[PATCH 4/9] allow killing tasks in your own or child userns

Andrew Morton akpm at linux-foundation.org
Wed Feb 23 16:54:30 PST 2011


On Thu, 24 Feb 2011 00:48:18 +0000
"Serge E. Hallyn" <serge at hallyn.com> wrote:

> Quoting Andrew Morton (akpm at linux-foundation.org):
> > On Thu, 17 Feb 2011 15:03:25 +0000
> > "Serge E. Hallyn" <serge at hallyn.com> wrote:
> > 
> > >  /*
> > > + * called with RCU read lock from check_kill_permission()
> > > + */
> > > +static inline int kill_ok_by_cred(struct task_struct *t)
> > > +{
> > > +	const struct cred *cred = current_cred();
> > > +	const struct cred *tcred = __task_cred(t);
> > > +
> > > +	if (cred->user->user_ns == tcred->user->user_ns &&
> > > +	    (cred->euid == tcred->suid ||
> > > +	     cred->euid == tcred->uid ||
> > > +	     cred->uid  == tcred->suid ||
> > > +	     cred->uid  == tcred->uid))
> > > +		return 1;
> > > +
> > > +	if (ns_capable(tcred->user->user_ns, CAP_KILL))
> > > +		return 1;
> > > +
> > > +	return 0;
> > > +}
> > 
> > The compiler will inline this for us.
> 
> Is that simply true with everything (worth inlining) nowadays, or is
> there a particular implicit hint to the compiler that'll make that
> happen?

We've basically stopped inlining things nowadays.  gcc inlines
aggressively and sometimes we have to use noinline to stop it.  Also,
modern gcc's like to ignore the inline directive anwyay, so we have to
resort to __always_inline when we disagree.




More information about the Containers mailing list