Re: [PATCH -mm 1/5] New system call, unshare

From: JANAK DESAI
Date: Fri Dec 09 2005 - 09:15:20 EST


Al Viro wrote:

On Fri, Dec 09, 2005 at 11:55:02AM +0100, Ingo Molnar wrote:


* JANAK DESAI <janak@xxxxxxxxxx> wrote:



[PATCH -mm 1/5] unshare system call: System call handler function sys_unshare


+ if (unshare_flags & ~(CLONE_NEWNS | CLONE_VM))
+ goto errout;


just curious, did you consider all the other CLONE_* flags as well, to see whether it makes sense to add unshare support for them?



IMO the right thing to do is
* accept *all* flags from the very beginning
* check constraints ("CLONE_NEWNS must be accompanied by CLONE_FS")
and either -EINVAL if they are not satisfied or silently force them.
* for each unimplemented flag check if we corresponding thing
is shared; -EINVAL otherwise.

Then for each flag we care to implement we should replace such check with
actual unsharing - a patch per flag.

CLONE_FS and CLONE_FILES are *definitely* worth implementing and are
trivial to implement. The only thing we must take care of is doing
all replacements under task_lock, without dropping it between updates.



Ok, thanks. I will restructure code and reorganize patches accordingly and post
updated patches.

To answer Ingo's question, we did look at other flags when I started. However,
I wanted to keep the system call simple enough, with atleast namespace unsharing,
so it would get accepted. In the original discussion on fsdevel, unsharing of vm
was mentioned as useful so I added that in addition to namespace unsharing.

I would say that CLONE_SIGHAND is also an obvious candidate for adding.


I did have signal handler unsharing in one of the earlier incarnation of the patch,
however Chris Wright alerted me (on IRC) to a possible problem with posix
real time signals if we allow unsharing of signal handlers. He pointed me to the
way send_sigqueue is stashing sighand lock for later use and since timers are
flushed on exec and exit, it may lead to an oops. Since my primary interest was
in namespace unsharing, I disallowed unsharing of signal handler. I will take a
look at it more detail and come back with specific issues with sighand
unsharing.

Thanks.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/





-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/