Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp921084yba;
        Sun, 31 Mar 2019 17:10:47 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyVTgLULJDh7UMnKuwW1vrG3V7suJLGQROwVPHZHdpgGleEnVyAbBINu1PYgDLqYpWx1jGw
X-Received: by 2002:a65:6656:: with SMTP id z22mr55670345pgv.95.1554077447160;
        Sun, 31 Mar 2019 17:10:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554077447; cv=none;
        d=google.com; s=arc-20160816;
        b=yC/ZrcYAm7C69hsM+gLvezqLlW8RS2UimLkowPon2ufxxyeFcXTUcOXgbkEIU0+O2j
         iLreGF4I9nXjSK+bv0NVmRANUBfcwLPqoqGeQeVqV27bZ9O2O0yKCaU+IsYbIXcVQgbr
         y0H5mKRd+TmaKrcFBOx/1ot0ZHL6Eh8dlMnYq3S/YaleW+ZpS6+WxtQeeiOApB39w3Tf
         Rn0/bNs3bNbBdgr87bm6TZ9oL3lUKmXeYcL1U0gF/AVRlNHaSiQVfAtQRriMXDSzy+m4
         23/BGE0iL8vOs3p/6TbHMKIbETzzsYDzNUuYDTtZkNvuhvOtFYqw+66HaXNtymZw9Cny
         yzRA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=QXMe8T6H7kOHAi2/biMxdli2+QX9nFd9xPz8x85BLnY=;
        b=JhmIIMTRYytPHoX3nhsD5YR6nkjLWPX5wpEsKcFsod8nXTDd8E2j0uFl2ypEaKblT9
         d+eCkDKh87NPOSOfx1KkiTiz3DPc4w1ziZYsmUPfRB9ZtAWTw5T56JyzrCxz2UnCLj9K
         8QF4eF0PNpeYLt48yS7YMQmEGGjmsXSeHN3qMu3K6A6rCGZALlmINVh5QORMly/U3+8D
         AOJ3dqeHi+T3OgTDDMFzpanYzvAaK8E/9fdUhvfy6VWHQMM9/LBRRvtuSL/hpsTUClW5
         IKXccLzjMmMA70vt5yHlQDrfZ60Rsoyy89XrphrnxaKLrjo4urRC18NjeErkymzfiv50
         pIPA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id a17si6078437pgk.572.2019.03.31.17.10.30;
        Sun, 31 Mar 2019 17:10:47 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731583AbfDAAJx (ORCPT <rfc822;xqjcool@gmail.com> + 99 others);
        Sun, 31 Mar 2019 20:09:53 -0400
Received: from zeniv.linux.org.uk ([195.92.253.2]:44934 "EHLO
        ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1731335AbfDAAJx (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 31 Mar 2019 20:09:53 -0400
Received: from viro by ZenIV.linux.org.uk with local (Exim 4.92 #3 (Red Hat Linux))
        id 1hAkW9-0005yb-Rm; Mon, 01 Apr 2019 00:09:37 +0000
Date:   Mon, 1 Apr 2019 01:09:37 +0100
From:   Al Viro <viro@zeniv.linux.org.uk>
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Christian Brauner <christian@brauner.io>,
        Andy Lutomirski <luto@amacapital.net>,
        Daniel Colascione <dancol@google.com>,
        Jann Horn <jannh@google.com>,
        Andrew Lutomirski <luto@kernel.org>,
        David Howells <dhowells@redhat.com>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Linux API <linux-api@vger.kernel.org>,
        Linux List Kernel Mailing <linux-kernel@vger.kernel.org>,
        Arnd Bergmann <arnd@arndb.de>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Konstantin Khlebnikov <khlebnikov@yandex-team.ru>,
        Kees Cook <keescook@chromium.org>,
        Alexey Dobriyan <adobriyan@gmail.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Michael Kerrisk-manpages <mtk.manpages@gmail.com>,
        Jonathan Kowalski <bl0pbl33p@gmail.com>,
        "Dmitry V. Levin" <ldv@altlinux.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Oleg Nesterov <oleg@redhat.com>,
        Nagarathnam Muthusamy <nagarathnam.muthusamy@oracle.com>,
        Aleksa Sarai <cyphar@cyphar.com>,
        Joel Fernandes <joel@joelfernandes.org>
Subject: Re: [PATCH v2 0/5] pid: add pidfd_open()
Message-ID: <20190401000937.GG2217@ZenIV.linux.org.uk>
References: <CAHk-=wj0o8BiUrYiM5ZcTS6JxBh1M60O36Ms8-EqLQ139=1L4g@mail.gmail.com>
 <20190330171215.3yrfxwodstmgzmxy@brauner.io>
 <CAHk-=whF6gnRVbJaArZna4e=tejfrzmNQtRbWjnuSSKpBn+jQg@mail.gmail.com>
 <132107F4-F56B-4D6E-9E00-A6F7C092E6BD@amacapital.net>
 <CAHk-=wiaLtH41Mc5qAjOeCWavPqV0DhS581KYa0QBt8uraTK1Q@mail.gmail.com>
 <20190331211041.vht7dnqg4e4bilr2@brauner.io>
 <CAHk-=wi3AE1-iRQ_7LOeSMNAMrGxRdC=gTjD30duVw4XRchcNQ@mail.gmail.com>
 <20190331220259.qntxynluk765hpnt@brauner.io>
 <CAHk-=wh0jgRkZiNdFD96Zpjx+_G+NVSHieAt+QgWCQBJ2A-5Aw@mail.gmail.com>
 <CAHk-=whw1cnWPSWw1tHXT5xTMbnJFbCtx9_re6U1RZ_7LE9gXA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAHk-=whw1cnWPSWw1tHXT5xTMbnJFbCtx9_re6U1RZ_7LE9gXA@mail.gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Mar 31, 2019 at 04:40:15PM -0700, Linus Torvalds wrote:

> The clever alternative, which might be the RightWay(tm) is to just
> create a completely unattached dentry, and basically tie it into the
> actual /proc filesystem hierarchy at lookup() time when somebody does
> the openat() using it for the first time. You'd get a very simple
> callback: since the dentry would be unattached, you'd be guaranteed to
> get a "lookup()" from the VFS layer, and that lookup would then do the
> "hook into the actual /proc filesystem".

Ugh...  Which vfsmount would you have to go with it?

> We already kind of do things like that in the VFS layer when we have
> unattached dentries (because of "look up by filehandle" etc). In many
> ways the "pidfd_open()" really is exactly a "look up by file handle"
> operation, it just so happens that the "file handle" is just the
> pid/namespace combination.

Except that we never let unattached _directory_ dentries out - if
we can't reattach them to the tree, open-by-handle will tell you to
take a hike.

> And if the splice alias (which is what the VFS layer calls that "tie
> aliased dentry to the parent" operation) fails, because the /proc
> filesystem isn't mounted or whatever, then trying to look up names off
> the thing will also fail.

> It's a tiny bit too clever for my taste, and it's not *exactly* the
> same thing as our normal inode alias handling, but it's pretty close
> conceptually (and even practically).

It's more than a tiny bit too clever for mine...

> So it would basically do something very similar to the ioctl, but it
> would do it implicitly and automatically at that first lookup.
> 
> That would also mean that you'd not actually pay the cost of doing any
> of this *unless* you also end up trying to open things in /proc using
> that pidfd.

Al, back to normal life and digging through several flamefests from
hell...