Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3720imu; Thu, 6 Dec 2018 17:55:35 -0800 (PST) X-Google-Smtp-Source: AFSGD/Un4N2znfzj2N1iKBTihAH5dhYPj+b93UiE+DrDIEIbwWMew2ZW8eUBFMk2fom0xqpaYYKk X-Received: by 2002:a62:5ec5:: with SMTP id s188mr325940pfb.145.1544147735420; Thu, 06 Dec 2018 17:55:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544147735; cv=none; d=google.com; s=arc-20160816; b=jZu4hG761bnRThE0X/KrsZmEXBJZp4GKcQwLmaGMzm+sEZ6XVkg/iGJsFFWWK5OkUx XyJGs0k8rPZrEgBGXWKOXAmb7YUPNaaJ4RvcKBSaUwhYrD5M+G5m0x0Dsskm8EtdRl/o cZ7b+341EjLyTH9fMeu7y38uULDb+Vyj3YOZtmXyECD9LpG9YQPgkij6N7H7aFRSZ9nA 4p9hFRhAwwWJL6NiFs8NUev+34RJ4NbrQZlQpiDpRaX3nm54vQUVQl7TLLSCJyxwip4G HQNZrTS8a32WZKXZvw7e6muTp2gmDg2AvTz+phluAnNHHSExDX4g/e252NJKDglYrHQU GReQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=jCp9zSHxwCnpi2/0yviu5WcOYP/JYRvOA53MN4tCT5Q=; b=CExJD6oC1gLZ3IMxr1DHW3uTRqNfE7QKVQmH1Xjp4pa69bUx4+DgCExXut3+ft7yGV scsQd6kwzFZNmY5I9XD8++A7M/JZ89geZdbxZ0VfVdUbpilRBikHK5sRWDl3RTgsA1kb Orx4uw7wgg4MhmL+scWHUZfphhr94G2e9OG8iLr4ajB0ERYfNS5gBCTXBpC54TVuXWis 0luTY9p9rhS7mDOuu/ZpdBRd5dFH/71gcODbinQF5D0xP/tAAG+2g+qMmVcKtrrN1B7A Ok2IzfOGY/BJH6pM3udcSDkUYzY/JL4j4OXIf9RtkGCOEYGCNFIpEP7HSonMi5oTsWvO O3mw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@brauner.io header.s=google header.b=Qu1icf17; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v2si1588133pgn.451.2018.12.06.17.55.16; Thu, 06 Dec 2018 17:55:35 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@brauner.io header.s=google header.b=Qu1icf17; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725989AbeLGByi (ORCPT + 99 others); Thu, 6 Dec 2018 20:54:38 -0500 Received: from mail-pg1-f196.google.com ([209.85.215.196]:34468 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725950AbeLGByh (ORCPT ); Thu, 6 Dec 2018 20:54:37 -0500 Received: by mail-pg1-f196.google.com with SMTP id 17so988947pgg.1 for ; Thu, 06 Dec 2018 17:54:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=jCp9zSHxwCnpi2/0yviu5WcOYP/JYRvOA53MN4tCT5Q=; b=Qu1icf172sfLziqp8xzL0CxHBR3HSI+eO5KL2NnB7q8NnkP4MJtM53LeCEsHnmahIE gAyN7n8iK9SUiK1l0YcSKqpLicRwMXO3v3oRzcEuIL1224k5pA0COaZcjY0ekd+faQy1 UaY+6h9c68gTsmoq7ZTrLSrrHffiGnAceAAUEjOYbDM6ccbVLOxOHvfmFdpTvGyvE/tN JTpap+zo4zJaST5gueoecdRycqIMH2fYil+0KjFWx70jgz9I9pSR1hBOslVaz30/qjnY Q1l+uzOgoyyTsEH8f+xnyE8LmqrSTc9YHQtkh10kvga326Un8myg41LNit6B2Lv/KYGk YgTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=jCp9zSHxwCnpi2/0yviu5WcOYP/JYRvOA53MN4tCT5Q=; b=ay8+9tFDEkXCvKlkXMuFOYCrU2+J03CI2OefNxqiw3RLDn0Utf1NZJSdiIhePZWUS1 AnRAyaYmZl1a/6tI/DHhPjRQGejqLFlszAkatoKQR4vfmyi1FHQgNlD3O64ZIcD7Y+Ya 6Anpp8LO73hXObd0Endj6hMI1xmC6xFi8NYPniKJEKKIZScDcPE7D8feYoqYziGGodIW y7+39X5HK8FXfOdjGTtOuHeJB0LB9POcpJ1NXGH33bRjNWVlDUhxlZWKowuMjtBRaTOq lhGslFb+1AatBXjh3PnJe1h1GZaJSZCSxibEznWzkcP4WWWbXJMmA01hH3Df0vPQrMfP Z4gg== X-Gm-Message-State: AA+aEWaaB5Ro1bk4R2rhbepbxf0ZN0cV0hVlKsdwqkSr7Nps6R391O+k wOP2LMeIOgNnzOj/geQYy249SA== X-Received: by 2002:a65:6542:: with SMTP id a2mr265580pgw.389.1544147676112; Thu, 06 Dec 2018 17:54:36 -0800 (PST) Received: from brauner.io ([130.195.55.143]) by smtp.gmail.com with ESMTPSA id n7sm2712390pff.36.2018.12.06.17.54.28 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 06 Dec 2018 17:54:35 -0800 (PST) Date: Fri, 7 Dec 2018 02:54:25 +0100 From: Christian Brauner To: Daniel Colascione Cc: "Serge E. Hallyn" , "Eric W. Biederman" , linux-kernel , Linux API , Andy Lutomirski , Arnd Bergmann , Jann Horn , Andrew Morton , Oleg Nesterov , Aleksa Sarai , Al Viro , Linux FS Devel , Tim Murray , linux-man , Kees Cook , Florian Weimer , tglx@linutronix.de, x86@kernel.org Subject: Re: [PATCH v4] signal: add taskfd_send_signal() syscall Message-ID: <20181207015423.4miorx43l3qhppfz@brauner.io> References: <20181206193017.wpxls5p3zgjd6rv2@brauner.io> <871s6u9z6u.fsf@xmission.com> <20181206213152.gvci7ijr3dokew7w@brauner.io> <87o99y72gi.fsf@xmission.com> <20181206223948.gyfdtkgbhtozmpsp@brauner.io> <20181206231742.xxi4ghn24z4h2qki@brauner.io> <20181207003124.GA11160@mail.hallyn.com> <20181207005917.GA11302@mail.hallyn.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20180716 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Dec 06, 2018 at 05:39:18PM -0800, Daniel Colascione wrote: > On Thu, Dec 6, 2018 at 4:59 PM Serge E. Hallyn wrote: > > > > On Thu, Dec 06, 2018 at 04:34:54PM -0800, Daniel Colascione wrote: > > > On Thu, Dec 6, 2018 at 4:31 PM Serge E. Hallyn wrote: > > > > > > > > On Fri, Dec 07, 2018 at 12:17:45AM +0100, Christian Brauner wrote: > > > > > On Thu, Dec 06, 2018 at 11:39:48PM +0100, Christian Brauner wrote: > > > > > > On Thu, Dec 06, 2018 at 03:46:53PM -0600, Eric W. Biederman wrote: > > > > > > > Christian Brauner writes: > > > > > > > > > > > > > > >> Your intention is to add the thread case to support pthreads once the > > > > > > > >> process case is sorted out. So this is something that needs to be made > > > > > > > >> clear. Did I miss how you plan to handle threads? > > > > > > > > > > > > > > > > Yeah, maybe you missed it in the commit message [2] which is based on a > > > > > > > > discussion with Andy [3] and Arnd [4]: > > > > > > > > > > > > > > Looking at your references I haven't missed it. You are not deciding > > > > > > > anything as of yet to keep it simple. Except you are returning > > > > > > > EOPNOTSUPP. You are very much intending to do something. > > > > > > > > > > > > That was clear all along and was pointed at every occassion in the > > > > > > threads. I even went through the hazzle to give you all of the > > > > > > references when there's lore.kernel.org. > > > > > > > > > > > > > > > > > > > > Decide. Do you use the flags parameter or is the width of the > > > > > > > target depending on the flags. > > > > > > > > > > Ok, let's try to be constructive. I understand the general concern for > > > > > the future so let's put a contract into the commit message stating that > > > > > the width of the target aka *what is signaled* will be based on a flag > > > > > parameter if we ever extend it: > > > > > > > > > > taskfd_send_signal(fd, SIGSTOP, NULL, TASKFD_PGID); > > > > > taskfd_send_signal(fd, SIGSTOP, NULL, TASKFD_TID); > > > > > > > > > > with the current default being > > > > > > > > > > taskfd_send_signal(fd, SIGSTOP, NULL, TASKFD_PID); > > > > > > > > > > This seems to me the cleanest solution as we only use one type of file > > > > > descriptor. Can everyone be on board with this? If so I'm going to send > > > > > out a new version of the patch. > > > > > > > > > > Christian > > > > > > > > I'm on board with this, but I think you need to also clarify what exactly > > > > the fd stands for. I think that (a) userspace should not have to care > > > > about the struct pid implementation, and so (b) the procfd should stand > > > > for all the pids. So when taskfd_send_signal(fd, SIGSTOP, NULL, TASKFD_PGID) > > > > becomes implemented, then open(/proc/5) will pin all three pids, as will > > > > open(/proc/5/task/6). > > > > > > This change doesn't "pin" any PID, and it makes no sense to make a > > > process FD stand for all its threads. What does that even mean? > > > > Currently the patch relies on the procfd inode saving a copy to the PIDTYPE_PID > > pid. > > struct pid doesn't have a type field. The interpretation depends on > the caller's use of the struct pid, and in the current path, that's > PIDTYPE_PID. What, specifically, is wrong with the current approach? > > > I'm not sure offhand, can it go to the PIDTYPE_PGID from that after the > > task has died, or not? I didn't think so. If it can then great. > > You're arguing that something that does, in fact, work, is somehow > broken in some unspecified way. The kill_pid_info lookup works fine. > What, specifically, is wrong with the semantics as implemented? > > > The point is (a) these are details which should not have to bother userspace, > > These details *don't* bother userspace. > > You're raising concerns that are either imaginary or long-since > addressed. Does the patch cause some kind of maintenance burden? No, > it doesn't, not moreso than any other piece of code. Does the > interface have unclear semantics? No, it clearly sends a signal to a > process, just like kill. Does the patch expose kernel implementation > details? No, it doesn't, because the interface is simply not defined > in terms of these details. Do we need to change how signal delivery > works? No, because if it's fine for kill, it's fine for this facility, > and if some future signal cleanup separates the cases more, that > cleanup can change this code as well. > > The change is well-documented, simple, extensible, and addresses an > actual problem. Every legitimate technical criticism has now been > addressed. I don't understand where this opposition is coming from, > since the objections refer to nothing that's actually in the patch or > exposed to the user. > > > and (b) how to decide who we're sending the signal to (tid/pid/pgid) should > > be specified in precisely one way. So either a flag, or comign from the type > > of fd that was opened. > > You can't send signals to a thread with the current patch. There's no > ambiguity in providing zero ways to do something. So Serge's point is not about changing the current patch. What he's basically saying is: If we are expected to state how we were to extend this syscall in the future which Serge and I figured is currently Eric's only remaining objection then: - flags are a good way to go (I agree) - there's a concrete way how to do this by stashing the relevent struct pids for PIDTYPE_PID, PIDTYPE_TGID, PIDTYPE_PGID in file->private_data which can then be retrieved in taskfd_send_signal() There is not intent nor requirement to do this right now. What we have right now is fine for a start, I agree! But here's how we go forward if we ever need to! :) Christian