[RFC,0/4] pidfs: allow retrieval of namespace descriptors

Message ID	20240627-work-pidfs-v1-0-7e9ab6cc3bb1@kernel.org (mailing list archive)
Headers	show Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AAEBA195F17 for <linux-fsdevel@vger.kernel.org>; Thu, 27 Jun 2024 14:11:56 +0000 (UTC) From: Christian Brauner <brauner@kernel.org> Subject: [PATCH RFC 0/4] pidfs: allow retrieval of namespace descriptors Date: Thu, 27 Jun 2024 16:11:38 +0200 Message-Id: <20240627-work-pidfs-v1-0-7e9ab6cc3bb1@kernel.org> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: linux-fsdevel@vger.kernel.org Cc: Josef Bacik <josef@toxicpanda.com>, Seth Forshee <sforshee@kernel.org>, Stephane Graber <stgraber@stgraber.org>, Jeff Layton <jlayton@kernel.org>, Aleksa Sarai <cyphar@cyphar.com>, Alexander Mikhalitsyn <alexander@mihalicyn.com>, Christian Brauner <brauner@kernel.org>
Series	pidfs: allow retrieval of namespace descriptors \| expand [RFC,0/4] pidfs: allow retrieval of namespace descriptors [RFC,1/4] file: add take_fd() cleanup helper [RFC,2/4] nsproxy: add a cleanup helper for nsproxy [RFC,3/4] nsfs: add open_namespace() [RFC,4/4] pidfs: allow retrieval of namespace file descriptors

Message ID

20240627-work-pidfs-v1-0-7e9ab6cc3bb1@kernel.org (mailing list archive)

Headers

From: Christian Brauner <brauner@kernel.org>
Subject: [PATCH RFC 0/4] pidfs: allow retrieval of namespace descriptors
Date: Thu, 27 Jun 2024 16:11:38 +0200
Message-Id: <20240627-work-pidfs-v1-0-7e9ab6cc3bb1@kernel.org>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: linux-fsdevel@vger.kernel.org
Cc: Josef Bacik <josef@toxicpanda.com>, Seth Forshee <sforshee@kernel.org>,
 Stephane Graber <stgraber@stgraber.org>, Jeff Layton <jlayton@kernel.org>,
 Aleksa Sarai <cyphar@cyphar.com>,
 Alexander Mikhalitsyn <alexander@mihalicyn.com>,
 Christian Brauner <brauner@kernel.org>

Series

pidfs: allow retrieval of namespace descriptors | expand

Message

Christian Brauner June 27, 2024, 2:11 p.m. UTC

In recent discussions it became clear that having the ability to go from
pidfd to namespace file descriptor is desirable. Not just because it is
already possible to use pidfds with setns() to switch namespaces
atomically but also because it makes it possible to interact with
namespaces without having procfs mounted solely relying on the pidfd.

This adds support from deriving a namespace file descriptor from a
pidfd for all namespace types.

Thanks!
Christian

---
---
base-commit: 2a79498f76350570427af72da04b1c7d0e24149e
change-id: 20240627-work-pidfs-fd415f4d3cd1

Comments

Jeff Layton June 27, 2024, 4:51 p.m. UTC | #1

On Thu, 2024-06-27 at 16:11 +0200, Christian Brauner wrote:
> In recent discussions it became clear that having the ability to go
> from
> pidfd to namespace file descriptor is desirable. Not just because it
> is
> already possible to use pidfds with setns() to switch namespaces
> atomically but also because it makes it possible to interact with
> namespaces without having procfs mounted solely relying on the pidfd.
> 
> This adds support from deriving a namespace file descriptor from a
> pidfd for all namespace types.
> 
> Thanks!
> Christian
> 
> ---
> ---
> base-commit: 2a79498f76350570427af72da04b1c7d0e24149e
> change-id: 20240627-work-pidfs-fd415f4d3cd1
> 

Neat. I'm not too familiar with all of the CLASS() macro stuff so it
took me a minute to unwind, but this all looks pretty straightforward.

Reviewed-by: Jeff Layton <jlayton@kernel.org>

Josef Bacik June 27, 2024, 5:26 p.m. UTC | #2

On Thu, Jun 27, 2024 at 04:11:38PM +0200, Christian Brauner wrote:
> In recent discussions it became clear that having the ability to go from
> pidfd to namespace file descriptor is desirable. Not just because it is
> already possible to use pidfds with setns() to switch namespaces
> atomically but also because it makes it possible to interact with
> namespaces without having procfs mounted solely relying on the pidfd.
> 
> This adds support from deriving a namespace file descriptor from a
> pidfd for all namespace types.
> 

I love this, just have the one comment about documenting how the take_fd() thing
works, but then you can add

Reviewed-by: Josef Bacik <josef@toxicpanda.com>

Thanks,

Josef

Alexander Mikhalitsyn June 27, 2024, 8:05 p.m. UTC | #3

Am Do., 27. Juni 2024 um 16:11 Uhr schrieb Christian Brauner
<brauner@kernel.org>:
>
> In recent discussions it became clear that having the ability to go from
> pidfd to namespace file descriptor is desirable. Not just because it is
> already possible to use pidfds with setns() to switch namespaces
> atomically but also because it makes it possible to interact with
> namespaces without having procfs mounted solely relying on the pidfd.
>
> This adds support from deriving a namespace file descriptor from a
> pidfd for all namespace types.

Extremely useful API. Thanks!

Reviewed-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>

>
> Thanks!
> Christian
>
> ---
> ---
> base-commit: 2a79498f76350570427af72da04b1c7d0e24149e
> change-id: 20240627-work-pidfs-fd415f4d3cd1
>