From: Kirill Korotaev <dev@sw.ru>
To: Linus Torvalds <torvalds@osdl.org>
Cc: Dave Hansen <haveblue@us.ibm.com>,
Kirill Korotaev <dev@openvz.org>, Andrew Morton <akpm@osdl.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
frankeh@watson.ibm.com, clg@fr.ibm.com, greg@kroah.com,
alan@lxorguk.ukuu.org.uk, serue@us.ibm.com, arjan@infradead.org,
Rik van Riel <riel@redhat.com>,
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
Andrey Savochkin <saw@sawoct.com>,
devel@openvz.org, Pavel Emelianov <xemul@sw.ru>
Subject: Re: [RFC][PATCH 1/5] Virtualization/containers: startup
Date: Mon, 06 Feb 2006 20:21:21 +0300 [thread overview]
Message-ID: <43E78591.6040709@sw.ru> (raw)
In-Reply-To: <Pine.LNX.4.64.0602060847130.3854@g5.osdl.org>
>>Please, also note, in OpenVZ we have 2 pointers on task_struct:
>>One is owner of a task (owner_env), 2nd is a current context (exec_env).
>>exec_env pointer is used to avoid adding of additional argument to all the
>>functions where current context is required.
>
>
> That naming _has_ to change.
I agree.
> "exec" has a very clear meaning in unix: it talks about the notion of
> switching to another process image, or perhaps the bit that says that a
> file contains an image that can be executed. It has nothing to do with
> "current".
> What you seem to be talking about is the _effective_ environment. Ie the
> same way we have "uid" and "euid", you'd have a "container" and the
> "effective container".
agree on this either. Good point.
> The "owner" name also makes no sense. The security context doesn't "own"
> tasks. A task is _part_ of a context.
> So if some people don't like "container", how about just calling it
> "context"? The downside of that name is that it's very commonly used in
> the kenel, because a lot of things have "contexts". That's why "container"
> would be a lot better.
>
> I'd suggest
>
> current->container - the current EFFECTIVE container
> current->master_container - the "long term" container.
>
> (replace "master" with some other non-S&M term if you want)
maybe task_container? i.e. where task actually is.
Sounds good for you?
The only problem with such names I see, that task will be an exception
then compared to other objects. I mean, on other objects field
"container" will mean the container which object is part of. But for
tasks this will mean effective one. Only tasks need these 2 containers
pointers and I would prefer having the common one to be called simply
"container".
Maybe then
current->econtainer - effective container
current->container - "long term" container
> (It would make sense to just have the prepend-"e" semantics of uid/gid,
> but the fact is, "euid/egid" has a long unix history and is readable only
> for that reason. The same wouldn't be true of containers. And
> "effective_container" is probably too long to use for the field that is
> actually the _common_ case. Thus the above suggestion).
Your proposal looks quite nice.
Then we will have eventually "container" field on objects (not on task
only) which sounds good to me. I will prepare patches right now.
Kirill
next prev parent reply other threads:[~2006-02-06 17:20 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-03 16:58 [RFC][PATCH 1/5] Virtualization/containers: startup Kirill Korotaev
2006-02-03 17:03 ` [RFC][PATCH 2/5] Virtualization/containers: UIDs Kirill Korotaev
2006-02-03 17:06 ` [RFC][PATCH 3/5] Virtualization/containers: UTSNAME Kirill Korotaev
2006-02-06 8:21 ` Eric W. Biederman
2006-02-06 8:53 ` Kirill Korotaev
2006-02-03 17:15 ` [RFC][PATCH 1/5] Virtualization/containers: startup Linus Torvalds
2006-02-03 17:22 ` Kirill Korotaev
2006-02-03 17:49 ` Linus Torvalds
2006-02-03 18:34 ` Dave Hansen
2006-02-03 18:55 ` Jeff Garzik
2006-02-03 19:18 ` Hubertus Franke
2006-02-03 19:56 ` Hubertus Franke
2006-02-03 20:19 ` Greg KH
2006-02-03 20:34 ` Hubertus Franke
2006-02-05 15:11 ` Kirill Korotaev
2006-02-05 15:39 ` Hubertus Franke
2006-02-06 9:08 ` Kirill Korotaev
2006-02-06 22:31 ` Cedric Le Goater
2006-02-07 12:28 ` Kirill Korotaev
2006-02-05 15:10 ` Kirill Korotaev
2006-02-05 15:05 ` Kirill Korotaev
2006-02-06 16:35 ` Dave Hansen
2006-02-06 16:51 ` Kirill Korotaev
2006-02-06 16:56 ` Linus Torvalds
2006-02-06 17:21 ` Kirill Korotaev [this message]
2006-02-07 0:28 ` Sam Vilain
2006-02-07 12:21 ` Kirill Korotaev
2006-02-07 22:21 ` Sam Vilain
2006-02-20 11:56 ` Kirill Korotaev
2006-02-03 18:36 ` Summary: PID virtualization , Containers, Migration Hubertus Franke
2006-02-03 18:36 ` [RFC][PATCH 1/5] Virtualization/containers: startup Rik van Riel
2006-02-05 14:52 ` Kirill Korotaev
2006-02-06 8:39 ` Eric W. Biederman
2006-02-06 9:00 ` Kirill Korotaev
2006-02-06 9:19 ` Eric W. Biederman
2006-02-06 16:37 ` Dave Hansen
2006-02-06 18:37 ` Eric W. Biederman
2006-02-06 19:32 ` Kirill Korotaev
2006-02-06 22:40 ` Cedric Le Goater
2006-02-07 1:57 ` Eric W. Biederman
2006-02-08 21:54 ` swsusp done by migration (was Re: [RFC][PATCH 1/5] Virtualization/containers: startup) Pavel Machek
2006-02-09 18:20 ` Eric W. Biederman
2006-02-10 0:21 ` Kyle Moffett
2006-02-10 4:31 ` Sam Vilain
2006-02-10 6:23 ` [Devel] " Vasily Averin
2006-02-11 2:38 ` Sam Vilain
2006-02-11 17:29 ` Vasily Averin
2006-02-12 23:29 ` Sam Vilain
2006-02-10 8:29 ` Kyle Moffett
2006-02-10 5:40 ` [RFC][PATCH 1/5] Virtualization/containers: startup Nigel Cunningham
2006-02-10 6:01 ` Eric W. Biederman
2006-02-06 10:16 ` Jes Sorensen
2006-02-05 20:13 ` Andi Kleen
2006-02-06 9:04 ` Kirill Korotaev
2006-02-06 0:56 ` Benjamin Herrenschmidt
2006-02-06 9:03 ` [Devel] " Kirill Korotaev
2006-02-06 8:31 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43E78591.6040709@sw.ru \
--to=dev@sw.ru \
--cc=akpm@osdl.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=clg@fr.ibm.com \
--cc=dev@openvz.org \
--cc=devel@openvz.org \
--cc=frankeh@watson.ibm.com \
--cc=greg@kroah.com \
--cc=haveblue@us.ibm.com \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=riel@redhat.com \
--cc=saw@sawoct.com \
--cc=serue@us.ibm.com \
--cc=torvalds@osdl.org \
--cc=xemul@sw.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox