Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp2219562ybl; Sat, 25 Jan 2020 20:11:28 -0800 (PST) X-Google-Smtp-Source: APXvYqyrUOIVq4FWquLidWzWyqiDkryJzT31qkM18XrC2bv2Y1uGpWf/Q+nkAVIUwVadVxNpTJ/s X-Received: by 2002:a9d:7c91:: with SMTP id q17mr8465082otn.293.1580011888790; Sat, 25 Jan 2020 20:11:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580011888; cv=none; d=google.com; s=arc-20160816; b=Na//Plq0g5qhElFUu1LYvwKnzcdqzFL8DS4w4gEmxmx9TBeYj56Q4Ej6fqjYxYHj4N wLM26ZSVB5IiUoZYaw5nXnNF1wpNIidmF0uNJFtYH9PYdRGHeO3cuA9/ARX8eoiddoIV tl1GX+Jus5EPceMJvhlhee6uT0sUFY3SZdb6ivNBn9fiO8V5dnHSpO7jeKd6vYHNVk0j 7Atsnq3FwpJCu4bbQqrDItx8CD39WRjEaY3YZueBhPVX315Bx3DZb4iShiD7nTwDQMYC tja9pqHqBz0ix4GnrVAzo8CiglJfYxtb+gYMrdegOnAusqMAuuVOU1G+x+w6QW8Fc3Ij jR5w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=bWn5/PH6wAuwe4BMdexYhMJ1OAEvuN84B7NZIBDa8rI=; b=v1IwVio9xNeucZPIxeqvbbrLex0ZsAVlzcwmepmbrCMKhxO7Z+QFg2byqKyk5D0SME yXnJJ4pm1JJMcmZOTklHTjJGFvxhQELwZpehFIspHj5RDlBomt5cQ/0DAIUKGOYBZ4to nKBIyFrwxF1k/ZEoyKWpc2ZiuUx06d+Qkc1a7Q95UEGwY7cWYu+kpZMbiwKqOmmgdb3Y WXCOeHO9dcsKrD7syMNpuYdsrSUk+EUMm5K6zaOMQ/V443zAh2DM5YTJM2Lk/bgrEsyJ 5a4wCUH+G11paH9yWlteNs4k7+GJ7NpmHTqgzdHktUCaOGzAEYh/qou/GuqoTUVavSYH PzsQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z4si1681829oix.48.2020.01.25.20.11.16; Sat, 25 Jan 2020 20:11:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729196AbgAZEKX (ORCPT + 99 others); Sat, 25 Jan 2020 23:10:23 -0500 Received: from mout-p-102.mailbox.org ([80.241.56.152]:45856 "EHLO mout-p-102.mailbox.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728842AbgAZEKX (ORCPT ); Sat, 25 Jan 2020 23:10:23 -0500 Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by mout-p-102.mailbox.org (Postfix) with ESMTPS id 484ztj4mYPzKmmG; Sun, 26 Jan 2020 05:10:21 +0100 (CET) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp1.mailbox.org ([80.241.60.240]) by spamfilter01.heinlein-hosting.de (spamfilter01.heinlein-hosting.de [80.241.56.115]) (amavisd-new, port 10030) with ESMTP id cyVBuGgdlFHA; Sun, 26 Jan 2020 05:10:18 +0100 (CET) Date: Sun, 26 Jan 2020 15:10:09 +1100 From: Aleksa Sarai To: Sargun Dhillon Cc: Tycho Andersen , LKML , Linux Containers , Linux API , Linux FS-devel Mailing List , Christian Brauner Subject: Re: [PATCH 3/4] seccomp: Add SECCOMP_USER_NOTIF_FLAG_PIDFD to get pidfd on listener trap Message-ID: <20200126041009.wubw4t5iaypf6bkk@yavin.dot.cyphar.com> References: <20200124091743.3357-1-sargun@sargun.me> <20200124091743.3357-4-sargun@sargun.me> <20200124180332.GA4151@cisco> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="b547hxjkssbqtln5" Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --b547hxjkssbqtln5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2020-01-24, Sargun Dhillon wrote: > On Fri, Jan 24, 2020 at 10:03 AM Tycho Andersen wrote: > > > > On Fri, Jan 24, 2020 at 01:17:42AM -0800, Sargun Dhillon wrote: > > > Currently, this just opens the group leader of the thread that trigge= re > > > the event, as pidfds (currently) are limited to group leaders. > > > > I don't love the semantics of this; when they're not limited to thread > > group leaders any more, we won't be able to change this. Is that work > > far off? > > > > Tycho >=20 > We would be able to change this in the future if we introduced a flag like > SECCOMP_USER_NOTIF_FLAG_PIDFD_THREAD which would send a > pidfd that's for the thread, and not just the group leader. The flag could > either be XOR with SECCOMP_USER_NOTIF_FLAG_PIDFD, or > could require both. Alternatively, we can rename > SECCOMP_USER_NOTIF_FLAG_PIDFD to > SECCOMP_USER_NOTIF_FLAG_GROUP_LEADER_PIDFD. Possibly unpopular proposal -- would it make sense to just store the pidfd_open(2) flags rather than coming up with our own set for SECCOMP_USER_NOTIF? If/when pidfds are expanded to include non-leaders there will be a corresponding flag for pidfd_open(2). Something like: struct seccomp_notif { __u64 id; __u32 pid; __u32 flags; struct seccomp_data data; __u64 pidfd_flags; // or __u32 -- not sure what Christian plans __u32 pidfd; __u32 __padding; }; This does mean there'll be an additional flags field, but I think it's a slightly more consistent way to indicate "SECCOMP_USER_NOTIF_FLAG_PIDFD implies a pidfd_open(2) on the traced task". --=20 Aleksa Sarai Senior Software Engineer (Containers) SUSE Linux GmbH --b547hxjkssbqtln5 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQSxZm6dtfE8gxLLfYqdlLljIbnQEgUCXi0RHgAKCRCdlLljIbnQ EhRBAP9kCf5WxYqsddLpbde2EDbbHMYUsQFCJzkEKqYgxO8v6gEAodewLdV9xQjY t35JSLzrhWvvTNnq1B+Vvdyvj9MvDwA= =bVpa -----END PGP SIGNATURE----- --b547hxjkssbqtln5--