From: Pavel Machek <pavel@ucw.cz>
To: Matthew Wilcox <willy@infradead.org>
Cc: Daniel Colascione <dancol@google.com>,
linux-kernel <linux-kernel@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
Tim Murray <timmurray@google.com>,
Primiano Tucci <primiano@google.com>,
Joel Fernandes <joelaf@google.com>,
Jonathan Corbet <corbet@lwn.net>,
Andrew Morton <akpm@linux-foundation.org>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Roman Gushchin <guro@fb.com>, Vlastimil Babka <vbabka@suse.cz>,
"Dennis Zhou (Facebook)" <dennisszhou@gmail.com>,
Prashant Dhamdhere <pdhamdhe@redhat.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
rostedt@goodmis.org, tglx@linutronix.de, mingo@kernel.org,
linux@dominikbrodowski.net, pasha.tatashin@oracle.com,
jpoimboe@redhat.com, ard.biesheuvel@linaro.org,
Michal Hocko <mhocko@suse.com>, David Howells <dhowells>
Subject: Re: [PATCH] Add /proc/pid_generation
Date: Sun, 25 Nov 2018 23:55:33 +0100 [thread overview]
Message-ID: <20181125225533.GB30242@amd> (raw)
In-Reply-To: <20181122020633.GN3065@bombadil.infradead.org>
[-- Attachment #1: Type: text/plain, Size: 1876 bytes --]
On Wed 2018-11-21 18:06:33, Matthew Wilcox wrote:
> On Wed, Nov 21, 2018 at 12:38:20PM -0800, Daniel Colascione wrote:
> > On Wed, Nov 21, 2018 at 12:31 PM Matthew Wilcox <willy@infradead.org> wrote:
> > >
> > > On Wed, Nov 21, 2018 at 12:14:44PM -0800, Daniel Colascione wrote:
> > > > This change adds a per-pid-namespace 64-bit generation number,
> > > > incremented on PID rollover, and exposes it via a new proc file
> > > > /proc/pid_generation. By examining this file before and after /proc
> > > > enumeration, user code can detect the potential reuse of a PID and
> > > > restart the task enumeration process, repeating until it gets a
> > > > coherent snapshot.
> > > >
> > > > PID rollover ought to be rare, so in practice, scan repetitions will
> > > > be rare.
> > >
> > > Then why does it need to be 64-bit?
> >
> > [Resending because of accidental HTML. I really need to switch to a
> > better email client.]
> >
> > Because 64 bits is enough for anyone. :-) A u64 is big enough that
> > we'll never observe an overflow on a running system, and PID
> > namespaces are rare enough that we won't miss the four extra bytes we
> > use by upgrading from a u32. And after reading about some security
> > problems caused by too-clever handling of 32-bit rollover, I'd rather
> > the code be obviously correct than save a trivial amount of space.
>
> I don't think you understand how big 4 billion is. If it happens once a
> second, it will take 136 years for a 2^32 count to roll over. How often
> does a PID roll over happen?
Well, the cost of 64-bit vs. 32-bit is really small here... I'd go
with 64bits. If you have 1000 CPUs, rollovers may be faster..
Best regards,
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Pavel Machek <pavel@ucw.cz>
To: Matthew Wilcox <willy@infradead.org>
Cc: Daniel Colascione <dancol@google.com>,
linux-kernel <linux-kernel@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
Tim Murray <timmurray@google.com>,
Primiano Tucci <primiano@google.com>,
Joel Fernandes <joelaf@google.com>,
Jonathan Corbet <corbet@lwn.net>,
Andrew Morton <akpm@linux-foundation.org>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Roman Gushchin <guro@fb.com>, Vlastimil Babka <vbabka@suse.cz>,
"Dennis Zhou (Facebook)" <dennisszhou@gmail.com>,
Prashant Dhamdhere <pdhamdhe@redhat.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
rostedt@goodmis.org, tglx@linutronix.de, mingo@kernel.org,
linux@dominikbrodowski.net, pasha.tatashin@oracle.com,
jpoimboe@redhat.com, ard.biesheuvel@linaro.org,
Michal Hocko <mhocko@suse.com>,
David Howells <dhowells@redhat.com>,
ktsanaktsidis@zendesk.com,
"open list:DOCUMENTATION" <linux-doc@vger.kernel.org>
Subject: Re: [PATCH] Add /proc/pid_generation
Date: Sun, 25 Nov 2018 23:55:33 +0100 [thread overview]
Message-ID: <20181125225533.GB30242@amd> (raw)
In-Reply-To: <20181122020633.GN3065@bombadil.infradead.org>
[-- Attachment #1: Type: text/plain, Size: 1876 bytes --]
On Wed 2018-11-21 18:06:33, Matthew Wilcox wrote:
> On Wed, Nov 21, 2018 at 12:38:20PM -0800, Daniel Colascione wrote:
> > On Wed, Nov 21, 2018 at 12:31 PM Matthew Wilcox <willy@infradead.org> wrote:
> > >
> > > On Wed, Nov 21, 2018 at 12:14:44PM -0800, Daniel Colascione wrote:
> > > > This change adds a per-pid-namespace 64-bit generation number,
> > > > incremented on PID rollover, and exposes it via a new proc file
> > > > /proc/pid_generation. By examining this file before and after /proc
> > > > enumeration, user code can detect the potential reuse of a PID and
> > > > restart the task enumeration process, repeating until it gets a
> > > > coherent snapshot.
> > > >
> > > > PID rollover ought to be rare, so in practice, scan repetitions will
> > > > be rare.
> > >
> > > Then why does it need to be 64-bit?
> >
> > [Resending because of accidental HTML. I really need to switch to a
> > better email client.]
> >
> > Because 64 bits is enough for anyone. :-) A u64 is big enough that
> > we'll never observe an overflow on a running system, and PID
> > namespaces are rare enough that we won't miss the four extra bytes we
> > use by upgrading from a u32. And after reading about some security
> > problems caused by too-clever handling of 32-bit rollover, I'd rather
> > the code be obviously correct than save a trivial amount of space.
>
> I don't think you understand how big 4 billion is. If it happens once a
> second, it will take 136 years for a 2^32 count to roll over. How often
> does a PID roll over happen?
Well, the cost of 64-bit vs. 32-bit is really small here... I'd go
with 64bits. If you have 1000 CPUs, rollovers may be faster..
Best regards,
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
next prev parent reply other threads:[~2018-11-25 22:55 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-21 20:14 [PATCH] Add /proc/pid_generation Daniel Colascione
2018-11-21 20:14 ` Daniel Colascione
2018-11-21 20:31 ` Matthew Wilcox
2018-11-21 20:31 ` Matthew Wilcox
2018-11-21 20:38 ` Daniel Colascione
2018-11-21 20:38 ` Daniel Colascione
2018-11-22 2:06 ` Matthew Wilcox
2018-11-22 2:06 ` Matthew Wilcox
2018-11-25 22:55 ` Pavel Machek [this message]
2018-11-25 22:55 ` Pavel Machek
2018-11-21 20:54 ` [PATCH v2] Add /proc/pid_gen Daniel Colascione
2018-11-21 20:54 ` Daniel Colascione
2018-11-21 22:12 ` Andrew Morton
2018-11-21 22:12 ` Andrew Morton
2018-11-21 22:40 ` Daniel Colascione
2018-11-21 22:48 ` Jann Horn
2018-11-21 22:48 ` Jann Horn
2018-11-21 22:52 ` Daniel Colascione
2018-11-21 22:52 ` Daniel Colascione
2018-11-21 22:50 ` Andrew Morton
2018-11-21 23:21 ` Daniel Colascione
2018-11-21 23:21 ` Daniel Colascione
2018-11-21 23:35 ` Andy Lutomirski
2018-11-21 23:35 ` Andy Lutomirski
2018-11-22 0:21 ` Daniel Colascione
2018-11-22 0:21 ` Daniel Colascione
2018-11-22 13:58 ` Cyrill Gorcunov
2018-11-22 13:58 ` Cyrill Gorcunov
2018-11-22 0:22 ` Andrew Morton
2018-11-22 0:22 ` Andrew Morton
2018-11-22 0:28 ` Daniel Colascione
2018-11-22 0:28 ` Daniel Colascione
2018-11-22 0:30 ` Daniel Colascione
2018-11-22 0:30 ` Daniel Colascione
2018-11-22 15:27 ` Mathieu Desnoyers
2018-11-22 15:27 ` Mathieu Desnoyers
2018-11-22 0:57 ` Andrew Morton
2018-11-22 0:57 ` Andrew Morton
2018-11-22 1:08 ` Daniel Colascione
2018-11-22 1:08 ` Daniel Colascione
2018-11-22 1:29 ` Andrew Morton
2018-11-22 1:29 ` Andrew Morton
2018-11-22 2:35 ` Tim Murray
2018-11-22 5:30 ` Daniel Colascione
2018-11-22 5:30 ` Daniel Colascione
2018-11-22 11:19 ` [PATCH] Add /proc/pid_generation Kevin Easton
2018-11-22 11:19 ` Kevin Easton
2018-11-23 11:14 ` David Laight
2018-11-23 11:14 ` David Laight
2018-11-25 23:00 ` Pavel Machek
2018-11-25 23:00 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181125225533.GB30242@amd \
--to=pavel@ucw.cz \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=corbet@lwn.net \
--cc=dancol@google.com \
--cc=dennisszhou@gmail.com \
--cc=ebiederm@xmission.com \
--cc=guro@fb.com \
--cc=joelaf@google.com \
--cc=jpoimboe@redhat.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=mhocko@suse.com \
--cc=mingo@kernel.org \
--cc=pasha.tatashin@oracle.com \
--cc=pdhamdhe@redhat.com \
--cc=primiano@google.com \
--cc=rostedt@goodmis.org \
--cc=rppt@linux.vnet.ibm.com \
--cc=tglx@linutronix.de \
--cc=timmurray@google.com \
--cc=vbabka@suse.cz \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.