From: Oleg Nesterov <oleg@redhat.com>
To: Daniel Lezcano <daniel.lezcano@free.fr>
Cc: akpm@linux-foundation.org, containers@lists.linux-foundation.org,
linux-kernel@vger.kernel.org, xemul@openvz.org,
sukadev@us.ibm.com, ebiederm@xmission.com
Subject: Re: [PATCH 1/2] pidns: Don't allow new pids after the namespace is dead.
Date: Thu, 17 Feb 2011 21:54:58 +0100 [thread overview]
Message-ID: <20110217205458.GB16076@redhat.com> (raw)
In-Reply-To: <4D5C5BE8.5020803@free.fr>
On 02/17, Daniel Lezcano wrote:
>
> On 02/15/2011 07:30 PM, Oleg Nesterov wrote:
>> On 02/15, Daniel Lezcano wrote:
>>> In the case of unsharing or joining a pid namespace, it becomes
>>> possible to attempt to allocate a pid after zap_pid_namespace has
>>> killed everything in the namespace. Close the hole for now by simply
>>> not allowing any of those pid allocations to succeed.
>> Daniel, please explain more. It seems, a long ago I knew the reason
>> for this patch, but now I can't recall and can't understand this change.
>
> The idea behind unsharing the pid namespace is the current pid is not
> mapped in the newly created pid namespace and appears as the pid 0.
Well, not exactly afaics... but doesn't matter.
> When
> it forks, the child process becomes the init pid of the new pid
> namespace.
Yes, I see. And this is what I personally dislike. Because, iow,
unshare(PID) changes current->nspory->pid_ns to affect the behaviour
of copy_process() , this really looks like "action at a distance" to
me. Too subtle and fragile. But, once again, this is just imho, feel
free to ignore.
> When this pid namespace dies because the init pid exited, the
> parent process (aka pid 0) can no longer fork because the pid namespace
> is flagged dead. This is what does this patch.
OK, thanks. I seem to understand. May be ;)
I'd suggest you to add this explanation to the changelog.
>>> --- a/include/linux/pid_namespace.h
>>> +++ b/include/linux/pid_namespace.h
>>> @@ -20,6 +20,7 @@ struct pid_namespace {
>>> struct kref kref;
>>> struct pidmap pidmap[PIDMAP_ENTRIES];
>>> int last_pid;
>>> + atomic_t dead;
>> Why atomic_t? It is used as a plain boolean.
>>
>> And I can't unde
>
> I think Eric used an atomic because it is lockless with alloc_pid vs
> zap_pid_ns_processes.
Can't understand...
But anyway, I strongly believe atomic_t buys nothing in this patch.
May be it is needed for the next changes, I dunno.
Oleg.
next prev parent reply other threads:[~2011-02-17 21:04 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-15 16:53 [PATCH 1/2] pidns: Don't allow new pids after the namespace is dead Daniel Lezcano
2011-02-15 16:53 ` [PATCH 2/2] pidns: Support unsharing the pid namespace Daniel Lezcano
2011-02-15 19:01 ` Oleg Nesterov
2011-02-15 19:15 ` [PATCH 0/1] Was: " Oleg Nesterov
2011-02-15 19:17 ` [PATCH 1/1][3rd resend] sys_unshare: remove the dead CLONE_THREAD/SIGHAND/VM code Oleg Nesterov
2011-02-21 0:17 ` Serge E. Hallyn
[not found] ` <20110215191711.GC16707-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2011-02-21 0:17 ` Serge E. Hallyn
[not found] ` <20110215191521.GB16707-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2011-02-15 19:17 ` Oleg Nesterov
[not found] ` <20110215190118.GA16707-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2011-02-15 19:15 ` [PATCH 0/1] Was: pidns: Support unsharing the pid namespace Oleg Nesterov
2011-02-16 23:47 ` [PATCH 2/2] " Daniel Lezcano
2011-02-16 23:47 ` Daniel Lezcano
[not found] ` <4D5C6219.8060207-GANU6spQydw@public.gmane.org>
2011-02-17 20:29 ` Oleg Nesterov
2011-02-17 20:29 ` Oleg Nesterov
[not found] ` <20110217202959.GA16076-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2011-02-17 22:35 ` Greg Kurz
2011-02-17 22:35 ` Greg Kurz
[not found] ` <4D5DA2CF.5010200-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2011-02-18 14:40 ` Oleg Nesterov
2011-02-18 14:40 ` Oleg Nesterov
[not found] ` <1297788824-20534-2-git-send-email-daniel.lezcano-GANU6spQydw@public.gmane.org>
2011-02-15 19:01 ` Oleg Nesterov
2011-02-24 1:12 ` Rob Landley
2011-02-24 1:12 ` Rob Landley
2011-02-15 18:30 ` [PATCH 1/2] pidns: Don't allow new pids after the namespace is dead Oleg Nesterov
2011-02-16 23:21 ` Daniel Lezcano
[not found] ` <4D5C5BE8.5020803-GANU6spQydw@public.gmane.org>
2011-02-17 20:54 ` Oleg Nesterov
2011-02-17 20:54 ` Oleg Nesterov [this message]
[not found] ` <20110215183028.GA15568-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2011-02-16 23:21 ` Daniel Lezcano
[not found] ` <1297788824-20534-1-git-send-email-daniel.lezcano-GANU6spQydw@public.gmane.org>
2011-02-15 16:53 ` [PATCH 2/2] pidns: Support unsharing the pid namespace Daniel Lezcano
2011-02-15 18:30 ` [PATCH 1/2] pidns: Don't allow new pids after the namespace is dead Oleg Nesterov
-- strict thread matches above, loose matches on Subject: below --
2011-02-15 16:53 Daniel Lezcano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110217205458.GB16076@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=containers@lists.linux-foundation.org \
--cc=daniel.lezcano@free.fr \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=sukadev@us.ibm.com \
--cc=xemul@openvz.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.