On 10/16/2017 09:24 AM, Oleg Nesterov wrote:
On 10/13, Konstantin Khlebnikov wrote:
OK, agreed,
On 13.10.2017 19:05, Oleg Nesterov wrote:
I won't insist, but this suggests we should add a new helper,That was in v3.
get_ns_by_fd_type(fd, type), and convert get_net_ns_by_fd() to use it
as well.
I'll prefer to this later, separately. And replace fget with fdget which
allows to do this without atomic operations if task is single-threaded.
Hmm, I don't understand...Stupid question. Can't we make a simpler API which doesn't need /proc/ ?That was in v1 but considered too racy.
I mean,
sys_translate_pid(pid_t pid, pid_t source_pid, pid_t target_pid)
{
struct pid_namespace *source_ns, *target_ns;
source_ns = task_active_pid_ns(find_task_by_vpid(source_pid));
target_ns = task_active_pid_ns(find_task_by_vpid(target_pid));
...
}
Yes, this is more limited... Do you have a use-case when this is not enough?
Yes sure, this is racy but open("/proc/$pid/ns/pid") is racy too?
OK, once you do fd=open("/proc/$pid/ns/pid") you can use this fd even after
its owner exits, while find_task_by_vpid() will fail or find another task if
this pid was already reused.
But once again, do you have a use-case when this is important?
I believe that in V1 Eric pointed out that pid in general is not a clean way to represent
namespace. (https://lkml.org/lkml/2015/9/22/1087) Few old interfaces used pid only because at that time there was no better way to represent namespaces.
But we could merge both ways:But for what? I must have missed something...
source >= 0 - pidns fs
source < 0 - task_pid = -source
Oleg.