From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, URIBL_DBL_BLOCKED_OPENDNS,URIBL_ZEN_BLOCKED_OPENDNS autolearn=ham autolearn_force=no version=3.4.4 Received: from txout-a2-smtp.messagingengine.com (txout-a2-smtp.messagingengine.com [103.168.172.225]) by inbox.vuxu.org (Postfix) with ESMTP id BAE992D549 for ; Sun, 14 Dec 2025 01:59:13 +0100 (CET) Received: from localhost.localdomain (phl-topicbox-01.internal [10.202.2.219]) by mailtxout.phl.internal (Postfix) with ESMTP id 7F7AE1C00EB for ; Sat, 13 Dec 2025 19:59:12 -0500 (EST) ARC-Authentication-Results: i=2; topicbox.com; arc=pass; dkim=pass (1024-bit rsa key sha1) header.d=eigenstate.org header.i=@eigenstate.org header.b=nH4je6q6 header.a=rsa-sha1 header.s=mail x-bits=1024; dmarc=pass policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=eigenstate.org; spf=pass smtp.mailfrom=ori@eigenstate.org smtp.helo=mimir.eigenstate.org; x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message has been altered)) (Message modified while forwarding at Topicbox) ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=message-id:to:date:from:mime-version :content-type:content-transfer-encoding:list-help:list-id :list-post:list-subscribe:reply-to:subject:list-unsubscribe; s= sysmsg-1; t=1765673952; bh=O+jDM6hvfjDe4u/eOfcDzXhyAt2/1dafKwCVS 3qDeD4=; b=cT/Zadh0sJr9aSxRZb3jYpi5fCDO7TPBUSM1jwcLteCIIsGoLUIKw EVnee38Es4PUR5ke2VQe4GXYPiO0xmyITXpnqbAgn8ELrI62YYhOD9Sn5XTWCZNI Q1GKDogdHcbLiKchQl6RG1tcdv/gfelU3dzcSEhU6KS5x+l3es+h0k= ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t= 1765673952; b=jA9VBrDt50Pd8ZsnOMCcJWttGUCl+PP+70XyjFa3Ty69O6MCje R7v3ngdjEJ1kpkQ8gNZDR1ElnYnMxO0x60M81+gIrUHDrIM6L+LoxU2XZ2s1j9Tk Qh/nkz6PMX0qpqnYRoN0CN6oRARYQeyFJ5clJtlqtchf1NLGU1OUQMmA4= Authentication-Results: topicbox.com; arc=pass; dkim=pass (1024-bit rsa key sha1) header.d=eigenstate.org header.i=@eigenstate.org header.b=nH4je6q6 header.a=rsa-sha1 header.s=mail x-bits=1024; dmarc=pass policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=eigenstate.org; spf=pass smtp.mailfrom=ori@eigenstate.org smtp.helo=mimir.eigenstate.org; x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message has been altered)) (Message modified while forwarding at Topicbox) X-Received-Authentication-Results: authmilter.topicbox.com; arc=none (no signatures found); bimi=skipped (DMARC Policy is not at enforcement); dkim=pass (1024-bit rsa key sha1) header.d=eigenstate.org header.i=@eigenstate.org header.b=nH4je6q6 header.a=rsa-sha1 header.s=mail x-bits=1024; dmarc=pass policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=eigenstate.org; iprev=pass smtp.remote-ip=206.124.132.107 (mimir.eigenstate.org); spf=pass smtp.mailfrom=ori@eigenstate.org smtp.helo=mimir.eigenstate.org; x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass smtp.helo=mimir.eigenstate.org policy.ptr=mimir.eigenstate.org; x-return-mx=pass header.domain=eigenstate.org policy.is_org=yes (MX Records found: kusuri.pikopiko.org,mail.pikopiko.org,nokogiri.pikopiko.org,eigenstate.org); x-return-mx=pass smtp.domain=eigenstate.org policy.is_org=yes (MX Records found: kusuri.pikopiko.org,mail.pikopiko.org,nokogiri.pikopiko.org,eigenstate.org); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=9fans.net; h=message-id :to:date:from:mime-version:content-type :content-transfer-encoding:list-help:list-id:list-post :list-subscribe:reply-to:subject:list-unsubscribe; s=dkim-1; t= 1765673952; x=1765760352; bh=OYg4tPo09vTQrCSq4XQbE8N+1ccrP+tcz1t twFF82wY=; b=MSpoShdx/itOOVXCMcLThJnD6FuvYp2qXfGIogdmsCZGhIYrFvs NqXsQFiskILGACzRShpqYPYPRWOjUySOFHTfieQ3VeRjr6LQmtN8PsxfMTHL3J3V uXfvj1LvcxE4gvH6+okoV6KkzPVXM46Ew6rLma7uLfagg+22ZVkE1RvE= Received: from authmilter.topicbox.com (unknown [172.17.0.1]) by mx.topicbox.com (Postfix) with ESMTP id B4FD335CBE5C for <9fans@9fans.net>; Sat, 13 Dec 2025 19:54:11 -0500 (EST) Received: from mx.topicbox.com (172.17.0.1 [172.17.0.1]) by authmilter.topicbox.com (Authentication Milter) with ESMTP id CCB91334050; Sat, 13 Dec 2025 19:54:11 -0500 ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t= 1765673651; b=LmMSJLzYljMoP0Y3xrYkYB1ONVf9UBF4mR7AtpvudNH7KBC4fP z0RsbblVQmfqYikiCQlR8FhtJmejGEqPrHbfKmhNsjmEg+8s1mKYO4J5rAdyFNyT KEC2/dKVIdhAoJ1Z0x7ZnGuLmgnNlBb62uQfANRLg+c6N2iQvap+ZoJNLAtI03kZ +P/pzy9hDNt06Ytss34IeT/BCXhikUPkcUBDJr79Us4T+ORZeL8XOtv7u4KG9ero +eDCtnV9ShKrbGUEpjWCosEgSqwqxRIyQleI8pIc387sROgu5rgB45wuGG5eovuS tTZwgxDKfSJLjVj2vKlo5DmMQmwtVikm22Tw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=message-id:to:subject:date:from:mime-version :content-type:content-transfer-encoding; s=arcseal; t= 1765673651; bh=7IqPdc+asYvwffLeQqoODyaZ32lCtaJYSQHWX3HTJiM=; b=O rjfJAhFFX+ejQkGKpsVQerEc9nz/ZEZnxT2nnJH0Y8QBr9aekv7W2/13RWWsOjAn cp8Kc+MocwX1yKSN3nW9HTOoEmCTIbYyF1oR724zxK+rcCfyYAS+ecLg7ShzcIv1 Da7TY/rdu1ETRLPPkB3qpeW/cZPunriPQhC7xssm/K8ufsyKbuAq+uRNty1Dl/Ki egUlQsk9ItUTNYbCb0JTDPY3ppqfxFy6I0OYFNaWENo+qnLunuYTDKZD6EzW8r7n e12yQkEZnphMZOog5wr6tZD2mTKqtRKRJRcDiUE66xQw+XAk7QJMw1qLVmy3gx9b TXg5A27fXpFm2aOOrdKoQ== ARC-Authentication-Results: i=1; authmilter.topicbox.com; arc=none (no signatures found); bimi=skipped (DMARC Policy is not at enforcement); dkim=pass (1024-bit rsa key sha1) header.d=eigenstate.org header.i=@eigenstate.org header.b=nH4je6q6 header.a=rsa-sha1 header.s=mail x-bits=1024; dmarc=pass policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=eigenstate.org; iprev=pass smtp.remote-ip=206.124.132.107 (mimir.eigenstate.org); spf=pass smtp.mailfrom=ori@eigenstate.org smtp.helo=mimir.eigenstate.org; x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass smtp.helo=mimir.eigenstate.org policy.ptr=mimir.eigenstate.org; x-return-mx=pass header.domain=eigenstate.org policy.is_org=yes (MX Records found: kusuri.pikopiko.org,mail.pikopiko.org,nokogiri.pikopiko.org,eigenstate.org); x-return-mx=pass smtp.domain=eigenstate.org policy.is_org=yes (MX Records found: kusuri.pikopiko.org,mail.pikopiko.org,nokogiri.pikopiko.org,eigenstate.org); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgdefvdehhecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecunecujfgurhepkffvuf ffhfggtgfgsehtjeejtddttddvnecuhfhrohhmpehorhhisegvihhgvghnshhtrghtvgdr ohhrghenucggtffrrghtthgvrhhnpedttdduiefgfeduteffjeffgeeffeehfeektdetff ehkeeihfelhfffjeegueevfeenucffohhmrghinhepphhrohhfihhlvgdrsghipdhrvghg shdrsghipdhsvghgmhgvnhhtrdgsihdptghhrghnrdgsihdpshhtrghtuhhsrdgsihdpth gvgihtrdgsihenucfkphepvddtiedruddvgedrudefvddruddtjedpuddtkedriedrvdeg rddvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepvddtiedrud dvgedrudefvddruddtjedphhgvlhhopehmihhmihhrrdgvihhgvghnshhtrghtvgdrohhr ghdpmhgrihhlfhhrohhmpeeoohhrihesvghighgvnhhsthgrthgvrdhorhhgqedpnhgspg hrtghpthhtohepuddprhgtphhtthhopeeolehfrghnsheslehfrghnshdrnhgvtheq X-ME-VSScore: 0 X-ME-VSCategory: clean Received-SPF: pass (eigenstate.org: 206.124.132.107 is authorized to use 'ori@eigenstate.org' in 'mfrom' identity (mechanism 'ip4:206.124.132.96/28' matched)) receiver=authmilter.topicbox.com; identity=mailfrom; envelope-from="ori@eigenstate.org"; helo=mimir.eigenstate.org; client-ip=206.124.132.107 Received: from mimir.eigenstate.org (mimir.eigenstate.org [206.124.132.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.topicbox.com (Postfix) with ESMTPS for <9fans@9fans.net>; Sat, 13 Dec 2025 19:54:11 -0500 (EST) Received: from mimir.eigenstate.org (localhost [127.0.0.1]) by mimir.eigenstate.org (OpenSMTPD) with ESMTP id 37fc6552; Sat, 13 Dec 2025 16:54:09 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=eigenstate.org; h=message-id :to:subject:date:from:mime-version:content-type :content-transfer-encoding; q=dns; s=mail; b=gGD3KxiS1DgIMdQC1Y9 oa7gVEJFXp7wayaNhKbrL3e2C9X9D4UVzjd6peCNQ0lZw5lfu8RJU1MQ/ZWt7/Z8 HD9iGqZ4lyRuS1avSgPr7STwizP9iOclZ3V5n6mxox+D0g35LC8HVfc2p/iqsKH8 kMwLjyJD3u+rRhjRTxj3SXJk= Received: from abbatoir.orib.home (pool-108-6-24-2.nycmny.fios.verizon.net [108.6.24.2]) by mimir.eigenstate.org (OpenSMTPD) with ESMTPSA id d4d564af (TLSv1.2:ECDHE-RSA-AES256-SHA:256:NO); Sat, 13 Dec 2025 16:54:08 -0800 (PST) Message-ID: <33BB7902D0B6A6B88BE31817F26530D6@eigenstate.org> To: 9front@9front.org, 9fans@9fans.net Date: Sat, 13 Dec 2025 19:54:07 -0500 From: ori@eigenstate.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Topicbox-Policy-Reasoning: moderate: sender is an admin; group holds all messages Topicbox-Message-UUID: 68451676-d887-11f0-8fdf-931e0fc0285f Archived-At: =?UTF-8?B?PGh0dHBzOi8vOWZhbnMudG9waWNib3guY29tL2dyb3Vwcy85?= =?UTF-8?B?ZmFucy9UZGYxNDA3ZTc5ZjIxN2VhMi1NNGVlN2RlMDY5NDQ4NzViMDRjNDUz?= =?UTF-8?B?MDAyPg==?= List-Help: List-Id: "9fans" <9fans.9fans.net> List-Post: List-Software: Topicbox v0 List-Subscribe: Precedence: list Reply-To: 9fans <9fans@9fans.net> Subject: [9fans] Enterable namespaces: /proc/pid/$ns/srv List-Unsubscribe: , Topicbox-Delivery-ID: 2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:M4ee7de06944875b04c453002:1:lfftM5VqEPjnFkl3AwPm0h40JXGMHRJ5-djHwaP-EfQ This patch makes it possible to enter a namespace through /proc/$pid/ns, like so: auth/newns -n /proc/$pid/ns $cmd or through procesing the namespace file any other way that they want. with the hope it'll be useful for things like fixing up tab completion in rio, making the plumber responsive to the local namespace that we are plumbing from, and other things that we haven't figured out yet. It works by making the chans for a proc's mounts available via /proc/$pid/srv/$id, and changing /proc/$pid/ns to use the channel name rather than files other procs can't access, such as '#|'. Hopefully folks will be able to experiment a bit with this, and figure out some good uses for it. diff 4341e26ac5d5cb86af2e1d88dd85365e7feb3a59 uncommitted --- a/sys/man/3/proc +++ b/sys/man/3/proc @@ -22,6 +22,7 @@ .BI /proc/ n /profile .BI /proc/ n /regs .BI /proc/ n /segment +.BI /proc/ n /srv/ chan .BI /proc/ n /status .BI /proc/ n /text .BI /proc/ n /wait @@ -127,6 +128,15 @@ for read-only, if any; starting virtual address, in hexadecimal; ending virtual address, and reference count. +.PP +The +.B srv +directory provides a directory holding already-open channels +to services in the style of +.IR srv (3). +This allows a process with appropriate permissions to execute the +.I ns +file and accurately reproduce the namespace of the process that is running. .PP The read-only .B status --- a/sys/src/9/port/devproc.c +++ b/sys/src/9/port/devproc.c @@ -28,6 +28,8 @@ Qnoteid, Qnotepg, Qns, + Qsrv, + Qchan, Qppid, Qproc, Qregs, @@ -100,6 +102,7 @@ "noteid", {Qnoteid}, 0, 0664, "notepg", {Qnotepg}, 0, 0000, "ns", {Qns}, 0, 0444, + "srv", {Qsrv,0,QTDIR}, 0, 0555, "ppid", {Qppid}, 0, 0444, "proc", {Qproc}, 0, 0400, "regs", {Qregs}, sizeof(Ureg), 0000, @@ -154,8 +157,8 @@ * in vers, * 32 bits of pid, for consistency checking */ -#define QSHIFT 5 /* location in qid of proc slot # */ - +#define QSHIFT 5 /* location in qid of proc slot # */ +#define CSHIFT (26+5) /* location in qid of chan # */ #define QID(q) ((((ulong)(q).path)&0x0000001F)>>0) #define SLOTMAX 0x4000000 #define SLOT(q) (((((ulong)(q).path)>>QSHIFT)&(SLOTMAX-1))-= 1) @@ -175,6 +178,39 @@ =20 static int lenwatchpt(Proc *); =20 +static Chan* +mntchan(Proc *p, Chan *c) +{ + char *s, *t, buf[32]; + Chan *nc, *mc; + Pgrp *pg; + Mount *f; + + s =3D c->path->s; + if((t =3D strrchr(s, '/')) !=3D nil) + s =3D t+1; + + pg =3D p->pgrp; + if(pg =3D=3D nil) + error(Eprocdied); + + nc =3D nil; + rlock(&pg->ns); + for(f =3D pg->mntorder; f !=3D nil; f =3D f->order){ + if(strcmp(f->to->path->s, "#M") !=3D 0) + continue; + mc =3D f->to->mchan; + snprint(buf, sizeof(buf), "%ld.%x.%llx", mc->dev, mc->type,= mc->qid.path); + if(strcmp(s, buf) =3D=3D 0){ + nc =3D f->to->mchan; + incref(nc); + break; + } + } + runlock(&pg->ns); + return nc; +} + static int procgen(Chan *c, char *name, Dirtab *tab, int, int s, Dir *dp) { @@ -182,7 +218,13 @@ Proc *p; char *ename; Segment *q; - ulong pid, path, perm, len; + Mount *f; + Chan *mc; + Pgrp *pg; + ulong pid, perm, len; + uvlong path; + char *e, *t; + int i; =20 if(s =3D=3D DEVDOTDOT){ mkqid(&qid, Qdir, 0, QTDIR); @@ -226,9 +268,46 @@ devdir(c, qid, up->genbuf, 0, p->user, 0555, dp); return 1; } + if(QID(c->qid) =3D=3D Qsrv){ + i =3D 0; + p =3D proctab(SLOT(c->qid)); + pg =3D p->pgrp; + if(pg =3D=3D nil || p->dot =3D=3D nil || p->pid !=3D PID(c-= >qid)) + error(Eprocdied); + rlock(&pg->ns); + for(f =3D pg->mntorder; f !=3D nil; f =3D f->order){ + if(strcmp(f->to->path->s, "#M") !=3D 0) + continue; + if(i++ >=3D s) + break; + } + if(f =3D=3D nil){ + runlock(&pg->ns); + return -1; + } + mc =3D f->to->mchan; + path =3D ((uvlong)i<qid.path&~((1<genbuf, sizeof(up->genbuf), "%ld.%x.%llx", mc->= dev, mc->type, mc->qid.path); + mkqid(&qid, path | Qchan, p->pid, QTFILE); + devdir(c, qid, up->genbuf, 0, p->user, 0400, dp); + runlock(&pg->ns); + return 1; + } + if(QID(c->qid) =3D=3D Qchan){ + p =3D proctab(SLOT(c->qid)); + if(p->dot =3D=3D nil || p->pid !=3D PID(c->qid)) + error(Eprocdied); + e =3D c->path->s; + if((t =3D strrchr(e, '/')) !=3D nil) + e =3D t+1; + snprint(up->genbuf, sizeof(up->genbuf), "%s", e); + mkqid(&qid, c->qid.path, p->pid, QTFILE); + devdir(c, qid, up->genbuf, 0, eve, 0400, dp); + return 1; + } if(c->qid.path =3D=3D Qtrace){ strcpy(up->genbuf, "trace"); - mkqid(&qid, Qtrace, -1, QTFILE); + mkqid(&qid, c->qid.path, -1, QTFILE); devdir(c, qid, up->genbuf, 0, eve, 0400, dp); return 1; } @@ -265,7 +344,7 @@ break; } =20 - mkqid(&qid, path|tab->qid.path, c->qid.vers, QTFILE); + mkqid(&qid, path|tab->qid.path, c->qid.vers, tab->qid.type); devdir(c, qid, tab->name, len, p->user, perm, dp); return 1; } @@ -398,6 +477,7 @@ c->offset =3D 0; return c; } + =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 p =3D proctab(SLOT(c->qid)); eqlock(&p->debug); @@ -436,7 +516,13 @@ if(omode !=3D OREAD) error(Eperm); break; - + case Qchan: + tc =3D mntchan(p, c); + if(tc =3D=3D nil) + error(Eshutdown); + devpermcheck(p->user, c->mode, omode); + nonone(p); + goto Found; case Qctl: case Qargs: case Qwait: @@ -488,8 +574,8 @@ clearwatchpt(p); break; } -=20=20=20=20=20=20=20 poperror(); +Found: qunlock(&p->debug); poperror(); =20 @@ -641,10 +727,11 @@ static int readns1(Chan *c, Proc *p, char *buf, int nbuf) { + char flag[10], srv[32]; Pgrp *pg; Mount *f; - char flag[10], *srv; - int i; + Chan *mc; + int i, n; =20 pg =3D p->pgrp; if(pg =3D=3D nil || p->dot =3D=3D nil || p->pid !=3D PID(c->qid)) @@ -656,32 +743,33 @@ rlock(&pg->ns); =20 i =3D 0; - for(f =3D pg->mntorder; f !=3D nil; f =3D f->order) { + for(f =3D pg->mntorder; f !=3D nil; f =3D f->order) if(i++ >=3D c->nrock) break; - } =20 if(f =3D=3D nil) { c->nrock =3D -1; - i =3D snprint(buf, nbuf, "cd %q\n", p->dot->path->s); + n =3D snprint(buf, nbuf, "cd %q\n", p->dot->path->s); } else { c->nrock =3D i; int2flag(f->mflag, flag); if(strcmp(f->to->path->s, "#M") =3D=3D 0){ - srv =3D f->to->mchan->srvname; - if(srv =3D=3D nil) - srv =3D f->to->mchan->path->s; - i =3D snprint(buf, nbuf, *f->spec? - "mount %s %q %q %q\n": "mount %s %q %q\n", = flag, - srv, f->umh->from->path->s, f->spec); + mc =3D f->to->mchan; + snprint(srv, sizeof(srv), "%ld.%x.%llx", mc->dev, m= c->type, mc->qid.path); + if(f->spec[0] !=3D 0) + n =3D snprint(buf, nbuf, "mount %s /proc/%l= ud/srv/%q %q %q\n", + flag, p->pid, srv, f->umh->from->pa= th->s, f->spec); + else + n =3D snprint(buf, nbuf, "mount %s /proc/%l= ud/srv/%q %q\n", + flag, p->pid, srv, f->umh->from->pa= th->s); }else{ - i =3D snprint(buf, nbuf, "bind %s %q %q\n", flag, + n =3D snprint(buf, nbuf, "bind %s %q %q\n", flag, f->to->path->s, f->umh->from->path->s); } } runlock(&pg->ns); =20 - return i; + return n; } =20 int ------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/Tdf1407e79f217ea2-M4ee7d= e06944875b04c453002 Delivery options: https://9fans.topicbox.com/groups/9fans/subscription