From: ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)
To: Oleg Nesterov <oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
Serge Hallyn
<serge.hallyn-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Al Viro <viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
Subject: Re: [Resend][PATCH] ns,proc: introduce pid_in_ns
Date: Fri, 25 Apr 2014 12:17:33 -0700 [thread overview]
Message-ID: <87a9b95icy.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <20140425185645.GA10637-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> (Oleg Nesterov's message of "Fri, 25 Apr 2014 20:56:45 +0200")
Oleg Nesterov <oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> writes:
> On 04/25, Chen Hanxiao wrote:
>>
>> We lacked of convenient method of getting the pid inside containers.
Are unix domain sockets not convinient?
>> If some issues occurred inside container guest, host user
>> could not know which process is in trouble just by guest pid:
>> the users of container guest only knew the pid inside containers.
>> This will bring obstacle for trouble shooting.
>>
>> This patch introduces pid_in_ns:
>> If one process is in init_pid_ns, /proc/PID/pid_in_ns
>> equals to /proc/PID;
>> if one process is in pidns, /proc/PID/pid_in_ns
>> will tell the pid inside containers;
>> if pidns is nested, it depends on which pidns are you in.
>
> Yes another /proc/pid/ file...
>
> Perhaps it would be better to change /proc/pid/status["Pid:"] to report the
> list of pid_nr's, from its namespace up to the observer's namespace. The same
> for "Tgid:".
>
> (Hmm. And why "Ngid:" was inserted between tid and tgid ?)
Add to that Ngid has a completely hosed implementation. It is a pid
stored in a pid_t, not a struct pid *. Sigh.
I am getting more and more tempted to obliterate task->pid. It just
encourages bad code.
>> +int proc_pid_in_ns(struct seq_file *m, struct pid_namespace *ns,
>> + struct pid *pid, struct task_struct *task)
>> +{
>> + pid_t pid_in_ns;
>> + unsigned int level;
>> +
>> + level = pid->level;
>> + pid_in_ns = task_pid_nr_ns(task, pid->numbers[level].ns);
>
> This looks overcomplicated or I missed something?
I do think if we care we need to print the entire set of pids.
I don't know if /proc/pid/status is the proper place but ...
Eric
WARNING: multiple messages have this Message-ID (diff)
From: ebiederm@xmission.com (Eric W. Biederman)
To: Oleg Nesterov <oleg@redhat.com>
Cc: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>,
containers@lists.linux-foundation.org,
linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Serge Hallyn <serge.hallyn@ubuntu.com>,
"Daniel P. Berrange" <berrange@redhat.com>,
Al Viro <viro@zeniv.linux.org.uk>,
David Howells <dhowells@redhat.com>
Subject: Re: [Resend][PATCH] ns,proc: introduce pid_in_ns
Date: Fri, 25 Apr 2014 12:17:33 -0700 [thread overview]
Message-ID: <87a9b95icy.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <20140425185645.GA10637@redhat.com> (Oleg Nesterov's message of "Fri, 25 Apr 2014 20:56:45 +0200")
Oleg Nesterov <oleg@redhat.com> writes:
> On 04/25, Chen Hanxiao wrote:
>>
>> We lacked of convenient method of getting the pid inside containers.
Are unix domain sockets not convinient?
>> If some issues occurred inside container guest, host user
>> could not know which process is in trouble just by guest pid:
>> the users of container guest only knew the pid inside containers.
>> This will bring obstacle for trouble shooting.
>>
>> This patch introduces pid_in_ns:
>> If one process is in init_pid_ns, /proc/PID/pid_in_ns
>> equals to /proc/PID;
>> if one process is in pidns, /proc/PID/pid_in_ns
>> will tell the pid inside containers;
>> if pidns is nested, it depends on which pidns are you in.
>
> Yes another /proc/pid/ file...
>
> Perhaps it would be better to change /proc/pid/status["Pid:"] to report the
> list of pid_nr's, from its namespace up to the observer's namespace. The same
> for "Tgid:".
>
> (Hmm. And why "Ngid:" was inserted between tid and tgid ?)
Add to that Ngid has a completely hosed implementation. It is a pid
stored in a pid_t, not a struct pid *. Sigh.
I am getting more and more tempted to obliterate task->pid. It just
encourages bad code.
>> +int proc_pid_in_ns(struct seq_file *m, struct pid_namespace *ns,
>> + struct pid *pid, struct task_struct *task)
>> +{
>> + pid_t pid_in_ns;
>> + unsigned int level;
>> +
>> + level = pid->level;
>> + pid_in_ns = task_pid_nr_ns(task, pid->numbers[level].ns);
>
> This looks overcomplicated or I missed something?
I do think if we care we need to print the entire set of pids.
I don't know if /proc/pid/status is the proper place but ...
Eric
next prev parent reply other threads:[~2014-04-25 19:17 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-25 8:43 [Resend][PATCH] ns,proc: introduce pid_in_ns Chen Hanxiao
2014-04-25 8:43 ` Chen Hanxiao
[not found] ` <1398415405-19872-1-git-send-email-chenhanxiao-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2014-04-25 18:56 ` Oleg Nesterov
2014-04-25 18:56 ` Oleg Nesterov
[not found] ` <20140425185645.GA10637-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-04-25 19:17 ` Eric W. Biederman [this message]
2014-04-25 19:17 ` Eric W. Biederman
[not found] ` <87a9b95icy.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-05-13 9:15 ` chenhanxiao-BthXqXjhjHXQFUHtdCDX3A
2014-05-13 9:15 ` chenhanxiao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a9b95icy.fsf@x220.int.ebiederm.org \
--to=ebiederm-as9lmozglivwk0htik3j/w@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=serge.hallyn-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org \
--cc=viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.