All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Serge E. Hallyn" <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
To: Andrei Vagin <avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
Cc: Serge Hallyn
	<serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>,
	containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
	"Eric W. Biederman"
	<ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>,
	Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH 0/2 v2] userns: show current values of user namespace counters
Date: Tue, 16 Aug 2016 17:53:57 -0500	[thread overview]
Message-ID: <20160816225357.GA4140@mail.hallyn.com> (raw)
In-Reply-To: <1471291822-539-1-git-send-email-avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>

Quoting Andrei Vagin (avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org):
> Recently Eric added user namespace counters.  User namespace counters is
> a feature that allows to limit the number of various kernel objects a
> user can create. These limits are set via /proc/sys/user/ sysctls on a
> per user namespace basis and are applicable to all users in that
> namespace.
> 
> User namespace counters are not in the upstream tree yet,
> you can find them in Eric's tree:
> https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/log/?h=for-testing
> 
> This patch adds /proc/<pid>/userns_counts files to provide current usage
> of user namespace counters.
> 
>   > cat /proc/813/userns_counts
>   user_namespaces          101000               1
>   pid_namespaces           101000               1
>   ipc_namespaces           101000               4
>   net_namespaces           101000               2
>   mnt_namespaces           101000               5
>   mnt_namespaces           100000               1
> 
> The meanings of the columns are as follows, from left to right:
> 
>   Name         Object name
>   UID          User ID
>   Usage        Current usage
> 
> The full documentation is in the second patch.
> 
> v2: - describe this file in Documentation/filesystems/proc.txt
>     - move and rename into /proc/<pid>/userns_counts
> 
> Cc: Serge Hallyn <serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>

Acked-by: Serge Hallyn <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>

> Cc: Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
> Cc: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
> Signed-off-by: Andrei Vagin <avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
> 
> Andrei Vagin (1):
>   kernel: show current values of user namespace counters
> 
> Kirill Kolyshkin (1):
>   Documentation: describe /proc/<pid>/userns_counts
> 
>  Documentation/filesystems/proc.txt |  30 +++++++++++
>  fs/proc/array.c                    |  55 ++++++++++++++++++++
>  fs/proc/base.c                     |   1 +
>  fs/proc/internal.h                 |   1 +
>  include/linux/user_namespace.h     |   8 +++
>  kernel/ucount.c                    | 102 +++++++++++++++++++++++++++++++++++++
>  6 files changed, 197 insertions(+)
> 
> -- 
> 2.5.5
> _______________________________________________
> Containers mailing list
> Containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
> https://lists.linuxfoundation.org/mailman/listinfo/containers

WARNING: multiple messages have this Message-ID (diff)
From: "Serge E. Hallyn" <serge@hallyn.com>
To: Andrei Vagin <avagin@openvz.org>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
	Serge Hallyn <serge.hallyn@canonical.com>,
	containers@lists.linux-foundation.org,
	linux-kernel@vger.kernel.org, Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH 0/2 v2] userns: show current values of user namespace counters
Date: Tue, 16 Aug 2016 17:53:57 -0500	[thread overview]
Message-ID: <20160816225357.GA4140@mail.hallyn.com> (raw)
In-Reply-To: <1471291822-539-1-git-send-email-avagin@openvz.org>

Quoting Andrei Vagin (avagin@openvz.org):
> Recently Eric added user namespace counters.  User namespace counters is
> a feature that allows to limit the number of various kernel objects a
> user can create. These limits are set via /proc/sys/user/ sysctls on a
> per user namespace basis and are applicable to all users in that
> namespace.
> 
> User namespace counters are not in the upstream tree yet,
> you can find them in Eric's tree:
> https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/log/?h=for-testing
> 
> This patch adds /proc/<pid>/userns_counts files to provide current usage
> of user namespace counters.
> 
>   > cat /proc/813/userns_counts
>   user_namespaces          101000               1
>   pid_namespaces           101000               1
>   ipc_namespaces           101000               4
>   net_namespaces           101000               2
>   mnt_namespaces           101000               5
>   mnt_namespaces           100000               1
> 
> The meanings of the columns are as follows, from left to right:
> 
>   Name         Object name
>   UID          User ID
>   Usage        Current usage
> 
> The full documentation is in the second patch.
> 
> v2: - describe this file in Documentation/filesystems/proc.txt
>     - move and rename into /proc/<pid>/userns_counts
> 
> Cc: Serge Hallyn <serge.hallyn@canonical.com>

Acked-by: Serge Hallyn <serge@hallyn.com>

> Cc: Kees Cook <keescook@chromium.org>
> Cc: "Eric W. Biederman" <ebiederm@xmission.com>
> Signed-off-by: Andrei Vagin <avagin@openvz.org>
> 
> Andrei Vagin (1):
>   kernel: show current values of user namespace counters
> 
> Kirill Kolyshkin (1):
>   Documentation: describe /proc/<pid>/userns_counts
> 
>  Documentation/filesystems/proc.txt |  30 +++++++++++
>  fs/proc/array.c                    |  55 ++++++++++++++++++++
>  fs/proc/base.c                     |   1 +
>  fs/proc/internal.h                 |   1 +
>  include/linux/user_namespace.h     |   8 +++
>  kernel/ucount.c                    | 102 +++++++++++++++++++++++++++++++++++++
>  6 files changed, 197 insertions(+)
> 
> -- 
> 2.5.5
> _______________________________________________
> Containers mailing list
> Containers@lists.linux-foundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/containers

  parent reply	other threads:[~2016-08-16 22:53 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-08-15 20:10 [PATCH 0/2 v2] userns: show current values of user namespace counters Andrei Vagin
2016-08-15 20:10 ` Andrei Vagin
     [not found] ` <1471291822-539-1-git-send-email-avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
2016-08-15 20:10   ` [PATCH 1/2] kernel: " Andrei Vagin
2016-08-15 20:10     ` Andrei Vagin
     [not found]     ` <1471291822-539-2-git-send-email-avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
2016-08-16 20:00       ` Kees Cook
2016-08-16 20:00         ` Kees Cook
     [not found]         ` <CAGXu5jK0vt9WAaX4a5ihV+iVGFSnn0JJOKAVXocg2VqMV+rxBg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-08-16 20:05           ` Serge E. Hallyn
2016-08-16 20:05             ` Serge E. Hallyn
     [not found]             ` <20160816200529.GA1280-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2016-08-16 22:44               ` Andrei Vagin
2016-08-16 22:44                 ` Andrei Vagin
2016-08-15 20:10   ` [PATCH 2/2] Documentation: describe /proc/<pid>/userns_counts Andrei Vagin
2016-08-15 20:10     ` Andrei Vagin
2016-08-16 22:53   ` Serge E. Hallyn [this message]
2016-08-16 22:53     ` [PATCH 0/2 v2] userns: show current values of user namespace counters Serge E. Hallyn
2016-10-06 17:51   ` Andrei Vagin
2016-10-06 17:51     ` Andrei Vagin
     [not found]     ` <20161006175146.GA25935-1ViLX0X+lBJGNQ1M2rI3KwRV3xvJKrda@public.gmane.org>
2016-10-06 19:33       ` Eric W. Biederman
2016-10-06 19:33         ` Eric W. Biederman
     [not found]         ` <87wphlclwe.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2016-10-10 16:22           ` Andrei Vagin
2016-10-10 16:22             ` Andrei Vagin
     [not found]             ` <20161010162202.GA31628-1ViLX0X+lBJGNQ1M2rI3KwRV3xvJKrda@public.gmane.org>
2016-10-10 20:44               ` Eric W. Biederman
2016-10-10 20:44                 ` Eric W. Biederman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160816225357.GA4140@mail.hallyn.com \
    --to=serge-a9i7lubdfnhqt0dzr+alfa@public.gmane.org \
    --cc=avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
    --cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
    --cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
    --cc=keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org \
    --cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.