From: Oleg Nesterov <oleg@redhat.com>
To: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Cc: Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Andrew Morton <akpm@linux-foundation.org>,
Cyrill Gorcunov <gorcunov@openvz.org>,
John Stultz <john.stultz@linaro.org>,
Thomas Gleixner <tglx@linutronix.de>,
Nicolas Pitre <nicolas.pitre@linaro.org>,
Michal Hocko <mhocko@suse.com>,
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>,
Mateusz Guzik <mguzik@redhat.com>,
linux-kernel@vger.kernel.org,
Pavel Emelyanov <xemul@virtuozzo.com>,
Konstantin Khorenko <khorenko@virtuozzo.com>
Subject: Re: [PATCH] prctl: propagate has_child_subreaper flag to every descendant
Date: Mon, 23 Jan 2017 12:55:34 +0100 [thread overview]
Message-ID: <20170123115534.GA11827@redhat.com> (raw)
In-Reply-To: <4908be49-d3c3-366d-0fd1-05249ef4ecef@virtuozzo.com>
On 01/22, Pavel Tikhomirov wrote:
>
> >
> >Hmm. could you explain how this change helps CRIU? I mean, why
> >restorer can't do prctl(CHILD_SUBREAPER) before the first fork?
>
> Imagine we have these tree in pidns:
>
> 1: has_child_subreaper == 0 && is_child_subreaper == 0
> |-2: has_child_subreaper == 0 && is_child_subreaper == 1
> | |-3: has_child_subreaper == 0 && is_child_subreaper == 0
> | | |-5: has_child_subreaper == 0 && is_child_subreaper == 0
> | |-4: has_child_subreaper == 1 && is_child_subreaper == 0
> | | |-6: has_child_subreaper == 1 && is_child_subreaper == 0
>
> before c/r: If 4 dies 6 will reparent to 2, if 3 dies 5 will reparent to 1.
> after c/r: (where restorer had is_child_subreaper == 1, everybody in the
> tree will have has_child_subreaper == 1) Everybody will reparent to 2.
This is clear, but this can only happen if 2 forks 3 and after that
sets is_child_subreaper, right?
And if someone actually does this then your patch can break this
application, no?
IOW. Currently CRIU can't restore the process tree with the same
has_child_subreaper bits if some process forks before
prctl(PR_SET_CHILD_SUBREAPER). It restores the tree as if prctl()
was called before the 1st fork.
So you change the semantics of PR_SET_CHILD_SUBREAPER and now CRIU
is fine simply because you remove this feature: the sub-reaper can
no longer pre-fork the children which should reparent to the previous
reaper.
I won't really argure, but I am not sure this is good idea... At least
I think this should be clearly documented.
> >You don't need this new member and descendants_lock. task_struct has
> >the ->real_parent pointer so you can work the tree without recursion.
>
> Sorry I don't get how I can walk down the tree of all descendants with help
> of ->real_parent pointer, can you please point on some example or explain a
> bit more? (I see task_is_descendant() in security/yama/yama_lsm.c but we
> will need to check it for every process, not only descendants, the latter
> can be a lot faster.)
I'll send a patch, probably a generic helper makes sense.
Btw task_is_descendant() looks wrong at first glance.
Oleg.
next prev parent reply other threads:[~2017-01-23 11:55 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-19 16:43 [PATCH] prctl: propagate has_child_subreaper flag to every descendant Pavel Tikhomirov
2017-01-20 18:14 ` Oleg Nesterov
2017-01-22 10:00 ` Pavel Tikhomirov
2017-01-22 10:11 ` Pavel Tikhomirov
2017-01-23 11:55 ` Oleg Nesterov [this message]
2017-01-23 12:52 ` task_is_descendant() cleanup Oleg Nesterov
2017-01-25 21:59 ` Kees Cook
2017-01-30 13:49 ` Oleg Nesterov
2017-01-23 14:30 ` [PATCH] prctl: propagate has_child_subreaper flag to every descendant Pavel Tikhomirov
2017-01-23 16:06 ` Oleg Nesterov
2017-01-23 11:57 ` [PATCH] introduce the walk_process_tree() helper Oleg Nesterov
2017-01-23 12:07 ` Oleg Nesterov
2017-01-24 15:01 ` Pavel Tikhomirov
2017-01-23 16:44 ` setns() && PR_SET_CHILD_SUBREAPER Oleg Nesterov
2017-01-23 18:21 ` Eric W. Biederman
2017-01-24 14:07 ` Oleg Nesterov
2017-01-24 15:24 ` Eric W. Biederman
2017-01-30 18:16 ` Oleg Nesterov
2017-01-30 18:17 ` [PATCH] exit: fix the setns() && PR_SET_CHILD_SUBREAPER interaction Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170123115534.GA11827@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=gorcunov@openvz.org \
--cc=john.stultz@linaro.org \
--cc=khorenko@virtuozzo.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mguzik@redhat.com \
--cc=mhocko@suse.com \
--cc=mingo@redhat.com \
--cc=nicolas.pitre@linaro.org \
--cc=peterz@infradead.org \
--cc=ptikhomirov@virtuozzo.com \
--cc=skinsbursky@virtuozzo.com \
--cc=tglx@linutronix.de \
--cc=xemul@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.