Provide the /proc/container directory to containerize a process or retrieve an associated container. We need a reasonable quick mechanism to trigger container creation. A process becomes the root of a container if it writes a unique name to the /proc/container file. If the process does not already belong to a container and the name is unique, a container is created and the calling process becomes the root. Reading from the file returns the name of the container. Signed-off-by: Hubertus Franke --- Makefile | 2 container_api.c | 116 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 117 insertions(+), 1 deletion(-) Index: linux-2.6.15/kernel/Makefile =================================================================== --- linux-2.6.15.orig/kernel/Makefile 2006-01-17 08:37:08.000000000 -0500 +++ linux-2.6.15/kernel/Makefile 2006-01-17 08:37:09.000000000 -0500 @@ -8,7 +8,7 @@ signal.o sys.o kmod.o workqueue.o pid.o \ rcupdate.o intermodule.o extable.o params.o posix-timers.o \ kthread.o wait.o kfifo.o sys_ni.o posix-cpu-timers.o \ - container.o + container.o container_api.o obj-$(CONFIG_FUTEX) += futex.o obj-$(CONFIG_GENERIC_ISA_DMA) += dma.o Index: linux-2.6.15/kernel/container_api.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ linux-2.6.15/kernel/container_api.c 2006-01-17 08:37:09.000000000 -0500 @@ -0,0 +1,116 @@ +/* + * External Interface to containers + * + * This is only for quick bootstrapping the container support + * A proper external API needs to be found + * + * Copyright (C) Hubertus Franke, IBM Corp. 2005 + * + */ + +/* Changes + * + * 11/22/2005: Created + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +MODULE_LICENSE("GPL"); + +#define DPRINTK( fmt, args...) // printk( "%s: " fmt, __FUNCTION__, ##args) + +/**************************************************************** + * P R O C F S S T U F F + ****************************************************************/ + +static ssize_t container_write(struct file *file, const char __user *ubuf, + size_t count, loff_t *p) +{ + const char *delims = " \t\n"; + char kbuf[MAX_CONTAINER_NAME_LEN]; + char *cptr; + char *cname; + int rc; + + if (current->container) + return -EPERM; + if (count >= MAX_CONTAINER_NAME_LEN) + return -EINVAL; + if (copy_from_user(kbuf, ubuf, count)) + return -EFAULT; + kbuf[MAX_CONTAINER_NAME_LEN-1] = '\0'; + + cptr = kbuf; + cname = strsep(&cptr,delims); + DPRINTK("<%s:%d>: <%s>\n", current->comm, task_pid(current), cname); + rc = container_new(cname); + if (rc < 0) + return rc; + return count; +} + +static ssize_t container_read(struct file *file, char __user *ubuf, + size_t count, loff_t *ppos) +{ + char kbuf[MAX_CONTAINER_NAME_LEN]; + int len; + char *cname; + loff_t __ppos = *ppos; + + cname = current->container ? current->container->name : ""; + len = sprintf(kbuf,"%s\n",cname); + if (__ppos >= len) + return 0; + if (count > len-__ppos) + count = len-__ppos; + if (copy_to_user(ubuf, kbuf+__ppos, count)) + return -EFAULT; + *ppos += __ppos + count; + DPRINTK("%s: caller <%s:%d>: <%s>\n", + current->comm, task_pid(current), cname); + return count; +} + +static struct file_operations container_proc_operations = { + .read = container_read, + .write = container_write, +}; + +/**************************************************************** + * + ****************************************************************/ + +static int __init container_init(void) +{ + int rc = 0; + struct proc_dir_entry *entry; + + entry = create_proc_entry("container", S_IWUGO|S_IRUGO, NULL); + if (entry) + entry->proc_fops = &container_proc_operations; + else + rc = -EINVAL; + + /* Other initialization */ + + if (rc) + remove_proc_entry("container", NULL); + return rc; +} + +static void __exit container_exit(void) +{ +} + +module_init(container_init); +module_exit(container_exit); + --