From: Will Drewry <wad-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
To: Oleg Nesterov <oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Cc: Neil Horman <nhorman-2XuSBdqkA4R54TAoqtyWWQ@public.gmane.org>,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
Eugene Teo <eteo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Andi Kleen <andi-Vw/NltI1exuRpAAqCnN02g@public.gmane.org>,
Alexander Viro
<viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org>,
KOSAKI Motohiro
<kosaki.motohiro-+CUm20s59erQFUHtdCDX3A@public.gmane.org>,
Tejun Heo <tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Serge Hallyn <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Alexey Dobriyan
<adobriyan-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Roland McGrath <roland-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"Eric W. Biederman"
<ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
Subject: Re: [PATCH 2/2] exec: move core_pattern pipe helper into the crashing namespace
Date: Mon, 20 Sep 2010 15:28:52 -0500 [thread overview]
Message-ID: <AANLkTikRurUqfPmJ_GWqG5XvvMzgUHt0yac7QN-pNkpX__28486.9587667801$1285016187$gmane$org@mail.gmail.com> (raw)
In-Reply-To: <20100920185001.GA955-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
On Mon, Sep 20, 2010 at 1:50 PM, Oleg Nesterov <oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> wrote:
> On 09/17, Will Drewry wrote:
>>
>> On Fri, Sep 17, 2010 at 8:29 PM, Oleg Nesterov <oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> wrote:
>> >
>> > This looks overcomplicated to me, or I missed something.
>> >
>> > I do not understand why should we do this beforehand, and why we need
>> > copy_namespaces_unattached().
>> >
>> > Can't you just pass current to umh_pipe_setup() (or another helper) as
>> > the argument? Then this helper can copy ->fs and ->nsproxy itself.
>>
>> I wasn't sure if it was reasonable to pass the current task_struct
>> over, but I certainly can.
>
> Why not? current calls call_usermodehelper_exec(), it can't go away
> until subprocess_info->init() returns, it sleeps on wait_for_completion().
yeah - I wasn't sure because the other coredump_params didn't pass it,
so I assumed there was some history around that. Though it sounds
like the current approach may not be the way forward anyhow.
>> In practice, this seems to amount to just adding a refcount to all the
>> namespaces and creating a new nsproxy which isn't really needed. Most
>> likely, doing what you've suggested above plus the copy_fs_struct and
>> the swap out will do the trick. I'll try it out and see. That's make
>> it much clearer I think.
>
> Yes, just get_nsproxy() (like fork() does) should be fine in this case.
>
> As for copying ->fs, I am not sure actually. core_pattern is global,
> say it is "|/coredumper". If you change ->root, then exec can fail
> because that binary is not visible to the coredumping process?
Yeah - it's lose-lose I think. On one hand, it may not run, on the
other hand it may have access where it shouldn't or not have access it
where it needs it.
> Probably we should move core_pattern into ->pid_ns, I dunno.
Sounds like this is worth doing. I'll look into it and post something
for further consideration!
thanks again -
will
next prev parent reply other threads:[~2010-09-20 20:28 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-16 18:59 [PATCH][RFC] fs/exec.c: provide the correct process pid to the pipe helper Will Drewry
[not found] ` <1284663599-3549-1-git-send-email-wad-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2010-09-16 19:35 ` Oleg Nesterov
2010-09-17 13:26 ` Andi Kleen
2010-09-16 19:35 ` Oleg Nesterov
[not found] ` <20100916193543.GA11016-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-09-16 20:12 ` Eric W. Biederman
2010-09-16 20:12 ` Eric W. Biederman
2010-09-16 21:02 ` Will Drewry
[not found] ` <m1zkvh4fdc.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2010-09-16 21:02 ` Will Drewry
2010-09-17 19:08 ` Roland McGrath
2010-09-17 19:08 ` Roland McGrath
2010-09-17 13:26 ` Andi Kleen
2010-09-17 14:52 ` Will Drewry
2010-09-17 14:52 ` Will Drewry
[not found] ` <20100917152639.0e88341a-3rXA9MLqAseW/qJFnhkgxti2O/JbrIOy@public.gmane.org>
2010-09-17 14:52 ` Will Drewry
2010-09-17 15:16 ` [PATCH 1/2] nsproxy: add copy_namespaces_unattached Will Drewry
2010-09-17 15:16 ` [PATCH 2/2] exec: move core_pattern pipe helper into the crashing namespace Will Drewry
2010-09-17 15:16 ` [PATCH 1/2] nsproxy: add copy_namespaces_unattached Will Drewry
2010-09-17 15:16 ` [PATCH 2/2] exec: move core_pattern pipe helper into the crashing namespace Will Drewry
[not found] ` <1284736618-27153-2-git-send-email-wad-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2010-09-17 18:15 ` Neil Horman
2010-09-18 1:29 ` Oleg Nesterov
2010-09-18 1:29 ` Oleg Nesterov
[not found] ` <20100918012939.GA25046-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-09-18 2:34 ` Will Drewry
2010-09-18 2:34 ` Will Drewry
2010-09-18 3:14 ` Will Drewry
2010-09-18 3:14 ` Will Drewry
2010-09-20 18:50 ` Oleg Nesterov
2010-09-20 18:50 ` Oleg Nesterov
[not found] ` <20100920185001.GA955-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-09-20 20:28 ` Will Drewry [this message]
2010-09-20 20:28 ` Will Drewry
2010-09-20 20:28 ` Will Drewry
2010-09-18 3:13 ` [PATCH][RFC] v2 " Will Drewry
2010-09-18 3:13 ` Will Drewry
2010-09-20 18:34 ` Eric W. Biederman
2010-09-20 19:12 ` Andi Kleen
2010-09-20 20:26 ` Will Drewry
2010-09-20 20:26 ` Will Drewry
[not found] ` <20100920191214.GB7496-qrUzlfsMFqo/4alezvVtWx2eb7JE58TQ@public.gmane.org>
2010-09-20 20:26 ` Will Drewry
[not found] ` <m1eico1cyv.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2010-09-20 19:12 ` Andi Kleen
[not found] ` <1284779629-15273-1-git-send-email-wad-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2010-09-20 18:34 ` Eric W. Biederman
2010-09-17 18:15 ` [PATCH 2/2] " Neil Horman
[not found] ` <20100917181556.GA2499-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2010-09-18 2:33 ` Will Drewry
2010-09-18 2:33 ` Will Drewry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='AANLkTikRurUqfPmJ_GWqG5XvvMzgUHt0yac7QN-pNkpX__28486.9587667801$1285016187$gmane$org@mail.gmail.com' \
--to=wad-f7+t8e8rja9g9huczpvpmw@public.gmane.org \
--cc=adobriyan-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=andi-Vw/NltI1exuRpAAqCnN02g@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=eteo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=kosaki.motohiro-+CUm20s59erQFUHtdCDX3A@public.gmane.org \
--cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=nhorman-2XuSBdqkA4R54TAoqtyWWQ@public.gmane.org \
--cc=oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=roland-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.