Received: by 10.192.165.148 with SMTP id m20csp3696794imm; Mon, 23 Apr 2018 10:44:18 -0700 (PDT) X-Google-Smtp-Source: AIpwx4/AITxcK7JH5ZZBX9ayi81Yyt5Yzi3p6FBLWomNDEG4Aw3+yXwLYhVJiUfGPt7gGQa6zv90 X-Received: by 2002:a17:902:284b:: with SMTP id e69-v6mr21277597plb.240.1524505458214; Mon, 23 Apr 2018 10:44:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524505458; cv=none; d=google.com; s=arc-20160816; b=zOGdPpSiq6Ap28u+uPBhARujCUncPjggspuf1euV8dd2PVuXa/jGFDrUK5ZWAsSB50 LLyNoFVZ2iwEN+1Op/4sLtAXO6wq1549H4ie7pi/TOuSed5K+le2MnkkHqjkVErGSXE8 63TFpRQBrwaXeHEPqY9Xnt/XUDbQ6hNo1+h83TF2Lp5rLM7y3+edNXhiJRD0SE7vFfM3 ifIj9jrDkagvvIpn7xeIGT2ZlxAIrCxMsOGmL1DL6TRhUxkY24ep5AC5ad3XIZhNR4xQ 6u6tU0rZ+O+PqovPbz7RkFEG3tHHKZAr8D8Fb9jah9d+aulYj7FpL3Tir4JpbMoG60RT FuJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=iInZ4/RCagSKjs95aq+nL8BviEuKANf+5XYdKBX+3c4=; b=SOVZq99J59ENpFJqPjLOAdgzPBHUrLClRTb7yC7UsgXqg7aOhlmPmDFoCc3dSgRlaJ 15LFC4ky2kF1Vb8F4Vq7y5VgfaiBdyIxoKeHzRNS9f2db1nDSd+o73YNNNTO7H6m3BnS ZBfFMDhtxYEsPj9Xb1Ag7X40/oYnVB8yMDZCuPefaSe0u6wNlnW9YdVfnsqAHReU4B9M 0Z4JXIEuzUiCVgbmLssiCOP04Yo1yiImZrNHdNDsAgQ1esNgt8S3BexWWFzZ2t1ebgNR ahK210b46oQTHmIcrZUaxCKyEnMQd6geVCYg1qxBzDDBpHcx2a1Y2vWFcVkriLFIV94W Rz1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=RTscaBsv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 5si6643214pgi.135.2018.04.23.10.44.03; Mon, 23 Apr 2018 10:44:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=RTscaBsv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932313AbeDWRmb (ORCPT + 99 others); Mon, 23 Apr 2018 13:42:31 -0400 Received: from userp2130.oracle.com ([156.151.31.86]:34270 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932104AbeDWRm0 (ORCPT ); Mon, 23 Apr 2018 13:42:26 -0400 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w3NHf4A3143683; Mon, 23 Apr 2018 17:42:01 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=iInZ4/RCagSKjs95aq+nL8BviEuKANf+5XYdKBX+3c4=; b=RTscaBsvSfb+sBgjBZPYOIy3RDKTKgNoiCTqDphwXrpeha436iRSeEGCAwPBaNMmOia6 WJRUjwlfnM+svVUy2NymCCRcwtm+O1y4LN2QLh/Pm85HoodRx3HHTNaRLQT8eLLG8R3T 7j4OKcF4i8SpH42YEqFTmgfrehIE+axpUPn6WOcUqH8dI+nRfd0QzJmirNLmOnriLqkn K0j3zT/SgCnzC4GLKvNLdtZudZ2dTUiTicWpC4Q89X4/y9lFjdv8iGlWMYc9wNRx6ReB XgU5pGT+DJVYpP0t/2FnYnekbLDtxKQIT9sSoqajs/7Bo7z3/36GustqFJSk6+z6YXxE aA== Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by userp2130.oracle.com with ESMTP id 2hfvrbpjpm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 23 Apr 2018 17:42:00 +0000 Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w3NHfwmt016824 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 23 Apr 2018 17:41:59 GMT Received: from abhmp0004.oracle.com (abhmp0004.oracle.com [141.146.116.10]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w3NHfv1f013220; Mon, 23 Apr 2018 17:41:58 GMT Received: from [10.132.92.135] (/10.132.92.135) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 23 Apr 2018 10:41:57 -0700 Subject: Re: [PATCH RFC v5] pidns: introduce syscall translate_pid To: Konstantin Khlebnikov , "Eric W. Biederman" Cc: linux-api@vger.kernel.org, linux-kernel@vger.kernel.org, Jann Horn , Serge Hallyn , Oleg Nesterov , Andy Lutomirski , Prakash Sangappa , Andrew Morton References: <152286911105.615669.14053871624892399807.stgit@buzz> <87h8oqhagl.fsf@xmission.com> <112c7cac-1982-3a2e-ffc0-878bc5ae4bb6@yandex-team.ru> From: Nagarathnam Muthusamy Message-ID: Date: Mon, 23 Apr 2018 10:37:02 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <112c7cac-1982-3a2e-ffc0-878bc5ae4bb6@yandex-team.ru> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8872 signatures=668698 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=17 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1804230177 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/05/2018 12:02 AM, Konstantin Khlebnikov wrote: > On 05.04.2018 01:29, Eric W. Biederman wrote: >> Nagarathnam Muthusamy writes: >> >>> On 04/04/2018 12:11 PM, Konstantin Khlebnikov wrote: >>>> Each process have different pids, one for each pid namespace it >>>> belongs. >>>> When interaction happens within single pid-ns translation isn't >>>> required. >>>> More complicated scenarios needs special handling. >>>> >>>> For example: >>>> - reading pid-files or logs written inside container with pid >>>> namespace >>>> - attaching with ptrace to tasks from different pid namespace >>>> - passing pids across pid namespaces in any kind of API >>>> >>>> Currently there are several interfaces that could be used here: >>>> >>>> Pid namespaces are identified by inode number of /proc/[pid]/ns/pid. >> >> Using the inode number in interfaces is not an option. Especially not >> withou referencing the device number for the filesystem as well. > > This is supposed to be single-instance fs, > not part of proc but referenced but its magic "symlinks". > > Device numbers are not mentioned in "man namespaces". > >> >>>> Pids for nested Pid namespaces are shown in file /proc/[pid]/status. >>>> In some cases conversion pid -> vpid could be easily done using this >>>> information, but backward translation requires scanning all tasks. >>>> >>>> Unix socket automatically translates pid attached to SCM_CREDENTIALS. >>>> This requires CAP_SYS_ADMIN for sending arbitrary pids and entering >>>> into pid namespace, this expose process and could be insecure. >>>> >>>> This patch adds new syscall for converting pids between pid >>>> namespaces: >>>> >>>> pid_t translate_pid(pid_t pid, int source_type, int source, >>>>                                  int target_type, int target); >>>> >>>> @source_type and @target_type defines type of following arguments: >>>> >>>> TRANSLATE_PID_CURRENT_PIDNS  - current pid namespace, argument is >>>> unused >>>> TRANSLATE_PID_TASK_PIDNS     - task pid-ns, argument is task pid >>> >>> I believe using pid to represent the namespace has been already >>> discussed in V1 of this patch in https://lkml.org/lkml/2015/9/22/1087 >>> after which we moved on to fd based version of this interface. >> >> Or in short why is the case of pids important? >> >> You Konstantin you almost said why they were important in your message >> saying you were going to send this one.  However you don't explain in >> your description why you want to identify pid namespaces by pid. >> > > Open of /proc/[pid]/ns/pid requires same permissions as ptrace, > pid based variant doesn't have such restrictions. Can you provide more information on usecase requiring PID translation but not used for tracing related purposes? On a side note, can we have the types TRANSLATE_PID_CURRENT_PIDNS and TRANSLATE_PID_FD_PIDNS integrated first and then possibly extend the interface to include TRANSLATE_PID_TASK_PIDNS in future? Thanks, Nagarathnam. > Most pid-based syscalls are racy in some cases but they are > here for decades and everybody knowns how to deal with it. > So, I've decided to merge both worlds in one interface which clearly > tells what to expect.