Oleg Nesterov <oleg@xxxxxxxxxx> writes:
> On 09/29, Eric W. Biederman wrote:
>>
>> Oleg Nesterov <oleg@xxxxxxxxxx> writes:
>>
>> > OK, I won't insist, this too looks better to me than proc_ns_fdget(&fd_ref).
>> >
>> > And in any case fcheck_files() makes more sense than fdget(), somehow I did
>> > not think about this when I sent 1/1.
>> >
>> > Hmm. and after the quick look at cleanup_net() I can't understand whether
>> > get_net_ns_by_fd() can use ns_by_fd_rcu() + maybe_get_net(to_net_ns()) or
>> > not... Can it?
>>
>> Some of those places need a reference that allows them to sleep, and the
>> code is shared with the legacy pid case so with an addition of get_net
>> we can use ns_by_fd_rcu(). There are cases like setns that could
>> use ns_by_fd_rcu() with code reording.
>>
>> We can implement get_net_ns_by_fd as:
>> struct net *get_net_ns_by_fd(int fd)
>> {
>> struct net *net;
>>
>> rcu_read_lock();
>> net = net_ns_by_fd_rcu(fd);
>> if (!IS_ERR(net))
>> get_net(net);
>> rcu_read_unlock();
>>
>> return net;
>> }
>>
>> Which means we can achieve code sharing with the pure rcu version
>> as a base.
>
> Yes, this is what I meant... but don't we need maybe_get_net() ?
Let me see.
The call chain is a little interesting so let's trace it.
thread1 thread2
net = net_ns_by_fd_rcu(fd); fput(file)
get_net(net); ____fput
__fput
dput
dentry_kill
__dentry_kill
dentry_iput
iput
iput_final
evict
->evict_inode (nsfs_evict)
netns_put
put_net
__put_net
queue_work(net_cleanup_work)
...
cleanup_net
synchronize_rcu.
Given that someone in another thread can put the file descriptor and I
don't see anything explicitly waiting until after the rcu critical
section ends to put the network namespace I guess we do need
maybe_get_net.
In practice I think the delay logic in fput will act as an rcu barrier,
but that is not guaranteed so we had better not count on it. Sigh.
Anyway this is a long ways from a syscall to translate pids.
Eric
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/containers
