Received: by 10.213.65.68 with SMTP id h4csp31260imn; Tue, 3 Apr 2018 14:52:59 -0700 (PDT) X-Google-Smtp-Source: AIpwx48S9XVN+QfZjE5/mNQCTWg+vPnQooaFKo46ZpYrNIuCATfZ09pfVAUQNPIVtNQ5cmAsK4eA X-Received: by 10.98.178.207 with SMTP id z76mr11920882pfl.37.1522792379250; Tue, 03 Apr 2018 14:52:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522792379; cv=none; d=google.com; s=arc-20160816; b=fLVd5OLFUefNLPu5o3cpN4Ia6RisCNyPiSNhAztg1rGKBcofwzQ58672PGoJSBTUzI BqZbYrs/ySUmv9+7TMxfuJANRvklcZoYlco+CSX9CaXh/JsxLegURS+38JKPPMUS4oiD K0LKkM3PAt0gy1Vi1K+xNj9+Ao5447to7FOkVNfJoBpWVCg87vYVDuwYbpqQ/hym0mF/ vXPs0i77gKl0fKSnU0BEdHg/eUg2DwpTgyQOlOm5vjScnkTjdwzA3JakUC9EGJgBBIAu qOoGn6pDfhdtOM9Sfl1AEp6JH5Lf3l9UDQCCw0emcuUQ0c8LTO8efiYJmc+++1sWTP7x UhiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=IPnvLXkjRNuJAmz/9BYbk9VZI1p+J7JvQF4DxBqjZxY=; b=nWv+X26UheJIOT+yoCMbTcuTTCaxWed0QK7+/+ruuqtxFLwVzlAYLTubN/PH+HVKKI YUXh1UF+HtbYHKu+J3ZWGi9X36wEPmkpnaG4N8y1L6h3ASm/HqAZLvyNz9+1glnz+GBF MfGrXJaKEN8AaMEcEAw5+81b2dpqBO1XbSS+ASfs31XrTJyC31ptrjHPCPUZflAx1YZ5 Q1A2RLPcp9JfhaO2nbME1UiUX+tlPq/1sGUX7Y+bAZuWn58gHnv44UeesrKTMo0cnE+1 hWdFlrHjMsiAfqKLTzMKQqN6gSgPsESKVL/4+sfoYmnmIj8sWBov6ZKcQdF3B0G/veAb ddnA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=c3pUXv/p; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t2-v6si1497220plj.651.2018.04.03.14.52.44; Tue, 03 Apr 2018 14:52:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=c3pUXv/p; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753625AbeDCVu2 (ORCPT + 99 others); Tue, 3 Apr 2018 17:50:28 -0400 Received: from userp2130.oracle.com ([156.151.31.86]:54016 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753004AbeDCVu0 (ORCPT ); Tue, 3 Apr 2018 17:50:26 -0400 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w33LdWP1085377; Tue, 3 Apr 2018 21:50:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=IPnvLXkjRNuJAmz/9BYbk9VZI1p+J7JvQF4DxBqjZxY=; b=c3pUXv/pgYfH23LjJEkcIbxpiYjWtDS539nrPaVlbxCmZ1H2D8GgQaO8LYs2MUfh5RIY 6/zPaMB1KYamqOhhfErYS3F+NMJMycRJfgks3i+8tq5BOCXjtO8ngXPRA8JwrtXHBxV/ CBbG6jo5vb7NCX0VZ3aCFADH0TTr9O+saJrdcGqzGbeXYzt4eJC/kVL/S10RjZCPkTb5 3mTnO7zDSM35vVzx/Zix3q/DcaXL51SezYunDpvbWfxnVm0GOw13LvuoKWdnN4dmRrhK KvUERjVJTHL2pJx1nk6MLdM6MPqdJP8Ii6+6U2LwKB3zR0KuWNOcYcKLGXtfxNngj7E3 yA== Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233]) by userp2130.oracle.com with ESMTP id 2h4hq7017r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 03 Apr 2018 21:50:19 +0000 Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by aserv0021.oracle.com (8.14.4/8.14.4) with ESMTP id w33LoI2Q004562 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 3 Apr 2018 21:50:18 GMT Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w33LoFAn010371; Tue, 3 Apr 2018 21:50:15 GMT Received: from [10.132.92.135] (/10.132.92.135) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 03 Apr 2018 14:50:15 -0700 Subject: Re: [RESEND PATCH V4] pidns: introduce syscall translate_pid To: Andrew Morton Cc: linux-api@vger.kernel.org, linux-kernel@vger.kernel.org, ebiederm@xmission.com, khlebnikov@yandex-team.ru, serge.hallyn@ubuntu.com, oleg@redhat.com, luto@amacapital.net, jannh@google.com, prakash.sangappa@oracle.com References: <1522706249-11578-1-git-send-email-nagarathnam.muthusamy@oracle.com> <20180403143838.614ecc083835d07d409a699c@linux-foundation.org> From: Nagarathnam Muthusamy Message-ID: <678f275b-8d78-9b0f-177f-5ff5c9c55657@oracle.com> Date: Tue, 3 Apr 2018 14:45:28 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <20180403143838.614ecc083835d07d409a699c@linux-foundation.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8852 signatures=668697 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=853 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1804030211 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/03/2018 02:38 PM, Andrew Morton wrote: > On Mon, 2 Apr 2018 15:57:29 -0600 nagarathnam.muthusamy@oracle.com wrote: > >> pid_t translate_pid(pid_t pid, int source, int target); >> >> This syscall converts pid from source pid-ns into pid in target pid-ns. >> If pid is unreachable from target pid-ns it returns zero. >> >> Pid-namespaces are referred file descriptors opened to proc files >> /proc/[pid]/ns/pid or /proc/[pid]/ns/pid_for_children. Negative argument >> refers to current pid namespace, same as file /proc/self/ns/pid. >> >> Kernel expose virtual pids in /proc/[pid]/status:NSpid, but backward >> translation requires scanning all tasks. Also pids could be translated >> by sending them through unix socket between namespaces, this method is >> slow and insecure because other side is exposed inside pid namespace. >> >> Examples: >> translate_pid(pid, ns, -1) - get pid in our pid namespace >> translate_pid(pid, -1, ns) - get pid in other pid namespace >> translate_pid(1, ns, -1) - get pid of init task for namespace >> translate_pid(pid, -1, ns) > 0 - is pid is reachable from ns? >> translate_pid(1, ns1, ns2) > 0 - is ns1 inside ns2? >> translate_pid(1, ns1, ns2) == 0 - is ns1 outside ns2? >> translate_pid(1, ns1, ns2) == 1 - is ns1 equal ns2? >> >> Error codes: >> EBADF - file descriptor is closed >> EINVAL - file descriptor isn't pid-namespace >> ESRCH - task not found in @source namespace > Presumably a manpage is planned? > > This changelog doesn't explain what the value is to our users. I > assume it is a performance optimization because "backward translation > requires scanning all tasks"? If so, please show us real-world > examples of the performance benefit from this patch, and please go to > great lengths to explain to us why this optimisation is needed by our > users. One of the usecase by Oracle database involves multiple levels of nested pid namespaces and we require pid translation between the levels. Discussions on the particular usecase, why any of the existing methods was not usable happened in the following thread. https://patchwork.kernel.org/patch/10276785/ At the end, it was agreed that this patch along with flocks will solve the issue. Thanks, Nagarathnam.