Eric W. Biederman [ebiederm@xxxxxxxxxxxx] wrote: | Sukadev Bhattiprolu <sukadev@xxxxxxxxxxxxxxxxxx> writes: | | > === NEW CLONE() SYSTEM CALL: | > | > To support application checkpoint/restart, a task must have the same pid it | > had when it was checkpointed. When containers are nested, the tasks within | > the containers exist in multiple pid namespaces and hence have multiple pids | > to specify during restart. | > | > This patchset implements a new system call, clone_with_pids() that lets a | > process specify the pids of the child process. | > | > Patches 1 through 5 are helpers and we believe they are needed for application | > restart, regardless of the kernel implementation of application restart. | | I'm not very impressed. | | - static int alloc_pidmap(struct pid_namespace *pid_ns) | + static int alloc_pidmap(struct pid_namespace *pid_ns, int pid_max, int last_pid) | | Do that. | | That is pass in pid_max and last_pid, and you don't have to do weird | things in alloc_pidmap, and no set_pidmap is needed. But last_pid is from the pid_ns. Do you mean to have alloc_pidmap() take a pid_min and pid_max and when choosing a specific pid, have pid_min == pid_max == target_pid ? | | No changes to copy_process are needed it already takes a struct pid | argument. I see your point about passing in both 'struct pid*' and target_pids[]. But in the common case the struct pid passed into copy_process() is NULL - allocating pid in do_fork() would significantly alter the existing control flow - no ? alloc_pid() assumes any new pid namespace has been created - in copy_namespaces(). Moving the alloc_pid() to do_fork() would require parsing clone_flags in do_fork() and pulling pid namespace code out of copy_namespaces(). | | I haven't been following closely what is gained by having a clone_with_pids | syscall? When restarting an application from a checkpoint, the application must get the same pid it had at the time of checkpoint. clone_with_pids() would be used during restart so the child can be created with a specific set of pids. | | As for new namespaces that don't need to happen at process creation time | (which is just about anything that is left) we can create a new syscall that | unshares just that one. | Ok. If all new namespaces can be handled with a variant of unshare(), we can decouple clone_with_pids() from the clone-flags issue. | | Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
