Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp13815572pxu; Mon, 4 Jan 2021 05:22:51 -0800 (PST) X-Google-Smtp-Source: ABdhPJxgyICMp+to1rBORxVq+nLj5eq/kMW+atId3q8gYSdweeCNhnnEA85/q6UZIVFtapTS86Sp X-Received: by 2002:a50:bb44:: with SMTP id y62mr70920629ede.103.1609766570988; Mon, 04 Jan 2021 05:22:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609766570; cv=none; d=google.com; s=arc-20160816; b=0Ep4DCA2TsyRyCzLwTBqlMunGyFWZ+sQnSjm3wiMBbhvTt+E8vwjDhB3LO/WTjW98a a9DuPTLhMiGufjh+ym7cVFTWofQBF7dpkgH+BAdM7qUNhs9br9vFcu+L7EcMfp4QgPfi +3vc4h2jlW7BXg04D+4Or57qSexh3Any/0MmyRD9/ZCR5yS+N2zsYuNVH4NLvMvRyYtj 1JPshE/0bdULAjdP7jjM8z1wzKoek2e+zhLYEtVoCneATPxSssDWE1jvTYPpAbU1dxXv 04mx8cYrW2DTFLkprt83Hz0GfEpVyuNmY/47cUhmd9Si2U19fd3JP2FhFKzGrWeD16g5 rNeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=iX38iUA5LhwmXaqueJ3a68RO5MraJO3QwzXtOjJlfDg=; b=WXrjOIeaBHozx9pYFEhErWEixh3EFhu0FJMdU1kDpo/+pKaeEzE9QpJi76LQcMOE8e BGBeN6xl6q7WN39Qpi3KwMDWNRkd7/SV9sh11I4nBfCMjzdX3bKS/7S0sA158MhhdVcS yv8BibTGdf0XM/lFFFjzpUtz50exqez+orz+SYGrhkDFkt6yfJ7kt2VLDZ8GkrVb4B91 /UcaaeYmkQ90jIc4Jhbhr5op4nlJUw8zpNbSLd3U715TB6pJAWPOAuy8rPea8vb8XvlN 58Hf99wpl+twt0eJ+ZIex5O0c0bj8kGuJGdVpnNSdmwOQqtyM0kc+MPSt9i49PnD2noZ EbGg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f12si30956969ejl.311.2021.01.04.05.22.27; Mon, 04 Jan 2021 05:22:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726700AbhADNUX (ORCPT + 99 others); Mon, 4 Jan 2021 08:20:23 -0500 Received: from youngberry.canonical.com ([91.189.89.112]:47027 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726258AbhADNUU (ORCPT ); Mon, 4 Jan 2021 08:20:20 -0500 Received: from ip5f5af0a0.dynamic.kabel-deutschland.de ([95.90.240.160] helo=wittgenstein) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1kwPll-0002zL-8G; Mon, 04 Jan 2021 13:19:33 +0000 Date: Mon, 4 Jan 2021 14:19:28 +0100 From: Christian Brauner To: Greg Kroah-Hartman Cc: Wen Yang , Sasha Levin , Xunlei Pang , linux-kernel@vger.kernel.org, Christian Brauner , Linus Torvalds , Jann Horn , Oleg Nesterov , Arnd Bergmann , "Eric W. Biederman" , Kees Cook , Thomas Gleixner , David Howells , "Michael Kerrisk (man-pages)" , Andy Lutomirsky , Andrew Morton , Aleksa Sarai , Al Viro , stable@vger.kernel.org Subject: Re: [PATCH 01/10] clone: add CLONE_PIDFD Message-ID: <20210104131928.idjsewjzobnqkvwc@wittgenstein> References: <20201203183204.63759-1-wenyang@linux.alibaba.com> <20201203183204.63759-2-wenyang@linux.alibaba.com> <20210104131342.avhphyfxthtrj6vj@wittgenstein> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 04, 2021 at 02:17:40PM +0100, Greg Kroah-Hartman wrote: > On Mon, Jan 04, 2021 at 02:13:42PM +0100, Christian Brauner wrote: > > On Mon, Jan 04, 2021 at 02:03:14PM +0100, Greg Kroah-Hartman wrote: > > > On Fri, Dec 04, 2020 at 02:31:55AM +0800, Wen Yang wrote: > > > > From: Christian Brauner > > > > > > > > [ Upstream commit b3e5838252665ee4cfa76b82bdf1198dca81e5be ] > > > > > > > > This patchset makes it possible to retrieve pid file descriptors at > > > > process creation time by introducing the new flag CLONE_PIDFD to the > > > > clone() system call. Linus originally suggested to implement this as a > > > > new flag to clone() instead of making it a separate system call. As > > > > spotted by Linus, there is exactly one bit for clone() left. > > > > > > > > CLONE_PIDFD creates file descriptors based on the anonymous inode > > > > implementation in the kernel that will also be used to implement the new > > > > mount api. They serve as a simple opaque handle on pids. Logically, > > > > this makes it possible to interpret a pidfd differently, narrowing or > > > > widening the scope of various operations (e.g. signal sending). Thus, a > > > > pidfd cannot just refer to a tgid, but also a tid, or in theory - given > > > > appropriate flag arguments in relevant syscalls - a process group or > > > > session. A pidfd does not represent a privilege. This does not imply it > > > > cannot ever be that way but for now this is not the case. > > > > > > > > A pidfd comes with additional information in fdinfo if the kernel supports > > > > procfs. The fdinfo file contains the pid of the process in the callers > > > > pid namespace in the same format as the procfs status file, i.e. "Pid:\t%d". > > > > > > > > As suggested by Oleg, with CLONE_PIDFD the pidfd is returned in the > > > > parent_tidptr argument of clone. This has the advantage that we can > > > > give back the associated pid and the pidfd at the same time. > > > > > > > > To remove worries about missing metadata access this patchset comes with > > > > a sample program that illustrates how a combination of CLONE_PIDFD, and > > > > pidfd_send_signal() can be used to gain race-free access to process > > > > metadata through /proc/. The sample program can easily be > > > > translated into a helper that would be suitable for inclusion in libc so > > > > that users don't have to worry about writing it themselves. > > > > > > > > Suggested-by: Linus Torvalds > > > > Signed-off-by: Christian Brauner > > > > Co-developed-by: Jann Horn > > > > Signed-off-by: Jann Horn > > > > Reviewed-by: Oleg Nesterov > > > > Cc: Arnd Bergmann > > > > Cc: "Eric W. Biederman" > > > > Cc: Kees Cook > > > > Cc: Thomas Gleixner > > > > Cc: David Howells > > > > Cc: "Michael Kerrisk (man-pages)" > > > > Cc: Andy Lutomirsky > > > > Cc: Andrew Morton > > > > Cc: Aleksa Sarai > > > > Cc: Linus Torvalds > > > > Cc: Al Viro > > > > Cc: # 4.9.x > > > > (clone: fix up cherry-pick conflicts for b3e583825266) > > > > Signed-off-by: Wen Yang > > > > --- > > > > include/linux/pid.h | 1 + > > > > include/uapi/linux/sched.h | 1 + > > > > kernel/fork.c | 119 +++++++++++++++++++++++++++++++++++++++++++-- > > > > 3 files changed, 117 insertions(+), 4 deletions(-) > > > > > > > > diff --git a/include/linux/pid.h b/include/linux/pid.h > > > > index 97b745d..7599a78 100644 > > > > --- a/include/linux/pid.h > > > > +++ b/include/linux/pid.h > > > > @@ -73,6 +73,7 @@ struct pid_link > > > > struct hlist_node node; > > > > struct pid *pid; > > > > }; > > > > +extern const struct file_operations pidfd_fops; > > > > > > > > static inline struct pid *get_pid(struct pid *pid) > > > > { > > > > diff --git a/include/uapi/linux/sched.h b/include/uapi/linux/sched.h > > > > index 5f0fe01..ed6e31d 100644 > > > > --- a/include/uapi/linux/sched.h > > > > +++ b/include/uapi/linux/sched.h > > > > @@ -9,6 +9,7 @@ > > > > #define CLONE_FS 0x00000200 /* set if fs info shared between processes */ > > > > #define CLONE_FILES 0x00000400 /* set if open files shared between processes */ > > > > #define CLONE_SIGHAND 0x00000800 /* set if signal handlers and blocked signals shared */ > > > > +#define CLONE_PIDFD 0x00001000 /* set if a pidfd should be placed in parent */ > > > > #define CLONE_PTRACE 0x00002000 /* set if we want to let tracing continue on the child too */ > > > > #define CLONE_VFORK 0x00004000 /* set if the parent wants the child to wake it up on mm_release */ > > > > #define CLONE_PARENT 0x00008000 /* set if we want to have the same parent as the cloner */ > > > > diff --git a/kernel/fork.c b/kernel/fork.c > > > > index b64efec..076297a 100644 > > > > --- a/kernel/fork.c > > > > +++ b/kernel/fork.c > > > > @@ -11,7 +11,22 @@ > > > > * management can be a bitch. See 'mm/memory.c': 'copy_page_range()' > > > > */ > > > > > > > > +#include > > > > #include > > > > +#if 0 > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +>>>>>>> b3e58382... clone: add CLONE_PIDFD > > > > +#endif > > > > > > That looks odd :( > > > > > > Can you please refresh this patch series, and make sure it is correct > > > and resend it? > > > > Uhm, this patch series has been merged at least a year ago so this looks > > like an accidental send. > > This probably isn't meant for upstream but for some alibaba specific > > kernel I'd reckon. > > This was ment for the 4.19.y kernel to solve a problem reported in patch > 00/XX of the series. Ah, ok. Then just as an fyi: the Cc line seems to indicate 4.9 and not 4.19. Christian