[lxc-devel] Working with glibc (PID/TID caches).

[Eric W. Biederman]

"Carlos O'Donell" <carlos at redhat.com> writes:

> On 05/16/2015 01:03 AM, Eric W. Biederman wrote:
>>> Such reasons would help inform a new API design.
>> 
>> So we could specify flags that create namespaces aka: CLONE_NEWNS,
>> CLONE_NEWUTS, CLONE_NEWIPC, CLONE_NEWUSER, CLONE_NEWPID, CLONE_NEWNET
>> 
>> We are talking about container creation after all.
>> 
>> At the same time since we are creating a new virtual address space it
>> would be handy if we didn't need to do all of the work to set up a new
>> stack as the existing stack is perfectly functional.
>
> Agreed.
>
> Ricky Zhou brought this up on libc-alpha on 2014-11-20 [1].
>
> We discussed a new clone wrapper alternative that does more of
> what you want including:
>
> * Reset pid cache.
> * Manage stack for you (somehow).
Without CLONE_VM you can just reuse the stack (unless you are using
the libc clone wrapper).
> * Must not set CLONE_VM, but allow other flags.
Yes the kernel should take care of any other illegal combinations.x

> However, the basic question remains: Are you using clone for
> performance reasons to avoid fork or exec? Why use raw clone?

In this case it was to be able to create namespaces while creating
a process.  It is not to avoid for or exec it is to be able to pass
flags that fork can't take.  You could call it fork_with_clone_flags().

*Scratches my head*  I thought we were talking about the libc clone
 wrapper not "syscall(SYS_CLONE, ...);" which is what I would call a
raw clone.

We just want to be able to specify the clone flags.  Creating pid
namespaces really sucks if you have to go through unshare, and
historically it wasn't supported.  Creating pid namespaces remains
more efficient with clone, because you don't need an extra process.

> If you need to use clone, what other bullet points would you
> add?

Call the atfork handlers so all of the pthread_atfork handlers
so the new processes is in a sensible state.

Or in short fork_with_clone_flags(); 

Eric