From: Kirill Tkhai <ktkhai@virtuozzo.com>
To: Andrei Vagin <avagin@gmail.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
viro@zeniv.linux.org.uk, adobriyan@gmail.com,
davem@davemloft.net, akpm@linux-foundation.org,
christian.brauner@ubuntu.com, areber@redhat.com,
serge@hallyn.com, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Subject: Re: [PATCH 00/23] proc: Introduce /proc/namespaces/ directory to expose namespaces lineary
Date: Tue, 4 Aug 2020 17:47:23 +0300
Message-ID: <5f040969-b3b6-8174-7f8e-c8f9db6b80ea@virtuozzo.com> (raw)
In-Reply-To: <20200804054313.GA100819@gmail.com>
On 04.08.2020 08:43, Andrei Vagin wrote:
> On Thu, Jul 30, 2020 at 06:01:20PM +0300, Kirill Tkhai wrote:
>> On 30.07.2020 17:34, Eric W. Biederman wrote:
>>> Kirill Tkhai <ktkhai@virtuozzo.com> writes:
>>>
>>>> Currently, there is no a way to list or iterate all or subset of namespaces
>>>> in the system. Some namespaces are exposed in /proc/[pid]/ns/ directories,
>>>> but some also may be as open files, which are not attached to a process.
>>>> When a namespace open fd is sent over unix socket and then closed, it is
>>>> impossible to know whether the namespace exists or not.
>>>>
>>>> Also, even if namespace is exposed as attached to a process or as open file,
>>>> iteration over /proc/*/ns/* or /proc/*/fd/* namespaces is not fast, because
>>>> this multiplies at tasks and fds number.
>
> Could you describe with more details when you need to iterate
> namespaces?
>
> There are three ways to hold namespaces.
>
> * processes
> * bind-mounts
> * file descriptors
>
> When CRIU dumps a container, it enumirates all processes, collects file
> descriptors and mounts. This means that we will be able to collect all
> namespaces, doesn't it?
1)It's not only for CRIU. No one util can read content of another task unix socket like CRIU does.
Sometimes we may just want to see all mount namespaces to found a mount, which owns a reference on
a device.
2)In case of CRIU, recursive dump (when you iterate unix socket content, then you find another
namespace and iterate another unix socket content, then you find one more namespace) is less
effective and less fast, then dumping different types sequentially: first namespaces, second fds, etc.
3)It's still impossible to collect all namespaces like Pasha wrote.
prev parent reply other threads:[~2020-08-04 14:47 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-30 11:59 Kirill Tkhai
2020-07-30 11:59 ` [PATCH 01/23] ns: Add common refcount into ns_common add use it as counter for net_ns Kirill Tkhai
2020-07-30 13:35 ` Christian Brauner
2020-07-30 14:07 ` Kirill Tkhai
2020-07-30 15:59 ` Christian Brauner
2020-07-30 14:30 ` Christian Brauner
2020-07-30 14:34 ` Kirill Tkhai
2020-07-30 14:39 ` Christian Brauner
2020-07-30 11:59 ` [PATCH 02/23] uts: Use generic ns_common::count Kirill Tkhai
2020-07-30 14:30 ` Christian Brauner
2020-07-30 11:59 ` [PATCH 03/23] ipc: " Kirill Tkhai
2020-07-30 14:32 ` Christian Brauner
2020-07-30 11:59 ` [PATCH 04/23] pid: " Kirill Tkhai
2020-07-30 14:37 ` Christian Brauner
2020-07-30 11:59 ` [PATCH 05/23] user: " Kirill Tkhai
2020-07-30 14:46 ` Christian Brauner
2020-07-30 11:59 ` [PATCH 06/23] mnt: " Kirill Tkhai
2020-07-30 14:49 ` Christian Brauner
2020-07-30 11:59 ` [PATCH 07/23] cgroup: " Kirill Tkhai
2020-07-30 14:50 ` Christian Brauner
2020-07-30 12:00 ` [PATCH 08/23] time: " Kirill Tkhai
2020-07-30 14:52 ` Christian Brauner
2020-07-30 12:00 ` [PATCH 09/23] ns: Introduce ns_idr to be able to iterate all allocated namespaces in the system Kirill Tkhai
2020-07-30 12:23 ` Matthew Wilcox
2020-07-30 13:32 ` Kirill Tkhai
2020-07-30 13:56 ` Matthew Wilcox
2020-07-30 14:12 ` Kirill Tkhai
2020-07-30 14:15 ` Matthew Wilcox
2020-07-30 14:20 ` Kirill Tkhai
2020-07-30 12:00 ` [PATCH 10/23] fs: Rename fs/proc/namespaces.c into fs/proc/task_namespaces.c Kirill Tkhai
2020-07-30 12:00 ` [PATCH 11/23] fs: Add /proc/namespaces/ directory Kirill Tkhai
2020-07-30 12:18 ` Alexey Dobriyan
2020-07-30 13:22 ` Kirill Tkhai
2020-07-30 13:26 ` Christian Brauner
2020-07-30 14:30 ` Kirill Tkhai
2020-07-30 20:47 ` kernel test robot
2020-07-30 22:20 ` kernel test robot
2020-08-05 8:17 ` kernel test robot
2020-08-05 8:17 ` [RFC PATCH] fs: namespaces_dentry_operations can be static kernel test robot
2020-07-30 12:00 ` [PATCH 12/23] user: Free user_ns one RCU grace period after final counter put Kirill Tkhai
2020-07-30 12:00 ` [PATCH 13/23] user: Add user namespaces into ns_idr Kirill Tkhai
2020-07-30 12:00 ` [PATCH 14/23] net: Add net " Kirill Tkhai
2020-07-30 12:00 ` [PATCH 15/23] pid: Eextract child_reaper check from pidns_for_children_get() Kirill Tkhai
2020-07-30 12:00 ` [PATCH 16/23] proc_ns_operations: Add can_get method Kirill Tkhai
2020-07-30 12:00 ` [PATCH 17/23] pid: Add pid namespaces into ns_idr Kirill Tkhai
2020-07-30 12:00 ` [PATCH 18/23] uts: Free uts namespace one RCU grace period after final counter put Kirill Tkhai
2020-07-30 12:01 ` [PATCH 19/23] uts: Add uts namespaces into ns_idr Kirill Tkhai
2020-07-30 12:01 ` [PATCH 20/23] ipc: Add ipc " Kirill Tkhai
2020-07-30 12:01 ` [PATCH 21/23] mnt: Add mount " Kirill Tkhai
2020-07-30 12:01 ` [PATCH 22/23] cgroup: Add cgroup " Kirill Tkhai
2020-07-30 12:01 ` [PATCH 23/23] time: Add time " Kirill Tkhai
2020-07-30 13:08 ` [PATCH 00/23] proc: Introduce /proc/namespaces/ directory to expose namespaces lineary Christian Brauner
2020-07-30 13:38 ` Christian Brauner
2020-07-30 14:34 ` Eric W. Biederman
2020-07-30 14:42 ` Christian Brauner
2020-07-30 15:01 ` Kirill Tkhai
2020-07-30 22:13 ` Eric W. Biederman
2020-07-31 8:48 ` Pavel Tikhomirov
2020-08-03 10:03 ` Kirill Tkhai
2020-08-03 10:51 ` Alexey Dobriyan
2020-08-06 8:05 ` Andrei Vagin
2020-08-07 8:47 ` Kirill Tkhai
2020-08-10 17:34 ` Andrei Vagin
2020-08-11 10:23 ` Kirill Tkhai
2020-08-12 17:53 ` Andrei Vagin
2020-08-13 8:12 ` Kirill Tkhai
2020-08-14 1:16 ` Andrei Vagin
2020-08-14 15:11 ` Kirill Tkhai
2020-08-14 19:21 ` Andrei Vagin
2020-08-17 14:05 ` Kirill Tkhai
2020-08-17 15:48 ` Eric W. Biederman
2020-08-17 17:47 ` Christian Brauner
2020-08-17 18:53 ` Eric W. Biederman
2020-08-04 5:43 ` Andrei Vagin
2020-08-04 12:11 ` Pavel Tikhomirov
2020-08-04 14:47 ` Kirill Tkhai [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5f040969-b3b6-8174-7f8e-c8f9db6b80ea@virtuozzo.com \
--to=ktkhai@virtuozzo.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=areber@redhat.com \
--cc=avagin@gmail.com \
--cc=christian.brauner@ubuntu.com \
--cc=davem@davemloft.net \
--cc=ebiederm@xmission.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ptikhomirov@virtuozzo.com \
--cc=serge@hallyn.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Unnamed repository; edit this file 'description' to name the repository.
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://archive.lwn.net:8080/linux-fsdevel/0 linux-fsdevel/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 linux-fsdevel linux-fsdevel/ http://archive.lwn.net:8080/linux-fsdevel \
linux-fsdevel@vger.kernel.org lwn-linux-fsdevel@archive.lwn.net
public-inbox-index linux-fsdevel
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://archive.lwn.net/lwn.kernel.linux-fsdevel
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git