Received: by 2002:a25:ef43:0:0:0:0:0 with SMTP id w3csp1046892ybm; Wed, 27 May 2020 14:49:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyfnSBxn+ZETCeTSzTC4BuWp9N8k2fpZZFQp2ctA4p7fT6lANciMwCF74B2qoG/ADxM0/1d X-Received: by 2002:a17:906:aecc:: with SMTP id me12mr311378ejb.525.1590616197614; Wed, 27 May 2020 14:49:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590616197; cv=none; d=google.com; s=arc-20160816; b=ARwpIs7IBJhonU/Bv0vL6B+Umv4yUpWah35PUhGcsP0abe02UgK5O2SvMIk5QWb75C PMdJlM/kpKYwI6X/2jMpCHDpfbMF0DfBNiSSRPb+BpTY/bxu3098e0Fq/im6A0KjFXV5 B457k/lI48Xd68AArZGm2OFMP99NiUN+AerGChT22ijiqW1R85RbcjC/QMbMV5JAu3Ps ds6YPaETKpbD8WjdP1ixXMRunJ4gMrNEUEwxLMY98p+M81Hlv9RbZ5gbHGDAJV+KRRmM RT90T053/YXw6tUJVZC8/LD++veXWLQlD+JWhTSoroPsEJT/O0lKSR6zhZoCFyTT6sbr Idjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=UAXcuE/wE+upbL8/LDTeEBr3BH+UTr9WvolleZh+sCg=; b=qXFGGxQMjXrYTHPxwybPW+/nsYm3DJwm8inwzK1bDIX+t7EnGoHSaykSMYErisb/pL B1gTJZR48Fu0mU5owO8xCu/YOx7g4YjhZyqpbjdX2fqVXFVWmtilRfF93j7ool9PLc9l kqm9HUgyPKGoj19l7yLznWoZT7tpZLqjlROSpWCwkUc/Jar0g2p+E2wGafwdmNqh73S1 l1uUoQb6m+W3+RG0MjiJBVkCKMsdgzF6y8gfWgDvkqss3DnxxPeokOX4KJUCLXWiSdPf GARzxoUoVeYlLg09W9+LRLpfik+Gq34kcMEV6/B9Xogdu6CM8TJ9eb6nH7FjB9uAAJYv QivQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b19si2257249edr.258.2020.05.27.14.49.33; Wed, 27 May 2020 14:49:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728694AbgE0PfI (ORCPT + 98 others); Wed, 27 May 2020 11:35:08 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:39291 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725848AbgE0PfH (ORCPT ); Wed, 27 May 2020 11:35:07 -0400 Received: from ip5f5af183.dynamic.kabel-deutschland.de ([95.90.241.131] helo=wittgenstein) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jdy5B-0005PW-I8; Wed, 27 May 2020 15:35:05 +0000 Date: Wed, 27 May 2020 17:35:04 +0200 From: Christian Brauner To: Tycho Andersen Cc: linux-kernel@vger.kernel.org, Kees Cook , Andy Lutomirski , Matt Denton , Sargun Dhillon , Jann Horn , Chris Palmer , Aleksa Sarai , Robert Sesek , Jeffrey Vander Stoep , Linux Containers Subject: Re: [PATCH 1/2] seccomp: notify user trap about unused filter Message-ID: <20200527153504.d7va44xn75fbzyrr@wittgenstein> References: <20200527111902.163213-1-christian.brauner@ubuntu.com> <20200527152559.GB4153131@cisco> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20200527152559.GB4153131@cisco> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 27, 2020 at 09:25:59AM -0600, Tycho Andersen wrote: > On Wed, May 27, 2020 at 01:19:01PM +0200, Christian Brauner wrote: > > +void seccomp_filter_notify(const struct task_struct *tsk) > > +{ > > + struct seccomp_filter *orig = tsk->seccomp.filter; > > + > > + while (orig && refcount_dec_and_test(&orig->live)) { > > + if (waitqueue_active(&orig->wqh)) > > + wake_up_poll(&orig->wqh, EPOLLHUP); > > + orig = orig->prev; > > + } > > +} > > Is there a reason this can't live in put_seccomp_filter()? put_seccomp_filter() is called from free_task() which in turn gets called via delayed_put_task_struct through call_rcu() so the notification will happen at some point whereas you'd often want the notification to happen at reliable point. This is why most of that stuff happens in release_task() which is called in the exit path when the task is finally marked as dead. This is similar to how cgroup_release() is called from release_task() whereas cgroup_free() is called from free_task() or other stuff.