Received: by 2002:a25:ef43:0:0:0:0:0 with SMTP id w3csp964725ybm; Wed, 27 May 2020 12:20:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyUmV0ET2igYjMfnFi2GSTH8K+P+GC8qYU6/iz9xf+xivyvJJ+24M05CQxprUlbs/pjHHhO X-Received: by 2002:a50:ac84:: with SMTP id x4mr3046895edc.124.1590607224857; Wed, 27 May 2020 12:20:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590607224; cv=none; d=google.com; s=arc-20160816; b=AMBL6SrIHV/JOCtq9E7huVuH2+Dh+Z41UoaJqnHTBswoQ3RLLjzLI3oS5M2tNJpVRf 3t+Dt5haH6FwvLiwVtuHsRvc/UHdBkAVi6eOj94bYmOQQPdjjVHbgNps99cmoM138yOk JeX88h7hbmCQs6QDu9lvrbCKm1L8B4Xtd+/FaKvux5NPwO6rXFPfOAEXB8hHaHWdD48W zKsAT3+XNqxRIpJlea5NE9/aasAizIoOOM2PvRulTl6eOgpPJ+TZIaI8z2Um/+b8D2yI WJB9R2T94oWF7dtaQv2/AN/4Vd9/bH1y+pNTXxpT3JsYHTIVKQSvNHuG4KAuLeR+jTpD 2S9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=Bb47SNpC8nAMYYf5+T+wlcMsWyDpF8XWYXCAN0BKUjs=; b=VepUgjuuaJSaa+t5zs4y1KtfAEIwukPQn1T81om1uDPgFwlgQmuZvzTyyMlS0j0LH1 E7GyuK6ObXweHVmMIWkMQq379PeB1/BwB16J32kvDYcLp9f1YYa1fTEo3+znyHRNzl5h +91lWacqmaHRgRBHJUZwHKqDtIrv7n6zv5dkN8FUijzgpNCU3Q9Xlf9pe5dOSga3+I3k dwhhpLT4XASv3FVqGt83ujozUHIF8qcf9VVxPuclJMSgA95XkOSRSQbbwxU6GVf7yf4i Y/xIr7Y/LSz1aWkeAMXP5Hg6yk2rsvQoBthdavDBg7gJqI73u1oCZ2VUA10T518GrgEn BBhg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b="C/tu9AK+"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 65si2213221edn.401.2020.05.27.12.20.02; Wed, 27 May 2020 12:20:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b="C/tu9AK+"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2403792AbgE0RhL (ORCPT + 98 others); Wed, 27 May 2020 13:37:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45592 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2403778AbgE0RhK (ORCPT ); Wed, 27 May 2020 13:37:10 -0400 Received: from mail-il1-x141.google.com (mail-il1-x141.google.com [IPv6:2607:f8b0:4864:20::141]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 481E6C03E97D for ; Wed, 27 May 2020 10:37:10 -0700 (PDT) Received: by mail-il1-x141.google.com with SMTP id q18so3784315ilm.5 for ; Wed, 27 May 2020 10:37:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=Bb47SNpC8nAMYYf5+T+wlcMsWyDpF8XWYXCAN0BKUjs=; b=C/tu9AK+skYnBsqBz7Pwvu2g7Wp9+/BxXz1uIdqFBBpcXFFiv/ygab3Kor0nIRBhT8 Pyp0xucc+FgZrLRDDneySuUOM8d+f0jnjpErSBgKMpfPhYjNMFbMxQuizdQGBNyBOJPc aSMyGILYXWdfk1syMgA8b8F5vRe+VJ6ScfPhE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=Bb47SNpC8nAMYYf5+T+wlcMsWyDpF8XWYXCAN0BKUjs=; b=UrdSoAsPzExir2/DdNi1xCHQ6JaFrR2+0jWWut2dUj7+D0jVzURd9bnmZkTPE1ftlk 9YrGkuzxCm5INbnJLIqp3diuPzpo98NGIXgAkf+jzSkaxqTASHVHnA+5jS+xEF83WoDf 9FGiV5Gb5W4xIWMtY53lFCZj5Qi3kOObipVDhLv97r+f9mktvn7uhtSB7ZqFZOAsNtVa 6WUOeGoKC0aPcukq0JRjZgKLRucfHTu7cklUWFzIfTUmb2fWvFykMIg0XPoTx5zLaLxa AJ5s6qX6knyOjTvl92KrI/UPA/WzNuQeguS2gLmaoBZI7aF3KagC1sz2k5dYEoOKMxG7 JSgA== X-Gm-Message-State: AOAM533oh6/tk5LABdWDV4BfP6agPdOyGSeqXJq/LkM/1DXvmnCmZxpa tcJBb2e+IFIicjZgrKMp4EVzdw== X-Received: by 2002:a92:988a:: with SMTP id a10mr7130204ill.301.1590601029131; Wed, 27 May 2020 10:37:09 -0700 (PDT) Received: from ircssh-2.c.rugged-nimbus-611.internal (80.60.198.104.bc.googleusercontent.com. [104.198.60.80]) by smtp.gmail.com with ESMTPSA id d11sm1485101iod.11.2020.05.27.10.37.08 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 27 May 2020 10:37:08 -0700 (PDT) Date: Wed, 27 May 2020 17:37:07 +0000 From: Sargun Dhillon To: Christian Brauner Cc: linux-kernel@vger.kernel.org, Kees Cook , Andy Lutomirski , Tycho Andersen , Matt Denton , Jann Horn , Chris Palmer , Aleksa Sarai , Robert Sesek , Jeffrey Vander Stoep , Linux Containers Subject: Re: [PATCH 1/2] seccomp: notify user trap about unused filter Message-ID: <20200527173706.GA1242@ircssh-2.c.rugged-nimbus-611.internal> References: <20200527111902.163213-1-christian.brauner@ubuntu.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200527111902.163213-1-christian.brauner@ubuntu.com> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 27, 2020 at 01:19:01PM +0200, Christian Brauner wrote: > +void seccomp_filter_notify(const struct task_struct *tsk) > +{ > + struct seccomp_filter *orig = tsk->seccomp.filter; > + > + while (orig && refcount_dec_and_test(&orig->live)) { > + if (waitqueue_active(&orig->wqh)) > + wake_up_poll(&orig->wqh, EPOLLHUP); > + orig = orig->prev; > + } > +} > + Any reason not to write this as: for (orig = tsk->seccomp.filter; refcount_dec_and_test(&orig->live); orig = orig->prev)? Also, for those of us who are plumbing in the likes of Go code into the listener, where we don't have direct access to the epoll interface (at least not out of the box), what do you think about exposing this on the RECV ioctl? Or, do you think we should lump that into the "v2" receive API? Either way, this seems useful, as right now, we're intertwining process tree lifetime with manager lifetime. This seems cleaner.