Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1400009imu;
        Thu, 22 Nov 2018 15:46:40 -0800 (PST)
X-Google-Smtp-Source: AFSGD/Wn/mA8w1/shtLDRdBwEj9A2WDoMJmn99QcuvUQl+9lhW0SwsEv/J6ZnHNqIJ5vGXBYgLLd
X-Received: by 2002:a65:624c:: with SMTP id q12mr11880072pgv.379.1542930400785;
        Thu, 22 Nov 2018 15:46:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1542930400; cv=none;
        d=google.com; s=arc-20160816;
        b=g1EPvlGR3POuGf/YCQT21eJZuEIzRHWe8t5jcmig81JE40VLC7xvpJ+66tOYKPjQJh
         eYRe0AliEensVwGzJthPEYqQEz4JMtZFRf0foUqrRIWYMMsGtjWCWhrUmXXd6Xv7G8Gi
         d4tILjJ9zdQlbJdTrYE7kBFOd5c+wzvAAN/Rk2wvR2mjeKBVSZwWNqI1W4WuwN+VbAN8
         8ikjbZm5n2pv/Djpc4tkFunEcXQDJVv0RW7UwwOqAaZIQTqpHmc+2oy62+cx/D+gk9zd
         3DyPIEx66m+b83ZAophPrxG50blOFYmFA4v3G5fMLYbak43fAwj1vhlNO6bkfNkW7JoO
         BC4g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=J/xOC6LEpWRbvpUtaVjIeVMEBCHc73DI9SiU8z/+uUM=;
        b=bUR/dU4wNhOePb6q1olI08e90e/k4TeiyrqU5t6MDrZzByN/L5OGlO0/M/FKbB/p7L
         hhW/XRgqw4/coarbprYC31Jxqs+bentndGl6MvOl+ZzuiyWyC80IaXesHmV5vz8s9PDM
         qYeDWbgd83whsQc6AFS7GFM1hSAByDuONR36PDSzyMha9X3TRksOtgpxzk5W4UP3I+J0
         6AjDpCNuKMamVArQUB01AwVSvvTupQzjLae0cl5qHYuRBQN1FTsRwWhXw2FSZmmINetq
         0L2vka59XXy/AhoC+f2J68vKRSfWuZmjjq91w8b/Wg8X+UA7uOiNXzUTTSXW0rV6xq0G
         EzYg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h127si24491374pfe.204.2018.11.22.15.46.13;
        Thu, 22 Nov 2018 15:46:40 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2405040AbeKVS0Y (ORCPT <rfc822;zjuysxie86@gmail.com>
        + 99 others); Thu, 22 Nov 2018 13:26:24 -0500
Received: from mail.hallyn.com ([178.63.66.53]:57188 "EHLO mail.hallyn.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729423AbeKVS0X (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 22 Nov 2018 13:26:23 -0500
Received: by mail.hallyn.com (Postfix, from userid 1001)
        id A25CAB47; Thu, 22 Nov 2018 01:48:07 -0600 (CST)
Date:   Thu, 22 Nov 2018 01:48:07 -0600
From:   "Serge E. Hallyn" <serge@hallyn.com>
To:     Tycho Andersen <tycho@tycho.ws>
Cc:     Christian Brauner <christian@brauner.io>, ebiederm@xmission.com,
        linux-kernel@vger.kernel.org, serge@hallyn.com, jannh@google.com,
        luto@kernel.org, akpm@linux-foundation.org, oleg@redhat.com,
        cyphar@cyphar.com, viro@zeniv.linux.org.uk,
        linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org,
        dancol@google.com, timmurray@google.com, linux-man@vger.kernel.org,
        Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH v1 2/2] signal: add procfd_signal() syscall
Message-ID: <20181122074807.GB15484@mail.hallyn.com>
References: <20181119103241.5229-1-christian@brauner.io>
 <20181119103241.5229-3-christian@brauner.io>
 <20181119223954.GA4992@cisco>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20181119223954.GA4992@cisco>
User-Agent: Mutt/1.9.4 (2018-02-28)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Nov 19, 2018 at 03:39:54PM -0700, Tycho Andersen wrote:
> On Mon, Nov 19, 2018 at 11:32:39AM +0100, Christian Brauner wrote:
> >
> > +/**
> > + *  sys_procfd_signal - send a signal to a process through a process file
> > + *                      descriptor
> > + *  @fd: the file descriptor of the process
> > + *  @sig: signal to be sent
> > + *  @info: the signal info
> > + *  @flags: future flags to be passed
> > + */
> > +SYSCALL_DEFINE4(procfd_signal, int, fd, int, sig, siginfo_t __user *, info,
> > +		int, flags)
> > +{
> 
> Can I just register an objection here that I think using a syscall
> just for this is silly?
> 
> My understanding is that the concern is that some code might do:
> 
> unknown_fd = recv_fd();
> ioctl(unknown_fd, SOME_IOCTL, NULL); // where SOME_IOCTL == PROC_FD_KILL
> // whoops, unknown_fd was a procfd and we killed a task!

This could just be my own mental model, but for something like "kill a
task", an ioctl just seems wrong.  Syscall seems more natural.

I'd ack either method.

-serge