Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp193737yba; Mon, 1 Apr 2019 04:42:27 -0700 (PDT) X-Google-Smtp-Source: APXvYqx9t4b9UGQCjWqS5mjEbpCvEwTH3WuVH3HfgFSLHdZhzX311oPXQiwDAl6yK8F1W8xfMTO7 X-Received: by 2002:a63:464c:: with SMTP id v12mr59710601pgk.431.1554118947288; Mon, 01 Apr 2019 04:42:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554118947; cv=none; d=google.com; s=arc-20160816; b=BDrONxNrt6Sumg7JMy1ZrGImYX38yh5KK7TccUlcfllTQ8pz6jkv/O8i4QslKDkDdZ /UN0O4S9+BTF9IOCRseZaS6qoef6yjTxzCDT0GUifmcuiEz819PNCEIHaS1Yic/yvZ+k DHl2C0QEvJckRW5pSsR4rUshJinLlTgky4kpW887r7ASq7flGRcc5Jpp0XvKplVbCmx1 b7BpYnuQhKDwoKuB7PO67/BFHpG2SOnOUzJZnwq8XpDD9wgQK90+AzZPWKg7H5pmSoXv NzLmBAFkhiGXPCq2FoSgzCLjCLQkrXAhr9bEcckyZlxUc5iDKmIS1aVqJE9F88DzSa5e fpMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=XAVRrT99J+MaHfBRDexnpL2uxnIQSQI26Oxlnr+OnWw=; b=Yf6Ex5xu+UbDE+dyREFY2PTfPcU+gbeJaGtASmUHIrV8uUc7p+dGp0eK1Bc9KdP+1G bHzvcNbR1XieB1r+aij1DLRWSs14CiYtKxO4uF4X+rlHo7jHajNAiVWENjS6Qpd2CKQ+ W0rpTpu1JtUkC/VpzJ/EHA39nZ3drLNP3C0I5wVGzIjlUz4CuhYGhUa1ZOxFwl4t0sy5 8ZsQ5TwpsZBAv0CTYR5iJve0E5lUqZQucnf8wRvYWjYZ5Vz/W0Up7kTYy6XNe/EJMkfA OmsFAGRYofbVzYQtH2RaGAIxw4ybPm2ekBrCbQFIwt0LIyYhRau+xKXnXJKMS5lrG3Vy VRLw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 3si8865966plb.138.2019.04.01.04.42.11; Mon, 01 Apr 2019 04:42:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726657AbfDALl0 (ORCPT + 99 others); Mon, 1 Apr 2019 07:41:26 -0400 Received: from mx1.mailbox.org ([80.241.60.212]:22514 "EHLO mx1.mailbox.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725882AbfDALl0 (ORCPT ); Mon, 1 Apr 2019 07:41:26 -0400 Received: from smtp2.mailbox.org (smtp2.mailbox.org [80.241.60.241]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by mx1.mailbox.org (Postfix) with ESMTPS id 419814B320; Mon, 1 Apr 2019 13:41:23 +0200 (CEST) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.241]) by spamfilter05.heinlein-hosting.de (spamfilter05.heinlein-hosting.de [80.241.56.123]) (amavisd-new, port 10030) with ESMTP id IOGL-zbc8q-w; Mon, 1 Apr 2019 13:41:15 +0200 (CEST) Date: Mon, 1 Apr 2019 22:40:59 +1100 From: Aleksa Sarai To: Andy Lutomirski Cc: Linus Torvalds , Christian Brauner , Daniel Colascione , Jann Horn , Andrew Lutomirski , David Howells , "Serge E. Hallyn" , Linux API , Linux List Kernel Mailing , Arnd Bergmann , "Eric W. Biederman" , Konstantin Khlebnikov , Kees Cook , Alexey Dobriyan , Thomas Gleixner , Michael Kerrisk-manpages , Jonathan Kowalski , "Dmitry V. Levin" , Andrew Morton , Oleg Nesterov , Nagarathnam Muthusamy , Al Viro , Joel Fernandes Subject: Re: [PATCH v2 0/5] pid: add pidfd_open() Message-ID: <20190401114059.7gdsvcqyoz2o5bbz@yavin> References: <20190330171215.3yrfxwodstmgzmxy@brauner.io> <132107F4-F56B-4D6E-9E00-A6F7C092E6BD@amacapital.net> <20190331211041.vht7dnqg4e4bilr2@brauner.io> <18C7FCB9-2CBA-4237-94BB-9C4395A2106B@amacapital.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="25pmwozcsd4oz3nu" Content-Disposition: inline In-Reply-To: <18C7FCB9-2CBA-4237-94BB-9C4395A2106B@amacapital.net> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --25pmwozcsd4oz3nu Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2019-03-31, Andy Lutomirski wrote: > > On Mar 31, 2019, at 3:17 PM, Linus Torvalds wrote: > >> On Sun, Mar 31, 2019 at 2:10 PM Christian Brauner wrote: > >>=20 > >> I don't think that we want or can make them equivalent since that would > >> mean we depend on procfs. > >=20 > > Sure we can. > >=20 > > If /proc is enabled, then you always do that dance YOU ALREADY WROTE > > THE CODE FOR to do the stupid ioctl. > >=20 > > And if /procfs isn't enabled, then you don't do that. > >=20 > > Ta-daa. Done. No stupid ioctl, and now /proc and pidfd_open() return > > the same damn thing. > >=20 > > And guess what? If /proc isn't enabled, then obviously pidfd_open() > > gives you the /proc-less thing, but at least there is no crazy "two > > different file descriptors for the same thing" situation, because then > > the /proc one doesn't exist. > >=20 >=20 > I wish we could do this, and, in a clean design, it would be a > no-brainer. But /proc has too much baggage. Just to mention two such > things, there=E2=80=99s =E2=80=9Cnet=E2=80=9D and =E2=80=9C../sys=E2=80= =9D. This crud is why we have all > kinds of crazy rules that prevent programs in sandboxes from making a > new mounts and mounting /proc in it. If we make it possible to clone > a new process and this access /proc without having /proc mounted, > we=E2=80=99ll open up a big can of worms. >=20 > Maybe we could have a sanitized view of /proc and make a pidfd be a > directory fd pointing at that. Eric pitched a procfs2 which would *just* be the PIDs some time ago (in an attempt to make it possible one day to mount /proc inside a container without adding a bunch of masked paths), though it was just an idea and I don't know if he ever had a patch for it. --=20 Aleksa Sarai Senior Software Engineer (Containers) SUSE Linux GmbH --25pmwozcsd4oz3nu Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEb6Gz4/mhjNy+aiz1Snvnv3Dem58FAlyh+MsACgkQSnvnv3De m594TxAAjp/c/+ioZ4kkBDXBVo5DcRQPv6/qMJoXgrrw8oDsyu9ckVAVZSkaG4FB LM7XvaBZ+g2QINvBt8SvFtIQ/u7d6teG8U6JDGMX7XexGBA+tF9LDWVNQbLm6JSl b4erFNO8TkU2NTse5GZwXtikwSTb73a2Wh64Gm3UecbCVcSqlfiyTcl/VaJi6qEQ sptUXDyhEuVdsj0hYCoDpiL+4p9irTvyv3l0iTuZAX3I2zPFmS4eV1EeFTf35/Cp IN1LBORiP/dpSajfa9qT5APY8DRbBsYwdrlFqPjRRl6vDJGmJJFb1YzQb0J9TfYu XQTiMwUyY1ulYvhpQ30pXLsIeWeD5WJOG0hhT1F3mAgspSbYfeL3BFAbLGP4lnpO 5ASt6Y/0/Ge5HDLN9/NORVBQE6cA+h/xtBHu7W3jmXUHnbbEBfaasMcPNlu/E6Ca DBwx+1qIaI+EHsbFTr3/ojz6nVE58NQP3SLHKDxrdCgx5cgi1ycTJHvZ5gY2Ol// se8XaGf/wV63K5DY7lEGl1oZpLbV73cGVuQ7yx95fcSCwi7lgjuhBpKmmDD3EnPX meOoswqmGii5UlXl7accFAYXh0Myonu4cU63yittocdITmBAricXmMwE1dXRlS61 kx/S7b9UdsZ9glW0jpfvTkShdRsktQ75YWYamCo3FIw4J0Tu1Wo= =7TA4 -----END PGP SIGNATURE----- --25pmwozcsd4oz3nu--