On Thu, Mar 09, 2017 at 12:26:49PM +0100, Djalal Harouni wrote: > I'm bit lost in the two discussion, however the main concern I was > discussing with Andy was if you have per superblock proc mounts then > each mount will end up with its own device ID st_dev, right now they > share the same ID if they are in the same pid namespace, but if we > change that then we may break the following: > http://man7.org/linux/man-pages/man7/namespaces.7.html In fact, nothing has changed. I added a parameter that affects the mountpoint, not the entire pid namespace. The procfs will still be global. The device ID will be the same as before. > Both new NS_GET_PARENT and NS_GET_USERNS ioctl() that return an fd, > suggests to follow up with fstat() to identify the namespaces.. > "By applying fstat(2) to the returned file descriptor, one obtains a > stat structure whose st_dev (resident device) and st_ino (inode > number) fields together identify the owning/parent namespace." > > Other /proc/self/ns/* comparison and stat() logic... > > Andy suggested that we may have the same st_dev for mounts in the same > pid namespace... I'm not sure which side effect this may bring! Basically we have here a issue because other proc options (hidepid for example) affect the entire pid namespace, but, I guess, have to affect the mountpoint. # grep ^proc /proc/mounts proc /proc proc rw,relatime 0 0 # mount -t proc proc /tmp/proc # mount -o remount,hidepid=2 -t proc proc /tmp/proc # grep ^proc /proc/mounts proc /proc proc rw,relatime,hidepid=2 0 0 proc /tmp/proc proc rw,relatime,hidepid=2 0 0 -- Rgrds, legion -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
