From: Cedric Le Goater <clg-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
To: "Serge E. Hallyn" <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Cc: kyle-hoO6YkzgTuCM0SS3m2neIg@public.gmane.org,
Dave Hansen <dave-gkUM19QKKo4@public.gmane.org>,
bastian-yyjItF7Rl6lg9hUCZPvPmw@public.gmane.org,
"Eric W. Biederman"
<ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>,
"H. Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>,
containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org,
alan-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org,
xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org
Subject: Re: [RFC][PATCH 0/8][v2]: Enable multiple mounts of devpts
Date: Wed, 03 Sep 2008 13:43:01 +0200 [thread overview]
Message-ID: <48BE7845.6070500@fr.ibm.com> (raw)
In-Reply-To: <20080902030426.GB12277-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
>>
>> (3) move mq_ns out of nsproxy. where shall I put it then ?
>>
>> (3.1) task_struct ?
>> (3.2) mnt namespace maybe ?
>
> I think the last one is the way to go.
>
> mnt_namespace points to mq_ns.
>
> At clone(CLONE_NEWMNT), the new mnt namespace receives a copy of the
> parent's mq_ns.
hmm, hmm, hmm, I still thinking about this.
> If a task does
> mount -o newinstance -t mqueue none /dev/mqueue
> then its current->nsproxy->mnt_namespace->mqns is switched
> to point to a new instance of the mq_ns.
>
> mnt_ns->mq_ns has pointers to the sb (and hence root dentry) of the
> devpts fs.
[trying to understand what you have in mind ]
why not keep the 'struct vfsmount' in the mq_ns, as the code is doing
today ? the vfsmount holds both the root dentry and the superblock.
> When a task does mq_open(name, flag), then name is in the mqueuefs
> found in current->nsproxy->mnt_namespace->mqns.
>
> But if a task does
>
> clone(CLONE_NEWMNT);
> mount --move /dev/mqueue /oldmqueue
> mount -o newinstance -t mqueue none /dev/mqueue
>
> then that task can find files for the old mqueuefs under
> /oldmqueue, while mq_open() uses /dev/mqueue since that's
> what it finds through its mnt_namespace.
That I don't like.
Even though posix mqueue objects can outlive a process, I don't think
a process should be able to peek and poke in a message queue namespace
other than his. this is the basic principle of the namespaces :
isolation. Am I wrong ?
couldn't we just return EACCES ? (not posix)
C.
next prev parent reply other threads:[~2008-09-03 11:43 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-21 2:21 [RFC][PATCH 0/8][v2]: Enable multiple mounts of devpts sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080821022126.GA29449-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-08-21 2:26 ` [RFC][PATCH 1/8]: /dev/tty tweak in init_dev() sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080821022621.GA29658-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-08-21 9:19 ` Alan Cox
2008-08-21 9:26 ` Alan Cox
2008-08-21 2:26 ` [RFC][PATCH 2/8]: Add inode parameter devpts interfaces sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-08-21 2:27 ` [RFC][PATCH 3/8]: Remove devpts_root global sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-08-21 2:27 ` [RFC][PATCH 4/8]: Per-mount allocated_ptys sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-08-21 2:28 ` [RFC][PATCH 5/8]: Per-mount 'config' object sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-08-21 2:28 ` [RFC][PATCH 6/8]: Extract option parsing to new function sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-08-21 2:29 ` [RFC][PATCH 7/8]: Auto-create ptmx node when mounting devpts sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080821022908.GG29658-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-08-21 9:21 ` Alan Cox
[not found] ` <20080821102139.43c44f67-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org>
2008-08-21 16:09 ` H. Peter Anvin
[not found] ` <48AD932F.8090908-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2008-08-21 16:27 ` Alan Cox
[not found] ` <20080821172700.781b0011-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org>
2008-08-21 16:49 ` H. Peter Anvin
[not found] ` <48AD9C93.6080302-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2008-08-21 17:22 ` Serge E. Hallyn
[not found] ` <20080821172245.GA28411-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-08-21 17:07 ` Alan Cox
2008-08-21 17:23 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080821172342.GA8059-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-08-21 17:38 ` Eric W. Biederman
[not found] ` <m18wuqtgj7.fsf-B27657KtZYmhTnVgQlOflh2eb7JE58TQ@public.gmane.org>
2008-08-21 17:50 ` H. Peter Anvin
[not found] ` <48ADAAE2.6040700-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2008-08-21 18:23 ` Eric W. Biederman
[not found] ` <m1hc9eqlbo.fsf-B27657KtZYmhTnVgQlOflh2eb7JE58TQ@public.gmane.org>
2008-08-21 18:36 ` H. Peter Anvin
2008-08-21 17:40 ` H. Peter Anvin
[not found] ` <48ADA890.4060309-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2008-08-21 18:11 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080821181133.GB8059-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-08-21 18:17 ` H. Peter Anvin
2008-08-21 21:00 ` Serge E. Hallyn
[not found] ` <20080821210040.GA14532-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-08-21 22:16 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-08-21 2:29 ` [RFC][PATCH 8/8]: Enable multiple mounts of devpts sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-08-21 2:45 ` [RFC][PATCH 0/8][v2]: " H. Peter Anvin
[not found] ` <48ACD6CB.5030706-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2008-08-21 3:10 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080821031028.GB30205-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-08-21 3:15 ` H. Peter Anvin
[not found] ` <48ACDDC7.3000704-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2008-08-21 16:34 ` Cedric Le Goater
[not found] ` <48AD991F.9010906-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-08-21 16:40 ` H. Peter Anvin
[not found] ` <48AD9A97.6000807-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2008-08-21 16:54 ` Cedric Le Goater
[not found] ` <48AD9DCD.3060306-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-08-21 16:56 ` H. Peter Anvin
2008-08-21 17:28 ` Serge E. Hallyn
2008-08-21 17:45 ` Eric W. Biederman
[not found] ` <m1fxoys1ng.fsf-B27657KtZYmhTnVgQlOflh2eb7JE58TQ@public.gmane.org>
2008-08-21 21:02 ` Cedric Le Goater
[not found] ` <48ADD7D3.7080400-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-08-29 9:02 ` Cedric Le Goater
[not found] ` <48B7BB3C.5080404-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-09-02 3:04 ` Serge E. Hallyn
[not found] ` <20080902030426.GB12277-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-09-02 10:00 ` Eric W. Biederman
[not found] ` <m1vdxeeuk0.fsf-B27657KtZYmhTnVgQlOflh2eb7JE58TQ@public.gmane.org>
2008-09-02 15:52 ` Serge E. Hallyn
[not found] ` <20080902155211.GF8524-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-09-03 12:01 ` Cedric Le Goater
[not found] ` <48BE7C98.1040004-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-09-03 13:12 ` Eric W. Biederman
2008-09-03 13:41 ` Serge E. Hallyn
2008-09-03 11:47 ` Cedric Le Goater
[not found] ` <48BE7959.1080109-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-09-03 13:24 ` Serge E. Hallyn
2008-09-03 11:43 ` Cedric Le Goater [this message]
[not found] ` <48BE7845.6070500-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-09-03 13:23 ` Serge E. Hallyn
[not found] ` <20080903132307.GA9527-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-09-03 13:52 ` Cedric Le Goater
2008-09-02 9:22 ` Eric W. Biederman
[not found] ` <m1d4jmhpgl.fsf-B27657KtZYmhTnVgQlOflh2eb7JE58TQ@public.gmane.org>
2008-09-03 12:04 ` Cedric Le Goater
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48BE7845.6070500@fr.ibm.com \
--to=clg-nmtc/0zbporqt0dzr+alfa@public.gmane.org \
--cc=alan-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org \
--cc=bastian-yyjItF7Rl6lg9hUCZPvPmw@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=dave-gkUM19QKKo4@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org \
--cc=kyle-hoO6YkzgTuCM0SS3m2neIg@public.gmane.org \
--cc=serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox