openzfs
diff --git a/‎cmd/zfs/zfs_main.c‎
Lines changed: 61 additions & 0 deletions b/‎cmd/zfs/zfs_main.c‎
Lines changed: 61 additions & 0 deletions
diff --git a/‎config/kernel-user-ns-inum.m4‎
Lines changed: 23 additions & 0 deletions b/‎config/kernel-user-ns-inum.m4‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎config/kernel.m4‎
Lines changed: 2 additions & 0 deletions b/‎config/kernel.m4‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎include/libzfs.h‎
Lines changed: 9 additions & 0 deletions b/‎include/libzfs.h‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎include/os/linux/spl/sys/zone.h‎
Lines changed: 27 additions & 4 deletions b/‎include/os/linux/spl/sys/zone.h‎
Lines changed: 27 additions & 4 deletions
@@ -127,6 +127,10 @@ static int zfs_do_jail(int argc, char **argv);
 static int zfs_do_unjail(int argc, char **argv);
 #endif
 
+#ifdef __linux__
+static int zfs_do_userns(int argc, char **argv);
+#endif
+
 /*
  * Enable a reasonable set of defaults for libumem debugging on DEBUG builds.
  */
@@ -184,6 +188,7 @@ typedef enum {
 	HELP_JAIL,
 	HELP_UNJAIL,
 	HELP_WAIT,
+	HELP_USERNS,
 } zfs_help_t;
 
 typedef struct zfs_command {
@@ -254,6 +259,10 @@ static zfs_command_t command_table[] = {
 	{ "jail",	zfs_do_jail,		HELP_JAIL		},
 	{ "unjail",	zfs_do_unjail,		HELP_UNJAIL		},
 #endif
+
+#ifdef __linux__
+	{ "userns",	zfs_do_userns,		HELP_USERNS		},
+#endif
 };
 
 #define	NCOMMAND	(sizeof (command_table) / sizeof (command_table[0]))
@@ -414,6 +423,9 @@ get_usage(zfs_help_t idx)
 		return (gettext("\tunjail <jailid|jailname> <filesystem>\n"));
 	case HELP_WAIT:
 		return (gettext("\twait [-t <activity>] <filesystem>\n"));
+	case HELP_USERNS:
+		return (gettext("\tuserns <attach|detach> <nsnum> "
+		    "<filesystem>\n"));
 	default:
 		__builtin_unreachable();
 	}
@@ -8727,6 +8739,55 @@ main(int argc, char **argv)
 	return (ret);
 }
 
+/*
+ * zfs userns attach|detach nsnum filesystem
+ *
+ * Add or delete the given dataset to/from the namespace.
+ */
+#ifdef __linux__
+static int
+zfs_do_userns(int argc, char **argv)
+{
+	zfs_handle_t *zhp;
+	unsigned long nsnum;
+	int ret;
+	int attach;
+
+	if (argc < 4) {
+		(void) fprintf(stderr, gettext("missing argument(s)\n"));
+		usage(B_FALSE);
+	}
+	if (argc > 4) {
+		(void) fprintf(stderr, gettext("too many arguments\n"));
+		usage(B_FALSE);
+	}
+
+	if (strcmp(argv[1], "attach") == 0) {
+		attach = 1;
+	} else if (strcmp(argv[1], "detach") == 0) {
+		attach = 0;
+	} else {
+		(void) fprintf(stderr, gettext("invalid subcommand\n"));
+		usage(B_FALSE);
+	}
+
+	nsnum = strtoul(argv[2], NULL, 10);
+	if (nsnum > UINT_MAX) {
+		(void) fprintf(stderr, gettext("invalid namespace number\n"));
+		usage(B_FALSE);
+	}
+
+	zhp = zfs_open(g_zfs, argv[3], ZFS_TYPE_FILESYSTEM);
+	if (zhp == NULL)
+		return (1);
+
+	ret = (zfs_userns(zhp, (unsigned int)nsnum, attach) != 0);
+
+	zfs_close(zhp);
+	return (ret);
+}
+#endif
+
 #ifdef __FreeBSD__
 #include <sys/jail.h>
 #include <jail.h>
 
@@ -0,0 +1,23 @@
+dnl #
+dnl # 3.18 API change
+dnl # struct user_namespace inum moved from .proc_inum to .ns.inum.
+dnl #
+AC_DEFUN([ZFS_AC_KERNEL_SRC_USER_NS_COMMON_INUM], [
+	ZFS_LINUX_TEST_SRC([user_ns_common_inum], [
+		#include <linux/user_namespace.h>
+	], [
+		struct user_namespace uns;
+		uns.ns.inum = 0;
+	])
+])
+
+AC_DEFUN([ZFS_AC_KERNEL_USER_NS_COMMON_INUM], [
+	AC_MSG_CHECKING([whether user_namespace->ns.inum exists])
+	ZFS_LINUX_TEST_RESULT([user_ns_common_inum], [
+		AC_MSG_RESULT(yes)
+		AC_DEFINE(HAVE_USER_NS_COMMON_INUM, 1,
+		    [user_namespace->ns.inum exists])
+	],[
+		AC_MSG_RESULT(no)
+	])
+])
@@ -134,6 +134,7 @@ AC_DEFUN([ZFS_AC_KERNEL_TEST_SRC], [
 	ZFS_AC_KERNEL_SRC_SET_SPECIAL_STATE
 	ZFS_AC_KERNEL_SRC_VFS_SET_PAGE_DIRTY_NOBUFFERS
 	ZFS_AC_KERNEL_SRC_STANDALONE_LINUX_STDARG
+	ZFS_AC_KERNEL_SRC_USER_NS_COMMON_INUM
 
 	AC_MSG_CHECKING([for available kernel interfaces])
 	ZFS_LINUX_TEST_COMPILE_ALL([kabi])
@@ -241,6 +242,7 @@ AC_DEFUN([ZFS_AC_KERNEL_TEST_RESULT], [
 	ZFS_AC_KERNEL_SET_SPECIAL_STATE
 	ZFS_AC_KERNEL_VFS_SET_PAGE_DIRTY_NOBUFFERS
 	ZFS_AC_KERNEL_STANDALONE_LINUX_STDARG
+	ZFS_AC_KERNEL_USER_NS_COMMON_INUM
 ])
 
 dnl #
 
@@ -962,6 +962,15 @@ _LIBZFS_H int zpool_nextboot(libzfs_handle_t *, uint64_t, uint64_t,
 
 #endif /* __FreeBSD__ */
 
+#ifdef __linux__
+
+/*
+ * Add or delete the given filesystem to/from the given user namespace.
+ */
+_LIBZFS_H int zfs_userns(zfs_handle_t *zhp, unsigned int nsnum, int attach);
+
+#endif
+
 #ifdef	__cplusplus
 }
 #endif
 
@@ -25,11 +25,34 @@
 #define	_SPL_ZONE_H
 
 #include <sys/byteorder.h>
+#include <sys/cred.h>
 
-#define	GLOBAL_ZONEID			0
+#include <linux/cred.h>
+#include <linux/user_namespace.h>
 
-#define	zone_dataset_visible(x, y)	(1)
-#define	crgetzoneid(x)			(GLOBAL_ZONEID)
-#define	INGLOBALZONE(z)			(1)
+/*
+ * Attach the given dataset to the given user namespace.
+ */
+extern int zone_dataset_attach(cred_t *, const char *, unsigned int);
+
+/*
+ * Detach the given dataset from the given user namespace.
+ */
+extern int zone_dataset_detach(cred_t *, const char *, unsigned int);
+
+/*
+ * Returns true if the named pool/dataset is visible in the current zone.
+ */
+extern int zone_dataset_visible(const char *dataset, int *write);
+
+int spl_zone_init(void);
+void spl_zone_fini(void);
+
+extern unsigned int crgetzoneid(const cred_t *);
+extern unsigned int global_zoneid(void);
+extern boolean_t inglobalzone(proc_t *);
+
+#define	INGLOBALZONE(x) inglobalzone(x)
+#define	GLOBAL_ZONEID	global_zoneid()
 
 #endif /* SPL_ZONE_H */