tree->ns_tree_lock); - - VFS_WARN_ON_ONCE(ns->ns_type !=3D ns_tree->type); + write_seqlock(&ns_tree_lock); =20 node =3D rb_find_add_rcu(&ns->ns_tree_node, &ns_tree->ns_tree, ns_cmp); /* @@ -119,7 +149,8 @@ void __ns_tree_add_raw(struct ns_common *ns, struct ns_= tree *ns_tree) else list_add_rcu(&ns->ns_list_node, &node_to_ns(prev)->ns_list_node); =20 - write_sequnlock(&ns_tree->ns_tree_lock); + rb_find_add_rcu(&ns->ns_unified_tree_node, &ns_unified_tree, ns_cmp_unifi= ed); + write_sequnlock(&ns_tree_lock); =20 VFS_WARN_ON_ONCE(node); =20 @@ -138,11 +169,12 @@ void __ns_tree_remove(struct ns_common *ns, struct ns= _tree *ns_tree) VFS_WARN_ON_ONCE(list_empty(&ns->ns_list_node)); VFS_WARN_ON_ONCE(ns->ns_type !=3D ns_tree->type); =20 - write_seqlock(&ns_tree->ns_tree_lock); + write_seqlock(&ns_tree_lock); rb_erase(&ns->ns_tree_node, &ns_tree->ns_tree); + rb_erase(&ns->ns_unified_tree_node, &ns_unified_tree); list_bidir_del_rcu(&ns->ns_list_node); RB_CLEAR_NODE(&ns->ns_tree_node); - write_sequnlock(&ns_tree->ns_tree_lock); + write_sequnlock(&ns_tree_lock); } EXPORT_SYMBOL_GPL(__ns_tree_remove); =20 @@ -158,6 +190,17 @@ static int ns_find(const void *key, const struct rb_no= de *node) return 0; } =20 +static int ns_find_unified(const void *key, const struct rb_node *node) +{ + const u64 ns_id =3D *(u64 *)key; + const struct ns_common *ns =3D node_to_ns_unified(node); + + if (ns_id < ns->ns_id) + return -1; + if (ns_id > ns->ns_id) + return 1; + return 0; +} =20 static struct ns_tree *ns_tree_from_type(int ns_type) { @@ -183,28 +226,51 @@ static struct ns_tree *ns_tree_from_type(int ns_type) return NULL; } =20 -struct ns_common *ns_tree_lookup_rcu(u64 ns_id, int ns_type) +static struct ns_common *__ns_unified_tree_lookup_rcu(u64 ns_id) { - struct ns_tree *ns_tree; struct rb_node *node; unsigned int seq; =20 - RCU_LOCKDEP_WARN(!rcu_read_lock_held(), "suspicious ns_tree_lookup_rcu() = usage"); + do { + seq =3D read_seqbegin(&ns_tree_lock); + node =3D rb_find_rcu(&ns_id, &ns_unified_tree, ns_find_unified); + if (node) + break; + } while (read_seqretry(&ns_tree_lock, seq)); + + return node_to_ns_unified(node); +} + +static struct ns_common *__ns_tree_lookup_rcu(u64 ns_id, int ns_type) +{ + struct ns_tree *ns_tree; + struct rb_node *node; + unsigned int seq; =20 ns_tree =3D ns_tree_from_type(ns_type); if (!ns_tree) return NULL; =20 do { - seq =3D read_seqbegin(&ns_tree->ns_tree_lock); + seq =3D read_seqbegin(&ns_tree_lock); node =3D rb_find_rcu(&ns_id, &ns_tree->ns_tree, ns_find); if (node) break; - } while (read_seqretry(&ns_tree->ns_tree_lock, seq)); + } while (read_seqretry(&ns_tree_lock, seq)); =20 return node_to_ns(node); } =20 +struct ns_common *ns_tree_lookup_rcu(u64 ns_id, int ns_type) +{ + RCU_LOCKDEP_WARN(!rcu_read_lock_held(), "suspicious ns_tree_lookup_rcu() = usage"); + + if (ns_type) + return __ns_tree_lookup_rcu(ns_id, ns_type); + + return __ns_unified_tree_lookup_rcu(ns_id); +} + /** * ns_tree_adjoined_rcu - find the next/previous namespace in the same * tree --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 07BF3350D44; Wed, 29 Oct 2025 12:21:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740510; cv=none; b=KcswvWOS2FDNpH9yDkjIGOZkRXe3w9hCTPiBfBr1dIvU2B2tD8oxDHawPX6RN3/mEMDkpx3PpvVulWCf8Q+bxpwbWmQ93+ur+rrE8/gHE6Sk1SoWl0aYjhDEuFSgQ8P8Zr8rwgHH2XJcHZ9iIrPHX/4Le73lbC2bHpDdIehNYH8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740510; c=relaxed/simple; bh=MytxepP0DfHSoS+/OXNPO9l7OLu6SuN3axgNA99B+CQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=H5wEHtVsarN4k+Vub6jUHdvocyor8sq8eNT3eqBNddv3wpnAt/6ALuEYtb+22eABdeDXHXjtM21MVR6nR3s2JzlHMjjX/BSO+CI7wZnPLkSw9O/2zAsyjpr3a+NPgRbC2mUojFG3jkO4roM74zSHI3N0tH74xfNuM5foVioi6rg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=IESlURWP; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="IESlURWP" Received: by smtp.kernel.org (Postfix) with ESMTPSA id DBE97C4CEF7; Wed, 29 Oct 2025 12:21:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740509; bh=MytxepP0DfHSoS+/OXNPO9l7OLu6SuN3axgNA99B+CQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=IESlURWPE9H7GfHgu5SdcDuWq6OnRHQitBMAr7+NniY5jzdAP9YvZ49kW5qvx52Gx eQ3CdZmjM2YJektWQZ8Ed378B/94RoDNQs9jlPuHZl9lzUirH8KCEld9v7EW4WxII3 dS2YR4w3HThA64wuFJP5bVNph6FcKrnm/c071qcPw49LARQeZES90TvCyF41FdLOJ5 4MrXdhmyKjzOa//5ZpV+Yf9o1h6ueW4RXvWCDmIYfKaZCJBoI83cuL0nyjK4tv1w5t v0TSfzptikfV5kqEi5ePpPVntpLTQK3dCMBb4OD5CTwt9v237LiocdHVm1dGEG6uL3 yY0z/g7fD0ivw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:27 +0100 Subject: [PATCH v4 14/72] nstree: allow lookup solely based on inode Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-14-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1240; i=brauner@kernel.org; h=from:subject:message-id; bh=MytxepP0DfHSoS+/OXNPO9l7OLu6SuN3axgNA99B+CQ=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUYR+/ZEPnpq60cd8W5gga5wB/bWH/O+V/KVX4lg 9Hhd9q8jlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgImYvmBkOPfxsU/VtU+bzW8z LusV/jlRoGWdluVPY8nyC+mnI0seLmdkmH54kX2X+1m/Gp71ktt26N0SCPxx/ZRGyxl5DQvhQLN fvAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 The namespace file handle struct nsfs_file_handle is uapi and userspace is expressly allowed to generate file handles without going through name_to_handle_at(). Allow userspace to generate a file handle where both the inode number and the namespace type are zero and just pass in the unique namespace id. The kernel uses the unified namespace tree to find the namespace and open the file handle. When the kernel creates a file handle via name_to_handle_at() it will always fill in the type and the inode number allowing userspace to retrieve core information. Signed-off-by: Christian Brauner --- fs/nsfs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/nsfs.c b/fs/nsfs.c index a6a28d9cb55d..201d6de53353 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -502,8 +502,8 @@ static struct dentry *nsfs_fh_to_dentry(struct super_bl= ock *sb, struct fid *fh, return NULL; =20 VFS_WARN_ON_ONCE(ns->ns_id !=3D fid->ns_id); - VFS_WARN_ON_ONCE(ns->ns_type !=3D fid->ns_type); - VFS_WARN_ON_ONCE(ns->inum !=3D fid->ns_inum); + if (fid->ns_inum && (fid->ns_inum !=3D ns->inum)) + return NULL; =20 /* * This is racy because we're not actually taking an --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 09181350D44; Wed, 29 Oct 2025 12:21:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740515; cv=none; b=dhr+iLMCnBNXerPlVHcfW6bV5PlfFr2/hP2uW4L1RcTJo7FnsDi/D/41H3+HUFCpx1blupJTruwBUfUwrBa+OzpnbG46Z/Ob5NUYNmauMt8mFt2uUAacIiRyn3OewLTSK/Qq9Gc1x4/TF5rSWbiL5aFFAlGTF9O6v7F9y/V7MBU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740515; c=relaxed/simple; bh=tqeqM46Pdv4KKERzwHTNlzyJ8qjuiZMaJt3xQME3qZo=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=JJA4MtWO8ZNrd66lCou7t8EGxmoef9oEplrt4XsNfZLG/mI2i45fF1+mvFk70/raci0fML5RYa6X9hx7i2wiHnaLAJYK5RrDNHkP624B4VtuNwvPPGB9l8v1gzUUjOhXJJDRo0nuL7e/wXNNug6jLaHdw07CjNVrCTcJir8bzE4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ZjlTTNb/; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ZjlTTNb/" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0C059C4CEFD; Wed, 29 Oct 2025 12:21:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740514; bh=tqeqM46Pdv4KKERzwHTNlzyJ8qjuiZMaJt3xQME3qZo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ZjlTTNb/55hGV8B0GxPiRoIXEf4Wxx8lPUjp7Wr/MYxT+X+OmFKIV68BWc/lxBSE0 TIaQTAwRQhWGcnatkLVPHYFLVLFiY0ttgdDFOsvB01HonklsqcSaL5ArxSnBeyMsCr MM6l/A5ZLedi19XF9XDhrAun0DY5nxplpkhFGnKC/DRv+BFe7zwAUhbbnRYOI8HSVj M7ghS6wfZB2oB7CIr+E+difKpWeD4kNJWlKkAd2UcE1i0aPoyhKwVyyvm9Pu1yhQQf zdoXgplMMelFbTEQ1xVdvN908NhVbW4VsMOojmSYNWGjckloScon8CGo1fPOpck6ds CeKrvlwoeiJJw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:28 +0100 Subject: [PATCH v4 15/72] nstree: assign fixed ids to the initial namespaces Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-15-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=6165; i=brauner@kernel.org; h=from:subject:message-id; bh=tqeqM46Pdv4KKERzwHTNlzyJ8qjuiZMaJt3xQME3qZo=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVoXbGtiBeaHp7ePc2Bz2LvnqL699/qb3V0ai/p5 13deUmpo5SFQYyLQVZMkcWh3SRcbjlPxWajTA2YOaxMIEMYuDgFYCLBvxj+ezQxfoyPqXyYqCi/ uKVEde0rnZqW1D7t09F978o/TVeQY/hf2HZDgMkhnW/hljLF62rT9z72n8v9YdP8sAfrP0/R8b3 IDgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 The initial set of namespace comes with fixed inode numbers making it easy for userspace to identify them solely based on that information. This has long preceeded anything here. Similarly, let's assign fixed namespace ids for the initial namespaces. Kill the cookie and use a sequentially increasing number. This has the nice side-effect that the owning user namespace will always have a namespace id that is smaller than any of it's descendant namespaces. Signed-off-by: Christian Brauner --- fs/namespace.c | 2 +- include/linux/nstree.h | 26 ++++++++++++++++++++++---- include/uapi/linux/nsfs.h | 14 ++++++++++++++ kernel/nstree.c | 13 ++++++++----- net/core/net_namespace.c | 2 +- 5 files changed, 46 insertions(+), 11 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 85648dfce9be..22b4ff6ba134 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -4094,7 +4094,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user= _namespace *user_ns, bool a return ERR_PTR(ret); } if (!anon) - ns_tree_gen_id(&new_ns->ns); + ns_tree_gen_id(new_ns); refcount_set(&new_ns->passive, 1); new_ns->mounts =3D RB_ROOT; init_waitqueue_head(&new_ns->poll); diff --git a/include/linux/nstree.h b/include/linux/nstree.h index 8b8636690473..96ee71622517 100644 --- a/include/linux/nstree.h +++ b/include/linux/nstree.h @@ -8,6 +8,7 @@ #include #include #include +#include =20 extern struct ns_tree cgroup_ns_tree; extern struct ns_tree ipc_ns_tree; @@ -29,7 +30,22 @@ extern struct ns_tree uts_ns_tree; struct user_namespace *: &(user_ns_tree), \ struct uts_namespace *: &(uts_ns_tree)) =20 -u64 ns_tree_gen_id(struct ns_common *ns); +#define ns_init_id(__ns) \ + _Generic((__ns), \ + struct cgroup_namespace *: CGROUP_NS_INIT_ID, \ + struct ipc_namespace *: IPC_NS_INIT_ID, \ + struct mnt_namespace *: MNT_NS_INIT_ID, \ + struct net *: NET_NS_INIT_ID, \ + struct pid_namespace *: PID_NS_INIT_ID, \ + struct time_namespace *: TIME_NS_INIT_ID, \ + struct user_namespace *: USER_NS_INIT_ID, \ + struct uts_namespace *: UTS_NS_INIT_ID) + +#define ns_tree_gen_id(__ns) \ + __ns_tree_gen_id(to_ns_common(__ns), \ + (((__ns) =3D=3D ns_init_ns(__ns)) ? ns_init_id(__ns) : 0)) + +u64 __ns_tree_gen_id(struct ns_common *ns, u64 id); void __ns_tree_add_raw(struct ns_common *ns, struct ns_tree *ns_tree); void __ns_tree_remove(struct ns_common *ns, struct ns_tree *ns_tree); struct ns_common *ns_tree_lookup_rcu(u64 ns_id, int ns_type); @@ -37,9 +53,9 @@ struct ns_common *__ns_tree_adjoined_rcu(struct ns_common= *ns, struct ns_tree *ns_tree, bool previous); =20 -static inline void __ns_tree_add(struct ns_common *ns, struct ns_tree *ns_= tree) +static inline void __ns_tree_add(struct ns_common *ns, struct ns_tree *ns_= tree, u64 id) { - ns_tree_gen_id(ns); + __ns_tree_gen_id(ns, id); __ns_tree_add_raw(ns, ns_tree); } =20 @@ -59,7 +75,9 @@ static inline void __ns_tree_add(struct ns_common *ns, st= ruct ns_tree *ns_tree) * This function assigns a new id to the namespace and adds it to the * appropriate namespace tree and list. */ -#define ns_tree_add(__ns) __ns_tree_add(to_ns_common(__ns), to_ns_tree(__n= s)) +#define ns_tree_add(__ns) \ + __ns_tree_add(to_ns_common(__ns), to_ns_tree(__ns), \ + (((__ns) =3D=3D ns_init_ns(__ns)) ? ns_init_id(__ns) : 0)) =20 /** * ns_tree_remove - Remove a namespace from a namespace tree diff --git a/include/uapi/linux/nsfs.h b/include/uapi/linux/nsfs.h index e098759ec917..f8bc2aad74d6 100644 --- a/include/uapi/linux/nsfs.h +++ b/include/uapi/linux/nsfs.h @@ -67,4 +67,18 @@ struct nsfs_file_handle { #define NSFS_FILE_HANDLE_SIZE_VER0 16 /* sizeof first published struct */ #define NSFS_FILE_HANDLE_SIZE_LATEST sizeof(struct nsfs_file_handle) /* si= zeof latest published struct */ =20 +enum init_ns_id { + IPC_NS_INIT_ID =3D 1ULL, + UTS_NS_INIT_ID =3D 2ULL, + USER_NS_INIT_ID =3D 3ULL, + PID_NS_INIT_ID =3D 4ULL, + CGROUP_NS_INIT_ID =3D 5ULL, + TIME_NS_INIT_ID =3D 6ULL, + NET_NS_INIT_ID =3D 7ULL, + MNT_NS_INIT_ID =3D 8ULL, +#ifdef __KERNEL__ + NS_LAST_INIT_ID =3D MNT_NS_INIT_ID, +#endif +}; + #endif /* __LINUX_NSFS_H */ diff --git a/kernel/nstree.c b/kernel/nstree.c index dbe4fb18f021..bd6b0a22fd8e 100644 --- a/kernel/nstree.c +++ b/kernel/nstree.c @@ -86,8 +86,6 @@ struct ns_tree time_ns_tree =3D { #endif }; =20 -DEFINE_COOKIE(namespace_cookie); - static inline struct ns_common *node_to_ns(const struct rb_node *node) { if (!node) @@ -302,15 +300,20 @@ struct ns_common *__ns_tree_adjoined_rcu(struct ns_co= mmon *ns, /** * ns_tree_gen_id - generate a new namespace id * @ns: namespace to generate id for + * @id: if non-zero, this is the initial namespace and this is a fixed id * * Generates a new namespace id and assigns it to the namespace. All * namespaces types share the same id space and thus can be compared * directly. IOW, when two ids of two namespace are equal, they are * identical. */ -u64 ns_tree_gen_id(struct ns_common *ns) +u64 __ns_tree_gen_id(struct ns_common *ns, u64 id) { - guard(preempt)(); - ns->ns_id =3D gen_cookie_next(&namespace_cookie); + static atomic64_t namespace_cookie =3D ATOMIC64_INIT(NS_LAST_INIT_ID + 1); + + if (id) + ns->ns_id =3D id; + else + ns->ns_id =3D atomic64_inc_return(&namespace_cookie); return ns->ns_id; } diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index b0e0f22d7b21..83cbec4afcb3 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -439,7 +439,7 @@ static __net_init int setup_net(struct net *net) LIST_HEAD(net_exit_list); int error =3D 0; =20 - net->net_cookie =3D ns_tree_gen_id(&net->ns); + net->net_cookie =3D ns_tree_gen_id(net); =20 list_for_each_entry(ops, &pernet_list, list) { error =3D ops_init(ops, net); --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D31511BCA1C; Wed, 29 Oct 2025 12:21:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740519; cv=none; b=YEL3n78TOTUZh9dWYddzTsqOng8jHNel0vjkdiH9c1JFkJcdNkknMb5BxPMDwR4S2hAOxgE5i7sp2/HVW+G+3cSn3PTtKccWWwd2YyvoLsgT8ivC4JaKm3TJwNr9yk+E2sjt+ZU5Htr2OmJX4KQ3PevcUjNSDnUEvgTFQkJTGoU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740519; c=relaxed/simple; bh=WRA0I35exugbAjGukfF0PjSWvMFh88nJ9OMdudItzfM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=UniFOr1UybIm4LhFC9r4C6OEobHOpfbugEocMikR7sSNFhlJHKcrQAiH6PVzOxudkO/B1auOx2XQW4Ua9p48F9O08+h7uHC6dQ2NOgXb3t609HbSAphGVFdrGTmCIKb5oet2PkPtYFuh9wRn/4bH8rj9r87VvHI27SvlFXmy3pE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Ttvf/Azg; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Ttvf/Azg" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 11142C116B1; Wed, 29 Oct 2025 12:21:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740519; bh=WRA0I35exugbAjGukfF0PjSWvMFh88nJ9OMdudItzfM=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=Ttvf/AzgWa1pTssUTPxBQthbg6Jb3VaT4SZacRhF1TTUibtU+aFV6qghHGzysJ92/ lvDKxO8gqizhJx/Ni5TbICEi+DecXId31O0pSlBsdkp/75QYwGrtmmC6gohjMKIEc7 3Cd1+6DBN1ANHBW9GMHaaLGPgeyMvI03H6OLaeRJFeCAi2bnPZRZybV3eCVsi/Jod/ eCAflaVFEWv/e6dvWIscEFIPMiXGCX5quE9rdHEMiAaBwdIT0ICJdUOJcalKw0bDAl IhDo8RoCsMDVhCut3fKxDeI9t+A1pDxeeTi9PHpEGwYeb+hQJq3Ab0C+9paTsiIUne nfPji0e5kW4wg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:29 +0100 Subject: [PATCH v4 16/72] nstree: maintain list of owned namespaces Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-16-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=10111; i=brauner@kernel.org; h=from:subject:message-id; bh=WRA0I35exugbAjGukfF0PjSWvMFh88nJ9OMdudItzfM=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVseWEU258WZ6fPc64+i9V2l+XnpTPrl0lYSBuYd BTsqebvKGVhEONikBVTZHFoNwmXW85TsdkoUwNmDisTyBAGLk4BmAivFiPD/bfCRW/n2hU+/cbA rbnOQ3BlaNWW+DxNs50rXzVrT/nMxcjw2E45Y02dqGrC3QlPLwj+K9fUv/YkdZlSzv6qlJMbr71 iBwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 The namespace tree doesn't express the ownership concept of namespace appropriately. Maintain a list of directly owned namespaces per user namespace. This will allow userspace and the kernel to use the listns() system call to walk the namespace tree by owning user namespace. The rbtree is used to find the relevant namespace entry point which allows to continue iteration and the owner list can be used to walk the tree completely lock free. Signed-off-by: Christian Brauner --- fs/namespace.c | 2 ++ include/linux/ns_common.h | 6 +++++ init/version-timestamp.c | 2 ++ ipc/msgutil.c | 2 ++ kernel/cgroup/cgroup.c | 2 ++ kernel/nscommon.c | 4 +++ kernel/nstree.c | 68 +++++++++++++++++++++++++++++++++++++++++++= +++- kernel/pid.c | 2 ++ kernel/time/namespace.c | 2 ++ kernel/user.c | 2 ++ 10 files changed, 91 insertions(+), 1 deletion(-) diff --git a/fs/namespace.c b/fs/namespace.c index 22b4ff6ba134..3e0361c4c138 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -5995,6 +5995,8 @@ struct mnt_namespace init_mnt_ns =3D { .mounts =3D RB_ROOT, .poll =3D __WAIT_QUEUE_HEAD_INITIALIZER(init_mnt_ns.poll), .ns.ns_list_node =3D LIST_HEAD_INIT(init_mnt_ns.ns.ns_list_node), + .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_mnt_ns.ns.ns_owner_entry), + .ns.ns_owner =3D LIST_HEAD_INIT(init_mnt_ns.ns.ns_owner), }; =20 static void __init init_mount_tree(void) diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h index 88f27b678b4e..e4041603434e 100644 --- a/include/linux/ns_common.h +++ b/include/linux/ns_common.h @@ -117,6 +117,12 @@ struct ns_common { struct rb_node ns_tree_node; struct list_head ns_list_node; }; + struct /* namespace ownership rbtree and list */ { + struct rb_root ns_owner_tree; /* rbtree of namespaces owned by this na= mespace */ + struct list_head ns_owner; /* list of namespaces owned by this namespa= ce */ + struct rb_node ns_owner_tree_node; /* node in the owner namespace's rb= tree */ + struct list_head ns_owner_entry; /* node in the owner namespace's ns_o= wned list */ + }; atomic_t __ns_ref_active; /* do not use directly */ }; struct rcu_head ns_rcu; diff --git a/init/version-timestamp.c b/init/version-timestamp.c index c38498f94646..e5c278dabecf 100644 --- a/init/version-timestamp.c +++ b/init/version-timestamp.c @@ -22,6 +22,8 @@ struct uts_namespace init_uts_ns =3D { .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_uts_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_uts_ns.ns.ns_list_node), + .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_uts_ns.ns.ns_owner_entry), + .ns.ns_owner =3D LIST_HEAD_INIT(init_uts_ns.ns.ns_owner), #ifdef CONFIG_UTS_NS .ns.ops =3D &utsns_operations, #endif diff --git a/ipc/msgutil.c b/ipc/msgutil.c index d7c66b430470..ce1de73725c0 100644 --- a/ipc/msgutil.c +++ b/ipc/msgutil.c @@ -32,6 +32,8 @@ struct ipc_namespace init_ipc_ns =3D { .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_ipc_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_list_node), + .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_owner_entry), + .ns.ns_owner =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_owner), #ifdef CONFIG_IPC_NS .ns.ops =3D &ipcns_operations, #endif diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 45e470011c77..9fa082e2eb1a 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -258,6 +258,8 @@ struct cgroup_namespace init_cgroup_ns =3D { .root_cset =3D &init_css_set, .ns.ns_type =3D ns_common_type(&init_cgroup_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_cgroup_ns.ns.ns_list_node), + .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_cgroup_ns.ns.ns_owner_entry), + .ns.ns_owner =3D LIST_HEAD_INIT(init_cgroup_ns.ns.ns_owner), }; =20 static struct file_system_type cgroup2_fs_type; diff --git a/kernel/nscommon.c b/kernel/nscommon.c index 98a237be64bc..bd4cf8bb8a77 100644 --- a/kernel/nscommon.c +++ b/kernel/nscommon.c @@ -62,7 +62,11 @@ int __ns_common_init(struct ns_common *ns, u32 ns_type, = const struct proc_ns_ope ns->ns_type =3D ns_type; RB_CLEAR_NODE(&ns->ns_tree_node); RB_CLEAR_NODE(&ns->ns_unified_tree_node); + RB_CLEAR_NODE(&ns->ns_owner_tree_node); INIT_LIST_HEAD(&ns->ns_list_node); + ns->ns_owner_tree =3D RB_ROOT; + INIT_LIST_HEAD(&ns->ns_owner); + INIT_LIST_HEAD(&ns->ns_owner_entry); =20 #ifdef CONFIG_DEBUG_VFS ns_debug(ns, ops); diff --git a/kernel/nstree.c b/kernel/nstree.c index bd6b0a22fd8e..59ec7d6ba302 100644 --- a/kernel/nstree.c +++ b/kernel/nstree.c @@ -2,7 +2,9 @@ =20 #include #include +#include #include +#include =20 __cacheline_aligned_in_smp DEFINE_SEQLOCK(ns_tree_lock); static struct rb_root ns_unified_tree =3D RB_ROOT; /* protected by ns_tree= _lock */ @@ -100,6 +102,13 @@ static inline struct ns_common *node_to_ns_unified(con= st struct rb_node *node) return rb_entry(node, struct ns_common, ns_unified_tree_node); } =20 +static inline struct ns_common *node_to_ns_owner(const struct rb_node *nod= e) +{ + if (!node) + return NULL; + return rb_entry(node, struct ns_common, ns_owner_tree_node); +} + static inline int ns_cmp(struct rb_node *a, const struct rb_node *b) { struct ns_common *ns_a =3D node_to_ns(a); @@ -128,11 +137,27 @@ static inline int ns_cmp_unified(struct rb_node *a, c= onst struct rb_node *b) return 0; } =20 +static inline int ns_cmp_owner(struct rb_node *a, const struct rb_node *b) +{ + struct ns_common *ns_a =3D node_to_ns_owner(a); + struct ns_common *ns_b =3D node_to_ns_owner(b); + u64 ns_id_a =3D ns_a->ns_id; + u64 ns_id_b =3D ns_b->ns_id; + + if (ns_id_a < ns_id_b) + return -1; + if (ns_id_a > ns_id_b) + return 1; + return 0; +} + void __ns_tree_add_raw(struct ns_common *ns, struct ns_tree *ns_tree) { struct rb_node *node, *prev; + const struct proc_ns_operations *ops =3D ns->ops; =20 VFS_WARN_ON_ONCE(!ns->ns_id); + VFS_WARN_ON_ONCE(ns->ns_type !=3D ns_tree->type); =20 write_seqlock(&ns_tree_lock); =20 @@ -148,6 +173,30 @@ void __ns_tree_add_raw(struct ns_common *ns, struct ns= _tree *ns_tree) list_add_rcu(&ns->ns_list_node, &node_to_ns(prev)->ns_list_node); =20 rb_find_add_rcu(&ns->ns_unified_tree_node, &ns_unified_tree, ns_cmp_unifi= ed); + + if (ops) { + struct user_namespace *user_ns; + + VFS_WARN_ON_ONCE(!ops->owner); + user_ns =3D ops->owner(ns); + if (user_ns) { + struct ns_common *owner =3D &user_ns->ns; + VFS_WARN_ON_ONCE(owner->ns_type !=3D CLONE_NEWUSER); + + /* Insert into owner's rbtree */ + rb_find_add_rcu(&ns->ns_owner_tree_node, &owner->ns_owner_tree, ns_cmp_= owner); + + /* Insert into owner's list in sorted order */ + prev =3D rb_prev(&ns->ns_owner_tree_node); + if (!prev) + list_add_rcu(&ns->ns_owner_entry, &owner->ns_owner); + else + list_add_rcu(&ns->ns_owner_entry, &node_to_ns_owner(prev)->ns_owner_en= try); + } else { + /* Only the initial user namespace doesn't have an owner. */ + VFS_WARN_ON_ONCE(ns !=3D to_ns_common(&init_user_ns)); + } + } write_sequnlock(&ns_tree_lock); =20 VFS_WARN_ON_ONCE(node); @@ -163,6 +212,9 @@ void __ns_tree_add_raw(struct ns_common *ns, struct ns_= tree *ns_tree) =20 void __ns_tree_remove(struct ns_common *ns, struct ns_tree *ns_tree) { + const struct proc_ns_operations *ops =3D ns->ops; + struct user_namespace *user_ns; + VFS_WARN_ON_ONCE(RB_EMPTY_NODE(&ns->ns_tree_node)); VFS_WARN_ON_ONCE(list_empty(&ns->ns_list_node)); VFS_WARN_ON_ONCE(ns->ns_type !=3D ns_tree->type); @@ -170,8 +222,22 @@ void __ns_tree_remove(struct ns_common *ns, struct ns_= tree *ns_tree) write_seqlock(&ns_tree_lock); rb_erase(&ns->ns_tree_node, &ns_tree->ns_tree); rb_erase(&ns->ns_unified_tree_node, &ns_unified_tree); - list_bidir_del_rcu(&ns->ns_list_node); RB_CLEAR_NODE(&ns->ns_tree_node); + + list_bidir_del_rcu(&ns->ns_list_node); + + /* Remove from owner's rbtree if this namespace has an owner */ + if (ops) { + user_ns =3D ops->owner(ns); + if (user_ns) { + struct ns_common *owner =3D &user_ns->ns; + rb_erase(&ns->ns_owner_tree_node, &owner->ns_owner_tree); + RB_CLEAR_NODE(&ns->ns_owner_tree_node); + } + + list_bidir_del_rcu(&ns->ns_owner_entry); + } + write_sequnlock(&ns_tree_lock); } EXPORT_SYMBOL_GPL(__ns_tree_remove); diff --git a/kernel/pid.c b/kernel/pid.c index ec9051d387ee..8134c40b2584 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -80,6 +80,8 @@ struct pid_namespace init_pid_ns =3D { .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_pid_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_pid_ns.ns.ns_list_node), + .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_pid_ns.ns.ns_owner_entry), + .ns.ns_owner =3D LIST_HEAD_INIT(init_pid_ns.ns.ns_owner), #ifdef CONFIG_PID_NS .ns.ops =3D &pidns_operations, #endif diff --git a/kernel/time/namespace.c b/kernel/time/namespace.c index 68b67c68670d..f543c4a83229 100644 --- a/kernel/time/namespace.c +++ b/kernel/time/namespace.c @@ -484,6 +484,8 @@ struct time_namespace init_time_ns =3D { .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_time_ns), .ns.ops =3D &timens_operations, + .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_time_ns.ns.ns_owner_entry), + .ns.ns_owner =3D LIST_HEAD_INIT(init_time_ns.ns.ns_owner), .frozen_offsets =3D true, .ns.ns_list_node =3D LIST_HEAD_INIT(init_time_ns.ns.ns_list_node), }; diff --git a/kernel/user.c b/kernel/user.c index bf60532856db..e392768ccd44 100644 --- a/kernel/user.c +++ b/kernel/user.c @@ -72,6 +72,8 @@ struct user_namespace init_user_ns =3D { .group =3D GLOBAL_ROOT_GID, .ns.inum =3D ns_init_inum(&init_user_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_user_ns.ns.ns_list_node), + .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_user_ns.ns.ns_owner_entry), + .ns.ns_owner =3D LIST_HEAD_INIT(init_user_ns.ns.ns_owner), #ifdef CONFIG_USER_NS .ns.ops =3D &userns_operations, #endif --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B8C673451DB; Wed, 29 Oct 2025 12:22:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740524; cv=none; b=NkN0hd9vOtC83VBFoOVrQ9a6bAsw+pJcqgILn0xY4CVLc6O1755GrXTulXP0sD/2Dxy/cS7cQzeHkDAEHrDn+400iW93tvGAFrVVjEUQx1pvtbqJzPbBmqmb2Fhe/7DJuK6QiryM7q1hgcAf8NXzbkAGHnctHHzNgtHzp7jL4uk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740524; c=relaxed/simple; bh=96Z7otohCUrNqJl7r8gnx6tjRso9CQWk7dyZx4Mnc2A=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=qWNvuYmKkoKZDgV9h90mA4bG1vgY/yCtc8ctl7a13Irwt+KKz7NABaY2jfeAH4COYUCIOYxHfLTarmUpKlHV5tYsxPKZ0gGKMlmE7sOMWZNG4SZG50qykjg7GVACxxPHmmG+7IGX7QnOfjZDxuHWuhdZTT2Kb4UPHy7dw1EQFn0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=EltZ3oTK; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="EltZ3oTK" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2E3D6C4CEFF; Wed, 29 Oct 2025 12:22:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740524; bh=96Z7otohCUrNqJl7r8gnx6tjRso9CQWk7dyZx4Mnc2A=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=EltZ3oTK5dsrsqmcFJPqkhX1RynQ+/6+WTQ0gXHlhphXrTTXs93fEADcDz6YqrCqM usFHPwT5t/S2ADdtbErgv9rjEJy3tRPNK9q4MdoKnJQnSVQcl0tkkVPG++vHQ40J95 7OgCS/ghc3Erbfv2BXn9tEKHxIsjlq2huAVTlZ21hd2AG5Rm7BSwjTKdTcCs/GjusB FrFmKwaNTbIUC8Qb70zl27LYGlShOSVSDSZmyvZQ5h/ADXAbGVQpgquWRrls4FgQgX 2MGb56stXnTaIOcw5X65/xEO/+kGL8VsE/RGa9KfFO9PI5/XRMTA1yGQR/kBLXrBVE Fqh8+Rx0tpBCw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:30 +0100 Subject: [PATCH v4 17/72] nstree: simplify rbtree comparison helpers Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-17-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2145; i=brauner@kernel.org; h=from:subject:message-id; bh=96Z7otohCUrNqJl7r8gnx6tjRso9CQWk7dyZx4Mnc2A=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXs8fWZc5Dp3r2uQ+mxTun+3W/bnsQmuRVynsoLe /aG4cOijlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgIksi2T4p8Om/X/FuSYdxk0n +b/LhzefO7NtmU3Dlb9XcnpzT+1zzWL477MlOGV+U97cWrP3D1J2Lr/Qve7lu/m2L4K27yxl/O1 3iQkA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 They all do the same basic thing. Signed-off-by: Christian Brauner Reviewed-by: Jeff Layton --- kernel/nstree.c | 40 +++++++++++----------------------------- 1 file changed, 11 insertions(+), 29 deletions(-) diff --git a/kernel/nstree.c b/kernel/nstree.c index 59ec7d6ba302..1779fa314a7d 100644 --- a/kernel/nstree.c +++ b/kernel/nstree.c @@ -109,46 +109,28 @@ static inline struct ns_common *node_to_ns_owner(cons= t struct rb_node *node) return rb_entry(node, struct ns_common, ns_owner_tree_node); } =20 -static inline int ns_cmp(struct rb_node *a, const struct rb_node *b) +static int ns_id_cmp(u64 id_a, u64 id_b) { - struct ns_common *ns_a =3D node_to_ns(a); - struct ns_common *ns_b =3D node_to_ns(b); - u64 ns_id_a =3D ns_a->ns_id; - u64 ns_id_b =3D ns_b->ns_id; - - if (ns_id_a < ns_id_b) + if (id_a < id_b) return -1; - if (ns_id_a > ns_id_b) + if (id_a > id_b) return 1; return 0; } =20 -static inline int ns_cmp_unified(struct rb_node *a, const struct rb_node *= b) +static int ns_cmp(struct rb_node *a, const struct rb_node *b) { - struct ns_common *ns_a =3D node_to_ns_unified(a); - struct ns_common *ns_b =3D node_to_ns_unified(b); - u64 ns_id_a =3D ns_a->ns_id; - u64 ns_id_b =3D ns_b->ns_id; - - if (ns_id_a < ns_id_b) - return -1; - if (ns_id_a > ns_id_b) - return 1; - return 0; + return ns_id_cmp(node_to_ns(a)->ns_id, node_to_ns(b)->ns_id); } =20 -static inline int ns_cmp_owner(struct rb_node *a, const struct rb_node *b) +static int ns_cmp_unified(struct rb_node *a, const struct rb_node *b) { - struct ns_common *ns_a =3D node_to_ns_owner(a); - struct ns_common *ns_b =3D node_to_ns_owner(b); - u64 ns_id_a =3D ns_a->ns_id; - u64 ns_id_b =3D ns_b->ns_id; + return ns_id_cmp(node_to_ns_unified(a)->ns_id, node_to_ns_unified(b)->ns_= id); +} =20 - if (ns_id_a < ns_id_b) - return -1; - if (ns_id_a > ns_id_b) - return 1; - return 0; +static int ns_cmp_owner(struct rb_node *a, const struct rb_node *b) +{ + return ns_id_cmp(node_to_ns_owner(a)->ns_id, node_to_ns_owner(b)->ns_id); } =20 void __ns_tree_add_raw(struct ns_common *ns, struct ns_tree *ns_tree) --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4073833DEFD; Wed, 29 Oct 2025 12:22:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740533; cv=none; b=EoU1riA5M0miSiPAKQ85v7FEbPtsq/vhPQrq2VNDfNQ6DzWCR6hSTcQ88Vs/Gj3q8Kytyzj+4uzo3wRMfKJ5M+p+AaDCcqaSw0Z4vslfYrlYROH+OqYSzOjTuHMLpgqDANRejkQnWE3wtwOGz3C0H5QM3Q6LyYuLqyzgxF2DhNc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740533; c=relaxed/simple; bh=zBZ8k9vNKGmXFGtRmtowfVJFJn71uOWCNT+vTVEJ+6E=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=cfUtHSfArPNL1nV6crvMJFiGQLEUusGbNOTMKBJa5Q0a6Hqc9XwrN8V3hYP2/LZ5dsYHU87rlFxI/54ZWYJjFfx6/4ieFsDgohZ302K8R0RCEv/DBdDpZhJ0QPzGs422paTKgewx7RsY7B/xAwhcRtTuGPxOPqs4PNVdu6DL5Ro= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=UW8SoFp5; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="UW8SoFp5" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 17928C116B1; Wed, 29 Oct 2025 12:22:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740529; bh=zBZ8k9vNKGmXFGtRmtowfVJFJn71uOWCNT+vTVEJ+6E=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=UW8SoFp5uwVT3blwSS8V3GwymHuX9cctb5jeEDv+MYcbnLdjcGquBFCR2vSoMf2Oj Zqz65924uCquVOK2XjRqreA/kxiSb5exO2Dp/+oj6Dg62xohxk/7Ni25nVgpEkmd4o ndhpbWTkZ0f+dCK32Fsa72/1IRACpr7zoe8W7ER1mY7A0c29MrcFNVmXWV3Ubmmkfq KCz6Mq09peOXBWcKVC52DPu94aQP6Z5aEBQUVEj/CnZc8lk4hN0C3vjMcpRYSVF4kL Faj/poPBUYfWPkavsliD/tUmakIghotxGjUiV77Xr+eNqDGgOyP8bMIQcMmA9uXwIl E7W9qyjto1Rsw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:31 +0100 Subject: [PATCH v4 18/72] nstree: add unified namespace list Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-18-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=6556; i=brauner@kernel.org; h=from:subject:message-id; bh=zBZ8k9vNKGmXFGtRmtowfVJFJn71uOWCNT+vTVEJ+6E=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVqWTwJOlr+6aKotNxVR8fnSy+Y3an+plnErp6l0 cD9ySyno5SFQYyLQVZMkcWh3SRcbjlPxWajTA2YOaxMIEMYuDgFYCJLGBn+179i+q7H3/GOx+jW We7DLIvWPJwbaeo4W7RT7hYP/8eNRYwMe6PTp61VlhGZuOfiD6nf5obvZhX3VKyum+1p9rTsX/M EPgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Allow to walk the unified namespace list completely locklessly. Signed-off-by: Christian Brauner --- fs/namespace.c | 1 + init/version-timestamp.c | 1 + ipc/msgutil.c | 1 + kernel/cgroup/cgroup.c | 1 + kernel/nscommon.c | 1 + kernel/nstree.c | 13 ++++++++++++- kernel/pid.c | 1 + kernel/time/namespace.c | 1 + kernel/user.c | 1 + 9 files changed, 20 insertions(+), 1 deletion(-) diff --git a/fs/namespace.c b/fs/namespace.c index 3e0361c4c138..1cb4cc8f7f5f 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -5995,6 +5995,7 @@ struct mnt_namespace init_mnt_ns =3D { .mounts =3D RB_ROOT, .poll =3D __WAIT_QUEUE_HEAD_INITIALIZER(init_mnt_ns.poll), .ns.ns_list_node =3D LIST_HEAD_INIT(init_mnt_ns.ns.ns_list_node), + .ns.ns_unified_list_node =3D LIST_HEAD_INIT(init_mnt_ns.ns.ns_unified_lis= t_node), .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_mnt_ns.ns.ns_owner_entry), .ns.ns_owner =3D LIST_HEAD_INIT(init_mnt_ns.ns.ns_owner), }; diff --git a/init/version-timestamp.c b/init/version-timestamp.c index e5c278dabecf..cd6f435d5fde 100644 --- a/init/version-timestamp.c +++ b/init/version-timestamp.c @@ -22,6 +22,7 @@ struct uts_namespace init_uts_ns =3D { .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_uts_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_uts_ns.ns.ns_list_node), + .ns.ns_unified_list_node =3D LIST_HEAD_INIT(init_uts_ns.ns.ns_unified_lis= t_node), .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_uts_ns.ns.ns_owner_entry), .ns.ns_owner =3D LIST_HEAD_INIT(init_uts_ns.ns.ns_owner), #ifdef CONFIG_UTS_NS diff --git a/ipc/msgutil.c b/ipc/msgutil.c index ce1de73725c0..3708f325228d 100644 --- a/ipc/msgutil.c +++ b/ipc/msgutil.c @@ -32,6 +32,7 @@ struct ipc_namespace init_ipc_ns =3D { .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_ipc_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_list_node), + .ns.ns_unified_list_node =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_unified_lis= t_node), .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_owner_entry), .ns.ns_owner =3D LIST_HEAD_INIT(init_ipc_ns.ns.ns_owner), #ifdef CONFIG_IPC_NS diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 9fa082e2eb1a..a0eee0785080 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -258,6 +258,7 @@ struct cgroup_namespace init_cgroup_ns =3D { .root_cset =3D &init_css_set, .ns.ns_type =3D ns_common_type(&init_cgroup_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_cgroup_ns.ns.ns_list_node), + .ns.ns_unified_list_node =3D LIST_HEAD_INIT(init_cgroup_ns.ns.ns_unified_= list_node), .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_cgroup_ns.ns.ns_owner_entry), .ns.ns_owner =3D LIST_HEAD_INIT(init_cgroup_ns.ns.ns_owner), }; diff --git a/kernel/nscommon.c b/kernel/nscommon.c index bd4cf8bb8a77..affaf91c2074 100644 --- a/kernel/nscommon.c +++ b/kernel/nscommon.c @@ -64,6 +64,7 @@ int __ns_common_init(struct ns_common *ns, u32 ns_type, c= onst struct proc_ns_ope RB_CLEAR_NODE(&ns->ns_unified_tree_node); RB_CLEAR_NODE(&ns->ns_owner_tree_node); INIT_LIST_HEAD(&ns->ns_list_node); + INIT_LIST_HEAD(&ns->ns_unified_list_node); ns->ns_owner_tree =3D RB_ROOT; INIT_LIST_HEAD(&ns->ns_owner); INIT_LIST_HEAD(&ns->ns_owner_entry); diff --git a/kernel/nstree.c b/kernel/nstree.c index 1779fa314a7d..100145e5edd1 100644 --- a/kernel/nstree.c +++ b/kernel/nstree.c @@ -8,6 +8,7 @@ =20 __cacheline_aligned_in_smp DEFINE_SEQLOCK(ns_tree_lock); static struct rb_root ns_unified_tree =3D RB_ROOT; /* protected by ns_tree= _lock */ +static LIST_HEAD(ns_unified_list); /* protected by ns_tree_lock */ =20 /** * struct ns_tree - Namespace tree @@ -154,7 +155,13 @@ void __ns_tree_add_raw(struct ns_common *ns, struct ns= _tree *ns_tree) else list_add_rcu(&ns->ns_list_node, &node_to_ns(prev)->ns_list_node); =20 + /* Add to unified tree and list */ rb_find_add_rcu(&ns->ns_unified_tree_node, &ns_unified_tree, ns_cmp_unifi= ed); + prev =3D rb_prev(&ns->ns_unified_tree_node); + if (!prev) + list_add_rcu(&ns->ns_unified_list_node, &ns_unified_list); + else + list_add_rcu(&ns->ns_unified_list_node, &node_to_ns_unified(prev)->ns_un= ified_list_node); =20 if (ops) { struct user_namespace *user_ns; @@ -203,11 +210,15 @@ void __ns_tree_remove(struct ns_common *ns, struct ns= _tree *ns_tree) =20 write_seqlock(&ns_tree_lock); rb_erase(&ns->ns_tree_node, &ns_tree->ns_tree); - rb_erase(&ns->ns_unified_tree_node, &ns_unified_tree); RB_CLEAR_NODE(&ns->ns_tree_node); =20 list_bidir_del_rcu(&ns->ns_list_node); =20 + rb_erase(&ns->ns_unified_tree_node, &ns_unified_tree); + RB_CLEAR_NODE(&ns->ns_unified_tree_node); + + list_bidir_del_rcu(&ns->ns_unified_list_node); + /* Remove from owner's rbtree if this namespace has an owner */ if (ops) { user_ns =3D ops->owner(ns); diff --git a/kernel/pid.c b/kernel/pid.c index 8134c40b2584..22a0440a62fa 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -80,6 +80,7 @@ struct pid_namespace init_pid_ns =3D { .user_ns =3D &init_user_ns, .ns.inum =3D ns_init_inum(&init_pid_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_pid_ns.ns.ns_list_node), + .ns.ns_unified_list_node =3D LIST_HEAD_INIT(init_pid_ns.ns.ns_unified_lis= t_node), .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_pid_ns.ns.ns_owner_entry), .ns.ns_owner =3D LIST_HEAD_INIT(init_pid_ns.ns.ns_owner), #ifdef CONFIG_PID_NS diff --git a/kernel/time/namespace.c b/kernel/time/namespace.c index f543c4a83229..6a41269b1a5d 100644 --- a/kernel/time/namespace.c +++ b/kernel/time/namespace.c @@ -488,6 +488,7 @@ struct time_namespace init_time_ns =3D { .ns.ns_owner =3D LIST_HEAD_INIT(init_time_ns.ns.ns_owner), .frozen_offsets =3D true, .ns.ns_list_node =3D LIST_HEAD_INIT(init_time_ns.ns.ns_list_node), + .ns.ns_unified_list_node =3D LIST_HEAD_INIT(init_time_ns.ns.ns_unified_li= st_node), }; =20 void __init time_ns_init(void) diff --git a/kernel/user.c b/kernel/user.c index e392768ccd44..68fe16617d38 100644 --- a/kernel/user.c +++ b/kernel/user.c @@ -72,6 +72,7 @@ struct user_namespace init_user_ns =3D { .group =3D GLOBAL_ROOT_GID, .ns.inum =3D ns_init_inum(&init_user_ns), .ns.ns_list_node =3D LIST_HEAD_INIT(init_user_ns.ns.ns_list_node), + .ns.ns_unified_list_node =3D LIST_HEAD_INIT(init_user_ns.ns.ns_unified_li= st_node), .ns.ns_owner_entry =3D LIST_HEAD_INIT(init_user_ns.ns.ns_owner_entry), .ns.ns_owner =3D LIST_HEAD_INIT(init_user_ns.ns.ns_owner), #ifdef CONFIG_USER_NS --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 50DDE3563EC; Wed, 29 Oct 2025 12:22:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740536; cv=none; b=rIIDYYQ/rm0xecnY4CVf/fGl/ly1UGI4y7CHpMNe6EgJUxfak5399EIvzxj9SctHMLsokr6l5PmAEvMp/JR44K0IMuvxmUplKeqb87sNqgzuJ/KOCXNU3XLvmpM4DMPydrsdhKsnRyx8Mk68l9YB0V+QlKoLSbG/VjhotIDRQV8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740536; c=relaxed/simple; bh=ShENnzkEMpgS41SvvSQFc4SbAPdiAki0NaMv4seIeIM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=ZhL7TZlafxufv+8/Cle1ha1BnVBPaN887IbaHd7KPlpeWiY70yTdwBq5bdoEDDYZDF1k+RS8cNZOfeOeXvyMx1z/1JGGUpMfCEFZrSUeAv0XRyrM6wj115l2n3oi5doYgWFVlEaMX4oTWrhh2FPNAyXERShrxttXVyViTjk1x/U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=fc833d2r; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="fc833d2r" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 39915C4CEF7; Wed, 29 Oct 2025 12:22:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740534; bh=ShENnzkEMpgS41SvvSQFc4SbAPdiAki0NaMv4seIeIM=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=fc833d2rwZKAZd1ICQvKuIdX8ECt2e3RSaZ40EOQSe5aYQnWYhH8cLspIOmFRv3o7 mMLhfKTSdtwXLZAgMTZopmM9jFOMXOIGoJqCsZDKob3tj8YM91aAOQ7W2MUE0AXrMq pxDQwCNxTvV12sukvdu+TuY55+78KB7fRfQH38HG4ttZZXN3oi56S8WlwNQnbePO+K NDZm7c/D6YslgkYbSqIKOpW6ugqF8HFdqbPlr4BVEqJAW1r/d9fBuP2sYqZvpI1qbi pM43GY4kIvY+PpzpeKvkhOWeJvdooXgL+cOhCYZMpHUqpBI1nvZUYkjJoYWlETCvvN JZ3w/8jlo1img== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:32 +0100 Subject: [PATCH v4 19/72] nstree: add listns() Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-19-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=22853; i=brauner@kernel.org; h=from:subject:message-id; bh=ShENnzkEMpgS41SvvSQFc4SbAPdiAki0NaMv4seIeIM=; b=kA0DAAoWkcYbwGV43KIByyZiAGkCBo2jCH02JzNF90Ly+nHjwrOGN2KymmLFwyvZiOxJ0DFjQ Yh1BAAWCgAdFiEEQIc0Vx6nDHizMmkokcYbwGV43KIFAmkCBo0ACgkQkcYbwGV43KI6QQD/bZ7G jZgQN7nsV71eQ7lIhP8LFpZgyTeRGKs2wN/X+WQA/1Mvj0ejM3CQVgsoxjjMHHzp6k8iJ86LPP4 dCtCqaAAI X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Add a new listns() system call that allows userspace to iterate through namespaces in the system. This provides a programmatic interface to discover and inspect namespaces, enhancing existing namespace apis. Currently, there is no direct way for userspace to enumerate namespaces in the system. Applications must resort to scanning /proc//ns/ across all processes, which is: 1. Inefficient - requires iterating over all processes 2. Incomplete - misses inactive namespaces that aren't attached to any running process but are kept alive by file descriptors, bind mounts, or parent namespace references 3. Permission-heavy - requires access to /proc for many processes 4. No ordering or ownership. 5. No filtering per namespace type: Must always iterate and check all namespaces. The list goes on. The listns() system call solves these problems by providing direct kernel-level enumeration of namespaces. It is similar to listmount() but obviously tailored to namespaces. /* * @req: Pointer to struct ns_id_req specifying search parameters * @ns_ids: User buffer to receive namespace IDs * @nr_ns_ids: Size of ns_ids buffer (maximum number of IDs to return) * @flags: Reserved for future use (must be 0) */ ssize_t listns(const struct ns_id_req *req, u64 *ns_ids, size_t nr_ns_ids, unsigned int flags); Returns: - On success: Number of namespace IDs written to ns_ids - On error: Negative error code /* * @size: Structure size * @ns_id: Starting point for iteration; use 0 for first call, then * use the last returned ID for subsequent calls to paginate * @ns_type: Bitmask of namespace types to include (from enum ns_type): * 0: Return all namespace types * MNT_NS: Mount namespaces * NET_NS: Network namespaces * USER_NS: User namespaces * etc. Can be OR'd together * @user_ns_id: Filter results to namespaces owned by this user namespace: * 0: Return all namespaces (subject to permission checks) * LISTNS_CURRENT_USER: Namespaces owned by caller's user name= space * Other value: Namespaces owned by the specified user namespa= ce ID */ struct ns_id_req { __u32 size; /* sizeof(struct ns_id_req) */ __u32 spare; /* Reserved, must be 0 */ __u64 ns_id; /* Last seen namespace ID (for pagination) */ __u32 ns_type; /* Filter by namespace type(s) */ __u32 spare2; /* Reserved, must be 0 */ __u64 user_ns_id; /* Filter by owning user namespace */ }; Example 1: List all namespaces void list_all_namespaces(void) { struct ns_id_req req =3D { .size =3D sizeof(req), .ns_id =3D 0, /* Start from beginning */ .ns_type =3D 0, /* All types */ .user_ns_id =3D 0, /* All user namespaces */ }; uint64_t ids[100]; ssize_t ret; printf("All namespaces in the system:\n"); do { ret =3D listns(&req, ids, 100, 0); if (ret < 0) { perror("listns"); break; } for (ssize_t i =3D 0; i < ret; i++) printf(" Namespace ID: %llu\n", (unsigned long long)ids[i]); /* Continue from last seen ID */ if (ret > 0) req.ns_id =3D ids[ret - 1]; } while (ret =3D=3D 100); /* Buffer was full, more may exist */ } Example 2: List network namespaces only void list_network_namespaces(void) { struct ns_id_req req =3D { .size =3D sizeof(req), .ns_id =3D 0, .ns_type =3D NET_NS, /* Only network namespaces */ .user_ns_id =3D 0, }; uint64_t ids[100]; ssize_t ret; ret =3D listns(&req, ids, 100, 0); if (ret < 0) { perror("listns"); return; } printf("Network namespaces: %zd found\n", ret); for (ssize_t i =3D 0; i < ret; i++) printf(" netns ID: %llu\n", (unsigned long long)ids[i]); } Example 3: List namespaces owned by current user namespace void list_owned_namespaces(void) { struct ns_id_req req =3D { .size =3D sizeof(req), .ns_id =3D 0, .ns_type =3D 0, /* All types */ .user_ns_id =3D LISTNS_CURRENT_USER, /* Current userns */ }; uint64_t ids[100]; ssize_t ret; ret =3D listns(&req, ids, 100, 0); if (ret < 0) { perror("listns"); return; } printf("Namespaces owned by my user namespace: %zd\n", ret); for (ssize_t i =3D 0; i < ret; i++) printf(" ns ID: %llu\n", (unsigned long long)ids[i]); } Example 4: List multiple namespace types void list_network_and_mount_namespaces(void) { struct ns_id_req req =3D { .size =3D sizeof(req), .ns_id =3D 0, .ns_type =3D NET_NS | MNT_NS, /* Network and mount */ .user_ns_id =3D 0, }; uint64_t ids[100]; ssize_t ret; ret =3D listns(&req, ids, 100, 0); printf("Network and mount namespaces: %zd found\n", ret); } Example 5: Pagination through large namespace sets void list_all_with_pagination(void) { struct ns_id_req req =3D { .size =3D sizeof(req), .ns_id =3D 0, .ns_type =3D 0, .user_ns_id =3D 0, }; uint64_t ids[50]; size_t total =3D 0; ssize_t ret; printf("Enumerating all namespaces with pagination:\n"); while (1) { ret =3D listns(&req, ids, 50, 0); if (ret < 0) { perror("listns"); break; } if (ret =3D=3D 0) break; /* No more namespaces */ total +=3D ret; printf(" Batch: %zd namespaces\n", ret); /* Last ID in this batch becomes start of next batch */ req.ns_id =3D ids[ret - 1]; if (ret < 50) break; /* Partial batch =3D end of results */ } printf("Total: %zu namespaces\n", total); } Permission Model listns() respects namespace isolation and capabilities: (1) Global listing (user_ns_id =3D 0): - Requires CAP_SYS_ADMIN in the namespace's owning user namespace - OR the namespace must be in the caller's namespace context (e.g., a namespace the caller is currently using) - User namespaces additionally allow listing if the caller has CAP_SYS_ADMIN in that user namespace itself (2) Owner-filtered listing (user_ns_id !=3D 0): - Requires CAP_SYS_ADMIN in the specified owner user namespace - OR the namespace must be in the caller's namespace context - This allows unprivileged processes to enumerate namespaces they own (3) Visibility: - Only "active" namespaces are listed - A namespace is active if it has a non-zero __ns_ref_active count - This includes namespaces used by running processes, held by open file descriptors, or kept active by bind mounts - Inactive namespaces (kept alive only by internal kernel references) are not visible via listns() Signed-off-by: Christian Brauner --- fs/nsfs.c | 39 ++++ include/linux/ns_common.h | 2 + include/linux/syscalls.h | 4 + include/linux/user_namespace.h | 4 +- include/uapi/linux/nsfs.h | 44 +++++ kernel/nscommon.c | 2 +- kernel/nstree.c | 397 +++++++++++++++++++++++++++++++++++++= ++++ 7 files changed, 489 insertions(+), 3 deletions(-) diff --git a/fs/nsfs.c b/fs/nsfs.c index 201d6de53353..49864c479e80 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -471,6 +471,45 @@ static int nsfs_encode_fh(struct inode *inode, u32 *fh= , int *max_len, return FILEID_NSFS; } =20 +bool is_current_namespace(struct ns_common *ns) +{ + switch (ns->ns_type) { +#ifdef CONFIG_CGROUPS + case CLONE_NEWCGROUP: + return current_in_namespace(to_cg_ns(ns)); +#endif +#ifdef CONFIG_IPC_NS + case CLONE_NEWIPC: + return current_in_namespace(to_ipc_ns(ns)); +#endif + case CLONE_NEWNS: + return current_in_namespace(to_mnt_ns(ns)); +#ifdef CONFIG_NET_NS + case CLONE_NEWNET: + return current_in_namespace(to_net_ns(ns)); +#endif +#ifdef CONFIG_PID_NS + case CLONE_NEWPID: + return current_in_namespace(to_pid_ns(ns)); +#endif +#ifdef CONFIG_TIME_NS + case CLONE_NEWTIME: + return current_in_namespace(to_time_ns(ns)); +#endif +#ifdef CONFIG_USER_NS + case CLONE_NEWUSER: + return current_in_namespace(to_user_ns(ns)); +#endif +#ifdef CONFIG_UTS_NS + case CLONE_NEWUTS: + return current_in_namespace(to_uts_ns(ns)); +#endif + default: + VFS_WARN_ON_ONCE(true); + return false; + } +} + static struct dentry *nsfs_fh_to_dentry(struct super_block *sb, struct fid= *fh, int fh_len, int fh_type) { diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h index e4041603434e..241eb1e98e1d 100644 --- a/include/linux/ns_common.h +++ b/include/linux/ns_common.h @@ -129,8 +129,10 @@ struct ns_common { }; }; =20 +bool is_current_namespace(struct ns_common *ns); int __ns_common_init(struct ns_common *ns, u32 ns_type, const struct proc_= ns_operations *ops, int inum); void __ns_common_free(struct ns_common *ns); +struct ns_common *__must_check ns_owner(struct ns_common *ns); =20 static __always_inline bool is_initial_namespace(struct ns_common *ns) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 66c06fcdfe19..cf84d98964b2 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -77,6 +77,7 @@ struct cachestat_range; struct cachestat; struct statmount; struct mnt_id_req; +struct ns_id_req; struct xattr_args; struct file_attr; =20 @@ -437,6 +438,9 @@ asmlinkage long sys_statmount(const struct mnt_id_req _= _user *req, asmlinkage long sys_listmount(const struct mnt_id_req __user *req, u64 __user *mnt_ids, size_t nr_mnt_ids, unsigned int flags); +asmlinkage long sys_listns(const struct ns_id_req __user *req, + u64 __user *ns_ids, size_t nr_ns_ids, + unsigned int flags); asmlinkage long sys_truncate(const char __user *path, long length); asmlinkage long sys_ftruncate(unsigned int fd, off_t length); #if BITS_PER_LONG =3D=3D 32 diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h index 9a9aebbf96b9..9c3be157397e 100644 --- a/include/linux/user_namespace.h +++ b/include/linux/user_namespace.h @@ -166,13 +166,13 @@ static inline void set_userns_rlimit_max(struct user_= namespace *ns, ns->rlimit_max[type] =3D max <=3D LONG_MAX ? max : LONG_MAX; } =20 -#ifdef CONFIG_USER_NS - static inline struct user_namespace *to_user_ns(struct ns_common *ns) { return container_of(ns, struct user_namespace, ns); } =20 +#ifdef CONFIG_USER_NS + static inline struct user_namespace *get_user_ns(struct user_namespace *ns) { if (ns) diff --git a/include/uapi/linux/nsfs.h b/include/uapi/linux/nsfs.h index f8bc2aad74d6..a25e38d1c874 100644 --- a/include/uapi/linux/nsfs.h +++ b/include/uapi/linux/nsfs.h @@ -81,4 +81,48 @@ enum init_ns_id { #endif }; =20 +enum ns_type { + TIME_NS =3D (1ULL << 7), /* CLONE_NEWTIME */ + MNT_NS =3D (1ULL << 17), /* CLONE_NEWNS */ + CGROUP_NS =3D (1ULL << 25), /* CLONE_NEWCGROUP */ + UTS_NS =3D (1ULL << 26), /* CLONE_NEWUTS */ + IPC_NS =3D (1ULL << 27), /* CLONE_NEWIPC */ + USER_NS =3D (1ULL << 28), /* CLONE_NEWUSER */ + PID_NS =3D (1ULL << 29), /* CLONE_NEWPID */ + NET_NS =3D (1ULL << 30), /* CLONE_NEWNET */ +}; + +/** + * struct ns_id_req - namespace ID request structure + * @size: size of this structure + * @spare: reserved for future use + * @filter: filter mask + * @ns_id: last namespace id + * @user_ns_id: owning user namespace ID + * + * Structure for passing namespace ID and miscellaneous parameters to + * statns(2) and listns(2). + * + * For statns(2) @param represents the request mask. + * For listns(2) @param represents the last listed mount id (or zero). + */ +struct ns_id_req { + __u32 size; + __u32 spare; + __u64 ns_id; + struct /* listns */ { + __u32 ns_type; + __u32 spare2; + __u64 user_ns_id; + }; +}; + +/* + * Special @user_ns_id value that can be passed to listns() + */ +#define LISTNS_CURRENT_USER 0xffffffffffffffff /* Caller's userns */ + +/* List of all ns_id_req versions. */ +#define NS_ID_REQ_SIZE_VER0 32 /* sizeof first published struct */ + #endif /* __LINUX_NSFS_H */ diff --git a/kernel/nscommon.c b/kernel/nscommon.c index affaf91c2074..718429dfbf7e 100644 --- a/kernel/nscommon.c +++ b/kernel/nscommon.c @@ -97,7 +97,7 @@ void __ns_common_free(struct ns_common *ns) proc_free_inum(ns->inum); } =20 -static struct ns_common *ns_owner(struct ns_common *ns) +struct ns_common *__must_check ns_owner(struct ns_common *ns) { struct user_namespace *owner; =20 diff --git a/kernel/nstree.c b/kernel/nstree.c index 100145e5edd1..54e1a466f8fe 100644 --- a/kernel/nstree.c +++ b/kernel/nstree.c @@ -4,6 +4,7 @@ #include #include #include +#include #include =20 __cacheline_aligned_in_smp DEFINE_SEQLOCK(ns_tree_lock); @@ -376,3 +377,399 @@ u64 __ns_tree_gen_id(struct ns_common *ns, u64 id) ns->ns_id =3D atomic64_inc_return(&namespace_cookie); return ns->ns_id; } + +struct klistns { + u64 __user *uns_ids; + u32 nr_ns_ids; + u64 last_ns_id; + u64 user_ns_id; + u32 ns_type; + struct user_namespace *user_ns; + bool userns_capable; + struct ns_common *first_ns; +}; + +static void __free_klistns_free(const struct klistns *kls) +{ + if (kls->user_ns_id !=3D LISTNS_CURRENT_USER) + put_user_ns(kls->user_ns); + if (kls->first_ns && kls->first_ns->ops) + kls->first_ns->ops->put(kls->first_ns); +} + +#define NS_ALL (PID_NS | USER_NS | MNT_NS | UTS_NS | IPC_NS | NET_NS | CGR= OUP_NS | TIME_NS) + +static int copy_ns_id_req(const struct ns_id_req __user *req, + struct ns_id_req *kreq) +{ + int ret; + size_t usize; + + BUILD_BUG_ON(sizeof(struct ns_id_req) !=3D NS_ID_REQ_SIZE_VER0); + + ret =3D get_user(usize, &req->size); + if (ret) + return -EFAULT; + if (unlikely(usize > PAGE_SIZE)) + return -E2BIG; + if (unlikely(usize < NS_ID_REQ_SIZE_VER0)) + return -EINVAL; + memset(kreq, 0, sizeof(*kreq)); + ret =3D copy_struct_from_user(kreq, sizeof(*kreq), req, usize); + if (ret) + return ret; + if (kreq->spare !=3D 0) + return -EINVAL; + if (kreq->ns_type & ~NS_ALL) + return -EOPNOTSUPP; + return 0; +} + +static inline int prepare_klistns(struct klistns *kls, struct ns_id_req *k= req, + u64 __user *ns_ids, size_t nr_ns_ids) +{ + kls->last_ns_id =3D kreq->ns_id; + kls->user_ns_id =3D kreq->user_ns_id; + kls->nr_ns_ids =3D nr_ns_ids; + kls->ns_type =3D kreq->ns_type; + kls->uns_ids =3D ns_ids; + return 0; +} + +/* + * Lookup a namespace owned by owner with id >=3D ns_id. + * Returns the namespace with the smallest id that is >=3D ns_id. + */ +static struct ns_common *lookup_ns_owner_at(u64 ns_id, struct ns_common *o= wner) +{ + struct ns_common *ret =3D NULL; + struct rb_node *node; + + VFS_WARN_ON_ONCE(owner->ns_type !=3D CLONE_NEWUSER); + + read_seqlock_excl(&ns_tree_lock); + node =3D owner->ns_owner_tree.rb_node; + + while (node) { + struct ns_common *ns; + + ns =3D node_to_ns_owner(node); + if (ns_id <=3D ns->ns_id) { + ret =3D ns; + if (ns_id =3D=3D ns->ns_id) + break; + node =3D node->rb_left; + } else { + node =3D node->rb_right; + } + } + + if (ret) + ret =3D ns_get_unless_inactive(ret); + read_sequnlock_excl(&ns_tree_lock); + return ret; +} + +static struct ns_common *lookup_ns_id(u64 mnt_ns_id, int ns_type) +{ + struct ns_common *ns; + + guard(rcu)(); + ns =3D ns_tree_lookup_rcu(mnt_ns_id, ns_type); + if (!ns) + return NULL; + + if (!ns_get_unless_inactive(ns)) + return NULL; + + return ns; +} + +static inline bool __must_check ns_requested(const struct klistns *kls, + const struct ns_common *ns) +{ + return !kls->ns_type || (kls->ns_type & ns->ns_type); +} + +static inline bool __must_check may_list_ns(const struct klistns *kls, + struct ns_common *ns) +{ + if (kls->user_ns) { + if (kls->userns_capable) + return true; + } else { + struct ns_common *owner; + struct user_namespace *user_ns; + + owner =3D ns_owner(ns); + if (owner) + user_ns =3D to_user_ns(owner); + else + user_ns =3D &init_user_ns; + if (ns_capable_noaudit(user_ns, CAP_SYS_ADMIN)) + return true; + } + + if (is_current_namespace(ns)) + return true; + + if (ns->ns_type !=3D CLONE_NEWUSER) + return false; + + if (ns_capable_noaudit(to_user_ns(ns), CAP_SYS_ADMIN)) + return true; + + return false; +} + +static void __ns_put(struct ns_common *ns) +{ + if (ns->ops) + ns->ops->put(ns); +} + +DEFINE_FREE(ns_put, struct ns_common *, if (!IS_ERR_OR_NULL(_T)) __ns_put(= _T)) + +static inline struct ns_common *__must_check legitimize_ns(const struct kl= istns *kls, + struct ns_common *candidate) +{ + struct ns_common *ns __free(ns_put) =3D NULL; + + if (!ns_requested(kls, candidate)) + return NULL; + + ns =3D ns_get_unless_inactive(candidate); + if (!ns) + return NULL; + + if (!may_list_ns(kls, ns)) + return NULL; + + return no_free_ptr(ns); +} + +static ssize_t do_listns_userns(struct klistns *kls) +{ + u64 __user *ns_ids =3D kls->uns_ids; + size_t nr_ns_ids =3D kls->nr_ns_ids; + struct ns_common *ns =3D NULL, *first_ns =3D NULL; + const struct list_head *head; + ssize_t ret; + + VFS_WARN_ON_ONCE(!kls->user_ns_id); + + if (kls->user_ns_id =3D=3D LISTNS_CURRENT_USER) + ns =3D to_ns_common(current_user_ns()); + else if (kls->user_ns_id) + ns =3D lookup_ns_id(kls->user_ns_id, CLONE_NEWUSER); + if (!ns) + return -EINVAL; + kls->user_ns =3D to_user_ns(ns); + + /* + * Use the rbtree to find the first namespace we care about and + * then use it's list entry to iterate from there. + */ + if (kls->last_ns_id) { + kls->first_ns =3D lookup_ns_owner_at(kls->last_ns_id + 1, ns); + if (!kls->first_ns) + return -ENOENT; + first_ns =3D kls->first_ns; + } + + ret =3D 0; + head =3D &to_ns_common(kls->user_ns)->ns_owner; + kls->userns_capable =3D ns_capable_noaudit(kls->user_ns, CAP_SYS_ADMIN); + + rcu_read_lock(); + + if (!first_ns) + first_ns =3D list_entry_rcu(head->next, typeof(*ns), ns_owner_entry); + for (ns =3D first_ns; &ns->ns_owner_entry !=3D head && nr_ns_ids; + ns =3D list_entry_rcu(ns->ns_owner_entry.next, typeof(*ns), ns_owner= _entry)) { + struct ns_common *valid __free(ns_put); + + valid =3D legitimize_ns(kls, ns); + if (!valid) + continue; + + rcu_read_unlock(); + + if (put_user(valid->ns_id, ns_ids + ret)) + return -EINVAL; + nr_ns_ids--; + ret++; + + rcu_read_lock(); + } + + rcu_read_unlock(); + return ret; +} + +/* + * Lookup a namespace with id >=3D ns_id in either the unified tree or a t= ype-specific tree. + * Returns the namespace with the smallest id that is >=3D ns_id. + */ +static struct ns_common *lookup_ns_id_at(u64 ns_id, int ns_type) +{ + struct ns_common *ret =3D NULL; + struct ns_tree *ns_tree =3D NULL; + struct rb_node *node; + + if (ns_type) { + ns_tree =3D ns_tree_from_type(ns_type); + if (!ns_tree) + return NULL; + } + + read_seqlock_excl(&ns_tree_lock); + if (ns_tree) + node =3D ns_tree->ns_tree.rb_node; + else + node =3D ns_unified_tree.rb_node; + + while (node) { + struct ns_common *ns; + + if (ns_type) + ns =3D node_to_ns(node); + else + ns =3D node_to_ns_unified(node); + + if (ns_id <=3D ns->ns_id) { + if (ns_type) + ret =3D node_to_ns(node); + else + ret =3D node_to_ns_unified(node); + if (ns_id =3D=3D ns->ns_id) + break; + node =3D node->rb_left; + } else { + node =3D node->rb_right; + } + } + + if (ret) + ret =3D ns_get_unless_inactive(ret); + read_sequnlock_excl(&ns_tree_lock); + return ret; +} + +static inline struct ns_common *first_ns_common(const struct list_head *he= ad, + struct ns_tree *ns_tree) +{ + if (ns_tree) + return list_entry_rcu(head->next, struct ns_common, ns_list_node); + return list_entry_rcu(head->next, struct ns_common, ns_unified_list_node); +} + +static inline struct ns_common *next_ns_common(struct ns_common *ns, + struct ns_tree *ns_tree) +{ + if (ns_tree) + return list_entry_rcu(ns->ns_list_node.next, struct ns_common, ns_list_n= ode); + return list_entry_rcu(ns->ns_unified_list_node.next, struct ns_common, ns= _unified_list_node); +} + +static inline bool ns_common_is_head(struct ns_common *ns, + const struct list_head *head, + struct ns_tree *ns_tree) +{ + if (ns_tree) + return &ns->ns_list_node =3D=3D head; + return &ns->ns_unified_list_node =3D=3D head; +} + +static ssize_t do_listns(struct klistns *kls) +{ + u64 __user *ns_ids =3D kls->uns_ids; + size_t nr_ns_ids =3D kls->nr_ns_ids; + struct ns_common *ns, *first_ns =3D NULL; + struct ns_tree *ns_tree =3D NULL; + const struct list_head *head; + u32 ns_type; + ssize_t ret; + + if (hweight32(kls->ns_type) =3D=3D 1) + ns_type =3D kls->ns_type; + else + ns_type =3D 0; + + if (ns_type) { + ns_tree =3D ns_tree_from_type(ns_type); + if (!ns_tree) + return -EINVAL; + } + + if (kls->last_ns_id) { + kls->first_ns =3D lookup_ns_id_at(kls->last_ns_id + 1, ns_type); + if (!kls->first_ns) + return -ENOENT; + first_ns =3D kls->first_ns; + } + + ret =3D 0; + if (ns_tree) + head =3D &ns_tree->ns_list; + else + head =3D &ns_unified_list; + + rcu_read_lock(); + + if (!first_ns) + first_ns =3D first_ns_common(head, ns_tree); + + for (ns =3D first_ns; !ns_common_is_head(ns, head, ns_tree) && nr_ns_ids; + ns =3D next_ns_common(ns, ns_tree)) { + struct ns_common *valid __free(ns_put); + + valid =3D legitimize_ns(kls, ns); + if (!valid) + continue; + + rcu_read_unlock(); + + if (put_user(valid->ns_id, ns_ids + ret)) + return -EINVAL; + + nr_ns_ids--; + ret++; + + rcu_read_lock(); + } + + rcu_read_unlock(); + return ret; +} + +SYSCALL_DEFINE4(listns, const struct ns_id_req __user *, req, + u64 __user *, ns_ids, size_t, nr_ns_ids, unsigned int, flags) +{ + struct klistns klns __free(klistns_free) =3D {}; + const size_t maxcount =3D 1000000; + struct ns_id_req kreq; + ssize_t ret; + + if (flags) + return -EINVAL; + + if (unlikely(nr_ns_ids > maxcount)) + return -EOVERFLOW; + + if (!access_ok(ns_ids, nr_ns_ids * sizeof(*ns_ids))) + return -EFAULT; + + ret =3D copy_ns_id_req(req, &kreq); + if (ret) + return ret; + + ret =3D prepare_klistns(&klns, &kreq, ns_ids, nr_ns_ids); + if (ret) + return ret; + + if (kreq.user_ns_id) + return do_listns_userns(&klns); + + return do_listns(&klns); +} --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A7BD346763; Wed, 29 Oct 2025 12:22:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740540; cv=none; b=kjYLLsSzgABVUXjrCqatx6Y6+bEZ+k6s82A4fQwtqTa2uUvO3t5CvLqM9IsAqcwKHybA26IXtkTdoOCesowCCuF0YQoxabE1hrDFZKT/BM+DQvLIAqFU8FJkH2sDWYQ7SkeGKK60EDMFG2Idut8om8VVfRdxThVg2HnjTKKBGjw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740540; c=relaxed/simple; bh=tRwqy5SwFVniPr5V+qBsta76Evy4Uws4vCbVqOZukQo=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=S2nyT8J8aXuHdEP0m8gEGpzWiYY0CXIcQlqxQsNoGVHP2wdwzjoIZveduw6IXnMoK/1ZSKMfE+2AcpUNZitP1C4ZecLHVPyO0xxAdBHKRtaHX/hgAxF+qPlb48X69sJiZzfbWMxlfRqdo2LMVHu/A37EUQneuNog8x1b3/Jbq58= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=cjUaRSgZ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="cjUaRSgZ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3AE37C4CEFD; Wed, 29 Oct 2025 12:22:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740540; bh=tRwqy5SwFVniPr5V+qBsta76Evy4Uws4vCbVqOZukQo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=cjUaRSgZHqsJucr2tJmGpOxNkLUEEoZBE+MSivx56tpwqhYTs4MDPzK3OlRhJMMiR W+RPiTZ3ucjKF4c4/0sLVBuR0lEIxQoOSO82rwbzexlbLPGUjgd7qGeK8Hx9v8+TBe FuW/mC++ie9ScapywnYqSHfMX1++ZM1LYeT1/2chWwWoqxC09qqQNIUp8nax6VktTY o4eF/7ER04jrDMcyOMd0mP8japH6orWogVdB3jDqpXtEfwYnjQauJB+cgr7nc6U+4/ G/GYRJF97S2hGepdlEZ5Xq+czsxBo5XWD24Bp6jLILlM3V4c4TMsp7sU2fCyQ5n9qi /wQJegs1yGrOw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:33 +0100 Subject: [PATCH v4 20/72] arch: hookup listns() system call Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-20-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=8895; i=brauner@kernel.org; h=from:subject:message-id; bh=tRwqy5SwFVniPr5V+qBsta76Evy4Uws4vCbVqOZukQo=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVqtQloHMs90Rp9wPd2VdzNGDbTP+v9mx5LXTGOW 35iuti6jlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgImUFjD8U5y+OW96h/F562eC c3PnNT1y27s04djUI3eDuQMSFvpW+DMyrGESc7898fmfLYUi21/o/N6ylC8/W9brtGn8DIHXazr eMQIA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Add the listns() system call to all architectures. Signed-off-by: Christian Brauner --- arch/alpha/kernel/syscalls/syscall.tbl | 1 + arch/arm/tools/syscall.tbl | 1 + arch/arm64/tools/syscall_32.tbl | 1 + arch/m68k/kernel/syscalls/syscall.tbl | 1 + arch/microblaze/kernel/syscalls/syscall.tbl | 1 + arch/mips/kernel/syscalls/syscall_n32.tbl | 1 + arch/mips/kernel/syscalls/syscall_n64.tbl | 1 + arch/mips/kernel/syscalls/syscall_o32.tbl | 1 + arch/parisc/kernel/syscalls/syscall.tbl | 1 + arch/powerpc/kernel/syscalls/syscall.tbl | 1 + arch/s390/kernel/syscalls/syscall.tbl | 1 + arch/sh/kernel/syscalls/syscall.tbl | 1 + arch/sparc/kernel/syscalls/syscall.tbl | 1 + arch/x86/entry/syscalls/syscall_32.tbl | 1 + arch/x86/entry/syscalls/syscall_64.tbl | 1 + arch/xtensa/kernel/syscalls/syscall.tbl | 1 + include/uapi/asm-generic/unistd.h | 4 +++- scripts/syscall.tbl | 1 + 18 files changed, 20 insertions(+), 1 deletion(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/sys= calls/syscall.tbl index 16dca28ebf17..3fed97478058 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -509,3 +509,4 @@ 577 common open_tree_attr sys_open_tree_attr 578 common file_getattr sys_file_getattr 579 common file_setattr sys_file_setattr +580 common listns sys_listns diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index b07e699aaa3c..fd09afae72a2 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -484,3 +484,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/arch/arm64/tools/syscall_32.tbl b/arch/arm64/tools/syscall_32.= tbl index 8d9088bc577d..8cdfe5d4dac9 100644 --- a/arch/arm64/tools/syscall_32.tbl +++ b/arch/arm64/tools/syscall_32.tbl @@ -481,3 +481,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/sysca= lls/syscall.tbl index f41d38dfbf13..871a5d67bf41 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -469,3 +469,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/= kernel/syscalls/syscall.tbl index 580af574fe73..022fc85d94b3 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -475,3 +475,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/s= yscalls/syscall_n32.tbl index d824ffe9a014..8cedc83c3266 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -408,3 +408,4 @@ 467 n32 open_tree_attr sys_open_tree_attr 468 n32 file_getattr sys_file_getattr 469 n32 file_setattr sys_file_setattr +470 n32 listns sys_listns diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/s= yscalls/syscall_n64.tbl index 7a7049c2c307..9b92bddf06b5 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -384,3 +384,4 @@ 467 n64 open_tree_attr sys_open_tree_attr 468 n64 file_getattr sys_file_getattr 469 n64 file_setattr sys_file_setattr +470 n64 listns sys_listns diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/s= yscalls/syscall_o32.tbl index d330274f0601..f810b8a55716 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -457,3 +457,4 @@ 467 o32 open_tree_attr sys_open_tree_attr 468 o32 file_getattr sys_file_getattr 469 o32 file_setattr sys_file_setattr +470 o32 listns sys_listns diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/s= yscalls/syscall.tbl index 88a788a7b18d..39bdacaa530b 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -468,3 +468,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel= /syscalls/syscall.tbl index b453e80dfc00..ec4458cdb97b 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -560,3 +560,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/sysca= lls/syscall.tbl index 8a6744d658db..5863787ab036 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -472,3 +472,4 @@ 467 common open_tree_attr sys_open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr sys_file_setattr +470 common listns sys_listns sys_listns diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/= syscall.tbl index 5e9c9eff5539..969c11325ade 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -473,3 +473,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/sys= calls/syscall.tbl index ebb7d06d1044..39aa26b6a50b 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -515,3 +515,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscal= ls/syscall_32.tbl index 4877e16da69a..e979a3eac7a3 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -475,3 +475,4 @@ 467 i386 open_tree_attr sys_open_tree_attr 468 i386 file_getattr sys_file_getattr 469 i386 file_setattr sys_file_setattr +470 i386 listns sys_listns diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscal= ls/syscall_64.tbl index ced2a1deecd7..8a4ac4841be6 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -394,6 +394,7 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns =20 # # Due to a historical design error, certain syscalls are numbered differen= tly diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/s= yscalls/syscall.tbl index 374e4cb788d8..438a3b170402 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -440,3 +440,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/u= nistd.h index 04e0077fb4c9..942370b3f5d2 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -857,9 +857,11 @@ __SYSCALL(__NR_open_tree_attr, sys_open_tree_attr) __SYSCALL(__NR_file_getattr, sys_file_getattr) #define __NR_file_setattr 469 __SYSCALL(__NR_file_setattr, sys_file_setattr) +#define __NR_listns 470 +__SYSCALL(__NR_listns, sys_listns) =20 #undef __NR_syscalls -#define __NR_syscalls 470 +#define __NR_syscalls 471 =20 /* * 32 bit systems traditionally used different diff --git a/scripts/syscall.tbl b/scripts/syscall.tbl index d1ae5e92c615..e74868be513c 100644 --- a/scripts/syscall.tbl +++ b/scripts/syscall.tbl @@ -410,3 +410,4 @@ 467 common open_tree_attr sys_open_tree_attr 468 common file_getattr sys_file_getattr 469 common file_setattr sys_file_setattr +470 common listns sys_listns --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 11C66346763; Wed, 29 Oct 2025 12:22:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740545; cv=none; b=kq7iTlgTkZZ6cA9UMwpZkzcEOy4nY06lca+jY2/PWmP0lbpntOi2zrnxIjPXvrLRGbFUJ0oKXXerzB46vZH7tTNnYbAcXuGvfk9YDW3R2ukfVyg6TF8lR7athm4lcBKSBogoJ3zGRdn9AArUCQgYqGvMRBXEtVb28H/VM6+gnyY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740545; c=relaxed/simple; bh=1Vbdfejrzu8I2m1UigJuDF0ynX7SsD3EwMJY3zP1DiU=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=sgMbzrCZRm0FddajCPMYk/4KBJMhHK5qEeLn0YXZO11fMdpKRkoZUNdu7ME0Lozgh0LigV7RkCHOFMl43WWWYu4LRjrm+fZE6pOAS/OEFoJOwr4wLhxDOh8Bo6q8tDKHEraI/vD2MrsP+wSkFUZZhOAgBLIDDsJhwV0zo6O52Ds= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=avlouIab; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="avlouIab" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6BDF0C4CEF7; Wed, 29 Oct 2025 12:22:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740544; bh=1Vbdfejrzu8I2m1UigJuDF0ynX7SsD3EwMJY3zP1DiU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=avlouIab2XwEc4Nq4R9lfVNYlQB8K8SggpO4b+Q5CSnMUQY/uM0AdvEsDR1VMtr1i cm12Pn/75DhLSyWIgDpo+pfs8slDWSnuifA82qd19mrpChLIs0ODb2ZYOHCzgT2WPj 693Mz3pzMVdbOU9am0BLXNrM2NnS2QgEajXvepKMlMB6l52gsYRdXa++nHGpt2+Czb ROcCkhEGs+nnjK90Lj8koPcBM6ZVlrsBmQbZDp33LsYnxfaAPfNe+HWoxhuXLvStEC nY95ZRjVsHju0Kg6MwqjO5/YiMiCF7w5cHnC0nBlj22KHpJHXc6af2Igg7d0FlrCtx tw0CKpqSx++Kw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:34 +0100 Subject: [PATCH v4 21/72] nsfs: update tools header Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-21-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2616; i=brauner@kernel.org; h=from:subject:message-id; bh=1Vbdfejrzu8I2m1UigJuDF0ynX7SsD3EwMJY3zP1DiU=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWu28LRIxhccKXhv02e41xjO/1mHv43m7ff9C704 DFKYmfqKGVhEONikBVTZHFoNwmXW85TsdkoUwNmDisTyBAGLk4BmMjB7wz/Mwu7L589UCzN/t9U QeCWxp/0usfnXX96ijK++9Nz52MyJyPDLOG42lZ9Q26mWp6F6R9TJoWVrvDsE112hqf0l5mDsjY zAA== X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Ensure all the new uapi bits are visible for the selftests. Signed-off-by: Christian Brauner --- tools/include/uapi/linux/nsfs.h | 70 +++++++++++++++++++++++++++++++++++++= ++++ 1 file changed, 70 insertions(+) diff --git a/tools/include/uapi/linux/nsfs.h b/tools/include/uapi/linux/nsf= s.h index 33c9b578b3b2..a25e38d1c874 100644 --- a/tools/include/uapi/linux/nsfs.h +++ b/tools/include/uapi/linux/nsfs.h @@ -53,6 +53,76 @@ enum init_ns_ino { TIME_NS_INIT_INO =3D 0xEFFFFFFAU, NET_NS_INIT_INO =3D 0xEFFFFFF9U, MNT_NS_INIT_INO =3D 0xEFFFFFF8U, +#ifdef __KERNEL__ + MNT_NS_ANON_INO =3D 0xEFFFFFF7U, +#endif }; =20 +struct nsfs_file_handle { + __u64 ns_id; + __u32 ns_type; + __u32 ns_inum; +}; + +#define NSFS_FILE_HANDLE_SIZE_VER0 16 /* sizeof first published struct */ +#define NSFS_FILE_HANDLE_SIZE_LATEST sizeof(struct nsfs_file_handle) /* si= zeof latest published struct */ + +enum init_ns_id { + IPC_NS_INIT_ID =3D 1ULL, + UTS_NS_INIT_ID =3D 2ULL, + USER_NS_INIT_ID =3D 3ULL, + PID_NS_INIT_ID =3D 4ULL, + CGROUP_NS_INIT_ID =3D 5ULL, + TIME_NS_INIT_ID =3D 6ULL, + NET_NS_INIT_ID =3D 7ULL, + MNT_NS_INIT_ID =3D 8ULL, +#ifdef __KERNEL__ + NS_LAST_INIT_ID =3D MNT_NS_INIT_ID, +#endif +}; + +enum ns_type { + TIME_NS =3D (1ULL << 7), /* CLONE_NEWTIME */ + MNT_NS =3D (1ULL << 17), /* CLONE_NEWNS */ + CGROUP_NS =3D (1ULL << 25), /* CLONE_NEWCGROUP */ + UTS_NS =3D (1ULL << 26), /* CLONE_NEWUTS */ + IPC_NS =3D (1ULL << 27), /* CLONE_NEWIPC */ + USER_NS =3D (1ULL << 28), /* CLONE_NEWUSER */ + PID_NS =3D (1ULL << 29), /* CLONE_NEWPID */ + NET_NS =3D (1ULL << 30), /* CLONE_NEWNET */ +}; + +/** + * struct ns_id_req - namespace ID request structure + * @size: size of this structure + * @spare: reserved for future use + * @filter: filter mask + * @ns_id: last namespace id + * @user_ns_id: owning user namespace ID + * + * Structure for passing namespace ID and miscellaneous parameters to + * statns(2) and listns(2). + * + * For statns(2) @param represents the request mask. + * For listns(2) @param represents the last listed mount id (or zero). + */ +struct ns_id_req { + __u32 size; + __u32 spare; + __u64 ns_id; + struct /* listns */ { + __u32 ns_type; + __u32 spare2; + __u64 user_ns_id; + }; +}; + +/* + * Special @user_ns_id value that can be passed to listns() + */ +#define LISTNS_CURRENT_USER 0xffffffffffffffff /* Caller's userns */ + +/* List of all ns_id_req versions. */ +#define NS_ID_REQ_SIZE_VER0 32 /* sizeof first published struct */ + #endif /* __LINUX_NSFS_H */ --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BA700346763; Wed, 29 Oct 2025 12:22:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740550; cv=none; b=SdmILZDKhbgHbTXGxS2e0yeMLAWJ6W4rl21bq41o17RaSJOcRIHXDOBOb4y/sXp4kzZwzZktL/Ra2wnxhbt+FAT4TN0IMDSNp7tK9IA/gfbeu3aHkXbUYJnlcrK/EMEcrKFo3XusAXvXarzVeZcLRr2j/QCC4W5qS2mBE9bF8VY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740550; c=relaxed/simple; bh=5c8S8VpHc/7sZMeT1/SbhEW34RvFd3Tre08SPwP5pEQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Em/GMCjU82yzHrjOTY+IltzcQ7D97fTwck1HlDY8AorshE261wZXardQafzmN1eCCZ1nkeoCGLFXBitqPm/L10MkEL5pa8LxnqbriMf/dZaYCn0ERhI5JRS/RdwQ+fu1sEFYDcald7t+9zOKzNqzj0mPFyPK+hY6dBSJ/AiktLo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=SsGrgLfx; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="SsGrgLfx" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 64448C4CEF7; Wed, 29 Oct 2025 12:22:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740550; bh=5c8S8VpHc/7sZMeT1/SbhEW34RvFd3Tre08SPwP5pEQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=SsGrgLfxGFAPNjBFaanr021st19GL1uSaRJGSedIXt1IXWiTA4etGmGZoTCX+Pz1C mC1wGPmRIuN9J7msJJD8adiOh98Oihw8DrOVlUApyhUkk74/SBdBOHRP9TX35mAgPS +Ap9t1l2DS6rU/3TtOLYo+9aZqW5e33b83klXz0Nf5zOkdnYy9NuMuv0zTXck9fw7B wvUoK8vKemqjxL7BDgniWcOLh36u/vXApQvxTD3PqYR9+qrf6IZh2/KeKzR59+sONc wL+LMJmAbTwtmI0hsgULpP/ORrSuTeVxhHuls8Uiv/yvBVdXEviZ2wJ26f81j1rr2e PW+WZQDh4rInw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:35 +0100 Subject: [PATCH v4 22/72] selftests/filesystems: remove CLONE_NEWPIDNS from setup_userns() helper Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-22-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=852; i=brauner@kernel.org; h=from:subject:message-id; bh=5c8S8VpHc/7sZMeT1/SbhEW34RvFd3Tre08SPwP5pEQ=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfU2RnK9il70V8/5Ht/voh+LPmx/tTdp0u8N/7fpz orZ9+c8e0cpC4MYF4OsmCKLQ7tJuNxynorNRpkaMHNYmUCGMHBxCsBETJIY/socDnp8J0HYImj+ pbLstRu4o75F6QQrX9SRuBUjPsuTaz8jw7NrS0z5wjs6TZfyznecXqu4ZMH3OXtDPB3sxap3/No vzg4A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 This is effectively unused and doesn't really server any purpose after having reviewed all of the tests that rely on it. Signed-off-by: Christian Brauner --- tools/testing/selftests/filesystems/utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/filesystems/utils.c b/tools/testing/se= lftests/filesystems/utils.c index c43a69dffd83..a0c64f415a7f 100644 --- a/tools/testing/selftests/filesystems/utils.c +++ b/tools/testing/selftests/filesystems/utils.c @@ -487,7 +487,7 @@ int setup_userns(void) uid_t uid =3D getuid(); gid_t gid =3D getgid(); =20 - ret =3D unshare(CLONE_NEWNS|CLONE_NEWUSER|CLONE_NEWPID); + ret =3D unshare(CLONE_NEWNS|CLONE_NEWUSER); if (ret) { ksft_exit_fail_msg("unsharing mountns and userns: %s\n", strerror(errno)); --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F34403587C6; Wed, 29 Oct 2025 12:22:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740556; cv=none; b=mDmuQ63rO0tSJBfW1vUmeW+lkVPaK24avBwnvfJt/cgI9NZeuHDAs5t9hXCoqbP0eZsYJm6/lkoW9g8dTnCHwHx4qVpoej594I1YyvBq9U2Z3c+/9uVU4m6nzgH4GzgjVzq/pJYsR2zSeleXZ40YtmYQ5Rf98GxkLyzFUX1aSsA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740556; c=relaxed/simple; bh=zTxekEdjlVJZprVoI/00FXYGRRSOiQasmJAHzIPasqQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=mtL9TK+oJK0s3GTE52RsLGvyPfS7FhmCDG0JXleL5/BygcH1CmwlFMWUya1hfimpF/5uBeCy/9GbObrWRPACLlRFQK5rt9v8XNfi7EOto1LYefwcSJnrz1rZ1dXC/VQMCVaGl6em0M0Qyd0SkYLxGtTK68w+iDhpzO828yaTCus= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=jM1yd269; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="jM1yd269" Received: by smtp.kernel.org (Postfix) with ESMTPSA id CA455C4CEFD; Wed, 29 Oct 2025 12:22:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740555; bh=zTxekEdjlVJZprVoI/00FXYGRRSOiQasmJAHzIPasqQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=jM1yd269EMkvNsySCR6ex8DTW/h8M8YJEyyd/tWrYTOmiMbFafvDi45qyvad8Vsxh Z63Ka0+e0HW9gsvQJAyIoM26zyT0Iw1fewAuU/uL7Vyycn86s7l13l/BdlzJ+r78Wa LDNvTe7Kfj5Q9udJkmtOZkc0PPf9zAtq80bY68BqA/f6oityecDNfSvQMg2dNZXO7+ AInBbva7vAdQku6dd6yEUKxVxdb/WifW2tXXhcu9dSLwrKcK0TkpslNb/Dqg3kfG8f rKt9/X5PO5d18BVVXY+J9QgXb4AU3RT2NTx0AVdN32pCEiHEhcBMVgsq24jL48bC4s YoQzWcBbWnKgQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:36 +0100 Subject: [PATCH v4 23/72] selftests/namespaces: first active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-23-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3703; i=brauner@kernel.org; h=from:subject:message-id; bh=zTxekEdjlVJZprVoI/00FXYGRRSOiQasmJAHzIPasqQ=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXWbTrqfIgl4Z5awmqTx+v/aAlYSx5Iy1g8+9nTU L6JvJO2dZSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAExk5xmGf2qMQXv5maJV/ZYf eqvRrPekpPf1Qfas8LSbH+3798r/eMvwh7fQM5RzumuG2YKrJ9ZLl4gaOT3oV9V8MHVP/cbNNtw P+QA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that initial namespaces can be reopened via file handle. Initial namespaces should always have a ref count of one from boot. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/.gitignore | 1 + tools/testing/selftests/namespaces/Makefile | 5 +- .../selftests/namespaces/ns_active_ref_test.c | 74 ++++++++++++++++++= ++++ 3 files changed, 79 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/namespaces/.gitignore b/tools/testing/= selftests/namespaces/.gitignore index ccfb40837a73..100cc5bfef04 100644 --- a/tools/testing/selftests/namespaces/.gitignore +++ b/tools/testing/selftests/namespaces/.gitignore @@ -1,3 +1,4 @@ nsid_test file_handle_test init_ino_test +ns_active_ref_test diff --git a/tools/testing/selftests/namespaces/Makefile b/tools/testing/se= lftests/namespaces/Makefile index 5fe4b3dc07d3..5cea938cdde8 100644 --- a/tools/testing/selftests/namespaces/Makefile +++ b/tools/testing/selftests/namespaces/Makefile @@ -1,7 +1,10 @@ # SPDX-License-Identifier: GPL-2.0-only CFLAGS +=3D -Wall -O0 -g $(KHDR_INCLUDES) $(TOOLS_INCLUDES) +LDLIBS +=3D -lcap =20 -TEST_GEN_PROGS :=3D nsid_test file_handle_test init_ino_test +TEST_GEN_PROGS :=3D nsid_test file_handle_test init_ino_test ns_active_ref= _test =20 include ../lib.mk =20 +$(OUTPUT)/ns_active_ref_test: ../filesystems/utils.c + diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c new file mode 100644 index 000000000000..21514a537b26 --- /dev/null +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -0,0 +1,74 @@ +// SPDX-License-Identifier: GPL-2.0 +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "../filesystems/utils.h" + +#ifndef FD_NSFS_ROOT +#define FD_NSFS_ROOT -10003 /* Root of the nsfs filesystem */ +#endif + +/* + * Test that initial namespaces can be reopened via file handle. + * Initial namespaces should have active ref count of 1 from boot. + */ +TEST(init_ns_always_active) +{ + struct file_handle *handle; + int mount_id; + int ret; + int fd1, fd2; + struct stat st1, st2; + + handle =3D malloc(sizeof(*handle) + MAX_HANDLE_SZ); + ASSERT_NE(handle, NULL); + + /* Open initial network namespace */ + fd1 =3D open("/proc/1/ns/net", O_RDONLY); + ASSERT_GE(fd1, 0); + + /* Get file handle for initial namespace */ + handle->handle_bytes =3D MAX_HANDLE_SZ; + ret =3D name_to_handle_at(fd1, "", handle, &mount_id, AT_EMPTY_PATH); + if (ret < 0 && errno =3D=3D EOPNOTSUPP) { + SKIP(free(handle); close(fd1); + return, "nsfs doesn't support file handles"); + } + ASSERT_EQ(ret, 0); + + /* Close the namespace fd */ + close(fd1); + + /* Try to reopen via file handle - should succeed since init ns is always= active */ + fd2 =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + if (fd2 < 0 && (errno =3D=3D EINVAL || errno =3D=3D EOPNOTSUPP)) { + SKIP(free(handle); + return, "open_by_handle_at with FD_NSFS_ROOT not supported"); + } + ASSERT_GE(fd2, 0); + + /* Verify we opened the same namespace */ + fd1 =3D open("/proc/1/ns/net", O_RDONLY); + ASSERT_GE(fd1, 0); + ASSERT_EQ(fstat(fd1, &st1), 0); + ASSERT_EQ(fstat(fd2, &st2), 0); + ASSERT_EQ(st1.st_ino, st2.st_ino); + + close(fd1); + close(fd2); + free(handle); +} + +TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F2689346E41; Wed, 29 Oct 2025 12:22:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740561; cv=none; b=FwZE+WWvwEM8iXP5/D9VuIStRzGNALQrgw/Dckdqqr1yfval9KkbD2eGOTcRWmL6uJNxnDXgHPYERaLVfpCHzoXRstXfi151IBJ9dFk7SEoXDOVUr/VwpwDp0Uw1++VGQmgJBg8jhurcsrYo4886pb2vfWbHGzJ5jFpMEz3CSfc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740561; c=relaxed/simple; bh=VPZa5Pr6JMy6E6vudTcQn3gJk3UQIlVxfxrLDEyUgG4=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Mu8OP18UW13qgXMcTPjRe6QFKxr6wqAzZBNgtOTtmMB3Yhz1u54HfNidBGCfMyBb/2/49gsUHWdLmYwQ6CLHnZm1ej/Lh86LE+ibiDB6NQy8Yh9/fHAbPz5PqSZLYoCs3bq5c7xgBA3Or4p9/W3MDjj8NFmfQsaT3yV8FKqBFmI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=QnDRftP+; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="QnDRftP+" Received: by smtp.kernel.org (Postfix) with ESMTPSA id EB566C4CEF7; Wed, 29 Oct 2025 12:22:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740560; bh=VPZa5Pr6JMy6E6vudTcQn3gJk3UQIlVxfxrLDEyUgG4=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=QnDRftP+/72UgrstFsgXBNah7BFFUeC+Y9KZSTnzzYL602mk+D1G4MUQtbmI+1FFa uhRM+SXY5Aczu/9Ko73zIQHm9/v+JZissHn/CHnSjpwAwlz+hCX5tqZLclTslpT8LB 5drpEi09q1c3TnH8PtxzxQ4vWMlkD8hTwFGTHOYdSoEyQ8b+RFpUBqchmdk1qSPDeY nXwAp7rpIW0FjmB+ut3VeTj2kXorlGqS/BWmjXY5jro/xaeNnCHtbR88K9Atm9MKDJ 0TXClGdm7nqOqywNmyA67ez8xsNRdA777nMMwYl+wjWDrVDROq1GpTkM3Cg+freZn8 kunQaQ3/qhCyw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:37 +0100 Subject: [PATCH v4 24/72] selftests/namespaces: second active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-24-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2754; i=brauner@kernel.org; h=from:subject:message-id; bh=VPZa5Pr6JMy6E6vudTcQn3gJk3UQIlVxfxrLDEyUgG4=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXOsWKwFvXqeMrMwzHBZfHvQNMnJtJmLH5Tpr5We bNPY8KmjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgIksV2Vk+Ka+/MQ71Rpx9ZXX g64KsxYukNDYy2+2fGeL8vNbOn/PqzP8s3Wfq35vE//t2PkZBYITmGq+b+TQy+Wf/cI1cJvUvWc BnAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test namespace lifecycle: create a namespace in a child process, get a file handle while it's active, then try to reopen after the process exits (namespace becomes inactive). Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 81 ++++++++++++++++++= ++++ 1 file changed, 81 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 21514a537b26..7cade298c754 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -71,4 +71,85 @@ TEST(init_ns_always_active) free(handle); } =20 +/* + * Test namespace lifecycle: create a namespace in a child process, + * get a file handle while it's active, then try to reopen after + * the process exits (namespace becomes inactive). + */ +TEST(ns_inactive_after_exit) +{ + struct file_handle *handle; + int mount_id; + int ret; + int fd; + int pipefd[2]; + pid_t pid; + int status; + char buf[sizeof(*handle) + MAX_HANDLE_SZ]; + + /* Create pipe for passing file handle from child */ + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + close(pipefd[0]); + + /* Create new network namespace */ + ret =3D unshare(CLONE_NEWNET); + if (ret < 0) { + close(pipefd[1]); + exit(1); + } + + /* Open our new namespace */ + fd =3D open("/proc/self/ns/net", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + /* Get file handle for the namespace */ + handle =3D (struct file_handle *)buf; + handle->handle_bytes =3D MAX_HANDLE_SZ; + ret =3D name_to_handle_at(fd, "", handle, &mount_id, AT_EMPTY_PATH); + close(fd); + + if (ret < 0) { + close(pipefd[1]); + exit(1); + } + + /* Send handle to parent */ + write(pipefd[1], buf, sizeof(*handle) + handle->handle_bytes); + close(pipefd[1]); + + /* Exit - namespace should become inactive */ + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + + /* Read file handle from child */ + ret =3D read(pipefd[0], buf, sizeof(buf)); + close(pipefd[0]); + + /* Wait for child to exit */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_GT(ret, 0); + handle =3D (struct file_handle *)buf; + + /* Try to reopen namespace - should fail with ENOENT since it's inactive = */ + fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(fd, 0); + /* Should fail with ENOENT (namespace inactive) or ESTALE */ + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EDDA4310624; Wed, 29 Oct 2025 12:22:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740566; cv=none; b=omEqrFqggUoE2gjRplVFXnPl2ylX5D1DE90Y2s9061OGNDjf+PIx4Jh7zbWuBeiOa0StW6uVuEuOYCHhbwP+JBGB4PhoY3WV+9BJVse7gCT5FzhfbcX9+TzmMs4LFpT0vcsRFfIxqsJz00cm4You5fAABx5y1Dn1qaARqFlwhW8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740566; c=relaxed/simple; bh=aUj6NRVDEfXAvY88G+wOpYmY1IAUvRXs+4FwCz1W+QY=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=f/U0XpyapGBmoyqD4U+xpQ8PrTd5DZF42YFvL+s+7SKuOZw+UdUfwjF/dw7lqKgEQuIGxJ1ZR/OaL/POl2dSY+U0GLNkXQ1JKSvRf66TofvwjNmaL8YkL6FOPZHmDp64mYO+wfFKs/eVEpTkOWaVc0W8NlAtOsIqz9mAvOcr0gw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=jnw1aMB2; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="jnw1aMB2" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1471CC4CEFD; Wed, 29 Oct 2025 12:22:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740565; bh=aUj6NRVDEfXAvY88G+wOpYmY1IAUvRXs+4FwCz1W+QY=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=jnw1aMB2/mFYOeS4oJ7GrQyGWmVZBCpi/0ToK43HUjZMLS3fWTnMTDCOwA7yRosiC 2rga7pe3YBN5aG0HYr264QwmwGInYFeMLwL6ewlDX5Z2MQpqhd6aE4y/+WpTOSeHfx hp3EL+ygd6CMjN5hN/RleS7csNqh0oifawdtxGDNEPlCX2LRM0OmIpWXIazuHBQObm beMMkXnegQ+gc+1mmzT6lX3VZDxmXVinM8hzm/bytSrKnOwdXwtW2/RKFGAnLotXjz 8C5TgXL33PqrZpoFQLV3iZG4uD5wN/9LdIbMEJSE7L+9ftLofCHfSEHkYwfm++XJtZ xJ3rCi2djX46g== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:38 +0100 Subject: [PATCH v4 25/72] selftests/namespaces: third active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-25-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3551; i=brauner@kernel.org; h=from:subject:message-id; bh=aUj6NRVDEfXAvY88G+wOpYmY1IAUvRXs+4FwCz1W+QY=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfW+Wf21aMLcuFV1TJZp4Zq9bszFGZe/PIqPW7jMQ t8xdcq2jlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgIk8fMHwz+qY5PIH8hK36kVc gi6fnhcccSP464xly9Zbvohv3egSv47hN/vb8I9H0wpNd4s5cf21tfpoEnVdhI/5nHbiVZ46vSJ /dgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that a namespace remains active while a process is using it, even after the creating process exits. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 124 +++++++++++++++++= ++++ 1 file changed, 124 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 7cade298c754..c2e34de7a3a9 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -152,4 +152,128 @@ TEST(ns_inactive_after_exit) ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); } =20 +/* + * Test that a namespace remains active while a process is using it, + * even after the creating process exits. + */ +TEST(ns_active_with_multiple_processes) +{ + struct file_handle *handle; + int mount_id; + int ret; + int fd; + int pipefd[2]; + int syncpipe[2]; + pid_t pid1, pid2; + int status; + char buf[sizeof(*handle) + MAX_HANDLE_SZ]; + char sync_byte; + + /* Create pipes for communication */ + ASSERT_EQ(pipe(pipefd), 0); + ASSERT_EQ(pipe(syncpipe), 0); + + pid1 =3D fork(); + ASSERT_GE(pid1, 0); + + if (pid1 =3D=3D 0) { + /* First child - creates namespace */ + close(pipefd[0]); + close(syncpipe[1]); + + /* Create new network namespace */ + ret =3D unshare(CLONE_NEWNET); + if (ret < 0) { + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + + /* Open and get handle */ + fd =3D open("/proc/self/ns/net", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + + handle =3D (struct file_handle *)buf; + handle->handle_bytes =3D MAX_HANDLE_SZ; + ret =3D name_to_handle_at(fd, "", handle, &mount_id, AT_EMPTY_PATH); + close(fd); + + if (ret < 0) { + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + + /* Send handle to parent */ + write(pipefd[1], buf, sizeof(*handle) + handle->handle_bytes); + close(pipefd[1]); + + /* Wait for signal before exiting */ + read(syncpipe[0], &sync_byte, 1); + close(syncpipe[0]); + exit(0); + } + + /* Parent reads handle */ + close(pipefd[1]); + ret =3D read(pipefd[0], buf, sizeof(buf)); + close(pipefd[0]); + ASSERT_GT(ret, 0); + + handle =3D (struct file_handle *)buf; + + /* Create second child that will keep namespace active */ + pid2 =3D fork(); + ASSERT_GE(pid2, 0); + + if (pid2 =3D=3D 0) { + /* Second child - reopens the namespace */ + close(syncpipe[0]); + close(syncpipe[1]); + + /* Open the namespace via handle */ + fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + if (fd < 0) { + exit(1); + } + + /* Join the namespace */ + ret =3D setns(fd, CLONE_NEWNET); + close(fd); + if (ret < 0) { + exit(1); + } + + /* Sleep to keep namespace active */ + sleep(1); + exit(0); + } + + /* Let second child enter the namespace */ + usleep(100000); /* 100ms */ + + /* Signal first child to exit */ + close(syncpipe[0]); + sync_byte =3D 'X'; + write(syncpipe[1], &sync_byte, 1); + close(syncpipe[1]); + + /* Wait for first child */ + waitpid(pid1, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + + /* Namespace should still be active because second child is using it */ + fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_GE(fd, 0); + close(fd); + + /* Wait for second child */ + waitpid(pid2, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E1D40346E60; Wed, 29 Oct 2025 12:22:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740571; cv=none; b=naLUjtdDr8KRvfiI3OJ3tvcu1YInYak73zuzPTym6UDRy7o8q7Jk4rUkQL4B1xuO9YcF6rILSV17KR70mKOton83buU+Tzh0C6Gm+lO3sqN5e6jYZWXfIblS4VID1/0j5c0BEWz39wxeAdbcqSfGNq3NJXl5mqx1F7J7vnQfQ7U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740571; c=relaxed/simple; bh=e8EI0iOiQx8fHK9+00tBtoOgGlNpcvVChJMa2f3XulI=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=MhwSHViMOVhxFGdNFdxV9LUX62ylYdk7D31qEQ/vuj8YXuMjhEWv2ZHb8HjJpHJITSjCfhdqn/5EK+Paz6jJJbwBcRoYmxajinE0OpbydmqjyD4UzH6m1vvsfzWe4scroLueWZmqv984JENSg7F4hkoRlwfERtLNg4sZVEdOMA4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=sCHsGA/4; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="sCHsGA/4" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0CE57C4CEF7; Wed, 29 Oct 2025 12:22:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740570; bh=e8EI0iOiQx8fHK9+00tBtoOgGlNpcvVChJMa2f3XulI=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=sCHsGA/4hrBYx/I2LULBDsifN8HT60yBLZGQk+tlxDNdDIXbCglZjwwMZxAKawZTt M4qjzLAD3cO8tb7i/83H3wLHRHWiBG909EciDRAucGuuin9C+TM8NXxmgXNqlzuujm dlcJx1Ng4Zxef7Abz6AEzIGyhv1qeXLSzq+xzRVxBwJTkRmRtvSszigruN17Xe4hvR iJrlg79bqytz1GHdMzctqkJwmxJC3LGplKNxgkD8FFogq9UJWic77cNMQRxalmOr+7 mFXDJDY4fguWUaYq4Qfm++eLm4XKKo+NCxKQueJVxMwZBkXPsnXelFHw4jIF3aBppr K48kcsHNJZZiA== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:39 +0100 Subject: [PATCH v4 26/72] selftests/namespaces: fourth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-26-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2891; i=brauner@kernel.org; h=from:subject:message-id; bh=e8EI0iOiQx8fHK9+00tBtoOgGlNpcvVChJMa2f3XulI=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUKvHvrtuZkvNh919X+T/ee2LGmKKZX7dmpMEfGt M0P8goCO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACbS7czI8Mf/pUHcSkeZaTVS HwXazpTH3Hpx78KJ+qKdn3TsbRhXVjMytK63jGzc9clz7fRIq//Bxfu3d2bf3p//l60hxH5Zx4V 2ZgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test user namespace active ref tracking via credential lifecycle. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 90 ++++++++++++++++++= ++++ 1 file changed, 90 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index c2e34de7a3a9..396066e641da 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -276,4 +276,94 @@ TEST(ns_active_with_multiple_processes) ASSERT_TRUE(WIFEXITED(status)); } =20 +/* + * Test user namespace active ref tracking via credential lifecycle + */ +TEST(userns_active_ref_lifecycle) +{ + struct file_handle *handle; + int mount_id; + int ret; + int fd; + int pipefd[2]; + pid_t pid; + int status; + char buf[sizeof(*handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + close(pipefd[0]); + + /* Create new user namespace */ + ret =3D unshare(CLONE_NEWUSER); + if (ret < 0) { + close(pipefd[1]); + exit(1); + } + + /* Set up uid/gid mappings */ + int uid_map_fd =3D open("/proc/self/uid_map", O_WRONLY); + int gid_map_fd =3D open("/proc/self/gid_map", O_WRONLY); + int setgroups_fd =3D open("/proc/self/setgroups", O_WRONLY); + + if (uid_map_fd >=3D 0 && gid_map_fd >=3D 0 && setgroups_fd >=3D 0) { + write(setgroups_fd, "deny", 4); + close(setgroups_fd); + + char mapping[64]; + snprintf(mapping, sizeof(mapping), "0 %d 1", getuid()); + write(uid_map_fd, mapping, strlen(mapping)); + close(uid_map_fd); + + snprintf(mapping, sizeof(mapping), "0 %d 1", getgid()); + write(gid_map_fd, mapping, strlen(mapping)); + close(gid_map_fd); + } + + /* Get file handle */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + handle =3D (struct file_handle *)buf; + handle->handle_bytes =3D MAX_HANDLE_SZ; + ret =3D name_to_handle_at(fd, "", handle, &mount_id, AT_EMPTY_PATH); + close(fd); + + if (ret < 0) { + close(pipefd[1]); + exit(1); + } + + /* Send handle to parent */ + write(pipefd[1], buf, sizeof(*handle) + handle->handle_bytes); + close(pipefd[1]); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + ret =3D read(pipefd[0], buf, sizeof(buf)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_GT(ret, 0); + handle =3D (struct file_handle *)buf; + + /* Namespace should be inactive after all tasks exit */ + fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(fd, 0); + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 248CC283124; Wed, 29 Oct 2025 12:22:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740576; cv=none; b=s75F9MXVGiCLB+L68dntyFHW/SiHPV3YE2q+tQ42FAM62ZbuJnB2TWx4m02PVDZVTk83TJzXIgx9w5L8Qb0hFzO2iGZDN1w9ibcJR55n5dmzMiAexflOR8I2OEYP1qex+999ON1nAOlY7abMc0+06DFeisZNzRg9fL5DLpJUmik= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740576; c=relaxed/simple; bh=9GvGWgJa/IpvNzb6FhYrFg2g1xbeoNS/+Dh15oRdkuU=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=bfpcY8lP+2njJpY3J45AqcKVCu6s2eUwOGvyAvl9eZ3n9Ljv85jUHECl92iA3F5q0QNUXEh0OYcA2EiDNG6C34rDlgeWMcCL1XE3hCTGBkxO3S9FGHJ59Sdq6VmimZOrq8rvOU8OtHnBPhsDNr7xJQYlHbkyY3HIRb80bjiXst8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=KcTr1YOJ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="KcTr1YOJ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 00362C4CEFD; Wed, 29 Oct 2025 12:22:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740575; bh=9GvGWgJa/IpvNzb6FhYrFg2g1xbeoNS/+Dh15oRdkuU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=KcTr1YOJeFBS7wVRIDRzzut5Bb3GTA0vh7YIWTEcMGonTOgOgNWfyILHOX7q6TmAc jzF70xcKFeRw2rmAdgQMJDjcJ5f0tOwQUIbYu+olvMonx053ka94OoYIgopN5YM/cI IZ86UxvY3aSCZTMbZtAkjcIcjoUFyUZDmYv1uLj6p2A17iChMUDgQmJz01/RnCLlqf XxZFBCvtWGzSMYdJejevswgb5M2uO+sWSoV12HTFk71jD3GwfXtvZiNVfOSeNt5TQm bZS2WT98YT8gWl6JZD+S+rxq0JOQxtGJPs2Rq0AiX/yNmw09w//eJETCEjwwgL+Z3K OphDjvAEaCVGA== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:40 +0100 Subject: [PATCH v4 27/72] selftests/namespaces: fifth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-27-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2433; i=brauner@kernel.org; h=from:subject:message-id; bh=9GvGWgJa/IpvNzb6FhYrFg2g1xbeoNS/+Dh15oRdkuU=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUW/O7h4E7OnRoqzPnd/fEfQ/8Pdzdf/Pvug7GDo sN3ps1fOkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACZyTYeR4YUlR3dmuXB8z4f1 c04Umisl/w62YBJe4PrI2LrAefqLbIb/NQdNfomsPr8v4eaG+uwnxRdsttruKnL1NOab5T8vdl8 JCwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test PID namespace active ref tracking Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 82 ++++++++++++++++++= ++++ 1 file changed, 82 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 396066e641da..f4e92b772f70 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -366,4 +366,86 @@ TEST(userns_active_ref_lifecycle) ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); } =20 +/* + * Test PID namespace active ref tracking + */ +TEST(pidns_active_ref_lifecycle) +{ + struct file_handle *handle; + int mount_id; + int ret; + int fd; + int pipefd[2]; + pid_t pid; + int status; + char buf[sizeof(*handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + close(pipefd[0]); + + /* Create new PID namespace */ + ret =3D unshare(CLONE_NEWPID); + if (ret < 0) { + close(pipefd[1]); + exit(1); + } + + /* Fork to actually enter the PID namespace */ + pid_t child =3D fork(); + if (child < 0) { + close(pipefd[1]); + exit(1); + } + + if (child =3D=3D 0) { + /* Grandchild - in new PID namespace */ + fd =3D open("/proc/self/ns/pid", O_RDONLY); + if (fd < 0) { + exit(1); + } + + handle =3D (struct file_handle *)buf; + handle->handle_bytes =3D MAX_HANDLE_SZ; + ret =3D name_to_handle_at(fd, "", handle, &mount_id, AT_EMPTY_PATH); + close(fd); + + if (ret < 0) { + exit(1); + } + + /* Send handle to grandparent */ + write(pipefd[1], buf, sizeof(*handle) + handle->handle_bytes); + close(pipefd[1]); + exit(0); + } + + /* Wait for grandchild */ + waitpid(child, NULL, 0); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + ret =3D read(pipefd[0], buf, sizeof(buf)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_GT(ret, 0); + handle =3D (struct file_handle *)buf; + + /* Namespace should be inactive after all processes exit */ + fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(fd, 0); + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C9CB9283124; Wed, 29 Oct 2025 12:23:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740580; cv=none; b=SjaKaD/aIdeMzcOUK3RWFWtPB1SbxFx5eXhBI1uengvx8+xlR7ZErcQnfOK6W0vtw+zWM3ZFZwnbxZUuTsV0m7cnk47fOJB7A02x5UEDXvgVsTc4Qx5AoJzrJfsaWcBd9PTZIyH3GMtrRnPNSAtumFflFCbALkfEt61UsFpZZ4s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740580; c=relaxed/simple; bh=zOSZXXVQ1jVkT7WHK+88OLa6Cp/PXPPixfxVAVT9vUI=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=intvNTD/3o0mZiWqEuRol36GnNd1ImiJRcrUUauwEdC6eqbZzcrGjrc76aB0dHgmzT62YJZK4WFO2o9XMVWrx2yJwf0BIPznaz7kiM5n1SUi0/Z6f3xDg7V9myhMV4Fz6f7TGbJKSDWjuWys09F5acDYXvCbVToFpZKWAr5fscU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=pF3sY0bU; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="pF3sY0bU" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 31C7DC4CEFF; Wed, 29 Oct 2025 12:22:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740580; bh=zOSZXXVQ1jVkT7WHK+88OLa6Cp/PXPPixfxVAVT9vUI=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=pF3sY0bUKeKQKSFV/M0SbqE1dcZRoZgodV95fy7X6SlAlverqnHXm6yBcWz6J5l+c qeAT6DQkcvHcHQoR58sG+W+CWwlaKlXgunPWbAMVz4sUXd9CP2s0TUHClGeKqu3SkK TfK0Rmtcs0qUHSCqLs4jWfjg94RNlPpI1lsxllBl0XQTx+ZN/Wo4L3nKfDMb1cqYWa kKGG394cJMTycufOgA4Tjus+UKL3lFhDbWKpuJ2AwHk18LCRRDBg0crecPHYD6v+Jg //JPS9lwjqE7dG+bMqZLJSV9XwfMw04hYNCMQBLOMR489NNXzvxyxDPYKRx9HanhWV hu361/j6hntLg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:41 +0100 Subject: [PATCH v4 28/72] selftests/namespaces: sixth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-28-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=5791; i=brauner@kernel.org; h=from:subject:message-id; bh=zOSZXXVQ1jVkT7WHK+88OLa6Cp/PXPPixfxVAVT9vUI=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfX+M7oQ9CqwSdg3c477bg91fWabd9bhbDuYd35tl NnwSKqmo5SFQYyLQVZMkcWh3SRcbjlPxWajTA2YOaxMIEMYuDgFYCLJ9xj+B3q0nz/044Z5R/dS 30uze3TMvsUcVuY12hjbviVGN+N4IcP/XLZLwbaGDz4E3eX/qPLqpP6OiatsOnrfzk+M9+YrlD3 ODwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that an open file descriptor keeps a namespace active. Even after the creating process exits, the namespace should remain active as long as an fd is held open. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 155 +++++++++++++++++= ++++ 1 file changed, 155 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index f4e92b772f70..50653096fcb6 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -448,4 +448,159 @@ TEST(pidns_active_ref_lifecycle) ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); } =20 +/* + * Test that an open file descriptor keeps a namespace active. + * Even after the creating process exits, the namespace should remain + * active as long as an fd is held open. + */ +TEST(ns_fd_keeps_active) +{ + struct file_handle *handle; + int mount_id; + int ret; + int nsfd; + int pipe_child_ready[2]; + int pipe_parent_ready[2]; + pid_t pid; + int status; + char buf[sizeof(*handle) + MAX_HANDLE_SZ]; + char sync_byte; + char proc_path[64]; + + ASSERT_EQ(pipe(pipe_child_ready), 0); + ASSERT_EQ(pipe(pipe_parent_ready), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + close(pipe_child_ready[0]); + close(pipe_parent_ready[1]); + + TH_LOG("Child: creating new network namespace"); + + /* Create new network namespace */ + ret =3D unshare(CLONE_NEWNET); + if (ret < 0) { + TH_LOG("Child: unshare(CLONE_NEWNET) failed: %s", strerror(errno)); + close(pipe_child_ready[1]); + close(pipe_parent_ready[0]); + exit(1); + } + + TH_LOG("Child: network namespace created successfully"); + + /* Get file handle for the namespace */ + nsfd =3D open("/proc/self/ns/net", O_RDONLY); + if (nsfd < 0) { + TH_LOG("Child: failed to open /proc/self/ns/net: %s", strerror(errno)); + close(pipe_child_ready[1]); + close(pipe_parent_ready[0]); + exit(1); + } + + TH_LOG("Child: opened namespace fd %d", nsfd); + + handle =3D (struct file_handle *)buf; + handle->handle_bytes =3D MAX_HANDLE_SZ; + ret =3D name_to_handle_at(nsfd, "", handle, &mount_id, AT_EMPTY_PATH); + close(nsfd); + + if (ret < 0) { + TH_LOG("Child: name_to_handle_at failed: %s", strerror(errno)); + close(pipe_child_ready[1]); + close(pipe_parent_ready[0]); + exit(1); + } + + TH_LOG("Child: got file handle (bytes=3D%u)", handle->handle_bytes); + + /* Send file handle to parent */ + ret =3D write(pipe_child_ready[1], buf, sizeof(*handle) + handle->handle= _bytes); + TH_LOG("Child: sent %d bytes of file handle to parent", ret); + close(pipe_child_ready[1]); + + /* Wait for parent to open the fd */ + TH_LOG("Child: waiting for parent to open fd"); + ret =3D read(pipe_parent_ready[0], &sync_byte, 1); + close(pipe_parent_ready[0]); + + TH_LOG("Child: parent signaled (read %d bytes), exiting now", ret); + /* Exit - namespace should stay active because parent holds fd */ + exit(0); + } + + /* Parent process */ + close(pipe_child_ready[1]); + close(pipe_parent_ready[0]); + + TH_LOG("Parent: reading file handle from child"); + + /* Read file handle from child */ + ret =3D read(pipe_child_ready[0], buf, sizeof(buf)); + close(pipe_child_ready[0]); + ASSERT_GT(ret, 0); + handle =3D (struct file_handle *)buf; + + TH_LOG("Parent: received %d bytes, handle size=3D%u", ret, handle->handle= _bytes); + + /* Open the child's namespace while it's still alive */ + snprintf(proc_path, sizeof(proc_path), "/proc/%d/ns/net", pid); + TH_LOG("Parent: opening child's namespace at %s", proc_path); + nsfd =3D open(proc_path, O_RDONLY); + if (nsfd < 0) { + TH_LOG("Parent: failed to open %s: %s", proc_path, strerror(errno)); + close(pipe_parent_ready[1]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open child's namespace"); + } + + TH_LOG("Parent: opened child's namespace, got fd %d", nsfd); + + /* Signal child that we have the fd */ + sync_byte =3D 'G'; + write(pipe_parent_ready[1], &sync_byte, 1); + close(pipe_parent_ready[1]); + TH_LOG("Parent: signaled child that we have the fd"); + + /* Wait for child to exit */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + TH_LOG("Child exited, parent holds fd %d to namespace", nsfd); + + /* + * Namespace should still be ACTIVE because we hold an fd. + * We should be able to reopen it via file handle. + */ + TH_LOG("Attempting to reopen namespace via file handle (should succeed - = fd held)"); + int fd2 =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_GE(fd2, 0); + + TH_LOG("Successfully reopened namespace via file handle, got fd %d", fd2); + + /* Verify it's the same namespace */ + struct stat st1, st2; + ASSERT_EQ(fstat(nsfd, &st1), 0); + ASSERT_EQ(fstat(fd2, &st2), 0); + TH_LOG("Namespace inodes: nsfd=3D%lu, fd2=3D%lu", st1.st_ino, st2.st_ino); + ASSERT_EQ(st1.st_ino, st2.st_ino); + close(fd2); + + /* Now close the fd - namespace should become inactive */ + TH_LOG("Closing fd %d - namespace should become inactive", nsfd); + close(nsfd); + + /* Now reopening should fail - namespace is inactive */ + TH_LOG("Attempting to reopen namespace via file handle (should fail - ina= ctive)"); + fd2 =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(fd2, 0); + /* Should fail with ENOENT (inactive) or ESTALE (gone) */ + TH_LOG("Reopen failed as expected: %s (errno=3D%d)", strerror(errno), err= no); + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 446AA35A94E; Wed, 29 Oct 2025 12:23:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740588; cv=none; b=BRYhslenyReItlgI1d4ni7u1yYw0chr3dFzLql9ZG0KQYzk6RAP1kadTrjr1MWtu9QTmgUUuyKmIL1AWUcCDns8yUO/uXMb45AuytJ+uD3nishTgs+5espTdn+/vDdXwgEm4qFtJPiR4fUA+8mFkguArbuP+jxyiQS6WhvAlB4w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740588; c=relaxed/simple; bh=uKR7z2WD/2U9Ks1GPvzLGsI7e1WaqtgCdzzqT45jKts=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Dqu7b+xv3nHSG7YKInFe4WUIdA1T6Dvxw4qb8dELVhL23npXPuMSB1hmMZVMB4irPm+6NPUqdXjyVH+4gwK+J+hU5tUmFbL98LWEyMuHPLDe+SNSjHXNBj14SfY827ga1Z2fbZ0RP2Alhj+PQtI+ofVaJhwlz+50bvCz/5nK49k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=l/wt+3Xx; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="l/wt+3Xx" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 28D07C4CEFD; Wed, 29 Oct 2025 12:23:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740585; bh=uKR7z2WD/2U9Ks1GPvzLGsI7e1WaqtgCdzzqT45jKts=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=l/wt+3XxcPN0Qb2GeG9QKhX3QefpUntgythHBpihFr0LD8U8ZmSTCHgISnXYaR52+ V0uD75YQvNWahLKZTNfp+S1Iw26P8u54Bq7U1Sunyvx+PaJBo7v4WDGQAJGYc1K1ef FW13XVLCI8VOodVXNcfd+hfhMUYDuBD3xIsfR5EAHibgnN3ZpcqT+CfVz+V7oP6y9W SFfLDG0mYb5Lqy2NTl/j7X9EiM618mpDQ3zM4K7Y3/TNH2N2BG6YVDrSxxJxKpX+TH FYMv5HqFXUQ0h33VcmunDy3Oy7GOsCq9sMwEi2TjA+j0hdHONFmlm53w3oKGqGtEwS lDmN2oRVDOQqg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:42 +0100 Subject: [PATCH v4 29/72] selftests/namespaces: seventh active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-29-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=8847; i=brauner@kernel.org; h=from:subject:message-id; bh=uKR7z2WD/2U9Ks1GPvzLGsI7e1WaqtgCdzzqT45jKts=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfU+YAoRjlHrXHz7+YV2s9evjTvdV2h8yurZ1BEom PHRaYtGRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwET2LmVkOPCs9p8jg7u6ZKZC WfQzFWfOqZKP072SCgr3zdvOte3/HYb/OVbb7qvlXP//seJyg9F/5x1qFc4LZOrXt21X/3Gvz4S LEwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test hierarchical active reference propagation. When a child namespace is active, its owning user namespace should also be active automatically due to hierarchical active reference propagation. This ensures parents are always reachable when children are active. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 222 +++++++++++++++++= ++++ 1 file changed, 222 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 50653096fcb6..60876965dd71 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -20,6 +20,10 @@ #define FD_NSFS_ROOT -10003 /* Root of the nsfs filesystem */ #endif =20 +#ifndef FILEID_NSFS +#define FILEID_NSFS 0xf1 +#endif + /* * Test that initial namespaces can be reopened via file handle. * Initial namespaces should have active ref count of 1 from boot. @@ -603,4 +607,222 @@ TEST(ns_fd_keeps_active) ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); } =20 +/* + * Test hierarchical active reference propagation. + * When a child namespace is active, its owning user namespace should also + * be active automatically due to hierarchical active reference propagatio= n. + * This ensures parents are always reachable when children are active. + */ +TEST(ns_parent_always_reachable) +{ + struct file_handle *parent_handle, *child_handle; + int ret; + int child_nsfd; + int pipefd[2]; + pid_t pid; + int status; + __u64 parent_id, child_id; + char parent_buf[sizeof(*parent_handle) + MAX_HANDLE_SZ]; + char child_buf[sizeof(*child_handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + close(pipefd[0]); + + TH_LOG("Child: creating parent user namespace and setting up mappings"); + + /* Create parent user namespace with mappings */ + ret =3D setup_userns(); + if (ret < 0) { + TH_LOG("Child: setup_userns() for parent failed: %s", strerror(errno)); + close(pipefd[1]); + exit(1); + } + + TH_LOG("Child: parent user namespace created, now uid=3D%d gid=3D%d", ge= tuid(), getgid()); + + /* Get namespace ID for parent user namespace */ + int parent_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (parent_fd < 0) { + TH_LOG("Child: failed to open parent /proc/self/ns/user: %s", strerror(= errno)); + close(pipefd[1]); + exit(1); + } + + TH_LOG("Child: opened parent userns fd %d", parent_fd); + + if (ioctl(parent_fd, NS_GET_ID, &parent_id) < 0) { + TH_LOG("Child: NS_GET_ID for parent failed: %s", strerror(errno)); + close(parent_fd); + close(pipefd[1]); + exit(1); + } + close(parent_fd); + + TH_LOG("Child: got parent namespace ID %llu", (unsigned long long)parent= _id); + + /* Create child user namespace within parent */ + TH_LOG("Child: creating nested child user namespace"); + ret =3D setup_userns(); + if (ret < 0) { + TH_LOG("Child: setup_userns() for child failed: %s", strerror(errno)); + close(pipefd[1]); + exit(1); + } + + TH_LOG("Child: nested child user namespace created, uid=3D%d gid=3D%d", = getuid(), getgid()); + + /* Get namespace ID for child user namespace */ + int child_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (child_fd < 0) { + TH_LOG("Child: failed to open child /proc/self/ns/user: %s", strerror(e= rrno)); + close(pipefd[1]); + exit(1); + } + + TH_LOG("Child: opened child userns fd %d", child_fd); + + if (ioctl(child_fd, NS_GET_ID, &child_id) < 0) { + TH_LOG("Child: NS_GET_ID for child failed: %s", strerror(errno)); + close(child_fd); + close(pipefd[1]); + exit(1); + } + close(child_fd); + + TH_LOG("Child: got child namespace ID %llu", (unsigned long long)child_i= d); + + /* Send both namespace IDs to parent */ + TH_LOG("Child: sending both namespace IDs to parent"); + write(pipefd[1], &parent_id, sizeof(parent_id)); + write(pipefd[1], &child_id, sizeof(child_id)); + close(pipefd[1]); + + TH_LOG("Child: exiting - parent userns should become inactive"); + /* Exit - parent user namespace should become inactive */ + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + + TH_LOG("Parent: reading both namespace IDs from child"); + + /* Read both namespace IDs - fixed size, no parsing needed */ + ret =3D read(pipefd[0], &parent_id, sizeof(parent_id)); + if (ret !=3D sizeof(parent_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read parent namespace ID from child"); + } + + ret =3D read(pipefd[0], &child_id, sizeof(child_id)); + close(pipefd[0]); + if (ret !=3D sizeof(child_id)) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read child namespace ID from child"); + } + + TH_LOG("Parent: received parent_id=3D%llu, child_id=3D%llu", + (unsigned long long)parent_id, (unsigned long long)child_id); + + /* Construct file handles from namespace IDs */ + parent_handle =3D (struct file_handle *)parent_buf; + parent_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + parent_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *parent_fh =3D (struct nsfs_file_handle *)parent_= handle->f_handle; + parent_fh->ns_id =3D parent_id; + parent_fh->ns_type =3D 0; + parent_fh->ns_inum =3D 0; + + child_handle =3D (struct file_handle *)child_buf; + child_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + child_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *child_fh =3D (struct nsfs_file_handle *)child_ha= ndle->f_handle; + child_fh->ns_id =3D child_id; + child_fh->ns_type =3D 0; + child_fh->ns_inum =3D 0; + + TH_LOG("Parent: opening child namespace BEFORE child exits"); + + /* Open child namespace while child is still alive to keep it active */ + child_nsfd =3D open_by_handle_at(FD_NSFS_ROOT, child_handle, O_RDONLY); + if (child_nsfd < 0) { + TH_LOG("Failed to open child namespace: %s (errno=3D%d)", strerror(errno= ), errno); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open child namespace"); + } + + TH_LOG("Opened child namespace fd %d", child_nsfd); + + /* Now wait for child to exit */ + TH_LOG("Parent: waiting for child to exit"); + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + TH_LOG("Child process exited, parent holds fd to child namespace"); + + /* + * With hierarchical active reference propagation: + * Since the child namespace is active (parent process holds fd), + * the parent user namespace should ALSO be active automatically. + * This is because when we took an active reference on the child, + * it propagated up to the owning user namespace. + */ + TH_LOG("Attempting to reopen parent namespace (should SUCCEED - hierarchi= cal propagation)"); + int parent_fd =3D open_by_handle_at(FD_NSFS_ROOT, parent_handle, O_RDONLY= ); + ASSERT_GE(parent_fd, 0); + + TH_LOG("SUCCESS: Parent namespace is active (fd=3D%d) due to active child= ", parent_fd); + + /* Verify we can also get parent via NS_GET_USERNS */ + TH_LOG("Verifying NS_GET_USERNS also works"); + int parent_fd2 =3D ioctl(child_nsfd, NS_GET_USERNS); + if (parent_fd2 < 0) { + close(parent_fd); + close(child_nsfd); + TH_LOG("NS_GET_USERNS failed: %s (errno=3D%d)", strerror(errno), errno); + SKIP(return, "NS_GET_USERNS not supported or failed"); + } + + TH_LOG("NS_GET_USERNS succeeded, got parent fd %d", parent_fd2); + + /* Verify both methods give us the same namespace */ + struct stat st1, st2; + ASSERT_EQ(fstat(parent_fd, &st1), 0); + ASSERT_EQ(fstat(parent_fd2, &st2), 0); + TH_LOG("Parent namespace inodes: parent_fd=3D%lu, parent_fd2=3D%lu", st1.= st_ino, st2.st_ino); + ASSERT_EQ(st1.st_ino, st2.st_ino); + + /* + * Close child fd - parent should remain active because we still + * hold direct references to it (parent_fd and parent_fd2). + */ + TH_LOG("Closing child fd - parent should remain active (direct refs held)= "); + close(child_nsfd); + + /* Parent should still be openable */ + TH_LOG("Verifying parent still active via file handle"); + int parent_fd3 =3D open_by_handle_at(FD_NSFS_ROOT, parent_handle, O_RDONL= Y); + ASSERT_GE(parent_fd3, 0); + close(parent_fd3); + + TH_LOG("Closing all fds to parent namespace"); + close(parent_fd); + close(parent_fd2); + + /* Both should now be inactive */ + TH_LOG("Attempting to reopen parent (should fail - inactive, no refs)"); + parent_fd =3D open_by_handle_at(FD_NSFS_ROOT, parent_handle, O_RDONLY); + ASSERT_LT(parent_fd, 0); + TH_LOG("Parent inactive as expected: %s (errno=3D%d)", strerror(errno), e= rrno); + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4892A340D9A; Wed, 29 Oct 2025 12:23:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740591; cv=none; b=NwHTxnlaHp6rvUJYa+cFbGmbb1iSeyt321/aKDh0/2zszsMapQGkTUG+SMq2obnLLalDba8O12ciPxoCI6/gnXxiD1cx5E+CQZ4tLivuMhBLDyAGOnsVqBFNZj3wZ+XywIROEyVuJbZTSSPY0SU13CtFUY+ikKGjhMWUyoQQkTM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740591; c=relaxed/simple; bh=45ZVAOSQ14PBDoxcUZ9fr0EyfYF6v23SFzJ2GrRGZ3Q=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=RUXnihvsEOUO6oQ0pOfo7ojSqaBEW+cjNvxWTnFpJUhqXQCiMt1QDLtk2pWvDq9tkYhGXJHQHXDYJDeegtoWnby1z+Vnp6iccXkDkP5beMG7d0NwMg2Fv8aaGuetNExhm8Uto9yued/sYOeehnSOGHnJaGozAy96QjYtfYwTaTI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=N77F5jbX; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="N77F5jbX" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2B689C4CEF7; Wed, 29 Oct 2025 12:23:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740591; bh=45ZVAOSQ14PBDoxcUZ9fr0EyfYF6v23SFzJ2GrRGZ3Q=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=N77F5jbXN4Qq2c4MgUQ+rySw02wGcgWam9bDsw1ipvx/kVleRrLAmXhHHF6xzEwtL n2N4EZacj1qYZgHhp48nvxpAzMAa/y1GB5yS0Edpy4ioPemGO2jIWYpF4UyhC/F2xW ZUqGYoZEkMgUN3LT11j0chJJcgUrN0ocir9HFzQWOM3FytJvODYbehM6Y0ElQhjZJw Csu+TgFP7T0qhPLRh+8L9HFYg+Dm6fyy+bn2kOpc5IVuewb4q7OY8tQNINXRWYTLYs DlHVko0/1+Qau69hcaZkcuwkEkvN+N6sWvm7B5fdSNw9zL3pfg/FB2aGBD1eAhGUoG X85wpYyRqtXfA== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:43 +0100 Subject: [PATCH v4 30/72] selftests/namespaces: eigth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-30-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3400; i=brauner@kernel.org; h=from:subject:message-id; bh=45ZVAOSQ14PBDoxcUZ9fr0EyfYF6v23SFzJ2GrRGZ3Q=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUm8C+6/H6ln9zmFLdNW96s1X8mtiuaOcuI8+3is qMRx02iO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACbS85rhf6b5RMGCJzf2+P/+ un33xqBZAY2XTwc9YM9qOSP/uXfF5vWMDLce1t6St3cs6Y7IXRwkO7WtevPjmR273yfvMHHq+Cr Dyg0A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that bind mounts keep namespaces in the tree even when inactive Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 117 +++++++++++++++++= ++++ 1 file changed, 117 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 60876965dd71..55a741d32b08 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -825,4 +825,121 @@ TEST(ns_parent_always_reachable) ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); } =20 +/* + * Test that bind mounts keep namespaces in the tree even when inactive + */ +TEST(ns_bind_mount_keeps_in_tree) +{ + struct file_handle *handle; + int mount_id; + int ret; + int fd; + int pipefd[2]; + pid_t pid; + int status; + char buf[sizeof(*handle) + MAX_HANDLE_SZ]; + char tmpfile[] =3D "/tmp/ns-test-XXXXXX"; + int tmpfd; + + /* Create temporary file for bind mount */ + tmpfd =3D mkstemp(tmpfile); + if (tmpfd < 0) { + SKIP(return, "Cannot create temporary file"); + } + close(tmpfd); + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + close(pipefd[0]); + + /* Unshare mount namespace and make mounts private to avoid propagation = */ + ret =3D unshare(CLONE_NEWNS); + if (ret < 0) { + close(pipefd[1]); + unlink(tmpfile); + exit(1); + } + ret =3D mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL); + if (ret < 0) { + close(pipefd[1]); + unlink(tmpfile); + exit(1); + } + + /* Create new network namespace */ + ret =3D unshare(CLONE_NEWNET); + if (ret < 0) { + close(pipefd[1]); + unlink(tmpfile); + exit(1); + } + + /* Bind mount the namespace */ + ret =3D mount("/proc/self/ns/net", tmpfile, NULL, MS_BIND, NULL); + if (ret < 0) { + close(pipefd[1]); + unlink(tmpfile); + exit(1); + } + + /* Get file handle */ + fd =3D open("/proc/self/ns/net", O_RDONLY); + if (fd < 0) { + umount(tmpfile); + close(pipefd[1]); + unlink(tmpfile); + exit(1); + } + + handle =3D (struct file_handle *)buf; + handle->handle_bytes =3D MAX_HANDLE_SZ; + ret =3D name_to_handle_at(fd, "", handle, &mount_id, AT_EMPTY_PATH); + close(fd); + + if (ret < 0) { + umount(tmpfile); + close(pipefd[1]); + unlink(tmpfile); + exit(1); + } + + /* Send handle to parent */ + write(pipefd[1], buf, sizeof(*handle) + handle->handle_bytes); + close(pipefd[1]); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + ret =3D read(pipefd[0], buf, sizeof(buf)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_GT(ret, 0); + handle =3D (struct file_handle *)buf; + + /* + * Namespace should be inactive but still in tree due to bind mount. + * Reopening should fail with ENOENT (inactive) not ESTALE (not in tree). + */ + fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(fd, 0); + /* Should be ENOENT (inactive) since bind mount keeps it in tree */ + if (errno !=3D ENOENT && errno !=3D ESTALE) { + TH_LOG("Unexpected error: %d", errno); + } + + /* Cleanup */ + umount(tmpfile); + unlink(tmpfile); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B06D735BDD9; Wed, 29 Oct 2025 12:23:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740596; cv=none; b=MJe2YDZUevMOFVsV1oq41ATIhKscTj6z6eNxLpjF2NVrHe/9oH60czd3CKDjhUZF310l9nFnLijuGQZwegxTGd1BpcJpXwNEtGVswDYwNKQhBVsF800ZjnfVS5KUf4OGSHkUykVPYf3IgY0Ih+Q85tL92StD0IO/NT4Rtn4yRoI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740596; c=relaxed/simple; bh=15Kss0/E0G/yMSjq65yfXbMGd9pstwgOgfvTnyiPCqg=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=nnkzcIrG6H+SU9+My8DXXNUg4oAWLQ3Vqya4V850R/R8DXQ3rR8WNVXOOBjfKimpQ7DPA9ucoB20041QuOY9oaB7glPqkI02yi8986FEuRZxl0kEeDZlTGYvio6LHdJS8G/+yHCj7eCwzUTt48qkEkdOqbUgMyQj/3rfT7IoQso= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=IbHebF0U; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="IbHebF0U" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 89688C4CEFF; Wed, 29 Oct 2025 12:23:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740596; bh=15Kss0/E0G/yMSjq65yfXbMGd9pstwgOgfvTnyiPCqg=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=IbHebF0UFdNEZTtSD4Gt6VcVwUlvU9ulSfjP/NL0q4+kY6REkANBWUVx0/Km8AD2V sR1tcxR3PeZxnse+r2QMFnrO/13dR6zuD087mvaYy811XlRczvZwKI6D0kPt/kLcG/ HxWuLy1WG/f+23ANF8A66t0TwlEcSPzhZ70wnFz5i06X09gph1FVkhgxe38SgHmcWX NCcO1zMm/S2o6/HdnhWRRrEW6fYDMfGIdn/d3M7spDUhIx5Vv1D3i7Cgl8eHhTD1OW wcKUoyHKw+3MpY03LH4fL5gKObL4gDNFfZoL01TWX33aue/rkYQMumuY+uS+9Gk3Xi fXOK3vTs0FBSw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:44 +0100 Subject: [PATCH v4 31/72] selftests/namespaces: ninth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-31-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=5204; i=brauner@kernel.org; h=from:subject:message-id; bh=15Kss0/E0G/yMSjq65yfXbMGd9pstwgOgfvTnyiPCqg=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUqz160PblIpGGV0dZHJ3U0l92/pH74zqxNsizH1 vGt29yq0lHKwiDGxSArpsji0G4SLrecp2KzUaYGzBxWJpAhDFycAjCRueWMDLsUJVxsUkU+7uK0 K36gLaL+5RPDitXTm+cfdbgkkvB6vQrDf8eQoKsN1Ysuz8rcWP7hS0oF41eF2fvnyCqtPcAoznU +gwsA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test multi-level hierarchy (3+ levels deep). Grandparent =E2=86=92 Parent =E2=86=92 Child When child is active, both parent AND grandparent should be active. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 164 +++++++++++++++++= ++++ 1 file changed, 164 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 55a741d32b08..88189398aa35 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -942,4 +942,168 @@ TEST(ns_bind_mount_keeps_in_tree) unlink(tmpfile); } =20 +/* + * Test multi-level hierarchy (3+ levels deep). + * Grandparent =E2=86=92 Parent =E2=86=92 Child + * When child is active, both parent AND grandparent should be active. + */ +TEST(ns_multilevel_hierarchy) +{ + struct file_handle *gp_handle, *p_handle, *c_handle; + int ret, pipefd[2]; + pid_t pid; + int status; + __u64 gp_id, p_id, c_id; + char gp_buf[sizeof(*gp_handle) + MAX_HANDLE_SZ]; + char p_buf[sizeof(*p_handle) + MAX_HANDLE_SZ]; + char c_buf[sizeof(*c_handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + close(pipefd[0]); + + /* Create grandparent user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int gp_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (gp_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(gp_fd, NS_GET_ID, &gp_id) < 0) { + close(gp_fd); + close(pipefd[1]); + exit(1); + } + close(gp_fd); + + /* Create parent user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int p_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (p_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(p_fd, NS_GET_ID, &p_id) < 0) { + close(p_fd); + close(pipefd[1]); + exit(1); + } + close(p_fd); + + /* Create child user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int c_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (c_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(c_fd, NS_GET_ID, &c_id) < 0) { + close(c_fd); + close(pipefd[1]); + exit(1); + } + close(c_fd); + + /* Send all three namespace IDs */ + write(pipefd[1], &gp_id, sizeof(gp_id)); + write(pipefd[1], &p_id, sizeof(p_id)); + write(pipefd[1], &c_id, sizeof(c_id)); + close(pipefd[1]); + exit(0); + } + + close(pipefd[1]); + + /* Read all three namespace IDs - fixed size, no parsing needed */ + ret =3D read(pipefd[0], &gp_id, sizeof(gp_id)); + if (ret !=3D sizeof(gp_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read grandparent namespace ID from child"); + } + + ret =3D read(pipefd[0], &p_id, sizeof(p_id)); + if (ret !=3D sizeof(p_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read parent namespace ID from child"); + } + + ret =3D read(pipefd[0], &c_id, sizeof(c_id)); + close(pipefd[0]); + if (ret !=3D sizeof(c_id)) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read child namespace ID from child"); + } + + /* Construct file handles from namespace IDs */ + gp_handle =3D (struct file_handle *)gp_buf; + gp_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + gp_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *gp_fh =3D (struct nsfs_file_handle *)gp_handle->= f_handle; + gp_fh->ns_id =3D gp_id; + gp_fh->ns_type =3D 0; + gp_fh->ns_inum =3D 0; + + p_handle =3D (struct file_handle *)p_buf; + p_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + p_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *p_fh =3D (struct nsfs_file_handle *)p_handle->f_= handle; + p_fh->ns_id =3D p_id; + p_fh->ns_type =3D 0; + p_fh->ns_inum =3D 0; + + c_handle =3D (struct file_handle *)c_buf; + c_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + c_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *c_fh =3D (struct nsfs_file_handle *)c_handle->f_= handle; + c_fh->ns_id =3D c_id; + c_fh->ns_type =3D 0; + c_fh->ns_inum =3D 0; + + /* Open child before process exits */ + int c_fd =3D open_by_handle_at(FD_NSFS_ROOT, c_handle, O_RDONLY); + if (c_fd < 0) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open child namespace"); + } + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* + * With 3-level hierarchy and child active: + * - Child is active (we hold fd) + * - Parent should be active (propagated from child) + * - Grandparent should be active (propagated from parent) + */ + TH_LOG("Testing parent active when child is active"); + int p_fd =3D open_by_handle_at(FD_NSFS_ROOT, p_handle, O_RDONLY); + ASSERT_GE(p_fd, 0); + + TH_LOG("Testing grandparent active when child is active"); + int gp_fd =3D open_by_handle_at(FD_NSFS_ROOT, gp_handle, O_RDONLY); + ASSERT_GE(gp_fd, 0); + + close(c_fd); + close(p_fd); + close(gp_fd); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D8EB83491D0; Wed, 29 Oct 2025 12:23:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740602; cv=none; b=RvtEyJrht7a55kf5RHFTW0tRH7n3CX4dJYsSFK7c8ptFIid+QDTJRZoLRWCVVG0HKG2GTqbsAkagcMGjePvKb1kaCkgbL9CQ28Zw1Ct3EOqxrM9xFl1MKv7mapIACUX2ny867Lv6FnyC8pJcQff9/vu2eWhJAXV9XyKrfao0wGU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740602; c=relaxed/simple; bh=y2A92uW0sV7FWrn4QLm1MH/vZbCpxMWKE7RtucXI55k=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Vc0DiuI+AGHH5C7g2fC4gJYZR/YCHLwbSjA734YG/I6Uk3qnGiO4x331i8hDrCZRaZ8p5hZl0MS5DNuvqPypKeV5LpDPUk6vBOyPsGF1NofsEpBzkldKy6C0x98kP8Uj7RyDuIAIGPFpvbzWwPP/Cqr7H3BYrLq6Jc/U1f66xqM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=DmXiTLwd; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="DmXiTLwd" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A81E3C116B1; Wed, 29 Oct 2025 12:23:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740601; bh=y2A92uW0sV7FWrn4QLm1MH/vZbCpxMWKE7RtucXI55k=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=DmXiTLwdsHNZ2NVSWOQCVef/kl87iaUeD6MfQWYoG2tiSumrtKDphjMXRNsIiLWjG xCGxiczmsVmudFNdT2itJ8f4EzBxmFdJqx4CLQLOo8teotSgheavqkDQaL96XCNMxP Bi3WJ5ow+owxjsTQtdlSINxInROg0O0mzV6KLiKduyt+SXke3P/YybJPu9Xh7u2lXE EcdDAmSnJNx2h2l1G7XiLyLu3wJg3ijR3tgkjk+JeDxLQsGP9mPX8ImHWHvMdkrwmm n9uqgllqq7n5hLByIs/hs6byFFiBFHKRq9mJVDwTy9/hE6jd9TD6Q4/aqTqsZ39uqW UqzWkDI10NCaw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:45 +0100 Subject: [PATCH v4 32/72] selftests/namespaces: tenth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-32-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=5568; i=brauner@kernel.org; h=from:subject:message-id; bh=y2A92uW0sV7FWrn4QLm1MH/vZbCpxMWKE7RtucXI55k=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWqBy/0LzJx6NjovyH21NvFH186H53gs7fN4ann2 5r/atOvd5SyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAEzEeT4jQ0tXledUVo5px34d +xD1nvuH24kfWelLSv023Vo0vVzTwJqRocttRjZXjuYKT9MQwbnp21bqJmxifs+XUWxt9XS749X zfAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test multiple children sharing same parent. Parent should stay active as long as ANY child is active. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 170 +++++++++++++++++= ++++ 1 file changed, 170 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 88189398aa35..a334792da982 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -1106,4 +1106,174 @@ TEST(ns_multilevel_hierarchy) close(gp_fd); } =20 +/* + * Test multiple children sharing same parent. + * Parent should stay active as long as ANY child is active. + */ +TEST(ns_multiple_children_same_parent) +{ + struct file_handle *p_handle, *c1_handle, *c2_handle; + int ret, pipefd[2]; + pid_t pid; + int status; + __u64 p_id, c1_id, c2_id; + char p_buf[sizeof(*p_handle) + MAX_HANDLE_SZ]; + char c1_buf[sizeof(*c1_handle) + MAX_HANDLE_SZ]; + char c2_buf[sizeof(*c2_handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + close(pipefd[0]); + + /* Create parent user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int p_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (p_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(p_fd, NS_GET_ID, &p_id) < 0) { + close(p_fd); + close(pipefd[1]); + exit(1); + } + close(p_fd); + + /* Create first child user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int c1_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (c1_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(c1_fd, NS_GET_ID, &c1_id) < 0) { + close(c1_fd); + close(pipefd[1]); + exit(1); + } + close(c1_fd); + + /* Return to parent user namespace and create second child */ + /* We can't actually do this easily, so let's create a sibling namespace + * by creating a network namespace instead */ + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + int c2_fd =3D open("/proc/self/ns/net", O_RDONLY); + if (c2_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(c2_fd, NS_GET_ID, &c2_id) < 0) { + close(c2_fd); + close(pipefd[1]); + exit(1); + } + close(c2_fd); + + /* Send all namespace IDs */ + write(pipefd[1], &p_id, sizeof(p_id)); + write(pipefd[1], &c1_id, sizeof(c1_id)); + write(pipefd[1], &c2_id, sizeof(c2_id)); + close(pipefd[1]); + exit(0); + } + + close(pipefd[1]); + + /* Read all three namespace IDs - fixed size, no parsing needed */ + ret =3D read(pipefd[0], &p_id, sizeof(p_id)); + if (ret !=3D sizeof(p_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read parent namespace ID"); + } + + ret =3D read(pipefd[0], &c1_id, sizeof(c1_id)); + if (ret !=3D sizeof(c1_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read first child namespace ID"); + } + + ret =3D read(pipefd[0], &c2_id, sizeof(c2_id)); + close(pipefd[0]); + if (ret !=3D sizeof(c2_id)) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read second child namespace ID"); + } + + /* Construct file handles from namespace IDs */ + p_handle =3D (struct file_handle *)p_buf; + p_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + p_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *p_fh =3D (struct nsfs_file_handle *)p_handle->f_= handle; + p_fh->ns_id =3D p_id; + p_fh->ns_type =3D 0; + p_fh->ns_inum =3D 0; + + c1_handle =3D (struct file_handle *)c1_buf; + c1_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + c1_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *c1_fh =3D (struct nsfs_file_handle *)c1_handle->= f_handle; + c1_fh->ns_id =3D c1_id; + c1_fh->ns_type =3D 0; + c1_fh->ns_inum =3D 0; + + c2_handle =3D (struct file_handle *)c2_buf; + c2_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + c2_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *c2_fh =3D (struct nsfs_file_handle *)c2_handle->= f_handle; + c2_fh->ns_id =3D c2_id; + c2_fh->ns_type =3D 0; + c2_fh->ns_inum =3D 0; + + /* Open both children before process exits */ + int c1_fd =3D open_by_handle_at(FD_NSFS_ROOT, c1_handle, O_RDONLY); + int c2_fd =3D open_by_handle_at(FD_NSFS_ROOT, c2_handle, O_RDONLY); + + if (c1_fd < 0 || c2_fd < 0) { + if (c1_fd >=3D 0) close(c1_fd); + if (c2_fd >=3D 0) close(c2_fd); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open child namespaces"); + } + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Parent should be active (both children active) */ + TH_LOG("Both children active - parent should be active"); + int p_fd =3D open_by_handle_at(FD_NSFS_ROOT, p_handle, O_RDONLY); + ASSERT_GE(p_fd, 0); + close(p_fd); + + /* Close first child - parent should STILL be active */ + TH_LOG("Closing first child - parent should still be active"); + close(c1_fd); + p_fd =3D open_by_handle_at(FD_NSFS_ROOT, p_handle, O_RDONLY); + ASSERT_GE(p_fd, 0); + close(p_fd); + + /* Close second child - NOW parent should become inactive */ + TH_LOG("Closing second child - parent should become inactive"); + close(c2_fd); + p_fd =3D open_by_handle_at(FD_NSFS_ROOT, p_handle, O_RDONLY); + ASSERT_LT(p_fd, 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5DF733491D0; Wed, 29 Oct 2025 12:23:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740606; cv=none; b=UbxpJDef2WZXhG4MZqznbdmRe9LphwDchQYiFL6WfjsjNIED8jhkABkbbCbxE9PGHWHBnCtFMyWshncx5JKkcq8BBrDcGV+8XgFgf47iFhSO8JFmcoOf+Q+mw9iwsmJ6B7GkP9Ekd1k0RqvTvoyTCamdmoJ+uwP9ViajTSjzA8Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740606; c=relaxed/simple; bh=/yKwCa2j86hXlE7nkbxfrj9fgrYMvJohWcIM8ykZ1NE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=jaVOTXn+Vt20JHMLE7iWiHRsfpRa2sjtUICApfN7nB/WqWOygqK/MredxgnKpWJ85RrCkoexJntI72Di/R7fs1wOhycQQb1CbI2WvLY6Yhqc/qya+KAruN/OAp+J6xpB0e8m/wXsEDJtunqEv3k6z7LCo53QCH+tKt82VLcSpcI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=NlLXujx6; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="NlLXujx6" Received: by smtp.kernel.org (Postfix) with ESMTPSA id CE5EDC116C6; Wed, 29 Oct 2025 12:23:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740606; bh=/yKwCa2j86hXlE7nkbxfrj9fgrYMvJohWcIM8ykZ1NE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=NlLXujx61IYnq1hAOUWOZjtVPt/j8woBzzC55GQv87mfhj03qO+4WMRHjle9u6jYF 56gq2J0cvPKj5ttucdKVAnRdztvUXS4wVOg1kYGka6vDS8HG6bN8OgObzcXycYXYN1 9clsWrWaRxvHn21t1kEavHEy3f24qnhH7/+/tsLPElNY4NCTGjuKw/mbfsX8TYw3Hf gyqgk4qx8QboVUHATOEc+SKGjPpSD2CXZGAxuDFUVwvFo1LdEhOhdjo/d1TfQvIODa yUzCh14V2maCZdeH8WjNQ/JuHhQ+e2nhxH652YZVp24JVEGgLP5enpS3xXZxIqKEeF QiTcDQq/G0meA== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:46 +0100 Subject: [PATCH v4 33/72] selftests/namespaces: eleventh active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-33-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=5561; i=brauner@kernel.org; h=from:subject:message-id; bh=/yKwCa2j86hXlE7nkbxfrj9fgrYMvJohWcIM8ykZ1NE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWVmAQsdJvAec5s6yb3BZfebLi92pZXTuT4RiXJZ yvVF5/O7ShlYRDjYpAVU2RxaDcJl1vOU7HZKFMDZg4rE8gQBi5OAZjIr+eMDFOn6p2btV+g2fLb +4MCDdl7FF2kuYNavMTTlVdsvG3McY3hn3G7WavkRUNZ95I9grqiT1J3vojeOdOizUr99IuP/Yx iDAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that different namespace types with same owner all contribute active references to the owning user namespace. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 171 +++++++++++++++++= ++++ 1 file changed, 171 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index a334792da982..885f58c81247 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -1276,4 +1276,175 @@ TEST(ns_multiple_children_same_parent) ASSERT_LT(p_fd, 0); } =20 +/* + * Test that different namespace types with same owner all contribute + * active references to the owning user namespace. + */ +TEST(ns_different_types_same_owner) +{ + struct file_handle *u_handle, *n_handle, *ut_handle; + int ret, pipefd[2]; + pid_t pid; + int status; + __u64 u_id, n_id, ut_id; + char u_buf[sizeof(*u_handle) + MAX_HANDLE_SZ]; + char n_buf[sizeof(*n_handle) + MAX_HANDLE_SZ]; + char ut_buf[sizeof(*ut_handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + close(pipefd[0]); + + /* Create user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int u_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (u_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(u_fd, NS_GET_ID, &u_id) < 0) { + close(u_fd); + close(pipefd[1]); + exit(1); + } + close(u_fd); + + /* Create network namespace (owned by user namespace) */ + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + int n_fd =3D open("/proc/self/ns/net", O_RDONLY); + if (n_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(n_fd, NS_GET_ID, &n_id) < 0) { + close(n_fd); + close(pipefd[1]); + exit(1); + } + close(n_fd); + + /* Create UTS namespace (also owned by user namespace) */ + if (unshare(CLONE_NEWUTS) < 0) { + close(pipefd[1]); + exit(1); + } + + int ut_fd =3D open("/proc/self/ns/uts", O_RDONLY); + if (ut_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(ut_fd, NS_GET_ID, &ut_id) < 0) { + close(ut_fd); + close(pipefd[1]); + exit(1); + } + close(ut_fd); + + /* Send all namespace IDs */ + write(pipefd[1], &u_id, sizeof(u_id)); + write(pipefd[1], &n_id, sizeof(n_id)); + write(pipefd[1], &ut_id, sizeof(ut_id)); + close(pipefd[1]); + exit(0); + } + + close(pipefd[1]); + + /* Read all three namespace IDs - fixed size, no parsing needed */ + ret =3D read(pipefd[0], &u_id, sizeof(u_id)); + if (ret !=3D sizeof(u_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read user namespace ID"); + } + + ret =3D read(pipefd[0], &n_id, sizeof(n_id)); + if (ret !=3D sizeof(n_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read network namespace ID"); + } + + ret =3D read(pipefd[0], &ut_id, sizeof(ut_id)); + close(pipefd[0]); + if (ret !=3D sizeof(ut_id)) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read UTS namespace ID"); + } + + /* Construct file handles from namespace IDs */ + u_handle =3D (struct file_handle *)u_buf; + u_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + u_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *u_fh =3D (struct nsfs_file_handle *)u_handle->f_= handle; + u_fh->ns_id =3D u_id; + u_fh->ns_type =3D 0; + u_fh->ns_inum =3D 0; + + n_handle =3D (struct file_handle *)n_buf; + n_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + n_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *n_fh =3D (struct nsfs_file_handle *)n_handle->f_= handle; + n_fh->ns_id =3D n_id; + n_fh->ns_type =3D 0; + n_fh->ns_inum =3D 0; + + ut_handle =3D (struct file_handle *)ut_buf; + ut_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + ut_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *ut_fh =3D (struct nsfs_file_handle *)ut_handle->= f_handle; + ut_fh->ns_id =3D ut_id; + ut_fh->ns_type =3D 0; + ut_fh->ns_inum =3D 0; + + /* Open both non-user namespaces before process exits */ + int n_fd =3D open_by_handle_at(FD_NSFS_ROOT, n_handle, O_RDONLY); + int ut_fd =3D open_by_handle_at(FD_NSFS_ROOT, ut_handle, O_RDONLY); + + if (n_fd < 0 || ut_fd < 0) { + if (n_fd >=3D 0) close(n_fd); + if (ut_fd >=3D 0) close(ut_fd); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open namespaces"); + } + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* + * Both network and UTS namespaces are active. + * User namespace should be active (gets 2 active refs). + */ + TH_LOG("Both net and uts active - user namespace should be active"); + int u_fd =3D open_by_handle_at(FD_NSFS_ROOT, u_handle, O_RDONLY); + ASSERT_GE(u_fd, 0); + close(u_fd); + + /* Close network namespace - user namespace should STILL be active */ + TH_LOG("Closing network ns - user ns should still be active (uts still ac= tive)"); + close(n_fd); + u_fd =3D open_by_handle_at(FD_NSFS_ROOT, u_handle, O_RDONLY); + ASSERT_GE(u_fd, 0); + close(u_fd); + + /* Close UTS namespace - user namespace should become inactive */ + TH_LOG("Closing uts ns - user ns should become inactive"); + close(ut_fd); + u_fd =3D open_by_handle_at(FD_NSFS_ROOT, u_handle, O_RDONLY); + ASSERT_LT(u_fd, 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B5C836C255; Wed, 29 Oct 2025 12:23:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740611; cv=none; b=lvi5CcNKu9UmUcyq/NDANc74s+oOoUf1HPFlrgUST6pOQ+7PgPZOYgezepKUxRIlzoPn1uJVRAt6fEOhedLWQM76X1kVRIS82ZUi960slXh1WZJbMMGC+TEnoq10Z0o+1DQcERbYjYwQdkBCJl1DwovAgOcqVVzVZOnzVHaty18= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740611; c=relaxed/simple; bh=XQPZMUVWj0I1xZ/psAbg6Xt/HD13reOfi09gp9j+WG0=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=lqhB2t5aqBNvVDRgGDYDHVW0gQVwGQrX//LK2aen9icyOaPeks31AcaW5LgJTcYCkduWdsMcQYdw+rbAKwYl1ifF6478LE4a87fUrvBl0lVHQzSgH8Q6T93+LknZB953wMXqPU7FtDWZiCnq2UcR8/zDptt5p0hYUIKCoIs2zFs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=h2nRiRva; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="h2nRiRva" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B1826C4CEF7; Wed, 29 Oct 2025 12:23:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740611; bh=XQPZMUVWj0I1xZ/psAbg6Xt/HD13reOfi09gp9j+WG0=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=h2nRiRvaqK6bs3WUo+bM2KsMXbxuwXR3+yI0OrT1uhLl2Qcm0XHlsfRv9LHY8xmc0 KImGgrlEQGAd6XeYAAI6/o9bPKSJ4DJ59qFwNPza4br1U6J0Hfsd+LtE0dQXUlX11X SXbG/6sA1o53UdxbDDH9Q2eNCyW/17oWfoYfuL9mwY0PgQq6ocFsBJN4SFwcB++foT d2TiQXXs7hJftbZcJm/JjG0SoD13FJWzDBHm7yClEOn9JZemO/Q98Nsk81ixK1cvlS 0DRy/MPkjGupvN7VRUfGicnPoCeiksij2y6SA64cot7qOtmkcwVgq70SO9VFomQGyF CRopM53T/Fm1g== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:47 +0100 Subject: [PATCH v4 34/72] selftests/namespaces: twelth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-34-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=6072; i=brauner@kernel.org; h=from:subject:message-id; bh=XQPZMUVWj0I1xZ/psAbg6Xt/HD13reOfi09gp9j+WG0=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfV1NTinBvDMuzvRbt78/79POhpk6GfcP7XjBePhw rQFO7X3dpSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAExkyRuG//F6i2K6Dv59nlEx pVzhrEWobumniYd+GzcKeGwIdd0z3YXhn9HC97+/eD8XzTqVujfL87Dnp56cB43NFf6Be+faph5 V5AYA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test hierarchical propagation with deep namespace hierarchy. Create: init_user_ns -> user_A -> user_B -> net_ns When net_ns is active, both user_A and user_B should be active. This verifies the conditional recursion in __ns_ref_active_put() works. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 176 +++++++++++++++++= ++++ 1 file changed, 176 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 885f58c81247..b1a454dac9d0 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -1447,4 +1447,180 @@ TEST(ns_different_types_same_owner) ASSERT_LT(u_fd, 0); } =20 +/* + * Test hierarchical propagation with deep namespace hierarchy. + * Create: init_user_ns -> user_A -> user_B -> net_ns + * When net_ns is active, both user_A and user_B should be active. + * This verifies the conditional recursion in __ns_ref_active_put() works. + */ +TEST(ns_deep_hierarchy_propagation) +{ + struct file_handle *ua_handle, *ub_handle, *net_handle; + int ret, pipefd[2]; + pid_t pid; + int status; + __u64 ua_id, ub_id, net_id; + char ua_buf[sizeof(*ua_handle) + MAX_HANDLE_SZ]; + char ub_buf[sizeof(*ub_handle) + MAX_HANDLE_SZ]; + char net_buf[sizeof(*net_handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + close(pipefd[0]); + + /* Create user_A -> user_B -> net hierarchy */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int ua_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (ua_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(ua_fd, NS_GET_ID, &ua_id) < 0) { + close(ua_fd); + close(pipefd[1]); + exit(1); + } + close(ua_fd); + + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int ub_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (ub_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(ub_fd, NS_GET_ID, &ub_id) < 0) { + close(ub_fd); + close(pipefd[1]); + exit(1); + } + close(ub_fd); + + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + int net_fd =3D open("/proc/self/ns/net", O_RDONLY); + if (net_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(net_fd, NS_GET_ID, &net_id) < 0) { + close(net_fd); + close(pipefd[1]); + exit(1); + } + close(net_fd); + + /* Send all three namespace IDs */ + write(pipefd[1], &ua_id, sizeof(ua_id)); + write(pipefd[1], &ub_id, sizeof(ub_id)); + write(pipefd[1], &net_id, sizeof(net_id)); + close(pipefd[1]); + exit(0); + } + + close(pipefd[1]); + + /* Read all three namespace IDs - fixed size, no parsing needed */ + ret =3D read(pipefd[0], &ua_id, sizeof(ua_id)); + if (ret !=3D sizeof(ua_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read user_A namespace ID"); + } + + ret =3D read(pipefd[0], &ub_id, sizeof(ub_id)); + if (ret !=3D sizeof(ub_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read user_B namespace ID"); + } + + ret =3D read(pipefd[0], &net_id, sizeof(net_id)); + close(pipefd[0]); + if (ret !=3D sizeof(net_id)) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read network namespace ID"); + } + + /* Construct file handles from namespace IDs */ + ua_handle =3D (struct file_handle *)ua_buf; + ua_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + ua_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *ua_fh =3D (struct nsfs_file_handle *)ua_handle->= f_handle; + ua_fh->ns_id =3D ua_id; + ua_fh->ns_type =3D 0; + ua_fh->ns_inum =3D 0; + + ub_handle =3D (struct file_handle *)ub_buf; + ub_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + ub_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *ub_fh =3D (struct nsfs_file_handle *)ub_handle->= f_handle; + ub_fh->ns_id =3D ub_id; + ub_fh->ns_type =3D 0; + ub_fh->ns_inum =3D 0; + + net_handle =3D (struct file_handle *)net_buf; + net_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + net_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *net_fh =3D (struct nsfs_file_handle *)net_handle= ->f_handle; + net_fh->ns_id =3D net_id; + net_fh->ns_type =3D 0; + net_fh->ns_inum =3D 0; + + /* Open net_ns before child exits to keep it active */ + int net_fd =3D open_by_handle_at(FD_NSFS_ROOT, net_handle, O_RDONLY); + if (net_fd < 0) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open network namespace"); + } + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* With net_ns active, both user_A and user_B should be active */ + TH_LOG("Testing user_B active (net_ns active causes propagation)"); + int ub_fd =3D open_by_handle_at(FD_NSFS_ROOT, ub_handle, O_RDONLY); + ASSERT_GE(ub_fd, 0); + + TH_LOG("Testing user_A active (propagated through user_B)"); + int ua_fd =3D open_by_handle_at(FD_NSFS_ROOT, ua_handle, O_RDONLY); + ASSERT_GE(ua_fd, 0); + + /* Close net_ns - user_B should stay active (we hold direct ref) */ + TH_LOG("Closing net_ns, user_B should remain active (direct ref held)"); + close(net_fd); + int ub_fd2 =3D open_by_handle_at(FD_NSFS_ROOT, ub_handle, O_RDONLY); + ASSERT_GE(ub_fd2, 0); + close(ub_fd2); + + /* Close user_B - user_A should stay active (we hold direct ref) */ + TH_LOG("Closing user_B, user_A should remain active (direct ref held)"); + close(ub_fd); + int ua_fd2 =3D open_by_handle_at(FD_NSFS_ROOT, ua_handle, O_RDONLY); + ASSERT_GE(ua_fd2, 0); + close(ua_fd2); + + /* Close user_A - everything should become inactive */ + TH_LOG("Closing user_A, all should become inactive"); + close(ua_fd); + + /* All should now be inactive */ + ua_fd =3D open_by_handle_at(FD_NSFS_ROOT, ua_handle, O_RDONLY); + ASSERT_LT(ua_fd, 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9349D348877; Wed, 29 Oct 2025 12:23:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740616; cv=none; b=dVd8pzgvbnYsdHuFF78PQukylGVcjw3BJQRP12H2RvT6o4QS6UOFU/eWIZP6Ii9Natkw9L4o/wL7rBEBvzBqnsyHDK00qrFSK8OWehjbCfaWwssSDiZNqF/Hlyu+USQdeRTisStho9eeCn+2GSjsZaEgC0GLFGD5s7GpV8OIY2s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740616; c=relaxed/simple; bh=DmFqcW+ecoV6629hjGEqua36G7/JisMrs0MfTVBDcAA=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=uMjLpnnYlFZ/Xl53lhZ2GMiAscM4BS6+Fr6Il6aQyT2E/UERqNsA/qHI0uqqIGSPighiFmAup7B0ykqkwntukjJyzD07/i1cG929Cdxn7LCowGITxTMk6Xcj2wO2XD30mLS729ulKF6WC/8qY1n6xHwrRUc837xnXAZonenq098= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=B9A7hs5U; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="B9A7hs5U" Received: by smtp.kernel.org (Postfix) with ESMTPSA id BEE01C4CEF7; Wed, 29 Oct 2025 12:23:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740616; bh=DmFqcW+ecoV6629hjGEqua36G7/JisMrs0MfTVBDcAA=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=B9A7hs5U2HQBqDUvFSCvaJ2hx1w5JmprZacCIDNAj4dZg8lD/fzDowddzDohSVlBF 13te8H7He8ZTbboozqY25MgrPjF2gF8TsSY39GUi1QBra/KURaf8r9Daz9hLZwj77f T8+KSo7GLcAmyv+1iIHxh1GU42P1DEuBq4Pk42iqETxotwgoSLU/0C+rk1DgTcRxSy oXn3d6xHGcntenuS/X0r/dVoyVicxqLvCt7tbuWZ1MGcd8h1UFAwEeoks1IHG7S08X /8k45B1J1Fdm2fenvXAnUerjcyTEuNPo+7AcbvjR24lHw6uUGruLCQZESkFgjIUl/D U0z+RUAK9afpg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:48 +0100 Subject: [PATCH v4 35/72] selftests/namespaces: thirteenth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-35-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=6467; i=brauner@kernel.org; h=from:subject:message-id; bh=DmFqcW+ecoV6629hjGEqua36G7/JisMrs0MfTVBDcAA=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXtrcmbdD/tmu10nfCVnD4GQYUNQqoPi5zF9Avnt DK/Ep/cUcrCIMbFICumyOLQbhIut5ynYrNRpgbMHFYmkCEMXJwCMJFjKxkZ/gZNbO7+OznIfP27 M8wWf/kXnF3Mnfv00QexI0GmpyrWT2Nk+H5/cd3DgyaprS7XPVeuLbmT227To3Drs2PQmwc+qQF izAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that parent stays active as long as ANY child is active. Create parent user namespace with two child net namespaces. Parent should remain active until BOTH children are inactive. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 194 +++++++++++++++++= ++++ 1 file changed, 194 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index b1a454dac9d0..25f06e623064 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -1623,4 +1623,198 @@ TEST(ns_deep_hierarchy_propagation) ASSERT_LT(ua_fd, 0); } =20 +/* + * Test that parent stays active as long as ANY child is active. + * Create parent user namespace with two child net namespaces. + * Parent should remain active until BOTH children are inactive. + */ +TEST(ns_parent_multiple_children_refcount) +{ + struct file_handle *parent_handle, *net1_handle, *net2_handle; + int ret, pipefd[2], syncpipe[2]; + pid_t pid; + int status; + __u64 p_id, n1_id, n2_id; + char p_buf[sizeof(*parent_handle) + MAX_HANDLE_SZ]; + char n1_buf[sizeof(*net1_handle) + MAX_HANDLE_SZ]; + char n2_buf[sizeof(*net2_handle) + MAX_HANDLE_SZ]; + char sync_byte; + + ASSERT_EQ(pipe(pipefd), 0); + ASSERT_EQ(pipe(syncpipe), 0); + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + close(pipefd[0]); + close(syncpipe[1]); + + /* Create parent user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int p_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (p_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(p_fd, NS_GET_ID, &p_id) < 0) { + close(p_fd); + close(pipefd[1]); + exit(1); + } + close(p_fd); + + /* Create first network namespace */ + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + + int n1_fd =3D open("/proc/self/ns/net", O_RDONLY); + if (n1_fd < 0) { + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + if (ioctl(n1_fd, NS_GET_ID, &n1_id) < 0) { + close(n1_fd); + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + /* Keep n1_fd open so first namespace stays active */ + + /* Create second network namespace */ + if (unshare(CLONE_NEWNET) < 0) { + close(n1_fd); + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + + int n2_fd =3D open("/proc/self/ns/net", O_RDONLY); + if (n2_fd < 0) { + close(n1_fd); + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + if (ioctl(n2_fd, NS_GET_ID, &n2_id) < 0) { + close(n1_fd); + close(n2_fd); + close(pipefd[1]); + close(syncpipe[0]); + exit(1); + } + /* Keep both n1_fd and n2_fd open */ + + /* Send all namespace IDs */ + write(pipefd[1], &p_id, sizeof(p_id)); + write(pipefd[1], &n1_id, sizeof(n1_id)); + write(pipefd[1], &n2_id, sizeof(n2_id)); + close(pipefd[1]); + + /* Wait for parent to signal before exiting */ + read(syncpipe[0], &sync_byte, 1); + close(syncpipe[0]); + exit(0); + } + + close(pipefd[1]); + close(syncpipe[0]); + + /* Read all three namespace IDs - fixed size, no parsing needed */ + ret =3D read(pipefd[0], &p_id, sizeof(p_id)); + if (ret !=3D sizeof(p_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read parent namespace ID"); + } + + ret =3D read(pipefd[0], &n1_id, sizeof(n1_id)); + if (ret !=3D sizeof(n1_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read first network namespace ID"); + } + + ret =3D read(pipefd[0], &n2_id, sizeof(n2_id)); + close(pipefd[0]); + if (ret !=3D sizeof(n2_id)) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read second network namespace ID"); + } + + /* Construct file handles from namespace IDs */ + parent_handle =3D (struct file_handle *)p_buf; + parent_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + parent_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *p_fh =3D (struct nsfs_file_handle *)parent_handl= e->f_handle; + p_fh->ns_id =3D p_id; + p_fh->ns_type =3D 0; + p_fh->ns_inum =3D 0; + + net1_handle =3D (struct file_handle *)n1_buf; + net1_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + net1_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *n1_fh =3D (struct nsfs_file_handle *)net1_handle= ->f_handle; + n1_fh->ns_id =3D n1_id; + n1_fh->ns_type =3D 0; + n1_fh->ns_inum =3D 0; + + net2_handle =3D (struct file_handle *)n2_buf; + net2_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + net2_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *n2_fh =3D (struct nsfs_file_handle *)net2_handle= ->f_handle; + n2_fh->ns_id =3D n2_id; + n2_fh->ns_type =3D 0; + n2_fh->ns_inum =3D 0; + + /* Open both net namespaces while child is still alive */ + int n1_fd =3D open_by_handle_at(FD_NSFS_ROOT, net1_handle, O_RDONLY); + int n2_fd =3D open_by_handle_at(FD_NSFS_ROOT, net2_handle, O_RDONLY); + if (n1_fd < 0 || n2_fd < 0) { + if (n1_fd >=3D 0) close(n1_fd); + if (n2_fd >=3D 0) close(n2_fd); + sync_byte =3D 'G'; + write(syncpipe[1], &sync_byte, 1); + close(syncpipe[1]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open net namespaces"); + } + + /* Signal child that we have opened the namespaces */ + sync_byte =3D 'G'; + write(syncpipe[1], &sync_byte, 1); + close(syncpipe[1]); + + /* Wait for child to exit */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Parent should be active (has 2 active children) */ + TH_LOG("Both net namespaces active - parent should be active"); + int p_fd =3D open_by_handle_at(FD_NSFS_ROOT, parent_handle, O_RDONLY); + ASSERT_GE(p_fd, 0); + close(p_fd); + + /* Close first net namespace - parent should STILL be active */ + TH_LOG("Closing first net ns - parent should still be active"); + close(n1_fd); + p_fd =3D open_by_handle_at(FD_NSFS_ROOT, parent_handle, O_RDONLY); + ASSERT_GE(p_fd, 0); + close(p_fd); + + /* Close second net namespace - parent should become inactive */ + TH_LOG("Closing second net ns - parent should become inactive"); + close(n2_fd); + p_fd =3D open_by_handle_at(FD_NSFS_ROOT, parent_handle, O_RDONLY); + ASSERT_LT(p_fd, 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E2E7B34A791; Wed, 29 Oct 2025 12:23:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740622; cv=none; b=MWpoQ+CvJo1HpyLyKjEFmvBWh51enwt/TLgVU0jd1uEOG+D611Vsj0KRKvGkPil2dlIWgUFv8ToVPLMMIqDb2MZrEbuP7KrkrFl4veXm8iUZw3kpuSwTSVZI7IzAQ8iC7Mq32gu5W34lObYFJtBnoNxaYnmIrQeWEVTfnwj1vyI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740622; c=relaxed/simple; bh=d+4+UcmFmPg23QL+eCNaKFnhnQg3HsdsjL7eCoiFS0k=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=iwLaxeFPm1EoSi8wkQ5yotRMNmK4Foc7SHEUvw5kjqUIfH54MrVvcoKu/mj9xJjbMmjxEWMgcFw9hIlYckaVEU5BdfUzMiRrMgL+olvHfLB2K6WHK/TQ3+qrxbAaiIzqpuab8rMN0pZp3DpPWsbnJMWmAK1ynnAGvAZvuCptvz4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=YL53aJ6s; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="YL53aJ6s" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E453FC4CEF7; Wed, 29 Oct 2025 12:23:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740621; bh=d+4+UcmFmPg23QL+eCNaKFnhnQg3HsdsjL7eCoiFS0k=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=YL53aJ6scdAQsT0mMokeQ89YgNCcIPS2JTPD0jbTbmYAcmXd6q1pzuUVGbHVvK7RU 8p8n4OEbwFz9HTH/9gXOg7MJr5g/bY5jopqL5aKejVTZY4D3H1mkbQ4hJpLEKFHN/Q QM5y/A//2a2/jP0jd+HIcQbCLXFXF+yZeMDY6+3HSe17/4eN1QvmvCrue4m8CVEiL9 AQQjuoNSn+A8/lzFq2/cIiHPxcfy4t+5oVILjuG7zFauZi/rqkTr8anftmGlPzMCWZ 9jiw6qBpuwBkClLsL4Y3LzfFJTQ/CG0ONGS9JFCB9xFi3XRwKzgD18aT6zxI5pJQay EbrQ3VjuQ8pQQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:49 +0100 Subject: [PATCH v4 36/72] selftests/namespaces: fourteenth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-36-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=4427; i=brauner@kernel.org; h=from:subject:message-id; bh=d+4+UcmFmPg23QL+eCNaKFnhnQg3HsdsjL7eCoiFS0k=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUFGrl9yo3Yf0WoRDzl2PyU+uhfO/O0E3RvK9yZH uqpeOBPRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwES6lzD8FXay15n2bNbH/lzW shmxgV8P6bT13v68PDyml789xDNtASPDr+Ts/bOeNxSvuFq6QXHBtLvqfN/2XuS2c6gTeJM8fd1 vLgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that user namespace as a child also propagates correctly. Create user_A -> user_B, verify when user_B is active that user_A is also active. This is different from non-user namespace children. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 132 +++++++++++++++++= ++++ 1 file changed, 132 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 25f06e623064..430702c041a9 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -1817,4 +1817,136 @@ TEST(ns_parent_multiple_children_refcount) ASSERT_LT(p_fd, 0); } =20 +/* + * Test that user namespace as a child also propagates correctly. + * Create user_A -> user_B, verify when user_B is active that user_A + * is also active. This is different from non-user namespace children. + */ +TEST(ns_userns_child_propagation) +{ + struct file_handle *ua_handle, *ub_handle; + int ret, pipefd[2]; + pid_t pid; + int status; + __u64 ua_id, ub_id; + char ua_buf[sizeof(*ua_handle) + MAX_HANDLE_SZ]; + char ub_buf[sizeof(*ub_handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + close(pipefd[0]); + + /* Create user_A */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int ua_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (ua_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(ua_fd, NS_GET_ID, &ua_id) < 0) { + close(ua_fd); + close(pipefd[1]); + exit(1); + } + close(ua_fd); + + /* Create user_B (child of user_A) */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int ub_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (ub_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(ub_fd, NS_GET_ID, &ub_id) < 0) { + close(ub_fd); + close(pipefd[1]); + exit(1); + } + close(ub_fd); + + /* Send both namespace IDs */ + write(pipefd[1], &ua_id, sizeof(ua_id)); + write(pipefd[1], &ub_id, sizeof(ub_id)); + close(pipefd[1]); + exit(0); + } + + close(pipefd[1]); + + /* Read both namespace IDs - fixed size, no parsing needed */ + ret =3D read(pipefd[0], &ua_id, sizeof(ua_id)); + if (ret !=3D sizeof(ua_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read user_A namespace ID"); + } + + ret =3D read(pipefd[0], &ub_id, sizeof(ub_id)); + close(pipefd[0]); + if (ret !=3D sizeof(ub_id)) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read user_B namespace ID"); + } + + /* Construct file handles from namespace IDs */ + ua_handle =3D (struct file_handle *)ua_buf; + ua_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + ua_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *ua_fh =3D (struct nsfs_file_handle *)ua_handle->= f_handle; + ua_fh->ns_id =3D ua_id; + ua_fh->ns_type =3D 0; + ua_fh->ns_inum =3D 0; + + ub_handle =3D (struct file_handle *)ub_buf; + ub_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + ub_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *ub_fh =3D (struct nsfs_file_handle *)ub_handle->= f_handle; + ub_fh->ns_id =3D ub_id; + ub_fh->ns_type =3D 0; + ub_fh->ns_inum =3D 0; + + /* Open user_B before child exits */ + int ub_fd =3D open_by_handle_at(FD_NSFS_ROOT, ub_handle, O_RDONLY); + if (ub_fd < 0) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open user_B"); + } + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* With user_B active, user_A should also be active */ + TH_LOG("Testing user_A active when child user_B is active"); + int ua_fd =3D open_by_handle_at(FD_NSFS_ROOT, ua_handle, O_RDONLY); + ASSERT_GE(ua_fd, 0); + + /* Close user_B */ + TH_LOG("Closing user_B"); + close(ub_fd); + + /* user_A should remain active (we hold direct ref) */ + int ua_fd2 =3D open_by_handle_at(FD_NSFS_ROOT, ua_handle, O_RDONLY); + ASSERT_GE(ua_fd2, 0); + close(ua_fd2); + + /* Close user_A - should become inactive */ + TH_LOG("Closing user_A - should become inactive"); + close(ua_fd); + + ua_fd =3D open_by_handle_at(FD_NSFS_ROOT, ua_handle, O_RDONLY); + ASSERT_LT(ua_fd, 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D41F8336EEF; Wed, 29 Oct 2025 12:23:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740628; cv=none; b=Sj2M62+2wVcdGpysw3HLe6k2bfylcS6kjV+JSJAa1v71PlzdZ/SvifW0srrA+wQLXHCsPFPgECJu377F+VAQyPS9vWwNwkOWL4peDoP5jrlTYN0Kg5zfvSq4oYfydihMMbnKiMvoPY7ndhTQjeQHZl/k7B/Hf20kKhfraAtCmls= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740628; c=relaxed/simple; bh=ZSob+cuR8TNM3RYLLd2l60NqKAeHuoXtXyT5AeRNtxA=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=SaoUc8py8I50/5wc9t0Mx2F/THr5iABRC4X+7xLeGa9F9e4k8wiYhnJ7LJfDLNZ43fUxfqGbpiTua5A+YPTM51zvRRMsEdwZ1ubqWqGNcKs+MVRxOKJFAQQrVNknE5lyTXy1Kv038DwGOGbM2KrU7a37iHEWpHy7zZN4WXUL0gw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=PLUt5/Ty; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="PLUt5/Ty" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E5BA4C4CEFF; Wed, 29 Oct 2025 12:23:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740626; bh=ZSob+cuR8TNM3RYLLd2l60NqKAeHuoXtXyT5AeRNtxA=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=PLUt5/TyWea+Uocoe4cwpWFDWFHJkcOzodSH3RsVgZaGhqvM9b5954lJ0czBiZ4Yp XHj178gG42gHDq1Ju000cf/gLl0I79ma9HkE1e1o1YgUdxTsW9wqLGRqSNmXi3Q/zp UoAbmpxazuknWaYMadstcX0LPm1oqbdM/T0vi7ijd4UCuDyEJmbNwbkqDUIBdpwH1w g1m3OvI5DQmcD0YxKumsY8iGZBvIQ/YmRoDRjLKl7uvpnhLR0MTgooXWr/o1iOvUdO JbHvz6zovFPlHgMR+fuZoglenMKoVhhPxlsPHnIoVvirEDcYrse5M0Cobh7ljJqR56 RC3c9TeMBUtRw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:50 +0100 Subject: [PATCH v4 37/72] selftests/namespaces: fifteenth active reference count tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-37-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=5309; i=brauner@kernel.org; h=from:subject:message-id; bh=ZSob+cuR8TNM3RYLLd2l60NqKAeHuoXtXyT5AeRNtxA=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfX9Esi7yJflwLtGsFzk26GevplB1qsP7RR10t4on DZx6pTYjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgInUn2Vk+JBx7fO+l16/f3Ee zNos9/mm16HNhheWXrv055H79+O1NzgZ/qdGN2ppzZj8sWndD5O3Bj98X/puv9o03+64fc2jO1p FJqwA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test different namespace types (net, uts, ipc) all contributing active references to the same owning user namespace. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 164 +++++++++++++++++= ++++ 1 file changed, 164 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 430702c041a9..b7fa973a2572 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -1949,4 +1949,168 @@ TEST(ns_userns_child_propagation) ASSERT_LT(ua_fd, 0); } =20 +/* + * Test different namespace types (net, uts, ipc) all contributing + * active references to the same owning user namespace. + */ +TEST(ns_mixed_types_same_owner) +{ + struct file_handle *user_handle, *net_handle, *uts_handle; + int ret, pipefd[2]; + pid_t pid; + int status; + __u64 u_id, n_id, ut_id; + char u_buf[sizeof(*user_handle) + MAX_HANDLE_SZ]; + char n_buf[sizeof(*net_handle) + MAX_HANDLE_SZ]; + char ut_buf[sizeof(*uts_handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + close(pipefd[0]); + + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + int u_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (u_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(u_fd, NS_GET_ID, &u_id) < 0) { + close(u_fd); + close(pipefd[1]); + exit(1); + } + close(u_fd); + + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + int n_fd =3D open("/proc/self/ns/net", O_RDONLY); + if (n_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(n_fd, NS_GET_ID, &n_id) < 0) { + close(n_fd); + close(pipefd[1]); + exit(1); + } + close(n_fd); + + if (unshare(CLONE_NEWUTS) < 0) { + close(pipefd[1]); + exit(1); + } + + int ut_fd =3D open("/proc/self/ns/uts", O_RDONLY); + if (ut_fd < 0) { + close(pipefd[1]); + exit(1); + } + if (ioctl(ut_fd, NS_GET_ID, &ut_id) < 0) { + close(ut_fd); + close(pipefd[1]); + exit(1); + } + close(ut_fd); + + /* Send all namespace IDs */ + write(pipefd[1], &u_id, sizeof(u_id)); + write(pipefd[1], &n_id, sizeof(n_id)); + write(pipefd[1], &ut_id, sizeof(ut_id)); + close(pipefd[1]); + exit(0); + } + + close(pipefd[1]); + + /* Read all three namespace IDs - fixed size, no parsing needed */ + ret =3D read(pipefd[0], &u_id, sizeof(u_id)); + if (ret !=3D sizeof(u_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read user namespace ID"); + } + + ret =3D read(pipefd[0], &n_id, sizeof(n_id)); + if (ret !=3D sizeof(n_id)) { + close(pipefd[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read network namespace ID"); + } + + ret =3D read(pipefd[0], &ut_id, sizeof(ut_id)); + close(pipefd[0]); + if (ret !=3D sizeof(ut_id)) { + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read UTS namespace ID"); + } + + /* Construct file handles from namespace IDs */ + user_handle =3D (struct file_handle *)u_buf; + user_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + user_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *u_fh =3D (struct nsfs_file_handle *)user_handle-= >f_handle; + u_fh->ns_id =3D u_id; + u_fh->ns_type =3D 0; + u_fh->ns_inum =3D 0; + + net_handle =3D (struct file_handle *)n_buf; + net_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + net_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *n_fh =3D (struct nsfs_file_handle *)net_handle->= f_handle; + n_fh->ns_id =3D n_id; + n_fh->ns_type =3D 0; + n_fh->ns_inum =3D 0; + + uts_handle =3D (struct file_handle *)ut_buf; + uts_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + uts_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *ut_fh =3D (struct nsfs_file_handle *)uts_handle-= >f_handle; + ut_fh->ns_id =3D ut_id; + ut_fh->ns_type =3D 0; + ut_fh->ns_inum =3D 0; + + /* Open both non-user namespaces */ + int n_fd =3D open_by_handle_at(FD_NSFS_ROOT, net_handle, O_RDONLY); + int ut_fd =3D open_by_handle_at(FD_NSFS_ROOT, uts_handle, O_RDONLY); + if (n_fd < 0 || ut_fd < 0) { + if (n_fd >=3D 0) close(n_fd); + if (ut_fd >=3D 0) close(ut_fd); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to open namespaces"); + } + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* User namespace should be active (2 active children) */ + TH_LOG("Both net and uts active - user ns should be active"); + int u_fd =3D open_by_handle_at(FD_NSFS_ROOT, user_handle, O_RDONLY); + ASSERT_GE(u_fd, 0); + close(u_fd); + + /* Close net - user ns should STILL be active (uts still active) */ + TH_LOG("Closing net - user ns should still be active"); + close(n_fd); + u_fd =3D open_by_handle_at(FD_NSFS_ROOT, user_handle, O_RDONLY); + ASSERT_GE(u_fd, 0); + close(u_fd); + + /* Close uts - user ns should become inactive */ + TH_LOG("Closing uts - user ns should become inactive"); + close(ut_fd); + u_fd =3D open_by_handle_at(FD_NSFS_ROOT, user_handle, O_RDONLY); + ASSERT_LT(u_fd, 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D96F4374AC7; Wed, 29 Oct 2025 12:23:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740632; cv=none; b=WPKGcaR6PI9eaH1RyxKB2B8JoLM5wdFwjo3fHkUVOcgiEvQz9lr4AEO1YqCHGT5uIUEPuLOrmcUNE3ycBMrzdfqMMEX65/Yh0RVR1dT7hTYQUxjowlhqF3Mvwvt+G1/c5UsTvU0JDV2b/InN4fEhFoK6SwExfmd7a7QIY4CY+E4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740632; c=relaxed/simple; bh=WU3OpDiHSBOB5eonlPoaP8MJGbmszqupW5dQlbeASiQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=S33/7oW74O+w+08CyoQ4yMTVMnbval5G0l6RK63vEHZjre8FFcS8fziydVaPbkttUpqBk1DVR/6kHCv3BD9YNhkbvVtX3hf/nrr7wo4h1wflK4tr9tE7AHSn2cis5zuKIFF5f9pdMgtbTKYvFzSf2KyVCTRoIdt+YvZKnnc/w9c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=L+FPOYdD; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="L+FPOYdD" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D9E86C4CEF7; Wed, 29 Oct 2025 12:23:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740631; bh=WU3OpDiHSBOB5eonlPoaP8MJGbmszqupW5dQlbeASiQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=L+FPOYdDZZo/BeqdGByNQMyfLG+Kt3tsoH4nlwcYDBngbxLfcUNmcdy72T3ESY8vc tUVDct/m8Yf0qHEJWYNBdijhe9KJiyqJWc2J1iIxOAHSmNEyAHKI353ZgMaZQG4ny1 JU+yzCCtO1QLxuQH43CvxXsKaPJSM4DxpZHh9rWSGz04YMCuq4ZdQN+ZzCKhpHu9yv AAniDr3nyH9eQXFAYDbiLLnP/gngImUYjUVo0A7u71h4mj9Sgz+ye7fPZNih6oi6o3 JoVb9axV76IKue0Hvs/zVesjl0NYVF08xgcwEn9pL7rAfQFtbkZZVs72XD1iGQ6TrW bS5QO96N53biw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:51 +0100 Subject: [PATCH v4 38/72] selftests/namespaces: add listns() wrapper Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-38-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1405; i=brauner@kernel.org; h=from:subject:message-id; bh=WU3OpDiHSBOB5eonlPoaP8MJGbmszqupW5dQlbeASiQ=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVVdReE/1/FyLN48bEbkRMnXWbZf/ajzmV5y1t3v Uw5G7bZdZSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAExklTPDP2s15dW+nUo7fc+8 5VmatXTmF7eU1k9PnLMOLWVr3WO/ToGRYZLvxf+n1+UF/au6zbfzCb+6S4NNZua2v8/FVV4KTt0 TxAcA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Add a wrapper for the listns() system call. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/wrappers.h | 35 +++++++++++++++++++++++= ++++ 1 file changed, 35 insertions(+) diff --git a/tools/testing/selftests/namespaces/wrappers.h b/tools/testing/= selftests/namespaces/wrappers.h new file mode 100644 index 000000000000..9741a64a5b1d --- /dev/null +++ b/tools/testing/selftests/namespaces/wrappers.h @@ -0,0 +1,35 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include +#include +#include + +#ifndef __SELFTESTS_NAMESPACES_WRAPPERS_H__ +#define __SELFTESTS_NAMESPACES_WRAPPERS_H__ + +#ifndef __NR_listns + #if defined __alpha__ + #define __NR_listns 580 + #elif defined _MIPS_SIM + #if _MIPS_SIM =3D=3D _MIPS_SIM_ABI32 /* o32 */ + #define __NR_listns 4470 + #endif + #if _MIPS_SIM =3D=3D _MIPS_SIM_NABI32 /* n32 */ + #define __NR_listns 6470 + #endif + #if _MIPS_SIM =3D=3D _MIPS_SIM_ABI64 /* n64 */ + #define __NR_listns 5470 + #endif + #else + #define __NR_listns 470 + #endif +#endif + +static inline int sys_listns(const struct ns_id_req *req, __u64 *ns_ids, + size_t nr_ns_ids, unsigned int flags) +{ + return syscall(__NR_listns, req, ns_ids, nr_ns_ids, flags); +} + +#endif /* __SELFTESTS_NAMESPACES_WRAPPERS_H__ */ --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 922F833FE10; Wed, 29 Oct 2025 12:23:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740636; cv=none; b=jz5xUJR3CohAtxRUc5VWgwz4K0huUlXv3qiOjgjSrTsH+hMRtr/QLu0pKX0QjIF6qBJk21XDpen6SC918A4IqrFGY0a7FCzXs+oYkYUbrosP7AfVAwwNxfbNPxSqr6SA1XyyhVasyDioMjSIURKc2kol3rqLNDboENUbiDWLVRU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740636; c=relaxed/simple; bh=NAhtGlBVfCqrlTfWbGN1zDMklE1n7EKY3e8ekT2vQ0Y=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=JhuOkxSg+BSMdaOjVovTkByBtKg+XT+8tYHzs6brixxq6uavKgSJqxAX4LmQTP3fPRJ99ApA6yLkj8BPx1miLJjhF6Vx7Voc0aP610p0SMMVrAXcaGWtvz/Z31w8SskqymEEeKvfQr0lmqAgs4NFDHZ7gyym3Gew5pJJfySijFE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=t7f8dpUq; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="t7f8dpUq" Received: by smtp.kernel.org (Postfix) with ESMTPSA id DD1FFC116C6; Wed, 29 Oct 2025 12:23:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740636; bh=NAhtGlBVfCqrlTfWbGN1zDMklE1n7EKY3e8ekT2vQ0Y=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=t7f8dpUqrToN/S01fEg9EHPoYdthuRIQm/lkdy+Knu3x+t/dWgLvbKLCWKJ5QTv9j LPBO6QZmM7Hyqhj0ueNJaMxK/B4zlX3c+WE2fJk6Mn3yODXOK24Cb4UXJVqMxjvjey 7PubgLvGyAlqsVbEvFaQICW6QijkwsHM0nwli8O1o5L3l6h9rF9zrM1sHgaFdsFj1X 1hpMRw2pBm14Aw7DrKAIswbHAd/tRI7E6m3+0oLqn/rQhleQaSCLGJ9zJlc2HBOUyL 7LckxTZQnJ522DmL4HWrC4855gB7JW8gUhSK/XcLv01AwKmJ9kqB1FBkWgArxW7GOl UyvmvNU4r74YQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:52 +0100 Subject: [PATCH v4 39/72] selftests/namespaces: first listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-39-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3148; i=brauner@kernel.org; h=from:subject:message-id; bh=NAhtGlBVfCqrlTfWbGN1zDMklE1n7EKY3e8ekT2vQ0Y=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVNMElPMuu0teRxffdT9+ACt4pvvDHf3nEqv9BwP nTya//OjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgIm0BDAy/PRi9viwvK+q5N8d 8eWRz3a4nmy4755t/1vwp8HrrVe43Rj+J/H7h/5x1XukuuH6qtmVhb01aWnh5iW/94lo9FabNnZ yAgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test basic listns() functionality with the unified namespace tree. List all active namespaces globally. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/.gitignore | 1 + tools/testing/selftests/namespaces/Makefile | 3 +- tools/testing/selftests/namespaces/listns_test.c | 57 ++++++++++++++++++++= ++++ 3 files changed, 60 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/namespaces/.gitignore b/tools/testing/= selftests/namespaces/.gitignore index 100cc5bfef04..5065f07e92c9 100644 --- a/tools/testing/selftests/namespaces/.gitignore +++ b/tools/testing/selftests/namespaces/.gitignore @@ -2,3 +2,4 @@ nsid_test file_handle_test init_ino_test ns_active_ref_test +listns_test diff --git a/tools/testing/selftests/namespaces/Makefile b/tools/testing/se= lftests/namespaces/Makefile index 5cea938cdde8..de708f4df159 100644 --- a/tools/testing/selftests/namespaces/Makefile +++ b/tools/testing/selftests/namespaces/Makefile @@ -2,9 +2,10 @@ CFLAGS +=3D -Wall -O0 -g $(KHDR_INCLUDES) $(TOOLS_INCLUDES) LDLIBS +=3D -lcap =20 -TEST_GEN_PROGS :=3D nsid_test file_handle_test init_ino_test ns_active_ref= _test +TEST_GEN_PROGS :=3D nsid_test file_handle_test init_ino_test ns_active_ref= _test listns_test =20 include ../lib.mk =20 $(OUTPUT)/ns_active_ref_test: ../filesystems/utils.c +$(OUTPUT)/listns_test: ../filesystems/utils.c =20 diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c new file mode 100644 index 000000000000..cb42827d3dfe --- /dev/null +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -0,0 +1,57 @@ +// SPDX-License-Identifier: GPL-2.0 +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "../filesystems/utils.h" +#include "wrappers.h" + +/* + * Test basic listns() functionality with the unified namespace tree. + * List all active namespaces globally. + */ +TEST(listns_basic_unified) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, /* All types */ + .spare2 =3D 0, + .user_ns_id =3D 0, /* Global listing */ + }; + __u64 ns_ids[100]; + ssize_t ret; + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s (errno=3D%d)", strerror(errno), errno); + ASSERT_TRUE(false); + } + + /* Should find at least the initial namespaces */ + ASSERT_GT(ret, 0); + TH_LOG("Found %zd active namespaces", ret); + + /* Verify all returned IDs are non-zero */ + for (ssize_t i =3D 0; i < ret; i++) { + ASSERT_NE(ns_ids[i], 0); + TH_LOG(" [%zd] ns_id: %llu", i, (unsigned long long)ns_ids[i]); + } +} + +TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CC7BF33C50C; Wed, 29 Oct 2025 12:24:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740642; cv=none; b=g+WaCCrhGRg2150jQhB2zliTSkKG97JVx/aXJa3PaUnAxCvDxJTEASzSOehiiLaHChVx64LISEjBZ+qWqICOC098O2iHJW03O67ZhgNdVqLhi350P1uVaaG1BKzT3eesTCYb72phG5C+WXxyQgDL99+9TIIM9f99YM3xXqDzbHg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740642; c=relaxed/simple; bh=gPBGu8BceJ6oHRtyp7iwBf16DUj5zY+HNikOeiNBVYw=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=GMnGmrN89mMFFl8/z9+3vZ+uQhtlPu6tZKurbXJwztzJ5HGNEGBcwlzdFpiTY7VpU/sBemUpdae3hp3CYXGHjNpAix1TQOuGqEe2ttbv04wB8tS3wXa/zZKzW41SEKTjirDDtOlhjEZfxT3zx9SFIbq2L1EIR+xrBeXq+nbffvc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=dQPU+Gsv; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="dQPU+Gsv" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E16FAC4CEF7; Wed, 29 Oct 2025 12:23:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740641; bh=gPBGu8BceJ6oHRtyp7iwBf16DUj5zY+HNikOeiNBVYw=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=dQPU+Gsvufwu341xamTTrJWl6xKFYg1RTRTfJMLs47uvVcFnQAuq6aoG1szvkopRC rFIQKQmmDQ8Zn0HQDIDmAcYdKXn03DwEkQjV/eDmvzgCXR/i3B6usv4ogKlTwtCcBJ pCNEADyjbvsb+wLtGwPom9iev9hbkMygc1v55cR5hhpw1XpLej+r5fzpN/8dquTZTG k7B34RtU/pLoyah7uv0oRaolsAov04QczpQs2mQeptMpqRKWRqRq0OshMubgon7C5d zBGGdT9D8CYInZV1yFtO3sTszvZhzV6Xqs2hbWNYOUGbYmUelr1c/0m/zYAqt9HuYM w2VCCBHJBbi5A== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:53 +0100 Subject: [PATCH v4 40/72] selftests/namespaces: second listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-40-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2143; i=brauner@kernel.org; h=from:subject:message-id; bh=gPBGu8BceJ6oHRtyp7iwBf16DUj5zY+HNikOeiNBVYw=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWdU35S+0F14ik/0ZiLnVbPcub/vObFVuNzdLKOZ 9UKgd//OkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACZyj4ORYUnfvU9vblvPFGmI yuV5kuJ05apK1G+jiu9e+iKyTgz3WxkZzt5Z1b5oXXkdT+S0PSEsfTq77y1WP8Q7rWL7icYM7Y0 XWQA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 test listns() with type filtering. List only network namespaces. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/listns_test.c | 61 ++++++++++++++++++++= ++++ 1 file changed, 61 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c index cb42827d3dfe..64249502ac49 100644 --- a/tools/testing/selftests/namespaces/listns_test.c +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -54,4 +54,65 @@ TEST(listns_basic_unified) } } =20 +/* + * Test listns() with type filtering. + * List only network namespaces. + */ +TEST(listns_filter_by_type) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET, /* Only network namespaces */ + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[100]; + ssize_t ret; + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s (errno=3D%d)", strerror(errno), errno); + ASSERT_TRUE(false); + } + ASSERT_GE(ret, 0); + + /* Should find at least init_net */ + ASSERT_GT(ret, 0); + TH_LOG("Found %zd active network namespaces", ret); + + /* Verify we can open each namespace and it's actually a network namespac= e */ + for (ssize_t i =3D 0; i < ret && i < 5; i++) { + struct nsfs_file_handle nsfh =3D { + .ns_id =3D ns_ids[i], + .ns_type =3D CLONE_NEWNET, + .ns_inum =3D 0, + }; + struct file_handle *fh; + int fd; + + fh =3D (struct file_handle *)malloc(sizeof(*fh) + sizeof(nsfh)); + ASSERT_NE(fh, NULL); + fh->handle_bytes =3D sizeof(nsfh); + fh->handle_type =3D 0; + memcpy(fh->f_handle, &nsfh, sizeof(nsfh)); + + fd =3D open_by_handle_at(-10003, fh, O_RDONLY); + free(fh); + + if (fd >=3D 0) { + int ns_type; + /* Verify it's a network namespace via ioctl */ + ns_type =3D ioctl(fd, NS_GET_NSTYPE); + if (ns_type >=3D 0) { + ASSERT_EQ(ns_type, CLONE_NEWNET); + } + close(fd); + } + } +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 924A437EE33; Wed, 29 Oct 2025 12:24:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740646; cv=none; b=hpKpkpeZpeQTAhA8vCwg/WIhESejZI9ga0gXPTinWkl7VyQ05/W2Ysb43zL1CG2YjjUBwejRYYC9eWaLpDc4u9Wp9PM/dJLgt90jB5NkscXFR/pQh7m2ka6nsCbq1qBzYEwS3CD8/z0HOgvbZ7onzrwAmpXrXmykkAUKdnX72u0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740646; c=relaxed/simple; bh=16wgRCEaRGE6KnaGWYUsE3X1jinLIZr1ZBK0aXw4RfM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=qhRkqisLsiC9sPuj9TGGKaYiRGIuqZY0NzJmiQ0V7v+TsMZMeRBU+Sx0KkFwthSHkSVY0g+woJzsg/sOGgy2wUORyyffPJQbDsBClwL59LHdWhqudDpWJedt252Uayc5ZiNe9Udwn8EKXJ9ouQIgznowqJIt/ic7xjLuDHexWto= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=CLdVo4E9; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="CLdVo4E9" Received: by smtp.kernel.org (Postfix) with ESMTPSA id DA1CFC4CEFD; Wed, 29 Oct 2025 12:24:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740646; bh=16wgRCEaRGE6KnaGWYUsE3X1jinLIZr1ZBK0aXw4RfM=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=CLdVo4E9M/dqLQGToUZ6fWm1RRkYcoALofiF3C9/XuujKUBAnd7GSJIau/CkS3UVy c3QSpEzcRW1J7PMXMOIeyrIw1d6xkuqS5KPty/dezN2ipxdMrL7jY1UKU5EO8+NE5U eYAdV7cuhotX/6Yw5a5cbAdl6Gnb4GyjlXohCBTVt20MIrSGH8336zyJhROmLgF8tR AqmKshp5w3vziVjBWvqbQDdwbrJ/Q1eUFaV/SQqMEIQhQJNdUmO3kNHFiz2xxDfbT6 tvd0pUwijDF5NsxSfnQg0+5O28O/JlaNXWe3NLCrBdl2ewM3PTMJal9HRiTeZm1Qzv 4V/LCxKg+O/zg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:54 +0100 Subject: [PATCH v4 41/72] selftests/namespaces: third listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-41-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2006; i=brauner@kernel.org; h=from:subject:message-id; bh=16wgRCEaRGE6KnaGWYUsE3X1jinLIZr1ZBK0aXw4RfM=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWtL+jccsjOtda3ZU5I7ywrZf0awZigq3JFc+S/p qf/FEjrKGVhEONikBVTZHFoNwmXW85TsdkoUwNmDisTyBAGLk4BmMiKdYwM26+4uz5auyhv/pSz MyfNkFx4TeWU277DETtibuxkm2+UtJHhv+eky07dRpYeG09O3HjN+bb95GeXavVdcorKmVf+aj+ 2lg0A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test listns() pagination. List namespaces in batches. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/listns_test.c | 53 ++++++++++++++++++++= ++++ 1 file changed, 53 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c index 64249502ac49..7dff63a00263 100644 --- a/tools/testing/selftests/namespaces/listns_test.c +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -115,4 +115,57 @@ TEST(listns_filter_by_type) } } =20 +/* + * Test listns() pagination. + * List namespaces in batches. + */ +TEST(listns_pagination) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 batch1[2], batch2[2]; + ssize_t ret1, ret2; + + /* Get first batch */ + ret1 =3D sys_listns(&req, batch1, ARRAY_SIZE(batch1), 0); + if (ret1 < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s (errno=3D%d)", strerror(errno), errno); + ASSERT_TRUE(false); + } + ASSERT_GE(ret1, 0); + + if (ret1 =3D=3D 0) + SKIP(return, "No namespaces found"); + + TH_LOG("First batch: %zd namespaces", ret1); + + /* Get second batch using last ID from first batch */ + if (ret1 =3D=3D ARRAY_SIZE(batch1)) { + req.ns_id =3D batch1[ret1 - 1]; + ret2 =3D sys_listns(&req, batch2, ARRAY_SIZE(batch2), 0); + ASSERT_GE(ret2, 0); + + TH_LOG("Second batch: %zd namespaces (after ns_id=3D%llu)", + ret2, (unsigned long long)req.ns_id); + + /* If we got more results, verify IDs are monotonically increasing */ + if (ret2 > 0) { + ASSERT_GT(batch2[0], batch1[ret1 - 1]); + TH_LOG("Pagination working: %llu > %llu", + (unsigned long long)batch2[0], + (unsigned long long)batch1[ret1 - 1]); + } + } else { + TH_LOG("All namespaces fit in first batch"); + } +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1B19F34BA52; Wed, 29 Oct 2025 12:24:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740652; cv=none; b=Vzq77ssWxtqLmtsVGs7/NCoLujjltpUb7wXt+3X8hNuHw6Gwk4LRvafZh/ojRBMqHQwCUlRglh0OzkLDpkVq/odlUAg2M3pPzAkPnBJSGzrFCMgZgpJRjhaRgmB4tCILumsNL9YOOz/FhHDrXyyFsZ/hkttyJhBqJsoZEemWLWE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740652; c=relaxed/simple; bh=UxNNzwwfXU08oQlPAvQ0Gj3cx0fWVzo9FwN6OUP3IWE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=khKvmfK0uSlo63L3gsALq35uhSmaujLGl7qSRuuap/F9loO6FOugIS/zjdyAz96X4lv50dXSjgM5S7OjRMpCGdR0kiTw4bBDDPTIDfaNTQAlsnj+opdpF6mF+vBpg8JHmivLl85TJHBcelN/bjEHeQVhKc63kNsKaNqhVqSadjQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ftoIVkHd; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ftoIVkHd" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D7CF2C4CEF7; Wed, 29 Oct 2025 12:24:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740651; bh=UxNNzwwfXU08oQlPAvQ0Gj3cx0fWVzo9FwN6OUP3IWE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ftoIVkHdaHfvZvDFqD5bJCyr/vQKZVvfkxYmmXsO45DF7XhPQ9TspaV2/6Wrocxg3 Wb62lGG2CoAyPPpCUDbo1drl0TYoj1Lcc/mH5W01CNhP4CzJHTvkaytd40jas8ZQTQ 0DaxXSLBU5TmU3K3qEgJ2/PBubJh+gpZSn4nE1j9q5QAVDZgzadNg1f0vwOrj3WA/n e5lUNA8MKwPzdb0aEcaR501Pr0vb5rhc3NbDvhvI7/WESioLxNxJnDll3I80ie81ng 3U9XxnKm5xQQNc7L2SAg9e3Nr3Wt+Ux0hPXTkHwQhsH2wGLtcTOuEe/tiaV3GA5Opg RG33PJpsTZI/w== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:55 +0100 Subject: [PATCH v4 42/72] selftests/namespaces: fourth listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-42-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1513; i=brauner@kernel.org; h=from:subject:message-id; bh=UxNNzwwfXU08oQlPAvQ0Gj3cx0fWVzo9FwN6OUP3IWE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWtj/Ll/T6XfW9MvsXJh290nPwb7wTcfz2Dd2tjx Z2Xp10OdZSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAEyk5DXDXxmVaXeyV3Y/Mvmb sHHeB8O2wvKFV2y+20lUPrxmOy0w0Inhn0bbI8WeA1vPP99objXpYXyxzEuJlU39sS9Ws2294TN bgA8A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test listns() with LISTNS_CURRENT_USER. List namespaces owned by current user namespace. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/listns_test.c | 33 ++++++++++++++++++++= ++++ 1 file changed, 33 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c index 7dff63a00263..457298cb4c64 100644 --- a/tools/testing/selftests/namespaces/listns_test.c +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -168,4 +168,37 @@ TEST(listns_pagination) } } =20 +/* + * Test listns() with LISTNS_CURRENT_USER. + * List namespaces owned by current user namespace. + */ +TEST(listns_current_user) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, + .spare2 =3D 0, + .user_ns_id =3D LISTNS_CURRENT_USER, + }; + __u64 ns_ids[100]; + ssize_t ret; + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s (errno=3D%d)", strerror(errno), errno); + ASSERT_TRUE(false); + } + ASSERT_GE(ret, 0); + + /* Should find at least the initial namespaces if we're in init_user_ns */ + TH_LOG("Found %zd namespaces owned by current user namespace", ret); + + for (ssize_t i =3D 0; i < ret; i++) + TH_LOG(" [%zd] ns_id: %llu", i, (unsigned long long)ns_ids[i]); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CABC534C822; Wed, 29 Oct 2025 12:24:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740656; cv=none; b=fAeWvlLdZ2IUGXGsjFugOVeQHTdsxtyDUFH4teMVFZHQlr8UEvHkslAYeTSZHGlf34aONXNw5KtAhEO1LxfFqWKykB9uZ3MUH4G10JrMUeuDADJnE9QEy3Vz9BUscqpx4qSfgS2y8WgF+ItcGP0t7MYWtDYJhoRIxJycsdPuoGw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740656; c=relaxed/simple; bh=6a8oUuByWnFcgaLPQi4hm9sjsEH0DS834LqCnnYNmeo=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=TubYsJU+Rb3Zgqc6j3CRL/Q1QNEBTwYpfA4VuFJWTXFTtsn4qdTNPEEAyXnFFQ+GmgGXl2WfsbEn6lYvl425/zBn4uExaoOyPcJ5egSzb44h5zvrYiTsTnrOkMVMciIfNLH/ZgZs5IVa8CyjjhSVnDzJSCjPBQmxPHbagUbRlD8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=slCZZcg8; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="slCZZcg8" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 10077C4CEFD; Wed, 29 Oct 2025 12:24:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740656; bh=6a8oUuByWnFcgaLPQi4hm9sjsEH0DS834LqCnnYNmeo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=slCZZcg8XwEvE+/l0vzNRsiCWIzKPvKAF4ksafYjkd1ulpQVZYOz17It4u8v8YlAf 9iYHstnopG4jTSBvhSKRrXwZtQ9uuU1nfaadn8LDWT3aSdIL4k/H8R1Qz+xJGJm7tS YLf/Y1R7kyMTgFgPBkBBCW7akrX4+RVxiBJJtbCXiShwj6644T10uaig8p/1xXtYb7 tZtQqhsy5QVPXN0d3onkqxRNT1gEL8Xf+YUYJQHqUlhw3cmUw8IW7skkRK+Bww9/3k tGIAlY4wqgstTznh62ICGCBWXe9/H4AnyjBYGoAhB+DJvV6ss8nrbe9iKgjazNhONw MEqDmXM5Q0qAw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:56 +0100 Subject: [PATCH v4 43/72] selftests/namespaces: fifth listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-43-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3753; i=brauner@kernel.org; h=from:subject:message-id; bh=6a8oUuByWnFcgaLPQi4hm9sjsEH0DS834LqCnnYNmeo=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXdO+ay7VTiD9PAEG4n9tdtajqF301Z5nanMUZXP OEK2juno5SFQYyLQVZMkcWh3SRcbjlPxWajTA2YOaxMIEMYuDgFYCKn6xgZ9gTO/cF8dMtT3cWp ofVzbmdNFGx3rdsQ7/H5R1l/aY95NCPDPPM6juIpzY8lO+o1jr4UnPyodbUF689t5rcUt/BUNte xAwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that listns() only returns active namespaces. Create a namespace, let it become inactive, verify it's not listed. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/listns_test.c | 123 +++++++++++++++++++= ++++ 1 file changed, 123 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c index 457298cb4c64..a04ebe11ce2c 100644 --- a/tools/testing/selftests/namespaces/listns_test.c +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -201,4 +201,127 @@ TEST(listns_current_user) TH_LOG(" [%zd] ns_id: %llu", i, (unsigned long long)ns_ids[i]); } =20 +/* + * Test that listns() only returns active namespaces. + * Create a namespace, let it become inactive, verify it's not listed. + */ +TEST(listns_only_active) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids_before[100], ns_ids_after[100]; + ssize_t ret_before, ret_after; + int pipefd[2]; + pid_t pid; + __u64 new_ns_id =3D 0; + int status; + + /* Get initial list */ + ret_before =3D sys_listns(&req, ns_ids_before, ARRAY_SIZE(ns_ids_before),= 0); + if (ret_before < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s (errno=3D%d)", strerror(errno), errno); + ASSERT_TRUE(false); + } + ASSERT_GE(ret_before, 0); + + TH_LOG("Before: %zd active network namespaces", ret_before); + + /* Create a new namespace in a child process and get its ID */ + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int fd; + __u64 ns_id; + + close(pipefd[0]); + + /* Create new network namespace */ + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + /* Get its ID */ + fd =3D open("/proc/self/ns/net", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &ns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Send ID to parent */ + write(pipefd[1], &ns_id, sizeof(ns_id)); + close(pipefd[1]); + + /* Keep namespace active briefly */ + usleep(100000); + exit(0); + } + + /* Parent reads the new namespace ID */ + { + int bytes; + + close(pipefd[1]); + bytes =3D read(pipefd[0], &new_ns_id, sizeof(new_ns_id)); + close(pipefd[0]); + + if (bytes =3D=3D sizeof(new_ns_id)) { + __u64 ns_ids_during[100]; + int ret_during; + + TH_LOG("Child created namespace with ID %llu", (unsigned long long)new_= ns_id); + + /* List namespaces while child is still alive - should see new one */ + ret_during =3D sys_listns(&req, ns_ids_during, ARRAY_SIZE(ns_ids_during= ), 0); + ASSERT_GE(ret_during, 0); + TH_LOG("During: %d active network namespaces", ret_during); + + /* Should have more namespaces than before */ + ASSERT_GE(ret_during, ret_before); + } + } + + /* Wait for child to exit */ + waitpid(pid, &status, 0); + + /* Give time for namespace to become inactive */ + usleep(100000); + + /* List namespaces after child exits - should not see new one */ + ret_after =3D sys_listns(&req, ns_ids_after, ARRAY_SIZE(ns_ids_after), 0); + ASSERT_GE(ret_after, 0); + TH_LOG("After: %zd active network namespaces", ret_after); + + /* Verify the new namespace ID is not in the after list */ + if (new_ns_id !=3D 0) { + bool found =3D false; + + for (ssize_t i =3D 0; i < ret_after; i++) { + if (ns_ids_after[i] =3D=3D new_ns_id) { + found =3D true; + break; + } + } + ASSERT_FALSE(found); + } +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 30F4E341AC7; Wed, 29 Oct 2025 12:24:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740662; cv=none; b=egPJ8+TskSp+eyyP8Mj8KVPern/y2DrrvjaDYlzBOhDz7Kzpdn8Pi6Onj33Ithpsl35JITlFImsXIXt5OBmQ4hKjwyFgFsL5nlC8378/qwT6e8vhxk2lJxpraZpV0J77bSPl86ITU5bzXBHmDdUGNs/7bBiVLDB5TYVfe5E/2AU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740662; c=relaxed/simple; bh=KSlU7UvLSHSGPJJgTeCWtnFjFzuANwkcv8D+4cZnjGE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=CuEfOwMDHInJyI9oyDm6RQ2rEwUzDFRDh5/ePAFVWw318ZKwnoURXa8NVjMhfMzoqILDdVclfynpa0chKIzoQ/B8BrYl7TxTO9KwjywG3Sfk/748XLy846S4ABAX2JlJxtCpk1st4pd0movuIf76VlwqLMk7bsUWzz5gO5Hi7tA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=C7Z+wMDI; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="C7Z+wMDI" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 27056C4CEF7; Wed, 29 Oct 2025 12:24:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740661; bh=KSlU7UvLSHSGPJJgTeCWtnFjFzuANwkcv8D+4cZnjGE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=C7Z+wMDIKfFZDYKNJYvMlsFszCuIrMyQ1q+TRgcsdo0V68HBPqlgucacwnQEhO3Q1 mpRWjw1SFF8RYOHjQ3xQ3vIfuiIDxcbi1yC4ucF+YK3i5GkLHcDqIXNHltuRmCxJR8 y7ZT0MAReI/Hm/+XfuQu/LH5rLVxm3Oa66fWLi0bWpOt7ROD3ZImB/P23ICQNFOatV PsTTMuInnkG9gNqfN0874nNhzxmfxZAvCeDg2+v7YB8RGKMgARSlYcPqQfswio2m/L gyknbwQTDCUESweMp8UivBYOGUGxVApSL5pULvmyZGUb/LPuM9LOKTapI8ZkjEiyUe xX0p9TCTYRzJw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:57 +0100 Subject: [PATCH v4 44/72] selftests/namespaces: sixth listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-44-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3583; i=brauner@kernel.org; h=from:subject:message-id; bh=KSlU7UvLSHSGPJJgTeCWtnFjFzuANwkcv8D+4cZnjGE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfU1TZSJnXnDq6GjrfxM++wYhX5rhXt1qz3u/Jug+ u6ChN3qjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgIksXMjIcGPV55Xx633d7vJI 6J7Y/fHB5istyROX1qo8igjflOWU9J6R4dedv5++7qxvtr1f5PfvU7mh4p50r8b3+o0K13y2Jkz N4gYA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test listns() with specific user namespace ID. Create a user namespace and list namespaces it owns. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/listns_test.c | 122 +++++++++++++++++++= ++++ 1 file changed, 122 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c index a04ebe11ce2c..f5b8bc5d111f 100644 --- a/tools/testing/selftests/namespaces/listns_test.c +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -324,4 +325,125 @@ TEST(listns_only_active) } } =20 +/* + * Test listns() with specific user namespace ID. + * Create a user namespace and list namespaces it owns. + */ +TEST(listns_specific_userns) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, + .spare2 =3D 0, + .user_ns_id =3D 0, /* Will be filled with created userns ID */ + }; + __u64 ns_ids[100]; + int sv[2]; + pid_t pid; + int status; + __u64 user_ns_id =3D 0; + int bytes; + ssize_t ret; + + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sv), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int fd; + __u64 ns_id; + char buf; + + close(sv[0]); + + /* Create new user namespace */ + if (setup_userns() < 0) { + close(sv[1]); + exit(1); + } + + /* Get user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(sv[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &ns_id) < 0) { + close(fd); + close(sv[1]); + exit(1); + } + close(fd); + + /* Send ID to parent */ + if (write(sv[1], &ns_id, sizeof(ns_id)) !=3D sizeof(ns_id)) { + close(sv[1]); + exit(1); + } + + /* Create some namespaces owned by this user namespace */ + unshare(CLONE_NEWNET); + unshare(CLONE_NEWUTS); + + /* Wait for parent signal */ + if (read(sv[1], &buf, 1) !=3D 1) { + close(sv[1]); + exit(1); + } + close(sv[1]); + exit(0); + } + + /* Parent */ + close(sv[1]); + bytes =3D read(sv[0], &user_ns_id, sizeof(user_ns_id)); + + if (bytes !=3D sizeof(user_ns_id)) { + close(sv[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get user namespace ID from child"); + } + + TH_LOG("Child created user namespace with ID %llu", (unsigned long long)u= ser_ns_id); + + /* List namespaces owned by this user namespace */ + req.user_ns_id =3D user_ns_id; + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + + if (ret < 0) { + TH_LOG("listns failed: %s (errno=3D%d)", strerror(errno), errno); + close(sv[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + if (errno =3D=3D ENOSYS) { + SKIP(return, "listns() not supported"); + } + ASSERT_GE(ret, 0); + } + + TH_LOG("Found %zd namespaces owned by user namespace %llu", ret, + (unsigned long long)user_ns_id); + + /* Should find at least the network and UTS namespaces we created */ + if (ret > 0) { + for (ssize_t i =3D 0; i < ret && i < 10; i++) + TH_LOG(" [%zd] ns_id: %llu", i, (unsigned long long)ns_ids[i]); + } + + /* Signal child to exit */ + if (write(sv[0], "X", 1) !=3D 1) { + close(sv[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + ASSERT_TRUE(false); + } + close(sv[0]); + waitpid(pid, &status, 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 357AF34CFB9; Wed, 29 Oct 2025 12:24:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740667; cv=none; b=Meu+wNofhZc4uU9WXvLMtZhCeQg263wp+ddZHIAYg/7q5he6FjntSzMjGPQFKaY/tfrWaU5ki89lMWGj1HHaPtjrEiQRkvVm8Y/1RkRu0gSFEZw6jKkAwDUwLdynPskt46BTPPiXHUyHB9piZHDqxEjm4xG1F6rv8XfPM4Nrhm8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740667; c=relaxed/simple; bh=QzUkya/eQ/QDDIuBeLk9Y5q5aIl9eBXy2tswIGkyHaQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=jKYTst1XGv+C6KgoghrE6bUO6gqKAVmbk/Ld6QhTW+T3KbM+vIHLz7dnCcppfaQgg3j1jGrHVcAwgsqlpV02xj3NzFbKPUDkCwV8oC00YAfRSnVbYWEkUDxLTmZbDKzf/bKwqs7lBHvPUmePAQb1WDOrqL4tOcsGaVxcwqyCzbg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=rQ/hHN5s; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="rQ/hHN5s" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 343D6C4CEFF; Wed, 29 Oct 2025 12:24:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740666; bh=QzUkya/eQ/QDDIuBeLk9Y5q5aIl9eBXy2tswIGkyHaQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=rQ/hHN5seJlN/J7XFSIS1mGMrL6/52yYcUdF2xi2nh4TpOEKwTTTAry4AYiQi51p8 frQ5DZVsp6SxC/PZx8pEIwBcST2PTkl8GxVe4LNGyVwQnzrYwg7pBE1twqsxlI6Re9 46XEa08DAitt+kV6mLOs8JgqU7BLkjDmd7uhWft/IQ/UmdMqUh2Av6bAjANHMzzZsy X4qKVRgyH5JzxTwv9Nt+EB702nSyD1k+G+IuJCOMvoGaczTn8wEFFhto2zNVnLwTXw Z2iYAfZ+I1RBezBEbjsAkO9y8GsP/LD0uweSdaRxA1D+fhSRHwSSKnQj+eJzm1LziG RZSfe0KOu0NOw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:58 +0100 Subject: [PATCH v4 45/72] selftests/namespaces: seventh listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-45-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1404; i=brauner@kernel.org; h=from:subject:message-id; bh=QzUkya/eQ/QDDIuBeLk9Y5q5aIl9eBXy2tswIGkyHaQ=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWJTbO5k1X+9Wxq9OfVih+Oz3L6+y2xNz5rV/z30 LpAnel8HaUsDGJcDLJiiiwO7Sbhcst5KjYbZWrAzGFlAhnCwMUpABMxEWf4K7Ryf5z7uqLzaw5X hy+wLZsqxTp/zpQbf7KO7VuQKP82dxvD/zR+/kdbly594VLEw/9vu60P70bewv1TAz+Yf+LvML2 1mw8A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test listns() with multiple namespace types filter. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/listns_test.c | 31 ++++++++++++++++++++= ++++ 1 file changed, 31 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c index f5b8bc5d111f..d73c2a2898cf 100644 --- a/tools/testing/selftests/namespaces/listns_test.c +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -446,4 +446,35 @@ TEST(listns_specific_userns) waitpid(pid, &status, 0); } =20 +/* + * Test listns() with multiple namespace types filter. + */ +TEST(listns_multiple_types) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET | CLONE_NEWUTS, /* Network and UTS */ + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[100]; + ssize_t ret; + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s (errno=3D%d)", strerror(errno), errno); + ASSERT_TRUE(false); + } + ASSERT_GE(ret, 0); + + TH_LOG("Found %zd active network/UTS namespaces", ret); + + for (ssize_t i =3D 0; i < ret; i++) + TH_LOG(" [%zd] ns_id: %llu", i, (unsigned long long)ns_ids[i]); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D30E034D4ED; Wed, 29 Oct 2025 12:24:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740671; cv=none; b=C7co+51bUGAmozKQZD1JRR9mZU4QybCFa5IPGkk8Rsocp/uS4unUGmFcjcdy9SLs5of525QOsrAl+H6VTFMHb4yp4SMfBeGD/V4ZyR48HdJmfBLZn1VsVUEnsMjpw1/hERB7OKsk64FZdNkS5j+tGkylkCG9UJ2cye+3pW2o7aw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740671; c=relaxed/simple; bh=vycCLgs/SEoxdQIQ6EcoGlOuO/CNJYVzQfqAbKcG6n0=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=BHMIXtAcLCzl5yGJQF6JSJdzMWjUf9pomtMw1j88AoemXOgItziPOVAg0oCfLtTr5HGACumUnEXpf/lbtX3+dMvX6Lm8HJjESk37u9sOenUe/GBlCYlECNGNp3GHSaMYCyJnmrlz8ghYIaWNu5WIU+DVzPgdy/ns4Zy6Juc0foo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=J9/GT1+O; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="J9/GT1+O" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2B44FC4CEF7; Wed, 29 Oct 2025 12:24:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740671; bh=vycCLgs/SEoxdQIQ6EcoGlOuO/CNJYVzQfqAbKcG6n0=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=J9/GT1+Ojc1LkCPiysfkxDX55ShajBlDoFrRkC+IgA2NmWSTqjLiZIwIrTPaNctWo HvA8TpTCp4AMdZjZFwzm0w9JJM76xJ5ajbqg4K/bMNJ0gd4l7KmIsFFvUxawALXUp6 WqF2JDouFVF0I0GRZR4IxWF92/+tQU4traS6wM27bdDis+YmQrFGEna3Dmj3NKdiBP lSXx72vay/fwNQMh0EGb2ByNI5FlnDWuaeHulLrS9/6uSm4T75zbDszrcgaXdSiOEp CQqANPKB08HiopZ/U3Ydb52ZUjOPUKrUpkOPZwx49JOQw6yHUhEEkDB3qGxg9WhxMT hzuTeb+weAh3w== From: Christian Brauner Date: Wed, 29 Oct 2025 13:20:59 +0100 Subject: [PATCH v4 46/72] selftests/namespaces: eigth listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-46-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=4158; i=brauner@kernel.org; h=from:subject:message-id; bh=vycCLgs/SEoxdQIQ6EcoGlOuO/CNJYVzQfqAbKcG6n0=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUd/2UgI2qwIKNakEtxsXlxRJvXi7ypxxdffujBN uvZbiGXjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgIn4RTAynJJ/lM7A+WSmrMKt GSY6dfLlWjLXrt1eFXmm+3FQSIvocob/ie2hxzIepUT+5Z16a03vRvG5FwMFbtZGZXzR3VfjOEu WHQA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that hierarchical active reference propagation keeps parent user namespaces visible in listns(). Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/listns_test.c | 150 +++++++++++++++++++= ++++ 1 file changed, 150 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c index d73c2a2898cf..d3be6f97d34e 100644 --- a/tools/testing/selftests/namespaces/listns_test.c +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -477,4 +477,154 @@ TEST(listns_multiple_types) TH_LOG(" [%zd] ns_id: %llu", i, (unsigned long long)ns_ids[i]); } =20 +/* + * Test that hierarchical active reference propagation keeps parent + * user namespaces visible in listns(). + */ +TEST(listns_hierarchical_visibility) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 parent_ns_id =3D 0, child_ns_id =3D 0; + int sv[2]; + pid_t pid; + int status; + int bytes; + __u64 ns_ids[100]; + ssize_t ret; + bool found_parent, found_child; + + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sv), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int fd; + char buf; + + close(sv[0]); + + /* Create parent user namespace */ + if (setup_userns() < 0) { + close(sv[1]); + exit(1); + } + + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(sv[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &parent_ns_id) < 0) { + close(fd); + close(sv[1]); + exit(1); + } + close(fd); + + /* Create child user namespace */ + if (setup_userns() < 0) { + close(sv[1]); + exit(1); + } + + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(sv[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &child_ns_id) < 0) { + close(fd); + close(sv[1]); + exit(1); + } + close(fd); + + /* Send both IDs to parent */ + if (write(sv[1], &parent_ns_id, sizeof(parent_ns_id)) !=3D sizeof(parent= _ns_id)) { + close(sv[1]); + exit(1); + } + if (write(sv[1], &child_ns_id, sizeof(child_ns_id)) !=3D sizeof(child_ns= _id)) { + close(sv[1]); + exit(1); + } + + /* Wait for parent signal */ + if (read(sv[1], &buf, 1) !=3D 1) { + close(sv[1]); + exit(1); + } + close(sv[1]); + exit(0); + } + + /* Parent */ + close(sv[1]); + + /* Read both namespace IDs */ + bytes =3D read(sv[0], &parent_ns_id, sizeof(parent_ns_id)); + bytes +=3D read(sv[0], &child_ns_id, sizeof(child_ns_id)); + + if (bytes !=3D (int)(2 * sizeof(__u64))) { + close(sv[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get namespace IDs from child"); + } + + TH_LOG("Parent user namespace ID: %llu", (unsigned long long)parent_ns_id= ); + TH_LOG("Child user namespace ID: %llu", (unsigned long long)child_ns_id); + + /* List all user namespaces */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + + if (ret < 0 && errno =3D=3D ENOSYS) { + close(sv[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "listns() not supported"); + } + + ASSERT_GE(ret, 0); + TH_LOG("Found %zd active user namespaces", ret); + + /* Both parent and child should be visible (active due to child process) = */ + found_parent =3D false; + found_child =3D false; + for (ssize_t i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D parent_ns_id) + found_parent =3D true; + if (ns_ids[i] =3D=3D child_ns_id) + found_child =3D true; + } + + TH_LOG("Parent namespace %s, child namespace %s", + found_parent ? "found" : "NOT FOUND", + found_child ? "found" : "NOT FOUND"); + + ASSERT_TRUE(found_child); + /* With hierarchical propagation, parent should also be active */ + ASSERT_TRUE(found_parent); + + /* Signal child to exit */ + if (write(sv[0], "X", 1) !=3D 1) { + close(sv[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + ASSERT_TRUE(false); + } + close(sv[0]); + waitpid(pid, &status, 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0B5842E339B; Wed, 29 Oct 2025 12:24:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740677; cv=none; b=cHWvFgJufqpMABzLOpkugYE2OenR5+bzcbqtPMqoENtCu1QOuF9w6xrLyt/fUPr45d6/boPFHOg9WUp7t0tVoz7NAmxHZB7PR8C0a+5sUUyErb8UoWRi5ff+SAF1kDbeowyl6CDGVzulrVix/SbWxpOOCBsoAuJ2FbFdVaTkzXg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740677; c=relaxed/simple; bh=EesZuqsIPfrlBbuqThECgtbHVtp6afgnRdhVk6MbMkE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=jUDmfM638DFEPIWcOy77GYo60sVYEdj6N0SoX0D6fiNf4Ss289l53UIGjkkvbilELwXBN1BgcmqrYS0odxP9iIo8c9umLQiC+hWIdCM/A/rqNkbcb3NzQrNSDq0LbnBYP0jgtb8etxLm2SJxxGljnWeXcYJsUbRhjmJt4mB+H1w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ji+buok9; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ji+buok9" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2EDA2C4CEFD; Wed, 29 Oct 2025 12:24:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740676; bh=EesZuqsIPfrlBbuqThECgtbHVtp6afgnRdhVk6MbMkE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ji+buok9FQwu3sc6mKYwAtx20blAq5aaOZcuG5QpgZtUMfmAd9TNkyeYdIfhuD5e3 9FfuGgyUzYIC5WxfWN/4imol0BSg6ImUtV1A/+69ht75FYpeYJd0Pb9SKAy0EiDXPv Kcy9wMOAbThoP5yGzc67hxHMg6K6jVKcKGYDGo5SWL/EoXL6XL4UaqZJPWnSI9rCLn B0OFO+xbX3ReF1Y3dfQxKWYVvyJevF7X2qOz3RhoO1D5MhVtzklc0f/74bsAEBwDfI 9+4SQKPKFlJ0GxZaxkwE6LsvEkuKC4B1s6NnsbxUZ8sw7kV2X/De9P21CKGbLeOoVF hecfYN+nK2jLg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:00 +0100 Subject: [PATCH v4 47/72] selftests/namespaces: ninth listns() test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-47-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1703; i=brauner@kernel.org; h=from:subject:message-id; bh=EesZuqsIPfrlBbuqThECgtbHVtp6afgnRdhVk6MbMkE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXJHRS+s8Fv5f2vLx9LTK3MftnPkRpuzzmp6Ipq8 v77EpwbOkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACaS9p/hv4v9xhYusad+b1tf ML4s+hI1aXFb6UOrB5v/nbxguFTOZz4jw+ytbbZRbzUVJr/Qt07Sf8ejb/JchPVaQ3BmS0Bx6Kz 5bAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test error cases for listns(). Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/listns_test.c | 49 ++++++++++++++++++++= ++++ 1 file changed, 49 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_test.c b/tools/testi= ng/selftests/namespaces/listns_test.c index d3be6f97d34e..8a95789d6a87 100644 --- a/tools/testing/selftests/namespaces/listns_test.c +++ b/tools/testing/selftests/namespaces/listns_test.c @@ -627,4 +627,53 @@ TEST(listns_hierarchical_visibility) waitpid(pid, &status, 0); } =20 +/* + * Test error cases for listns(). + */ +TEST(listns_error_cases) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[10]; + int ret; + + /* Test with invalid flags */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0xFFFF); + if (errno =3D=3D ENOSYS) { + /* listns() not supported, skip this check */ + } else { + ASSERT_LT(ret, 0); + ASSERT_EQ(errno, EINVAL); + } + + /* Test with NULL ns_ids array */ + ret =3D sys_listns(&req, NULL, 10, 0); + ASSERT_LT(ret, 0); + + /* Test with invalid spare field */ + req.spare =3D 1; + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (errno =3D=3D ENOSYS) { + /* listns() not supported, skip this check */ + } else { + ASSERT_LT(ret, 0); + ASSERT_EQ(errno, EINVAL); + } + req.spare =3D 0; + + /* Test with huge nr_ns_ids */ + ret =3D sys_listns(&req, ns_ids, 2000000, 0); + if (errno =3D=3D ENOSYS) { + /* listns() not supported, skip this check */ + } else { + ASSERT_LT(ret, 0); + } +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 478272E339B; Wed, 29 Oct 2025 12:24:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740682; cv=none; b=IpYFp8QG8RPFEYm/1LjPltrGFaiUUsSMpHbry4yybUf7yqwb5M3yX4vUyW0QiWN79AmfwKzZOVw0RrbIHRwg2JQTaQ/6B2i97ZRv3dPBEgY7rE8jWeZYN2v67AVDmJZss/ZDi1muLmD0L6rUdaewu3FnIALhs/gDcVFFn2zcsWk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740682; c=relaxed/simple; bh=pxS104PFU7e80xD7prEOFJiL/3Pdar0FDU7ENFtkjlI=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=JzW1tPSI+f6zK2Fv89D+lB9Qt+Cip6o0FIWzMmcydBtMkzyKC9wEwojswZ9Db3+IlZYodes0O+T0glo4iOtnmIYcAicTS9JLnB78t7hcpGjRnZcA64bTTi90tvv4b4T8purL9xqxzWX7u+PZ5kJMttwR0ZyOOxnghBSWBDMRfMM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mxkwlODv; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mxkwlODv" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5D034C4CEF7; Wed, 29 Oct 2025 12:24:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740681; bh=pxS104PFU7e80xD7prEOFJiL/3Pdar0FDU7ENFtkjlI=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=mxkwlODvcLze3ysnnw0rYJAkluS8XtpBUGjAX2sCnnpi/lo97WclmUlMiyNM1VgSC n8eOyf56l/tmvb3oQStISmflpf1JFqiyXIRYY2YA2kUyG6jbYh12h8kV3600QXApZU 84Wfouk5nIioLfY5Hq38p2Scyu8t6fb42fNZ91ge5O6kmPcU+2jxP8gEJUCFd9pp3u VLuQ3RUnvW/AFHc5MOeCQOyxkDF/48LNKoKHcNHZTEREdP6IS63BN8+8rFSOrIKAd0 97qjEsf2GbefoY3ojDcRpDXgejO0N/ns3RRtBqGTLXmTaU86qkbGAlLDNMu8ID35kM 93OkR8qgcDf3A== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:01 +0100 Subject: [PATCH v4 48/72] selftests/namespaces: first listns() permission test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-48-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=4957; i=brauner@kernel.org; h=from:subject:message-id; bh=pxS104PFU7e80xD7prEOFJiL/3Pdar0FDU7ENFtkjlI=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfU9vFC7NlSZP0rguHp8acfDZxnRd571yjvFmK46+ /Hpqb3ZHaUsDGJcDLJiiiwO7Sbhcst5KjYbZWrAzGFlAhnCwMUpABNZWcTIMNXv3IsX/nejgswj Np6ZtnvbzZXdW+9ti3HwY1affvJx9BRGhh8re7X1V95arxzScPacSH1wwIeNt9KiL03xCp145q+ NLgsA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that unprivileged users can only see namespaces they're currently in. Create a namespace, drop privileges, verify we can only see our own namespaces. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/.gitignore | 1 + tools/testing/selftests/namespaces/Makefile | 3 +- .../selftests/namespaces/listns_permissions_test.c | 131 +++++++++++++++++= ++++ 3 files changed, 134 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/namespaces/.gitignore b/tools/testing/= selftests/namespaces/.gitignore index 5065f07e92c9..17f9c675a60b 100644 --- a/tools/testing/selftests/namespaces/.gitignore +++ b/tools/testing/selftests/namespaces/.gitignore @@ -3,3 +3,4 @@ file_handle_test init_ino_test ns_active_ref_test listns_test +listns_permissions_test diff --git a/tools/testing/selftests/namespaces/Makefile b/tools/testing/se= lftests/namespaces/Makefile index de708f4df159..2dd22bc68b89 100644 --- a/tools/testing/selftests/namespaces/Makefile +++ b/tools/testing/selftests/namespaces/Makefile @@ -2,10 +2,11 @@ CFLAGS +=3D -Wall -O0 -g $(KHDR_INCLUDES) $(TOOLS_INCLUDES) LDLIBS +=3D -lcap =20 -TEST_GEN_PROGS :=3D nsid_test file_handle_test init_ino_test ns_active_ref= _test listns_test +TEST_GEN_PROGS :=3D nsid_test file_handle_test init_ino_test ns_active_ref= _test listns_test listns_permissions_test =20 include ../lib.mk =20 $(OUTPUT)/ns_active_ref_test: ../filesystems/utils.c $(OUTPUT)/listns_test: ../filesystems/utils.c +$(OUTPUT)/listns_permissions_test: ../filesystems/utils.c =20 diff --git a/tools/testing/selftests/namespaces/listns_permissions_test.c b= /tools/testing/selftests/namespaces/listns_permissions_test.c new file mode 100644 index 000000000000..907fe419ec22 --- /dev/null +++ b/tools/testing/selftests/namespaces/listns_permissions_test.c @@ -0,0 +1,131 @@ +// SPDX-License-Identifier: GPL-2.0 +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "../filesystems/utils.h" +#include "wrappers.h" + +/* + * Test that unprivileged users can only see namespaces they're currently = in. + * Create a namespace, drop privileges, verify we can only see our own nam= espaces. + */ +TEST(listns_unprivileged_current_only) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[100]; + ssize_t ret; + int pipefd[2]; + pid_t pid; + int status; + bool found_ours; + int unexpected_count; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int fd; + __u64 our_netns_id; + bool found_ours; + int unexpected_count; + + close(pipefd[0]); + + /* Create user namespace to be unprivileged */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + /* Create a network namespace */ + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + /* Get our network namespace ID */ + fd =3D open("/proc/self/ns/net", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &our_netns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Now we're unprivileged - list all network namespaces */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + close(pipefd[1]); + exit(1); + } + + /* We should only see our own network namespace */ + found_ours =3D false; + unexpected_count =3D 0; + + for (ssize_t i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D our_netns_id) { + found_ours =3D true; + } else { + /* This is either init_net (which we can see) or unexpected */ + unexpected_count++; + } + } + + /* Send results to parent */ + write(pipefd[1], &found_ours, sizeof(found_ours)); + write(pipefd[1], &unexpected_count, sizeof(unexpected_count)); + close(pipefd[1]); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + + found_ours =3D false; + unexpected_count =3D 0; + read(pipefd[0], &found_ours, sizeof(found_ours)); + read(pipefd[0], &unexpected_count, sizeof(unexpected_count)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Child should have seen its own namespace */ + ASSERT_TRUE(found_ours); + + TH_LOG("Unprivileged child saw its own namespace, plus %d others (likely = init_net)", + unexpected_count); +} + +TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1BBEF34DB56; Wed, 29 Oct 2025 12:24:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740688; cv=none; b=bTKuRtyK0/XvN0Ib2RxObouFNOfdM3zRYbn9/Rou0gVxqfPz4lrJOnuXYNfqoFx0D2e+FEC9FdALs7iTzS3oYohLXotHkS71xAjYLe4EN1BjddEiCuYq7pdM0c5iy9MlY1usWNseDA8DQvrW5WnHnj1Mvzd2zmeTIl6Ewa4STVk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740688; c=relaxed/simple; bh=/wqqJQoHPy6n2tHb+24Li+Lu21E+HeJSWgV7yWDzDrk=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=aDZwCjTCqBL9B05nH+2idmLfMUTX0Mk4ejbjpnjkxNag+0IoWjeq93RXJJ8Gi1NnbGlw4pRdmq0e8T+oKLvk+ahylOK0Oz5U43WBufpRSklPl7KMs0+MReoxHDiTEy2HDKFp2oKb+K0dPS6u9GVvq7eXe3ipmZK60ZZ+MAUKq+k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=W2XEC0WU; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="W2XEC0WU" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 46BE0C4CEFD; Wed, 29 Oct 2025 12:24:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740686; bh=/wqqJQoHPy6n2tHb+24Li+Lu21E+HeJSWgV7yWDzDrk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=W2XEC0WUW0T2gpEPCOB1YPGwINSIVf4JdFGAw+YafN8uuVNoAbPwcREVBIkhHY0nq nsZaPIcD+cV2wjlAgBml0U0eLYsNAH3lQ1J0I28nZs/VmP/WSa9wO+dxglFSdb02uv 813+KNiPkue8i2VnL705uy3aQjkZvu7SrS7ECGVd6JH1FxSuzw2HF9yWjAQELiesX9 vdmMRMnT2gHI2pPWPPYv/+wfLwc4fZATcVHlgcCAHnsjWKyuMZaNSEYWvc6y0aDir0 yPUIPQX0sINVP9EhepVWip1hEYNlMGZA58xvfU4WKGi0voeESxq9XxS5FghQAH1OiV aQVY1AGmLZsRQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:02 +0100 Subject: [PATCH v4 49/72] selftests/namespaces: second listns() permission test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-49-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3018; i=brauner@kernel.org; h=from:subject:message-id; bh=/wqqJQoHPy6n2tHb+24Li+Lu21E+HeJSWgV7yWDzDrk=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfV/3ThdjWOmxdaW/sPGs1SkDSSNlz/NNrq15ZuAW OnSttXSHaUsDGJcDLJiiiwO7Sbhcst5KjYbZWrAzGFlAhnCwMUpABNZWsrIsPqJ3PRli5g07vwq Ou9qf6gvIflgp6j/PpZbZvbzyjeumsjI0FQuW5/Iq5sYFcrx+aKWK1d25EfOk49SvcP+HA6+duA IFwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that users with CAP_SYS_ADMIN in a user namespace can see all namespaces owned by that user namespace. Signed-off-by: Christian Brauner --- .../selftests/namespaces/listns_permissions_test.c | 100 +++++++++++++++++= ++++ 1 file changed, 100 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_permissions_test.c b= /tools/testing/selftests/namespaces/listns_permissions_test.c index 907fe419ec22..c99c87cca046 100644 --- a/tools/testing/selftests/namespaces/listns_permissions_test.c +++ b/tools/testing/selftests/namespaces/listns_permissions_test.c @@ -128,4 +128,104 @@ TEST(listns_unprivileged_current_only) unexpected_count); } =20 +/* + * Test that users with CAP_SYS_ADMIN in a user namespace can see + * all namespaces owned by that user namespace. + */ +TEST(listns_cap_sys_admin_in_userns) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, /* All types */ + .spare2 =3D 0, + .user_ns_id =3D 0, /* Will be set to our created user namespace */ + }; + __u64 ns_ids[100]; + int pipefd[2]; + pid_t pid; + int status; + bool success; + ssize_t count; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int fd; + __u64 userns_id; + ssize_t ret; + int min_expected; + bool success; + + close(pipefd[0]); + + /* Create user namespace - we'll have CAP_SYS_ADMIN in it */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + /* Get the user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Create several namespaces owned by this user namespace */ + unshare(CLONE_NEWNET); + unshare(CLONE_NEWUTS); + unshare(CLONE_NEWIPC); + + /* List namespaces owned by our user namespace */ + req.user_ns_id =3D userns_id; + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + close(pipefd[1]); + exit(1); + } + + /* + * We have CAP_SYS_ADMIN in this user namespace, + * so we should see all namespaces owned by it. + * That includes: net, uts, ipc, and the user namespace itself. + */ + min_expected =3D 4; + success =3D (ret >=3D min_expected); + + write(pipefd[1], &success, sizeof(success)); + write(pipefd[1], &ret, sizeof(ret)); + close(pipefd[1]); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + + success =3D false; + count =3D 0; + read(pipefd[0], &success, sizeof(success)); + read(pipefd[0], &count, sizeof(count)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_TRUE(success); + TH_LOG("User with CAP_SYS_ADMIN saw %zd namespaces owned by their user na= mespace", + count); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4C45234DB56; Wed, 29 Oct 2025 12:24:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740692; cv=none; b=gs0/aaO9OstY+gql+Bad+7ni6YQA7yIRwJhlEkWXmtip29w/IvFPb0o9ZY5ikL8FXNdcE/tWchIL4f4scdYBlb/dOaucHBnXwE2A2n9x7qvzAfIaPR7QJ0rFcBCrvnfGw7Yvd2BSpLGtm2E/yHzN8s8eGfOWG7dbwBiVQHd7szw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740692; c=relaxed/simple; bh=BRZDSulpqgKAoYJKytoqb4ZSZJTwZJCYiydXZiVuqVY=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=HdyOuA9QGg99e1k+Ti0kOCyW05L8lkuDN/mYPF5vDHyw8ll2kE2f9Pju5pSoQd/sS+3EjQtsMi6KPUgYMOyEDm47rBsPwIBwVUqb5yAd4cOF5FhujDf5/5/pyYxYhkpjN0p8NWTbjNzYNPaYO9j5/vzfErGcqjguxaWrgFRBdQk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=XOuKStk7; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="XOuKStk7" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 34CFBC4CEF7; Wed, 29 Oct 2025 12:24:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740692; bh=BRZDSulpqgKAoYJKytoqb4ZSZJTwZJCYiydXZiVuqVY=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=XOuKStk7kKPLL9uZUbud2tMiJHyFn4nl7d15b8cMhxHfw/PEBPsq1AZSWfTJJNvyd jZh11CtelFV3LJjFp2YnT/Os5m9oTIu502/HVVSmx+iOmW8in+msd/PcRWkJYodwoH fjrbrkvqjdrNxrodtrEix8ikmFNI+dlryrSHIcKu3OzGd6jaxKNEEeNhgftFJxKa1w zP9rcC8WGMOPgzFwYhaVJITQVeY9b6TuaiC/OlzDOVcguv8JcG47TT7VQnP3kvV9PQ kaOw1+sMrbL7f2rLFzQ+HxUDXjlcBPwRS3Str2MW5AvMcRVtvijdBdBPzIODoStZDU XRDl43SwQcUvg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:03 +0100 Subject: [PATCH v4 50/72] selftests/namespaces: third listns() permission test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-50-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=4038; i=brauner@kernel.org; h=from:subject:message-id; bh=BRZDSulpqgKAoYJKytoqb4ZSZJTwZJCYiydXZiVuqVY=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfVrhV/92LP6UkPJgg2ztqfNSZ1ac0Ky7L3mo3Xvc l9WGgcydpSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAExk8zJGhh8XJn6uX76be22F kGlUaZDqkvtS4Wqf9zEXvHtWuTrQP4Xhv0PixTmbwn9ONFOKCXjclMYyT/PGcuUwLxe1p9NjWGJ e8gAA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that users cannot see namespaces from unrelated user namespaces. Create two sibling user namespaces, verify they can't see each other's owned namespaces. Signed-off-by: Christian Brauner --- .../selftests/namespaces/listns_permissions_test.c | 138 +++++++++++++++++= ++++ 1 file changed, 138 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_permissions_test.c b= /tools/testing/selftests/namespaces/listns_permissions_test.c index c99c87cca046..aed7288c7eca 100644 --- a/tools/testing/selftests/namespaces/listns_permissions_test.c +++ b/tools/testing/selftests/namespaces/listns_permissions_test.c @@ -228,4 +228,142 @@ TEST(listns_cap_sys_admin_in_userns) count); } =20 +/* + * Test that users cannot see namespaces from unrelated user namespaces. + * Create two sibling user namespaces, verify they can't see each other's + * owned namespaces. + */ +TEST(listns_cannot_see_sibling_userns_namespaces) +{ + int pipefd[2]; + pid_t pid1, pid2; + int status; + __u64 netns_a_id; + int pipefd2[2]; + bool found_sibling_netns; + + ASSERT_EQ(pipe(pipefd), 0); + + /* Fork first child - creates user namespace A */ + pid1 =3D fork(); + ASSERT_GE(pid1, 0); + + if (pid1 =3D=3D 0) { + int fd; + __u64 netns_a_id; + char buf; + + close(pipefd[0]); + + /* Create user namespace A */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + /* Create network namespace owned by user namespace A */ + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + /* Get network namespace ID */ + fd =3D open("/proc/self/ns/net", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &netns_a_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Send namespace ID to parent */ + write(pipefd[1], &netns_a_id, sizeof(netns_a_id)); + + /* Keep alive for sibling to check */ + read(pipefd[1], &buf, 1); + close(pipefd[1]); + exit(0); + } + + /* Parent reads namespace A ID */ + close(pipefd[1]); + netns_a_id =3D 0; + read(pipefd[0], &netns_a_id, sizeof(netns_a_id)); + + TH_LOG("User namespace A created network namespace with ID %llu", + (unsigned long long)netns_a_id); + + /* Fork second child - creates user namespace B */ + ASSERT_EQ(pipe(pipefd2), 0); + + pid2 =3D fork(); + ASSERT_GE(pid2, 0); + + if (pid2 =3D=3D 0) { + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[100]; + ssize_t ret; + bool found_sibling_netns; + + close(pipefd[0]); + close(pipefd2[0]); + + /* Create user namespace B (sibling to A) */ + if (setup_userns() < 0) { + close(pipefd2[1]); + exit(1); + } + + /* Try to list all network namespaces */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + + found_sibling_netns =3D false; + if (ret > 0) { + for (ssize_t i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_a_id) { + found_sibling_netns =3D true; + break; + } + } + } + + /* We should NOT see the sibling's network namespace */ + write(pipefd2[1], &found_sibling_netns, sizeof(found_sibling_netns)); + close(pipefd2[1]); + exit(0); + } + + /* Parent reads result from second child */ + close(pipefd2[1]); + found_sibling_netns =3D false; + read(pipefd2[0], &found_sibling_netns, sizeof(found_sibling_netns)); + close(pipefd2[0]); + + /* Signal first child to exit */ + close(pipefd[0]); + + /* Wait for both children */ + waitpid(pid2, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + + waitpid(pid1, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + + /* Second child should NOT have seen first child's namespace */ + ASSERT_FALSE(found_sibling_netns); + TH_LOG("User namespace B correctly could not see sibling namespace A's ne= twork namespace"); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EBD6D3855B0; Wed, 29 Oct 2025 12:24:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740698; cv=none; b=Eg3RvJ5CF2q/z6KJugFdsDCYwT+6a0J09q7Pj4BYThr/7A2RnOFrCDRGx6omM6fnpi4TSCgpQW4ypM/l3yeINan/0KJ9pDRhg+VRVA7m6VFFv5YWy4jWoLHpT7EPDQ9+rHPKKzeHita+iyM7e4mDF1E/VY5Q/cp/5Zn5UjuSXbo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740698; c=relaxed/simple; bh=2cVn/rLMAtz+rjww4mseoVKumw7c91HQOHzmtSbA+4Q=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=JEA5ybWP6aMGLKiyLWijvQpBSaqmDrzJ+uSALXT4+NsAo/XwNu6Ch7R/pcT5HvD4radrO3fLYN7LbBf6U6hY/L7igP4gA6+cp+t5Zx+x7tZyV6M3i2wpdOsEpRpTIc6ZIxed8Lr8eNIp5FzMzlmZ2wc+hS9etPJA2jgt6niqmpE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=GqBjq4kq; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="GqBjq4kq" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 81FEEC4CEFD; Wed, 29 Oct 2025 12:24:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740697; bh=2cVn/rLMAtz+rjww4mseoVKumw7c91HQOHzmtSbA+4Q=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=GqBjq4kqMnZ46w1uTSS6/DWln99+3lMSBB+pQC3+FReZ12KIIRnOkh0i0qcFhun/S 87ER+Pc066q4kVfmNeRk7nNLMq4Q8Fzq8nBQtBRrUNP9+bu3DQyEXg9xOwNLGRT+5S 5tlmCcP+YkK4OojvDuDfsh5CBbm6pNCLUqFcIDleMJ8BKgKEYaF9yyXomaJNemxOtb kLX4Nmn/aKvUBZPKVG06OYSaKnR2lKPoxLTugzBySkkL5X6Q00hUhwZVQcsnEQ1eTD w8Mc1MyXbmVS66Q8jZ8flJm6aU2cG9vXgwvxROBM7nNsppBL7PkrVpp86giiQRR9cz xYn/XBjZhhI+g== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:04 +0100 Subject: [PATCH v4 51/72] selftests/namespaces: fourth listns() permission test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-51-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2498; i=brauner@kernel.org; h=from:subject:message-id; bh=2cVn/rLMAtz+rjww4mseoVKumw7c91HQOHzmtSbA+4Q=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfULaHp/zjNV7N+kcE6/2/Gviq3+cs7pk16IMy7au KrwYnBMRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwER2SzAy/OQsunEyZbdMlv77 F1sCp1ed33Z++kzfkwr8Tjsvb53xbAEjwznOaIXd9Xuj2c4E565/dNHlWX9I0RzJFdx5T5ZPOPl 6Jy8A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test permission checking with LISTNS_CURRENT_USER. Verify that listing with LISTNS_CURRENT_USER respects permissions. Signed-off-by: Christian Brauner --- .../selftests/namespaces/listns_permissions_test.c | 76 ++++++++++++++++++= ++++ 1 file changed, 76 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_permissions_test.c b= /tools/testing/selftests/namespaces/listns_permissions_test.c index aed7288c7eca..7727c5964104 100644 --- a/tools/testing/selftests/namespaces/listns_permissions_test.c +++ b/tools/testing/selftests/namespaces/listns_permissions_test.c @@ -366,4 +366,80 @@ TEST(listns_cannot_see_sibling_userns_namespaces) TH_LOG("User namespace B correctly could not see sibling namespace A's ne= twork namespace"); } =20 +/* + * Test permission checking with LISTNS_CURRENT_USER. + * Verify that listing with LISTNS_CURRENT_USER respects permissions. + */ +TEST(listns_current_user_permissions) +{ + int pipefd[2]; + pid_t pid; + int status; + bool success; + ssize_t count; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, + .spare2 =3D 0, + .user_ns_id =3D LISTNS_CURRENT_USER, + }; + __u64 ns_ids[100]; + ssize_t ret; + bool success; + + close(pipefd[0]); + + /* Create user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + /* Create some namespaces owned by this user namespace */ + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + if (unshare(CLONE_NEWUTS) < 0) { + close(pipefd[1]); + exit(1); + } + + /* List with LISTNS_CURRENT_USER - should see our owned namespaces */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + + success =3D (ret >=3D 3); /* At least user, net, uts */ + write(pipefd[1], &success, sizeof(success)); + write(pipefd[1], &ret, sizeof(ret)); + close(pipefd[1]); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + + success =3D false; + count =3D 0; + read(pipefd[0], &success, sizeof(success)); + read(pipefd[0], &count, sizeof(count)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_TRUE(success); + TH_LOG("LISTNS_CURRENT_USER returned %zd namespaces", count); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D815A34EEEC; Wed, 29 Oct 2025 12:25:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740704; cv=none; b=ZVinDhXhNzc3Z6qQoqNMnK/BOjevH4IKHPOi7iOcXDugkzK+iTWQYd3YPb1w/WJPMPG8ONLzYqcsd9vFH4cSeGcToazu/WoPPkrXztU5Aqj5sJswOu7pWKhEEgf/wYdAq1JasO8DEw45lvke/UBhfcKe52tCgPGnA5Hf+x/A34s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740704; c=relaxed/simple; bh=2cIPwZqTW4MWIZYsYx6FhB5M6WCZGsZgp86akiGTfiE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=DKjjDl1/tXDlqiy7FQSkFrJdaLpRDyD7ASD6YTNH2bhjU6ntq74kzIAqHzBjD0WzCO+LnEiki2niPdlvGAgHJokQFMABXQK2JZewWq5hp6xJbhEocBadgQP5UCH9g2lpooZyPUl7+qLOfNGiGubqgTZK4Y/j2SzMhHRHbc73SUw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=oM7La0BY; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="oM7La0BY" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 01E74C4CEF7; Wed, 29 Oct 2025 12:24:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740702; bh=2cIPwZqTW4MWIZYsYx6FhB5M6WCZGsZgp86akiGTfiE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=oM7La0BYyPwUb6Lc2201zNbBK2oLQ3UWNP50eMDrpMpNG8vOKWbZmMY1D5YDI/jaP TRrJkKo825K2W8Xg4838/e0OlNgU5alhm6doqKrBa7MCpDdoWr8BTdCVG6a2PiZSg6 XsEGEOa8M/A6odUjJh+QT/QAhz/BDZky0B/mqc4NCyUQj7ynnRjFAbb2sd+JxsvnVD NCAlgG7R0hvca8xVj7EOaEKRNUJa87HuUuGL/8Xc76+b6Ppk1D+N4bNQ9Qa4vl+1RQ oDRVkDAPKDjQp6uzaL5dpygtgYKYXPVUrwgPOtN2/yXrjty5YG/GXR440NqFSM5s1f doEv5q6/wT1rw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:05 +0100 Subject: [PATCH v4 52/72] selftests/namespaces: fifth listns() permission test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-52-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3453; i=brauner@kernel.org; h=from:subject:message-id; bh=2cIPwZqTW4MWIZYsYx6FhB5M6WCZGsZgp86akiGTfiE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXvfvC76xh7l8YbH2GZF0cMJmXeEO1n/3u5f6bBW 6bHX37N6ShlYRDjYpAVU2RxaDcJl1vOU7HZKFMDZg4rE8gQBi5OAZiIoQ3Df2dp44LLc3kXO6r5 q7l93ef6c+k9PgGelt9ZXvVB7lv2lTD8Fdg8p0Ug3POXIsfxL6KFMRvnmvduf/fs7Pqce/ktk7q D2QE= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that CAP_SYS_ADMIN in parent user namespace allows seeing child user namespace's owned namespaces. Signed-off-by: Christian Brauner --- .../selftests/namespaces/listns_permissions_test.c | 119 +++++++++++++++++= ++++ 1 file changed, 119 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_permissions_test.c b= /tools/testing/selftests/namespaces/listns_permissions_test.c index 7727c5964104..b990b785dd7f 100644 --- a/tools/testing/selftests/namespaces/listns_permissions_test.c +++ b/tools/testing/selftests/namespaces/listns_permissions_test.c @@ -442,4 +442,123 @@ TEST(listns_current_user_permissions) TH_LOG("LISTNS_CURRENT_USER returned %zd namespaces", count); } =20 +/* + * Test that CAP_SYS_ADMIN in parent user namespace allows seeing + * child user namespace's owned namespaces. + */ +TEST(listns_parent_userns_cap_sys_admin) +{ + int pipefd[2]; + pid_t pid; + int status; + bool found_child_userns; + ssize_t count; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int fd; + __u64 parent_userns_id; + __u64 child_userns_id; + struct ns_id_req req; + __u64 ns_ids[100]; + ssize_t ret; + bool found_child_userns; + + close(pipefd[0]); + + /* Create parent user namespace - we have CAP_SYS_ADMIN in it */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + /* Get parent user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &parent_userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Create child user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + /* Get child user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &child_userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Create namespaces owned by child user namespace */ + if (unshare(CLONE_NEWNET) < 0) { + close(pipefd[1]); + exit(1); + } + + /* List namespaces owned by parent user namespace */ + req.size =3D sizeof(req); + req.spare =3D 0; + req.ns_id =3D 0; + req.ns_type =3D 0; + req.spare2 =3D 0; + req.user_ns_id =3D parent_userns_id; + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + + /* Should see child user namespace in the list */ + found_child_userns =3D false; + if (ret > 0) { + for (ssize_t i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D child_userns_id) { + found_child_userns =3D true; + break; + } + } + } + + write(pipefd[1], &found_child_userns, sizeof(found_child_userns)); + write(pipefd[1], &ret, sizeof(ret)); + close(pipefd[1]); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + + found_child_userns =3D false; + count =3D 0; + read(pipefd[0], &found_child_userns, sizeof(found_child_userns)); + read(pipefd[0], &count, sizeof(count)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_TRUE(found_child_userns); + TH_LOG("Process with CAP_SYS_ADMIN in parent user namespace saw child use= r namespace (total: %zd)", + count); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6F5E232571E; Wed, 29 Oct 2025 12:25:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740707; cv=none; b=KYFprGrMS3ziLr1PFTFLan5v7pg8ARB5PUKVhVkXtQE6f/EfwMwpK2ugM+IysVXaP0lURUftPSDeefOekp9zymYh3qLijJNnce0U2NIwXXE/fTPSlJZv066m9vtrf/453idgbOcAM0A/0sjT450vw5zelQ2uU5FL3zSwWNCDBFs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740707; c=relaxed/simple; bh=jlxGmvG3TRBGBU95oespXIKDq7FaoNyvL6StJ8L+zuI=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=uDPOELeiaUD8UpIpHz6IBqbEf1XUvsKmeRk23G7USmPGsloUVrmNBwMTZB+7DsF091EVxFwJXC/mZs4dPOZ13fNQAehRUxvk0iyCPJVHK5hpFE+rPEz8hI44W+W6Y9zsP+GuIJl65MDTCXBb+i7xM6C8W16dRFbqygHL5lb/CUs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=TC9qBPjf; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="TC9qBPjf" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E38E4C4CEFF; Wed, 29 Oct 2025 12:25:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740707; bh=jlxGmvG3TRBGBU95oespXIKDq7FaoNyvL6StJ8L+zuI=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=TC9qBPjfKtifYJDMZ/N6sYRg7ELkUeMVr4eLWqPhD/M3R4uoEPYLEPoBOg52npPQ0 JdN5oqDtu5qn7hEoAfHN2S4Ejh5V+CgoNvDS6jNPH29gtedcvqSwNrHiEbRsIwPcDb QwZNTCiwn+3UEjWhyTHStKK5sy3JfIjTEF8zB632w231XBv2awcGt6D70YksqPXwGR RluH8byN9gf+qamBaGvO6M+vE0qEoLL7zWsRs8PuK4V7DwMHnMtZCByUcbcxKyFDTA g9xTQcIkBocKNgoFIHhCVlsSB8t/mneHjuQiORT8j36hSm7In7O+C0Yk6b14NG2EXI hF3SLKLyjPc8w== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:06 +0100 Subject: [PATCH v4 53/72] selftests/namespaces: sixth listns() permission test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-53-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2646; i=brauner@kernel.org; h=from:subject:message-id; bh=jlxGmvG3TRBGBU95oespXIKDq7FaoNyvL6StJ8L+zuI=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWz10z497741aVm25lC52dVWXhNvf1M+tg9pW19j txC71+6dpSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAEzkwVlGhraVl+Ps5trMDLd4 ZX7/2Jnuao+j1+fOSPqv1TNr9rZ+6+eMDPfmh0+ui5J/m231YiJLo+jdwmXCd5ZpK5/7mrtoe+P Tr6wA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that we can see user namespaces we have CAP_SYS_ADMIN inside of. This is different from seeing namespaces owned by a user namespace. Signed-off-by: Christian Brauner --- .../selftests/namespaces/listns_permissions_test.c | 87 ++++++++++++++++++= ++++ 1 file changed, 87 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_permissions_test.c b= /tools/testing/selftests/namespaces/listns_permissions_test.c index b990b785dd7f..9aa06ff76333 100644 --- a/tools/testing/selftests/namespaces/listns_permissions_test.c +++ b/tools/testing/selftests/namespaces/listns_permissions_test.c @@ -561,4 +561,91 @@ TEST(listns_parent_userns_cap_sys_admin) count); } =20 +/* + * Test that we can see user namespaces we have CAP_SYS_ADMIN inside of. + * This is different from seeing namespaces owned by a user namespace. + */ +TEST(listns_cap_sys_admin_inside_userns) +{ + int pipefd[2]; + pid_t pid; + int status; + bool found_ours; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int fd; + __u64 our_userns_id; + struct ns_id_req req; + __u64 ns_ids[100]; + ssize_t ret; + bool found_ours; + + close(pipefd[0]); + + /* Create user namespace - we have CAP_SYS_ADMIN inside it */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + /* Get our user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &our_userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* List all user namespaces globally */ + req.size =3D sizeof(req); + req.spare =3D 0; + req.ns_id =3D 0; + req.ns_type =3D CLONE_NEWUSER; + req.spare2 =3D 0; + req.user_ns_id =3D 0; + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + + /* We should be able to see our own user namespace */ + found_ours =3D false; + if (ret > 0) { + for (ssize_t i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D our_userns_id) { + found_ours =3D true; + break; + } + } + } + + write(pipefd[1], &found_ours, sizeof(found_ours)); + close(pipefd[1]); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + + found_ours =3D false; + read(pipefd[0], &found_ours, sizeof(found_ours)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_TRUE(found_ours); + TH_LOG("Process can see user namespace it has CAP_SYS_ADMIN inside of"); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C0F043271F1; Wed, 29 Oct 2025 12:25:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740712; cv=none; b=VsocierDxJxQ/8z/UO+jmWLaIHgHjp32oGY06UvkD4mhhkVWmMRKqQ3RWw+F1HGII1di4n2L++iT2/6+uo4e4XOndQ0GoniCJRz0LY+MtuK6p43Q4lI5TufFa2tyPmYh6vAHNVSUBT2EdgU/326HrquO72sAqFuC/N1QiRl4Wf4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740712; c=relaxed/simple; bh=lxk3HyfGnG2LzFtd9uD08385YY9HWIbP9txgILZ5aFQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=AOvmL7ZDKwyla4PKHkmaVxgRqE8nIw1XQmUjxlRWVQzRSWMA6xPOASPQSDASx2KqcAWUUyN8iIgwxmY7gUry9iRadk8UYfnnqD2PuXcj/03l7t/Pz9+8+W27lmi3ZLASWIvsnKoSKDguvX8RCLPEqLz+y45QtM54K9Nlt1mtWjw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=qDjk5PFV; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="qDjk5PFV" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C0CA4C116B1; Wed, 29 Oct 2025 12:25:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740712; bh=lxk3HyfGnG2LzFtd9uD08385YY9HWIbP9txgILZ5aFQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=qDjk5PFVNfVA7t/elYjPCBRbnMisSHODB3s6btyV0MEPeA9POvC9wIWuXEFWT5zXC uXIu80qEG4OShSIS2aiz7EDV7otagu5YpwkHRvDeFCKlJqS/1GkXmbYmm7/uaeS9K5 eKY9BHaIrcxRR2+9DQlJXDeug8Q1L9oI3rPE/tzrwE+L1FK6Bq6JtJAPgmEEGqM4fa FCMohp7sNNx7RnprZC70f5IN0aqR7irFyZj6ei1mPync8Gu/HWA8FxgtBoDPCbrkV1 ipqbmFSZpjw+uks/ZqhIItmjsGP4M2S4TxrI+s49Iw/kzht2hTtjF9IKSEPmeW5yvM hPtWftx2PRAQw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:07 +0100 Subject: [PATCH v4 54/72] selftests/namespaces: seventh listns() permission test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-54-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3491; i=brauner@kernel.org; h=from:subject:message-id; bh=lxk3HyfGnG2LzFtd9uD08385YY9HWIbP9txgILZ5aFQ=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfX7Tmg+K9CYf3z6lpqDzw2NlFRXG01TZ+rX8tuRN v/2uQTDjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgJtsz8iwK2Px0hvrWW6dfc4f ftTzroR5jkjVzc3JYVtubvvuL7rdkeGfmmRz7ByLzIM/+Tm8flvVVVyW52ebfFlnc6an3SNv11R WAA== X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that dropping CAP_SYS_ADMIN restricts what we can see. Signed-off-by: Christian Brauner --- .../selftests/namespaces/listns_permissions_test.c | 108 +++++++++++++++++= ++++ 1 file changed, 108 insertions(+) diff --git a/tools/testing/selftests/namespaces/listns_permissions_test.c b= /tools/testing/selftests/namespaces/listns_permissions_test.c index 9aa06ff76333..82d818751a5f 100644 --- a/tools/testing/selftests/namespaces/listns_permissions_test.c +++ b/tools/testing/selftests/namespaces/listns_permissions_test.c @@ -648,4 +648,112 @@ TEST(listns_cap_sys_admin_inside_userns) TH_LOG("Process can see user namespace it has CAP_SYS_ADMIN inside of"); } =20 +/* + * Test that dropping CAP_SYS_ADMIN restricts what we can see. + */ +TEST(listns_drop_cap_sys_admin) +{ + cap_t caps; + cap_value_t cap_list[1] =3D { CAP_SYS_ADMIN }; + + /* This test needs to start with CAP_SYS_ADMIN */ + caps =3D cap_get_proc(); + if (!caps) { + SKIP(return, "Cannot get capabilities"); + } + + cap_flag_value_t cap_val; + if (cap_get_flag(caps, CAP_SYS_ADMIN, CAP_EFFECTIVE, &cap_val) < 0) { + cap_free(caps); + SKIP(return, "Cannot check CAP_SYS_ADMIN"); + } + + if (cap_val !=3D CAP_SET) { + cap_free(caps); + SKIP(return, "Test needs CAP_SYS_ADMIN to start"); + } + cap_free(caps); + + int pipefd[2]; + pid_t pid; + int status; + bool correct; + ssize_t count_before, count_after; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET, + .spare2 =3D 0, + .user_ns_id =3D LISTNS_CURRENT_USER, + }; + __u64 ns_ids_before[100]; + ssize_t count_before; + __u64 ns_ids_after[100]; + ssize_t count_after; + bool correct; + + close(pipefd[0]); + + /* Create user namespace */ + if (setup_userns() < 0) { + close(pipefd[1]); + exit(1); + } + + /* Count namespaces with CAP_SYS_ADMIN */ + count_before =3D sys_listns(&req, ns_ids_before, ARRAY_SIZE(ns_ids_befor= e), 0); + + /* Drop CAP_SYS_ADMIN */ + caps =3D cap_get_proc(); + if (caps) { + cap_set_flag(caps, CAP_EFFECTIVE, 1, cap_list, CAP_CLEAR); + cap_set_flag(caps, CAP_PERMITTED, 1, cap_list, CAP_CLEAR); + cap_set_proc(caps); + cap_free(caps); + } + + /* Ensure we can't regain the capability */ + prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + + /* Count namespaces without CAP_SYS_ADMIN */ + count_after =3D sys_listns(&req, ns_ids_after, ARRAY_SIZE(ns_ids_after),= 0); + + /* Without CAP_SYS_ADMIN, we should see same or fewer namespaces */ + correct =3D (count_after <=3D count_before); + + write(pipefd[1], &correct, sizeof(correct)); + write(pipefd[1], &count_before, sizeof(count_before)); + write(pipefd[1], &count_after, sizeof(count_after)); + close(pipefd[1]); + exit(0); + } + + /* Parent */ + close(pipefd[1]); + + correct =3D false; + count_before =3D 0; + count_after =3D 0; + read(pipefd[0], &correct, sizeof(correct)); + read(pipefd[0], &count_before, sizeof(count_before)); + read(pipefd[0], &count_after, sizeof(count_after)); + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + ASSERT_TRUE(correct); + TH_LOG("With CAP_SYS_ADMIN: %zd namespaces, without: %zd namespaces", + count_before, count_after); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7CBE532721D; Wed, 29 Oct 2025 12:25:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740718; cv=none; b=iDZxmPAZLED/X3/mehEOstZzuXDpC69dXpRoDdaBR0leuPqidO7Mc3rcnCjPzPCOySxVGZ1qJTkmIpEyuR4tVW6YmjF/B2hFCLyFf23MTnw3fNIashDrJHAggVByXBRFJcpjHxKO0vGj0SS3gWTt8uZW5prOXxtvwiUz0+axYBM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740718; c=relaxed/simple; bh=YEySNnwHHlcAx8fWB+paH4j8S+yvwldW7xKcAutT9lM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=aXttWv/mfMzrk2+Orc0HZ0csS60qHX0Ayo1TREvDgqI2Bb0UXKBJpPLsGE7G2M4LLXaw9/fiu9uBeS0erUWPsG9HFPnUuHODDjrawzJWAdReLm8KcO8YWpTiZvr/yZnZzkoB+0gH1DZcoq+3ySaE0rnMykFnDG9b84ti0TSqiv0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=alegEg+W; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="alegEg+W" Received: by smtp.kernel.org (Postfix) with ESMTPSA id ABF2BC4CEF7; Wed, 29 Oct 2025 12:25:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740717; bh=YEySNnwHHlcAx8fWB+paH4j8S+yvwldW7xKcAutT9lM=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=alegEg+WcJzxaHq0d3Mu8J/r0uwNGYiPGYY6J50eS9OgmZdIDS1rOhiMcZ8Ue6AQV 5Ma4HSSoCyxrfDHOQ19AnfRTtvVGfbjifJsz6TjkRAOzaSSTuyhgNp0k9xGZzQ+/Q5 Zs19Ss1bmLsB2cB8Vl901HKmXv31WAU4Qg0tYQUOQlYJxjpyBfaer9b3wIkhnNUPct xsq0Bw5xSSPDKfwq/k/7GPyk36Nig28WnY6GnmOTB29o77K9HXzCEBuV/+GgryEY1W bvAp7IbI3uJjvS2APMhb32HnzguypJIA8tDFlkBXH4/esX2eBgQ320w8wxTb7oWwWN Hk0i71EbikrrQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:08 +0100 Subject: [PATCH v4 55/72] selftests/namespaces: first inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-55-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3689; i=brauner@kernel.org; h=from:subject:message-id; bh=YEySNnwHHlcAx8fWB+paH4j8S+yvwldW7xKcAutT9lM=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfW32czN1b10LU/Q+8wn9tSeqffV3Tlexbxa2XdB2 ecQu25aRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwESOlTL8j7TxDCn4xve3Mcln TVTt9abCeypL0sJuf+Vza/TcpuM/gZFh8p8DnIb5gpJ2V1r6emZI6b3tl4usYLr65dLSoj1LlV+ wAwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test basic SIOCGSKNS functionality. Create a socket and verify SIOCGSKNS returns the correct network namespace. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/.gitignore | 1 + tools/testing/selftests/namespaces/Makefile | 9 ++- .../testing/selftests/namespaces/siocgskns_test.c | 72 ++++++++++++++++++= ++++ 3 files changed, 81 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/namespaces/.gitignore b/tools/testing/= selftests/namespaces/.gitignore index 17f9c675a60b..aeb5f2711ff6 100644 --- a/tools/testing/selftests/namespaces/.gitignore +++ b/tools/testing/selftests/namespaces/.gitignore @@ -4,3 +4,4 @@ init_ino_test ns_active_ref_test listns_test listns_permissions_test +siocgskns_test diff --git a/tools/testing/selftests/namespaces/Makefile b/tools/testing/se= lftests/namespaces/Makefile index 2dd22bc68b89..d456505189cd 100644 --- a/tools/testing/selftests/namespaces/Makefile +++ b/tools/testing/selftests/namespaces/Makefile @@ -2,11 +2,18 @@ CFLAGS +=3D -Wall -O0 -g $(KHDR_INCLUDES) $(TOOLS_INCLUDES) LDLIBS +=3D -lcap =20 -TEST_GEN_PROGS :=3D nsid_test file_handle_test init_ino_test ns_active_ref= _test listns_test listns_permissions_test +TEST_GEN_PROGS :=3D nsid_test \ + file_handle_test \ + init_ino_test \ + ns_active_ref_test \ + listns_test \ + listns_permissions_test \ + siocgskns_test =20 include ../lib.mk =20 $(OUTPUT)/ns_active_ref_test: ../filesystems/utils.c $(OUTPUT)/listns_test: ../filesystems/utils.c $(OUTPUT)/listns_permissions_test: ../filesystems/utils.c +$(OUTPUT)/siocgskns_test: ../filesystems/utils.c =20 diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c new file mode 100644 index 000000000000..0c9098624cd4 --- /dev/null +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -0,0 +1,72 @@ +// SPDX-License-Identifier: GPL-2.0 +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "../filesystems/utils.h" +#include "wrappers.h" + +#ifndef SIOCGSKNS +#define SIOCGSKNS 0x894C +#endif + +#ifndef FD_NSFS_ROOT +#define FD_NSFS_ROOT -10003 +#endif + +#ifndef FILEID_NSFS +#define FILEID_NSFS 0xf1 +#endif + +/* + * Test basic SIOCGSKNS functionality. + * Create a socket and verify SIOCGSKNS returns the correct network namesp= ace. + */ +TEST(siocgskns_basic) +{ + int sock_fd, netns_fd, current_netns_fd; + struct stat st1, st2; + + /* Create a TCP socket */ + sock_fd =3D socket(AF_INET, SOCK_STREAM, 0); + ASSERT_GE(sock_fd, 0); + + /* Use SIOCGSKNS to get network namespace */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + close(sock_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + + /* Get current network namespace */ + current_netns_fd =3D open("/proc/self/ns/net", O_RDONLY); + ASSERT_GE(current_netns_fd, 0); + + /* Verify they match */ + ASSERT_EQ(fstat(netns_fd, &st1), 0); + ASSERT_EQ(fstat(current_netns_fd, &st2), 0); + ASSERT_EQ(st1.st_ino, st2.st_ino); + + close(sock_fd); + close(netns_fd); + close(current_netns_fd); +} + +TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4017A329391; Wed, 29 Oct 2025 12:25:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740722; cv=none; b=JCV2O2lC+BRfIQdjzQf2EAhBphltzoCgLaBvyXAiNmV3RYTc4jc0Old4NUvR/uVzSI5V53XxTJUWgVx2x8Nl03RNYrjXbXh7c+qNAiXY9QEZaGEPDSrOFMtESGnBt27EqcVYdS7f0cxesAQIzMTnrHs3QOGxlozLch21UegjuMc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740722; c=relaxed/simple; bh=M5JYL/ItXnif2Vw7+GSIT6vFRcZ0KyLdqVkykps56SU=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=KEWBdAXAhwS8GTQHATO3V+ABmgWZmXndotZVel6aBAXduTswGmor7e7jq6kts9kzSZ+eMwFy5HvH6EsrxyqEur3kA3ycowb24gYt9bd396qsqUM7U+mL6c1g7MXg0qMR/jEvlBecQnkqIUHLyHskWn+ANTagel2/NnBulKQaE5w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=QJ42iSYi; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="QJ42iSYi" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 94822C4CEFD; Wed, 29 Oct 2025 12:25:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740722; bh=M5JYL/ItXnif2Vw7+GSIT6vFRcZ0KyLdqVkykps56SU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=QJ42iSYiEc0/SyvSVlMLEFslZsDmPFkoufbTXhoF8eA1/9D3aerbubBsP7uwRRQTj ijj4DpmiN1CrJs58YtxNOexc9bBbTbEUOWoXLREV3paCtBOtfU8VsfRKB0yCLW+Hlm ZJ2XEorkEUzezWDkqDi5J4WK+IsdWxWfJWD9pJzP39I+BMb1aHRh4H+VZUuy7yr+62 /XJoyPpMMtLtmekHz2DBC8NQjvzoao0P7juPfC9BbzSfoBvfkSm0u4WhSffniub+1L 0drIWd5BM7rBQYxNxYjE6tCpo1gyKeD1Adki6AY2cGzEYJq8rxjTSfRY9ZPuLTTeZ2 us23UfdlMp5kg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:09 +0100 Subject: [PATCH v4 56/72] selftests/namespaces: second inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-56-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=4149; i=brauner@kernel.org; h=from:subject:message-id; bh=M5JYL/ItXnif2Vw7+GSIT6vFRcZ0KyLdqVkykps56SU=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfUbrJ9/6Vgc76cNQlJ1u7707VtZsk97wYKImLCiF d56/5zYO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACZyUIuR4cCMs8nh2nov4u78 EtqVHFjQ+3H6761crjE9+5qPL4oM38zIsP5/wvqSpG97G63clD/fk/vrdu1zxHRuhyDLz96hUg+ 42AA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that socket file descriptors keep network namespaces active. Create a network namespace, create a socket in it, then exit the namespace. The namespace should remain active while the socket FD is held. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 126 +++++++++++++++++= ++++ 1 file changed, 126 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 0c9098624cd4..0ad5e39b7e16 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -69,4 +69,130 @@ TEST(siocgskns_basic) close(current_netns_fd); } =20 +/* + * Test that socket file descriptors keep network namespaces active. + * Create a network namespace, create a socket in it, then exit the namesp= ace. + * The namespace should remain active while the socket FD is held. + */ +TEST(siocgskns_keeps_netns_active) +{ + int sock_fd, netns_fd, test_fd; + int ipc_sockets[2]; + pid_t pid; + int status; + struct stat st; + + EXPECT_EQ(socketpair(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets= ), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child: create new netns and socket */ + close(ipc_sockets[0]); + + if (unshare(CLONE_NEWNET) < 0) { + TH_LOG("unshare(CLONE_NEWNET) failed: %s", strerror(errno)); + close(ipc_sockets[1]); + exit(1); + } + + /* Create a socket in the new network namespace */ + sock_fd =3D socket(AF_INET, SOCK_DGRAM, 0); + if (sock_fd < 0) { + TH_LOG("socket() failed: %s", strerror(errno)); + close(ipc_sockets[1]); + exit(1); + } + + /* Send socket FD to parent via SCM_RIGHTS */ + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1] =3D {'X'}; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level =3D SOL_SOCKET; + cmsg->cmsg_type =3D SCM_RIGHTS; + cmsg->cmsg_len =3D CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cmsg), &sock_fd, sizeof(int)); + + if (sendmsg(ipc_sockets[1], &msg, 0) < 0) { + close(sock_fd); + close(ipc_sockets[1]); + exit(1); + } + + close(sock_fd); + close(ipc_sockets[1]); + exit(0); + } + + /* Parent: receive socket FD */ + close(ipc_sockets[1]); + + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1]; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + ssize_t n =3D recvmsg(ipc_sockets[0], &msg, 0); + close(ipc_sockets[0]); + ASSERT_EQ(n, 1); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + ASSERT_NE(cmsg, NULL); + ASSERT_EQ(cmsg->cmsg_type, SCM_RIGHTS); + + memcpy(&sock_fd, CMSG_DATA(cmsg), sizeof(int)); + + /* Wait for child to exit */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + if (WEXITSTATUS(status) !=3D 0) + SKIP(close(sock_fd); return, "Child failed to create namespace"); + + /* Get network namespace from socket */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + close(sock_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + + ASSERT_EQ(fstat(netns_fd, &st), 0); + + /* + * Namespace should still be active because socket FD keeps it alive. + * Try to access it via /proc/self/fd/. + */ + char path[64]; + snprintf(path, sizeof(path), "/proc/self/fd/%d", netns_fd); + test_fd =3D open(path, O_RDONLY); + ASSERT_GE(test_fd, 0); + close(test_fd); + close(netns_fd); + + /* Close socket - namespace should become inactive */ + close(sock_fd); + + /* Try SIOCGSKNS again - should fail since socket is closed */ + ASSERT_LT(ioctl(sock_fd, SIOCGSKNS), 0); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 861E43358DE; Wed, 29 Oct 2025 12:25:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740727; cv=none; b=l9juPqISyvnx5P8YOwMJKllyJBeD/+ZaHMZ/i0G4eJnn1tYveyJWhz4it5Bwo3h26R3m6OoutNl3xLQhAm03jFkbnhiBYg+Qp0JJ3E6ZR3h9QQZXzI2wfCcj3eax/wPwj/Uu86crgGfD798/x1Dc5z2SA3c5ygVvrd3HxXINOY4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740727; c=relaxed/simple; bh=Jefh0E5wrR69nQhrRe8vhHFWAuKaAVI3adTXCV7rO88=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=LrAZEO72pHyTm+ckEmLZuSx3ANoee97Vl3w5qb2sy0nwHAyZYHLXRK2i9wWvWaIGxqZQ9bRF0QobtcCq3XlvkrBRYhhhrMfWos7h499WVh1Ca8NEvSSOfDMX+NrXaZHoHP5vzauS11rK0Z4Q5wZMCJn4raspdYiTWgE/yPjDgMs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=GE/Lj65z; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="GE/Lj65z" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 91713C4CEF7; Wed, 29 Oct 2025 12:25:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740727; bh=Jefh0E5wrR69nQhrRe8vhHFWAuKaAVI3adTXCV7rO88=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=GE/Lj65ztKvWlnc+X7dEWnm7yHQsmO+0JxrznbPQ8lb99PB4x7d4O5RJ6kr2hdSIO dqL+8DDxsOPYtMc0xOJPSYdc5IZIn6+kseZDgz76KouC48o3m0r4NKsBFHt4SpCoVK g0cFqfFZpfOc2djmMbJWAmreo45n/So1h1y91Mhtaan68SUzfpSvs28ODGlMiWmgD5 cG34ozS9XQHgJhpXb4o7+n5X5I+4ODK7THWSfMC/T57u+bpv0vLGileHsY37LqdT4w GnyVbmVtorCIfdtg57cYw6jZix02VSOQbFtPfVoIeJgev3vikT4KnYWQqkL7kTmwl9 Vsp/wNVl0KLDg== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:10 +0100 Subject: [PATCH v4 57/72] selftests/namespaces: third inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-57-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2704; i=brauner@kernel.org; h=from:subject:message-id; bh=Jefh0E5wrR69nQhrRe8vhHFWAuKaAVI3adTXCV7rO88=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXL31oj/FXzmp/3n98v17cLnHwz88oLrTtTTv8y2 pMy3Z3td0cpC4MYF4OsmCKLQ7tJuNxynorNRpkaMHNYmUCGMHBxCsBEaq8xMqzf7X7pktSFpa9W RsQ+O7OIXV5sA+/Er89qHs/LrVlf7PyY4Z/dBq85nKeedD/+0jHBrIptA9eXJy87H6g8KJLg2/h 39UlmAA== X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test SIOCGSKNS with different socket types (TCP, UDP, RAW). Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 65 ++++++++++++++++++= +++- 1 file changed, 63 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 0ad5e39b7e16..02798e59fc11 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -163,8 +163,7 @@ TEST(siocgskns_keeps_netns_active) /* Wait for child to exit */ waitpid(pid, &status, 0); ASSERT_TRUE(WIFEXITED(status)); - if (WEXITSTATUS(status) !=3D 0) - SKIP(close(sock_fd); return, "Child failed to create namespace"); + ASSERT_EQ(WEXITSTATUS(status), 0); =20 /* Get network namespace from socket */ netns_fd =3D ioctl(sock_fd, SIOCGSKNS); @@ -195,4 +194,66 @@ TEST(siocgskns_keeps_netns_active) ASSERT_LT(ioctl(sock_fd, SIOCGSKNS), 0); } =20 +/* + * Test SIOCGSKNS with different socket types (TCP, UDP, RAW). + */ +TEST(siocgskns_socket_types) +{ + int sock_tcp, sock_udp, sock_raw; + int netns_tcp, netns_udp, netns_raw; + struct stat st_tcp, st_udp, st_raw; + + /* TCP socket */ + sock_tcp =3D socket(AF_INET, SOCK_STREAM, 0); + ASSERT_GE(sock_tcp, 0); + + /* UDP socket */ + sock_udp =3D socket(AF_INET, SOCK_DGRAM, 0); + ASSERT_GE(sock_udp, 0); + + /* RAW socket (may require privileges) */ + sock_raw =3D socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); + if (sock_raw < 0 && (errno =3D=3D EPERM || errno =3D=3D EACCES)) { + sock_raw =3D -1; /* Skip raw socket test */ + } + + /* Test SIOCGSKNS on TCP */ + netns_tcp =3D ioctl(sock_tcp, SIOCGSKNS); + if (netns_tcp < 0) { + close(sock_tcp); + close(sock_udp); + if (sock_raw >=3D 0) close(sock_raw); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_tcp, 0); + } + + /* Test SIOCGSKNS on UDP */ + netns_udp =3D ioctl(sock_udp, SIOCGSKNS); + ASSERT_GE(netns_udp, 0); + + /* Test SIOCGSKNS on RAW (if available) */ + if (sock_raw >=3D 0) { + netns_raw =3D ioctl(sock_raw, SIOCGSKNS); + ASSERT_GE(netns_raw, 0); + } + + /* Verify all return the same network namespace */ + ASSERT_EQ(fstat(netns_tcp, &st_tcp), 0); + ASSERT_EQ(fstat(netns_udp, &st_udp), 0); + ASSERT_EQ(st_tcp.st_ino, st_udp.st_ino); + + if (sock_raw >=3D 0) { + ASSERT_EQ(fstat(netns_raw, &st_raw), 0); + ASSERT_EQ(st_tcp.st_ino, st_raw.st_ino); + close(netns_raw); + close(sock_raw); + } + + close(netns_tcp); + close(netns_udp); + close(sock_tcp); + close(sock_udp); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ACFE1354716; Wed, 29 Oct 2025 12:25:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740732; cv=none; b=YTE6nR0PHC8M8D3SizEuR/2MaBEi7VxZ42dTWMDfni6rxg+NMPbu/SrQA0Pf6ZnNCes7opJArHKJHf8ILf36gs1OQx9Y4WXfKPmlZM71cqGRf9vyu/0e689uAiscnk1vHXnqSw42V0HEU8t1LUunTxfkWQrxPIKJ4v5TrwVr6gs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740732; c=relaxed/simple; bh=BCihYefUNETnf9SgrifE/6AmFo1JxPKscMdQ4tQ9EDw=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=KTtYliKeNNhunEPHlojFWSfASnHeYrWhMGJvPFcG/c9FITcFUeuQsFg8eaiwlFMz4HgN8vtmWT02iLv8CSr5M73v5ZBI2Ep4CA0i9+8ib29RqUFqTT1Z52xPpltsBnJ6wJDxbDMI9HpiXShStJBeu6yhmvZhWfdb4flenXvFP1c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=sr0R3nwM; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="sr0R3nwM" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 882C1C4CEFF; Wed, 29 Oct 2025 12:25:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740732; bh=BCihYefUNETnf9SgrifE/6AmFo1JxPKscMdQ4tQ9EDw=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=sr0R3nwM5NELIOUxeHFV5+E4EBYvw2gEiBldk/HJs9GAV5J7av2zSZrrOMFkSc+6B rKEqRxqpgZpwGPuOy/hsUWyJsjI0tZGNyLnQGyXrjgzJ5sELCDZlItHUlGpBvQtGhq Yx8sO9daT50YbyWJoUrM8PnUPY4MxvO6nTh160C/fXbpHPRzt1n9OGyqA3PeeBTsw4 dUbqo9suklAUEQXtVQPuTjOfHWJEskK7B83n+AfqsHzavuD/3EyAR2YHuqBl/CcdcB 8n12rlBg/J8Y7PEh+j9i0Ror/prXwk6UOQ/1BKU+qaUOo3x4gVTGJwAZDGQcoscBJ1 u/g+8z/JuT3ow== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:11 +0100 Subject: [PATCH v4 58/72] selftests/namespaces: fourth inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-58-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2063; i=brauner@kernel.org; h=from:subject:message-id; bh=BCihYefUNETnf9SgrifE/6AmFo1JxPKscMdQ4tQ9EDw=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfU/Dskrzf3c4/LL1mTHfo1p52W8zvlltWyQud3Uw SpSsOtfRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwEQ0hBgZzu2d8ON8/WeNG91l GxZfzootELJ60LVggUW1r3JE9f4LTIwME9i2asyMXtxtN82j/cWTjKAA7pbZ4jYlsx++3HrqvtB 9BgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test SIOCGSKNS across setns. Create a socket in netns A, switch to netns B, verify SIOCGSKNS still returns netns A. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 51 ++++++++++++++++++= ++++ 1 file changed, 51 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 02798e59fc11..28e45954c4fa 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -256,4 +256,55 @@ TEST(siocgskns_socket_types) close(sock_udp); } =20 +/* + * Test SIOCGSKNS across setns. + * Create a socket in netns A, switch to netns B, verify SIOCGSKNS still + * returns netns A. + */ +TEST(siocgskns_across_setns) +{ + int sock_fd, netns_a_fd, netns_b_fd, result_fd; + struct stat st_a; + + /* Get current netns (A) */ + netns_a_fd =3D open("/proc/self/ns/net", O_RDONLY); + ASSERT_GE(netns_a_fd, 0); + ASSERT_EQ(fstat(netns_a_fd, &st_a), 0); + + /* Create socket in netns A */ + sock_fd =3D socket(AF_INET, SOCK_STREAM, 0); + ASSERT_GE(sock_fd, 0); + + /* Create new netns (B) */ + ASSERT_EQ(unshare(CLONE_NEWNET), 0); + + netns_b_fd =3D open("/proc/self/ns/net", O_RDONLY); + ASSERT_GE(netns_b_fd, 0); + + /* Get netns from socket created in A */ + result_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (result_fd < 0) { + close(sock_fd); + setns(netns_a_fd, CLONE_NEWNET); + close(netns_a_fd); + close(netns_b_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(result_fd, 0); + } + + /* Verify it still points to netns A */ + struct stat st_result_stat; + ASSERT_EQ(fstat(result_fd, &st_result_stat), 0); + ASSERT_EQ(st_a.st_ino, st_result_stat.st_ino); + + close(result_fd); + close(sock_fd); + close(netns_b_fd); + + /* Restore original netns */ + ASSERT_EQ(setns(netns_a_fd, CLONE_NEWNET), 0); + close(netns_a_fd); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B75AD33F388; Wed, 29 Oct 2025 12:25:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740737; cv=none; b=LEPS+yKvG7SCSg63A1bnn5MY1FSF9Md2hoSvDaXB0uJfLjyQi4/UXWGT4ztaU1OB0qZrqJjJCAdUjINCXw7pHGLVV6YHK5sKoNh712fT6LhK3pllbDFNIs5vPeJQ7WtrrEmCY6rtf7sCC1Cwauokk440LItWNmyCNp7fmuPFLyo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740737; c=relaxed/simple; bh=KWYYGboDUt3swjKDxkebVx+xZOw67uWV/kh+IrzwFAE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=ijfSe8vQtUjoQoNl6ren5XPmGxOSEg5Db3mmnJwz9qes386FQlc1w80IY0AeOIxbXuES/wQkh/yVSqiAzOXOJVeZCFlb76dRmB8IUEa7gEw5WcnDyEF6PPiyw+jS7+anLwXiVBNn9GmCX7kKawu/RWxuKnXq61FJ429gTsHN9U0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=AVaWB+9l; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="AVaWB+9l" Received: by smtp.kernel.org (Postfix) with ESMTPSA id BCA9DC4CEF7; Wed, 29 Oct 2025 12:25:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740737; bh=KWYYGboDUt3swjKDxkebVx+xZOw67uWV/kh+IrzwFAE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=AVaWB+9lgEiya89wxq9QmoGHXnKfVa+Etod4Hrej3a5f2Eg6FStTI1xbIgXRFA9zC PI4r41FIV9BASaM+eRPN8NZw4Up9UJl79JByB5Hs0gKRpfk4WShrDkQ7f6w6HLldKO FmQdbt7uVt95/SJHqCkTIrk4ZraDzXhZFYgVIU8MsZJLlY5ThfNPg71Q/BmJKtVah8 DzgBL3es4Es58K/yWJRDK1FLJekz6STMgszsauBgsveIVIXQyBqeFJ12VHqP5yv4az kiB3GKQAnhG9N3Pvyc03IS0J143ZuH37Py6BG3f5udqUHtbsDbs2vFPw/2ejS/2k0s hXQUrDuJa1Icw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:12 +0100 Subject: [PATCH v4 59/72] selftests/namespaces: fifth inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-59-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1167; i=brauner@kernel.org; h=from:subject:message-id; bh=KWYYGboDUt3swjKDxkebVx+xZOw67uWV/kh+IrzwFAE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfW/VN/m4BTSM/f00QkLPtR9/Rzjo2cSfWd9s3HFI t8FcdbTO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACaSz8rIsMFt9a8jxyUuv87Y Gv3kU8nz3S9Zk++df8F0tluwXY9v5j6Gf2ZGLJtVuwxu+j79X3MnQ4cl5vFLrvKQoopO56fmX9t EmAE= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test SIOCGSKNS fails on non-socket file descriptors. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 26 ++++++++++++++++++= ++++ 1 file changed, 26 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 28e45954c4fa..bbfef3c51ac1 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -307,4 +307,30 @@ TEST(siocgskns_across_setns) close(netns_a_fd); } =20 +/* + * Test SIOCGSKNS fails on non-socket file descriptors. + */ +TEST(siocgskns_non_socket) +{ + int fd; + int pipefd[2]; + + /* Test on regular file */ + fd =3D open("/dev/null", O_RDONLY); + ASSERT_GE(fd, 0); + + ASSERT_LT(ioctl(fd, SIOCGSKNS), 0); + ASSERT_TRUE(errno =3D=3D ENOTTY || errno =3D=3D EINVAL); + close(fd); + + /* Test on pipe */ + ASSERT_EQ(pipe(pipefd), 0); + + ASSERT_LT(ioctl(pipefd[0], SIOCGSKNS), 0); + ASSERT_TRUE(errno =3D=3D ENOTTY || errno =3D=3D EINVAL); + + close(pipefd[0]); + close(pipefd[1]); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B3AC536337B; Wed, 29 Oct 2025 12:25:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740742; cv=none; b=aSyRHiD78MI6RLio3oD4IyV7xzHiinMf6cU4PnWXe7C3BT3SJLoncFmXv9IeQ5OMZF/8KKtBQT2xv4m/pI2vKZqFJ/T+fz27ko4FP3WKWtkCgXnqycgBM/aHCRmQz0ZMAay+fNloLYLm6v1SHh7HHHBxi+cCfhxKF1p5qU2y8uk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740742; c=relaxed/simple; bh=m+pfjG9qzc5y9QbnPIMpZwGVfopUom8AcMnRPDQcZaU=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=KOSTrCOUnZpyxPW4tdOuYrlYvDU4O1woER/JrNA0OHJkS3CU4JeIzVolTldFZwPE7JcjIQVnl4Z68ESsm9mYxOEVtdMkXnttP+Hj4/Rd2sIRWiZqKSiPlOtFwCesK2TgBY09jdU4PHr8phzqdGTJes9j5D3Pg84Ld+Qgbm5RU+c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=iOgTSrqz; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="iOgTSrqz" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 12AACC4CEF7; Wed, 29 Oct 2025 12:25:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740742; bh=m+pfjG9qzc5y9QbnPIMpZwGVfopUom8AcMnRPDQcZaU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=iOgTSrqz7/qOSk+tcKgcnXQ20nFBnVlZ9MDWFvdtXDs3elcqIwyCPzxGHYDmUOl87 oc1DbAZfyzsAp/8IUMCQv2T09/Op7KRFBBFu4ESzkhTIfRcc6O72JqEEF0sEIbo9Y5 +8g78hhDrimEFi6GuAnJvXGZJjIL8O8hE7UbsmSrWkitXCUMGjHF0xsGzEtFyTz+/+ ebb2/AmVR65TlpgeFmEttPhFVB00uVsbMiXpvYKzcqQ0FsqFMyxgQZtyHw6MqVfFgl iskqyvQIgHTSR/kA8k+f/wjcP669KXzrRV5dusiHPYZCcKNoJCB1/DbWG0C6Pg5SDd cCGN6zPbp8lnA== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:13 +0100 Subject: [PATCH v4 60/72] selftests/namespaces: sixth inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-60-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=2328; i=brauner@kernel.org; h=from:subject:message-id; bh=m+pfjG9qzc5y9QbnPIMpZwGVfopUom8AcMnRPDQcZaU=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfWHHwn/tEnhvbVdc9nU27XX+Zm6pAKC067oCf/+4 HnQI3xFRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwETKtRkZds1rU9Vrmq5qfSJV SsC5uvaA1ysh+dg5O4KzuRilWBueMvwVD/trurSJ88nqQ1zGN68FPo400/Dg3tFc7rntHWPgs1J OAA== X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test multiple sockets keep the same network namespace active. Create multiple sockets, verify closing some doesn't affect others. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 68 ++++++++++++++++++= ++++ 1 file changed, 68 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index bbfef3c51ac1..231830daf5dc 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -333,4 +333,72 @@ TEST(siocgskns_non_socket) close(pipefd[1]); } =20 +/* + * Test multiple sockets keep the same network namespace active. + * Create multiple sockets, verify closing some doesn't affect others. + */ +TEST(siocgskns_multiple_sockets) +{ + int socks[5]; + int netns_fds[5]; + int i; + struct stat st; + ino_t netns_ino; + + /* Create new network namespace */ + ASSERT_EQ(unshare(CLONE_NEWNET), 0); + + /* Create multiple sockets */ + for (i =3D 0; i < 5; i++) { + socks[i] =3D socket(AF_INET, SOCK_STREAM, 0); + ASSERT_GE(socks[i], 0); + } + + /* Get netns from all sockets */ + for (i =3D 0; i < 5; i++) { + netns_fds[i] =3D ioctl(socks[i], SIOCGSKNS); + if (netns_fds[i] < 0) { + int j; + for (j =3D 0; j <=3D i; j++) { + close(socks[j]); + if (j < i && netns_fds[j] >=3D 0) + close(netns_fds[j]); + } + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fds[i], 0); + } + } + + /* Verify all point to same netns */ + ASSERT_EQ(fstat(netns_fds[0], &st), 0); + netns_ino =3D st.st_ino; + + for (i =3D 1; i < 5; i++) { + ASSERT_EQ(fstat(netns_fds[i], &st), 0); + ASSERT_EQ(st.st_ino, netns_ino); + } + + /* Close some sockets */ + for (i =3D 0; i < 3; i++) { + close(socks[i]); + } + + /* Remaining netns FDs should still be valid */ + for (i =3D 3; i < 5; i++) { + char path[64]; + snprintf(path, sizeof(path), "/proc/self/fd/%d", netns_fds[i]); + int test_fd =3D open(path, O_RDONLY); + ASSERT_GE(test_fd, 0); + close(test_fd); + } + + /* Cleanup */ + for (i =3D 0; i < 5; i++) { + if (i >=3D 3) + close(socks[i]); + close(netns_fds[i]); + } +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3E02363B9D; Wed, 29 Oct 2025 12:25:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740747; cv=none; b=MDXSXs/fKL6S52dZqD1yMukCGfFZGvA3cccVYi8GoLvw8SGLd/FKcLmesphsENHpz+kRJYttH0VMf3RfSWbgvtod3qNN5WMfKH+ktfGzj2GsT2MkY8UJe3Eo87+CUOpHcwd/FmGVg2mB7+/ITrqwN12m7BYcMvYvHXSh7JxWCwQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740747; c=relaxed/simple; bh=0F9mhX2Gl3SVx+//eDdT9Tj87KVi2B6yYobSD3BfDnA=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=nbIbS/5Qle05qmJ7YyM45erAs8p/4qKvcFrq+A571MdDJVjGo4wHfD4rHq6PsSvzdB0drFhaP0jXzXfDSOix8XBXI8E6KtOEqovDBHNA+KcMs6WVYxgwuTczzZmbh0fBy5uff3rIt0ZwRTJhv4os/I8e7+Q7ToqtujnchnInThk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Mlm8us7a; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Mlm8us7a" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 139F4C4CEFF; Wed, 29 Oct 2025 12:25:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740747; bh=0F9mhX2Gl3SVx+//eDdT9Tj87KVi2B6yYobSD3BfDnA=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=Mlm8us7aJOvLjIz6PyycbLhZioGMgblsBESGqQtaxcQIvdKX14OtyPZPDAwsqe5sE O5EmJ8oBz8AebyW5gh9xRJGYSJiaaHDwCJREVaXH5217jx7WHSMlZECJz18uygL+GO LtbKPocR0FtFwiMlElHCnZ3eFNqXTY440djTAMh9SkqlT/eZ8sMMsRgFfzhLQ3pAX8 dbb23MOX5lrRU6iHfkVY2/3LlY5E1doM+PTabKIopPCevmHabFwtJ+SOLfmGRkBatE 8g1BgQUW4TQ1u0CmtsDkaaBOfSqoaTrVzskk+d98dBvzvDhhn1lIkKB2axzXnV3O5E dbCNSFQN0EPng== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:14 +0100 Subject: [PATCH v4 61/72] selftests/namespaces: seventh inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-61-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=4066; i=brauner@kernel.org; h=from:subject:message-id; bh=0F9mhX2Gl3SVx+//eDdT9Tj87KVi2B6yYobSD3BfDnA=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfX/+/VeyEKvI3ylf+3v3wFCq3wVVLhU5kesmfD0f WRzrV11RykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwERWbWRkmNmgNy9OVz+4PTWw 2sn//PbXr76+WzNfQzTtrZTa552rzjL897pbbHhf1rUo53C/rZZw1M8zjb/WWTypXH/Moe/MOe9 uPgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test socket keeps netns active after creating process exits. Verify that as long as the socket FD exists, the namespace remains active. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 141 +++++++++++++++++= ++++ 1 file changed, 141 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 231830daf5dc..60028eeecde0 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -401,4 +401,145 @@ TEST(siocgskns_multiple_sockets) } } =20 +/* + * Test socket keeps netns active after creating process exits. + * Verify that as long as the socket FD exists, the namespace remains acti= ve. + */ +TEST(siocgskns_netns_lifecycle) +{ + int sock_fd, netns_fd; + int ipc_sockets[2]; + int syncpipe[2]; + pid_t pid; + int status; + char sync_byte; + struct stat st; + ino_t netns_ino; + + EXPECT_EQ(socketpair(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets= ), 0); + + ASSERT_EQ(pipe(syncpipe), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child */ + close(ipc_sockets[0]); + close(syncpipe[1]); + + if (unshare(CLONE_NEWNET) < 0) { + close(ipc_sockets[1]); + close(syncpipe[0]); + exit(1); + } + + sock_fd =3D socket(AF_INET, SOCK_STREAM, 0); + if (sock_fd < 0) { + close(ipc_sockets[1]); + close(syncpipe[0]); + exit(1); + } + + /* Send socket to parent */ + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1] =3D {'X'}; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level =3D SOL_SOCKET; + cmsg->cmsg_type =3D SCM_RIGHTS; + cmsg->cmsg_len =3D CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cmsg), &sock_fd, sizeof(int)); + + if (sendmsg(ipc_sockets[1], &msg, 0) < 0) { + close(sock_fd); + close(ipc_sockets[1]); + close(syncpipe[0]); + exit(1); + } + + close(sock_fd); + close(ipc_sockets[1]); + + /* Wait for parent signal */ + read(syncpipe[0], &sync_byte, 1); + close(syncpipe[0]); + exit(0); + } + + /* Parent */ + close(ipc_sockets[1]); + close(syncpipe[0]); + + /* Receive socket FD */ + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1]; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + ssize_t n =3D recvmsg(ipc_sockets[0], &msg, 0); + close(ipc_sockets[0]); + ASSERT_EQ(n, 1); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + ASSERT_NE(cmsg, NULL); + memcpy(&sock_fd, CMSG_DATA(cmsg), sizeof(int)); + + /* Get netns from socket while child is alive */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + sync_byte =3D 'G'; + write(syncpipe[1], &sync_byte, 1); + close(syncpipe[1]); + close(sock_fd); + waitpid(pid, NULL, 0); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + ASSERT_EQ(fstat(netns_fd, &st), 0); + netns_ino =3D st.st_ino; + + /* Signal child to exit */ + sync_byte =3D 'G'; + write(syncpipe[1], &sync_byte, 1); + close(syncpipe[1]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + + /* + * Socket FD should still keep namespace active even after + * the creating process exited. + */ + int test_fd =3D ioctl(sock_fd, SIOCGSKNS); + ASSERT_GE(test_fd, 0); + + struct stat st_test; + ASSERT_EQ(fstat(test_fd, &st_test), 0); + ASSERT_EQ(st_test.st_ino, netns_ino); + + close(test_fd); + close(netns_fd); + + /* Close socket - namespace should become inactive */ + close(sock_fd); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 011AF3644B5; Wed, 29 Oct 2025 12:25:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740753; cv=none; b=shf2hrchkZewQ0l8mafWw0EmgXjMM8WX41fPxL/9C6geBOpYU4RzjD/SwcY5DPIT/tf64R+6s271/XZEvVuHNhzF+HQccecdt1g8EyypNQ757d8WdzGrs/vCd22hMFwTKtSGRdXMFe10QXq82Uemymjp6pcl7SWxn3LMCRDQK74= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740753; c=relaxed/simple; bh=VBORRP+h0KErK54FHs98ti+2CEgWK2XfNgSQLs2e/YU=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=p6eA9T4nRamIyLmv5INmG7NFyDGdvVhYqfj2y7MBsyRNGeJj1i9T61JtJ+Tir9hkmYJplDppi26ZBFmHpWgMIg+WDmcPhESK9wmU658Ym8H9xxNAx6t0nqo4RVrTLU1zLzOlHc+7HHymyehtaEnjFmt6OjrM5Y/7UQccst591gI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=MQsU51mc; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="MQsU51mc" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 20458C4CEF7; Wed, 29 Oct 2025 12:25:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740752; bh=VBORRP+h0KErK54FHs98ti+2CEgWK2XfNgSQLs2e/YU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=MQsU51mco5xw2bbprqKOhjMfNwKaSRjphx62ODPWOhRpSR3pGu93IShpeUyqqmvPm D8OW8WeDvX9ffQ1zBXbniy/YGhbnBE5HNjoPyfunGYuN/7gjspb6ZymgGHDPJzjZgv R8FbTj9BgYZ4yShACYBpovOvNQFWWANO/G8ylR3/+UwEgdvLyrev30ubwSEQYA2YJR X/Aw+Cm3fu8so0pRjtEdJUWzKXzG85hxte0qYdB8APHoJIDUSdhKAW0C1Uoq07WUkl Kj1qTGguMhM83MmcWxdqDod3eEB1ZHZXsxUTNCE7T0hUml1I0vk0iUZ1mNwWGBklM2 cWdEaf4uM0Rsw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:15 +0100 Subject: [PATCH v4 62/72] selftests/namespaces: eigth inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-62-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=1467; i=brauner@kernel.org; h=from:subject:message-id; bh=VBORRP+h0KErK54FHs98ti+2CEgWK2XfNgSQLs2e/YU=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXvujBz9603cz7/9mKXunvHdC7vS+erRrdUlud94 zmyrMqlpqOUhUGMi0FWTJHFod0kXG45T8Vmo0wNmDmsTCBDGLg4BWAiJ48w/LNViJTL/mbaXa16 jut6yoGq35l6x9SPTF/1590aa6Mt0q0Mf3gyM84bLr3Fs2FqXZLhWf+IkHd8V/7UJghY+ecEneW yZwEA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test IPv6 sockets also work with SIOCGSKNS. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 34 ++++++++++++++++++= ++++ 1 file changed, 34 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 60028eeecde0..47c1524a8648 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -542,4 +542,38 @@ TEST(siocgskns_netns_lifecycle) close(sock_fd); } =20 +/* + * Test IPv6 sockets also work with SIOCGSKNS. + */ +TEST(siocgskns_ipv6) +{ + int sock_fd, netns_fd, current_netns_fd; + struct stat st1, st2; + + /* Create an IPv6 TCP socket */ + sock_fd =3D socket(AF_INET6, SOCK_STREAM, 0); + ASSERT_GE(sock_fd, 0); + + /* Use SIOCGSKNS */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + close(sock_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + + /* Verify it matches current namespace */ + current_netns_fd =3D open("/proc/self/ns/net", O_RDONLY); + ASSERT_GE(current_netns_fd, 0); + + ASSERT_EQ(fstat(netns_fd, &st1), 0); + ASSERT_EQ(fstat(current_netns_fd, &st2), 0); + ASSERT_EQ(st1.st_ino, st2.st_ino); + + close(sock_fd); + close(netns_fd); + close(current_netns_fd); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A0FD33559FE; Wed, 29 Oct 2025 12:25:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740758; cv=none; b=FlrWAZGcRU71XjvdCyOsi1Q/yHMkvFtaUWfhoHzQ1/B+iixv3fV5oiNlwdorHTs6CTHTv83BqSd2vOAhy1xE+1qtc15kvlgrlVqZc9nq3lew6743TbE9rqBDbq2S6Ti7Cbd5dqJwnG5KyphWjWxC/2q/tyXqS8EnvFAC6Rm42sI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740758; c=relaxed/simple; bh=2GRkF4aTvddGMSpKeYnAxQf+2i+z67SQVbcHcw3mqCk=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=gzPRCxouykmUju4zHTlXg/ZvC4W9BQ63jxN5Uf6RZnz8uMnLYMS8C1a82X6HudhGJFScPQNKeikV5N6lo22n1UKyiXWTOECKw9x/tCBxEj3hODTBcGGammzrpm5B7w/aqACXCZ5CEh//Fh9APKsBDLrBSuNs/gCXmY06FVozX9c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mKumpihp; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mKumpihp" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 50DFAC4CEFF; Wed, 29 Oct 2025 12:25:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740758; bh=2GRkF4aTvddGMSpKeYnAxQf+2i+z67SQVbcHcw3mqCk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=mKumpihpas/QbwVEtd3uTfPdyRf+1Fmeqr0C/nseeKvZQh4zVbQSofibOUqDKIU9s LtYttIZlx5y9AL9uCEd8u+TYiK318Ry8pmzdtktGruLIrRGQbgiea7vIWcoIyusU6r +nblh6bpqq7/AtUcxiQzy2wYTxUMaRkn9A7+qYvQzwIgVqTVjdNxM7RcKUZX3tTCw8 94OI7d4ctNMtfyFCBaJqwTOfKRC34yhgniA6kS51N6giK2YrgKS9OHbbj7g7yEpnDN rYJVPmcAb7KMpVqmCgE589xUlmnKEF0q2BIlLPxGpBW9PC4imsDhLBop0qxOSsvvaD dNX9h4crFIUAw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:16 +0100 Subject: [PATCH v4 63/72] selftests/namespaces: ninth inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-63-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=5894; i=brauner@kernel.org; h=from:subject:message-id; bh=2GRkF4aTvddGMSpKeYnAxQf+2i+z67SQVbcHcw3mqCk=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysfXv3Hw2VPvj6SmTq8ulv7OpHtF29xC6rlk992n1s lub1c56dZSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAEzkdiUjw9KK3Mmz/026kx3/ 0a3x+E/x/eefLEjeVJtd0NGzw9R9lQUjQ0v94+Wyn47MiJsyefYfncN+4cc+5sT1JbTlXL+bu/F jLTcA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that socket-kept netns appears in listns() output. Verify that a network namespace kept alive by a socket FD appears in listns() output even after the creating process exits, and that it disappears when the socket is closed. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 203 +++++++++++++++++= ++++ 1 file changed, 203 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 47c1524a8648..98f6a0e1b9dd 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -576,4 +576,207 @@ TEST(siocgskns_ipv6) close(current_netns_fd); } =20 +/* + * Test that socket-kept netns appears in listns() output. + * Verify that a network namespace kept alive by a socket FD appears in + * listns() output even after the creating process exits, and that it + * disappears when the socket is closed. + */ +TEST(siocgskns_listns_visibility) +{ + int sock_fd, netns_fd, owner_fd; + int ipc_sockets[2]; + pid_t pid; + int status; + __u64 netns_id, owner_id; + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + int ret, i; + bool found_netns =3D false; + + EXPECT_EQ(socketpair(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets= ), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child: create new netns and socket */ + close(ipc_sockets[0]); + + if (unshare(CLONE_NEWNET) < 0) { + close(ipc_sockets[1]); + exit(1); + } + + sock_fd =3D socket(AF_INET, SOCK_DGRAM, 0); + if (sock_fd < 0) { + close(ipc_sockets[1]); + exit(1); + } + + /* Send socket FD to parent via SCM_RIGHTS */ + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1] =3D {'X'}; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level =3D SOL_SOCKET; + cmsg->cmsg_type =3D SCM_RIGHTS; + cmsg->cmsg_len =3D CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cmsg), &sock_fd, sizeof(int)); + + if (sendmsg(ipc_sockets[1], &msg, 0) < 0) { + close(sock_fd); + close(ipc_sockets[1]); + exit(1); + } + + close(sock_fd); + close(ipc_sockets[1]); + exit(0); + } + + /* Parent: receive socket FD */ + close(ipc_sockets[1]); + + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1]; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + ssize_t n =3D recvmsg(ipc_sockets[0], &msg, 0); + close(ipc_sockets[0]); + ASSERT_EQ(n, 1); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + ASSERT_NE(cmsg, NULL); + memcpy(&sock_fd, CMSG_DATA(cmsg), sizeof(int)); + + /* Wait for child to exit */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Get network namespace from socket */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + close(sock_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + + /* Get namespace ID */ + ret =3D ioctl(netns_fd, NS_GET_ID, &netns_id); + if (ret < 0) { + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "NS_GET_ID not supported"); + ASSERT_EQ(ret, 0); + } + + /* Get owner user namespace */ + owner_fd =3D ioctl(netns_fd, NS_GET_USERNS); + if (owner_fd < 0) { + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "NS_GET_USERNS not supported"); + ASSERT_GE(owner_fd, 0); + } + + /* Get owner namespace ID */ + ret =3D ioctl(owner_fd, NS_GET_ID, &owner_id); + if (ret < 0) { + close(owner_fd); + close(sock_fd); + close(netns_fd); + ASSERT_EQ(ret, 0); + } + close(owner_fd); + + /* Namespace should appear in listns() output */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s", strerror(errno)); + ASSERT_GE(ret, 0); + } + + /* Search for our network namespace in the list */ + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_id) { + found_netns =3D true; + break; + } + } + + ASSERT_TRUE(found_netns); + TH_LOG("Found netns %llu in listns() output (kept alive by socket)", netn= s_id); + + /* Now verify with owner filtering */ + req.user_ns_id =3D owner_id; + found_netns =3D false; + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + ASSERT_GE(ret, 0); + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_id) { + found_netns =3D true; + break; + } + } + + ASSERT_TRUE(found_netns); + TH_LOG("Found netns %llu owned by userns %llu", netns_id, owner_id); + + /* Close socket - namespace should become inactive and disappear from lis= tns() */ + close(sock_fd); + close(netns_fd); + + /* Verify it's no longer in listns() output */ + req.user_ns_id =3D 0; + found_netns =3D false; + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + ASSERT_GE(ret, 0); + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_id) { + found_netns =3D true; + break; + } + } + + ASSERT_FALSE(found_netns); + TH_LOG("Netns %llu correctly disappeared from listns() after socket close= d", netns_id); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE79A3655EC; Wed, 29 Oct 2025 12:26:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740763; cv=none; b=laok10rra9biEi/tJnYUZl0s7jqngroGbTNGgkl1RPM1aBHLLI//4OU97VCSq93gM5qFVhtquuIyMPd2p4AzF61FgZ+iZ6RTLlspLLurxBf9SO/nQCjcDsh/ATm8oYsTKeH3mKob1xn0X+LUhFZ27Kskw6F7yELOMU7NHwP86Ys= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740763; c=relaxed/simple; bh=cg2+/WFjpG13y8cnkuocp9/qhpt17gumOqmPdMg4wzY=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=JCL9D872p4pEqPVeDLjUxSPj9jkx/YDlTzPyOXghUnP1p7eKOUBWYEkoIiXavp10hO+8NKmFJLwJuMLs3MOtxxr+imdtZPf/IIubhfnM/QiUp6k5Zsb6kFuwHNfwcKHNNJgaBRMMhi76ImGKMJ4BuImsVYtKBD5mBFQIVjz1Gr0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=r/k0rXqh; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="r/k0rXqh" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B16CDC4CEF7; Wed, 29 Oct 2025 12:25:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740763; bh=cg2+/WFjpG13y8cnkuocp9/qhpt17gumOqmPdMg4wzY=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=r/k0rXqh1C6WxpJE1Q1EHoV8QTrqIBujqTX2bRbBwiVM3MsEv8+UwYtl6jOEn//2/ M8T1WwtBUS/SfM6YcLGXspNmCkQ0YEg6nkPD6PDR9eWs5L13YA/3nUwUj9JvdaMlGM INUiR8kEGCoG6mX5ql9N8hSZRdgBL+EKMa/Wg9YtJZCIRv8kwqciFi/iZogCDKJ9fx QNcLyaTf8zB+v3s1/DTyqDiFQls1sgVuPuyQRa0lUt4OAfM+nCEAjEAHzmEBLehZBl jGU7ZAKSfzPVHTKNNWRWLz4EgjLRG4uYW+pNgV5DP3TgcihAOfWKxons6fdrFbQsMI GD/XXVQCg4x/A== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:17 +0100 Subject: [PATCH v4 64/72] selftests/namespaces: tenth inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-64-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=6550; i=brauner@kernel.org; h=from:subject:message-id; bh=cg2+/WFjpG13y8cnkuocp9/qhpt17gumOqmPdMg4wzY=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU0I+pqz+O7K9g1iLa2Z7+X4zdsYHa5ypG/ysHo44 emDn3FWHaUsDGJcDLJiiiwO7Sbhcst5KjYbZWrAzGFlAhnCwMUpABPpfc/IcLNJoNfpi93ZPIO6 Jd+nM3NHFTnNCP189p03V8WSqnlpTowML1wFdpuEat4WvHxxk/vsP1yeAkWHD/sfPVpz/Lz+03m 2rAA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that socket-kept netns can be reopened via file handle. Verify that a network namespace kept alive by a socket FD can be reopened using file handles even after the creating process exits. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 195 +++++++++++++++++= ++++ 1 file changed, 195 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 98f6a0e1b9dd..a909232dba36 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -779,4 +779,199 @@ TEST(siocgskns_listns_visibility) TH_LOG("Netns %llu correctly disappeared from listns() after socket close= d", netns_id); } =20 +/* + * Test that socket-kept netns can be reopened via file handle. + * Verify that a network namespace kept alive by a socket FD can be + * reopened using file handles even after the creating process exits. + */ +TEST(siocgskns_file_handle) +{ + int sock_fd, netns_fd, reopened_fd; + int ipc_sockets[2]; + pid_t pid; + int status; + struct stat st1, st2; + ino_t netns_ino; + __u64 netns_id; + struct file_handle *handle; + struct nsfs_file_handle *nsfs_fh; + int ret; + + /* Allocate file_handle structure for nsfs */ + handle =3D malloc(sizeof(struct file_handle) + sizeof(struct nsfs_file_ha= ndle)); + ASSERT_NE(handle, NULL); + handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + handle->handle_type =3D FILEID_NSFS; + + EXPECT_EQ(socketpair(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets= ), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child: create new netns and socket */ + close(ipc_sockets[0]); + + if (unshare(CLONE_NEWNET) < 0) { + close(ipc_sockets[1]); + exit(1); + } + + sock_fd =3D socket(AF_INET, SOCK_DGRAM, 0); + if (sock_fd < 0) { + close(ipc_sockets[1]); + exit(1); + } + + /* Send socket FD to parent via SCM_RIGHTS */ + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1] =3D {'X'}; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level =3D SOL_SOCKET; + cmsg->cmsg_type =3D SCM_RIGHTS; + cmsg->cmsg_len =3D CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cmsg), &sock_fd, sizeof(int)); + + if (sendmsg(ipc_sockets[1], &msg, 0) < 0) { + close(sock_fd); + close(ipc_sockets[1]); + exit(1); + } + + close(sock_fd); + close(ipc_sockets[1]); + exit(0); + } + + /* Parent: receive socket FD */ + close(ipc_sockets[1]); + + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1]; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + ssize_t n =3D recvmsg(ipc_sockets[0], &msg, 0); + close(ipc_sockets[0]); + ASSERT_EQ(n, 1); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + ASSERT_NE(cmsg, NULL); + memcpy(&sock_fd, CMSG_DATA(cmsg), sizeof(int)); + + /* Wait for child to exit */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Get network namespace from socket */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + free(handle); + close(sock_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + + ASSERT_EQ(fstat(netns_fd, &st1), 0); + netns_ino =3D st1.st_ino; + + /* Get namespace ID */ + ret =3D ioctl(netns_fd, NS_GET_ID, &netns_id); + if (ret < 0) { + free(handle); + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "NS_GET_ID not supported"); + ASSERT_EQ(ret, 0); + } + + /* Construct file handle from namespace ID */ + nsfs_fh =3D (struct nsfs_file_handle *)handle->f_handle; + nsfs_fh->ns_id =3D netns_id; + nsfs_fh->ns_type =3D 0; /* Type field not needed for reopening */ + nsfs_fh->ns_inum =3D 0; /* Inum field not needed for reopening */ + + TH_LOG("Constructed file handle for netns %lu (id=3D%llu)", netns_ino, ne= tns_id); + + /* Reopen namespace using file handle (while socket still keeps it alive)= */ + reopened_fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + if (reopened_fd < 0) { + free(handle); + close(sock_fd); + if (errno =3D=3D EOPNOTSUPP || errno =3D=3D ENOSYS || errno =3D=3D EBADF) + SKIP(return, "open_by_handle_at with FD_NSFS_ROOT not supported"); + TH_LOG("open_by_handle_at failed: %s", strerror(errno)); + ASSERT_GE(reopened_fd, 0); + } + + /* Verify it's the same namespace */ + ASSERT_EQ(fstat(reopened_fd, &st2), 0); + ASSERT_EQ(st1.st_ino, st2.st_ino); + ASSERT_EQ(st1.st_dev, st2.st_dev); + + TH_LOG("Successfully reopened netns %lu via file handle", netns_ino); + + close(reopened_fd); + + /* Close the netns FD */ + close(netns_fd); + + /* Try to reopen via file handle - should fail since namespace is now ina= ctive */ + reopened_fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(reopened_fd, 0); + TH_LOG("Correctly failed to reopen inactive netns: %s", strerror(errno)); + + /* Get network namespace from socket */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + free(handle); + close(sock_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + + /* Reopen namespace using file handle (while socket still keeps it alive)= */ + reopened_fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + if (reopened_fd < 0) { + free(handle); + close(sock_fd); + if (errno =3D=3D EOPNOTSUPP || errno =3D=3D ENOSYS || errno =3D=3D EBADF) + SKIP(return, "open_by_handle_at with FD_NSFS_ROOT not supported"); + TH_LOG("open_by_handle_at failed: %s", strerror(errno)); + ASSERT_GE(reopened_fd, 0); + } + + /* Verify it's the same namespace */ + ASSERT_EQ(fstat(reopened_fd, &st2), 0); + ASSERT_EQ(st1.st_ino, st2.st_ino); + ASSERT_EQ(st1.st_dev, st2.st_dev); + + TH_LOG("Successfully reopened netns %lu via file handle", netns_ino); + + /* Close socket - namespace should become inactive */ + close(sock_fd); + free(handle); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8FBD0365D3F; Wed, 29 Oct 2025 12:26:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740768; cv=none; b=NptA8RIUQCxa6B8oaMOhBeqbKGka1k96ccWXfF+mysG3W/1mv2S7/bGQVIxo7gdRXZQp020P6woQZZcPwWce+iZG/KFaCH/0Gq/Zh5SVEqM/zWia8FgJ8UwXDjTeMrmKLQ0oZ9sJWv3mDOMspG/M5pmaihFGVPFr0Pe3xHtNAyE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740768; c=relaxed/simple; bh=sKXDidGiOR1H5xWVrgVg4FOPuYvFiXWeY9Fffw5SXJg=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=jJPcXDNavjEZ0ylJ/6mKewiHg2iQuJD+Fh5Yb7H4t4bRxdWxiMfQaJkAaK5d6XGAE8IH2kjsmFE2du+pms7Mc3YrR0Aai8IK1Btu3cXKIoGWEXUcXGIWzL/SC9wqv3UDLaceVnC1dZshhIr3pLoJ8E5fnTiSAZ8FxyzsdBtPnmE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=VCcLoj5F; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="VCcLoj5F" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C2929C4CEFD; Wed, 29 Oct 2025 12:26:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740768; bh=sKXDidGiOR1H5xWVrgVg4FOPuYvFiXWeY9Fffw5SXJg=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=VCcLoj5F92WydhpUaExQybGECJpLCiE3ia9Sfn4lPRnUS8DTWKiYbdf8wsEkeSYiP jW2wDylgAbzIZg1O5jNdOJ26XRdxQSvyF5j5pmKhuvM8g5v58UngUZgpaDN7EcUyug kZWU4+emWFsWXiTOvVBrNU3vpiJwycyx5345G/C9VqMDGqBsHDco+jhvcuZIEwX+yV JYU22HAGxa/dUQ1aW7NvW6xiAtyLYyPra3XNH3zeQuaZKW67LvFzm1cffsZDzTbPRa 6azPxsK9RugreuGMJ+yhERkJBB2NK+G/4yR+sjJX7kpWnhcrQYPQ7/e7vMb4AkfCDN 4zz8JvKF5VhOQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:18 +0100 Subject: [PATCH v4 65/72] selftests/namespaces: eleventh inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-65-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=8469; i=brauner@kernel.org; h=from:subject:message-id; bh=sKXDidGiOR1H5xWVrgVg4FOPuYvFiXWeY9Fffw5SXJg=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU0Q0L54fu0O7xNum5+828pZZnXH5Jd6x9XOsKg8m V9Gbx3sOkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACaScJ/hf0LdLwYHbrmS2snx fbfD1reKnbebZmV3/M/8F68Zrk9W82P4pza7o7QqdOaUwnmKQeJ7uRY822cfEljntH7v/7nKK9i P8AAA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test combined listns() and file handle operations with socket-kept netns. Create a netns, keep it alive with a socket, verify it appears in listns(), then reopen it via file handle obtained from listns() entry. Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 283 +++++++++++++++++= ++++ 1 file changed, 283 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index a909232dba36..706049768d52 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -974,4 +974,287 @@ TEST(siocgskns_file_handle) free(handle); } =20 +/* + * Test combined listns() and file handle operations with socket-kept netn= s. + * Create a netns, keep it alive with a socket, verify it appears in listn= s(), + * then reopen it via file handle obtained from listns() entry. + */ +TEST(siocgskns_listns_and_file_handle) +{ + int sock_fd, netns_fd, userns_fd, reopened_fd; + int ipc_sockets[2]; + pid_t pid; + int status; + struct stat st; + ino_t netns_ino; + __u64 netns_id, userns_id; + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET | CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + int ret, i; + bool found_netns =3D false, found_userns =3D false; + struct file_handle *handle; + struct nsfs_file_handle *nsfs_fh; + + /* Allocate file_handle structure for nsfs */ + handle =3D malloc(sizeof(struct file_handle) + sizeof(struct nsfs_file_ha= ndle)); + ASSERT_NE(handle, NULL); + handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + handle->handle_type =3D FILEID_NSFS; + + EXPECT_EQ(socketpair(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets= ), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child: create new userns and netns with socket */ + close(ipc_sockets[0]); + + if (setup_userns() < 0) { + close(ipc_sockets[1]); + exit(1); + } + + if (unshare(CLONE_NEWNET) < 0) { + close(ipc_sockets[1]); + exit(1); + } + + sock_fd =3D socket(AF_INET, SOCK_DGRAM, 0); + if (sock_fd < 0) { + close(ipc_sockets[1]); + exit(1); + } + + /* Send socket FD to parent via SCM_RIGHTS */ + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1] =3D {'X'}; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level =3D SOL_SOCKET; + cmsg->cmsg_type =3D SCM_RIGHTS; + cmsg->cmsg_len =3D CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cmsg), &sock_fd, sizeof(int)); + + if (sendmsg(ipc_sockets[1], &msg, 0) < 0) { + close(sock_fd); + close(ipc_sockets[1]); + exit(1); + } + + close(sock_fd); + close(ipc_sockets[1]); + exit(0); + } + + /* Parent: receive socket FD */ + close(ipc_sockets[1]); + + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1]; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + ssize_t n =3D recvmsg(ipc_sockets[0], &msg, 0); + close(ipc_sockets[0]); + ASSERT_EQ(n, 1); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + ASSERT_NE(cmsg, NULL); + memcpy(&sock_fd, CMSG_DATA(cmsg), sizeof(int)); + + /* Wait for child to exit */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Get network namespace from socket */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + free(handle); + close(sock_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + + ASSERT_EQ(fstat(netns_fd, &st), 0); + netns_ino =3D st.st_ino; + + /* Get namespace ID */ + ret =3D ioctl(netns_fd, NS_GET_ID, &netns_id); + if (ret < 0) { + free(handle); + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "NS_GET_ID not supported"); + ASSERT_EQ(ret, 0); + } + + /* Get owner user namespace */ + userns_fd =3D ioctl(netns_fd, NS_GET_USERNS); + if (userns_fd < 0) { + free(handle); + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "NS_GET_USERNS not supported"); + ASSERT_GE(userns_fd, 0); + } + + /* Get owner namespace ID */ + ret =3D ioctl(userns_fd, NS_GET_ID, &userns_id); + if (ret < 0) { + close(userns_fd); + free(handle); + close(sock_fd); + close(netns_fd); + ASSERT_EQ(ret, 0); + } + close(userns_fd); + + TH_LOG("Testing netns %lu (id=3D%llu) owned by userns id=3D%llu", netns_i= no, netns_id, userns_id); + + /* Verify namespace appears in listns() */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + free(handle); + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s", strerror(errno)); + ASSERT_GE(ret, 0); + } + + found_netns =3D false; + found_userns =3D false; + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_id) + found_netns =3D true; + if (ns_ids[i] =3D=3D userns_id) + found_userns =3D true; + } + ASSERT_TRUE(found_netns); + ASSERT_TRUE(found_userns); + TH_LOG("Found netns %llu in listns() output", netns_id); + + /* Construct file handle from namespace ID */ + nsfs_fh =3D (struct nsfs_file_handle *)handle->f_handle; + nsfs_fh->ns_id =3D netns_id; + nsfs_fh->ns_type =3D 0; + nsfs_fh->ns_inum =3D 0; + + reopened_fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + if (reopened_fd < 0) { + free(handle); + close(sock_fd); + if (errno =3D=3D EOPNOTSUPP || errno =3D=3D ENOSYS || errno =3D=3D EBADF) + SKIP(return, "open_by_handle_at with FD_NSFS_ROOT not supported"); + TH_LOG("open_by_handle_at failed: %s", strerror(errno)); + ASSERT_GE(reopened_fd, 0); + } + + struct stat reopened_st; + ASSERT_EQ(fstat(reopened_fd, &reopened_st), 0); + ASSERT_EQ(reopened_st.st_ino, netns_ino); + + TH_LOG("Successfully reopened netns %lu via file handle (socket-kept)", n= etns_ino); + + close(reopened_fd); + close(netns_fd); + + /* Try to reopen via file handle - should fail since namespace is now ina= ctive */ + reopened_fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(reopened_fd, 0); + TH_LOG("Correctly failed to reopen inactive netns: %s", strerror(errno)); + + /* Get network namespace from socket */ + netns_fd =3D ioctl(sock_fd, SIOCGSKNS); + if (netns_fd < 0) { + free(handle); + close(sock_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_fd, 0); + } + + /* Verify namespace appears in listns() */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + free(handle); + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s", strerror(errno)); + ASSERT_GE(ret, 0); + } + + found_netns =3D false; + found_userns =3D false; + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_id) + found_netns =3D true; + if (ns_ids[i] =3D=3D userns_id) + found_userns =3D true; + } + ASSERT_TRUE(found_netns); + ASSERT_TRUE(found_userns); + TH_LOG("Found netns %llu in listns() output", netns_id); + + close(netns_fd); + + /* Verify namespace appears in listns() */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + free(handle); + close(sock_fd); + close(netns_fd); + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + TH_LOG("listns failed: %s", strerror(errno)); + ASSERT_GE(ret, 0); + } + + found_netns =3D false; + found_userns =3D false; + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_id) + found_netns =3D true; + if (ns_ids[i] =3D=3D userns_id) + found_userns =3D true; + } + ASSERT_FALSE(found_netns); + ASSERT_FALSE(found_userns); + TH_LOG("Netns %llu correctly disappeared from listns() after socket close= d", netns_id); + + close(sock_fd); + free(handle); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0C61333B6CC; Wed, 29 Oct 2025 12:26:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740774; cv=none; b=uPE46nKYZPXFa4UfDD0+cY7V/2fJhgCZxaYG417AebXwF0Y/jv98WuCaALvz/Z2tkQTrtxYgbMprx5gd1oNJo5Rx5CvKmAYoieBht+hvQnKFtxkhYVyvynoUus+tsZ8UDoI+eQN1D92uOK6lU7+tOlewpfmsJKufoleRvjZkH3k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740774; c=relaxed/simple; bh=4DBUpYISpIFS5Tcy2WQb4n+lgh4Zbjunaz48EAgExJo=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=R8uWncltJD95enKy2kP86sPIGHc/phwmwpUPEwGzwAEfT0caRsoyO1Ysq4hEVHJ67d5ceSDI9ULcx2haxKSaAeovjexmZne1h79ZZgo/qY2+v0G4CMTWQwusuojHB3qhdpY4RlN9N2tK5nAERS1IpKq9VX5BEKFYFDgb2gOXwGs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ZvY36Kdd; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ZvY36Kdd" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E0AB5C116C6; Wed, 29 Oct 2025 12:26:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740773; bh=4DBUpYISpIFS5Tcy2WQb4n+lgh4Zbjunaz48EAgExJo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ZvY36Kdd4RI4eMg3XPjjup+Z2kKrjQyWVw2xKHATYrqANLvmKG0TmdGNngi/x/JVF YqnC7cpfgeEyHHAwqcha7bHqRYTUh6n+kNkrI1cu/VswGUCCY6QRMEAkSvwJQMGKE3 zMMPQRgvPXAxsxV1fjoTiuNPMFdQOowhQ46vluB74gnlxqOPZzcwNKO0WcPnlr184Y caajlAH+NAtY3rcFJh0XvXDqcF7/MM7fYySlTmf5qoJWDHOSVtVt1/4+zcrKIESlVF QPZWzCsVarMpnHi9npG7FeltVokk2w2L6fjcNy8pxK1Es2Ev85PHCoJ0WlGkro/lmv GgevuyVbRiu4A== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:19 +0100 Subject: [PATCH v4 66/72] selftests/namespaces: twelth inactive namespace resurrection test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-66-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=18059; i=brauner@kernel.org; h=from:subject:message-id; bh=4DBUpYISpIFS5Tcy2WQb4n+lgh4Zbjunaz48EAgExJo=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU3wOuuxI4dLKenSf0mH+Jyqj5f2llWp/kx9YdBvG 91cEfero5SFQYyLQVZMkcWh3SRcbjlPxWajTA2YOaxMIEMYuDgFYCLd7YwMU19rLp9wzkik2/7l joiZXS/ZvVL7naP6l/hdenEwqvzGY0aGBevPbDnXcG1vj9I6pes5d2fP2Dt7Si7vnkcBGXeXPuK aygAA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test multi-level namespace resurrection across three user namespace levels. This test creates a complex namespace hierarchy with three levels of user namespaces and a network namespace at the deepest level. It verifies that the resurrection semantics work correctly when SIOCGSKNS is called on a socket from an inactive namespace tree, and that listns() and open_by_handle_at() correctly respect visibility rules. Hierarchy after child processes exit (all with 0 active refcount): net_L3A (0) <- Level 3 network namespace | + userns_L3 (0) <- Level 3 user namespace | + userns_L2 (0) <- Level 2 user namespace | + userns_L1 (0) <- Level 1 user namespace | x init_user_ns The test verifies: 1. SIOCGSKNS on a socket from inactive net_L3A resurrects the entire chain 2. After resurrection, all namespaces are visible in listns() 3. Resurrected namespaces can be reopened via file handles 4. Closing the netns FD cascades down: the entire ownership chain (userns_L3 -> userns_L2 -> userns_L1) becomes inactive again 5. Inactive namespaces disappear from listns() and cannot be reopened 6. Calling SIOCGSKNS again on the same socket resurrects the tree again 7. After second resurrection, namespaces are visible and can be reopened Signed-off-by: Christian Brauner --- .../testing/selftests/namespaces/siocgskns_test.c | 564 +++++++++++++++++= ++++ 1 file changed, 564 insertions(+) diff --git a/tools/testing/selftests/namespaces/siocgskns_test.c b/tools/te= sting/selftests/namespaces/siocgskns_test.c index 706049768d52..ba689a22d82f 100644 --- a/tools/testing/selftests/namespaces/siocgskns_test.c +++ b/tools/testing/selftests/namespaces/siocgskns_test.c @@ -1257,4 +1257,568 @@ TEST(siocgskns_listns_and_file_handle) free(handle); } =20 +/* + * Test multi-level namespace resurrection across three user namespace lev= els. + * + * This test creates a complex namespace hierarchy with three levels of us= er + * namespaces and a network namespace at the deepest level. It verifies th= at + * the resurrection semantics work correctly when SIOCGSKNS is called on a + * socket from an inactive namespace tree, and that listns() and + * open_by_handle_at() correctly respect visibility rules. + * + * Hierarchy after child processes exit (all with 0 active refcount): + * + * net_L3A (0) <- Level 3 network namespace + * | + * + + * userns_L3 (0) <- Level 3 user namespace + * | + * + + * userns_L2 (0) <- Level 2 user namespace + * | + * + + * userns_L1 (0) <- Level 1 user namespace + * | + * x + * init_user_ns + * + * The test verifies: + * 1. SIOCGSKNS on a socket from inactive net_L3A resurrects the entire ch= ain + * 2. After resurrection, all namespaces are visible in listns() + * 3. Resurrected namespaces can be reopened via file handles + * 4. Closing the netns FD cascades down: the entire ownership chain + * (userns_L3 -> userns_L2 -> userns_L1) becomes inactive again + * 5. Inactive namespaces disappear from listns() and cannot be reopened + * 6. Calling SIOCGSKNS again on the same socket resurrects the tree again + * 7. After second resurrection, namespaces are visible and can be reopened + */ +TEST(siocgskns_multilevel_resurrection) +{ + int ipc_sockets[2]; + pid_t pid_l1, pid_l2, pid_l3; + int status; + + /* Namespace file descriptors to be received from child */ + int sock_L3A_fd =3D -1; + int netns_L3A_fd =3D -1; + __u64 netns_L3A_id; + __u64 userns_L1_id, userns_L2_id, userns_L3_id; + + /* For listns() and file handle testing */ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWNET | CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + int ret, i; + struct file_handle *handle; + struct nsfs_file_handle *nsfs_fh; + int reopened_fd; + + /* Allocate file handle for testing */ + handle =3D malloc(sizeof(struct file_handle) + sizeof(struct nsfs_file_ha= ndle)); + ASSERT_NE(handle, NULL); + handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + handle->handle_type =3D FILEID_NSFS; + + EXPECT_EQ(socketpair(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets= ), 0); + + /* + * Fork level 1 child that creates userns_L1 + */ + pid_l1 =3D fork(); + ASSERT_GE(pid_l1, 0); + + if (pid_l1 =3D=3D 0) { + /* Level 1 child */ + int ipc_L2[2]; + close(ipc_sockets[0]); + + /* Create userns_L1 */ + if (setup_userns() < 0) { + close(ipc_sockets[1]); + exit(1); + } + + /* Create socketpair for communicating with L2 child */ + if (socketpair(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_L2) < 0) { + close(ipc_sockets[1]); + exit(1); + } + + /* + * Fork level 2 child that creates userns_L2 + */ + pid_l2 =3D fork(); + if (pid_l2 < 0) { + close(ipc_sockets[1]); + close(ipc_L2[0]); + close(ipc_L2[1]); + exit(1); + } + + if (pid_l2 =3D=3D 0) { + /* Level 2 child */ + int ipc_L3[2]; + close(ipc_L2[0]); + + /* Create userns_L2 (nested inside userns_L1) */ + if (setup_userns() < 0) { + close(ipc_L2[1]); + exit(1); + } + + /* Create socketpair for communicating with L3 child */ + if (socketpair(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_L3) < 0) { + close(ipc_L2[1]); + exit(1); + } + + /* + * Fork level 3 child that creates userns_L3 and network namespaces + */ + pid_l3 =3D fork(); + if (pid_l3 < 0) { + close(ipc_L2[1]); + close(ipc_L3[0]); + close(ipc_L3[1]); + exit(1); + } + + if (pid_l3 =3D=3D 0) { + /* Level 3 child - the deepest level */ + int sock_fd; + close(ipc_L3[0]); + + /* Create userns_L3 (nested inside userns_L2) */ + if (setup_userns() < 0) { + close(ipc_L3[1]); + exit(1); + } + + /* Create network namespace at level 3 */ + if (unshare(CLONE_NEWNET) < 0) { + close(ipc_L3[1]); + exit(1); + } + + /* Create socket in net_L3A */ + sock_fd =3D socket(AF_INET, SOCK_DGRAM, 0); + if (sock_fd < 0) { + close(ipc_L3[1]); + exit(1); + } + + /* Send socket FD to L2 parent */ + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1] =3D {'X'}; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level =3D SOL_SOCKET; + cmsg->cmsg_type =3D SCM_RIGHTS; + cmsg->cmsg_len =3D CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cmsg), &sock_fd, sizeof(int)); + + if (sendmsg(ipc_L3[1], &msg, 0) < 0) { + close(sock_fd); + close(ipc_L3[1]); + exit(1); + } + + close(sock_fd); + close(ipc_L3[1]); + exit(0); + } + + /* Level 2 child - receive from L3 and forward to L1 */ + close(ipc_L3[1]); + + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1]; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + int received_fd; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + ssize_t n =3D recvmsg(ipc_L3[0], &msg, 0); + close(ipc_L3[0]); + + if (n !=3D 1) { + close(ipc_L2[1]); + waitpid(pid_l3, NULL, 0); + exit(1); + } + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + if (!cmsg) { + close(ipc_L2[1]); + waitpid(pid_l3, NULL, 0); + exit(1); + } + memcpy(&received_fd, CMSG_DATA(cmsg), sizeof(int)); + + /* Wait for L3 child */ + waitpid(pid_l3, NULL, 0); + + /* Forward the socket FD to L1 parent */ + memset(&msg, 0, sizeof(msg)); + buf[0] =3D 'Y'; + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + cmsg =3D CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level =3D SOL_SOCKET; + cmsg->cmsg_type =3D SCM_RIGHTS; + cmsg->cmsg_len =3D CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cmsg), &received_fd, sizeof(int)); + + if (sendmsg(ipc_L2[1], &msg, 0) < 0) { + close(received_fd); + close(ipc_L2[1]); + exit(1); + } + + close(received_fd); + close(ipc_L2[1]); + exit(0); + } + + /* Level 1 child - receive from L2 and forward to parent */ + close(ipc_L2[1]); + + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1]; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + int received_fd; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + ssize_t n =3D recvmsg(ipc_L2[0], &msg, 0); + close(ipc_L2[0]); + + if (n !=3D 1) { + close(ipc_sockets[1]); + waitpid(pid_l2, NULL, 0); + exit(1); + } + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + if (!cmsg) { + close(ipc_sockets[1]); + waitpid(pid_l2, NULL, 0); + exit(1); + } + memcpy(&received_fd, CMSG_DATA(cmsg), sizeof(int)); + + /* Wait for L2 child */ + waitpid(pid_l2, NULL, 0); + + /* Forward the socket FD to parent */ + memset(&msg, 0, sizeof(msg)); + buf[0] =3D 'Z'; + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + cmsg =3D CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level =3D SOL_SOCKET; + cmsg->cmsg_type =3D SCM_RIGHTS; + cmsg->cmsg_len =3D CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cmsg), &received_fd, sizeof(int)); + + if (sendmsg(ipc_sockets[1], &msg, 0) < 0) { + close(received_fd); + close(ipc_sockets[1]); + exit(1); + } + + close(received_fd); + close(ipc_sockets[1]); + exit(0); + } + + /* Parent - receive the socket from the deepest level */ + close(ipc_sockets[1]); + + struct msghdr msg =3D {0}; + struct iovec iov =3D {0}; + char buf[1]; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + + iov.iov_base =3D buf; + iov.iov_len =3D 1; + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D cmsg_buf; + msg.msg_controllen =3D sizeof(cmsg_buf); + + ssize_t n =3D recvmsg(ipc_sockets[0], &msg, 0); + close(ipc_sockets[0]); + + if (n !=3D 1) { + free(handle); + waitpid(pid_l1, NULL, 0); + SKIP(return, "Failed to receive socket from child"); + } + + struct cmsghdr *cmsg =3D CMSG_FIRSTHDR(&msg); + if (!cmsg) { + free(handle); + waitpid(pid_l1, NULL, 0); + SKIP(return, "Failed to receive socket from child"); + } + memcpy(&sock_L3A_fd, CMSG_DATA(cmsg), sizeof(int)); + + /* Wait for L1 child */ + waitpid(pid_l1, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* + * At this point, all child processes have exited. The socket itself + * doesn't keep the namespace active - we need to call SIOCGSKNS which + * will resurrect the entire namespace tree by taking active references. + */ + + /* Get network namespace from socket - this resurrects the tree */ + netns_L3A_fd =3D ioctl(sock_L3A_fd, SIOCGSKNS); + if (netns_L3A_fd < 0) { + free(handle); + close(sock_L3A_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "SIOCGSKNS not supported"); + ASSERT_GE(netns_L3A_fd, 0); + } + + /* Get namespace ID for net_L3A */ + ret =3D ioctl(netns_L3A_fd, NS_GET_ID, &netns_L3A_id); + if (ret < 0) { + free(handle); + close(sock_L3A_fd); + close(netns_L3A_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "NS_GET_ID not supported"); + ASSERT_EQ(ret, 0); + } + + /* Get owner user namespace chain: userns_L3 -> userns_L2 -> userns_L1 */ + int userns_L3_fd =3D ioctl(netns_L3A_fd, NS_GET_USERNS); + if (userns_L3_fd < 0) { + free(handle); + close(sock_L3A_fd); + close(netns_L3A_fd); + if (errno =3D=3D ENOTTY || errno =3D=3D EINVAL) + SKIP(return, "NS_GET_USERNS not supported"); + ASSERT_GE(userns_L3_fd, 0); + } + + ret =3D ioctl(userns_L3_fd, NS_GET_ID, &userns_L3_id); + ASSERT_EQ(ret, 0); + + int userns_L2_fd =3D ioctl(userns_L3_fd, NS_GET_USERNS); + ASSERT_GE(userns_L2_fd, 0); + ret =3D ioctl(userns_L2_fd, NS_GET_ID, &userns_L2_id); + ASSERT_EQ(ret, 0); + + int userns_L1_fd =3D ioctl(userns_L2_fd, NS_GET_USERNS); + ASSERT_GE(userns_L1_fd, 0); + ret =3D ioctl(userns_L1_fd, NS_GET_ID, &userns_L1_id); + ASSERT_EQ(ret, 0); + + close(userns_L1_fd); + close(userns_L2_fd); + close(userns_L3_fd); + + TH_LOG("Multi-level hierarchy: net_L3A (id=3D%llu) -> userns_L3 (id=3D%ll= u) -> userns_L2 (id=3D%llu) -> userns_L1 (id=3D%llu)", + netns_L3A_id, userns_L3_id, userns_L2_id, userns_L1_id); + + /* + * Test 1: Verify net_L3A is visible in listns() after resurrection. + * The entire ownership chain should be resurrected and visible. + */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + free(handle); + close(sock_L3A_fd); + close(netns_L3A_fd); + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret, 0); + } + + bool found_netns_L3A =3D false; + bool found_userns_L1 =3D false; + bool found_userns_L2 =3D false; + bool found_userns_L3 =3D false; + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_L3A_id) + found_netns_L3A =3D true; + if (ns_ids[i] =3D=3D userns_L1_id) + found_userns_L1 =3D true; + if (ns_ids[i] =3D=3D userns_L2_id) + found_userns_L2 =3D true; + if (ns_ids[i] =3D=3D userns_L3_id) + found_userns_L3 =3D true; + } + + ASSERT_TRUE(found_netns_L3A); + ASSERT_TRUE(found_userns_L1); + ASSERT_TRUE(found_userns_L2); + ASSERT_TRUE(found_userns_L3); + TH_LOG("Resurrection verified: all namespaces in hierarchy visible in lis= tns()"); + + /* + * Test 2: Verify net_L3A can be reopened via file handle. + */ + nsfs_fh =3D (struct nsfs_file_handle *)handle->f_handle; + nsfs_fh->ns_id =3D netns_L3A_id; + nsfs_fh->ns_type =3D 0; + nsfs_fh->ns_inum =3D 0; + + reopened_fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + if (reopened_fd < 0) { + free(handle); + close(sock_L3A_fd); + close(netns_L3A_fd); + if (errno =3D=3D EOPNOTSUPP || errno =3D=3D ENOSYS || errno =3D=3D EBADF) + SKIP(return, "open_by_handle_at with FD_NSFS_ROOT not supported"); + TH_LOG("open_by_handle_at failed: %s", strerror(errno)); + ASSERT_GE(reopened_fd, 0); + } + + close(reopened_fd); + TH_LOG("File handle test passed: net_L3A can be reopened"); + + /* + * Test 3: Verify that when we close the netns FD (dropping the last + * active reference), the entire tree becomes inactive and disappears + * from listns(). The cascade goes: net_L3A drops -> userns_L3 drops -> + * userns_L2 drops -> userns_L1 drops. + */ + close(netns_L3A_fd); + + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + ASSERT_GE(ret, 0); + + found_netns_L3A =3D false; + found_userns_L1 =3D false; + found_userns_L2 =3D false; + found_userns_L3 =3D false; + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_L3A_id) + found_netns_L3A =3D true; + if (ns_ids[i] =3D=3D userns_L1_id) + found_userns_L1 =3D true; + if (ns_ids[i] =3D=3D userns_L2_id) + found_userns_L2 =3D true; + if (ns_ids[i] =3D=3D userns_L3_id) + found_userns_L3 =3D true; + } + + ASSERT_FALSE(found_netns_L3A); + ASSERT_FALSE(found_userns_L1); + ASSERT_FALSE(found_userns_L2); + ASSERT_FALSE(found_userns_L3); + TH_LOG("Cascade test passed: all namespaces disappeared after netns FD cl= osed"); + + /* + * Test 4: Verify file handle no longer works for inactive namespace. + */ + reopened_fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + if (reopened_fd >=3D 0) { + close(reopened_fd); + free(handle); + ASSERT_TRUE(false); /* Should have failed */ + } + TH_LOG("Inactive namespace correctly cannot be reopened via file handle"); + + /* + * Test 5: Verify that calling SIOCGSKNS again resurrects the tree again. + * The socket is still valid, so we can call SIOCGSKNS on it to resurrect + * the namespace tree once more. + */ + netns_L3A_fd =3D ioctl(sock_L3A_fd, SIOCGSKNS); + ASSERT_GE(netns_L3A_fd, 0); + + TH_LOG("Called SIOCGSKNS again to resurrect the namespace tree"); + + /* Verify the namespace tree is resurrected and visible in listns() */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + ASSERT_GE(ret, 0); + + found_netns_L3A =3D false; + found_userns_L1 =3D false; + found_userns_L2 =3D false; + found_userns_L3 =3D false; + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D netns_L3A_id) + found_netns_L3A =3D true; + if (ns_ids[i] =3D=3D userns_L1_id) + found_userns_L1 =3D true; + if (ns_ids[i] =3D=3D userns_L2_id) + found_userns_L2 =3D true; + if (ns_ids[i] =3D=3D userns_L3_id) + found_userns_L3 =3D true; + } + + ASSERT_TRUE(found_netns_L3A); + ASSERT_TRUE(found_userns_L1); + ASSERT_TRUE(found_userns_L2); + ASSERT_TRUE(found_userns_L3); + TH_LOG("Second resurrection verified: all namespaces in hierarchy visible= in listns() again"); + + /* Verify we can reopen via file handle again */ + reopened_fd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + if (reopened_fd < 0) { + free(handle); + close(sock_L3A_fd); + close(netns_L3A_fd); + TH_LOG("open_by_handle_at failed after second resurrection: %s", strerro= r(errno)); + ASSERT_GE(reopened_fd, 0); + } + + close(reopened_fd); + TH_LOG("File handle test passed: net_L3A can be reopened after second res= urrection"); + + /* Final cleanup */ + close(sock_L3A_fd); + close(netns_L3A_fd); + free(handle); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B476620297E; Wed, 29 Oct 2025 12:26:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740778; cv=none; b=Ag5CUlJD94LRe1yi8+RTOkA/rnMaxKmsEhoTlaoHxGpwiD2fRBhtt7a6jZkPdKWaifcX1j9JUo9C597090Pkk6r9x1PX93zamGxt5kjv2lQoHbOEoawjnL4nrq9aJMb1bewgTE+gfjS0eZza349ESpXbOaPEwh8KAG6Fj5l6gzs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740778; c=relaxed/simple; bh=WqVUkxH4ZBiU30MvQT3O+adj44+G6SHOGkbS5VtGikk=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=j3MzkurliOWIKzpm3YpRdiI8a8AxmBCCbeJ+Jio+DUPRVZZ60ZCSFFAbKzFeTF5aZYJ7YEsma85V/o5VL7pZTo7aKwivJnnvotTnSXsfZ123RIJ7jTBk/r0xaPFmf0MIan7QTqUOSVYgQM78yDmB09ZTGI6JIQegqoiSU3gNM9o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=d+xANKgV; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="d+xANKgV" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0430AC4CEFD; Wed, 29 Oct 2025 12:26:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740778; bh=WqVUkxH4ZBiU30MvQT3O+adj44+G6SHOGkbS5VtGikk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=d+xANKgVfY71ePdCHybG5/aMzz1+TAc44E0JLm2Tp5UASh6EQOWACcXf6j+f4Y0v/ LO62kmki04543e8HhBlco8GA2neM+Eh3xgDiBb2rxQdOl/XvhntP70gqzlK49/H/H3 xft51m1uJWZSV//q9iKm/oJs5dQfzlD554aOe8laJJolt9VM0XsC3Si2OPGdchN9DV F7bqoyY1KsPEZKIOLbhYkvSj6KYX4Wf13n2R7tswdOv2Ts+Uf1RR1/TWpWMmqlSgxn YrVBqfY0ZpGIXVwPaeOTTJOD9DD+34FqNgPseBMna9noDgq582PdDSLCzylRyxkMBT vyRF3XPYZTLbQ== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:20 +0100 Subject: [PATCH v4 67/72] selftests/namespace: first threaded active reference count test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-67-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=4736; i=brauner@kernel.org; h=from:subject:message-id; bh=WqVUkxH4ZBiU30MvQT3O+adj44+G6SHOGkbS5VtGikk=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU3QST1zYOGsaM0dk/bseh9u7lknY+Zo0a/4f97Ww vNqt+53d5SyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAEzEkI3hf9C/sOT1nTeanidX BViHmJ9KWHVq2VmT5Ki4pXtdZhUfiGVk2FcTtXDvV5eDKlkiJvXWcq4e76PNmo6VW6SrSsn3131 mAQA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that namespace becomes inactive after thread exits. This verifies active reference counting works with threads, not just processes. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 138 +++++++++++++++++= ++++ 1 file changed, 138 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index b7fa973a2572..0c6c4869bb16 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -12,9 +12,12 @@ #include #include #include +#include #include +#include #include "../kselftest_harness.h" #include "../filesystems/utils.h" +#include "wrappers.h" =20 #ifndef FD_NSFS_ROOT #define FD_NSFS_ROOT -10003 /* Root of the nsfs filesystem */ @@ -2113,4 +2116,139 @@ TEST(ns_mixed_types_same_owner) ASSERT_LT(u_fd, 0); } =20 +/* Thread test helpers and structures */ +struct thread_ns_info { + __u64 ns_id; + int pipefd; + int syncfd_read; + int syncfd_write; + int exit_code; +}; + +static void *thread_create_namespace(void *arg) +{ + struct thread_ns_info *info =3D (struct thread_ns_info *)arg; + int ret; + + /* Create new network namespace */ + ret =3D unshare(CLONE_NEWNET); + if (ret < 0) { + info->exit_code =3D 1; + return NULL; + } + + /* Get namespace ID */ + int fd =3D open("/proc/thread-self/ns/net", O_RDONLY); + if (fd < 0) { + info->exit_code =3D 2; + return NULL; + } + + ret =3D ioctl(fd, NS_GET_ID, &info->ns_id); + close(fd); + if (ret < 0) { + info->exit_code =3D 3; + return NULL; + } + + /* Send namespace ID to main thread */ + if (write(info->pipefd, &info->ns_id, sizeof(info->ns_id)) !=3D sizeof(in= fo->ns_id)) { + info->exit_code =3D 4; + return NULL; + } + + /* Wait for signal to exit */ + char sync_byte; + if (read(info->syncfd_read, &sync_byte, 1) !=3D 1) { + info->exit_code =3D 5; + return NULL; + } + + info->exit_code =3D 0; + return NULL; +} + +/* + * Test that namespace becomes inactive after thread exits. + * This verifies active reference counting works with threads, not just pr= ocesses. + */ +TEST(thread_ns_inactive_after_exit) +{ + pthread_t thread; + struct thread_ns_info info; + struct file_handle *handle; + int pipefd[2]; + int syncpipe[2]; + int ret; + char sync_byte; + char buf[sizeof(*handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + ASSERT_EQ(pipe(syncpipe), 0); + + info.pipefd =3D pipefd[1]; + info.syncfd_read =3D syncpipe[0]; + info.syncfd_write =3D -1; + info.exit_code =3D -1; + + /* Create thread that will create a namespace */ + ret =3D pthread_create(&thread, NULL, thread_create_namespace, &info); + ASSERT_EQ(ret, 0); + + /* Read namespace ID from thread */ + __u64 ns_id; + ret =3D read(pipefd[0], &ns_id, sizeof(ns_id)); + if (ret !=3D sizeof(ns_id)) { + sync_byte =3D 'X'; + write(syncpipe[1], &sync_byte, 1); + pthread_join(thread, NULL); + close(pipefd[0]); + close(pipefd[1]); + close(syncpipe[0]); + close(syncpipe[1]); + SKIP(return, "Failed to read namespace ID from thread"); + } + + TH_LOG("Thread created namespace with ID %llu", (unsigned long long)ns_id= ); + + /* Construct file handle */ + handle =3D (struct file_handle *)buf; + handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *fh =3D (struct nsfs_file_handle *)handle->f_hand= le; + fh->ns_id =3D ns_id; + fh->ns_type =3D 0; + fh->ns_inum =3D 0; + + /* Namespace should be active while thread is alive */ + TH_LOG("Attempting to open namespace while thread is alive (should succee= d)"); + int nsfd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_GE(nsfd, 0); + close(nsfd); + + /* Signal thread to exit */ + TH_LOG("Signaling thread to exit"); + sync_byte =3D 'X'; + ASSERT_EQ(write(syncpipe[1], &sync_byte, 1), 1); + close(syncpipe[1]); + + /* Wait for thread to exit */ + ASSERT_EQ(pthread_join(thread, NULL), 0); + close(pipefd[0]); + close(pipefd[1]); + close(syncpipe[0]); + + if (info.exit_code !=3D 0) + SKIP(return, "Thread failed to create namespace"); + + TH_LOG("Thread exited, namespace should be inactive"); + + /* Namespace should now be inactive */ + nsfd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(nsfd, 0); + /* Should fail with ENOENT (inactive) or ESTALE (gone) */ + TH_LOG("Namespace inactive as expected: %s (errno=3D%d)", strerror(errno)= , errno); + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 302A0366FC6; Wed, 29 Oct 2025 12:26:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740784; cv=none; b=ElcK5ccUY+nU2+SScidqXM1zKRQrUlRP7Elajf3O3z0nNzvpbW3846jFNyHitZPqsxWKYEx5YRguRZwL9NXtF3P65JzpXz6ZxO6E0H1Bx8oc9Z/0R7OMuDGXHF9ZPXHKiAkha/SO6jbvaGOmeH7W1Ki/tztRSGh9s4XnlSXY4os= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740784; c=relaxed/simple; bh=+kgGWvLMBNpy0C4YEMZXDEKTpLYegwzhaVcMRXxEJRg=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=h8ziLOTTwnRynP9tqNU7BzJXorCAl1kXyJQcpEZCDpyiEwWxsRkodZdFaXGFnKbo1aoa3bWjr05ZQDNKm4sBji0pklyLwmg6X50j09vwUwcJHNx+vYd/5uqqFprF7Ba/lHi7y3du6p6f2Yg6+mHzKAVt5HnCunzUHnYqNl5/WKI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=OQUp/2E/; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="OQUp/2E/" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 111A1C116B1; Wed, 29 Oct 2025 12:26:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740783; bh=+kgGWvLMBNpy0C4YEMZXDEKTpLYegwzhaVcMRXxEJRg=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=OQUp/2E/skhKtrrpwAxfyaR97EtkNnKHr7qlgoqsjjd88QqnwOSxO/QxsMsWmD3K9 b4hTCKFlqojHUUroxy7/74va3SV9SK5q0vC3W5J5NSnRaPYz2s6yCVP9Afr/ETG8KR JKPCi0p2GH7mDhKJvYhwf6TOyobe8nl9CRKnb1MxcfOc6SXbnORJfh7pjt/QoNVuSZ SId/ZU+LHmOk48XlULgsBYI2f0g954eoVwvF5enK5kdTdYvYsHulEtoJwwgquqt+Dj PpM3NJlzSjXXTzwAm2fgvsjpMyxkfkWVbwBRdyiAq7WqqGvu5GGSWrX0PLimbAwgDv gNl0TL5qUvPhw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:21 +0100 Subject: [PATCH v4 68/72] selftests/namespace: second threaded active reference count test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-68-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=3834; i=brauner@kernel.org; h=from:subject:message-id; bh=+kgGWvLMBNpy0C4YEMZXDEKTpLYegwzhaVcMRXxEJRg=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU1wYr2WrHFzesEcTYcfCkrND6ff4uWazLDG1/rfa +ODu1ILO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACayahkjw8IrrD3/bn0Qcrjo 2ZvJek9NM4zNspFLWGJbqRj3wtgdXxkZNgY9uPLLZ6p94Upxlx/+hSFzYoIthBSmcfNsOmodcGE 1LwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that a namespace remains active while a thread holds an fd to it. Even after the thread exits, the namespace should remain active as long as another thread holds a file descriptor to it. Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 99 ++++++++++++++++++= ++++ 1 file changed, 99 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 0c6c4869bb16..24dc8ef106b9 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -2251,4 +2251,103 @@ TEST(thread_ns_inactive_after_exit) ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); } =20 +/* + * Test that a namespace remains active while a thread holds an fd to it. + * Even after the thread exits, the namespace should remain active as long= as + * another thread holds a file descriptor to it. + */ +TEST(thread_ns_fd_keeps_active) +{ + pthread_t thread; + struct thread_ns_info info; + struct file_handle *handle; + int pipefd[2]; + int syncpipe[2]; + int ret; + char sync_byte; + char buf[sizeof(*handle) + MAX_HANDLE_SZ]; + + ASSERT_EQ(pipe(pipefd), 0); + ASSERT_EQ(pipe(syncpipe), 0); + + info.pipefd =3D pipefd[1]; + info.syncfd_read =3D syncpipe[0]; + info.syncfd_write =3D -1; + info.exit_code =3D -1; + + /* Create thread that will create a namespace */ + ret =3D pthread_create(&thread, NULL, thread_create_namespace, &info); + ASSERT_EQ(ret, 0); + + /* Read namespace ID from thread */ + __u64 ns_id; + ret =3D read(pipefd[0], &ns_id, sizeof(ns_id)); + if (ret !=3D sizeof(ns_id)) { + sync_byte =3D 'X'; + write(syncpipe[1], &sync_byte, 1); + pthread_join(thread, NULL); + close(pipefd[0]); + close(pipefd[1]); + close(syncpipe[0]); + close(syncpipe[1]); + SKIP(return, "Failed to read namespace ID from thread"); + } + + TH_LOG("Thread created namespace with ID %llu", (unsigned long long)ns_id= ); + + /* Construct file handle */ + handle =3D (struct file_handle *)buf; + handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *fh =3D (struct nsfs_file_handle *)handle->f_hand= le; + fh->ns_id =3D ns_id; + fh->ns_type =3D 0; + fh->ns_inum =3D 0; + + /* Open namespace while thread is alive */ + TH_LOG("Opening namespace while thread is alive"); + int nsfd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_GE(nsfd, 0); + + /* Signal thread to exit */ + TH_LOG("Signaling thread to exit"); + sync_byte =3D 'X'; + write(syncpipe[1], &sync_byte, 1); + close(syncpipe[1]); + + /* Wait for thread to exit */ + pthread_join(thread, NULL); + close(pipefd[0]); + close(pipefd[1]); + close(syncpipe[0]); + + if (info.exit_code !=3D 0) { + close(nsfd); + SKIP(return, "Thread failed to create namespace"); + } + + TH_LOG("Thread exited, but main thread holds fd - namespace should remain= active"); + + /* Namespace should still be active because we hold an fd */ + int nsfd2 =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_GE(nsfd2, 0); + + /* Verify it's the same namespace */ + struct stat st1, st2; + ASSERT_EQ(fstat(nsfd, &st1), 0); + ASSERT_EQ(fstat(nsfd2, &st2), 0); + ASSERT_EQ(st1.st_ino, st2.st_ino); + close(nsfd2); + + TH_LOG("Closing fd - namespace should become inactive"); + close(nsfd); + + /* Now namespace should be inactive */ + nsfd =3D open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY); + ASSERT_LT(nsfd, 0); + /* Should fail with ENOENT (inactive) or ESTALE (gone) */ + TH_LOG("Namespace inactive as expected: %s (errno=3D%d)", strerror(errno)= , errno); + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 443C83678C0; Wed, 29 Oct 2025 12:26:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740789; cv=none; b=Bh8q/rWSKWftShQx3YYdVtpw9ARWisSgkSkgHmMVNVLBAOosVLlsZRXXXepnPkPBRncTGWbVJuEvgMe/ODe66H24zTQSSaF2mdheCk6TIN7rVR4nPNdla3z9UmadNu5XZE+BKO86GuXAD0yru0nJyukiN80SFk0zi/1SW1lOgMM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740789; c=relaxed/simple; bh=wjpkLSx2K2iB/mWZZQZcuIqQ514ywG7UHLGyzr0x04k=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=ncLRibd+KFTYXoDOzwtgF+SinqRAlyGtxWgatpnfa/Jj2Waa9GtiOlT5Bhct/JlbI5GLMUakV9Pk/Tu6qswF3tnFau7D71Oa6fAHDzZwERhEmKSe5en2+qtOv7iU9DsfqEBS462kvlE8Axs+FVEvTsZKAptB9bsG0s160etYxQw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=M8OBkH8p; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="M8OBkH8p" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2920BC4CEFF; Wed, 29 Oct 2025 12:26:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740788; bh=wjpkLSx2K2iB/mWZZQZcuIqQ514ywG7UHLGyzr0x04k=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=M8OBkH8piqK2Y5pAot3tsHUlnkJCbJUyH9a+5eGu2e17vFEOcAAurdN8Hr3VfvRdX GVpBmcARBaj+i8KpD35MPKBtrx2qlcH9s6XLQon3bbKg8X4Y/6kLwlJPRFCJ736o2U yJt2YoqyU4nkzHXcgEMHvDIqYW9sPAFwxywceW8AvAsDvggkjBscLb/cRRlnrRJogU TXMR2yZWM+3z+UxpbveAaTexHcKSq59wmAu8bUjZl+vMn2Z9+MxROxstPN/mKNxXEz tQhEz3/UvYKdrgnxJCtx2iLxGT+8wkl4jnJ0Sj0EEWiZ3SwZkNLKH1uqrKGdX9L2+/ Ud5lTlmtZJk1w== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:22 +0100 Subject: [PATCH v4 69/72] selftests/namespace: third threaded active reference count test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-69-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=11371; i=brauner@kernel.org; h=from:subject:message-id; bh=wjpkLSx2K2iB/mWZZQZcuIqQ514ywG7UHLGyzr0x04k=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU14rPMrrcN2Fq9Zqo3RgZCJT6cGrc/NXN5xIWgV1 4YlOrMiOkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACYiycfIcPa2b7Pe3k1lb07U 9GWHenDtnzpdniX/6d9Jm9I4vtf/+cvwP2d9+d78OU8DxF+GXvwffkbDS2CtwoM/E/y93zxM7vn ykR0A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test that namespaces become inactive after subprocess with multiple threads exits. Create a subprocess that unshares user and network namespaces, then creates two threads that share those namespaces. Verify that after all threads and subprocess exit, the namespaces are no longer listed by listns() and cannot be opened by open_by_handle_at(). Signed-off-by: Christian Brauner --- .../selftests/namespaces/ns_active_ref_test.c | 319 +++++++++++++++++= ++++ 1 file changed, 319 insertions(+) diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tool= s/testing/selftests/namespaces/ns_active_ref_test.c index 24dc8ef106b9..093268f0efaa 100644 --- a/tools/testing/selftests/namespaces/ns_active_ref_test.c +++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -2350,4 +2351,322 @@ TEST(thread_ns_fd_keeps_active) ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); } =20 +/* Structure for thread data in subprocess */ +struct thread_sleep_data { + int syncfd_read; +}; + +static void *thread_sleep_and_wait(void *arg) +{ + struct thread_sleep_data *data =3D (struct thread_sleep_data *)arg; + char sync_byte; + + /* Wait for signal to exit - read will unblock when pipe is closed */ + (void)read(data->syncfd_read, &sync_byte, 1); + return NULL; +} + +/* + * Test that namespaces become inactive after subprocess with multiple thr= eads exits. + * Create a subprocess that unshares user and network namespaces, then cre= ates two + * threads that share those namespaces. Verify that after all threads and = subprocess + * exit, the namespaces are no longer listed by listns() and cannot be ope= ned by + * open_by_handle_at(). + */ +TEST(thread_subprocess_ns_inactive_after_all_exit) +{ + int pipefd[2]; + int sv[2]; + pid_t pid; + int status; + __u64 user_id, net_id; + struct file_handle *user_handle, *net_handle; + char user_buf[sizeof(*user_handle) + MAX_HANDLE_SZ]; + char net_buf[sizeof(*net_handle) + MAX_HANDLE_SZ]; + char sync_byte; + int ret; + + ASSERT_EQ(pipe(pipefd), 0); + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sv), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + close(pipefd[0]); + close(sv[0]); + + /* Create user namespace with mappings */ + if (setup_userns() < 0) { + fprintf(stderr, "Child: setup_userns() failed: %s\n", strerror(errno)); + close(pipefd[1]); + close(sv[1]); + exit(1); + } + fprintf(stderr, "Child: setup_userns() succeeded\n"); + + /* Get user namespace ID */ + int user_fd =3D open("/proc/self/ns/user", O_RDONLY); + if (user_fd < 0) { + fprintf(stderr, "Child: open(/proc/self/ns/user) failed: %s\n", strerro= r(errno)); + close(pipefd[1]); + close(sv[1]); + exit(1); + } + + if (ioctl(user_fd, NS_GET_ID, &user_id) < 0) { + fprintf(stderr, "Child: ioctl(NS_GET_ID) for user ns failed: %s\n", str= error(errno)); + close(user_fd); + close(pipefd[1]); + close(sv[1]); + exit(1); + } + close(user_fd); + fprintf(stderr, "Child: user ns ID =3D %llu\n", (unsigned long long)user= _id); + + /* Unshare network namespace */ + if (unshare(CLONE_NEWNET) < 0) { + fprintf(stderr, "Child: unshare(CLONE_NEWNET) failed: %s\n", strerror(e= rrno)); + close(pipefd[1]); + close(sv[1]); + exit(1); + } + fprintf(stderr, "Child: unshare(CLONE_NEWNET) succeeded\n"); + + /* Get network namespace ID */ + int net_fd =3D open("/proc/self/ns/net", O_RDONLY); + if (net_fd < 0) { + fprintf(stderr, "Child: open(/proc/self/ns/net) failed: %s\n", strerror= (errno)); + close(pipefd[1]); + close(sv[1]); + exit(1); + } + + if (ioctl(net_fd, NS_GET_ID, &net_id) < 0) { + fprintf(stderr, "Child: ioctl(NS_GET_ID) for net ns failed: %s\n", stre= rror(errno)); + close(net_fd); + close(pipefd[1]); + close(sv[1]); + exit(1); + } + close(net_fd); + fprintf(stderr, "Child: net ns ID =3D %llu\n", (unsigned long long)net_i= d); + + /* Send namespace IDs to parent */ + if (write(pipefd[1], &user_id, sizeof(user_id)) !=3D sizeof(user_id)) { + fprintf(stderr, "Child: write(user_id) failed: %s\n", strerror(errno)); + exit(1); + } + if (write(pipefd[1], &net_id, sizeof(net_id)) !=3D sizeof(net_id)) { + fprintf(stderr, "Child: write(net_id) failed: %s\n", strerror(errno)); + exit(1); + } + close(pipefd[1]); + fprintf(stderr, "Child: sent namespace IDs to parent\n"); + + /* Create two threads that share the namespaces */ + pthread_t thread1, thread2; + struct thread_sleep_data data; + data.syncfd_read =3D sv[1]; + + int ret_thread =3D pthread_create(&thread1, NULL, thread_sleep_and_wait,= &data); + if (ret_thread !=3D 0) { + fprintf(stderr, "Child: pthread_create(thread1) failed: %s\n", strerror= (ret_thread)); + close(sv[1]); + exit(1); + } + fprintf(stderr, "Child: created thread1\n"); + + ret_thread =3D pthread_create(&thread2, NULL, thread_sleep_and_wait, &da= ta); + if (ret_thread !=3D 0) { + fprintf(stderr, "Child: pthread_create(thread2) failed: %s\n", strerror= (ret_thread)); + close(sv[1]); + pthread_cancel(thread1); + exit(1); + } + fprintf(stderr, "Child: created thread2\n"); + + /* Wait for threads to complete - they will unblock when parent writes */ + fprintf(stderr, "Child: waiting for threads to exit\n"); + pthread_join(thread1, NULL); + fprintf(stderr, "Child: thread1 exited\n"); + pthread_join(thread2, NULL); + fprintf(stderr, "Child: thread2 exited\n"); + + close(sv[1]); + + /* Exit - namespaces should become inactive */ + fprintf(stderr, "Child: all threads joined, exiting with success\n"); + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + close(sv[1]); + + TH_LOG("Parent: waiting to read namespace IDs from child"); + + /* Read namespace IDs from child */ + ret =3D read(pipefd[0], &user_id, sizeof(user_id)); + if (ret !=3D sizeof(user_id)) { + TH_LOG("Parent: failed to read user_id, ret=3D%d, errno=3D%s", ret, stre= rror(errno)); + close(pipefd[0]); + sync_byte =3D 'X'; + (void)write(sv[0], &sync_byte, 1); + close(sv[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read user namespace ID from child"); + } + + ret =3D read(pipefd[0], &net_id, sizeof(net_id)); + close(pipefd[0]); + if (ret !=3D sizeof(net_id)) { + TH_LOG("Parent: failed to read net_id, ret=3D%d, errno=3D%s", ret, strer= ror(errno)); + sync_byte =3D 'X'; + (void)write(sv[0], &sync_byte, 1); + close(sv[0]); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to read network namespace ID from child"); + } + + TH_LOG("Child created user ns %llu and net ns %llu with 2 threads", + (unsigned long long)user_id, (unsigned long long)net_id); + + /* Construct file handles */ + user_handle =3D (struct file_handle *)user_buf; + user_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + user_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *user_fh =3D (struct nsfs_file_handle *)user_hand= le->f_handle; + user_fh->ns_id =3D user_id; + user_fh->ns_type =3D 0; + user_fh->ns_inum =3D 0; + + net_handle =3D (struct file_handle *)net_buf; + net_handle->handle_bytes =3D sizeof(struct nsfs_file_handle); + net_handle->handle_type =3D FILEID_NSFS; + struct nsfs_file_handle *net_fh =3D (struct nsfs_file_handle *)net_handle= ->f_handle; + net_fh->ns_id =3D net_id; + net_fh->ns_type =3D 0; + net_fh->ns_inum =3D 0; + + /* Verify namespaces are active while subprocess and threads are alive */ + TH_LOG("Verifying namespaces are active while subprocess with threads is = running"); + int user_fd =3D open_by_handle_at(FD_NSFS_ROOT, user_handle, O_RDONLY); + ASSERT_GE(user_fd, 0); + + int net_fd =3D open_by_handle_at(FD_NSFS_ROOT, net_handle, O_RDONLY); + ASSERT_GE(net_fd, 0); + + close(user_fd); + close(net_fd); + + /* Also verify they appear in listns() */ + TH_LOG("Verifying namespaces appear in listns() while active"); + struct ns_id_req req =3D { + .size =3D sizeof(struct ns_id_req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + int nr_ids =3D sys_listns(&req, ns_ids, 256, 0); + if (nr_ids < 0) { + TH_LOG("listns() not available, skipping listns verification"); + } else { + /* Check if user_id is in the list */ + int found_user =3D 0; + for (int i =3D 0; i < nr_ids; i++) { + if (ns_ids[i] =3D=3D user_id) { + found_user =3D 1; + break; + } + } + ASSERT_TRUE(found_user); + TH_LOG("User namespace found in listns() as expected"); + + /* Check network namespace */ + req.ns_type =3D CLONE_NEWNET; + nr_ids =3D sys_listns(&req, ns_ids, 256, 0); + if (nr_ids >=3D 0) { + int found_net =3D 0; + for (int i =3D 0; i < nr_ids; i++) { + if (ns_ids[i] =3D=3D net_id) { + found_net =3D 1; + break; + } + } + ASSERT_TRUE(found_net); + TH_LOG("Network namespace found in listns() as expected"); + } + } + + /* Signal threads to exit */ + TH_LOG("Signaling threads to exit"); + sync_byte =3D 'X'; + /* Write two bytes - one for each thread */ + ASSERT_EQ(write(sv[0], &sync_byte, 1), 1); + ASSERT_EQ(write(sv[0], &sync_byte, 1), 1); + close(sv[0]); + + /* Wait for child process to exit */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + if (WEXITSTATUS(status) !=3D 0) { + TH_LOG("Child process failed with exit code %d", WEXITSTATUS(status)); + SKIP(return, "Child process failed"); + } + + TH_LOG("Subprocess and all threads have exited successfully"); + + /* Verify namespaces are now inactive - open_by_handle_at should fail */ + TH_LOG("Verifying namespaces are inactive after subprocess and threads ex= it"); + user_fd =3D open_by_handle_at(FD_NSFS_ROOT, user_handle, O_RDONLY); + ASSERT_LT(user_fd, 0); + TH_LOG("User namespace inactive as expected: %s (errno=3D%d)", + strerror(errno), errno); + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); + + net_fd =3D open_by_handle_at(FD_NSFS_ROOT, net_handle, O_RDONLY); + ASSERT_LT(net_fd, 0); + TH_LOG("Network namespace inactive as expected: %s (errno=3D%d)", + strerror(errno), errno); + ASSERT_TRUE(errno =3D=3D ENOENT || errno =3D=3D ESTALE); + + /* Verify namespaces do NOT appear in listns() */ + TH_LOG("Verifying namespaces do NOT appear in listns() when inactive"); + memset(&req, 0, sizeof(req)); + req.size =3D sizeof(struct ns_id_req); + req.ns_type =3D CLONE_NEWUSER; + nr_ids =3D sys_listns(&req, ns_ids, 256, 0); + if (nr_ids >=3D 0) { + int found_user =3D 0; + for (int i =3D 0; i < nr_ids; i++) { + if (ns_ids[i] =3D=3D user_id) { + found_user =3D 1; + break; + } + } + ASSERT_FALSE(found_user); + TH_LOG("User namespace correctly not listed in listns()"); + + /* Check network namespace */ + req.ns_type =3D CLONE_NEWNET; + nr_ids =3D sys_listns(&req, ns_ids, 256, 0); + if (nr_ids >=3D 0) { + int found_net =3D 0; + for (int i =3D 0; i < nr_ids; i++) { + if (ns_ids[i] =3D=3D net_id) { + found_net =3D 1; + break; + } + } + ASSERT_FALSE(found_net); + TH_LOG("Network namespace correctly not listed in listns()"); + } + } +} + TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 34F0D368386; Wed, 29 Oct 2025 12:26:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740794; cv=none; b=LiBx81vf9bWltIbRIxY8PxPDPaAKAjlSU0M63lQg4ORqC69HMSIU3N5BonIB+SRfFEkwGJl2o95ueLpUTZwgsy1pH3vKThcvQv2cTavmDdAl5Yn4JVbU8rgRdU2LPWOEzhFod8otok6YPQ5Kvo18Pzn/WluEc3FlXi5lOl9mq4g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740794; c=relaxed/simple; bh=VQz+kdDDu0oyl8QafRMlRfX35XuungB3DQURbW3q4p0=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=eSKQOwEkOkSOnZX1u5Dry64+azOH7y4BpTj6XXs6kcMetVIqUe+BY2lHPuO03AM5N422JSmuBbcc+DxMEGgb2NJsg/dssyaEvq392rkf3fLmwNkPg8vkvHthVJAUNxP3WH/TaWLDyaW+AMSMvudOOj6BymQqD+KDakGcxH/K8zc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=K3eeTXXq; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="K3eeTXXq" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 44B50C4CEFD; Wed, 29 Oct 2025 12:26:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740793; bh=VQz+kdDDu0oyl8QafRMlRfX35XuungB3DQURbW3q4p0=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=K3eeTXXqYfguuAWTotQcQmMtGakPYwNgF17YZEH1wd34OmpD2nkUJ3bYEG+LED6Jv B5I++twudwZ2hoYLSDEJUtr+qmo0sz+flNeByEAYwSckHgTYeaM5LjGAxFvachvK/v PBtrFLNYTjiooXXv75gsSux1yqOliWRWt/dONw6kG7KhRA6tHtzSr757ebN05qwLfy 7QcydsPfskEcLPRiYJ++6XEwtD2OMkhrHDC0cUgG+XqEkm1DsFa/nXPtyLHnJi81Qp fan6XHjTErxfg0nt3lv7HZTEcr1/wOGQqJpAEIPztBZgh4JlSfnUofpu24qmTOAygW mL8RSoAIYnJpw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:23 +0100 Subject: [PATCH v4 70/72] selftests/namespace: commit_creds() active reference tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-70-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=20385; i=brauner@kernel.org; h=from:subject:message-id; bh=VQz+kdDDu0oyl8QafRMlRfX35XuungB3DQURbW3q4p0=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU0IzjD492iTUo/9u/pz1/OP21vpvers4k/j9P2zc dODcw+9OkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACYinsbI8OZO+5Pu+ukl3Zl1 bg4f385IOPzy4jK2pH8vzVtjTs7WvcrI8NvtzvHfUUp7Rd/Hn7fIUNE/PeEpl9V22wcnM+TfqE9 v4QcA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Test credential changes and their impact on namespace active references. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/.gitignore | 1 + tools/testing/selftests/namespaces/Makefile | 4 +- .../selftests/namespaces/cred_change_test.c | 814 +++++++++++++++++= ++++ 3 files changed, 818 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/namespaces/.gitignore b/tools/testing/= selftests/namespaces/.gitignore index aeb5f2711ff6..0091a7dfff20 100644 --- a/tools/testing/selftests/namespaces/.gitignore +++ b/tools/testing/selftests/namespaces/.gitignore @@ -5,3 +5,4 @@ ns_active_ref_test listns_test listns_permissions_test siocgskns_test +cred_change_test diff --git a/tools/testing/selftests/namespaces/Makefile b/tools/testing/se= lftests/namespaces/Makefile index d456505189cd..5d73f8dde6a0 100644 --- a/tools/testing/selftests/namespaces/Makefile +++ b/tools/testing/selftests/namespaces/Makefile @@ -8,7 +8,8 @@ TEST_GEN_PROGS :=3D nsid_test \ ns_active_ref_test \ listns_test \ listns_permissions_test \ - siocgskns_test + siocgskns_test \ + cred_change_test =20 include ../lib.mk =20 @@ -16,4 +17,5 @@ $(OUTPUT)/ns_active_ref_test: ../filesystems/utils.c $(OUTPUT)/listns_test: ../filesystems/utils.c $(OUTPUT)/listns_permissions_test: ../filesystems/utils.c $(OUTPUT)/siocgskns_test: ../filesystems/utils.c +$(OUTPUT)/cred_change_test: ../filesystems/utils.c =20 diff --git a/tools/testing/selftests/namespaces/cred_change_test.c b/tools/= testing/selftests/namespaces/cred_change_test.c new file mode 100644 index 000000000000..7b4f5ad3f725 --- /dev/null +++ b/tools/testing/selftests/namespaces/cred_change_test.c @@ -0,0 +1,814 @@ +// SPDX-License-Identifier: GPL-2.0 +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "../filesystems/utils.h" +#include "wrappers.h" + +/* + * Test credential changes and their impact on namespace active references. + */ + +/* + * Test setuid() in a user namespace properly swaps active references. + * Create a user namespace with multiple UIDs mapped, then setuid() betwee= n them. + * Verify that the user namespace remains active throughout. + */ +TEST(setuid_preserves_active_refs) +{ + pid_t pid; + int status; + __u64 userns_id; + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + ssize_t ret; + int i; + bool found =3D false; + int pipefd[2]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + int fd, userns_fd; + __u64 child_userns_id; + uid_t orig_uid =3D getuid(); + int setuid_count; + + close(pipefd[0]); + + /* Create new user namespace with multiple UIDs mapped (0-9) */ + userns_fd =3D get_userns_fd(0, orig_uid, 10); + if (userns_fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (setns(userns_fd, CLONE_NEWUSER) < 0) { + close(userns_fd); + close(pipefd[1]); + exit(1); + } + close(userns_fd); + + /* Get user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &child_userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Send namespace ID to parent */ + write(pipefd[1], &child_userns_id, sizeof(child_userns_id)); + + /* + * Perform multiple setuid() calls. + * Each setuid() triggers commit_creds() which should properly + * swap active references via switch_cred_namespaces(). + */ + for (setuid_count =3D 0; setuid_count < 50; setuid_count++) { + uid_t target_uid =3D (setuid_count % 10); + if (setuid(target_uid) < 0) { + if (errno !=3D EPERM) { + close(pipefd[1]); + exit(1); + } + } + } + + close(pipefd[1]); + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + + if (read(pipefd[0], &userns_id, sizeof(userns_id)) !=3D sizeof(userns_id)= ) { + close(pipefd[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get namespace ID from child"); + } + close(pipefd[0]); + + TH_LOG("Child user namespace ID: %llu", (unsigned long long)userns_id); + + /* Verify namespace is active while child is running */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret, 0); + } + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D userns_id) { + found =3D true; + break; + } + } + ASSERT_TRUE(found); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Verify namespace becomes inactive after child exits */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + ASSERT_GE(ret, 0); + + found =3D false; + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D userns_id) { + found =3D true; + break; + } + } + + ASSERT_FALSE(found); + TH_LOG("setuid() correctly preserved active references (no leak)"); +} + +/* + * Test setgid() in a user namespace properly handles active references. + */ +TEST(setgid_preserves_active_refs) +{ + pid_t pid; + int status; + __u64 userns_id; + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + ssize_t ret; + int i; + bool found =3D false; + int pipefd[2]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + int fd, userns_fd; + __u64 child_userns_id; + uid_t orig_uid =3D getuid(); + int setgid_count; + + close(pipefd[0]); + + /* Create new user namespace with multiple GIDs mapped */ + userns_fd =3D get_userns_fd(0, orig_uid, 10); + if (userns_fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (setns(userns_fd, CLONE_NEWUSER) < 0) { + close(userns_fd); + close(pipefd[1]); + exit(1); + } + close(userns_fd); + + /* Get user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &child_userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + write(pipefd[1], &child_userns_id, sizeof(child_userns_id)); + + /* Perform multiple setgid() calls */ + for (setgid_count =3D 0; setgid_count < 50; setgid_count++) { + gid_t target_gid =3D (setgid_count % 10); + if (setgid(target_gid) < 0) { + if (errno !=3D EPERM) { + close(pipefd[1]); + exit(1); + } + } + } + + close(pipefd[1]); + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + + if (read(pipefd[0], &userns_id, sizeof(userns_id)) !=3D sizeof(userns_id)= ) { + close(pipefd[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get namespace ID from child"); + } + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Verify namespace becomes inactive */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret, 0); + } + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D userns_id) { + found =3D true; + break; + } + } + + ASSERT_FALSE(found); + TH_LOG("setgid() correctly preserved active references (no leak)"); +} + +/* + * Test setresuid() which changes real, effective, and saved UIDs. + * This should properly swap active references via commit_creds(). + */ +TEST(setresuid_preserves_active_refs) +{ + pid_t pid; + int status; + __u64 userns_id; + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + ssize_t ret; + int i; + bool found =3D false; + int pipefd[2]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + int fd, userns_fd; + __u64 child_userns_id; + uid_t orig_uid =3D getuid(); + int setres_count; + + close(pipefd[0]); + + /* Create new user namespace */ + userns_fd =3D get_userns_fd(0, orig_uid, 10); + if (userns_fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (setns(userns_fd, CLONE_NEWUSER) < 0) { + close(userns_fd); + close(pipefd[1]); + exit(1); + } + close(userns_fd); + + /* Get user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &child_userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + write(pipefd[1], &child_userns_id, sizeof(child_userns_id)); + + /* Perform multiple setresuid() calls */ + for (setres_count =3D 0; setres_count < 30; setres_count++) { + uid_t uid1 =3D (setres_count % 5); + uid_t uid2 =3D ((setres_count + 1) % 5); + uid_t uid3 =3D ((setres_count + 2) % 5); + + if (setresuid(uid1, uid2, uid3) < 0) { + if (errno !=3D EPERM) { + close(pipefd[1]); + exit(1); + } + } + } + + close(pipefd[1]); + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + + if (read(pipefd[0], &userns_id, sizeof(userns_id)) !=3D sizeof(userns_id)= ) { + close(pipefd[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get namespace ID from child"); + } + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Verify namespace becomes inactive */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret, 0); + } + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D userns_id) { + found =3D true; + break; + } + } + + ASSERT_FALSE(found); + TH_LOG("setresuid() correctly preserved active references (no leak)"); +} + +/* + * Test credential changes across multiple user namespaces. + * Create nested user namespaces and verify active reference tracking. + */ +TEST(cred_change_nested_userns) +{ + pid_t pid; + int status; + __u64 parent_userns_id, child_userns_id; + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + ssize_t ret; + int i; + bool found_parent =3D false, found_child =3D false; + int pipefd[2]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + int fd, userns_fd; + __u64 parent_id, child_id; + uid_t orig_uid =3D getuid(); + + close(pipefd[0]); + + /* Create first user namespace */ + userns_fd =3D get_userns_fd(0, orig_uid, 1); + if (userns_fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (setns(userns_fd, CLONE_NEWUSER) < 0) { + close(userns_fd); + close(pipefd[1]); + exit(1); + } + close(userns_fd); + + /* Get first namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &parent_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Create nested user namespace */ + userns_fd =3D get_userns_fd(0, 0, 1); + if (userns_fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (setns(userns_fd, CLONE_NEWUSER) < 0) { + close(userns_fd); + close(pipefd[1]); + exit(1); + } + close(userns_fd); + + /* Get nested namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &child_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + /* Send both IDs to parent */ + write(pipefd[1], &parent_id, sizeof(parent_id)); + write(pipefd[1], &child_id, sizeof(child_id)); + + /* Perform some credential changes in nested namespace */ + setuid(0); + setgid(0); + + close(pipefd[1]); + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + + /* Read both namespace IDs */ + if (read(pipefd[0], &parent_userns_id, sizeof(parent_userns_id)) !=3D siz= eof(parent_userns_id)) { + close(pipefd[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get parent namespace ID"); + } + + if (read(pipefd[0], &child_userns_id, sizeof(child_userns_id)) !=3D sizeo= f(child_userns_id)) { + close(pipefd[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get child namespace ID"); + } + close(pipefd[0]); + + TH_LOG("Parent userns: %llu, Child userns: %llu", + (unsigned long long)parent_userns_id, + (unsigned long long)child_userns_id); + + /* Verify both namespaces are active */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret, 0); + } + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D parent_userns_id) + found_parent =3D true; + if (ns_ids[i] =3D=3D child_userns_id) + found_child =3D true; + } + + ASSERT_TRUE(found_parent); + ASSERT_TRUE(found_child); + + /* Wait for child */ + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Verify both namespaces become inactive */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + ASSERT_GE(ret, 0); + + found_parent =3D false; + found_child =3D false; + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D parent_userns_id) + found_parent =3D true; + if (ns_ids[i] =3D=3D child_userns_id) + found_child =3D true; + } + + ASSERT_FALSE(found_parent); + ASSERT_FALSE(found_child); + TH_LOG("Nested user namespace credential changes preserved active refs (n= o leak)"); +} + +/* + * Test rapid credential changes don't cause refcount imbalances. + * This stress-tests the switch_cred_namespaces() logic. + */ +TEST(rapid_cred_changes_no_leak) +{ + pid_t pid; + int status; + __u64 userns_id; + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + ssize_t ret; + int i; + bool found =3D false; + int pipefd[2]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + int fd, userns_fd; + __u64 child_userns_id; + uid_t orig_uid =3D getuid(); + int change_count; + + close(pipefd[0]); + + /* Create new user namespace with wider range of UIDs/GIDs */ + userns_fd =3D get_userns_fd(0, orig_uid, 100); + if (userns_fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (setns(userns_fd, CLONE_NEWUSER) < 0) { + close(userns_fd); + close(pipefd[1]); + exit(1); + } + close(userns_fd); + + /* Get user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &child_userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + write(pipefd[1], &child_userns_id, sizeof(child_userns_id)); + + /* + * Perform many rapid credential changes. + * Mix setuid, setgid, setreuid, setregid, setresuid, setresgid. + */ + for (change_count =3D 0; change_count < 200; change_count++) { + switch (change_count % 6) { + case 0: + setuid(change_count % 50); + break; + case 1: + setgid(change_count % 50); + break; + case 2: + setreuid(change_count % 50, (change_count + 1) % 50); + break; + case 3: + setregid(change_count % 50, (change_count + 1) % 50); + break; + case 4: + setresuid(change_count % 50, (change_count + 1) % 50, (change_count + = 2) % 50); + break; + case 5: + setresgid(change_count % 50, (change_count + 1) % 50, (change_count + = 2) % 50); + break; + } + } + + close(pipefd[1]); + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + + if (read(pipefd[0], &userns_id, sizeof(userns_id)) !=3D sizeof(userns_id)= ) { + close(pipefd[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get namespace ID from child"); + } + close(pipefd[0]); + + TH_LOG("Testing with user namespace ID: %llu", (unsigned long long)userns= _id); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Verify namespace becomes inactive (no leaked active refs) */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret, 0); + } + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D userns_id) { + found =3D true; + break; + } + } + + ASSERT_FALSE(found); + TH_LOG("200 rapid credential changes completed with no active ref leak"); +} + +/* + * Test setfsuid/setfsgid which change filesystem UID/GID. + * These also trigger credential changes but may have different code paths. + */ +TEST(setfsuid_preserves_active_refs) +{ + pid_t pid; + int status; + __u64 userns_id; + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids[256]; + ssize_t ret; + int i; + bool found =3D false; + int pipefd[2]; + + ASSERT_EQ(pipe(pipefd), 0); + + pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child process */ + int fd, userns_fd; + __u64 child_userns_id; + uid_t orig_uid =3D getuid(); + int change_count; + + close(pipefd[0]); + + /* Create new user namespace */ + userns_fd =3D get_userns_fd(0, orig_uid, 10); + if (userns_fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (setns(userns_fd, CLONE_NEWUSER) < 0) { + close(userns_fd); + close(pipefd[1]); + exit(1); + } + close(userns_fd); + + /* Get user namespace ID */ + fd =3D open("/proc/self/ns/user", O_RDONLY); + if (fd < 0) { + close(pipefd[1]); + exit(1); + } + + if (ioctl(fd, NS_GET_ID, &child_userns_id) < 0) { + close(fd); + close(pipefd[1]); + exit(1); + } + close(fd); + + write(pipefd[1], &child_userns_id, sizeof(child_userns_id)); + + /* Perform multiple setfsuid/setfsgid calls */ + for (change_count =3D 0; change_count < 50; change_count++) { + setfsuid(change_count % 10); + setfsgid(change_count % 10); + } + + close(pipefd[1]); + exit(0); + } + + /* Parent process */ + close(pipefd[1]); + + if (read(pipefd[0], &userns_id, sizeof(userns_id)) !=3D sizeof(userns_id)= ) { + close(pipefd[0]); + kill(pid, SIGKILL); + waitpid(pid, NULL, 0); + SKIP(return, "Failed to get namespace ID from child"); + } + close(pipefd[0]); + + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + + /* Verify namespace becomes inactive */ + ret =3D sys_listns(&req, ns_ids, ARRAY_SIZE(ns_ids), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret, 0); + } + + for (i =3D 0; i < ret; i++) { + if (ns_ids[i] =3D=3D userns_id) { + found =3D true; + break; + } + } + + ASSERT_FALSE(found); + TH_LOG("setfsuid/setfsgid correctly preserved active references (no leak)= "); +} + +TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2EEAA3683B9; Wed, 29 Oct 2025 12:26:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740799; cv=none; b=qvbDwA8HBzsrViMPA8W+1e7gqpTRlnQ3xKBYs+h9OUybjI1nylpBYE6sF5j/JFqAhr3g2vj1LLK3YHSeY7nX7H/9EOMEIuHWHRvUWKqHFEOSKvyzj8X7HfQpuvXG0N7yhT9H30mxlrRVt/FL5f3UyUt2oWSsPqhjpkoiYdmh+SA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740799; c=relaxed/simple; bh=g358ZvosiSM60y9eCxcqiXUo4S81KVXpq23srWS/+30=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=hoiuttsab3iBg8Efsxkc/Ai4MT1iFWdCfvvIf4ILrRJ+tXpHh6wM0DR0hYB6rmTDSCadPe2GCI1vwVfuM8Pq7hfSlqZMiOi7F16MZkrDCK7IvOMs14+s9sH3mLKgqBml4hprlkHgHM23lOZM1riSrJTU4rqoW5BH4LrKRIX/ACE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mCi5gfVQ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mCi5gfVQ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3F3B3C4CEF7; Wed, 29 Oct 2025 12:26:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740799; bh=g358ZvosiSM60y9eCxcqiXUo4S81KVXpq23srWS/+30=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=mCi5gfVQ1ogC3uJvRobyxHX0o38fMzvhkOBgOQIL6/LApcATtRvNmQof/SAeBoBNQ AYSIeNo01+s3UM+SAdSEZqDRijlDB6AuVWhEgDEvcSEyzzGJZ6cWVSuVXKlQP+8N4g rzGgIONmyCV3EjatMIAMnHeayERsTlq0k9jk3xGT0cfn6bhlzitUzmet5Cctfy4Ao9 r/mKQfQtw3yAVO4KMSYWIzSSzRk5LLnV1MCGk/SOHMiyuy5Kfsck52QfEA8E4tBpj1 qYKqQEyOt2/90KVzyr45GjNZWtfwy1MRh5sgUq3B34+64oEmtZXGF6AKRQ58e9fsXc TXnZDZD+kdZuw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:24 +0100 Subject: [PATCH v4 71/72] selftests/namespace: add stress test Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-71-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=18002; i=brauner@kernel.org; h=from:subject:message-id; bh=g358ZvosiSM60y9eCxcqiXUo4S81KVXpq23srWS/+30=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU244mfp277OuGWemdr7LfsfalhwpkrFVHfGKr1I5 WK9lbG5o5SFQYyLQVZMkcWh3SRcbjlPxWajTA2YOaxMIEMYuDgFYCI5bIwM+/8tatdJvv7urIF0 eayC6CL2uSody7wyg/SiC6S4fs85yPDPYL/yV4lvTZ/ns14RuLDx5ZcXEyyW3/q9an7b5iVF6cH M7AA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Stress tests for namespace active reference counting. These tests validate that the active reference counting system can handle high load scenarios including rapid namespace creation/destruction, large numbers of concurrent namespaces, and various edge cases under stress. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/.gitignore | 1 + tools/testing/selftests/namespaces/Makefile | 4 +- tools/testing/selftests/namespaces/stress_test.c | 626 +++++++++++++++++++= ++++ 3 files changed, 630 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/namespaces/.gitignore b/tools/testing/= selftests/namespaces/.gitignore index 0091a7dfff20..f6dcf769f150 100644 --- a/tools/testing/selftests/namespaces/.gitignore +++ b/tools/testing/selftests/namespaces/.gitignore @@ -6,3 +6,4 @@ listns_test listns_permissions_test siocgskns_test cred_change_test +stress_test diff --git a/tools/testing/selftests/namespaces/Makefile b/tools/testing/se= lftests/namespaces/Makefile index 5d73f8dde6a0..3c776740f3ac 100644 --- a/tools/testing/selftests/namespaces/Makefile +++ b/tools/testing/selftests/namespaces/Makefile @@ -9,7 +9,8 @@ TEST_GEN_PROGS :=3D nsid_test \ listns_test \ listns_permissions_test \ siocgskns_test \ - cred_change_test + cred_change_test \ + stress_test =20 include ../lib.mk =20 @@ -18,4 +19,5 @@ $(OUTPUT)/listns_test: ../filesystems/utils.c $(OUTPUT)/listns_permissions_test: ../filesystems/utils.c $(OUTPUT)/siocgskns_test: ../filesystems/utils.c $(OUTPUT)/cred_change_test: ../filesystems/utils.c +$(OUTPUT)/stress_test: ../filesystems/utils.c =20 diff --git a/tools/testing/selftests/namespaces/stress_test.c b/tools/testi= ng/selftests/namespaces/stress_test.c new file mode 100644 index 000000000000..dd7df7d6cb27 --- /dev/null +++ b/tools/testing/selftests/namespaces/stress_test.c @@ -0,0 +1,626 @@ +// SPDX-License-Identifier: GPL-2.0 +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "../filesystems/utils.h" +#include "wrappers.h" + +/* + * Stress tests for namespace active reference counting. + * + * These tests validate that the active reference counting system can hand= le + * high load scenarios including rapid namespace creation/destruction, lar= ge + * numbers of concurrent namespaces, and various edge cases under stress. + */ + +/* + * Test rapid creation and destruction of user namespaces. + * Create and destroy namespaces in quick succession to stress the + * active reference tracking and ensure no leaks occur. + */ +TEST(rapid_namespace_creation_destruction) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids_before[256], ns_ids_after[256]; + ssize_t ret_before, ret_after; + int i; + + /* Get baseline count of active user namespaces */ + ret_before =3D sys_listns(&req, ns_ids_before, ARRAY_SIZE(ns_ids_before),= 0); + if (ret_before < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret_before, 0); + } + + TH_LOG("Baseline: %zd active user namespaces", ret_before); + + /* Rapidly create and destroy 100 user namespaces */ + for (i =3D 0; i < 100; i++) { + pid_t pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child: create user namespace and immediately exit */ + if (setup_userns() < 0) + exit(1); + exit(0); + } + + /* Parent: wait for child */ + int status; + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + } + + /* Verify we're back to baseline (no leaked namespaces) */ + ret_after =3D sys_listns(&req, ns_ids_after, ARRAY_SIZE(ns_ids_after), 0); + ASSERT_GE(ret_after, 0); + + TH_LOG("After 100 rapid create/destroy cycles: %zd active user namespaces= ", ret_after); + ASSERT_EQ(ret_before, ret_after); +} + +/* + * Test creating many concurrent namespaces. + * Verify that listns() correctly tracks all of them and that they all + * become inactive after processes exit. + */ +TEST(many_concurrent_namespaces) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids_before[512], ns_ids_during[512], ns_ids_after[512]; + ssize_t ret_before, ret_during, ret_after; + pid_t pids[50]; + int num_children =3D 50; + int i; + int sv[2]; + + /* Get baseline */ + ret_before =3D sys_listns(&req, ns_ids_before, ARRAY_SIZE(ns_ids_before),= 0); + if (ret_before < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret_before, 0); + } + + TH_LOG("Baseline: %zd active user namespaces", ret_before); + + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sv), 0); + + /* Create many children, each with their own user namespace */ + for (i =3D 0; i < num_children; i++) { + pids[i] =3D fork(); + ASSERT_GE(pids[i], 0); + + if (pids[i] =3D=3D 0) { + /* Child: create user namespace and wait for parent signal */ + char c; + + close(sv[0]); + + if (setup_userns() < 0) { + close(sv[1]); + exit(1); + } + + /* Signal parent we're ready */ + if (write(sv[1], &c, 1) !=3D 1) { + close(sv[1]); + exit(1); + } + + /* Wait for parent signal to exit */ + if (read(sv[1], &c, 1) !=3D 1) { + close(sv[1]); + exit(1); + } + + close(sv[1]); + exit(0); + } + } + + close(sv[1]); + + /* Wait for all children to signal ready */ + for (i =3D 0; i < num_children; i++) { + char c; + if (read(sv[0], &c, 1) !=3D 1) { + /* If we fail to read, kill all children and exit */ + close(sv[0]); + for (int j =3D 0; j < num_children; j++) + kill(pids[j], SIGKILL); + for (int j =3D 0; j < num_children; j++) + waitpid(pids[j], NULL, 0); + ASSERT_TRUE(false); + } + } + + /* List namespaces while all children are running */ + ret_during =3D sys_listns(&req, ns_ids_during, ARRAY_SIZE(ns_ids_during),= 0); + ASSERT_GE(ret_during, 0); + + TH_LOG("With %d children running: %zd active user namespaces", num_childr= en, ret_during); + + /* Should have at least num_children more namespaces than baseline */ + ASSERT_GE(ret_during, ret_before + num_children); + + /* Signal all children to exit */ + for (i =3D 0; i < num_children; i++) { + char c =3D 'X'; + if (write(sv[0], &c, 1) !=3D 1) { + /* If we fail to write, kill remaining children */ + close(sv[0]); + for (int j =3D i; j < num_children; j++) + kill(pids[j], SIGKILL); + for (int j =3D 0; j < num_children; j++) + waitpid(pids[j], NULL, 0); + ASSERT_TRUE(false); + } + } + + close(sv[0]); + + /* Wait for all children */ + for (i =3D 0; i < num_children; i++) { + int status; + waitpid(pids[i], &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + } + + /* Verify we're back to baseline */ + ret_after =3D sys_listns(&req, ns_ids_after, ARRAY_SIZE(ns_ids_after), 0); + ASSERT_GE(ret_after, 0); + + TH_LOG("After all children exit: %zd active user namespaces", ret_after); + ASSERT_EQ(ret_before, ret_after); +} + +/* + * Test rapid namespace creation with different namespace types. + * Create multiple types of namespaces rapidly to stress the tracking syst= em. + */ +TEST(rapid_mixed_namespace_creation) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, /* All types */ + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids_before[512], ns_ids_after[512]; + ssize_t ret_before, ret_after; + int i; + + /* Get baseline count */ + ret_before =3D sys_listns(&req, ns_ids_before, ARRAY_SIZE(ns_ids_before),= 0); + if (ret_before < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret_before, 0); + } + + TH_LOG("Baseline: %zd active namespaces (all types)", ret_before); + + /* Rapidly create and destroy namespaces with multiple types */ + for (i =3D 0; i < 50; i++) { + pid_t pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + /* Child: create multiple namespace types */ + if (setup_userns() < 0) + exit(1); + + /* Create additional namespace types */ + if (unshare(CLONE_NEWNET) < 0) + exit(1); + if (unshare(CLONE_NEWUTS) < 0) + exit(1); + if (unshare(CLONE_NEWIPC) < 0) + exit(1); + + exit(0); + } + + /* Parent: wait for child */ + int status; + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + } + + /* Verify we're back to baseline */ + ret_after =3D sys_listns(&req, ns_ids_after, ARRAY_SIZE(ns_ids_after), 0); + ASSERT_GE(ret_after, 0); + + TH_LOG("After 50 rapid mixed namespace cycles: %zd active namespaces", re= t_after); + ASSERT_EQ(ret_before, ret_after); +} + +/* + * Test nested namespace creation under stress. + * Create deeply nested namespace hierarchies and verify proper cleanup. + */ +TEST(nested_namespace_stress) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids_before[512], ns_ids_after[512]; + ssize_t ret_before, ret_after; + int i; + + /* Get baseline */ + ret_before =3D sys_listns(&req, ns_ids_before, ARRAY_SIZE(ns_ids_before),= 0); + if (ret_before < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret_before, 0); + } + + TH_LOG("Baseline: %zd active user namespaces", ret_before); + + /* Create 20 processes, each with nested user namespaces */ + for (i =3D 0; i < 20; i++) { + pid_t pid =3D fork(); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int userns_fd; + uid_t orig_uid =3D getuid(); + int depth; + + /* Create nested user namespaces (up to 5 levels) */ + for (depth =3D 0; depth < 5; depth++) { + userns_fd =3D get_userns_fd(0, (depth =3D=3D 0) ? orig_uid : 0, 1); + if (userns_fd < 0) + exit(1); + + if (setns(userns_fd, CLONE_NEWUSER) < 0) { + close(userns_fd); + exit(1); + } + close(userns_fd); + } + + exit(0); + } + + /* Parent: wait for child */ + int status; + waitpid(pid, &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + } + + /* Verify we're back to baseline */ + ret_after =3D sys_listns(&req, ns_ids_after, ARRAY_SIZE(ns_ids_after), 0); + ASSERT_GE(ret_after, 0); + + TH_LOG("After 20 nested namespace hierarchies: %zd active user namespaces= ", ret_after); + ASSERT_EQ(ret_before, ret_after); +} + +/* + * Test listns() pagination under stress. + * Create many namespaces and verify pagination works correctly. + */ +TEST(listns_pagination_stress) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + pid_t pids[30]; + int num_children =3D 30; + int i; + int sv[2]; + __u64 all_ns_ids[512]; + int total_found =3D 0; + + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sv), 0); + + /* Create many children with user namespaces */ + for (i =3D 0; i < num_children; i++) { + pids[i] =3D fork(); + ASSERT_GE(pids[i], 0); + + if (pids[i] =3D=3D 0) { + char c; + close(sv[0]); + + if (setup_userns() < 0) { + close(sv[1]); + exit(1); + } + + /* Signal parent we're ready */ + if (write(sv[1], &c, 1) !=3D 1) { + close(sv[1]); + exit(1); + } + + /* Wait for parent signal to exit */ + if (read(sv[1], &c, 1) !=3D 1) { + close(sv[1]); + exit(1); + } + + close(sv[1]); + exit(0); + } + } + + close(sv[1]); + + /* Wait for all children to signal ready */ + for (i =3D 0; i < num_children; i++) { + char c; + if (read(sv[0], &c, 1) !=3D 1) { + /* If we fail to read, kill all children and exit */ + close(sv[0]); + for (int j =3D 0; j < num_children; j++) + kill(pids[j], SIGKILL); + for (int j =3D 0; j < num_children; j++) + waitpid(pids[j], NULL, 0); + ASSERT_TRUE(false); + } + } + + /* Paginate through all namespaces using small batch sizes */ + req.ns_id =3D 0; + while (1) { + __u64 batch[5]; /* Small batch size to force pagination */ + ssize_t ret; + + ret =3D sys_listns(&req, batch, ARRAY_SIZE(batch), 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) { + close(sv[0]); + for (i =3D 0; i < num_children; i++) + kill(pids[i], SIGKILL); + for (i =3D 0; i < num_children; i++) + waitpid(pids[i], NULL, 0); + SKIP(return, "listns() not supported"); + } + ASSERT_GE(ret, 0); + } + + if (ret =3D=3D 0) + break; + + /* Store results */ + for (i =3D 0; i < ret && total_found < 512; i++) { + all_ns_ids[total_found++] =3D batch[i]; + } + + /* Update cursor for next batch */ + if (ret =3D=3D ARRAY_SIZE(batch)) + req.ns_id =3D batch[ret - 1]; + else + break; + } + + TH_LOG("Paginated through %d user namespaces", total_found); + + /* Verify no duplicates in pagination */ + for (i =3D 0; i < total_found; i++) { + for (int j =3D i + 1; j < total_found; j++) { + if (all_ns_ids[i] =3D=3D all_ns_ids[j]) { + TH_LOG("Found duplicate ns_id: %llu at positions %d and %d", + (unsigned long long)all_ns_ids[i], i, j); + ASSERT_TRUE(false); + } + } + } + + /* Signal all children to exit */ + for (i =3D 0; i < num_children; i++) { + char c =3D 'X'; + if (write(sv[0], &c, 1) !=3D 1) { + close(sv[0]); + for (int j =3D i; j < num_children; j++) + kill(pids[j], SIGKILL); + for (int j =3D 0; j < num_children; j++) + waitpid(pids[j], NULL, 0); + ASSERT_TRUE(false); + } + } + + close(sv[0]); + + /* Wait for all children */ + for (i =3D 0; i < num_children; i++) { + int status; + waitpid(pids[i], &status, 0); + } +} + +/* + * Test concurrent namespace operations. + * Multiple processes creating, querying, and destroying namespaces concur= rently. + */ +TEST(concurrent_namespace_operations) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D 0, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids_before[512], ns_ids_after[512]; + ssize_t ret_before, ret_after; + pid_t pids[20]; + int num_workers =3D 20; + int i; + + /* Get baseline */ + ret_before =3D sys_listns(&req, ns_ids_before, ARRAY_SIZE(ns_ids_before),= 0); + if (ret_before < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret_before, 0); + } + + TH_LOG("Baseline: %zd active namespaces", ret_before); + + /* Create worker processes that do concurrent operations */ + for (i =3D 0; i < num_workers; i++) { + pids[i] =3D fork(); + ASSERT_GE(pids[i], 0); + + if (pids[i] =3D=3D 0) { + /* Each worker: create namespaces, list them, repeat */ + int iterations; + + for (iterations =3D 0; iterations < 10; iterations++) { + int userns_fd; + __u64 temp_ns_ids[100]; + ssize_t ret; + + /* Create a user namespace */ + userns_fd =3D get_userns_fd(0, getuid(), 1); + if (userns_fd < 0) + continue; + + /* List namespaces */ + ret =3D sys_listns(&req, temp_ns_ids, ARRAY_SIZE(temp_ns_ids), 0); + (void)ret; + + close(userns_fd); + + /* Small delay */ + usleep(1000); + } + + exit(0); + } + } + + /* Wait for all workers */ + for (i =3D 0; i < num_workers; i++) { + int status; + waitpid(pids[i], &status, 0); + ASSERT_TRUE(WIFEXITED(status)); + ASSERT_EQ(WEXITSTATUS(status), 0); + } + + /* Verify we're back to baseline */ + ret_after =3D sys_listns(&req, ns_ids_after, ARRAY_SIZE(ns_ids_after), 0); + ASSERT_GE(ret_after, 0); + + TH_LOG("After concurrent operations: %zd active namespaces", ret_after); + ASSERT_EQ(ret_before, ret_after); +} + +/* + * Test namespace churn - continuous creation and destruction. + * Simulates high-churn scenarios like container orchestration. + */ +TEST(namespace_churn) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER | CLONE_NEWNET | CLONE_NEWUTS, + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + __u64 ns_ids_before[512], ns_ids_after[512]; + ssize_t ret_before, ret_after; + int cycle; + + /* Get baseline */ + ret_before =3D sys_listns(&req, ns_ids_before, ARRAY_SIZE(ns_ids_before),= 0); + if (ret_before < 0) { + if (errno =3D=3D ENOSYS) + SKIP(return, "listns() not supported"); + ASSERT_GE(ret_before, 0); + } + + TH_LOG("Baseline: %zd active namespaces", ret_before); + + /* Simulate churn: batches of namespaces created and destroyed */ + for (cycle =3D 0; cycle < 10; cycle++) { + pid_t batch_pids[10]; + int i; + + /* Create batch */ + for (i =3D 0; i < 10; i++) { + batch_pids[i] =3D fork(); + ASSERT_GE(batch_pids[i], 0); + + if (batch_pids[i] =3D=3D 0) { + /* Create multiple namespace types */ + if (setup_userns() < 0) + exit(1); + if (unshare(CLONE_NEWNET) < 0) + exit(1); + if (unshare(CLONE_NEWUTS) < 0) + exit(1); + + /* Keep namespaces alive briefly */ + usleep(10000); + exit(0); + } + } + + /* Wait for batch to complete */ + for (i =3D 0; i < 10; i++) { + int status; + waitpid(batch_pids[i], &status, 0); + } + } + + /* Verify we're back to baseline */ + ret_after =3D sys_listns(&req, ns_ids_after, ARRAY_SIZE(ns_ids_after), 0); + ASSERT_GE(ret_after, 0); + + TH_LOG("After 10 churn cycles (100 namespace sets): %zd active namespaces= ", ret_after); + ASSERT_EQ(ret_before, ret_after); +} + +TEST_HARNESS_MAIN --=20 2.47.3 From nobody Sat Feb 7 05:01:07 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 142EE36E364; Wed, 29 Oct 2025 12:26:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740804; cv=none; b=dUmlNxkuZ2nlMcAtr5LpA03TKpna64U/GnolDi9fYx3/j2BwELeO8suRxa5GIwJ8pMh9AhYZ4jOyQjihty19GCFCTqqqG7qAnxxtpE8O/r+noVGnVgOdjwO0MS8tM1iW2AKJCnfa1AUOn8c3BpasmkXfqHR2d9pU7BfrnZmOX08= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761740804; c=relaxed/simple; bh=QwDkSH3kLhu9Ya7BrIayv5fawfziMOL3Z/w1iCrFClA=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=kgnelzXUPcVlxlSI7qSUeg5IWGVj4exXoycE66qhMr2t5kWuA57SPUL+buhxzIhm7HPnsFZNq5mdtrbbogR2El/pA328n+n22Qk5gkT+rWhywcXvaxNAe5bDCwGGj6ZgWF11vwUDwOu0Sy82GwGgZVcup2UMHAVzrx2H6GrWmo4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=efcNJ+8u; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="efcNJ+8u" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 81FF3C4CEFD; Wed, 29 Oct 2025 12:26:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1761740803; bh=QwDkSH3kLhu9Ya7BrIayv5fawfziMOL3Z/w1iCrFClA=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=efcNJ+8uAGYgVJbZ2+NBccn0ZQjG0fPIeB9bz8Nq0SvOmbsmZbWL2tJv0RmtWuAcT 6zjksw5gEJUS3CTWxDoMFibgLEB6AUF2Q7gb2xiMSUXtFtWn/R23M4jOL7ltrbeb/u ol8T5k8j2uI36alxuWbyjFpN2yh7nG2YVvLZ2jnHaycmO1CiR3Mgvg7JyP2LGmIYiG +rZ9q07n80+XgXbYUo7iiqhpAueRLthbXqwJfOlMJ3cZZDTiz5X3Rv/FWRu7/ys5fc plACgDT26f5t1kqpEDGrpKLNv9NHobqbxbvmjqzWpAzf61uvI7d9JY44s3T43Yd6fv x+fe2AFckhDvw== From: Christian Brauner Date: Wed, 29 Oct 2025 13:21:25 +0100 Subject: [PATCH v4 72/72] selftests/namespace: test listns() pagination Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20251029-work-namespace-nstree-listns-v4-72-2e6f823ebdc0@kernel.org> References: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> In-Reply-To: <20251029-work-namespace-nstree-listns-v4-0-2e6f823ebdc0@kernel.org> To: linux-fsdevel@vger.kernel.org, Josef Bacik , Jeff Layton Cc: Jann Horn , Mike Yuan , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Lennart Poettering , Daan De Meyer , Aleksa Sarai , Amir Goldstein , Tejun Heo , Johannes Weiner , Thomas Gleixner , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, Arnd Bergmann , Christian Brauner X-Mailer: b4 0.15-dev-96507 X-Developer-Signature: v=1; a=openpgp-sha256; l=5137; i=brauner@kernel.org; h=from:subject:message-id; bh=QwDkSH3kLhu9Ya7BrIayv5fawfziMOL3Z/w1iCrFClA=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMWQysU2Q6TYOOrAk4Uqv2a6PU97OSDk4V3iXc2lF9qw7V 9bLNs/f0VHKwiDGxSArpsji0G4SLrecp2KzUaYGzBxWJpAhDFycAjCRr7cY/ns7ZRsJZzbwPppe 8cv9zwKpRUsNd3+Z+mvKtucPDonOmLybkWGV8ufIx7KLt98y1tn/RHRfXY2bu71myPa+d+eblx/ 4ncAFAA== X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Minimal test case to reproduce KASAN out-of-bounds in listns pagination. Signed-off-by: Christian Brauner --- tools/testing/selftests/namespaces/.gitignore | 1 + tools/testing/selftests/namespaces/Makefile | 4 +- .../selftests/namespaces/listns_pagination_bug.c | 138 +++++++++++++++++= ++++ 3 files changed, 142 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/namespaces/.gitignore b/tools/testing/= selftests/namespaces/.gitignore index f6dcf769f150..f4d2209ca4e4 100644 --- a/tools/testing/selftests/namespaces/.gitignore +++ b/tools/testing/selftests/namespaces/.gitignore @@ -7,3 +7,4 @@ listns_permissions_test siocgskns_test cred_change_test stress_test +listns_pagination_bug diff --git a/tools/testing/selftests/namespaces/Makefile b/tools/testing/se= lftests/namespaces/Makefile index 3c776740f3ac..01569e0abbdb 100644 --- a/tools/testing/selftests/namespaces/Makefile +++ b/tools/testing/selftests/namespaces/Makefile @@ -10,7 +10,8 @@ TEST_GEN_PROGS :=3D nsid_test \ listns_permissions_test \ siocgskns_test \ cred_change_test \ - stress_test + stress_test \ + listns_pagination_bug =20 include ../lib.mk =20 @@ -20,4 +21,5 @@ $(OUTPUT)/listns_permissions_test: ../filesystems/utils.c $(OUTPUT)/siocgskns_test: ../filesystems/utils.c $(OUTPUT)/cred_change_test: ../filesystems/utils.c $(OUTPUT)/stress_test: ../filesystems/utils.c +$(OUTPUT)/listns_pagination_bug: ../filesystems/utils.c =20 diff --git a/tools/testing/selftests/namespaces/listns_pagination_bug.c b/t= ools/testing/selftests/namespaces/listns_pagination_bug.c new file mode 100644 index 000000000000..da7d33f96397 --- /dev/null +++ b/tools/testing/selftests/namespaces/listns_pagination_bug.c @@ -0,0 +1,138 @@ +// SPDX-License-Identifier: GPL-2.0 +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "../filesystems/utils.h" +#include "wrappers.h" + +/* + * Minimal test case to reproduce KASAN out-of-bounds in listns pagination. + * + * The bug occurs when: + * 1. Filtering by a specific namespace type (e.g., CLONE_NEWUSER) + * 2. Using pagination (req.ns_id !=3D 0) + * 3. The lookup_ns_id_at() call in do_listns() passes ns_type=3D0 instead= of + * the filtered type, causing it to search the unified tree and potenti= ally + * return a namespace of the wrong type. + */ +TEST(pagination_with_type_filter) +{ + struct ns_id_req req =3D { + .size =3D sizeof(req), + .spare =3D 0, + .ns_id =3D 0, + .ns_type =3D CLONE_NEWUSER, /* Filter by user namespace */ + .spare2 =3D 0, + .user_ns_id =3D 0, + }; + pid_t pids[10]; + int num_children =3D 10; + int i; + int sv[2]; + __u64 first_batch[3]; + ssize_t ret; + + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sv), 0); + + /* Create children with user namespaces */ + for (i =3D 0; i < num_children; i++) { + pids[i] =3D fork(); + ASSERT_GE(pids[i], 0); + + if (pids[i] =3D=3D 0) { + char c; + close(sv[0]); + + if (setup_userns() < 0) { + close(sv[1]); + exit(1); + } + + /* Signal parent we're ready */ + if (write(sv[1], &c, 1) !=3D 1) { + close(sv[1]); + exit(1); + } + + /* Wait for parent signal to exit */ + if (read(sv[1], &c, 1) !=3D 1) { + close(sv[1]); + exit(1); + } + + close(sv[1]); + exit(0); + } + } + + close(sv[1]); + + /* Wait for all children to signal ready */ + for (i =3D 0; i < num_children; i++) { + char c; + if (read(sv[0], &c, 1) !=3D 1) { + close(sv[0]); + for (int j =3D 0; j < num_children; j++) + kill(pids[j], SIGKILL); + for (int j =3D 0; j < num_children; j++) + waitpid(pids[j], NULL, 0); + ASSERT_TRUE(false); + } + } + + /* First batch - this should work */ + ret =3D sys_listns(&req, first_batch, 3, 0); + if (ret < 0) { + if (errno =3D=3D ENOSYS) { + close(sv[0]); + for (i =3D 0; i < num_children; i++) + kill(pids[i], SIGKILL); + for (i =3D 0; i < num_children; i++) + waitpid(pids[i], NULL, 0); + SKIP(return, "listns() not supported"); + } + ASSERT_GE(ret, 0); + } + + TH_LOG("First batch returned %zd entries", ret); + + if (ret =3D=3D 3) { + __u64 second_batch[3]; + + /* Second batch - pagination triggers the bug */ + req.ns_id =3D first_batch[2]; /* Continue from last ID */ + ret =3D sys_listns(&req, second_batch, 3, 0); + + TH_LOG("Second batch returned %zd entries", ret); + ASSERT_GE(ret, 0); + } + + /* Signal all children to exit */ + for (i =3D 0; i < num_children; i++) { + char c =3D 'X'; + if (write(sv[0], &c, 1) !=3D 1) { + close(sv[0]); + for (int j =3D i; j < num_children; j++) + kill(pids[j], SIGKILL); + for (int j =3D 0; j < num_children; j++) + waitpid(pids[j], NULL, 0); + ASSERT_TRUE(false); + } + } + + close(sv[0]); + + /* Cleanup */ + for (i =3D 0; i < num_children; i++) { + int status; + waitpid(pids[i], &status, 0); + } +} + +TEST_HARNESS_MAIN --=20 2.47.3