On 2025-08-09, Aleksa Sarai <cyphar@xxxxxxxxxx> wrote:
> On 2025-08-08, Askar Safin <safinaskar@xxxxxxxxxxxx> wrote:
> > Let's consider this example:
> >
> > int fsfd, mntfd, nsfd, nsdirfd;
> >
> > nsfd = open("/proc/self/ns/pid", O_PATH);
> > nsdirfd = open("/proc/1/ns", O_DIRECTORY);
> >
> > fsfd = fsopen("proc", FSOPEN_CLOEXEC);
> > /* "pidns" changes the value each time. */
> > fsconfig(fsfd, FSCONFIG_SET_PATH, "pidns", "/proc/self/ns/pid", AT_FDCWD);
> > fsconfig(fsfd, FSCONFIG_SET_PATH, "pidns", "pid", NULL, nsdirfd);
> > fsconfig(fsfd, FSCONFIG_SET_PATH_EMPTY, "pidns", "", nsfd);
> > fsconfig(fsfd, FSCONFIG_SET_FD, "pidns", NULL, nsfd);
> > fsconfig(fsfd, FSCONFIG_CMD_CREATE, NULL, NULL, 0);
> > mntfd = fsmount(fsfd, FSMOUNT_CLOEXEC, 0);
> > move_mount(mntfd, "", AT_FDCWD, "/proc", MOVE_MOUNT_F_EMPTY_PATH);
> >
> > I don't like it. /proc/self/ns/pid is our namespace, which is default anyway.
> > I. e. setting pidns to /proc/self/ns/pid is no-op (assuming that "pidns" option is implemented in our kernel, of course).
> > Moreover, if /proc is mounted properly, then /proc/1/ns/pid refers to our namespace, too!
This slightly depends on what you mean by "properly". If you deal with
namespaces a lot, running into a situation whether the current process's
pidns doesn't match /proc is quite common (we run into it with container
runtimes all the time).
A proper example with provably different pidns values (such as the
selftests for the pidns parameter) would make for a very lengthy example
program with very little use for readers.
I'm tempted to just delete this example.
> > Thus, *all* these fsconfig(FSCONFIG_SET_...) calls are no-op.
> > Thus it is bad example.
> >
> > I suggest using, say, /proc/2/ns/pid . It has actual chance to refer to some other namespace.
> >
> > Also, sentence '"pidns" changes the value each time' is a lie: as I explained, all these calls are no-ops,
> > they don't really change anything.
>
> Right, I see your point.
>
> One other problem with this example is that there is no
> currently-existing parameter which accepts all of FSCONFIG_SET_PATH,
> FSCONFIG_SET_PATH_EMPTY, FSCONFIG_SET_FD, and FSCONFIG_SET_STRING so
> this example is by necessity a little contrived. I suspect that it'd be
> better to remove this and re-add it once we actually something that
> works this way...
>
> You've replied to the pidns parameter patchset so I shouldn't repeat
> myself here too much, but supporting this completely is my plan for the
> next version I send. It's just not a thing that exists today (ditto for
> overlayfs).
>
> --
> Aleksa Sarai
> Senior Software Engineer (Containers)
> SUSE Linux GmbH
> https://www.cyphar.com/
--
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
https://www.cyphar.com/
Attachment:
signature.asc
Description: PGP signature
