Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp892780ybg; Wed, 3 Jun 2020 17:03:12 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz05o1zdhg2YfXPPWCULu7Mh2gMPhlWy2SDP4QUSrobw2yHYcDSXFZ6/vteRXKOFcb/5e2j X-Received: by 2002:a17:906:c828:: with SMTP id dd8mr1676251ejb.550.1591228992546; Wed, 03 Jun 2020 17:03:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591228992; cv=none; d=google.com; s=arc-20160816; b=WGyx1JwS7Rm5dX0vPU504RN4K12LsAWS+Sn3hBqN0KjpUNAc22vC5qlk0Txi8tA6AG nuxO51eWnUD+jFcdW7ozfWghEQtqZa7tM+lwNgrEJp1MpMu2jn7Cy/LfSPj1OAf4Uglf 0v52g/qE3X/o/GfoSkz6UlZORj7brmUkRLqS8nTYt5cgRkrZHY89qZmiUdudC/TBUDlV 2AsOUD4Cgya0DF+01IsasBoFN8qzwhkTWGkPxTEDsSemLSYw12hOb1st5XPv3zXpqXrs TlBaqMU1FK8DYe6ZxBN+Dgwj12f4A5RBvELNNR4mqnHHQAW5gnV4fQ3vfvZhgSkmysN6 bQ3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=Qxl9UqwBxJWfx8IWKXcwSwjGKz8RQbusLDYMB9ncMJU=; b=FxtQrYaIrrU9HzwNvRIXpHLKaP7ijJyV9CVs5lSdJ9tzbA3yTuDq6GTqInPPDduASp EJmKAY1JqCQE4BcuFpAD/DqpD2RnIhAzd8nWyQVrmXNuSlzfd4aW6p4ZDa4G6SAzB/X5 X0uEqiIeJrb5I/LBI9L2K6xLsF9UivTjnGMrdhp9F504Rl+Miu0D0QWg1QA9ZVDFygrE N0gGxq4iutXlwEnJLfY0m5QxxYFo+M/AU50JvPOB7/ZbIYVwFyZzmJPbrzI9NVRDa++Q Gj4Xo0jIoB6xTTsW4QiOUf1Sa3hSk5puYAyEWcnmVnnyJV6P+DOvIYOVql70dJTJDpXP 0qiA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=i4l7WCm1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g12si644883ejx.161.2020.06.03.17.02.49; Wed, 03 Jun 2020 17:03:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=i4l7WCm1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726565AbgFCX5j (ORCPT + 99 others); Wed, 3 Jun 2020 19:57:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59558 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726170AbgFCX5i (ORCPT ); Wed, 3 Jun 2020 19:57:38 -0400 Received: from mail-ej1-x644.google.com (mail-ej1-x644.google.com [IPv6:2a00:1450:4864:20::644]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C7570C08C5C0 for ; Wed, 3 Jun 2020 16:57:36 -0700 (PDT) Received: by mail-ej1-x644.google.com with SMTP id q19so4058554eja.7 for ; Wed, 03 Jun 2020 16:57:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Qxl9UqwBxJWfx8IWKXcwSwjGKz8RQbusLDYMB9ncMJU=; b=i4l7WCm1Z5zGSujeMsVJUyO08b2q/Hb/0ZptV6brzAfQzAlV86jOsCR4m+FUtjzGl4 4Cqalj8Xr5UtMNdWribSTS4X5lqqF+KltPrGsBRHnaFzJH+5wIrS8Ow4cI6befD2Kpxv Nz/kxP5A2ADSemhyLF1+kAKfU5BwnG+onbMGo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Qxl9UqwBxJWfx8IWKXcwSwjGKz8RQbusLDYMB9ncMJU=; b=QsrCVl0o+SnMofI7hA8JfqFeOfj3Je3aKNWF2oob9GpgFySeWYCacDWamw/Q6ygmhW IfPNei7iXCSjXukHu2bZ9DYouweXIGIL/XEDiWyDRAVhjgiqR+lTD9bJEFHKU16z5mGt LEmTStT0pd+1O8coDWI1fcqVnrKGLTdVKY/Mn82a0okS8kM7PUCKDn1q0nf5odRl8Mbi L673rmhZ8p+kH8myg8jKeSu4ic/odklH8s02KLMsUI84fEDNLbZY8koOiuFnVUTSBGZ/ f/BZgPz9PEN4xj7PgC+wuMzS1aJb+VB72tcqjFnapVsSJj0nZ/PEdoD10mp1wklYr8Bc Jbcw== X-Gm-Message-State: AOAM532pEsk4BijzUrjw/saBi3s4eodFO7H+Ubz6lS95SbbSruYFqUtU aZ92zD1WMTPOtEwp7xBUP+xiQ+gAXhRKjlyQnv5/pA== X-Received: by 2002:a17:906:95d6:: with SMTP id n22mr144782ejy.138.1591228655260; Wed, 03 Jun 2020 16:57:35 -0700 (PDT) MIME-Version: 1.0 References: <20200603011044.7972-1-sargun@sargun.me> <202006031639.E053742@keescook> In-Reply-To: <202006031639.E053742@keescook> From: Sargun Dhillon Date: Wed, 3 Jun 2020 16:56:59 -0700 Message-ID: Subject: Re: [PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds To: Kees Cook Cc: LKML , Tycho Andersen , Matt Denton , Jann Horn , Chris Palmer , Aleksa Sarai , Robert Sesek , Christian Brauner , Linux Containers , Giuseppe Scrivano , Greg Kroah-Hartman Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 3, 2020 at 4:42 PM Kees Cook wrote: > > On Tue, Jun 02, 2020 at 06:10:40PM -0700, Sargun Dhillon wrote: > > Sargun Dhillon (4): > > fs, net: Standardize on file_receive helper to move fds across > > processes > > pid: Use file_receive helper to copy FDs > > The fixes (that should add open-coded cgroups stuff) should be separate > patches so they can be backported. Patch 1/4, and 2/4 are separated so they can be backported. Patch 1 should go into long term, and patch 2 should land in stable. Do you see anything in 1/4, and 2/4 that shouldn't be there? > > The helper doesn't take the __user pointer I thought we'd agreed it > should to avoid changing any SCM_RIGHTS behaviors? > It doesn't change the SCM_RIGHTS behaviour because it continues to have the logic which allocates the file descriptor outside of the helper. 1. Allocate FD (this happens in scm.c) 2. Copy FD # to userspace (this happens in scm.c) 3. Receive FD (this happens in the new helper) > > seccomp: Introduce addfd ioctl to seccomp user notifier > > selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD > > Otherwise, yeah, this should be good. > > -- > Kees Cook