Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\user_namespace.c Create Date:2022-07-28 11:18:53
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:Create a new user namespace, deriving the creator from the user in the* passed credentials, and replacing that user with the new root user for the* new namespace.* This is called by copy_creds(), which will finish setting the target task's* credentials.

Proto:int create_user_ns(struct cred *new)

Type:int

Parameter:

TypeParameterName
struct cred *new
71  parent_ns = user_ns the caps and keyrings are relative to.
72  owner = effective UID of the task
73  group = effective GID of the task
77  ret = -ENOSPC
78  If level > 32 Then Go to fail
81  ucounts = inc_user_namespaces(parent_ns, owner)
82  If Not ucounts Then Go to fail
91  ret = -EPERM
92  If current_chrooted() Then Go to fail_dec
99  ret = -EPERM
100  If Not kuid_has_mapping(parent_ns, owner) || Not kgid_has_mapping(parent_ns, group) Then Go to fail_dec
104  ret = -ENOMEM
105  ns = Shortcuts
106  If Not ns Then Go to fail_dec
109  ret = ns_alloc_inum( & ns)
110  If ret Then Go to fail_free
112  ops = userns_operations
114  atomic_set( & count, 1)
116  parent = parent_ns
117  level = level + 1
118  owner = owner
119  group = group
120  INIT_WORK( & work, free_user_ns)
121  When i < UCOUNT_COUNTS cycle
122  ucount_max[i] = INT_MAX
124  ucounts = ucounts
127  mutex_lock( & userns_state_mutex)
128  flags = flags
129  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
132  Initialization list head
133  init_rwsem( & keyring_sem)
135  ret = -ENOMEM
136  If Not setup_userns_sysctls(ns) Then Go to fail_keyring
139  set_cred_user_ns(new, ns)
140  Return 0
141  fail_keyring :
143  key_put( Register of per-UID persistent keyrings for this namespace )
145  ns_free_inum( & ns)
146  fail_free :
147  kmem_cache_free - Deallocate an object*@cachep: The cache the allocation was from.*@objp: The previously allocated object.* Free an object which was previously allocated from this* cache.
148  fail_dec :
149  dec_user_namespaces(ucounts)
150  fail :
151  Return ret
Caller
NameDescribe
unshare_userns
copy_credsCopy a certificate