Re: [PATCH v2 0/4] time namespace aware system boot time
On Thu, Oct 08, 2020 at 07:39:40AM +0200, Michael Weiß wrote: > Time namespaces make it possible to virtualize time inside of > containers, e.g., it is feasible to reset the uptime of a container > to zero by setting the time namespace offset for boottime to the > negated current value of the CLOCK_BOOTTIME. > > However, the boot time stamp provided by getboottime64() does not > take care of time namespaces. The resulting boot time stamp 'btime' > provided by /proc/stat does not show a plausible time stamp inside > the time namespace of a container. > > We address this by shifting the value returned by getboottime64() > by subtracting the boottime offset of the time namespace. > (A selftest to check the expected /proc/stat 'btime' inside the > namespace is provided.) > > Further, to avoid to show processes as time travelers inside of the > time namespace the boottime offset then needs to be added to the > start_bootime provided by the task_struct. > > v2 Changes: > Fixed compile errors with TIME_NS not set in config > Reported-by: kernel test robot Hey Michael, Thanks for the patches. This looks like a good idea to me. Since /proc/uptime is now virtualized according to the timens the caller is in btime has to be virtualized too. Christian
[PATCH v2 0/4] time namespace aware system boot time
Time namespaces make it possible to virtualize time inside of containers, e.g., it is feasible to reset the uptime of a container to zero by setting the time namespace offset for boottime to the negated current value of the CLOCK_BOOTTIME. However, the boot time stamp provided by getboottime64() does not take care of time namespaces. The resulting boot time stamp 'btime' provided by /proc/stat does not show a plausible time stamp inside the time namespace of a container. We address this by shifting the value returned by getboottime64() by subtracting the boottime offset of the time namespace. (A selftest to check the expected /proc/stat 'btime' inside the namespace is provided.) Further, to avoid to show processes as time travelers inside of the time namespace the boottime offset then needs to be added to the start_bootime provided by the task_struct. v2 Changes: Fixed compile errors with TIME_NS not set in config Reported-by: kernel test robot Michael Weiß (4): timens: additional helper function to add boottime in nsec time: make getboottime64 aware of time namespace fs/proc: apply timens offset for start_boottime of processes selftests/timens: added selftest for /proc/stat btime fs/proc/array.c | 6 ++- include/linux/time_namespace.h | 13 ++ kernel/time/timekeeping.c | 3 ++ tools/testing/selftests/timens/procfs.c | 58 - 4 files changed, 77 insertions(+), 3 deletions(-) -- 2.20.1