Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp909804yba;
        Sun, 31 Mar 2019 16:50:47 -0700 (PDT)
X-Google-Smtp-Source: APXvYqx8uHN6+JOhP7jEE+rD51GfUldQ9ExdgWeYCFdd2q/NHu8Fr34ctogodqQAyrPT4Vjdi817
X-Received: by 2002:a17:902:9304:: with SMTP id bc4mr62131039plb.81.1554076247008;
        Sun, 31 Mar 2019 16:50:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554076246; cv=none;
        d=google.com; s=arc-20160816;
        b=Kup1lEbotr6JSxZ3GkKwRrpuoyM0exnLkWwCXF3lUYrXu6UbGRunTjze7JeOSSJSIg
         JlPofBegcRmASiy0Ei73la/UiPH8aYFpybU/2rMHOk57OjNzE94MNtAaOWenGyLSfL6w
         RsCgiWp8udYwhyZQKC52PPxxlAOjoksHxkhaZhKQJWNJubZpqcXPgkZVX9QJARffLU0B
         6kiFeUugpTy8j1GWNE06NZoh7lP6+3960kEiN2ME13eeHtkOglVXCY7kkGOJdCXC1gLr
         e2lcAAOBCGsCfpITyERdeVxoj9fHWW2hbjN8F57EzbNVj3rV+01QBJleXglaHlBhDC2u
         7evA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=WBTeo2qxUB9ieNEd8dfLth/F+dGxSavIKp4cc9JjaeI=;
        b=aPJUfXQZbF+YV7nrSCLEbTAGgNCrtLuYv7ZiRjJ10oP3vigRRBUs9u/GxqzgrSovBc
         t3Dr4HHnreQ2eKNgCsph148eT+vkj85fnypUAeeMgmXioAXS2qjeSMUJ8MVu0WHdNI0o
         7gsR/glGNbGJ7c6I4k4RMBz4G+xPfIB0x4VsIb+OJVTL80j1DVDazxY43P5s866G0UwT
         9Ic0bY6VAXDBnP4ofOlu12Rnb7suE8FKGhecDiwKfapAKzJBto7twMdIdBzTPChKuF65
         OOzHK5Gogx98b26T7eu3kBmVp5kHaC2KKR8PA+4LwuezztlV4CaM5KA2DtZsZG/WTkkW
         FzVg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=g6hw4Wyi;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id r9si7125840pgp.193.2019.03.31.16.50.02;
        Sun, 31 Mar 2019 16:50:46 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=g6hw4Wyi;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731534AbfCaXr2 (ORCPT <rfc822;xqjcool@gmail.com> + 99 others);
        Sun, 31 Mar 2019 19:47:28 -0400
Received: from mail-lj1-f194.google.com ([209.85.208.194]:33038 "EHLO
        mail-lj1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1731324AbfCaXr1 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 31 Mar 2019 19:47:27 -0400
Received: by mail-lj1-f194.google.com with SMTP id f23so6451083ljc.0
        for <linux-kernel@vger.kernel.org>; Sun, 31 Mar 2019 16:47:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=WBTeo2qxUB9ieNEd8dfLth/F+dGxSavIKp4cc9JjaeI=;
        b=g6hw4WyiuNavWvkqNS46pi8KkrNLZlpvOL/MBNgMVbho0MGtcLOU/j0/yssaxlv7n0
         UOVFSP3OyBBtbtN36UUQTGd4pILdChm2JDYF2yB3xIIwylDnRdOdr7JDoOMlHCqbRp8J
         j2PsKeUM6jghTEfPCtPU1gdGeDSksvjYsLyIA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=WBTeo2qxUB9ieNEd8dfLth/F+dGxSavIKp4cc9JjaeI=;
        b=WUQC5g9HmXwZRwHlAEBfvE856jnXCXKOL/fxbcbboTT7/5xwrcNe9oS4PxnFDfwk7j
         ZTOrtimUJpN9iq4itSH6V+xoImVN6LsVWfYh4PuviFcPWM0sq8o6jjm9H0ZKzpHulOKc
         hrxidnD5xkhOHzsYrteUfZMKE8WbiEM5TRDcWrPW6f0qli549wX1Hs2qRD4aTk7seSJ/
         C0qu94F3eBZSeP1KCcvBfsoCTHPVW5mgMc18oLli+PvstsG5w7XKSbaaGn4819tOvJta
         7uF5lCnpCSQ9ZiBD4+NjCT9TIqKmfD6vLxElVgejs4LJP7QFV2hlEZUBZTZz6aWyV3jC
         V2rQ==
X-Gm-Message-State: APjAAAVu1O48VL6KMHUt/czDz0M1l1rBBsmi6rrv98utEt+09GnB2Yd0
        H3KatbUcOg9MF7fLXvWw4nLBqH1L3XY=
X-Received: by 2002:a2e:8e96:: with SMTP id z22mr32708089ljk.123.1554076045095;
        Sun, 31 Mar 2019 16:47:25 -0700 (PDT)
Received: from mail-lj1-f177.google.com (mail-lj1-f177.google.com. [209.85.208.177])
        by smtp.gmail.com with ESMTPSA id s67sm1714526lja.57.2019.03.31.16.47.24
        for <linux-kernel@vger.kernel.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 31 Mar 2019 16:47:24 -0700 (PDT)
Received: by mail-lj1-f177.google.com with SMTP id f23so6451069ljc.0
        for <linux-kernel@vger.kernel.org>; Sun, 31 Mar 2019 16:47:24 -0700 (PDT)
X-Received: by 2002:a2e:960b:: with SMTP id v11mr23033871ljh.135.1554075631490;
 Sun, 31 Mar 2019 16:40:31 -0700 (PDT)
MIME-Version: 1.0
References: <BCD99947-5F55-4116-8F74-D6832E50340B@brauner.io>
 <CAHk-=whcA0kAWGqet9oJdyttjhP7J4PcU2Ly=n_Qyo6rMJNxRg@mail.gmail.com>
 <CAKOZuevv_QgvzmusA+yey76vo4hn9bEVwud2RumuOr0K4++15A@mail.gmail.com>
 <CAHk-=wj0o8BiUrYiM5ZcTS6JxBh1M60O36Ms8-EqLQ139=1L4g@mail.gmail.com>
 <20190330171215.3yrfxwodstmgzmxy@brauner.io> <CAHk-=whF6gnRVbJaArZna4e=tejfrzmNQtRbWjnuSSKpBn+jQg@mail.gmail.com>
 <132107F4-F56B-4D6E-9E00-A6F7C092E6BD@amacapital.net> <CAHk-=wiaLtH41Mc5qAjOeCWavPqV0DhS581KYa0QBt8uraTK1Q@mail.gmail.com>
 <20190331211041.vht7dnqg4e4bilr2@brauner.io> <CAHk-=wi3AE1-iRQ_7LOeSMNAMrGxRdC=gTjD30duVw4XRchcNQ@mail.gmail.com>
 <20190331220259.qntxynluk765hpnt@brauner.io> <CAHk-=wh0jgRkZiNdFD96Zpjx+_G+NVSHieAt+QgWCQBJ2A-5Aw@mail.gmail.com>
In-Reply-To: <CAHk-=wh0jgRkZiNdFD96Zpjx+_G+NVSHieAt+QgWCQBJ2A-5Aw@mail.gmail.com>
From:   Linus Torvalds <torvalds@linux-foundation.org>
Date:   Sun, 31 Mar 2019 16:40:15 -0700
X-Gmail-Original-Message-ID: <CAHk-=whw1cnWPSWw1tHXT5xTMbnJFbCtx9_re6U1RZ_7LE9gXA@mail.gmail.com>
Message-ID: <CAHk-=whw1cnWPSWw1tHXT5xTMbnJFbCtx9_re6U1RZ_7LE9gXA@mail.gmail.com>
Subject: Re: [PATCH v2 0/5] pid: add pidfd_open()
To:     Christian Brauner <christian@brauner.io>
Cc:     Andy Lutomirski <luto@amacapital.net>,
        Daniel Colascione <dancol@google.com>,
        Jann Horn <jannh@google.com>,
        Andrew Lutomirski <luto@kernel.org>,
        David Howells <dhowells@redhat.com>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Linux API <linux-api@vger.kernel.org>,
        Linux List Kernel Mailing <linux-kernel@vger.kernel.org>,
        Arnd Bergmann <arnd@arndb.de>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Konstantin Khlebnikov <khlebnikov@yandex-team.ru>,
        Kees Cook <keescook@chromium.org>,
        Alexey Dobriyan <adobriyan@gmail.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Michael Kerrisk-manpages <mtk.manpages@gmail.com>,
        Jonathan Kowalski <bl0pbl33p@gmail.com>,
        "Dmitry V. Levin" <ldv@altlinux.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Oleg Nesterov <oleg@redhat.com>,
        Nagarathnam Muthusamy <nagarathnam.muthusamy@oracle.com>,
        Aleksa Sarai <cyphar@cyphar.com>,
        Al Viro <viro@zeniv.linux.org.uk>,
        Joel Fernandes <joel@joelfernandes.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Mar 31, 2019 at 3:16 PM Linus Torvalds
<torvalds@linux-foundation.org> wrote:
>
> I would actually suggest we just make the rules be that the
> pidfd_open() always return the internal /proc entry regardless of any
> mount-point (or any "hidepid")

The clever alternative, which might be the RightWay(tm) is to just
create a completely unattached dentry, and basically tie it into the
actual /proc filesystem hierarchy at lookup() time when somebody does
the openat() using it for the first time. You'd get a very simple
callback: since the dentry would be unattached, you'd be guaranteed to
get a "lookup()" from the VFS layer, and that lookup would then do the
"hook into the actual /proc filesystem".

We already kind of do things like that in the VFS layer when we have
unattached dentries (because of "look up by filehandle" etc). In many
ways the "pidfd_open()" really is exactly a "look up by file handle"
operation, it just so happens that the "file handle" is just the
pid/namespace combination.

And if the splice alias (which is what the VFS layer calls that "tie
aliased dentry to the parent" operation) fails, because the /proc
filesystem isn't mounted or whatever, then trying to look up names off
the thing will also fail.

It's a tiny bit too clever for my taste, and it's not *exactly* the
same thing as our normal inode alias handling, but it's pretty close
conceptually (and even practically).

So it would basically do something very similar to the ioctl, but it
would do it implicitly and automatically at that first lookup.

That would also mean that you'd not actually pay the cost of doing any
of this *unless* you also end up trying to open things in /proc using
that pidfd.

                    Linus