Received: by 2002:a05:6512:e85:0:0:0:0 with SMTP id bi5csp3087939lfb;
        Tue, 28 Jun 2022 06:12:24 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1vfxiG1SXv2blRGXCNGAPKN9AYFY8KEHEDDilxzQPoEQlPFDomFNS+RJKYA68gAAxe31UE/
X-Received: by 2002:a17:902:b40a:b0:16a:bca:f591 with SMTP id x10-20020a170902b40a00b0016a0bcaf591mr4902502plr.23.1656421943903;
        Tue, 28 Jun 2022 06:12:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1656421943; cv=none;
        d=google.com; s=arc-20160816;
        b=NrdMNhFlDDIGdJfs/i5G5Io33iTae5XaaDkBEQPGKaPhdQ+kweh9kF5V6Z0yC871eq
         zjiQpWlFxhKfVnQ8UoL8xRuWM1Yst9w4DJaFCSniueSnRda5djt5USZ+ILj8IvhFseHY
         A+EfTEdaUbsTOxAz9Y0JPrl5pxvqIT9qNHWLNVfM5Ys/g3DDyh94JxsTGGX36qiKO9Va
         KKoEJozdcKaMTBQJdE2lSyf/GW8pV0P1B9FK6z6dNCwIAILEF6eBQb+dBSXWXBqjFUkh
         oViMX/TqkRWPOleOb5blRuqwHLdHgG4bD/O9tZvXNxQB8VmdxeyKbFt17slPWvqwulNz
         wzlg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=5iwZL9quTGFLOavbRb1zGiZu5kvPbJ/i5EZOMJi6/+0=;
        b=jzjZ/oVzm4qjnslqlbREFQFcpZPV6i/fj89M04TzCMySQllVXMeAeVLtTKFkivwEBc
         qOa9ladW6K5MGXWVn7M7XoaYJk20wDbTxBabxSfw1E5ono3zHcRqd5SlioonJUA8sgbW
         JRQmW24wKsm1Lx63zWWWnndtQyvtHsRCep9ioMZ39seqjRN7ARNiY0LNXr5C5V/f4LMG
         5EoNhRi98WG6m7OH8i0t57qjN1XqlepgPANZInSPxh41xFlTSIkXXD3uTBX6MKjDB1bm
         hMfesJmY7zcTfvkQQgaOwyMBDrbHJWAFthfi+P3VosxiR1CBssblttVFrjcacjm0mR81
         e2pQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UOX1eY+5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id nl16-20020a17090b385000b001eca754e4dcsi26032578pjb.176.2022.06.28.06.12.01;
        Tue, 28 Jun 2022 06:12:23 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UOX1eY+5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345682AbiF1MzW (ORCPT <rfc822;albert.barbe@gmail.com>
        + 99 others); Tue, 28 Jun 2022 08:55:22 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49122 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231280AbiF1MzT (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 28 Jun 2022 08:55:19 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 637B42ED5E;
        Tue, 28 Jun 2022 05:55:18 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id D456AB81DE1;
        Tue, 28 Jun 2022 12:55:16 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id DD07DC3411D;
        Tue, 28 Jun 2022 12:55:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1656420915;
        bh=tQujqJ2dDGzone4iADmZVZ+mvs4m2/QmZUrGkEGtgfI=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=UOX1eY+5f0N6raKqezyJA56+FYxr4aUuLksdjI00fHO1Q3JA3zAz+ehHANuZQM7lM
         Zb3aHZsTXiSksrrIudzTQFHHrSofEnqT27lWefPDIyGzDNy9d0wmeDduyZ8H0tVMF9
         2p+uDJXhmsnhQc0OEylqmUa812+xEsy5lFYqmQ9aq6leUrxf4nhaFag7Mhjft2qEUy
         aLOQZS0QZgIq0TemrAlBH/QWluK2qjW3CIFqXSu6O9Sc37dyfymXk7QLnEAMjn6oAw
         WBKKqsQquYqaGVFIx4tfu2kffVt0Wy4V4DHIXejRvZhBz0ehs+TUD1oAWiyI+qLMNS
         KpUeN5OtvYztg==
Date:   Tue, 28 Jun 2022 14:55:11 +0200
From:   Christian Brauner <brauner@kernel.org>
To:     Matthew Wilcox <willy@infradead.org>
Cc:     Brian Foster <bfoster@redhat.com>,
        Christoph Hellwig <hch@infradead.org>,
        linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
        ikent@redhat.com, onestero@redhat.com
Subject: Re: [PATCH 1/3] radix-tree: propagate all tags in idr tree
Message-ID: <20220628125511.s2frv6lw7zgyzou5@wittgenstein>
References: <20220614180949.102914-1-bfoster@redhat.com>
 <20220614180949.102914-2-bfoster@redhat.com>
 <Yqm+jmkDA+um2+hd@infradead.org>
 <YqnXVMtBkS2nbx70@bfoster>
 <YqnhW2CI1kbJ3NqR@casper.infradead.org>
 <YqnwFZxmiekL5ZOC@bfoster>
 <YqoJ+p83dLOcGfwX@casper.infradead.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <YqoJ+p83dLOcGfwX@casper.infradead.org>
X-Spam-Status: No, score=-7.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Jun 15, 2022 at 05:34:02PM +0100, Matthew Wilcox wrote:
> On Wed, Jun 15, 2022 at 10:43:33AM -0400, Brian Foster wrote:
> > Interesting, thanks. I'll have to dig more into this to grok the current
> > state of the radix-tree interface vs. the underlying data structure. If
> > I follow correctly, you're saying the radix-tree api is essentially
> > already a translation layer to the xarray these days, and we just need
> > to move legacy users off the radix-tree api so we can eventually kill it
> > off...
> 
> If only it were that easy ... the XArray has a whole bunch of debugging
> asserts to make sure the users are actually using it correctly, and a
> lot of radix tree users don't (they're probably not buggy, but they
> don't use the XArray's embedded lock).
> 
> Anyway, here's a first cut at converting the PID allocator from the IDR
> to the XArray API.  It boots, but I haven't tried to do anything tricky
> with PID namespaces or CRIU.

It'd be great to see that conversion done.
Fwiw, there's test cases for e.g. nested pid namespace creation with
specifically requested PIDs in

tools/selftests/clone3

and there's additional tests in

tools/selftests/pidfd

> 
> 
> diff --git a/fs/proc/loadavg.c b/fs/proc/loadavg.c
> index f32878d9a39f..cec85a07184a 100644
> --- a/fs/proc/loadavg.c
> +++ b/fs/proc/loadavg.c
> @@ -21,7 +21,7 @@ static int loadavg_proc_show(struct seq_file *m, void *v)
>  		LOAD_INT(avnrun[1]), LOAD_FRAC(avnrun[1]),
>  		LOAD_INT(avnrun[2]), LOAD_FRAC(avnrun[2]),
>  		nr_running(), nr_threads,
> -		idr_get_cursor(&task_active_pid_ns(current)->idr) - 1);
> +		task_active_pid_ns(current)->cursor - 1);
>  	return 0;
>  }
>  
> diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h
> index 07481bb87d4e..68aaaf78491b 100644
> --- a/include/linux/pid_namespace.h
> +++ b/include/linux/pid_namespace.h
> @@ -9,7 +9,7 @@
>  #include <linux/threads.h>
>  #include <linux/nsproxy.h>
>  #include <linux/ns_common.h>
> -#include <linux/idr.h>
> +#include <linux/xarray.h>
>  
>  /* MAX_PID_NS_LEVEL is needed for limiting size of 'struct pid' */
>  #define MAX_PID_NS_LEVEL 32
> @@ -17,8 +17,9 @@
>  struct fs_pin;
>  
>  struct pid_namespace {
> -	struct idr idr;
> +	struct xarray xa;
>  	struct rcu_head rcu;
> +	unsigned int cursor;
>  	unsigned int pid_allocated;
>  	struct task_struct *child_reaper;
>  	struct kmem_cache *pid_cachep;
> @@ -37,6 +38,20 @@ extern struct pid_namespace init_pid_ns;
>  
>  #define PIDNS_ADDING (1U << 31)
>  
> +/*
> + * Note: disable interrupts while the xarray lock is held as an
> + * interrupt might come in and do read_lock(&tasklist_lock).
> + *
> + * If we don't disable interrupts there is a nasty deadlock between
> + * detach_pid()->free_pid() and another cpu that locks the PIDs
> + * followed by an interrupt routine that does read_lock(&tasklist_lock);
> + *
> + * After we clean up the tasklist_lock and know there are no
> + * irq handlers that take it we can leave the interrupts enabled.
> + * For now it is easier to be safe than to prove it can't happen.
> + */
> +#define PID_XA_FLAGS	(XA_FLAGS_TRACK_FREE | XA_FLAGS_LOCK_IRQ)
> +
>  #ifdef CONFIG_PID_NS
>  static inline struct pid_namespace *get_pid_ns(struct pid_namespace *ns)
>  {
> @@ -84,7 +99,7 @@ static inline int reboot_pid_ns(struct pid_namespace *pid_ns, int cmd)
>  
>  extern struct pid_namespace *task_active_pid_ns(struct task_struct *tsk);
>  void pidhash_init(void);
> -void pid_idr_init(void);
> +void pid_init(void);
>  
>  static inline bool task_is_in_init_pid_ns(struct task_struct *tsk)
>  {
> diff --git a/include/linux/threads.h b/include/linux/threads.h
> index c34173e6c5f1..37e4391ee89f 100644
> --- a/include/linux/threads.h
> +++ b/include/linux/threads.h
> @@ -38,7 +38,7 @@
>   * Define a minimum number of pids per cpu.  Heuristically based
>   * on original pid max of 32k for 32 cpus.  Also, increase the
>   * minimum settable value for pid_max on the running system based
> - * on similar defaults.  See kernel/pid.c:pid_idr_init() for details.
> + * on similar defaults.  See kernel/pid.c:pid_init() for details.
>   */
>  #define PIDS_PER_CPU_DEFAULT	1024
>  #define PIDS_PER_CPU_MIN	8
> diff --git a/init/main.c b/init/main.c
> index 0ee39cdcfcac..3944dcd10c09 100644
> --- a/init/main.c
> +++ b/init/main.c
> @@ -73,7 +73,6 @@
>  #include <linux/sched.h>
>  #include <linux/sched/init.h>
>  #include <linux/signal.h>
> -#include <linux/idr.h>
>  #include <linux/kgdb.h>
>  #include <linux/ftrace.h>
>  #include <linux/async.h>
> @@ -1100,7 +1099,7 @@ asmlinkage __visible void __init __no_sanitize_address start_kernel(void)
>  		late_time_init();
>  	sched_clock_init();
>  	calibrate_delay();
> -	pid_idr_init();
> +	pid_init();
>  	anon_vma_init();
>  #ifdef CONFIG_X86
>  	if (efi_enabled(EFI_RUNTIME_SERVICES))
> diff --git a/kernel/pid.c b/kernel/pid.c
> index 2fc0a16ec77b..de0b4614bdb8 100644
> --- a/kernel/pid.c
> +++ b/kernel/pid.c
> @@ -41,7 +41,7 @@
>  #include <linux/anon_inodes.h>
>  #include <linux/sched/signal.h>
>  #include <linux/sched/task.h>
> -#include <linux/idr.h>
> +#include <linux/xarray.h>
>  #include <net/sock.h>
>  #include <uapi/linux/pidfd.h>
>  
> @@ -66,15 +66,10 @@ int pid_max = PID_MAX_DEFAULT;
>  int pid_max_min = RESERVED_PIDS + 1;
>  int pid_max_max = PID_MAX_LIMIT;
>  
> -/*
> - * PID-map pages start out as NULL, they get allocated upon
> - * first use and are never deallocated. This way a low pid_max
> - * value does not cause lots of bitmaps to be allocated, but
> - * the scheme scales to up to 4 million PIDs, runtime.
> - */
>  struct pid_namespace init_pid_ns = {
>  	.ns.count = REFCOUNT_INIT(2),
> -	.idr = IDR_INIT(init_pid_ns.idr),
> +	.xa = XARRAY_INIT(init_pid_ns.xa, PID_XA_FLAGS),
> +	.cursor = 1,
>  	.pid_allocated = PIDNS_ADDING,
>  	.level = 0,
>  	.child_reaper = &init_task,
> @@ -86,22 +81,6 @@ struct pid_namespace init_pid_ns = {
>  };
>  EXPORT_SYMBOL_GPL(init_pid_ns);
>  
> -/*
> - * Note: disable interrupts while the pidmap_lock is held as an
> - * interrupt might come in and do read_lock(&tasklist_lock).
> - *
> - * If we don't disable interrupts there is a nasty deadlock between
> - * detach_pid()->free_pid() and another cpu that does
> - * spin_lock(&pidmap_lock) followed by an interrupt routine that does
> - * read_lock(&tasklist_lock);
> - *
> - * After we clean up the tasklist_lock and know there are no
> - * irq handlers that take it we can leave the interrupts enabled.
> - * For now it is easier to be safe than to prove it can't happen.
> - */
> -
> -static  __cacheline_aligned_in_smp DEFINE_SPINLOCK(pidmap_lock);
> -
>  void put_pid(struct pid *pid)
>  {
>  	struct pid_namespace *ns;
> @@ -129,10 +108,11 @@ void free_pid(struct pid *pid)
>  	int i;
>  	unsigned long flags;
>  
> -	spin_lock_irqsave(&pidmap_lock, flags);
>  	for (i = 0; i <= pid->level; i++) {
>  		struct upid *upid = pid->numbers + i;
>  		struct pid_namespace *ns = upid->ns;
> +
> +		xa_lock_irqsave(&ns->xa, flags);
>  		switch (--ns->pid_allocated) {
>  		case 2:
>  		case 1:
> @@ -149,9 +129,9 @@ void free_pid(struct pid *pid)
>  			break;
>  		}
>  
> -		idr_remove(&ns->idr, upid->nr);
> +		__xa_erase(&ns->xa, upid->nr);
> +		xa_unlock_irqrestore(&ns->xa, flags);
>  	}
> -	spin_unlock_irqrestore(&pidmap_lock, flags);
>  
>  	call_rcu(&pid->rcu, delayed_put_pid);
>  }
> @@ -161,7 +141,7 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
>  {
>  	struct pid *pid;
>  	enum pid_type type;
> -	int i, nr;
> +	int i;
>  	struct pid_namespace *tmp;
>  	struct upid *upid;
>  	int retval = -ENOMEM;
> @@ -205,43 +185,42 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
>  			set_tid_size--;
>  		}
>  
> -		idr_preload(GFP_KERNEL);
> -		spin_lock_irq(&pidmap_lock);
> -
>  		if (tid) {
> -			nr = idr_alloc(&tmp->idr, NULL, tid,
> -				       tid + 1, GFP_ATOMIC);
> +			retval = xa_insert_irq(&tmp->xa, tid, NULL, GFP_KERNEL);
> +
>  			/*
> -			 * If ENOSPC is returned it means that the PID is
> +			 * If EBUSY is returned it means that the PID is
>  			 * alreay in use. Return EEXIST in that case.
>  			 */
> -			if (nr == -ENOSPC)
> -				nr = -EEXIST;
> +			if (retval == -EBUSY)
> +				retval = -EEXIST;
>  		} else {
>  			int pid_min = 1;
> +
> +			xa_lock_irq(&tmp->xa);
>  			/*
>  			 * init really needs pid 1, but after reaching the
>  			 * maximum wrap back to RESERVED_PIDS
>  			 */
> -			if (idr_get_cursor(&tmp->idr) > RESERVED_PIDS)
> +			if (tmp->cursor > RESERVED_PIDS)
>  				pid_min = RESERVED_PIDS;
>  
>  			/*
>  			 * Store a null pointer so find_pid_ns does not find
>  			 * a partially initialized PID (see below).
>  			 */
> -			nr = idr_alloc_cyclic(&tmp->idr, NULL, pid_min,
> -					      pid_max, GFP_ATOMIC);
> +			retval = __xa_alloc_cyclic(&tmp->xa, &tid, NULL,
> +					XA_LIMIT(pid_min, pid_max),
> +					&tmp->cursor, GFP_KERNEL);
> +			xa_unlock_irq(&tmp->xa);
> +			if (retval == -EBUSY)
> +				retval = -EAGAIN;
>  		}
> -		spin_unlock_irq(&pidmap_lock);
> -		idr_preload_end();
>  
> -		if (nr < 0) {
> -			retval = (nr == -ENOSPC) ? -EAGAIN : nr;
> +		if (retval < 0)
>  			goto out_free;
> -		}
>  
> -		pid->numbers[i].nr = nr;
> +		pid->numbers[i].nr = tid;
>  		pid->numbers[i].ns = tmp;
>  		tmp = tmp->parent;
>  	}
> @@ -266,34 +245,35 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
>  	INIT_HLIST_HEAD(&pid->inodes);
>  
>  	upid = pid->numbers + ns->level;
> -	spin_lock_irq(&pidmap_lock);
> +	xa_lock_irq(&ns->xa);
>  	if (!(ns->pid_allocated & PIDNS_ADDING))
>  		goto out_unlock;
>  	for ( ; upid >= pid->numbers; --upid) {
>  		/* Make the PID visible to find_pid_ns. */
> -		idr_replace(&upid->ns->idr, pid, upid->nr);
> +		if (upid->ns != ns)
> +			xa_lock_irq(&ns->xa);
> +		__xa_store(&upid->ns->xa, upid->nr, pid, 0);
>  		upid->ns->pid_allocated++;
> +		xa_unlock_irq(&ns->xa);
>  	}
> -	spin_unlock_irq(&pidmap_lock);
>  
>  	return pid;
>  
>  out_unlock:
> -	spin_unlock_irq(&pidmap_lock);
> +	xa_unlock_irq(&ns->xa);
>  	put_pid_ns(ns);
>  
>  out_free:
> -	spin_lock_irq(&pidmap_lock);
>  	while (++i <= ns->level) {
>  		upid = pid->numbers + i;
> -		idr_remove(&upid->ns->idr, upid->nr);
> +		xa_erase_irq(&upid->ns->xa, upid->nr);
>  	}
>  
> +	xa_lock_irq(&ns->xa);
>  	/* On failure to allocate the first pid, reset the state */
>  	if (ns->pid_allocated == PIDNS_ADDING)
> -		idr_set_cursor(&ns->idr, 0);
> -
> -	spin_unlock_irq(&pidmap_lock);
> +		ns->cursor = 0;
> +	xa_unlock_irq(&ns->xa);
>  
>  	kmem_cache_free(ns->pid_cachep, pid);
>  	return ERR_PTR(retval);
> @@ -301,14 +281,14 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
>  
>  void disable_pid_allocation(struct pid_namespace *ns)
>  {
> -	spin_lock_irq(&pidmap_lock);
> +	xa_lock_irq(&ns->xa);
>  	ns->pid_allocated &= ~PIDNS_ADDING;
> -	spin_unlock_irq(&pidmap_lock);
> +	xa_unlock_irq(&ns->xa);
>  }
>  
>  struct pid *find_pid_ns(int nr, struct pid_namespace *ns)
>  {
> -	return idr_find(&ns->idr, nr);
> +	return xa_load(&ns->xa, nr);
>  }
>  EXPORT_SYMBOL_GPL(find_pid_ns);
>  
> @@ -517,7 +497,9 @@ EXPORT_SYMBOL_GPL(task_active_pid_ns);
>   */
>  struct pid *find_ge_pid(int nr, struct pid_namespace *ns)
>  {
> -	return idr_get_next(&ns->idr, &nr);
> +	unsigned long index = nr;
> +
> +	return xa_find(&ns->xa, &index, ULONG_MAX, XA_PRESENT);
>  }
>  
>  struct pid *pidfd_get_pid(unsigned int fd, unsigned int *flags)
> @@ -646,7 +628,7 @@ SYSCALL_DEFINE2(pidfd_open, pid_t, pid, unsigned int, flags)
>  	return fd;
>  }
>  
> -void __init pid_idr_init(void)
> +void __init pid_init(void)
>  {
>  	/* Verify no one has done anything silly: */
>  	BUILD_BUG_ON(PID_MAX_LIMIT >= PIDNS_ADDING);
> @@ -658,8 +640,6 @@ void __init pid_idr_init(void)
>  				PIDS_PER_CPU_MIN * num_possible_cpus());
>  	pr_info("pid_max: default: %u minimum: %u\n", pid_max, pid_max_min);
>  
> -	idr_init(&init_pid_ns.idr);
> -
>  	init_pid_ns.pid_cachep = KMEM_CACHE(pid,
>  			SLAB_HWCACHE_ALIGN | SLAB_PANIC | SLAB_ACCOUNT);
>  }
> diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
> index f4f8cb0435b4..947e25fb8546 100644
> --- a/kernel/pid_namespace.c
> +++ b/kernel/pid_namespace.c
> @@ -22,7 +22,7 @@
>  #include <linux/export.h>
>  #include <linux/sched/task.h>
>  #include <linux/sched/signal.h>
> -#include <linux/idr.h>
> +#include <linux/xarray.h>
>  
>  static DEFINE_MUTEX(pid_caches_mutex);
>  static struct kmem_cache *pid_ns_cachep;
> @@ -92,15 +92,15 @@ static struct pid_namespace *create_pid_namespace(struct user_namespace *user_ns
>  	if (ns == NULL)
>  		goto out_dec;
>  
> -	idr_init(&ns->idr);
> +	xa_init_flags(&ns->xa, PID_XA_FLAGS);
>  
>  	ns->pid_cachep = create_pid_cachep(level);
>  	if (ns->pid_cachep == NULL)
> -		goto out_free_idr;
> +		goto out_free_xa;
>  
>  	err = ns_alloc_inum(&ns->ns);
>  	if (err)
> -		goto out_free_idr;
> +		goto out_free_xa;
>  	ns->ns.ops = &pidns_operations;
>  
>  	refcount_set(&ns->ns.count, 1);
> @@ -112,8 +112,8 @@ static struct pid_namespace *create_pid_namespace(struct user_namespace *user_ns
>  
>  	return ns;
>  
> -out_free_idr:
> -	idr_destroy(&ns->idr);
> +out_free_xa:
> +	xa_destroy(&ns->xa);
>  	kmem_cache_free(pid_ns_cachep, ns);
>  out_dec:
>  	dec_pid_namespaces(ucounts);
> @@ -135,7 +135,7 @@ static void destroy_pid_namespace(struct pid_namespace *ns)
>  {
>  	ns_free_inum(&ns->ns);
>  
> -	idr_destroy(&ns->idr);
> +	xa_destroy(&ns->xa);
>  	call_rcu(&ns->rcu, delayed_free_pidns);
>  }
>  
> @@ -165,7 +165,7 @@ EXPORT_SYMBOL_GPL(put_pid_ns);
>  
>  void zap_pid_ns_processes(struct pid_namespace *pid_ns)
>  {
> -	int nr;
> +	long nr;
>  	int rc;
>  	struct task_struct *task, *me = current;
>  	int init_pids = thread_group_leader(me) ? 1 : 2;
> @@ -198,8 +198,7 @@ void zap_pid_ns_processes(struct pid_namespace *pid_ns)
>  	 */
>  	rcu_read_lock();
>  	read_lock(&tasklist_lock);
> -	nr = 2;
> -	idr_for_each_entry_continue(&pid_ns->idr, pid, nr) {
> +	xa_for_each_range(&pid_ns->xa, nr, pid, 2, ULONG_MAX) {
>  		task = pid_task(pid, PIDTYPE_PID);
>  		if (task && !__fatal_signal_pending(task))
>  			group_send_sig_info(SIGKILL, SEND_SIG_PRIV, task, PIDTYPE_MAX);
> @@ -272,12 +271,12 @@ static int pid_ns_ctl_handler(struct ctl_table *table, int write,
>  	 * it should synchronize its usage with external means.
>  	 */
>  
> -	next = idr_get_cursor(&pid_ns->idr) - 1;
> +	next = pid_ns->cursor - 1;
>  
>  	tmp.data = &next;
>  	ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
>  	if (!ret && write)
> -		idr_set_cursor(&pid_ns->idr, next + 1);
> +		pid_ns->cursor = next + 1;
>  
>  	return ret;
>  }