Re: (pspace,pid) vs true pid virtualization

From: Eric W. Biederman
Date: Thu Feb 16 2006 - 13:35:42 EST


"Serge E. Hallyn" <serue@xxxxxxxxxx> writes:

> Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx):
>> > I think it should be acceptable if a pidspace is visible in all it's
>> > ancestor pidspaces. I.e. if I create pspace2 and pspace3 from pid 234
>> > in pspace1, then pspace2 doesn't need to be able to address pspace3
>> > and vice versa.
>>
>> A good rule. Now consider pspace 4 which is a child of pid 567
>> in pspace 3.
>>
>> What should pspace 3 see?
>
> Implementation dependent.
>
> What I'd like to see is:
>
>> What should pspace 3 see?
>
> The pid of the init process for pspace 4.
>
>> What should pspace 1 see?
>
> The pid of the init process for pspace 3.
>
>> What happens when you migrate pspace 3 into a different pspace
>> on a different machine?
>
> Nothing special. "Migrate" was just a checkpoint (from pspace 1)
> and a resume (from pspace N on some machine). So now pspace N on
> the new machine has created a new pspace - which happens to be
> immediately populated with the contents of the old pspace 3 - and
> see the pid of the init process of this new pspace.
>
>> Is there a sane implementation for this?
>
> IMO, definately yes.
>
> But I haven't tried it, so my opinion is just that.

If you are just talking the pid of the init process the problem seems
tractable.

Where I see real problems with migration is and nested pid spaces
is when you expose all of your pids to your parent, and perhaps
there was some miscommunication on this point.

To try and give an example.

pspace 1 pspace 2 pspace 3 pspace 4
pid 234 -> pid 1
pid 235 -> pid 2 -> pid 1
pid 236 -> pid 3 -> pid 2 -> pid 1

Hopefully this clearly shows what I was trying to avoid, by
only allow pid 1 of any pspace to be visible in the parent.

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/