[Ksummit-2010-discuss] checkpoint-restart: naked patch

Alexey Dobriyan adobriyan at gmail.com
Fri Nov 19 08:25:13 PST 2010

On Fri, Nov 19, 2010 at 6:10 PM, Tejun Heo <tj at kernel.org> wrote:
> Well, if you ask me, having pidns w/o a way to reinstate PID from
> userland is pretty silly

Chrome uses CLONE_PID so that exploit couldn't attach to processes in
parent pidns.

> and you and I might not know yet but it's
> quite imaginable that there will be other use cases for the capability
> unlike in-kernel CR.  Kernel provides building blocks not the whole
> frigging package and for very good reasons.

Speaking of pids, pid's value itself is never interesing (except maybe pid 1).
It's a cookie.

CLONE_SET_PID came up only now because only C/R wants it.

More information about the Containers mailing list