Yes. It's a PITA that the bottom 8 bits map to exec_domain, and the
rest are random flags. If each different personality mapped to a
separate exec_domain, the flags could be moved to the exec_domain
struct and it'd be far more logical. But as you say, this would break
userspace which expects to be able to set the exec_domain and the
flags separately 8(.
BTW, there's a module refcount leak here:
int
__set_personality(u_long personality)
{
struct exec_domain *ep, *oep;
ep = lookup_exec_domain(personality);
if (ep == current_thread_info()->exec_domain) {
current->personality = personality;
return 0;
}
You need "module_put(ep->owner)", since lookup_exec_domain bumps the
refcount.
> > That applies to any kernel mod, of course. qemu is much more usable
> > (ie. it's sanely packagable) with this functionality, ie. it's pretty
> > much a requirement for increasing adoption.
>
> You can just easily let it run in a chroot or separate namespace,
> you just won't get second look semantics. (Personally I think that's
> a benefit, but some people disagree with this).
No, then you can't access your files, which is unacceptable for many
users.
I've done the userspace implementation: I'll see if Fabrice chokes on
the speed hit.
Cheers,
Rusty.
-- Anyone who quotes me in their sig is an idiot. -- Rusty Russell. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/