[Devel] Re: process_group()
Eric W. Biederman
ebiederm at xmission.com
Sat Jan 20 22:23:43 PST 2007
ebiederm at xmission.com (Eric W. Biederman) writes:
>
> Close. Our ultimate goal is to make it so that when you talk within
> the kernel you use a struct pid not a pid_t value. Attacking the
> cached pid_t values is merely a way finding those places.
>
> So fixing thing like the pid_t value passed as credentials in unix domain
> sockets is a lot more important than fixing any use of process_session
> that just goes to user space.
>
> The reason it is important is because different processes may be in different
> pid namespaces and raw pid_t values just won't make sense while struct pid
> references are pid namespace independent.
The other reason for preferring a struct pid form is that it avoids
unnecessary hash table lookups, that we get processing pid in pid_t form.
Eric
_______________________________________________
Containers mailing list
Containers at lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
More information about the Devel
mailing list