Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4564247pxj; Tue, 25 May 2021 10:46:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzZ+T/lv7tAjir8BOpxrLUv2khB032z93GLYzCD+eyN8b+ofij5U3L0mZQaFlr8+NDzDfOP X-Received: by 2002:a17:906:c314:: with SMTP id s20mr26526193ejz.521.1621964808396; Tue, 25 May 2021 10:46:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621964808; cv=none; d=google.com; s=arc-20160816; b=cs2ZPKCRChNpRUkyRHKCnnEm++HO61Xvtcc7eF5xlgjJrgFRHrtcT647JK5HafEQte hzevaGJWiTuDl1cAL1/PpzOfJ4jFRKEkcmFJGGRVTvzok1Pp1YTCap/sbm3wCt6QkVar ORtTCKUu93hhq6qWDKOTpEu5N4yOZHKCxY2h+6xF0sT6qVCzBBR6HGMZc+hM3AF4ca5F O+OY/ebCdqkRUemnqbx0cGSxgYhPEiriM9lkHoYCBUPwUAqN3l+QUbliUYnZNvd/+7oO XLTy9NfCIRyhaAITMQrWew5tPLwQoun0XoVR6fmjl0X8sbMhV2Uc6kPJtAsRwC/gn3t3 3pQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=etyw4lsngOCwaxz3lAVhGn8wpFc4o+0N4m07CszuHys=; b=c/+v4YwIqbEvHnefMfKokM6AqS3twR3hcyScC1ubsJLWQnn+DJJswm2LvxqxAbwQl8 iaJRG4ZXUhMCvU1bw7vWJLCvMjbht9Qf0wyj8LP2fyPJqZX16e8npWFsswxdDURxYaQr 4ejlnaVkLZmiE5lJJJmdmA2wIvFyin1YIRT/u6vQo08uL+5uqKmoqYRWNkgPOh2pXadI apLqAniMP4n291c8jAxUmXyrN1NDGoVdZkngpE4G1Pr2QoRTTMVOq/0Jax6DZv5Ei4D5 rrYpOsXH6+NOEDjwb3ZM9F3Rvk/f+C1krFtLEj7mGXq15yZJK1YyWPgxM8TPZDmYQGCY U5bg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kinvolk.io header.s=google header.b=WSWDsTyv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kinvolk.io Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dc21si16046608edb.209.2021.05.25.10.46.25; Tue, 25 May 2021 10:46:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kinvolk.io header.s=google header.b=WSWDsTyv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kinvolk.io Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233872AbhEYQFr (ORCPT + 99 others); Tue, 25 May 2021 12:05:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40796 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233008AbhEYQFq (ORCPT ); Tue, 25 May 2021 12:05:46 -0400 Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8E9B7C061574 for ; Tue, 25 May 2021 09:04:15 -0700 (PDT) Received: by mail-lj1-x233.google.com with SMTP id c15so38806680ljr.7 for ; Tue, 25 May 2021 09:04:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kinvolk.io; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=etyw4lsngOCwaxz3lAVhGn8wpFc4o+0N4m07CszuHys=; b=WSWDsTyvfIO3jcXBz7rf/aCap0pJvuYkQeFaAHhGi82/yhI/JbGAzmvpxl7wQTCLxP kgCDVKtmyO+cBPm1tNHwAeizaDn/ZxYcVHJjmZLTMKdzwSHCzKrbdRrjDjj8hosTkMaT mncIr1itc7WzFkx59meZztEqeeSHvi6YzLHBk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=etyw4lsngOCwaxz3lAVhGn8wpFc4o+0N4m07CszuHys=; b=XkPSPQtQ3FkMpNIHadVd7AfK+IQlX1sGw3j2q2rlryH1TmXlZxqGu0LLejV21ynCP6 W0NO3pfuy756rtdg5okZSoGGopeO4k5IUZPLPbDuGEV8TTiXOfDGTACcWob4OoFq3BG8 CBckoaE3zlsuTAR+JwHMAf6G1IN0b0lBUv+7wcRXd5ovCpsp2vSyaJQItued6rmUXdEE VxNTG79BFIkc8/UU87voNMfWhuY03kjHys25rUxKfd75euF1jwmi0O/0WW01z0kYivlJ HKDhz6skwVfBEVyC+4/VBNDpDQs8b838rLh9oQzpSIlZUuA6MhrPJmcH6e3Ui6aazLHs 3sqQ== X-Gm-Message-State: AOAM530NqfCAFo2RSJTNEvkTmsiWHD0KRlSVsrUqgrKx2iCgtE9HF8Uz i1xr6sNvLGBtY8YnJ+fbQmYVwTsSpLCFIF2t8AEAmw== X-Received: by 2002:a2e:908e:: with SMTP id l14mr21340214ljg.372.1621958653833; Tue, 25 May 2021 09:04:13 -0700 (PDT) MIME-Version: 1.0 References: <20210517193908.3113-1-sargun@sargun.me> <20210517193908.3113-3-sargun@sargun.me> In-Reply-To: <20210517193908.3113-3-sargun@sargun.me> From: Rodrigo Campos Date: Tue, 25 May 2021 18:03:38 +0200 Message-ID: Subject: Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics To: Sargun Dhillon Cc: Kees Cook , LKML , containers@lists.linux.dev, Tycho Andersen , Andy Lutomirski , =?UTF-8?Q?Mauricio_V=C3=A1squez_Bernal?= , Giuseppe Scrivano , Christian Brauner , =?UTF-8?B?TWlja2HDq2wgU2FsYcO8bg==?= Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 17, 2021 at 9:39 PM Sargun Dhillon wrote: > > This refactors the user notification code to have a do / while loop around > the completion condition. This has a small change in semantic, in that > previously we ignored addfd calls upon wakeup if the notification had been > responded to, but instead with the new change we check for an outstanding > addfd calls prior to returning to userspace. I understand why this was a readability improvement on the old patchset (that included the wait_killable semantics), as it completely changed the loop. But now we only have the atomic addfd+send reply that does minimal changes to this part (add a param to a function). Is it worth changing the semantics? > Rodrigo Campos also identified a bug that can result in addfd causing > an early return, when the supervisor didn't actually handle the > syscall [1]. > > [1]: https://lore.kernel.org/lkml/20210413160151.3301-1-rodrigo@kinvolk.io/ I was about to resend this, but I'd like to know what others think. I'm okay with applying any patches to solve the issue (mine linked there or this one), slightly in favor of mine as the diff is way simpler to backport (applies to 5.9+ kernels) and I don't see a reason to change semantics. But no strong opinion. Opinions? Best, Rodrigo