static struct user_namespace *clone_user_ns(struct user_namespace *old_ns) {

struct user_namespace *ns; struct user_struct *new_user;

ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);

/* Reset current->user with a new one */ new_user = alloc_uid(ns, current->uid);

switch_uid(new_user); return ns;

alloc_uid is a helper function that allocates an instance of user_struct for a user with a given UID in the current namespace if none exists yet. Once an instance has been set up for both root and the current user, switch_uid ensures that the new user_struct will be used to account resources from now on. This essentially works by setting the user element of struct task_struct to the new user_struct instance.

Notice that if support for user namespaces is not compiled in, cloning a user namespace is a null operation: The default namespace is always used.

Continue reading here: Process Identifiers

Was this article helpful?

0 0