diff options
author | Dmitry Torokhov <dmitry.torokhov@gmail.com> | 2018-07-20 21:56:48 +0000 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2018-07-20 23:44:35 -0700 |
commit | 5f81880d5204ee2388fd9a75bb850ccd526885b7 (patch) | |
tree | 7f7c7d943e679c97d7bf28f89b499a22109c07ff /lib/kobject.c | |
parent | 488dee96bb62f0b3d9e678cf42574034d5b033a5 (diff) | |
download | linux-5f81880d5204ee2388fd9a75bb850ccd526885b7.tar.gz linux-5f81880d5204ee2388fd9a75bb850ccd526885b7.tar.bz2 linux-5f81880d5204ee2388fd9a75bb850ccd526885b7.zip |
sysfs, kobject: allow creating kobject belonging to arbitrary users
Normally kobjects and their sysfs representation belong to global root,
however it is not necessarily the case for objects in separate namespaces.
For example, objects in separate network namespace logically belong to the
container's root and not global root.
This change lays groundwork for allowing network namespace objects
ownership to be transferred to container's root user by defining
get_ownership() callback in ktype structure and using it in sysfs code to
retrieve desired uid/gid when creating sysfs objects for given kobject.
Co-Developed-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'lib/kobject.c')
-rw-r--r-- | lib/kobject.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/lib/kobject.c b/lib/kobject.c index 18989b5b3b56..f2dc1f756007 100644 --- a/lib/kobject.c +++ b/lib/kobject.c @@ -35,6 +35,25 @@ const void *kobject_namespace(struct kobject *kobj) return kobj->ktype->namespace(kobj); } +/** + * kobject_get_ownership - get sysfs ownership data for @kobj + * @kobj: kobject in question + * @uid: kernel user ID for sysfs objects + * @gid: kernel group ID for sysfs objects + * + * Returns initial uid/gid pair that should be used when creating sysfs + * representation of given kobject. Normally used to adjust ownership of + * objects in a container. + */ +void kobject_get_ownership(struct kobject *kobj, kuid_t *uid, kgid_t *gid) +{ + *uid = GLOBAL_ROOT_UID; + *gid = GLOBAL_ROOT_GID; + + if (kobj->ktype->get_ownership) + kobj->ktype->get_ownership(kobj, uid, gid); +} + /* * populate_dir - populate directory with attributes. * @kobj: object we're working on. |