Re: [RFC][PATCH 2/6] sysvmsg: containerize

Chris Wright <chrisw@xxxxxxxxxxxx> writes:

* Dave Hansen (haveblue@xxxxxxxxxx) wrote:
On Mon, 2006-03-06 at 17:57 -0800, Chris Wright wrote:
* Dave Hansen (haveblue@xxxxxxxxxx) wrote:
-void __init msg_init (void)
+void __init msg_init (struct ipc_msg_context *context)
{
- ipc_init_ids(&msg_ids,msg_ctlmni);
+ ipc_init_ids(&context->ids,msg_ctlmni);
ipc_init_proc_interface("sysvipc/msg",
" key msqid perms cbytes qnum lspid lrpid uid gid cuid cgid stime rtime
ctime\n",
- &msg_ids,
+ &context->ids,
sysvipc_msg_proc_show);

Does that mean /proc interface only gets init_task context?
Along those lines, I think now ipcs -a is incomplete from admin
perspective. Suppose that's a feature from the container/vserver
POV.

It will get context from the current task, which means the current
container. We haven't quite decided how these things will be (or if
they need to be) aggregated on a a system-wide basis.

The /proc interface is registering with &context->ids of init_task. So,
all other contexts using that interface will be looking at the wrong
info, AFAICT.

We need to make this per process in /proc to get it right.
So /proc/sysvipc becomes a symlink to /proc/<pid>/sysvipc.

As you can tell my concerns are in resource consumption. If a user can
create contexts which it can hide from sysadmin, and they aren't subject
to sysadmin mandated resource limits, it's effectively a leak, esp. since
these resources don't die with exit(2).

I haven't spotted it yet in Dave's series but this is something that should
happen when all of the tasks using the ipc_context in this case exit.

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • Re: [RFC][PATCH 2/6] sysvmsg: containerize
    ... Does that mean /proc interface only gets init_task context? ... It will get context from the current task, ... As you can tell my concerns are in resource consumption. ... to sysadmin mandated resource limits, it's effectively a leak, esp. ...
    (Linux-Kernel)
  • Re: implementing roles in OOP......
    ... > announcement but the Y method name makes no sense in that context. ... > priori knowledge of the structure there is no way for the client to know ... I can imagine an interface that would allow adding Composites ... The example given is exactly the sort of thing that does happen, ...
    (comp.object)
  • TRANSFER arbitrary data ? (long)
    ... subroutine to minimize a function of n variables, ... end interface ... that to an integer array and back. ... subroutine minimize(Func, x, context) ...
    (comp.lang.fortran)
  • Re: Creating a "toy" OO/AO language...
    ... That is a major difference between the OO paradigm and procedural/functional paradigms where behavior always dominates the construction. ... In an OO context there are two ways to implement a closure in the functional programming sense of a method that operates on a bounded set of variables. ... The only object that should have an interface to the strategy ... In the OO paradigm one tries to minimize that by limiting it to client and service through peer-to-peer collaboration by eliminating a hierarchical call chains. ...
    (comp.object)
  • Re: Why googlers never quote and never will (Was: Re: Universal (g)libc)
    ... >>>context or how to do it through Google. ... >> elephant, they also behave accordingly. ... > I put the blame squarely on the Google interface. ... that behaviour is by design. ...
    (comp.lang.c)