| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Oct 2011 00:49:04 -0700 From: Matt Helsley <matthltc@...ibm.com> To: Kay Sievers <kay.sievers@...y.org> Cc: linux-kernel@...r.kernel.org, lennart@...ttering.net, harald@...hat.com, david@...ar.dk, greg@...ah.com, Biederman Eric Biederman <ebiederm@...ssion.com> Subject: Re: A Plumber’s Wish List for Linux On Fri, Oct 07, 2011 at 01:17:02AM +0200, Kay Sievers wrote: <snip> > * simple, reliable and future-proof way to detect whether a specific pid > is running in a CLONE_NEWPID container, i.e. not in the root PID > namespace. Currently, there are available a few ugly hacks to detect Is that precisely what's needed or would it be sufficient to know that the pid is running in a child pid namespace of the current pid namespace? If so, I think this could eventually be done by comparing the inode numbers assigned to /proc/<pid>/ns/pid to those of /proc/1/ns/pid. > * Add a timerslack cgroup controller, to allow increasing the timer > slack of user session cgroups when the machine is idle. There were patches for a timerslack cgroup controller but for some reason (I don't recall why) they stalled. It might be worth digging through the containers mailing list archives. Cheers, -Matt Helsley -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists