* [PATCH] user_namespaces.7: Record new 340 line idmap limit
@ 2017-11-19 1:25 Christian Brauner
[not found] ` <20171119012505.1925-1-christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
0 siblings, 1 reply; 6+ messages in thread
From: Christian Brauner @ 2017-11-19 1:25 UTC (permalink / raw)
To: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA,
linux-man-u79uwXL29TY76Z2rM5mHXA, serge-A9i7LUbDfNHQT0dZR+AlfA,
ebiederm-aS9lmoZGLiVWk0Htik3J/w, Christian Brauner
This patch documents the following commit:
commit 6397fac4915ab3002dc15aae751455da1a852f25
Author: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
Date: Wed Oct 25 00:04:41 2017 +0200
userns: bump idmap limits to 340
Since Linux 4.15 the number of idmap lines has been bumped to 340.
The patch also removes the "(arbitrary)" in "There is an (arbitrary) limit on
the number of lines in the file." since the 340 line limit is well-explained by
the current implementation. The struct recording the idmaps is 12 bytes and
quite some proc files only allow writes the size of a single page size which is
4096kB. This leaves room for 340 idmappings (340 * 12 = 4080 bytes).
The struct layout itself has been chosen very carefully to allow for an
implementation that limits the time-complexity for the idmap codepaths to
O(log n). However, I think it's unnecessary to expose this much implementation
detail to users in the man page. So only mention this in the commit message.
Furthermore, the comment about the page size restriction is misleading. The
kernel sources show that >= page size is considered an error.
Signed-off-by: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
---
man7/user_namespaces.7 | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/man7/user_namespaces.7 b/man7/user_namespaces.7
index 11ca41162..5968c09cc 100644
--- a/man7/user_namespaces.7
+++ b/man7/user_namespaces.7
@@ -510,13 +510,10 @@ and the last field must be greater than 0.
.IP *
Lines are terminated by newline characters.
.IP *
-There is an (arbitrary) limit on the number of lines in the file.
-As at Linux 3.18, the limit is five lines.
+There is a limit on the number of lines in the file.
+As of Linux 4.15, the limit is 340 lines.
In addition, the number of bytes written to
the file must be less than the system page size,
-.\" FIXME(Eric): the restriction "less than" rather than "less than or equal"
-.\" seems strangely arbitrary. Furthermore, the comment does not agree
-.\" with the code in kernel/user_namespace.c. Which is correct?
and the write must be performed at the start of the file (i.e.,
.BR lseek (2)
and
--
2.14.1
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] user_namespaces.7: Record new 340 line idmap limit
[not found] ` <20171119012505.1925-1-christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
@ 2017-11-19 9:00 ` Michael Kerrisk (man-pages)
2017-11-19 9:00 ` Michael Kerrisk (man-pages)
1 sibling, 0 replies; 6+ messages in thread
From: Michael Kerrisk (man-pages) @ 2017-11-19 9:00 UTC (permalink / raw)
To: Christian Brauner
Cc: linux-man-u79uwXL29TY76Z2rM5mHXA,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA,
ebiederm-aS9lmoZGLiVWk0Htik3J/w,
mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w
Hello Christian,
On 11/19/2017 02:25 AM, Christian Brauner wrote:
> This patch documents the following commit:
>
> commit 6397fac4915ab3002dc15aae751455da1a852f25
> Author: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
> Date: Wed Oct 25 00:04:41 2017 +0200
>
> userns: bump idmap limits to 340
>
> Since Linux 4.15 the number of idmap lines has been bumped to 340.
> The patch also removes the "(arbitrary)" in "There is an (arbitrary) limit on
> the number of lines in the file." since the 340 line limit is well-explained by
> the current implementation. The struct recording the idmaps is 12 bytes and
> quite some proc files only allow writes the size of a single page size which is
> 4096kB. This leaves room for 340 idmappings (340 * 12 = 4080 bytes).
> The struct layout itself has been chosen very carefully to allow for an
> implementation that limits the time-complexity for the idmap codepaths to
> O(log n). However, I think it's unnecessary to expose this much implementation
> detail to users in the man page. So only mention this in the commit message.
> Furthermore, the comment about the page size restriction is misleading. The
> kernel sources show that >= page size is considered an error.
Thanks for the patch and the detailed commit message.
I've applied the patch, but restored the historical details,
since users need also to now about older kernel behavior.
Cheers,
Michael
> Signed-off-by: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
> ---
> man7/user_namespaces.7 | 7 ++-----
> 1 file changed, 2 insertions(+), 5 deletions(-)
>
> diff --git a/man7/user_namespaces.7 b/man7/user_namespaces.7
> index 11ca41162..5968c09cc 100644
> --- a/man7/user_namespaces.7
> +++ b/man7/user_namespaces.7
> @@ -510,13 +510,10 @@ and the last field must be greater than 0.
> .IP *
> Lines are terminated by newline characters.
> .IP *
> -There is an (arbitrary) limit on the number of lines in the file.
> -As at Linux 3.18, the limit is five lines.
> +There is a limit on the number of lines in the file.
> +As of Linux 4.15, the limit is 340 lines.
> In addition, the number of bytes written to
> the file must be less than the system page size,
> -.\" FIXME(Eric): the restriction "less than" rather than "less than or equal"
> -.\" seems strangely arbitrary. Furthermore, the comment does not agree
> -.\" with the code in kernel/user_namespace.c. Which is correct?
> and the write must be performed at the start of the file (i.e.,
> .BR lseek (2)
> and
>
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] user_namespaces.7: Record new 340 line idmap limit
[not found] ` <20171119012505.1925-1-christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
2017-11-19 9:00 ` Michael Kerrisk (man-pages)
@ 2017-11-19 9:00 ` Michael Kerrisk (man-pages)
[not found] ` <0b3acf79-dd24-5845-b4f4-6d2f9222a5a6-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
1 sibling, 1 reply; 6+ messages in thread
From: Michael Kerrisk (man-pages) @ 2017-11-19 9:00 UTC (permalink / raw)
To: Christian Brauner
Cc: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA,
linux-man-u79uwXL29TY76Z2rM5mHXA, serge-A9i7LUbDfNHQT0dZR+AlfA,
ebiederm-aS9lmoZGLiVWk0Htik3J/w
Hello Christian,
On 11/19/2017 02:25 AM, Christian Brauner wrote:
> This patch documents the following commit:
>
> commit 6397fac4915ab3002dc15aae751455da1a852f25
> Author: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
> Date: Wed Oct 25 00:04:41 2017 +0200
>
> userns: bump idmap limits to 340
>
> Since Linux 4.15 the number of idmap lines has been bumped to 340.
> The patch also removes the "(arbitrary)" in "There is an (arbitrary) limit on
> the number of lines in the file." since the 340 line limit is well-explained by
> the current implementation. The struct recording the idmaps is 12 bytes and
> quite some proc files only allow writes the size of a single page size which is
> 4096kB. This leaves room for 340 idmappings (340 * 12 = 4080 bytes).
> The struct layout itself has been chosen very carefully to allow for an
> implementation that limits the time-complexity for the idmap codepaths to
> O(log n). However, I think it's unnecessary to expose this much implementation
> detail to users in the man page. So only mention this in the commit message.
> Furthermore, the comment about the page size restriction is misleading. The
> kernel sources show that >= page size is considered an error.
Thanks for the patch and the detailed commit message.
I've applied the patch, but restored the historical details,
since users need also to now about older kernel behavior.
Cheers,
Michael
> Signed-off-by: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
> ---
> man7/user_namespaces.7 | 7 ++-----
> 1 file changed, 2 insertions(+), 5 deletions(-)
>
> diff --git a/man7/user_namespaces.7 b/man7/user_namespaces.7
> index 11ca41162..5968c09cc 100644
> --- a/man7/user_namespaces.7
> +++ b/man7/user_namespaces.7
> @@ -510,13 +510,10 @@ and the last field must be greater than 0.
> .IP *
> Lines are terminated by newline characters.
> .IP *
> -There is an (arbitrary) limit on the number of lines in the file.
> -As at Linux 3.18, the limit is five lines.
> +There is a limit on the number of lines in the file.
> +As of Linux 4.15, the limit is 340 lines.
> In addition, the number of bytes written to
> the file must be less than the system page size,
> -.\" FIXME(Eric): the restriction "less than" rather than "less than or equal"
> -.\" seems strangely arbitrary. Furthermore, the comment does not agree
> -.\" with the code in kernel/user_namespace.c. Which is correct?
> and the write must be performed at the start of the file (i.e.,
> .BR lseek (2)
> and
>
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] user_namespaces.7: Record new 340 line idmap limit
[not found] ` <0b3acf79-dd24-5845-b4f4-6d2f9222a5a6-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2017-11-19 9:48 ` Christian Brauner
@ 2017-11-19 9:48 ` Christian Brauner
1 sibling, 0 replies; 6+ messages in thread
From: Christian Brauner @ 2017-11-19 9:48 UTC (permalink / raw)
To: Michael Kerrisk (man-pages)
Cc: linux-man-u79uwXL29TY76Z2rM5mHXA, Christian Brauner,
ebiederm-aS9lmoZGLiVWk0Htik3J/w,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA
[-- Attachment #1.1: Type: text/plain, Size: 1620 bytes --]
On Sun, Nov 19, 2017 at 10:00:39AM +0100, Michael Kerrisk (man-pages) wrote:
> Hello Christian,
>
>
> On 11/19/2017 02:25 AM, Christian Brauner wrote:
> > This patch documents the following commit:
> >
> > commit 6397fac4915ab3002dc15aae751455da1a852f25
> > Author: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
> > Date: Wed Oct 25 00:04:41 2017 +0200
> >
> > userns: bump idmap limits to 340
> >
> > Since Linux 4.15 the number of idmap lines has been bumped to 340.
> > The patch also removes the "(arbitrary)" in "There is an (arbitrary) limit on
> > the number of lines in the file." since the 340 line limit is well-explained by
> > the current implementation. The struct recording the idmaps is 12 bytes and
> > quite some proc files only allow writes the size of a single page size which is
> > 4096kB. This leaves room for 340 idmappings (340 * 12 = 4080 bytes).
> > The struct layout itself has been chosen very carefully to allow for an
> > implementation that limits the time-complexity for the idmap codepaths to
> > O(log n). However, I think it's unnecessary to expose this much implementation
> > detail to users in the man page. So only mention this in the commit message.
> > Furthermore, the comment about the page size restriction is misleading. The
> > kernel sources show that >= page size is considered an error.
>
> Thanks for the patch and the detailed commit message.
> I've applied the patch, but restored the historical details,
> since users need also to now about older kernel behavior.
Thanks Michael!
Christian
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 801 bytes --]
[-- Attachment #2: Type: text/plain, Size: 205 bytes --]
_______________________________________________
Containers mailing list
Containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
https://lists.linuxfoundation.org/mailman/listinfo/containers
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] user_namespaces.7: Record new 340 line idmap limit
[not found] ` <0b3acf79-dd24-5845-b4f4-6d2f9222a5a6-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2017-11-19 9:48 ` Christian Brauner
2017-11-19 9:48 ` Christian Brauner
1 sibling, 0 replies; 6+ messages in thread
From: Christian Brauner @ 2017-11-19 9:48 UTC (permalink / raw)
To: Michael Kerrisk (man-pages)
Cc: Christian Brauner,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA,
linux-man-u79uwXL29TY76Z2rM5mHXA, serge-A9i7LUbDfNHQT0dZR+AlfA,
ebiederm-aS9lmoZGLiVWk0Htik3J/w
[-- Attachment #1: Type: text/plain, Size: 1620 bytes --]
On Sun, Nov 19, 2017 at 10:00:39AM +0100, Michael Kerrisk (man-pages) wrote:
> Hello Christian,
>
>
> On 11/19/2017 02:25 AM, Christian Brauner wrote:
> > This patch documents the following commit:
> >
> > commit 6397fac4915ab3002dc15aae751455da1a852f25
> > Author: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
> > Date: Wed Oct 25 00:04:41 2017 +0200
> >
> > userns: bump idmap limits to 340
> >
> > Since Linux 4.15 the number of idmap lines has been bumped to 340.
> > The patch also removes the "(arbitrary)" in "There is an (arbitrary) limit on
> > the number of lines in the file." since the 340 line limit is well-explained by
> > the current implementation. The struct recording the idmaps is 12 bytes and
> > quite some proc files only allow writes the size of a single page size which is
> > 4096kB. This leaves room for 340 idmappings (340 * 12 = 4080 bytes).
> > The struct layout itself has been chosen very carefully to allow for an
> > implementation that limits the time-complexity for the idmap codepaths to
> > O(log n). However, I think it's unnecessary to expose this much implementation
> > detail to users in the man page. So only mention this in the commit message.
> > Furthermore, the comment about the page size restriction is misleading. The
> > kernel sources show that >= page size is considered an error.
>
> Thanks for the patch and the detailed commit message.
> I've applied the patch, but restored the historical details,
> since users need also to now about older kernel behavior.
Thanks Michael!
Christian
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 801 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] user_namespaces.7: Record new 340 line idmap limit
@ 2017-11-19 1:25 Christian Brauner
0 siblings, 0 replies; 6+ messages in thread
From: Christian Brauner @ 2017-11-19 1:25 UTC (permalink / raw)
To: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w
Cc: linux-man-u79uwXL29TY76Z2rM5mHXA,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA,
ebiederm-aS9lmoZGLiVWk0Htik3J/w, Christian Brauner
This patch documents the following commit:
commit 6397fac4915ab3002dc15aae751455da1a852f25
Author: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
Date: Wed Oct 25 00:04:41 2017 +0200
userns: bump idmap limits to 340
Since Linux 4.15 the number of idmap lines has been bumped to 340.
The patch also removes the "(arbitrary)" in "There is an (arbitrary) limit on
the number of lines in the file." since the 340 line limit is well-explained by
the current implementation. The struct recording the idmaps is 12 bytes and
quite some proc files only allow writes the size of a single page size which is
4096kB. This leaves room for 340 idmappings (340 * 12 = 4080 bytes).
The struct layout itself has been chosen very carefully to allow for an
implementation that limits the time-complexity for the idmap codepaths to
O(log n). However, I think it's unnecessary to expose this much implementation
detail to users in the man page. So only mention this in the commit message.
Furthermore, the comment about the page size restriction is misleading. The
kernel sources show that >= page size is considered an error.
Signed-off-by: Christian Brauner <christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
---
man7/user_namespaces.7 | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/man7/user_namespaces.7 b/man7/user_namespaces.7
index 11ca41162..5968c09cc 100644
--- a/man7/user_namespaces.7
+++ b/man7/user_namespaces.7
@@ -510,13 +510,10 @@ and the last field must be greater than 0.
.IP *
Lines are terminated by newline characters.
.IP *
-There is an (arbitrary) limit on the number of lines in the file.
-As at Linux 3.18, the limit is five lines.
+There is a limit on the number of lines in the file.
+As of Linux 4.15, the limit is 340 lines.
In addition, the number of bytes written to
the file must be less than the system page size,
-.\" FIXME(Eric): the restriction "less than" rather than "less than or equal"
-.\" seems strangely arbitrary. Furthermore, the comment does not agree
-.\" with the code in kernel/user_namespace.c. Which is correct?
and the write must be performed at the start of the file (i.e.,
.BR lseek (2)
and
--
2.14.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-11-19 9:48 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-11-19 1:25 [PATCH] user_namespaces.7: Record new 340 line idmap limit Christian Brauner
[not found] ` <20171119012505.1925-1-christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
2017-11-19 9:00 ` Michael Kerrisk (man-pages)
2017-11-19 9:00 ` Michael Kerrisk (man-pages)
[not found] ` <0b3acf79-dd24-5845-b4f4-6d2f9222a5a6-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2017-11-19 9:48 ` Christian Brauner
2017-11-19 9:48 ` Christian Brauner
2017-11-19 1:25 Christian Brauner
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.