From: Jakub Kicinski <kuba@kernel.org>
To: Maoyi Xie <maoyixie.tju@gmail.com>
Cc: "David S . Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>,
Amritha Nambiar <amritha.nambiar@intel.com>,
Simon Horman <horms@kernel.org>, David Wei <dw@davidwei.uk>,
Stanislav Fomichev <sdf@fomichev.me>,
Samiullah Khawaja <skhawaja@google.com>,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: net: netdev-genl: NETDEV_A_NAPI_PID is the init-ns pid, not the caller's
Date: Mon, 15 Jun 2026 09:12:09 -0700 [thread overview]
Message-ID: <20260615091209.633c6e2f@kernel.org> (raw)
In-Reply-To: <20260615070152.1211050-1-maoyixie.tju@gmail.com>
On Mon, 15 Jun 2026 15:01:52 +0800 Maoyi Xie wrote:
> Hi all,
>
> I noticed something in netdev_nl_napi_fill_one() and would appreciate
> your view on whether it is a real problem.
>
> It reports the NAPI kthread pid like this:
>
> if (napi->thread) {
> pid = task_pid_nr(napi->thread);
> if (nla_put_u32(rsp, NETDEV_A_NAPI_PID, pid))
>
> task_pid_nr() returns the pid in the initial pid namespace. It is put
> into NETDEV_A_NAPI_PID without any translation to the caller's pid
> namespace.
>
> NETDEV_CMD_NAPI_GET has no GENL_ADMIN_PERM and the family is netnsok.
> So a caller in a child pid namespace can read it. That caller then sees
> the kthread's global pid. The kthread is not in that namespace, so the
> value there should be 0.
>
> This looks like the same case as commit 3799c2570982 ("io_uring/fdinfo:
> translate SqThread PID through caller's pid_ns").
>
> I checked it with a small reproducer and a fix. From a child pid
> namespace the reproducer reads the kthread's global pid. With the fix it
> reads 0. I am not sure how much this matters in practice. I would
> appreciate it if you could let me know whether it is worth a fix. I am
> happy to send the patch.
Please send a patch, we should try to obey the PID namespace, indeed.
prev parent reply other threads:[~2026-06-15 16:12 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-15 7:01 net: netdev-genl: NETDEV_A_NAPI_PID is the init-ns pid, not the caller's Maoyi Xie
2026-06-15 16:12 ` Jakub Kicinski [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260615091209.633c6e2f@kernel.org \
--to=kuba@kernel.org \
--cc=amritha.nambiar@intel.com \
--cc=davem@davemloft.net \
--cc=dw@davidwei.uk \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maoyixie.tju@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sdf@fomichev.me \
--cc=skhawaja@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.