From: "Serge E. Hallyn" <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Oren Laadan <orenl-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
Cc: Containers
<containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>,
Sukadev Bhattiprolu
<sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
"David C. Hansen"
<haveblue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Subject: Re: [RFC][v3][PATCH 7/7] Define clone_with_pids syscall
Date: Mon, 1 Jun 2009 11:42:32 -0500 [thread overview]
Message-ID: <20090601164232.GA23252@us.ibm.com> (raw)
In-Reply-To: <4A240213.70001-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
Quoting Oren Laadan (orenl-eQaUEPhvms7ENvBUuze7eA@public.gmane.org):
> The two issues are related, and this is intentional. The idea
> was that when you use CLONE_NEWPID, you imply a new nesting level
> and a pid==1 there. So you are not supposed to specify the pid
> of that new level.
>
> IOW, the parent specify the pid's of the child from the _parent's_
> level and up (of the desired depth). CLONE_NEWPID creates a new
> pidns level below the parent's, and that is not covered in the
> array of pids.
>
> By allocation an extra slot and forcing it to be 0, we ensure that
> the case of CLONE_NEWPID is covered correctly. Clearly, if this
> flag isn't set, then the extra slot is redundant (but doesn't hurt).
Ok, I see - I guess I don't mind those semantics. So:
> >> + j = knum_pids - unum_pids;
> > j = 1, so we copy the 3 pids in the right place.
> >
> >> + rc = copy_from_user(&target_pids[j], pid_set.target_pids, size);
> >> + if (rc) {
> >> + rc = -EFAULT;
> >> + goto out_free;
> >> + }
> >> +
> >> + return target_pids;
> >
> >
> > For the second one, we have a parent task
> >
> > level no | pid
> > 0 5009
> > 1 1000
> > 2 49
> >
> > calling clone_with_pid with CLONE_NEWPID and {1001,50,1} to produce:
> >
> > level no | pid
> > 0 5010
> > 1 1001
> > 2 50
> > 3 1
> >
> > So the numbers in your code become:
> >
> >> + unum_pids = pid_set.num_pids;
> > unum_pids = 3
>
> This is a "bug" of the parent. The parent should specify the pids
> from the parent's level only and up, and not include the new level
> below that will be created. (After all, it will have to be 1).
>
> So unum_pids = 3 will not do what you want; instead it will try to
> create the process:
>
> 0 1001
> 1 50
> 2 1
> 3 1
>
> And will fail, of course, because pid==1 at level 2 is already
> taken.
>
> Instead, parent should say use {1001, 50}.
Ok, but then we have the task:
level no | pid
0 5009
1 1000
2 49
calling clone(CLONE_NEWPID) with unum_pids = 2, so
>
> >> + knum_pids = task_pid(current)->level + 1;
> > knum_pids = 2 + 1 = 3
> >
> >> + target_pids = kzalloc((knum_pids + 1) * sizeof(pid_t), GFP_KERNEL);
> >
> > target_pids gets room for 4 pids
> >
> >> + j = knum_pids - unum_pids;
j = 3 - 2 = 1, so we copy 1001 into pid[1] and
50 into pid[2], with 0 in pid[0] and pid[3]
Looks good. Thanks for indulging me :)
Acked-by: Serge Hallyn <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
One last thought - should there be an explicit check to make sure that
if CLONE_NEWPID, then at the end pid[knum_pids+1] = 0? Or is that
there and I just missed it?
-serge
next prev parent reply other threads:[~2009-06-01 16:42 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-30 23:57 [RFC][v3][PATCH 1/7] Factor out code to allocate pidmap page Sukadev Bhattiprolu
[not found] ` <20090530235714.GA4083-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-05-31 0:01 ` [RFC][v3][PATCH 2/7] Have alloc_pidmap() return actual error code Sukadev Bhattiprolu
[not found] ` <20090531000115.GA4191-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 8:17 ` Amerigo Wang
2009-05-31 0:01 ` [RFC][v3][PATCH 3/7] Add target_pid parameter to alloc_pidmap() Sukadev Bhattiprolu
[not found] ` <20090531000144.GB4191-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 8:30 ` Amerigo Wang
2009-05-31 0:02 ` [RFC][v3][PATCH 4/7] Add target_pids parameter to alloc_pid() Sukadev Bhattiprolu
[not found] ` <20090531000220.GC4191-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 8:34 ` Amerigo Wang
[not found] ` <20090601083419.GE4381-+dguKlz9DXUf7BdofF/totBPR1lH4CV8@public.gmane.org>
2009-06-01 20:52 ` Sukadev Bhattiprolu
[not found] ` <20090601205233.GB1812-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 21:01 ` Sukadev Bhattiprolu
2009-05-31 0:02 ` [RFC][v3][PATCH 5/7] Add target_pids parameter to copy_process() Sukadev Bhattiprolu
[not found] ` <20090531000237.GD4191-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 8:40 ` Amerigo Wang
2009-05-31 0:02 ` [RFC][v3][PATCH 6/7] Define do_fork_with_pids() Sukadev Bhattiprolu
[not found] ` <20090531000255.GE4191-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 8:19 ` Amerigo Wang
[not found] ` <20090601081929.GC4381-+dguKlz9DXUf7BdofF/totBPR1lH4CV8@public.gmane.org>
2009-06-03 0:35 ` Sukadev Bhattiprolu
[not found] ` <20090603003522.GA22704-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-04 3:07 ` Oren Laadan
[not found] ` <Pine.LNX.4.64.0906032306240.25421-CXF6herHY6ykSYb+qCZC/1i27PF6R63G9nwVQlTi/Pw@public.gmane.org>
2009-06-04 7:21 ` Amerigo Wang
[not found] ` <20090604072112.GA6856-+dguKlz9DXUf7BdofF/totBPR1lH4CV8@public.gmane.org>
2009-06-04 15:41 ` Sukadev Bhattiprolu
2009-05-31 0:03 ` [RFC][v3][PATCH 7/7] Define clone_with_pids syscall Sukadev Bhattiprolu
[not found] ` <20090531000350.GF4191-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-05-31 17:59 ` Oren Laadan
2009-06-01 15:16 ` Serge E. Hallyn
[not found] ` <20090601151650.GA20295-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 16:30 ` Oren Laadan
[not found] ` <4A240213.70001-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
2009-06-01 16:42 ` Serge E. Hallyn [this message]
[not found] ` <20090601164232.GA23252-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 16:54 ` Oren Laadan
[not found] ` <4A2407B2.8030304-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
2009-06-01 17:19 ` Serge E. Hallyn
[not found] ` <20090601171943.GA23878-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-01 19:35 ` Oren Laadan
[not found] ` <4A242D66.2070907-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
2009-06-01 19:54 ` Serge E. Hallyn
2009-06-01 16:58 ` Oren Laadan
2009-06-13 18:18 ` Sukadev Bhattiprolu
[not found] ` <20090613181838.GA2775-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-13 20:22 ` Oren Laadan
2009-06-01 8:16 ` [RFC][v3][PATCH 1/7] Factor out code to allocate pidmap page Amerigo Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090601164232.GA23252@us.ibm.com \
--to=serue-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=haveblue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=orenl-eQaUEPhvms7ENvBUuze7eA@public.gmane.org \
--cc=sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox