Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp781474ybl; Fri, 6 Dec 2019 06:11:36 -0800 (PST) X-Google-Smtp-Source: APXvYqyRXnX2KoVPM9ARunAkV6X9pN+vXqlPUQkJi30/oae3Tto64WVXSPYG8w7nMb5igdwOOb5s X-Received: by 2002:aca:3b89:: with SMTP id i131mr6318998oia.43.1575641496165; Fri, 06 Dec 2019 06:11:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575641496; cv=none; d=google.com; s=arc-20160816; b=EgHEOsc5soxIC2IZWViZGqqHFwiBPWFUGZUsVXUkA/wQdhianPHUv0xWGuYaSD4ECb cwE/zb6aSaWH7pb0A3XL2oCvVSLFoSSvZ0M4/RepilbSckYthFsg7jWigBmaGcJFRpZj nC6EDRvWIvb1zWFnl8/RngIUXTo9kHxJ2KRVn/2TulHRv6MHD/vLA8cho09ezEwLguT/ PJ6oNOhvtgtlahU6BUHXFDlptd5XVuKcILxtofsRJTwuY59WAP58qQuU4JfbyW0ukG0Z 5/qwMvXyTB8RNvy6VPoW9huu/BJ7BT/Q8wtleT1zqiJrkRYzFZEvG9ZVfG0vFmbri8Wa BEjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=1YCWj4FzeVMFw7aPkv0f3vTJdk6KStMPvm4QDDtRoKw=; b=xOMeuUszZHIoJY8ymciqws7xNIomTVXlPnk8r93zycNgTC4Q5I31QZj1nEdlD4QTYP vtns+8LxLm3ajE2vD6/0W97MUucBG9H8RqUfdqW9zpoACpC4M22f5c+WtF9b0igZdSyE WtHelYFnKB3iNaiPilu4vmmjeRVLsMAQS+8pSBTl9BMRuRod8WW2q/pnRs8rcjCE6snO smqi6ELlYZ9i6ABtSNIzBKYaUZnfNt8XyJYy2pKlPShln2ufUuRIoyW82LM1GU68mA3i Q5hQAe6bhfDQeZ7xIhkkn6qKnbwsHTPNPjzCmCZN4TsJJUXMNBb1CCYUfUqbhEn1d+JS TEvg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=wVsQlnEE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o4si6692488oif.58.2019.12.06.06.11.21; Fri, 06 Dec 2019 06:11:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=wVsQlnEE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726261AbfLFOKq (ORCPT + 99 others); Fri, 6 Dec 2019 09:10:46 -0500 Received: from mail-il1-f193.google.com ([209.85.166.193]:44024 "EHLO mail-il1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726195AbfLFOKq (ORCPT ); Fri, 6 Dec 2019 09:10:46 -0500 Received: by mail-il1-f193.google.com with SMTP id u16so6337022ilg.10 for ; Fri, 06 Dec 2019 06:10:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=1YCWj4FzeVMFw7aPkv0f3vTJdk6KStMPvm4QDDtRoKw=; b=wVsQlnEEP00IyLn0NxUfNYmgRpx08qlKit0M/qQKRFSZCiM/zugpkeZ7s3lWRpScqh j/3zA/S7huJHRyimHxTic6SikWnjV0zzDpxEnJTrAlWNsSZDTP2xKPou2MfQ83sdMPac vZPtpi4C2KmJNlaiblnd2JEh0hAaC7vEqrXM0KT6a3OVQCFAlMDEJCZz1f4Bsx2GX8pB //kWW+qa2xxBradAYr7rtqBRrvCvsEgMVz7aGaZSa+q3an17+hnpKfJ2xhutdlxKzV/n Y6rJynf/nqEznj7mqAKGZrB06A+IwIq+o/JqLgdnrF2IjQsgIvMeWoLxjn+uzSO2JeM1 C7Aw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=1YCWj4FzeVMFw7aPkv0f3vTJdk6KStMPvm4QDDtRoKw=; b=h59bgH1uvm8cxUumR7NrMAa08XFueyzVAES+d7uryQu8DIyF11PWSZ7QBMu6qpPZnC O14Jni9X8v5YKFebiyBp/WLvYX5wjAUm9iQCTc6O73LI8euZ5fPMT947o2JDCMVLb8di i3QYVw2O/0KADHBOR8v5OE8lmaUQRwyjD6w5DCxBDtgZWYkvsJyyrimFycLiRzgYkBIv V0dTM2knd0b5Co+B+GEfAFF/nAxH7NYS6uVnK1ix+VrjYCOtD9vVD1gWJG/wJWlee/lO PZTUr1VjHmekuX1l+W6gGXZolo8XN7wYu6QW+xbHsAfXsPXJ4WhCaJD5xYLTQNyPcH3F Fm2w== X-Gm-Message-State: APjAAAVoW2GXyBSUcztrVRS/B/Hb67ojB4LCHuJ5lYycEc/mSGCjFKBu BHEpFFghKbpsKzwR0tjRy7dg5L6m/LI= X-Received: by 2002:a92:4010:: with SMTP id n16mr15082339ila.260.1575641445120; Fri, 06 Dec 2019 06:10:45 -0800 (PST) Received: from cisco ([2601:282:902:b340:45e0:b82b:a61a:f45]) by smtp.gmail.com with ESMTPSA id e73sm3174303iof.63.2019.12.06.06.10.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Dec 2019 06:10:44 -0800 (PST) Date: Fri, 6 Dec 2019 07:10:45 -0700 From: Tycho Andersen To: Sargun Dhillon Cc: linux-kernel@vger.kernel.org, containers@lists.linux-foundation.org, linux-api@vger.kernel.org Subject: Re: [RFC PATCH] ptrace: add PTRACE_GETFD request Message-ID: <20191206141045.GA22803@cisco> References: <20191205234450.GA26369@ircssh-2.c.rugged-nimbus-611.internal> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20191205234450.GA26369@ircssh-2.c.rugged-nimbus-611.internal> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Dec 05, 2019 at 11:44:53PM +0000, Sargun Dhillon wrote: > PTRACE_GETFD is a generic ptrace API that allows the tracer to > get file descriptors from the traceee. > > The primary reason to use this syscall is to allow sandboxers to I might change this to "one motivation to use this ptrace command", because I'm sure people will invent other crazy uses soon after it's added :) > take action on an FD on behalf of the tracee. For example, this > can be combined with seccomp's user notification feature to extract > a file descriptor and call privileged syscalls, like binding > a socket to a privileged port. This can already be accomplished via injecting parasite code like CRIU does; adding a ptrace() command like this makes it much nicer to be sure, but it is redundant. Tycho