Received: by 2002:a25:5b86:0:0:0:0:0 with SMTP id p128csp2628955ybb; Sat, 30 Mar 2019 09:35:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqz5s31HphxCXNEjT2tAcfnwHNTcF/WN5mI5zA+B3Uv5WIy+J3PLqSFWIl6WIb/fLbSfir// X-Received: by 2002:a17:902:7c8a:: with SMTP id y10mr14340778pll.232.1553963710073; Sat, 30 Mar 2019 09:35:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553963710; cv=none; d=google.com; s=arc-20160816; b=xJEeaH1Enc6iWVsiOQetutBYfqDp1zFExc++b6GrLfEezn8ysCa2q5TOsqH81FCfCD OgFGU4B+kLlS6yWcHsB4PSzHkVxu5j+bvy6r2XgrOl9rh29IxiFPFGzYg3ESV1g6v5iw 46jYHi5N86inUnJ4lq7UCpgfk3XuQMMt4vWrezcIt6P+aHJxxr6dcrSA09nva4jbGTZY WOf4TYg86zMY1LVhdm/6iA0bu8tvWuV5ub02kI3i7osOQz86NM9tRM/5K8bHSCceGskL iHWK+Bn/5ZmIeMRFmmdE1ROBsSJ5UcEKaZaDSQeXrZMLMpMawyGc/aZ15EMe2iM7AS63 1Vmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=kJlkPNizVF+Qb0ZGxKZFsp+UcFxnswGnvXVIUjOU9lM=; b=pKXyCWYjNvNCqTFApXE8I7fnxA48czoX+EJ7phZ7Uv0r6iqheloLTJhrcItPEUpYXt IojTtH9YeCO6dK1mDNTUErDPF0lx7oDFWnl3IGA3Sey/AsbyyBubJQFDbUrquwFuz5JX TZGj9PtGsTNMaG91Ick5rKIJaFHKG7BvsSECWwYk4cWadrDDO13AmU1uCaXeDTjErTpa 0hmX2xGyZrGWrhtVhPLZyF37U53Y+PBzygJc2+eHXoZ1NHoq/ZQsJkmSJcp3XqXcS57j wcPUVXmh1PC10H0LOOLZ5RiapGsy7Z6d0hem6TwAAtfF00dP8HZt9f50y7Y6jt17emVe LA9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Z11OVFj8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r17si4835668pgh.311.2019.03.30.09.34.52; Sat, 30 Mar 2019 09:35:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Z11OVFj8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730528AbfC3QeP (ORCPT + 99 others); Sat, 30 Mar 2019 12:34:15 -0400 Received: from mail-vs1-f66.google.com ([209.85.217.66]:46579 "EHLO mail-vs1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730396AbfC3QeP (ORCPT ); Sat, 30 Mar 2019 12:34:15 -0400 Received: by mail-vs1-f66.google.com with SMTP id e2so2396559vsc.13 for ; Sat, 30 Mar 2019 09:34:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kJlkPNizVF+Qb0ZGxKZFsp+UcFxnswGnvXVIUjOU9lM=; b=Z11OVFj8Bg29I9qcG4RQ9+ya10+DIpMrc16ThZb0TgSK+ryAxkezx+/hAqyc/Ewg1K U20s5X1GzD4hkbadd0W69ZqzZuj1MAsg6ExqnYcK+WT+oGBACiagEE2P1r8/RUXjclSe 17zPWicTu98EQUsDhjr7HlF+mOF3GyFL0ncVMeg8lgtVHM2Kd4anwKBE/RaF9ix/KzzE SpWEkwJP7O2u+//KTDBvgiQJArBruEoW9O6ok30uDfb2E5/nSpLicMnC9Gm6nrmazYkZ fUEW0D7Uxd5cCo4MuR0SizjJqn5TYIwhhAkx2XDr7Vs5g0f3GKoR1NPKbhsRL2xzqOOD SmAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kJlkPNizVF+Qb0ZGxKZFsp+UcFxnswGnvXVIUjOU9lM=; b=T2P10sE+P/k27JxAVRZ8INxQH92EFNSjnVQyTV6oSNq6fbd+XWoPVBT27PIt7F+teR 02LGdr+g+CihmDk5XIanbOzo7pgW57qrgwnBOWYfmDxdRjYRIEF9JxYfF1oa081zAN6x gslnmRughYl6j+CIfjYxqT93qU5NX21dRvl6dHde1v3jmIrxtNXioZWgaHGcCjf5ZJF0 d/g3j0vB0wNQM9MAndMAbMpBJreqM551gFu3hLh0c5DSroRYRqmolnWnv5LENbINyenO R2H9ioQum3dwn/wKf9EjvlEwAZOu3YIJjCsi8zV9nUPFXoCE/rKF8/OciyYh/FxCEgNj b5gA== X-Gm-Message-State: APjAAAXtUu4P/KkZw7R5KR9D1ZSfCQx67nHlQFnIx+FNupvyvl/9uC8A HP8Jh5BJ08NIL1xgoXjAf1QZ1sMhMkk7KWsvUfyezA== X-Received: by 2002:a67:f353:: with SMTP id p19mr33902362vsm.114.1553963653811; Sat, 30 Mar 2019 09:34:13 -0700 (PDT) MIME-Version: 1.0 References: <20190329155425.26059-1-christian@brauner.io> In-Reply-To: From: Daniel Colascione Date: Sat, 30 Mar 2019 09:34:02 -0700 Message-ID: Subject: Re: [PATCH v2 0/5] pid: add pidfd_open() To: Linus Torvalds Cc: Christian Brauner , Jann Horn , Andrew Lutomirski , David Howells , "Serge E. Hallyn" , Linux API , Linux List Kernel Mailing , Arnd Bergmann , "Eric W. Biederman" , Konstantin Khlebnikov , Kees Cook , Alexey Dobriyan , Thomas Gleixner , Michael Kerrisk-manpages , Jonathan Kowalski , "Dmitry V. Levin" , Andrew Morton , Oleg Nesterov , Nagarathnam Muthusamy , Aleksa Sarai , Al Viro , Joel Fernandes Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Mar 30, 2019 at 9:24 AM Linus Torvalds wrote: > > On Sat, Mar 30, 2019 at 9:19 AM Christian Brauner wrote: > > > > From pure API perspective that's all I care about: independence of procfs. > > Once we have pidfd_open() we can cleanly signal threads etc. > > But "independence from procfs" means that you damn well don't then do > "oh, now I have a pidfd, I want to turn it into a /proc fd and then > munge around there". > > So I'm literally saying that it had better really *be* independent > from /proc. It is the standalone version, but it's most definitely > also the version that doesn't then give you secret access to /proc. Just to be clear, I'm not proposing granting secret access to procfs, and as far as I can see, nobody else is either. We've been talking about making it easier to avoid races when you happen to want a pidfd and a procfs fd that point to the same process, not granting access that you didn't have before. If you'd rather not connect procfs and pidfds, we can take this functionality off the table.