Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept

From: Yordan Karadzhov
Date: Mon Nov 22 2021 - 11:15:58 EST

Next message: Russell King (Oracle): "Re: [PATCH] ARM: ptrace: Use bitfield helpers"
Previous message: Colin Foster: "Re: [PATCH v1 net-next 5/6] net: mscc: ocelot: split register definitions to a separate file"
In reply to: James Bottomley: "Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept"
Next in thread: Yordan Karadzhov: "Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 22.11.21 г. 17:47 ч., James Bottomley wrote:

Hmm, Isn't that true only if somehow we know that (3) happened before
(4).

This depends. There are only two parented namespaces: pid and user.
You said you were only interested in pid for now. setns on the process
only affects pid_for_children because you have to fork to enter the pid
namespace, so in your scenario X has a new ns/pid_for_children but its
own ns/pid never changed. It's the ns/pid not the ns/pid_for_children
which is the parent. This makes me suspect that the specific thing
you're trying to do: trace the pid parentage, can actually be done with
the information we have now.

This is very good point indeed. Thank you very much!
Yordan

If you do this with the user_ns, then you have a problem because it's
not fork on entry. But, as I listed in the examples, there are a load
of other problems with tracing the user_ns tree.

Next message: Russell King (Oracle): "Re: [PATCH] ARM: ptrace: Use bitfield helpers"
Previous message: Colin Foster: "Re: [PATCH v1 net-next 5/6] net: mscc: ocelot: split register definitions to a separate file"
In reply to: James Bottomley: "Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept"
Next in thread: Yordan Karadzhov: "Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]