Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751949AbcJJSza (ORCPT <rfc822;w@1wt.eu>);
        Mon, 10 Oct 2016 14:55:30 -0400
Received: from mail-db5eur01on0131.outbound.protection.outlook.com ([104.47.2.131]:41429
        "EHLO EUR01-DB5-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1750919AbcJJSz2 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 10 Oct 2016 14:55:28 -0400
Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=avagin@virtuozzo.com; 
Date: Mon, 10 Oct 2016 09:22:03 -0700
From: Andrei Vagin <avagin@virtuozzo.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>
CC: <avagin@openvz.org>, <containers@lists.linux-foundation.org>,
        <linux-kernel@vger.kernel.org>,
        Serge Hallyn <serge.hallyn@canonical.com>,
        Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH 0/2 v2] userns: show current values of user namespace
 counters
Message-ID: <20161010162202.GA31628@outlook.office365.com>
References: <1471291822-539-1-git-send-email-avagin@openvz.org>
 <20161006175146.GA25935@outlook.office365.com>
 <87wphlclwe.fsf@x220.int.ebiederm.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="koi8-r"
Content-Disposition: inline
In-Reply-To: <87wphlclwe.fsf@x220.int.ebiederm.org>
User-Agent: Mutt/1.7.0 (2016-08-17)
X-Originating-IP: [162.246.95.100]
X-ClientProxiedBy: BY2PR16CA0022.namprd16.prod.outlook.com (10.164.126.160) To
 HE1PR0801MB1980.eurprd08.prod.outlook.com (10.168.94.150)
X-MS-Office365-Filtering-Correlation-Id: 5d86da3c-0bf3-4618-b149-08d3f1299a5c
X-Microsoft-Exchange-Diagnostics: 1;HE1PR0801MB1980;2:3v6TPy9aWJnNQpgRdpGQF2/4dn6Cd8Wx6nIAZt8OKYt45sAhWjlRm0m/ELtoXD2eRlYjFnqRzjTq8W5aBoZgTjdaz0MPYFmVexc3oId/KxmzeOAbXEFgywbDrRS9dnKInFO9OGlWG7dp31U4Qb5scn4wIHPduVsE0Z5kxjrMk7AiFAj/v9/mC98+cPn08Lxi;3:0UGFc9uwq5JxqrGJ+7l0ndy7Wi0DcIFSG/EIvr+ta7qxANu4SYk5PXNJZHQc4fwV4YzpHwMwTY0DAWv0QuZf/c06zKs/i+/Uwoq5o5NO013Orr3MVVfZThv9cLA3kN/a
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:HE1PR0801MB1980;
X-Microsoft-Exchange-Diagnostics: 1;HE1PR0801MB1980;25:OsSoSuu+pK/6nqKPQ3jTHmI661aSKqN38l7h/BYmShuIdaSi+mBKTlHgU02bwI6t/Sdg4cPOIo6aRxfmLUhFkz94FnFb0ySeTOrK4Bu0fPwghBQhdoxSgX4YrGH4tFnEsfmaAgy9tCNO0SKdcPr/6vhJA1S/q63Zkx0YRNvzfQvdebuJg2K+wi0/MBjRbW8x96Y+7258dmx47yFo4ZaP4RsrVIBI0RkSt0xbFZ/JHkxwhsjIxoQ474P9SvPHZIm/oQkSA9MksJ5moZER4O2nBkyubUG73uLekG249OiPiNrR1R/mDueJSBZF/bkwG5bfVReuQ+rn+8IJC3yGmNi+HeiXu1O0u8lRpbNjaOKPO+EVLZGAeQVmYy9a9l0Xls18Q+8M2YfZniZvf/XobB64yMTw0XN6D6UELqkoF05z4xevRb76/X4F+imIWk2xXbD33HCA5OnUihSh7Tg6VnHkUc7BAjR1jBsGD1eoolzPSUjPPhCps5/JTQw7S2Eu8BtF7I+zwSFWNEEs2bcjwGZVfPHbNAl3haCgKvNdlNssqAyXPqytG1lhgPRhz309HUINNibWNLZ6TpK0TMlOPUSN5cvJSPeAWseo1WTjffcT+bdJKaKJcF0dih7rb5t3Sw3CiEKsprHMpVjSR1rkMsk7mSk3fzqsxh9Wh3/tnn6Mx5Xvbk7YTgj7mumZPYJz3UNyVsH2pkm+qofbkh2DWNYDJUnuqv259eXHvoorqXmt/hEB1gZWRqEWMNy/pGFXRupylhTkH+FKeenM+I/6Q+/mnV/5Llxf/UHK8odDCEoNUPxdgTTYtjQQOkX003CxSrHVxhaDEyMV72LtVPBBkDJh16HnPlyPguS1xHVOIaTa3ASxnjlovzCpZOkIj4tpzyvJtZ3I7WZiVx335kXaD1FQPA==
X-Microsoft-Exchange-Diagnostics: 1;HE1PR0801MB1980;31:bA2WWBB8GfCQBI3PF7XX7mxchlfCpyedXj5m/+YLakIA275ZFMa8J1MC18Xpzp0gLEtO4SsAKRHSxuAkb6Os511iAnwcG9d5/heHd6gCXVB49J9gXjoJEuGOiMnMSMv5kCI2xtJDQqgwDGaGzaEHJUHO3XVkGTvR1wZpkEsC9wcyHJgHnWf66mC4eE7MADxN86d2qf8Yi/6QU3ECB6MGdpS9EoplxFx8Q/UN0m2hlck=;4:fnWaoPoLOWGfkndkX4V5zAAUdPmAJY9Z9aL3yWb0KoIPVHsD/fG/94fu6VxoUgfBnPSKTN1L+D7KSENhQzY+ZheQEu0s6o7gbf/uUo2eIng4MDMNrXJ1TXe06UinIJ5dXVNkwbVGNpRoYITzlKp8MJWmrDZmk6ZNp5iwRdr9zZNvd3tRWKqdLajF0tyd7ixBAsUUQB1nMTXcvniUeLFWrPw9Ts2+nL45jzjln2ZBLu9pZJkovefTUo0DKt4Z8b9rn7UIT1ByQbyqXON7RX1iUd5Y8msVG83OlWzq9WUKPSFq2DOrNiPNUBQaQ2vE7gmSa5F21JIXevVUmDFTmTAx+xUx7u7nrLhZ2RXpdr6wi4JCMadutQL4p+uHYxyl9PSf6USCMQecUJtpBMoJ2Fc2aV0hwPb6vd0amA7qGEiULxpcDFDrnXEoCU9DyyOszujZr+LDcSKSaJ7r6VN8DCQCVD822sasYEMhta+M5aO6w2hxlgC+AN0RL6HN+Cl7tyap
X-Microsoft-Antispam-PRVS: <HE1PR0801MB198061FBCD47F182B162B7E0CFDB0@HE1PR0801MB1980.eurprd08.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(84791874153150)(198206253151910);
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6043046)(6042046);SRVR:HE1PR0801MB1980;BCL:0;PCL:0;RULEID:;SRVR:HE1PR0801MB1980;
X-Forefront-PRVS: 0091C8F1EB
X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(4630300001)(6009001)(7916002)(76104003)(24454002)(51444003)(189002)(199003)(105586002)(9686002)(586003)(33656002)(305945005)(3846002)(1076002)(50986999)(5660300001)(54356999)(6116002)(53416004)(2906002)(42186005)(7736002)(2950100002)(101416001)(19580405001)(189998001)(106356001)(6666003)(7846002)(76176999)(68736007)(66066001)(69596002)(8676002)(19580395003)(23686003)(47776003)(86362001)(83506001)(97736004)(110136003)(4001350100001)(81166006)(4326007)(77096005)(92566002)(6916009)(81156014)(50466002)(15975445007)(7099028)(18370500001)(26326002);DIR:OUT;SFP:1102;SCL:1;SRVR:HE1PR0801MB1980;H:outlook.office365.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en;
X-Microsoft-Exchange-Diagnostics: =?koi8-r?Q?1;HE1PR0801MB1980;23:sDqD/nVK23SpV/yfsOMpDyA60grnoQeDXkppcgEQE?=
 =?koi8-r?Q?G6Ywyc67jHA/LdB+XVhN5cQCKeIwSK7HsumbRbr0ae+OCN9uB/fBmBVf0xon5c?=
 =?koi8-r?Q?+6PE9fikAnSku8ddeIBfqiT68ZXtjkSJFPPyqxkhSOyu9SzOKJUp2R3dIA1dck?=
 =?koi8-r?Q?h9NezSpZPUXeCnkHflzZkvqN8St4JgMl7HVKSUhTMqk13XlqraUCWV6DG7shm6?=
 =?koi8-r?Q?qcBzkUrlxHxfWFaOYNiKeDGhT7Ey2F6oWVe39TK35Kbph8rGpGxgNReIgf7JBm?=
 =?koi8-r?Q?G3PwZOpHM2EZSicfzosqzA0fJ3WzoyOvvOOK7vdrVtSejPpVAuxBwHiLhNv/nl?=
 =?koi8-r?Q?SQvnK3NHcbbxrNMaDoeSIkUED8yWy/UAVrLLE8gaHVcYMXA6VGqhYdaswhqNko?=
 =?koi8-r?Q?HYztLZOhNkzaS05/mk2qBMilP+jvfFTI4rj5XEax5lwYmXX4UMUvEcZrPLmTDo?=
 =?koi8-r?Q?p+mfh0dYXHx/J7ldYeaLSyjCAoDHcTiJCdxREd7Nf/S9l3qxKlu0g5pPH32k6K?=
 =?koi8-r?Q?wXiXFzMDM6GE51qZKZ5qyns5u+k+5HRGb4UNmNeY2mtTXqt0igSU4INP42cwzs?=
 =?koi8-r?Q?Kng2Md8px1pIvsCFHd7k5jJ3KbOkVROvKLVs+vqNnLNVY1cXD8pSOuclHNjc7f?=
 =?koi8-r?Q?3SZGARFb4gIwoZKtw6eXHbaZqJpTQn7/kb6fLxyfovoPfX6PX4hfe6TdPKAIIR?=
 =?koi8-r?Q?vYSy2UHsViDijEyCK4DM3sNqjLzjGzcl5tUIycbaEWx3WwzrY7DLbxSSfcvUzo?=
 =?koi8-r?Q?27H2vxNkpB4zZOq68/kFBZochNtuVWnA3NhHbXLIWkEYsSdLchQuzb5vJpzd9g?=
 =?koi8-r?Q?/FX3vSrKU5jGXg+oZXgpPSbpA472FB8Yv4vxNUh3tecoqsnoN2/sTOluyz08zh?=
 =?koi8-r?Q?UMoxcfKmb6xP5Vph+gZC9G7SBpb4055z5Ny1BUAdCIxSPxYKMpjNvFFW7P6dsx?=
 =?koi8-r?Q?RGJ/5Q8CXwynmv5xpqipzjSHIeCFHcTpaJtnSrjvLwYJ3C9yOiIOZdIA6ig1iI?=
 =?koi8-r?Q?daIfsZYTtvjhOnusGwNVKlFU4pzJOEJEPo0prrP1/w2F2nu9DQhYif4joWdAvF?=
 =?koi8-r?Q?whIEPtL+4d59MAe+myC9Siud1zSp2t6mMPofgovwLmWS3dP+6N8THqXG6+aIjG?=
 =?koi8-r?Q?URCc1u4l5TAHCmdMTqSqv5qBdE3RzrEIsVhkUBYTIYhkyarDofEuP/dNVvj4aD?=
 =?koi8-r?Q?SNOUexO9LYSMvbXm22Dy1nJiIYJreq0Z7dGnbp9yNfHL9rXP4KajobSFrn0gIm?=
 =?koi8-r?Q?VermM8Bns8VfPz+ghjdFQ+l9g+cVv8ajXxucDuDDgJBjZiTovkhIQTS7i4icsv?=
 =?koi8-r?Q?s?=
X-Microsoft-Exchange-Diagnostics: 1;HE1PR0801MB1980;6:4zXh/okmRoxXntovVnvTD8jKap3HnU5M+0RLqbxcoB1xNMs8SlmOzRR2QkL+gZSS19VdrDYUA28fkposZRUOh8RDHkr69p9QMXTz2clwjTbCom0Jhy4LgVALU3ueDxvq/5aaO2Pc4FN7yTXe6zyr+jpjQKluwTkdJO1Y+CVbP/ZrXgFYpl5K19wRSm8OnXSOjeqJg04h/qfryt9xp/uLIzYlyMHNZjUs3BTZMu26EGCE3qXT10OAic29FSJ0j3YPOqtJ9+LHRy2T7wqdnvRmYoV9q8+Aq4+IbcS/ANs5+02hLnGBO/5PqgaldVF9pIzJ;5:sxoFe1hds14iGKorce0UWlGIjDR1z3zOCXH8NYFkSX82KJKvGnlx6zdPcykRYoQYfQYMN4REDekux/V+k9stQxhRuUdDwxhTgjmcXDKuIRe7lP4GTAkoUvyhxs+MqOfyqqw1ezRdJTF6VC6wcK0yEA==;24:u5sk30XD2dCvsBtHaQqpdaXsh3Wa+0qpsydk/JR0nVfvstjNztvbSbRSdVeZ8XKeouc6tNKTfIoa1ykMt2PG+igQWOEOF+yOAJyS2hPNexY=;7:b2Ekr3oRwPyQHVkCRfZLWhQE28fRx4cUyHMxLquPxtT+j/2MzxVq4fqmaJ1s+zz7E2GVzU0IE3cwSeDUbK5sFbtQZhlIMJVl9O8k7+q/8rnF0VDSQGOriSsmtvwU4AQcXMF7I31x+WnGfQLAoYmP2/lwBEkEifyxTcCHeDzpe1Rf2L4hMUY0mOMTrZGQXEhlnoepLOsjxwkbqLPeE/pJ69WDGh7xb+6dfCQrt05Ubw3D9qhB9wul+TtFgqn16fkYUUBBd4+4aHoxKI2a/djLCGKfUOJmy+0W+KV+t4c91USlfc9+x7vhEkXmdZefc130u58/HQVpJdb+MmBfbW5Meg==
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1;HE1PR0801MB1980;20:vqP3LzJZ4gTrz8BqyfWwCaWIGaLc0xi4HXb83RClJl4W6EAt8SWI32qBPAClAsaNcN40cigONfwWsOwrUogcwOCtzBK0vVlNj6TICgw9aDzMlCbYZctswrxKXL3XEpn27cwpkyFDA9KfkZ9QZyG592mNS1GI4HVaNr45JZU4lU4=
X-OriginatorOrg: virtuozzo.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2016 16:22:15.9648
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0801MB1980
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 3491
Lines: 91

On Thu, Oct 06, 2016 at 02:33:53PM -0500, Eric W. Biederman wrote:
> Andrei Vagin <avagin@virtuozzo.com> writes:
> 
> > Hello Eric,
> >
> > What do you think about this series? It should be useful to know current
> > usage for user counters.
> 
> I am in favor of knowing the values.  Unless there is a good reason not
> to we should export the values with a read-only sysctl.  I believe that
> is what other similar limits do.

I want to have a place where I will be able to get limits for all
users. I can't imagine how to do this with a sysctl. It will looks like
multiline sysct-s, what doesn't look good. I will think. If you will
have any ideas let me know. Thanks.

> 
> As for having per process knowledge I think that is probably something
> we want to solve for these sysctls as well.
> 
> I don't think I saw anyone looking at this code from the perspective of
> information leaks.  I think we need to ask that question, as similar
> interfaces have been problematic from an information leak point of view.

It's a good question.

> 
> In short I what you are trying to do here is valuable, I just want
> to make certain we have a maintainable pattern when we export these.
> 
> Eric
> 
> >
> > Thanks,
> > Andrei
> >
> > On Mon, Aug 15, 2016 at 01:10:20PM -0700, Andrei Vagin wrote:
> >> Recently Eric added user namespace counters.  User namespace counters is
> >> a feature that allows to limit the number of various kernel objects a
> >> user can create. These limits are set via /proc/sys/user/ sysctls on a
> >> per user namespace basis and are applicable to all users in that
> >> namespace.
> >> 
> >> User namespace counters are not in the upstream tree yet,
> >> you can find them in Eric's tree:
> >> https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/log/?h=for-testing
> >> 
> >> This patch adds /proc/<pid>/userns_counts files to provide current usage
> >> of user namespace counters.
> >> 
> >>   > cat /proc/813/userns_counts
> >>   user_namespaces          101000               1
> >>   pid_namespaces           101000               1
> >>   ipc_namespaces           101000               4
> >>   net_namespaces           101000               2
> >>   mnt_namespaces           101000               5
> >>   mnt_namespaces           100000               1
> >> 
> >> The meanings of the columns are as follows, from left to right:
> >> 
> >>   Name         Object name
> >>   UID          User ID
> >>   Usage        Current usage
> >> 
> >> The full documentation is in the second patch.
> >> 
> >> v2: - describe this file in Documentation/filesystems/proc.txt
> >>     - move and rename into /proc/<pid>/userns_counts
> >> 
> >> Cc: Serge Hallyn <serge.hallyn@canonical.com>
> >> Cc: Kees Cook <keescook@chromium.org>
> >> Cc: "Eric W. Biederman" <ebiederm@xmission.com>
> >> Signed-off-by: Andrei Vagin <avagin@openvz.org>
> >> 
> >> Andrei Vagin (1):
> >>   kernel: show current values of user namespace counters
> >> 
> >> Kirill Kolyshkin (1):
> >>   Documentation: describe /proc/<pid>/userns_counts
> >> 
> >>  Documentation/filesystems/proc.txt |  30 +++++++++++
> >>  fs/proc/array.c                    |  55 ++++++++++++++++++++
> >>  fs/proc/base.c                     |   1 +
> >>  fs/proc/internal.h                 |   1 +
> >>  include/linux/user_namespace.h     |   8 +++
> >>  kernel/ucount.c                    | 102 +++++++++++++++++++++++++++++++++++++
> >>  6 files changed, 197 insertions(+)
> >> 
> >> -- 
> >> 2.5.5