From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753940AbbLCXn4 (ORCPT ); Thu, 3 Dec 2015 18:43:56 -0500 Received: from mout.kundenserver.de ([212.227.126.130]:60862 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751141AbbLCXny (ORCPT ); Thu, 3 Dec 2015 18:43:54 -0500 From: Arnd Bergmann To: Andy Lutomirski Cc: Andrew Vagin , Andrey Vagin , David Ahern , "linux-kernel@vger.kernel.org" , Linux API , Oleg Nesterov , Andrew Morton , Cyrill Gorcunov , Pavel Emelyanov , Roger Luethi , Arnaldo Carvalho de Melo , Pavel Odintsov Subject: Re: [PATCH 0/24] kernel: add a netlink interface to get information about processes (v2) Date: Fri, 04 Dec 2015 00:43:29 +0100 Message-ID: <1583220.Fp5vNj67Du@wuerfel> User-Agent: KMail/4.11.5 (Linux/3.16.0-10-generic; KDE/4.11.5; x86_64; ; ) In-Reply-To: References: <1436172445-6979-1-git-send-email-avagin@openvz.org> <20151124151811.GA16393@odin.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Provags-ID: V03:K0:ikdR3AyRCziisq0bs5/foa4P56+EqJvjhPNrWOYwKhx8tgrFaV/ GM/wByyWddSv+tlGh7074yoyCvncSapYlilmNuD0qugSLzCXbfAf0OiAtpZUJ+IEhW8+IbW EzKllHCK//5ZtU+dCp+DDNcUzLAl+93rTSldKscoJ+6GCS7ZOi/PK0q+HOwRSrN/gy6CLEM 4fCVt7zAa057cPNtwzLHg== X-UI-Out-Filterresults: notjunk:1;V01:K0:E7qoOH9md/M=:I39yLZwyJTvQtvGzsnO8Ac eMwyrgr8h0eBnl+v5DVitWGFuKrjH1TvuZ3Tx5nSjSB4GUdpdmqnovtqDU0T+tLw9ybl2kEsN ULPNg0T7hR6PrQZTTiIkjc+lV5eIgWfms4T0UfrDARopTj6J1CYj7zQXtQ/fcR52S2iJUrgtc pG0OaYiFwQEcWQH9b34BQUUOIwiI4aplaig4yKoHFMdDD3+S/IWg5hf7HPBdEcw58QqwalcZt aB5O9IIr3vUEP9S4/Jw+PMlzjgaT9XofXnxU1g0oMqJ3dKuWy3kALut9xPsh7AqbnBxKh7KhA rOfT0EHtgajlx1jUBuPupNCC6tJkF1EiVhvnEc+sP4ugj+5M17+DSOBg8ANKhltSmcRFBat40 Bg/UuKEmloqyFYG9MpmnxsaLNlUQFyeIMivSYtq3goVGuhZmQhGrSsFz920dWlZcInndcocx0 ijQA2FDHjiyqEGqv8U656GzLpIJJEP1OqbnqZTyU4p7RVfwzvQFtQ8h7RgO2ht/F/U1I2dxaB c1EJVgVuLk/1NZNgpSljjP4W9FCad2iaQgims55p3iY5VKIXaNw7k5oQsZybiqV3hIGVtPL6J W3i/c4swf0DuQdwWPV7dK6toKka4cYxwXFbvYK4F7yjzs2mvTDEIrUv6JT2PQkeK9YdlpjTzg eJrBmpoUVklY6BFX7FSn3Os5ix9k5yxnJB6gRGUhIXDvQYNArhXJ8Z0ZLOl+ysAWYmcqbnBB6 o/xTQozGCNCdDNfX Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thursday 03 December 2015 15:20:30 Andy Lutomirski wrote: > > * Netlink is designed for such type of workloads. It allows to expand > > the interface and save backward compatibility. It allows to generates > > packets with a different set of parameters. > > * If we use a file descriptor, we can create it and decrease > > capabilities of the current process. It's a good feature which will be > > unavailable if we decide to create a system call. > > If this is actually a real goal and it matters, then I'd suggest doing > it right. Make a way to create an fd that represents a pidns and, > specifically, the right to query non-secret properties of the > processes in the pidns. My first thought about doing an interface here was to create a virtual file system that can be queried rather than using netlink, but then I realized that the idea was to avoid procfs ;-) More seriously, maybe the answer is to have a transaction file in procfs itself. Procfs already knows about namespaces, so adding a /proc/task-diag file as the entry point into the kernel could get that out of the way. The simple_transaction infrastructure that we have is limited to a little under a page for the total data size, but something similar could be used. Arnd