Re: [PATCH 0/9] namespaces: Introduction

[Andrew Morton]

Herbert Poetzl <herbert@xxxxxxxxxxxx> wrote:
>
> let me
>  give a simple example here:

Examples are useful.

>   "pid virtualization"
> 
>   - Linux-VServer doesn't really need that right now.
>     we are perfectly fine with "pid isolation" here, we
>     only "virtualize" the init pid to make pstree happy
> 
>   - Snapshot/Restart and Migration will require "full"
>     pid virtualization (that's where Eric and OpenVZ
>     are heading towards)

snapshot/restart/migration worry me.  If they require complete
serialisation of complex kernel data structures then we have a problem,
because it means that any time anyone changes such a structure they need to
update (and test) the serialisation.

This may be a show-stopper, in which case maybe we only need to virtualise
pid #1.

>   - OpenSSI and *Mosix require system wide pid spaces
>     which probably could be implemented with virtual
>     pid spaces as well
> 
>   - many security addons provide something called pid
>     randomization, and I think they could probably
>     benefit from a virtual pid space, too

ok.

Anyway.  Thanks, guys.  It sound like most of this work will be nicely
separable so we can think about each bit as it comes along.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/