diff options
| author | Christian Brauner <brauner@kernel.org> | 2025-10-29 13:21:19 +0100 |
|---|---|---|
| committer | Christian Brauner <brauner@kernel.org> | 2025-11-03 17:41:24 +0100 |
| commit | c89d100f6a10efc1ee90d44125a5500bd5e6ab77 (patch) | |
| tree | 4343744dc533c1c8ecc1b04044a867fc8933ecec /net/unix/af_unix.c | |
| parent | c80168b677fbdbefecb5fb270a325f2928005687 (diff) | |
selftests/namespaces: twelth inactive namespace resurrection test
Test multi-level namespace resurrection across three user namespace levels.
This test creates a complex namespace hierarchy with three levels of user
namespaces and a network namespace at the deepest level. It verifies that
the resurrection semantics work correctly when SIOCGSKNS is called on a
socket from an inactive namespace tree, and that listns() and
open_by_handle_at() correctly respect visibility rules.
Hierarchy after child processes exit (all with 0 active refcount):
net_L3A (0) <- Level 3 network namespace
|
+
userns_L3 (0) <- Level 3 user namespace
|
+
userns_L2 (0) <- Level 2 user namespace
|
+
userns_L1 (0) <- Level 1 user namespace
|
x
init_user_ns
The test verifies:
1. SIOCGSKNS on a socket from inactive net_L3A resurrects the entire chain
2. After resurrection, all namespaces are visible in listns()
3. Resurrected namespaces can be reopened via file handles
4. Closing the netns FD cascades down: the entire ownership chain
(userns_L3 -> userns_L2 -> userns_L1) becomes inactive again
5. Inactive namespaces disappear from listns() and cannot be reopened
6. Calling SIOCGSKNS again on the same socket resurrects the tree again
7. After second resurrection, namespaces are visible and can be reopened
Link: https://patch.msgid.link/20251029-work-namespace-nstree-listns-v4-66-2e6f823ebdc0@kernel.org
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Christian Brauner <brauner@kernel.org>
Diffstat (limited to 'net/unix/af_unix.c')
0 files changed, 0 insertions, 0 deletions