RFR: 8226919: attach in linux hangs due to permission denied accessing /proc/pid/root
Larry Cable
duke at openjdk.org
Wed May 1 20:10:01 UTC 2024
On Wed, 1 May 2024 18:35:29 GMT, Larry Cable <duke at openjdk.org> wrote:
>> Do you mean that it should compare the input PID against the outermost (leftmost) PID in the `NSpid` list from `/proc/<pid>/status` and not innermost (rightmost) as is done right now? What would be the benefit of that? Or did you mean something else?
>>
>> I'm working on a fix for https://bugs.openjdk.org/browse/JDK-8327114 right now, and it occurred to me that there is a tiny risk of `pid != ns_pid` not evaluating to `true` even though the processes are in different PID namespaces (because two different PID namespaces can have the same PIDs). I think it could be mitigated by always trying `/proc/<pid>/root/tmp` first, and if it cannot be read, fall back to `/tmp`.
>
> c.f: /proc/<pid>/ns/pid
>
> every (Linux) namespace has a unique id, if 2 (or more) processes occupy the same pid namespace (or any other for that matter) then their ../ns/pid namespace ids will be the same.
**`Files.readSymbolicLink(Path.of("/proc/self/ns/pid"))`**
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17628#discussion_r1586769059
More information about the serviceability-dev
mailing list