From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel Lezcano Subject: pid namespace isolation broken with powertop Date: Thu, 29 Jul 2010 14:30:50 +0200 Message-ID: <4C51747A.4050203@free.fr> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: Linux Containers List-Id: containers.vger.kernel.org Hi all, I noticed all the tasks of the host are listed in /proc/timer_stats These information is not virtualized neither isolated within a container. I was expecting to see only the tasks in the container with the corresponding pids. I am not sure this is something critical, but the usage of powertop in the container shows all the tasks of the system. While looking at the code in kernel/time/timer.c, it is not obvious to fix this isolation because it is the pid number which is stored in a list, so there is not enough informations to discriminate the pid namespace against the current one. I am wondering if: 1) is it worth to isolate these informations ? (IMHO, yes). 2) should the stats be stored per pid namespace or adding an hash value + pid namespace as a key in the timer stats list ? Thanks -- Daniel