Re: [RFC]Pid conversion between pid namespace
From: Hu Tao
Date: Mon Jul 28 2014 - 04:16:58 EST
Hi,
On Fri, Jul 25, 2014 at 05:34:43PM +0000, Serge Hallyn wrote:
> Quoting chenhanxiao@xxxxxxxxxxxxxx (chenhanxiao@xxxxxxxxxxxxxx):
> > Hi,
> >
> > > -----Original Message-----
> > > From: Serge Hallyn [mailto:serge.hallyn@xxxxxxxxxx]
> > > Sent: Tuesday, July 15, 2014 12:16 PM
> > > To: Chen, Hanxiao/é æé
> > > Subject: Re: [RFC]Pid conversion between pid namespace
> > > > A-2) syscall pid_t getnspid(pid_t query_pid, pid_t observer_pid)
> > > > pros:
> > > > - ns procfs free, easy to use.
> > > > We could get rid of mounted ns procfs.
> > > >
> > > > cons:
> > > > - may find multiple results in nested ns.
> > > > We wished the new API could tell us the exact answer.
> > > > But if getnspid return more than one results will bring trouble to admins,
> > >
> > > (See below for more, but) the question being posed to getnspid has precisely
> > > one answer.
> > >
> > > > they had to make another decision.
> > > > Or we marked the deepest level for translation as prerequisite.
> > > >
> > > > -based on current pidns, no reference ns.
> > >
> > > Hm, no. The intent here was that
> > >
> > > observer_pid would be in current ns
> > > query_pid would be in observer_pid's ns.
> > >
> > > So this would be ideal for "I got a pid in a logfile created by rsyslog in
> > > a nested contaner, what is the logged pid in my pidns."
> > >
> > > Taking a set of tasks (like a container with nesting) and bulding a tree
> > > of all pids shouldn't be too difficult either. Start with the init pid,
> > > call getnspid($pid, $init_pid) for every $pid in the container; to figure
> > > out whether any $pid is itself a nested init_pid, we can compare the
> > > /proc/$$/ns/pid, as well as look at getnspid($pid, $pid).
> > I'm a little confused in this section:
> >
> > Ex:
> > init_pid_ns ns1 ns2
> > t1 2
> > t2 `- 3 1
> > t3 `- 4 `- 5 1
> > t4 `-6 `-8 `-9
> > t5 `-10 `-9 `-10
> >
> > For getnspid($pid, $init_pid),
> > Does init_pid means container's init_pid such as 3 for t2?
>
> Right, if you're in init_pid_ns and making the query, then
> you'd pass 3.
Sorry for jumping in, but I'm not quite understanding the purpose of
$init_pid here, does it identify the ns which the process to be
queried is in? Also see my questions below:
1. Given the example above, what's the return of getnspid(9, 3)?
Is it 6(task t4) or 10(task t5)?
2. if there is a process in ns1 which is a child of process 1 has pid
10, but not in ns2, like below:
init_pid_ns ns1 ns2
t1 2
t2 `- 3 1
t3 `- 4 +- 5 1
t4 `-6 | `-8 `-9
t5 `-10 | `-9 `-10
t6 `-11 `-10
then what is the return of getnspid(10, 3)?
Regards,
Hu
>
>
> > In nested containers, does this syscall work as:
> > getnspid(9, 4) -> (6, 8, 9)
>
> No, assuming the querying task is in init_pid_ns,
> getnspid(9, 4) would return 6.
>
> 4 is the observer pid given in the querier's own pidns, so
> it refers to t3. 9 is the pid being queried, in the oberver's
> pidns, so it revers to t4. The result is, the pid in our own
> pidns.
>
> Does that help clarify at all? I'm not sure whether the problem is that
> I didn't explain well enough from the start, or whether this just shows
> that the API is one only its mother could love :)
>
> -serge
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/