Received: by 10.192.165.148 with SMTP id m20csp3696794imm;
        Mon, 23 Apr 2018 10:44:18 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/AITxcK7JH5ZZBX9ayi81Yyt5Yzi3p6FBLWomNDEG4Aw3+yXwLYhVJiUfGPt7gGQa6zv90
X-Received: by 2002:a17:902:284b:: with SMTP id e69-v6mr21277597plb.240.1524505458214;
        Mon, 23 Apr 2018 10:44:18 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524505458; cv=none;
        d=google.com; s=arc-20160816;
        b=zOGdPpSiq6Ap28u+uPBhARujCUncPjggspuf1euV8dd2PVuXa/jGFDrUK5ZWAsSB50
         LLyNoFVZ2iwEN+1Op/4sLtAXO6wq1549H4ie7pi/TOuSed5K+le2MnkkHqjkVErGSXE8
         63TFpRQBrwaXeHEPqY9Xnt/XUDbQ6hNo1+h83TF2Lp5rLM7y3+edNXhiJRD0SE7vFfM3
         ifIj9jrDkagvvIpn7xeIGT2ZlxAIrCxMsOGmL1DL6TRhUxkY24ep5AC5ad3XIZhNR4xQ
         6u6tU0rZ+O+PqovPbz7RkFEG3tHHKZAr8D8Fb9jah9d+aulYj7FpL3Tir4JpbMoG60RT
         FuJA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=iInZ4/RCagSKjs95aq+nL8BviEuKANf+5XYdKBX+3c4=;
        b=SOVZq99J59ENpFJqPjLOAdgzPBHUrLClRTb7yC7UsgXqg7aOhlmPmDFoCc3dSgRlaJ
         15LFC4ky2kF1Vb8F4Vq7y5VgfaiBdyIxoKeHzRNS9f2db1nDSd+o73YNNNTO7H6m3BnS
         ZBfFMDhtxYEsPj9Xb1Ag7X40/oYnVB8yMDZCuPefaSe0u6wNlnW9YdVfnsqAHReU4B9M
         0Z4JXIEuzUiCVgbmLssiCOP04Yo1yiImZrNHdNDsAgQ1esNgt8S3BexWWFzZ2t1ebgNR
         ahK210b46oQTHmIcrZUaxCKyEnMQd6geVCYg1qxBzDDBpHcx2a1Y2vWFcVkriLFIV94W
         Rz1w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=RTscaBsv;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 5si6643214pgi.135.2018.04.23.10.44.03;
        Mon, 23 Apr 2018 10:44:18 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=RTscaBsv;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932313AbeDWRmb (ORCPT <rfc822;414256we@gmail.com> + 99 others);
        Mon, 23 Apr 2018 13:42:31 -0400
Received: from userp2130.oracle.com ([156.151.31.86]:34270 "EHLO
        userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932104AbeDWRm0 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 23 Apr 2018 13:42:26 -0400
Received: from pps.filterd (userp2130.oracle.com [127.0.0.1])
        by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w3NHf4A3143683;
        Mon, 23 Apr 2018 17:42:01 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : cc :
 references : from : message-id : date : mime-version : in-reply-to :
 content-type : content-transfer-encoding; s=corp-2017-10-26;
 bh=iInZ4/RCagSKjs95aq+nL8BviEuKANf+5XYdKBX+3c4=;
 b=RTscaBsvSfb+sBgjBZPYOIy3RDKTKgNoiCTqDphwXrpeha436iRSeEGCAwPBaNMmOia6
 WJRUjwlfnM+svVUy2NymCCRcwtm+O1y4LN2QLh/Pm85HoodRx3HHTNaRLQT8eLLG8R3T
 7j4OKcF4i8SpH42YEqFTmgfrehIE+axpUPn6WOcUqH8dI+nRfd0QzJmirNLmOnriLqkn
 K0j3zT/SgCnzC4GLKvNLdtZudZ2dTUiTicWpC4Q89X4/y9lFjdv8iGlWMYc9wNRx6ReB
 XgU5pGT+DJVYpP0t/2FnYnekbLDtxKQIT9sSoqajs/7Bo7z3/36GustqFJSk6+z6YXxE aA== 
Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234])
        by userp2130.oracle.com with ESMTP id 2hfvrbpjpm-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Mon, 23 Apr 2018 17:42:00 +0000
Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75])
        by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w3NHfwmt016824
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Mon, 23 Apr 2018 17:41:59 GMT
Received: from abhmp0004.oracle.com (abhmp0004.oracle.com [141.146.116.10])
        by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w3NHfv1f013220;
        Mon, 23 Apr 2018 17:41:58 GMT
Received: from [10.132.92.135] (/10.132.92.135)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Mon, 23 Apr 2018 10:41:57 -0700
Subject: Re: [PATCH RFC v5] pidns: introduce syscall translate_pid
To:     Konstantin Khlebnikov <khlebnikov@yandex-team.ru>,
        "Eric W. Biederman" <ebiederm@xmission.com>
Cc:     linux-api@vger.kernel.org, linux-kernel@vger.kernel.org,
        Jann Horn <jannh@google.com>,
        Serge Hallyn <serge.hallyn@ubuntu.com>,
        Oleg Nesterov <oleg@redhat.com>,
        Andy Lutomirski <luto@amacapital.net>,
        Prakash Sangappa <prakash.sangappa@oracle.com>,
        Andrew Morton <akpm@linux-foundation.org>
References: <152286911105.615669.14053871624892399807.stgit@buzz>
 <ba7b704f-1fc4-a08d-e7cf-2766160bd419@oracle.com>
 <87h8oqhagl.fsf@xmission.com>
 <112c7cac-1982-3a2e-ffc0-878bc5ae4bb6@yandex-team.ru>
From:   Nagarathnam Muthusamy <nagarathnam.muthusamy@oracle.com>
Message-ID: <e1402871-77a5-6a0f-a75c-ccad77b93f49@oracle.com>
Date:   Mon, 23 Apr 2018 10:37:02 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.2
MIME-Version: 1.0
In-Reply-To: <112c7cac-1982-3a2e-ffc0-878bc5ae4bb6@yandex-team.ru>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8872 signatures=668698
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=17 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1804230177
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 04/05/2018 12:02 AM, Konstantin Khlebnikov wrote:
> On 05.04.2018 01:29, Eric W. Biederman wrote:
>> Nagarathnam Muthusamy <nagarathnam.muthusamy@oracle.com> writes:
>>
>>> On 04/04/2018 12:11 PM, Konstantin Khlebnikov wrote:
>>>> Each process have different pids, one for each pid namespace it 
>>>> belongs.
>>>> When interaction happens within single pid-ns translation isn't 
>>>> required.
>>>> More complicated scenarios needs special handling.
>>>>
>>>> For example:
>>>> - reading pid-files or logs written inside container with pid 
>>>> namespace
>>>> - attaching with ptrace to tasks from different pid namespace
>>>> - passing pids across pid namespaces in any kind of API
>>>>
>>>> Currently there are several interfaces that could be used here:
>>>>
>>>> Pid namespaces are identified by inode number of /proc/[pid]/ns/pid.
>>
>> Using the inode number in interfaces is not an option. Especially not
>> withou referencing the device number for the filesystem as well.
>
> This is supposed to be single-instance fs,
> not part of proc but referenced but its magic "symlinks".
>
> Device numbers are not mentioned in "man namespaces".
>
>>
>>>> Pids for nested Pid namespaces are shown in file /proc/[pid]/status.
>>>> In some cases conversion pid -> vpid could be easily done using this
>>>> information, but backward translation requires scanning all tasks.
>>>>
>>>> Unix socket automatically translates pid attached to SCM_CREDENTIALS.
>>>> This requires CAP_SYS_ADMIN for sending arbitrary pids and entering
>>>> into pid namespace, this expose process and could be insecure.
>>>>
>>>> This patch adds new syscall for converting pids between pid 
>>>> namespaces:
>>>>
>>>> pid_t translate_pid(pid_t pid, int source_type, int source,
>>>>                                  int target_type, int target);
>>>>
>>>> @source_type and @target_type defines type of following arguments:
>>>>
>>>> TRANSLATE_PID_CURRENT_PIDNS  - current pid namespace, argument is 
>>>> unused
>>>> TRANSLATE_PID_TASK_PIDNS     - task pid-ns, argument is task pid
>>>
>>> I believe using pid to represent the namespace has been already
>>> discussed in V1 of this patch in https://lkml.org/lkml/2015/9/22/1087
>>> after which we moved on to fd based version of this interface.
>>
>> Or in short why is the case of pids important?
>>
>> You Konstantin you almost said why they were important in your message
>> saying you were going to send this one.  However you don't explain in
>> your description why you want to identify pid namespaces by pid.
>>
>
> Open of /proc/[pid]/ns/pid requires same permissions as ptrace,
> pid based variant doesn't have such restrictions.

Can you provide more information on usecase requiring PID translation 
but not used for tracing related purposes?
On a side note, can we have the types TRANSLATE_PID_CURRENT_PIDNS and 
TRANSLATE_PID_FD_PIDNS integrated first and then possibly extend the 
interface to include TRANSLATE_PID_TASK_PIDNS in future?

Thanks,
Nagarathnam.
> Most pid-based syscalls are racy in some cases but they are
> here for decades and everybody knowns how to deal with it.
> So, I've decided to merge both worlds in one interface which clearly 
> tells what to expect.