From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1034464AbdD0QSP (ORCPT ); Thu, 27 Apr 2017 12:18:15 -0400 Received: from mail-he1eur01on0099.outbound.protection.outlook.com ([104.47.0.99]:12481 "EHLO EUR01-HE1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1034399AbdD0QSH (ORCPT ); Thu, 27 Apr 2017 12:18:07 -0400 Authentication-Results: chromium.org; dkim=none (message not signed) header.d=none;chromium.org; dmarc=none action=none header.from=virtuozzo.com; Subject: Re: [PATCH 2/2] pid_ns: Introduce ioctl to set vector of ns_last_pid's on ns hierarhy To: Oleg Nesterov References: <149245014695.17600.12640895883798122726.stgit@localhost.localdomain> <149245057248.17600.1341652606136269734.stgit@localhost.localdomain> <20170426155352.GA12131@redhat.com> <785e1986-da03-72aa-06c0-234ed2dbc0fd@virtuozzo.com> <20170427161255.GA19350@redhat.com> CC: , , , , , , , , , , , , , , From: Kirill Tkhai Message-ID: Date: Thu, 27 Apr 2017 19:17:51 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <20170427161255.GA19350@redhat.com> Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: 7bit X-Originating-IP: [195.214.232.6] X-ClientProxiedBy: AM5PR0101CA0021.eurprd01.prod.exchangelabs.com (10.169.240.31) To AM4PR0802MB2276.eurprd08.prod.outlook.com (10.172.218.9) X-MS-Office365-Filtering-Correlation-Id: 0638d59f-bf18-480b-130c-08d48d88f845 X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(201703131423075)(201703031133081);SRVR:AM4PR0802MB2276; X-Microsoft-Exchange-Diagnostics: 1;AM4PR0802MB2276;3:ExArOkVXtFdWB6597R6eT6h+d105EnpLFKtcDJOF9QxZu6sUJRkkzGEUL2dUf3fU9L28i5jfLnsbN90MgReA+6oP2U92TUd64K95AOjyoXTdhyWkH2k7xWOT07SHMCTLAGn6AyLn0l4oK4GiHe6tjh+9l7/YELzNi2QwnxeYKtbTYQMWOdgPGiMo2yjN/6agqPvTfcDqxRakK8JUib9OiBiBOvRUiZomywjDDvg7OI2i7brwJrsIt+YF7TesIlj0h9VyXhIA6DFv5QEVlvHo09RkEo1Z20VA+aObrsD0VpL8SG+/8prxQXp6JV1zi5OGTwIspmPCvXaqxkMxvx6TrQ==;25:cTgdZBmtFS+GvEcLrxuukFpCmJnEL319Y8OxlS4pHLLZ8t09CNYS3vLolQxGdXMerJgiUBggWm8m98bEbgd65qSxYIsGpmXuR6NvW8ViFeGuPiFuNL9d/BGb/whm2CaJ80v9oNFYjtLUaBvm55sQT96tlVKLGjiWgr7IfH6wOApj5uzCexytFz7xbLEiOaId13j9jD+h14STZIyGW/teMviyCk8oiomdswCAwI26OKd4iIy+nPAZU4jL2O7jPAb1qYgwc3OmNMC8dhQoGbvKrzYCJ6say4ORRBG4eT0z6UlfXvGalKdX+HMUpUd/OTmKWtL54qb37pECQBXfHYdrugY1TfK/eir4We1PSLGMyknzu0BmdArjOsDc8mzLgFrN/JNiTrU57GeGRwPHU42iHmAS3XsMNH2xCn2CyYuCdgW7Tu+ClRwLXqympEKj16hrGn+yuvCRSwIee9IRzuxDig== X-Microsoft-Exchange-Diagnostics: 1;AM4PR0802MB2276;31:a4VBR7PZDW9ij02wpMzvEcYR/siog7FBVcX+csRb+Db9LHTRD1Y2Tc7ZUpNzT8OhA3EqCGmXxwZIkxT5CYSvVGgIos4/lpoqe7eoWdOx8iwPYtLUeTva+5vjkpvO53xYrcFAogpG+Moy7QGHCNnUTkH+t0eqS3krsZNzREIItv7v4jVBnX8u9VSqeb1znFja48zOryjUMx/m47/8gdbbM3ybXKQEor/WFs3X0AkJnJoQHgvXGPEyRr3yJOMMlBiL;20:X4ZfQLpXuZHS1zm4UIJM45eqLL6lpaVK0nWXSd04QJBVpifZZEmrmG4CfWS0qyjtmcU9E7/fc5fAaNGU+DomzIkx2mCCtO4tPMd4jYlnRzLoLrsEn14jjjprRMxZFSFnL4B6qaJlbAA1QlKxCjAtjY+hpTiUvhF4fMDlhqAFsf4yrTl7Zu4as8nz09/XNyEaxyi4BhTeJwOwAq1qLCvhBAd7IjUov66DPZtPMFuk33pDVrAFgqPSpWUeq714XvzGHxpoQn4X3KzYZ52OtkfKBfMq5Q7ju8h7U35U1vofCgePNgYKF1DD/ypaSHJ7CXDa0iZ33oeyb9LdW3F7G38+Mf0tcOZgApwq9Syr5CrC5rBlUkksGbNopi6ugp2w8vE/rlo1v+evAK1trW7RnHyBvGnp3T36VBDYknyPdWLZ+bM= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(84791874153150); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(6041248)(20161123555025)(20161123560025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(20161123564025)(6072148);SRVR:AM4PR0802MB2276;BCL:0;PCL:0;RULEID:;SRVR:AM4PR0802MB2276; X-Microsoft-Exchange-Diagnostics: 1;AM4PR0802MB2276;4:LHeXdl3IV4pjlHE7Y5riPRtwDzBgagoRK4yT0SGFEChT9Hseg53m7iueeNYT8jzUzIYj70VyCUtiOX6bgUuf2rEliDCIanZhhT6AckH2LJnunhGPwsU9TsY3JBEtKY6PcM53Jcbgxv8yLn2TIyjljV7vDE7n413mvT+hm1BRwN4+iZ22o3QBFn7DmJ4SEN4G9CyCeGUkjBh182l8TRy1vtmx5un1ELYODryzfqvge4osCVZ7LlFjgX3h0Bc9Fb+1uvIyztMEmEzfa5cYd4bdV0ewCQPQ75BtZ72Ljcxlj0PpILbsZ80m9h7Jg4xmxE0xjyU7TkwIiaDfpRH2rlofzJ20W35B5lQVG9KHMyx4mr+CSwamx0PMkswaT5IfjTpSX4U8dwcK/9sLs7FsECDHPcFEVDqUR5eOAf6sYGdXbhajgYqjRS5+INtP9jnj5RnYCRBqPIn1IThfjLojDmrloLuoJPSdD+t0tI/bgVOXNLpx/FOhjc++bK/kx6cXC9Tvnb3LYoSoCeH2oWBDhjIKfFXZAFjsIAquGoS3+i/7WZ7zwe5EvMoM6XZw9h6TaLL1/5F6xdfU7XmHIR6JBFjrpID7epWkm+MRByc9GO5nFAgkklxS/SKGLWegMzmvERJ+MJA3IehvzgISVnGLGRHEuItTw2w48XohMsjXXU8KU5oW2w1OtmgN2QFd87VS+bhrAvud1AudmK51215qQ2FnXB3JZlKYa4Tf53oiJ9VzuXrf3KaIIiobKOyIuXTMYA8eoUUSwp1bDRMBfXbOQv9Z6g== X-Forefront-PRVS: 029097202E X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(4630300001)(6049001)(6009001)(39450400003)(39840400002)(39410400002)(39400400002)(24454002)(7416002)(64126003)(38730400002)(110136004)(65826007)(5660300001)(6916009)(2950100002)(6666003)(2906002)(6246003)(83506001)(229853002)(50466002)(4001350100001)(77096006)(54906002)(90366009)(6116002)(6486002)(53936002)(189998001)(230700001)(86362001)(6306002)(31696002)(3846002)(66066001)(33646002)(42186005)(8676002)(81166006)(4326008)(93886004)(25786009)(47776003)(7736002)(305945005)(36756003)(53546009)(76176999)(50986999)(54356999)(23746002);DIR:OUT;SFP:1102;SCL:1;SRVR:AM4PR0802MB2276;H:[172.16.25.137];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?Windows-1252?Q?1;AM4PR0802MB2276;23:iTExf7TR+ReXatUGLIGpVTqkkyxzCSvnxy1?= =?Windows-1252?Q?j2CosdJQAi9iTbFCO57nW6mEQUUGZ4k85NuG3kFG6r+szljNqYyefC3r?= =?Windows-1252?Q?EsQ4+j0npZpMOK47YkawEjVr/yyHzsP8P2pi8CF1Vfc9OK+nso6sNC2j?= =?Windows-1252?Q?vHTOnd/IydoKZ3w8IoLb51F1enR6/5V+/3QpchVEzkl+oGxbXROFIWA8?= =?Windows-1252?Q?kB3yBrHSb0JiNWL1v3GTWMoFGvf37T7uDAypQ9QA1tWa4/3ZInG+LPQM?= =?Windows-1252?Q?gF0lssFEjav6LGuojTaOYb/q6voyneJXPyG0pUs5COUfBQW3oR3iwDTj?= =?Windows-1252?Q?pXPtQK6PCmCCy5slxjpIIQQ6shkRcfOVjoRO2mr5pGy7Fbp6NqbdWVjs?= =?Windows-1252?Q?AnOAG55tEKrQbBDa3gz/gsNOkI5h8P0wS3xZ9SJPThBEsRpiEaukXGec?= =?Windows-1252?Q?CHxpleh4xZbOje0fdDNTOm+R1rBLwKK9TMDMsV3Pmt+vtXi3rskjOaa5?= =?Windows-1252?Q?OAEgUyo5NLqJt02rbTA6jYOcmDdKWIm1g6dNUFwiHce2Ln7o+qeveHXA?= =?Windows-1252?Q?W4EdPSCWKYSBkqAaf5gtVmPdDPlDmSCUN7ARFqKKT5ItiwOh1UyiJ465?= =?Windows-1252?Q?l6bwPCWwEnxUtEsP8zH9Q+XUm9Fq6fvQ7zALUFWgPMeGWTaFhSTZ51VF?= =?Windows-1252?Q?IyCjHfiblB9PYSG7O4vI//h2+wDcEYgmUIf6LXGfFB8MB2oWQ+SollLt?= =?Windows-1252?Q?h+HXOPFltOgcpter/mEqngRCzyfIhjS77I9Qq/T0534eM/mqHdjksVgC?= =?Windows-1252?Q?2ocvjAgLnPsDUcRCw8RimjBh+HcWb2h7WJs74Ae20b0RidPhQ6pEjgtZ?= =?Windows-1252?Q?vdsg8tMiIbtAlbT2VXL/HLbEk/cljHTYrvPAqaQThduT/NakAiBownqO?= =?Windows-1252?Q?fYjaiVGMDQUP6tRPiQXdiASqBNaNJkeCL/c0QpoCg608Ov80s2LJWWhp?= =?Windows-1252?Q?mKYPeleYvJsM5VnjxVqnwN2KL+alCvkB0o1MzzLTsba3US3oR52Gl+rq?= =?Windows-1252?Q?EaOwZBV7Whdkgfyf8oQyA7pTrBGhiC2lNTNkneusKz8CCU4sgTPkgWAj?= =?Windows-1252?Q?OpjK1E55NNWdDB2Y2lA6fomsIsaVBX87RwFGcD4plwSzkCTkyI7Ee1pW?= =?Windows-1252?Q?n0ojfY9ozrUSvaVOHaOrJFrvJWgB7Di8906gJSvUxRRLuU/TqDucW97K?= =?Windows-1252?Q?F/Lss40svjJo+EKyVDSOFrR+mT0WF5inLZeHramROUd7r5NBA2S5peUr?= =?Windows-1252?Q?ZViFtU70A1dTlcrsbgJgyHzj4ex0wiNjo1kQQ6xvU3/eIM+XVAmFPbOu?= =?Windows-1252?Q?NDICrGVNXet5x?= X-Microsoft-Exchange-Diagnostics: 1;AM4PR0802MB2276;6:XHBZu7AkpCwO9+RrtfrmdfPx03b/1erjEmHdDaLFix6j0DbfxHDphr09BRHWPhCCT559pduTrtSLZ9xFZBkGDAVqLjq+o2ZdzpiYltI6xmvHiB/85kURCbJ3eaJn2ANExj4+84OpdfLKdRPsFdQuW+/csF6ya6ZMAjKjb54PIN2sQ+ZG0EyMe7ldZAzRFxRZWZndfE0exnQrzRbiW8cWfXpmm4LWykP7V5VQm/jbuGfObDsTsbl7rbHb6dBjxNcpioWpJcxjLPNlzQC6KXWRRrLb6KnXpL4g2KSLRZRDup3k4aBL5cY+ez/EarCnhLnybt5KI4UH0HNtIQ0ecoVbndJ0S8MvAP/tUx4rNtQynF+GT90JH8Ed5LCn3tmiTluSUwA9hJczoq6It2k9cLqaCzgq+e5ATmbo7nv95HTsOZJ67BkO1+1fjDnqaD4t2ADJn81jGCgf3lgWrF1T4XbBQDDm9GdwfeVW9vhUVgXe+wgRJJcwuYC0nzIVKwcuXxdKWiarDzGLyvpti7ANMAr8VQ==;5:EEiZQ6d/O/udjwyoa313RdVuB+MznbHkHf1oE3SqPHI3dKLGYutkN2+JmgOXNx89AooRoH1/cdV/KOCoZo/RX6pGfg8AH1Z1DQhaoZcgodjUSpIRAg+iX4G/FVB9ZLthtY6oSayK7jw0ICt5Kj0jxA==;24:fRVUob6pU8t2DeCr9dHj4nciNuwNGskx4GOPCWCmi18zoX2SeK7jY2Z84UmYfHQJumCOXyyLoC5NyQwIlZhcdGNdm06NFv25+Hs8uSVM2IU= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;AM4PR0802MB2276;7:8BzMnouh5YI2xHcBm4JETYXMiYnIaYdaU0ALayfQWWzzK3MeyHu/XZgDXW2zysbKw14O/0Oakaglv4kl9OOCbGq7um6Xpv27EAgH4VOdFAiQQKpZsoVYBuAdhsn5R9XAbNhylc2++HxkW/LH19NRx4ecFvx22SWngjd8o86cRMYRrZZ0KyGCZvblrTZgs9VOkp2UiWhsNWjv67fbEtx2Qs8P8hb2gjCUB3i1F3b1GFvOZ6BZ1Hy59t5Ix4jp33x1oxrCV0QjKCChCaV5qOWyl6nH/P8O4/ZIq65O+KGtadZM+yP7FGdWtNMNAjsGTVxEUPLG1SS561qNX/8WpOprCg== X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2017 16:17:57.7420 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0802MB2276 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 27.04.2017 19:12, Oleg Nesterov wrote: > On 04/26, Kirill Tkhai wrote: >> >> On 26.04.2017 18:53, Oleg Nesterov wrote: >>> >>>> +static long set_last_pid_vec(struct pid_namespace *pid_ns, >>>> + struct pidns_ioc_req *req) >>>> +{ >>>> + char *str, *p; >>>> + int ret = 0; >>>> + pid_t pid; >>>> + >>>> + read_lock(&tasklist_lock); >>>> + if (!pid_ns->child_reaper) >>>> + ret = -EINVAL; >>>> + read_unlock(&tasklist_lock); >>>> + if (ret) >>>> + return ret; >>> >>> why do you need to check ->child_reaper under tasklist_lock? this looks pointless. >>> >>> In fact I do not understand how it is possible to hit pid_ns->child_reaper == NULL, >>> there must be at least one task in this namespace, otherwise you can't open a file >>> which has f_op == ns_file_operations, no? >> >> Sure, it's impossible to pick a pid_ns, if there is no the pid_ns's tasks. I added >> it under impression of >> https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=dfda351c729733a401981e8738ce497eaffcaa00 >> but here it's completely wrong. It will be removed in v2. > > Hmm. But if I read this commit correctly then we really need to check > pid_ns->child_reaper != NULL ? > > Currently we can't pick an "empty" pid_ns. But after the commit above a task > can do sys_unshare(CLONE_NEWPID), another (or the same) task can open its > /proc/$pid/ns/pid_for_children and call ns_ioctl() before the 1st alloc_pid() ? Another task can't open /proc/$pid/ns/pid_for_children before the 1st alloc_pid(), because pid_for_children is available to open only after the 1st alloc_pid(). So, it's impossible to call ioctl() on it. > Or I am totally confused?