Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp2784189ybl; Thu, 19 Dec 2019 21:22:52 -0800 (PST) X-Google-Smtp-Source: APXvYqzryu1p/YD0fhBsHoXUMH5RwGtWY4PhC6qOxLGiFooUIlQRoyQGYy1W9dC46xYqbfXQBwZ5 X-Received: by 2002:a05:6830:145:: with SMTP id j5mr12349152otp.242.1576819371828; Thu, 19 Dec 2019 21:22:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1576819371; cv=none; d=google.com; s=arc-20160816; b=lXc8RIlKehA3kDRZxGb/HmNfmB4Lddk3gk1xFKTHIaeeulnV3o4aTnS+IAkTp4Ah9s rqnhr/rHjRuZHUCXabB2NynfL86avTPCcxiin1SyUhkNFa6KqoCpaJYJgltgI9lEwC3b G+WRqFDAPB1A3/PBNtjIV3MbJJQFVkVADRNrf/w/mVLJQKGHPle8lYchCgEsMnFpnU+N S3wZriqzL38oOdvBi40VtHx7JRsvQ6udA9/YTdyli7SBGnbvMp1nFu7WqnXJSJ9ggWcF rAT/l2nVVBt3FcdQpLiNuBj1wMkt7vAUKT1BUUPkzy+JxO6LlUpDP2MPQUwvva0H1kxK 4Nxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=c2KTmXeXeXMiud96l6nUg2edTQgCxfxouifxscVRf0g=; b=tWCHfoahwljORKXpAUEOryyIFou0rpga4IdnfW95jfFnpOXS+FVwFqVGxbB9i6b+ep cirbmIHVZQnD045RKgFNFTsd4Pg8rmuSssplFLZ1EoC698OjgZC/UGcmFq7lgVf3Tbxr dGLcoFbD81IYdReXlYPsg4f171xpr+lvPV4fPjjze37Bjl+thxeY8b3oLeMFcWk0Eqn5 Nm/PGqMjnUBZm/ZbHcgkJHDPz0IeJcDkuR9SyfUrEuvMSCtFTtFPghh5PZadz1f3fPHk 0gCr/0ADbmvSkC+igPUtxLmS84MwIHF4CTHUpRaNd1Uq6mBlDp2/EoEYR6TL01wb2iM2 6S+w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=WNGXalv6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k15si1719989oij.134.2019.12.19.21.22.39; Thu, 19 Dec 2019 21:22:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=WNGXalv6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727165AbfLTFWB (ORCPT + 99 others); Fri, 20 Dec 2019 00:22:01 -0500 Received: from mail-ed1-f68.google.com ([209.85.208.68]:42141 "EHLO mail-ed1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725941AbfLTFWB (ORCPT ); Fri, 20 Dec 2019 00:22:01 -0500 Received: by mail-ed1-f68.google.com with SMTP id e10so7081580edv.9 for ; Thu, 19 Dec 2019 21:22:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=c2KTmXeXeXMiud96l6nUg2edTQgCxfxouifxscVRf0g=; b=WNGXalv6wGknAwomwUwaovAuPTvIQk7Xl9TqqlQvmj1rGqrkoFkmOPGli//9tqbPOv bC0y5Bs/3eANQWEqTALhW5Dku73NB5ieBnYuYxc1jUL3Zr8Uqy/gnWwYBGWtxLUJLsqD Tp7EfFzYyAQ8cd9J2+BJ9gPXs0uV9dWqQzzK8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=c2KTmXeXeXMiud96l6nUg2edTQgCxfxouifxscVRf0g=; b=nzRTujtf2wBsde//Z5EcUQ7A7ZvsVDrqmsa6qDWuMfvmxmHPh9oaDznmRsvHcXtbBq x0MC1crhx9OiHgCD1kMnC7d3Jehy91vEEhUL9lOuJExwvy//R0gmjevbAU5R7ESIRnAH Cj+KSTv+d9CVW0N9fu+JT2KeTfakGfD6sUavXhz8cP4J+osNBArwI2gRGBhtPXHZex+z A/SoYLswzxJISJMnAhBoCAAVDvMEbUIvUyd9AVf0+R1GGPCbTyhhmCrNz5diOZH63/PZ 85o+akogNiZnUThPYy/+aQYezC/Y91NtyjHBzSEPXZkO3fjsqjT6vVRwWbhFRRcIvGHy 8+/Q== X-Gm-Message-State: APjAAAWKNHOx0PCK/jREtkexNvsFGjL6n8gJLUKRBEejlyVlZ2QUZxxr C6WPoapQ8Sjaj7wvGT0vIQfBY6EaGllIVsmmBpAYeQ== X-Received: by 2002:a17:906:4f93:: with SMTP id o19mr13905879eju.52.1576819319133; Thu, 19 Dec 2019 21:21:59 -0800 (PST) MIME-Version: 1.0 References: <20191218235459.GA17271@ircssh-2.c.rugged-nimbus-611.internal> In-Reply-To: From: Sargun Dhillon Date: Thu, 19 Dec 2019 21:21:23 -0800 Message-ID: Subject: Re: [PATCH v4 2/5] pid: Add PIDFD_IOCTL_GETFD to fetch file descriptors from processes To: Andy Lutomirski Cc: LKML , Linux Containers , Linux API , Linux FS Devel , Tycho Andersen , Jann Horn , Aleksa Sarai , Christian Brauner , Oleg Nesterov , Al Viro , Gian-Carlo Pascutto , =?UTF-8?Q?Emilio_Cobos_=C3=81lvarez?= , Florian Weimer , Jed Davis , Arnd Bergmann Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Dec 19, 2019 at 5:43 PM Andy Lutomirski wrote: > > > I don't think this is MODE_READ. By copying an fd from the task, you > can easily change its state. Would PTRACE_MODE_ATTACH_REALCREDS work? I'm curious what kind of state change you can cause by borrowing an FD? > > IMO it would be really nice if pidfd could act more like a capability > here and carry a ptrace mode, for example. But I guess it doesn't > right now. > > > --Andy