On Mon, Mar 16, 2026 at 12:34:18PM +0100, Pavel Tikhomirov wrote: > > > On 3/13/26 12:09, Pavel Tikhomirov wrote: > > First testcase "pidns_init_via_setns" checks that a process can become > > Pid 1 (init) in a new Pid namespace created via unshare() and joined via > > setns(). > > > > Second testcase "pidns_init_via_setns_set_tid" checks that during this > > process we can use clone3() + set_tid and set the pid in both the new > > and old pid namespaces (owned by different user namespaces). > > > > Signed-off-by: Pavel Tikhomirov <[email protected]> > > --- > > .../selftests/pid_namespace/.gitignore | 1 + > > .../testing/selftests/pid_namespace/Makefile | 2 +- > > .../pid_namespace/pidns_init_via_setns.c | 238 ++++++++++++++++++ > > 3 files changed, 240 insertions(+), 1 deletion(-) > > create mode 100644 > > tools/testing/selftests/pid_namespace/pidns_init_via_setns.c > > > > diff --git a/tools/testing/selftests/pid_namespace/.gitignore > > b/tools/testing/selftests/pid_namespace/.gitignore > > index 5118f0f3edf4..c647c6eb3367 100644 > > --- a/tools/testing/selftests/pid_namespace/.gitignore > > +++ b/tools/testing/selftests/pid_namespace/.gitignore > > @@ -1,2 +1,3 @@ > > pid_max > > +pidns_init_via_setns > > regression_enomem > > diff --git a/tools/testing/selftests/pid_namespace/Makefile > > b/tools/testing/selftests/pid_namespace/Makefile > > index b972f55d07ae..b01a924ac04b 100644 > > --- a/tools/testing/selftests/pid_namespace/Makefile > > +++ b/tools/testing/selftests/pid_namespace/Makefile > > @@ -1,7 +1,7 @@ > > # SPDX-License-Identifier: GPL-2.0 > > CFLAGS += -g $(KHDR_INCLUDES) > > > > -TEST_GEN_PROGS = regression_enomem pid_max > > +TEST_GEN_PROGS = regression_enomem pid_max pidns_init_via_setns > > > > LOCAL_HDRS += $(selfdir)/pidfd/pidfd.h > > > > diff --git a/tools/testing/selftests/pid_namespace/pidns_init_via_setns.c > > b/tools/testing/selftests/pid_namespace/pidns_init_via_setns.c > > new file mode 100644 > > index 000000000000..7e4c610291d3 > > --- /dev/null > > +++ b/tools/testing/selftests/pid_namespace/pidns_init_via_setns.c > > @@ -0,0 +1,238 @@ > > +// SPDX-License-Identifier: GPL-2.0 > > +#define _GNU_SOURCE > > +#include <fcntl.h> > > +#include <sched.h> > > +#include <stdio.h> > > +#include <sys/types.h> > > +#include <unistd.h> > > + > > +#include "kselftest_harness.h" > > +#include "../pidfd/pidfd.h" > > + > > +/* > > + * Test that a process can become PID 1 (init) in a new PID namespace > > + * created via unshare() and joined via setns(). > > + * > > + * Flow: > > + * 1. Parent creates a pipe for synchronization. > > + * 2. Parent forks a child. > > + * 3. Parent calls unshare(CLONE_NEWPID) to create a new PID namespace. > > + * 4. Parent signals the child via the pipe. > > + * 5. Child opens parent's /proc/<ppid>/ns/pid_for_children and calls > > + * setns(fd, CLONE_NEWPID) to join the new namespace. > > + * 6. Child forks a grandchild. > > + * 7. Grandchild verifies getpid() == 1. > > + */ > > +TEST(pidns_init_via_setns) > > +{ > > + pid_t child, parent_pid; > > + int pipe_fd[2]; > > + char buf; > > + > > + parent_pid = getpid(); > > + > > + ASSERT_EQ(0, pipe(pipe_fd)); > > + > > + child = fork(); > > + ASSERT_GE(child, 0); > > + > > + if (child == 0) { > > + char path[256]; > > + int nsfd; > > + pid_t grandchild; > > + > > + close(pipe_fd[1]); > > + > > + /* Wait for parent to complete unshare */ > > + ASSERT_EQ(1, read_nointr(pipe_fd[0], &buf, 1)); > > + close(pipe_fd[0]); > > + > > + snprintf(path, sizeof(path), > > + "/proc/%d/ns/pid_for_children", parent_pid); > > + nsfd = open(path, O_RDONLY); > > + ASSERT_GE(nsfd, 0); > > + > > + ASSERT_EQ(0, setns(nsfd, CLONE_NEWPID)); > > + close(nsfd); > > + > > + grandchild = fork(); > > + ASSERT_GE(grandchild, 0); > > + > > + if (grandchild == 0) { > > + /* Should be init (PID 1) in the new namespace */ > > + if (getpid() != 1) > > + _exit(1); > > + _exit(0); > > + } > > + > > + ASSERT_EQ(0, wait_for_pid(grandchild)); > > + _exit(0); > > + } > > + > > + close(pipe_fd[0]); > > + > > + if (geteuid()) > > + ASSERT_EQ(0, unshare(CLONE_NEWUSER)); > > I think it's better to move this hack above to the very top of the test. > > Was found by > https://sashiko.dev/#/patchset/20260313111014.2068913-1-ptikhomirov%40virtuozzo.com
Please resend and include a new entry for pid namespaces as a patch. Make me a maintainer and yourself a reviewer, please.
