Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp1195763ybh; Mon, 13 Jul 2020 11:45:15 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwCeQ5DKQPRM09htuDyIbSQqWBA1XWjUTsnMZ33DkWm7s+pVGKQjsszN8tiOtj2Y0ypmZ3C X-Received: by 2002:aa7:c606:: with SMTP id h6mr724740edq.363.1594665915841; Mon, 13 Jul 2020 11:45:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594665915; cv=none; d=google.com; s=arc-20160816; b=MX7sxDrc2kOTts5UCbIfxZjsJC33xuZuG8aK/YSj5aQXiQYXYZT2PrEfLeZOQkLryQ UK+JT6xvSpkwF5mpgka9DKma+iAOB3GgNyB4YGIxBZSWOKA2/1l7CGsSFm5Yorf+GF6H ctyrXNo6m/joBmME9xeehcApL0TKaE+wnbeZfbZUdpw5N7NG6O5LcgIIFr6LsnQfavXE WKH78ICCVq9RRZ/9Mnyj1+WukhBldR99mpDs6wqtWFaTYXHJJXeN/33SBqMUzvxOFp5x L86CEIdVLl45n8oQIkHq//UkoLyRpvhRETX+ILeKNA/MdVDxtYVVghsCAJmmDHuUqvon CIKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:mime-version:user-agent :message-id:in-reply-to:date:references:cc:to:from; bh=wbM7rEvxLDKhosDj0Fj2E/MTBNPidAhB4ysoDNN9wMk=; b=FcJOiqYk/qhZn6zAF2tLl2XY4UPttXFAqiI/r+qThx+qGUZDl/qiw8DjbRkXLLGAB/ C6UvXxDNJU+XW+ysxISCVaqmqt9TNYjEA0T/wVyv9cG7agqBrkyvpE27cXzoRKy5rVyT Q4XijzEOcKFe1xbVOo76hGOOL7XeXaQCOi8LYUaqS9VrTNp098OOHKPZ93Oa7yhPnjDi E0g3RwaCjYU/5W9DqkbjdqiofSNYvdB/l/8WBDBoXMWONxI5xb0GXFVxSuKxd8ciNB3L iKf929KGEpArV9MHk58mNEWXAaY2/N6msdbSeCqSCN2Epox5E0jTmaEG480iBz6RqNKi crfg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p16si9883202ejj.708.2020.07.13.11.44.53; Mon, 13 Jul 2020 11:45:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726461AbgGMSmq (ORCPT + 99 others); Mon, 13 Jul 2020 14:42:46 -0400 Received: from out02.mta.xmission.com ([166.70.13.232]:49670 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726309AbgGMSmp (ORCPT ); Mon, 13 Jul 2020 14:42:45 -0400 Received: from in01.mta.xmission.com ([166.70.13.51]) by out02.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jv3PU-0007mD-OF; Mon, 13 Jul 2020 12:42:41 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in01.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from ) id 1jv3PR-0001ur-HK; Mon, 13 Jul 2020 12:42:40 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Matt Bennett Cc: "netdev\@vger.kernel.org" , "zbr\@ioremap.net" , "linux-kernel\@vger.kernel.org" , "containers\@lists.linux-foundation.org" References: <20200702002635.8169-1-matt.bennett@alliedtelesis.co.nz> <87k0zlspxs.fsf@x220.int.ebiederm.org> <94defa61204731d7dce37edeb98069c8647722c2.camel@alliedtelesis.co.nz> Date: Mon, 13 Jul 2020 13:39:48 -0500 In-Reply-To: <94defa61204731d7dce37edeb98069c8647722c2.camel@alliedtelesis.co.nz> (Matt Bennett's message of "Sun, 5 Jul 2020 22:31:25 +0000") Message-ID: <87lfjn9s3v.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1jv3PR-0001ur-HK;;;mid=<87lfjn9s3v.fsf@x220.int.ebiederm.org>;;;hst=in01.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1+bSAA2WjgwsAy+DqUrSJ23WR2oUHPLg1M= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa01.xmission.com X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,NO_DNS_FOR_FROM,T_TM2_M_HEADER_IN_MSG,XMNoVowels, XMSubLong,XM_B_SpammyTLD autolearn=disabled version=3.4.2 X-Spam-Virus: No X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.4361] * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.7 XMSubLong Long Subject * 0.0 NO_DNS_FOR_FROM DNS: Envelope sender has no MX or A DNS records * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa01 0; Body=1 Fuz1=1 Fuz2=1] * 1.0 XM_B_SpammyTLD Contains uncommon/spammy TLD X-Spam-DCC: ; sa01 0; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ***;Matt Bennett X-Spam-Relay-Country: X-Spam-Timing: total 2718 ms - load_scoreonly_sql: 0.04 (0.0%), signal_user_changed: 4.4 (0.2%), b_tie_ro: 3.0 (0.1%), parse: 1.07 (0.0%), extract_message_metadata: 12 (0.5%), get_uri_detail_list: 2.6 (0.1%), tests_pri_-1000: 2.6 (0.1%), tests_pri_-950: 1.10 (0.0%), tests_pri_-900: 0.83 (0.0%), tests_pri_-90: 94 (3.5%), check_bayes: 93 (3.4%), b_tokenize: 6 (0.2%), b_tok_get_all: 7 (0.3%), b_comp_prob: 2.0 (0.1%), b_tok_touch_all: 75 (2.8%), b_finish: 0.77 (0.0%), tests_pri_0: 2591 (95.3%), check_dkim_signature: 0.61 (0.0%), check_dkim_adsp: 2277 (83.8%), poll_dns_idle: 2267 (83.4%), tests_pri_10: 1.80 (0.1%), tests_pri_500: 6 (0.2%), rewrite_mail: 0.00 (0.0%) Subject: Re: [PATCH 0/5] RFC: connector: Add network namespace awareness X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Matt Bennett writes: > On Thu, 2020-07-02 at 13:59 -0500, Eric W. Biederman wrote: >> Matt Bennett writes: >> >> > Previously the connector functionality could only be used by processes running in the >> > default network namespace. This meant that any process that uses the connector functionality >> > could not operate correctly when run inside a container. This is a draft patch series that >> > attempts to now allow this functionality outside of the default network namespace. >> > >> > I see this has been discussed previously [1], but am not sure how my changes relate to all >> > of the topics discussed there and/or if there are any unintended side >> > effects from my draft >> >> In a quick skim this patchset does not look like it approaches a correct >> conversion to having code that works in multiple namespaces. >> >> I will take the changes to proc_id_connector for example. >> You report the values in the callers current namespaces. >> >> Which means an unprivileged user can create a user namespace and get >> connector to report whichever ids they want to users in another >> namespace. AKA lie. >> >> So this appears to make connector completely unreliable. >> >> Eric >> > > Hi Eric, > > Thank you for taking the time to review. I wrote these patches in an > attempt to show that I was willing to do the work myself rather than > simply asking for someone else to do it for me. The changes worked for > my use cases when I tested them, but I expected that some of the > changes would be incorrect and that I would need some guidance. I can > spend some time to really dig in and fully understand the changes I am > trying to make (I have limited kernel development experience) but > based on the rest of the discussion threads it seems that there is > likely no appetite to ever support namespaces with the connector. Good approach to this. My sense is that there are few enough uses of connector that if don't mind changing your code so that it works in a container (and the pidfd support appears to already provide what you need) that is probably the past of least resistance. I don't think it maintaining connector support would be much more work than it is now, if someone went through and did the work to carefully convert the code. So if someone really wants to use connector we can namespace the code. Otherwise it is probably makes sense to let the few users gradually stop using connector so the code can eventually be removed. Please checkout out the pidfd support and tell us how it meets your needs. If there is something that connector really does better it would be good to know. Thank you, Eric