From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id 67B195A026E for ; Thu, 6 Apr 2023 04:50:11 +0200 (CEST) Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4PsQvz5wKdz4xFf; Thu, 6 Apr 2023 12:50:07 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=201602; t=1680749407; bh=UxGYFuLsGH0GpLbKejJuA5f8ayXAYHSZU7irxQVxdGk=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=BDHujvIscNPoEOVyLBCwpZnQExkaBi4uXpDbVqez1gh886CLQwggYV20ZzOsSv29x 69t2Wvrc+uKfiRi/FzQSEG22va7BiSot/TmEclusqEL4+K0XgyJC/awyo197GU1hQZ DP17RBUz6XfPP4KKmKBqTSSg9dnzxX+KvzX4S/JY= Date: Thu, 6 Apr 2023 10:15:41 +1000 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH 06/14] nstool: Detect what namespaces target is in Message-ID: References: <20230404014638.3225556-1-david@gibson.dropbear.id.au> <20230404014638.3225556-7-david@gibson.dropbear.id.au> <20230405135825.13e18482@elisabeth> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="mzfT+4rOueYS3zrs" Content-Disposition: inline In-Reply-To: <20230405135825.13e18482@elisabeth> Message-ID-Hash: 5UHCOH4IZ7DCZWRZYI3GJZDHY55XGK63 X-Message-ID-Hash: 5UHCOH4IZ7DCZWRZYI3GJZDHY55XGK63 X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --mzfT+4rOueYS3zrs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Apr 05, 2023 at 01:58:25PM +0200, Stefano Brivio wrote: > On Tue, 4 Apr 2023 11:46:30 +1000 > David Gibson wrote: >=20 > > Give nstool the ability to detect what namespaces the target process is= in, > > relative to where it's called. That is, those namespace types for which > > the target is not in the same namespace as the caller. For now, just > > print this information with "info", which can be useful for debugging. > >=20 > > Signed-off-by: David Gibson > > --- > > test/nstool.c | 154 +++++++++++++++++++++++++++++++++++++++++++++----- > > 1 file changed, 140 insertions(+), 14 deletions(-) > >=20 > > diff --git a/test/nstool.c b/test/nstool.c > > index 2cb4fb3..428c9c4 100644 > > --- a/test/nstool.c > > +++ b/test/nstool.c > > @@ -15,8 +15,13 @@ > > #include > > #include > > #include > > +#include > > #include > > #include > > +#include > > +#include > > + > > +#define ARRAY_SIZE(a) ((int)(sizeof(a) / sizeof((a)[0]))) > > =20 > > #define die(...) \ > > do { \ > > @@ -24,6 +29,28 @@ > > exit(1); \ > > } while (0) > > =20 > > +struct ns_type { > > + int flag; > > + const char *name; > > +}; > > + > > +const struct ns_type nstypes[] =3D { > > + { CLONE_NEWCGROUP, "cgroup" }, > > + { CLONE_NEWIPC, "ipc" }, > > + { CLONE_NEWNET, "net" }, > > + { CLONE_NEWNS, "mnt" }, > > + { CLONE_NEWPID, "pid" }, > > + { CLONE_NEWTIME, "time" }, > > + { CLONE_NEWUSER, "user" }, > > + { CLONE_NEWUTS, "uts" }, > > +}; > > + > > +struct holder_info { > > + pid_t pid; > > + uid_t uid; > > + gid_t gid; > > +}; > > + > > static void usage(void) > > { > > die("Usage:\n" > > @@ -41,12 +68,16 @@ static void usage(void) > > " terminate.\n"); > > } > > =20 > > -static int connect_ctl(const char * sockpath, bool wait) > > +static int connect_ctl(const char *sockpath, bool wait, > > + struct holder_info *info, > > + struct ucred *peercred) > > { > > int fd =3D socket(AF_UNIX, SOCK_STREAM, PF_UNIX); > > struct sockaddr_un addr =3D { > > .sun_family =3D AF_UNIX, > > }; > > + struct holder_info discard; > > + ssize_t len; > > int rc; > > =20 > > if (fd < 0) > > @@ -61,6 +92,25 @@ static int connect_ctl(const char * sockpath, bool w= ait) > > die("connect() to %s: %s\n", sockpath, strerror(errno)); > > } while (rc < 0); > > =20 > > + if (!info) > > + info =3D &discard; >=20 > As you close the socket anyway moments later, I wonder if it wouldn't > be doable (and more natural) to just do: >=20 > if (info) { > len =3D read(fd, info, sizeof(*info)); > ... > } I had something like that initially, but that causes the holder to spit a broken pipe error, which is distracting. > if (peercred) { > ... > } >=20 > ...but maybe it adds unnecessary complication to 7/14 (or perhaps the > magic is not really part of 'info'?). >=20 --=20 David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson --mzfT+4rOueYS3zrs Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmQuDyYACgkQzQJF27ox 2Gf2mA//Y6Ekp6iwGSewVEca2sPuZni84vsq7GD2g5qPUAROOJ6xmHOoeb5OyVc+ zbZvojAxml6xEdAxcRhlEg+BTo5/5n1yYYZKxkvs5EmAujBS7j/JT9HpE/ZydPlG xc+9sJDC4y1WLVyF5FfkUfzxTGN35xLnH0OMtXyIgokLErpgKQltChoHFLjt40rX wLev60ixvYmJMAIGXxc8Xa61SGqXtOQg+tM+eOxCzLCh/7s3m3S3NQ2slSkmvf14 VL6V8xV3JDNAvrOIi7tugwuhjkz7om9kEnM550Syp22KEfgyAkbNdUYR7zeAEgnb ykz2sE+MiUnKby27SvG9/ueiUCV8PxNG9CkYnxk5ZyXlmNSgxMwSaGuFV4iMcrnZ mt8dRznLgCBaTJ8BhXTzOIIUidDL6drlUDNuUQBKuIRhcsNykXbvNF5HOFbnpRdn i+HiCdU57KNWjO+QOQgrCRhttUxmdjvn1HXyYYd1MHLHntlP6MLnDeLbibW8g83B dy4mnQ/Oi/P9thY4B2YqoqEJkf9ImMuZPQSpB1bp8qwElQsGv0gCu6dn7cbIikCH XJRElgEU5xMoHRlorZ8WWqBenaa0XVgCQEoyYD+40q5NFZdtFc8hfOd4VHSouvda US/ecBgmCFjC4W+0eoyN6pnLIk1j/3c42zvYiMRBFHKOOhhcDjg= =hVtI -----END PGP SIGNATURE----- --mzfT+4rOueYS3zrs--