Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp65863img; Tue, 19 Mar 2019 15:51:52 -0700 (PDT) X-Google-Smtp-Source: APXvYqxWxZU55P20Qi2W6W02/jkTiqxiFT4dAb/6PcSK3coVArGbC51xGM/i5Zy4reNzieg74pXx X-Received: by 2002:a63:234c:: with SMTP id u12mr4194980pgm.282.1553035912219; Tue, 19 Mar 2019 15:51:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553035912; cv=none; d=google.com; s=arc-20160816; b=c7+1zi0qVfl6U6KknDfH1WvgeuaJ2r7xdZ48yo70gaSorPY6lyMHHwSrEwxPz6MVQJ cHX2Z9xeqbKX99/K0joac1IWWmXz9X+3Sef5csXJaqShhX9jo0hGU4uJzVrd9HXIXfhz 7Cq5D+NWddROdT6qtL+yEQW2NKuZc1k9yxIpd9BEtdXtJ1fsQL6LrkcvisnMVgNRLS1l Hdr0S2MNwt2mCnlUt5fPeHXpyIeoIeMJxgzuqRhgm8fpzYZhj1g0OovAIpfWC+ZeM28S m0WXh3TTsztP4cmOM3VD/EKBkUIxYBgqLgBej/vhrxU/1Q9bF2x9/CDP/0iFOejacvys HzKw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=kHoY8TN2HUglNxwi9kbbGsh1LU7fNFZrbK3QOWSNrNQ=; b=uJM33jQxVoFoCwQW6nVB0/xANWDiRv+l5rdhoEEHDC9ZVaVv9vawLZF+2zplSeJrPh zR7YrNOVxL+fWjJVPiJaHcgWYiSyODHS5HP7O0baN3/OWCao90cv+iVqqzmgh7BK+Atl /ZRYnM9qvcxI8jHfOxmzANKWXd/yf87xmMgXVL8nMSnNzNAwhPTqRq309s7xfsijEbZ6 lYQp+a/1S9X60XibsRPN1vvA0ttohRPhAKf+ScRXQsNkS3uFUPVkJLrgr3vAXfa6gxGa a8iA6Tqfz7DS2Ip0ltfU8UecVLwIHznwpNyWZ9Vz7aAw3vg/Pn38HdrWzsnD2l2gOxxh YSrQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=dXOAHtaL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m6si223302pls.436.2019.03.19.15.51.36; Tue, 19 Mar 2019 15:51:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=dXOAHtaL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727210AbfCSWsq (ORCPT + 99 others); Tue, 19 Mar 2019 18:48:46 -0400 Received: from mail-ot1-f68.google.com ([209.85.210.68]:34155 "EHLO mail-ot1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727062AbfCSWsq (ORCPT ); Tue, 19 Mar 2019 18:48:46 -0400 Received: by mail-ot1-f68.google.com with SMTP id r19so400387otn.1 for ; Tue, 19 Mar 2019 15:48:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kHoY8TN2HUglNxwi9kbbGsh1LU7fNFZrbK3QOWSNrNQ=; b=dXOAHtaLyAAKZZYbIxk4SbvSXyCU/R/ODaSkkiZfM3dwxfiOqIZfzEAL48Kg8HXvJP CWNRkNCPM44f4bqZWJRNAz7uJPp5Tx2BbpKVFqaosLNgvn6WNNsfbP15scVYvzeXTihU s2lbLxLPq+atVU0oh89E1PGL2uKwxBvyWwSMsI4Nzc3xzvhKBB7NKa1tS22Zgdh/kClu +EKsubDaF3ydG09XXd4RksT4fDkndjixnM3gY9PKP2MkKeTTpEiMmCf9QbCcHWrDtCR4 FjEY5/zE6Db3asU8M2luProQu157iJTe4zdBJuK/MuQjHG1fUytuiD/dy8knlCx8PS6c Ltwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kHoY8TN2HUglNxwi9kbbGsh1LU7fNFZrbK3QOWSNrNQ=; b=aMD93Ar88pfPxYHOl5IwH0MZ+2DZj97PG4/3QMUTxs2zGpFC1b0ZyjwA6qlbvaDAsy 98BTEtQxilm27zCYCdLkvaO5hvotA4dGdU+OBvduHdlrbH4zv5264R0Ii4k7SDo4olTa BNPP3cbydCcNCYJWez5HlF+fvCZAaAo04BuesyQ3u2UCDcMoqaO+yUhFR3Y9p4ARu7Kl L0Wg+d/5Jh87zCEJJbGhumkT1EHwM2kYtQQX9MR9uVito8PlLOjYWUmxNCtF2hnFkWXw 3hasvnguWiZ5bsjevOiBpYcK55s3HSBYK6/GIW++IG/UE5mkqSOZXI9T53a7XrzDedGV Deuw== X-Gm-Message-State: APjAAAUm+Bdjlr4lXjImPe8xWtPQypaJ207P0bXMX2sgT9LVjZtmNQg/ oGT9S9Bwd4DOS4tggmkvY8mdq0XI4X8Litw8i9S9sw== X-Received: by 2002:a9d:e8f:: with SMTP id 15mr780158otj.148.1553035724810; Tue, 19 Mar 2019 15:48:44 -0700 (PDT) MIME-Version: 1.0 References: <20190315184903.GB248160@google.com> <20190316185726.jc53aqq5ph65ojpk@brauner.io> <20190317015306.GA167393@google.com> <20190317114238.ab6tvvovpkpozld5@brauner.io> <20190318002949.mqknisgt7cmjmt7n@brauner.io> <20190318235052.GA65315@google.com> <20190319221415.baov7x6zoz7hvsno@brauner.io> In-Reply-To: <20190319221415.baov7x6zoz7hvsno@brauner.io> From: Daniel Colascione Date: Tue, 19 Mar 2019 15:48:32 -0700 Message-ID: Subject: Re: [RFC] simple_lmk: Introduce Simple Low Memory Killer for Android To: Christian Brauner Cc: Joel Fernandes , Suren Baghdasaryan , Steven Rostedt , Sultan Alsawaf , Tim Murray , Michal Hocko , Greg Kroah-Hartman , =?UTF-8?B?QXJ2ZSBIasO4bm5ldsOlZw==?= , Todd Kjos , Martijn Coenen , Ingo Molnar , Peter Zijlstra , LKML , "open list:ANDROID DRIVERS" , linux-mm , kernel-team , Oleg Nesterov , Andy Lutomirski , "Serge E. Hallyn" , Kees Cook Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Mar 19, 2019 at 3:14 PM Christian Brauner wrote: > So I dislike the idea of allocating new inodes from the procfs super > block. I would like to avoid pinning the whole pidfd concept exclusively > to proc. The idea is that the pidfd API will be useable through procfs > via open("/proc/") because that is what users expect and really > wanted to have for a long time. So it makes sense to have this working. > But it should really be useable without it. That's why translate_pid() > and pidfd_clone() are on the table. What I'm saying is, once the pidfd > api is "complete" you should be able to set CONFIG_PROCFS=N - even > though that's crazy - and still be able to use pidfds. This is also a > point akpm asked about when I did the pidfd_send_signal work. I agree that you shouldn't need CONFIG_PROCFS=Y to use pidfds. One crazy idea that I was discussing with Joel the other day is to just make CONFIG_PROCFS=Y mandatory and provide a new get_procfs_root() system call that returned, out of thin air and independent of the mount table, a procfs root directory file descriptor for the caller's PID namspace and suitable for use with openat(2). C'mon: /proc is used by everyone today and almost every program breaks if it's not around. The string "/proc" is already de facto kernel ABI. Let's just drop the pretense of /proc being optional and bake it into the kernel proper, then give programs a way to get to /proc that isn't tied to any particular mount configuration. This way, we don't need a translate_pid(), since callers can just use procfs to do the same thing. (That is, if I understand correctly what translate_pid does.) We still need a pidfd_clone() for atomicity reasons, but that's a separate story. My goal is to be able to write a library that transparently creates and manages a helper child process even in a "hostile" process environment in which some other uncoordinated thread is constantly doing a waitpid(-1) (e.g., the JVM). > So instead of going throught proc we should probably do what David has > been doing in the mount API and come to rely on anone_inode. So > something like: > > fd = anon_inode_getfd("pidfd", &pidfd_fops, file_priv_data, flags); > > and stash information such as pid namespace etc. in a pidfd struct or > something that we then can stash file->private_data of the new file. > This also lets us avoid all this open coding done here. > Another advantage is that anon_inodes is its own kernel-internal > filesystem. Sure. That works too.