RFR: 8226919: attach in linux hangs due to permission denied accessing /proc/pid/root

Larry Cable duke at openjdk.org
Wed May 1 20:10:01 UTC 2024


On Wed, 1 May 2024 18:35:29 GMT, Larry Cable <duke at openjdk.org> wrote:

>> Do you mean that it should compare the input PID against the outermost (leftmost) PID in the `NSpid` list from `/proc/<pid>/status` and not innermost (rightmost) as is done right now? What would be the benefit of that? Or did you mean something else?
>> 
>> I'm working on a fix for https://bugs.openjdk.org/browse/JDK-8327114 right now, and it occurred to me that there is a tiny risk of `pid != ns_pid` not evaluating to `true` even though the processes are in different PID namespaces (because two different PID namespaces can have the same PIDs). I think it could be mitigated by always trying `/proc/<pid>/root/tmp` first, and if it cannot be read, fall back to `/tmp`.
>
> c.f: /proc/<pid>/ns/pid 
> 
> every (Linux) namespace has a unique id, if 2 (or more) processes occupy the same pid namespace (or any other for that matter) then their ../ns/pid namespace ids will be the same.

**`Files.readSymbolicLink(Path.of("/proc/self/ns/pid"))`**

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/17628#discussion_r1586769059


More information about the serviceability-dev mailing list