Received: by 2002:a05:6a10:9e8c:0:0:0:0 with SMTP id y12csp259207pxx; Thu, 29 Oct 2020 01:46:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyQKBikTjJ3QkJvNqsm2HezqbwxU3Nsbylc7X9mj24qThq74QqkF3fawNxlatrc6h7fUpQ4 X-Received: by 2002:a17:906:26c2:: with SMTP id u2mr2813482ejc.529.1603961171236; Thu, 29 Oct 2020 01:46:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603961171; cv=none; d=google.com; s=arc-20160816; b=EbkyAijFk+XoJNQH96mAqwNHbXt0PcF/Ng5ZHx+m2bDgDpEK/AUohV1YQllSjbi08E r3qIHmmM/NsfHbB+9D+UGoH8nXukt/t+KsVqITvFeVE5+W3DqfqHWp/ylLzzKgdR/Si3 iusqTPMUBGkcCiS+GFXz8hHGJSZPj7jBFk/ESlnISxWv6kFk9pUg8hGGTOXdlCMl5oUw d5efb04E+p7wa7QpHonuILoRhnZiWcDDwAHjo2pM/KCX2x8HdM7ilWyViumw6Oker7lk JXUP2WInZe/HfHb2FluiAxgeeUnujdh8MYcl0WwTs8u4QSM3JhMiandH4JGXPOxfHo27 eLjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=2+uYu86LDWGsnC4W37LGE2qpMcN2MpffcV3JWIw2MFQ=; b=1HpveUEZ9O9C1cRruuBMbQCnV98BBD+y12GRqcT6Giu2n5Z0wvO0HiUHhD3gVqEBuf 9jSG/z28buL7yYPu4lJvU4WD5zRB6OgFOQ4IR+VMetBHaUktvQe4hIZzlJOp3+XQHOcW HkNYkk2GFtw29mepqvMEAnOfRp8aExAxiQaGujTk01cUSwH4B3QPQFhGZCJBDcsXntVU EZqCRAcJPoeZoT8p2zGvdXS6khG52CJFSLiX1/uQOg/GPYA1Ti4bC1FW99azHi78iN0C ONXN6fdnJZtcUdEoMYXbY+6oK/dXJRGLbKYRwwmbuakKCMxweP5XI9ZzS9EEop7CuzBP B3yA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=vciGCxCg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cy27si1565354edb.52.2020.10.29.01.45.49; Thu, 29 Oct 2020 01:46:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=vciGCxCg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391023AbgJ2BMM (ORCPT + 99 others); Wed, 28 Oct 2020 21:12:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53820 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2404300AbgJ2BMJ (ORCPT ); Wed, 28 Oct 2020 21:12:09 -0400 Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61FF6C0613D2 for ; Wed, 28 Oct 2020 18:12:08 -0700 (PDT) Received: by mail-lf1-x130.google.com with SMTP id h6so1227623lfj.3 for ; Wed, 28 Oct 2020 18:12:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2+uYu86LDWGsnC4W37LGE2qpMcN2MpffcV3JWIw2MFQ=; b=vciGCxCgV8AP2QARHScqr2zKoGS/+nJtrToSziCQ8d8h1NRdDiev7b4FY2OwCqgP1d pQbxRv3nm4M5jbQFhB27QEFUsCLY1i6eh1m09u0GR/aIZBCnQqfxLzxjTF3jSSNq63Ix 7tc/61a9Eg7G4x1Q2ubkcaETyM84zF0DBSoX0Z35kXIp9RaUo5oEwdbRcGo1NCv5ThrS xv91Ll0nIZQR9E4a8eCFWpzRS93StI1OfrXVYHm3aQtiSQCjRfQnJM7yFQeATQ7e3KqK nI1O4QIZNutVL1kAoz9zNnzUTHY2AP0CtWCW2iHkQa6Wv2OlTNpHsTkIDscq6Ww8Qb6w b/Cw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2+uYu86LDWGsnC4W37LGE2qpMcN2MpffcV3JWIw2MFQ=; b=dQgWCquPiUTQ4tc7LhlBBwiA8LIUwt16aX2o39rp5L+wRDMW0MUFJlUdEd0D4Cs0U6 2USEjOsVfFYECeVeL6p8J6g3WPnjlCTAqyOj8tKyb0ICTpChFZ/77aqeNy07XP631Sni zU0lOqiqH5kizHATI+vLSVxa147elu8CwY6w52SvFN/fztuKi3KJunH9mFgY+EMyN5vB q9coWSefWHCSVEwWZsmPbx36zC6LXukezltOx60GOvg+3CCl8GaOpFGhpdWHC+iDLAIX SGezpK7LahvRoWbui3F2ZuU4WlctEv5uee6Bh+FXTYWYvVc6TsA+Wr+ZRoCzHz0zTj4h qoMA== X-Gm-Message-State: AOAM531phJeBPmOqIREBiJwU8GhZBX4tPLXtXEdulLiSHQh4tf36Ir2r Mxt8Cx5La9PskVIdH460IepWkaW7nnq1qeQifYYHpw== X-Received: by 2002:a19:83c1:: with SMTP id f184mr559337lfd.97.1603933926604; Wed, 28 Oct 2020 18:12:06 -0700 (PDT) MIME-Version: 1.0 References: <45f07f17-18b6-d187-0914-6f341fe90857@gmail.com> <20200930150330.GC284424@cisco> <8bcd956f-58d2-d2f0-ca7c-0a30f3fcd5b8@gmail.com> <20200930230327.GA1260245@cisco> <20200930232456.GB1260245@cisco> <202010251725.2BD96926E3@keescook> <202010281553.A72E162A7@keescook> In-Reply-To: <202010281553.A72E162A7@keescook> From: Jann Horn Date: Thu, 29 Oct 2020 02:11:39 +0100 Message-ID: Subject: Re: For review: seccomp_user_notif(2) manual page To: Kees Cook Cc: Tycho Andersen , "Michael Kerrisk (man-pages)" , Sargun Dhillon , Christian Brauner , linux-man , lkml , Aleksa Sarai , Alexei Starovoitov , Will Drewry , bpf , Song Liu , Daniel Borkmann , Andy Lutomirski , Linux Containers , Giuseppe Scrivano , Robert Sesek Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 28, 2020 at 11:56 PM Kees Cook wrote: > On Mon, Oct 26, 2020 at 11:31:01AM +0100, Jann Horn wrote: > > Or I guess we could also just set O_NONBLOCK on the fd by default? > > Since the one existing user is eventloop-based... > > I thought about that initially, but it rubs me the wrong way: it > violates least-surprise for me. File descriptors are expected to be > default-blocking. It *is* a special fd, though, so maybe it could work. > The only case I can think of it would break would be ioctl-loop case > that is already buggy in that it didn't handle non-zero returns? We don't have any actual users that use the API that way outside of the kernel's selftest/sample code, right?