Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp3215090ybz; Mon, 27 Apr 2020 12:01:57 -0700 (PDT) X-Google-Smtp-Source: APiQypJvr97yiO38D5CV6z239Dz2hriZMoVHRrcI9dLc0sc9mI8wGG5z6NnQK/wj00j3mP4eFsD3 X-Received: by 2002:aa7:c2d2:: with SMTP id m18mr20352393edp.142.1588014117746; Mon, 27 Apr 2020 12:01:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588014117; cv=none; d=google.com; s=arc-20160816; b=Ckl6lLfkpI5wPARXlKNn4GPjrRUB7rPrEvoqE+MsGNtYBWK85QUiryn4e9+wTYb4fT Xi48olmiMTSRD9YevIEgdLPMqBopPsbNrwh8yMGZT1tSdH/xQf3do1EeMzSsQsnNinRG I9F/J7yjLU+VpggSbjYMj6NJmzehiUi0Nv6JeIxRqGmHfuBN3jU5q00vF6iZVuXBg5ZD 1hTNo56X+L+vm2KRM9S+JO7VagLUjbtynQB6VbB4f4l40hBW4ybgp4mTDJlBy6peKjat nhLg3nKs0RaY+V/9Zpco7o0AE2RR8hql8fsjHU+nx6fliZN+8sGp/9KruU21r1vhCjGQ KDWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=R2OCHlvmUJ99+fQE3dixIGaDOyRLbeGvrGGB7kPId7w=; b=hkFxkL6/e9BCejmqEmFMwILiOPmZ1vDWzCdBbpJOPsUzz/YZ7prZNZKqfp+VJ2qfCD nxPPgN7XOdc6DVyJhu6ILV/x9TXCVM4AWcxx4K0n/McYSEQNK4QaVkFlYFEgwYzMe5Ml S1FhlusHPs9SKALVFPPvZmtLj62olKrXiGVNMR+OLGmsVu6SrUsZLeM8Uvq3chbvQ2hM i6vHySfZMI6Edf7KPB7ezE1bsAm/0pcUUmDaIoYu4jQ8yDdKUIFegBoD4hWRQbAg5Gto L8V5wrEqnzK3SjL+Caw70FBmCqKmic9qli/x3/EDzFhwh6mac676Wh0eI0Dq9OgTdQDe 3U9A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n3si266581edv.601.2020.04.27.12.01.34; Mon, 27 Apr 2020 12:01:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726748AbgD0S7m (ORCPT + 99 others); Mon, 27 Apr 2020 14:59:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48514 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726260AbgD0S7m (ORCPT ); Mon, 27 Apr 2020 14:59:42 -0400 Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [IPv6:2001:67c:2050::465:202]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1790DC0610D5; Mon, 27 Apr 2020 11:59:42 -0700 (PDT) Received: from smtp2.mailbox.org (smtp2.mailbox.org [IPv6:2001:67c:2050:105:465:1:2:0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 499vGK29VXzQlH3; Mon, 27 Apr 2020 20:59:37 +0200 (CEST) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.241]) by spamfilter04.heinlein-hosting.de (spamfilter04.heinlein-hosting.de [80.241.56.122]) (amavisd-new, port 10030) with ESMTP id q-xPfyQwqZzM; Mon, 27 Apr 2020 20:59:33 +0200 (CEST) Date: Mon, 27 Apr 2020 20:59:29 +0200 From: Hagen Paul Pfeifer To: "Eric W. Biederman" Cc: Jann Horn , Christian Brauner , kernel list , Florian Weimer , Al Viro , Christian Brauner , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Arnd Bergmann , Brian Gerst , Sami Tolvanen , David Howells , Aleksa Sarai , Andy Lutomirski , Oleg Nesterov , Arnaldo Carvalho de Melo , Sargun Dhillon , Linux API , linux-arch , Linus Torvalds , Greg Kroah-Hartman Subject: Re: [RFC v2] ptrace, pidfd: add pidfd_ptrace syscall Message-ID: <20200427185929.GA1768@laniakea> References: <20200426130100.306246-1-hagen@jauu.net> <20200426163430.22743-1-hagen@jauu.net> <20200427170826.mdklazcrn4xaeafm@wittgenstein> <87zhawdc6w.fsf@x220.int.ebiederm.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87zhawdc6w.fsf@x220.int.ebiederm.org> X-Key-Id: 98350C22 X-Key-Fingerprint: 490F 557B 6C48 6D7E 5706 2EA2 4A22 8D45 9835 0C22 X-GPG-Key: gpg --recv-keys --keyserver wwwkeys.eu.pgp.net 98350C22 X-Rspamd-Queue-Id: A09E7176C X-Rspamd-Score: 0.58 / 15.00 / 15.00 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Eric W. Biederman | 2020-04-27 13:18:47 [-0500]: >I am conflicted about that but I have to agree. Instead of >duplicating everything it would be good enough to duplicate the once >that cause the process to be attached to use. Then there would be no >more pid races to worry about. >How does this differ using the tracing related infrastructure we have >for the kernel on a userspace process? I suspect augmenting the tracing >infrastructure with the ability to set breakpoints and watchpoints (aka >stopping userspace threads and processes might be a more fertile >direction to go). > >But I agree either we want to just address the races in PTRACE_ATTACH >and PTRACE_SIEZE or we want to take a good hard look at things. > >There is a good case for minimal changes because one of the cases that >comes up is how much work will it take to change existing programs. But >ultimately ptrace pretty much sucks so a very good set of test cases and >documentation for what we want to implement would be a very good idea. Hey Eric, Jann, Christian, Arnd, thank you for your valuable input! IMHO I think we have exactly two choices here: a) we go with my patchset that is 100% ptrace feature compatible - except the pidfd thing - now and in the future. If ptrace is extended pidfd_ptrace is automatically extended and vice versa. Both APIs are feature identical without any headaches. b) leave ptrace completely behind us and design ptrace that we have always dreamed of! eBPF filters, ftrace kernel architecture, k/uprobe goodness, a speedy API to copy & modify large chunks of data, io_uring/epoll support and of course: pidfd based (missed likely thousands of other dreams) I think a solution in between is not worth the effort! It will not be compatible in any way for the userspace and the benefit will be negligible. Ptrace is horrible API - everybody knows that but developers get comfy with it. You find examples everywhere, why should we make it harder for the user for no or little benefit (except that stable handle with pidfd and some cleanups)? Any thoughts on this? Hagen