Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp1686117pxv;
        Fri, 2 Jul 2021 09:40:36 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzPxaTHM1bQXs/fstrwtdMuqKOk1RZTOxR//M7E4Zwfm/XjX7p9RNHPMbi6B+QkxazSJ3UR
X-Received: by 2002:a92:d202:: with SMTP id y2mr575672ily.159.1625244036426;
        Fri, 02 Jul 2021 09:40:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1625244036; cv=none;
        d=google.com; s=arc-20160816;
        b=e++wyudNcEUGDdDEBEuPUMjtCRDXG87ssjoa9tMGT8OHGRHtwJY0Qd355TB73U6q84
         Ipget8JPU/ay9GN6aH8VT/HjXeh4ZJKe/qsQttwsJtxVuYUEHS52lfbcR2QS8Odf+xCV
         tb8nXTjGynaKlYXenW3ZRFEMM76/N2aHuUzkVlNHdEVrG7YubysXxtDoD9BgoegHKtlC
         bieSt2dyj7kQMcW2u3wq1bDI7jNG8nmI/B1ngdnCWeEPurepeowRVRT2PbNpGXRsQX0o
         ATrH5oD0JmDZu/AdTk7jZuPsZLeYSoGc81+jv9nR5yOhn9BrRpXydh5yMvuTTv0lvEMP
         mW1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=AWY2RjKT+2r3oOmvFmiVbr8M8QoRSQ2qxYObjvNjLmQ=;
        b=bzcui8KNvgEgVD2ScflgztMl8oAX0Vln84rBXVAoJ6Jsb7iyocDavrsA2N+7xnTrzW
         UUlZmslxYsE2mJQWpiJC7r+3WcZLFiTEpScqnJNbHe693WiC9sgR8h/wPiuc+zlrOTi5
         ZOg8VeP11YGUDYS43DG4B4thnVHieabpLca+R62OWXiIfFVhA4jldn0pyjyqQ/6jZ6FZ
         JH8jAjBWDaORmZRqD1e3flC5NYlTNJZPfuNYZrMxqh3al5qBte/L0Vdftr2tSkTsabFe
         kA/Jq6TM8N8GZcT/jOj8tgED1qLfvg5UTfXUb6RaENJPerN5kBmCkOsEl/PliayumE2u
         uL/A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kinvolk.io header.s=google header.b=U+hn6zNH;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kinvolk.io
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id l7si3811016jad.12.2021.07.02.09.40.23;
        Fri, 02 Jul 2021 09:40:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kinvolk.io header.s=google header.b=U+hn6zNH;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kinvolk.io
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229672AbhGBQk0 (ORCPT <rfc822;mahathug.lkml@gmail.com>
        + 99 others); Fri, 2 Jul 2021 12:40:26 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41996 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229455AbhGBQk0 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jul 2021 12:40:26 -0400
Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 38C4DC061762
        for <linux-kernel@vger.kernel.org>; Fri,  2 Jul 2021 09:37:53 -0700 (PDT)
Received: by mail-ej1-x62f.google.com with SMTP id b2so17083665ejg.8
        for <linux-kernel@vger.kernel.org>; Fri, 02 Jul 2021 09:37:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=kinvolk.io; s=google;
        h=from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=AWY2RjKT+2r3oOmvFmiVbr8M8QoRSQ2qxYObjvNjLmQ=;
        b=U+hn6zNHXD+IESe1KrFQasFz7kosnf4i5y/6PFBQmfHlyo5Szovx60z28i/0+ggl0P
         umuN5Rt8TyW/5ilPETR7GTovfa5gv3B5JxdURNuVsSFp7NYyl4MeCx0Rfj9B5v/gXgMX
         eEl/V2Okc1baBWkL3L8amgCJWe6sqhlOPXulw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=AWY2RjKT+2r3oOmvFmiVbr8M8QoRSQ2qxYObjvNjLmQ=;
        b=IbX0GoXQWuLmP+nK7dwW2YFQVGR6rlVV7Rg4lwr+EsNImCAfRMTbPLcW67PfJlr0L6
         GbyYBMfvUtDYIA4pFV/pd0mPeJoNFvHG5s6I97lGYDyIv3i2f9sxT0kFGRi/gRvhvwQr
         rhBmjkXrMPAm8tAJvAr4sLOgYIT6+4XVmn+utY3m4yZeuPXmfdohsYZNYHcFI4qqEfXa
         PdAbuUIgTGNkHB924+F5/nxPaDckzpJ/g29jGW8ZggKgWgr06iKEf2k3YVyhYGU6n7BL
         9z19iYyzOjPK+LrHrtLhRF/kLVotdq4TGLA2R2dpgMsmeN9mwmK9UyQ/EAoJIiERFJb9
         3QKQ==
X-Gm-Message-State: AOAM531daGwTCYSgO2YSqawg2zEbExF7id7yQdHQ3tbAUm0OS5RFNSyn
        PlP5R8UFK10fg7O+29GMX5DNnA==
X-Received: by 2002:a17:906:bc83:: with SMTP id lv3mr583357ejb.133.1625243871841;
        Fri, 02 Jul 2021 09:37:51 -0700 (PDT)
Received: from localhost.localdomain ([2a02:8109:9880:57f0:ba7c:cdd5:fff7:623c])
        by smtp.gmail.com with ESMTPSA id g23sm1536450edp.74.2021.07.02.09.37.50
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 02 Jul 2021 09:37:51 -0700 (PDT)
From:   Rodrigo Campos <rodrigo@kinvolk.io>
To:     linux-man@vger.kernel.org,
        Alejandro Colomar <alx.manpages@gmail.com>,
        Michael Kerrisk <mtk.manpages@gmail.com>
Cc:     linux-kernel@vger.kernel.org, Alban Crequy <alban@kinvolk.io>,
        =?UTF-8?q?Mauricio=20V=C3=A1squez=20Bernal?= <mauricio@kinvolk.io>,
        Sargun Dhillon <sargun@sargun.me>,
        Rodrigo Campos <rodrigo@kinvolk.io>
Subject: [PATCH] seccomp_unotify.2: Add doc for SECCOMP_ADDFD_FLAG_SEND
Date:   Fri,  2 Jul 2021 18:37:44 +0200
Message-Id: <20210702163744.265749-1-rodrigo@kinvolk.io>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

This flag was recently added to Linux 5.14 by a patch I wrote:
	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ae71c7720e3ae3aabd2e8a072d27f7bd173d25c

This patch adds documentation for the flag, the error code that the flag
added and explains in the caveat when it is useful.

Signed-off-by: Rodrigo Campos <rodrigo@kinvolk.io>
---
Hi! Here goes the documentation for the flag I just added. Please feel free to
amend as you want and let me know if something is not clear :)


 man2/seccomp_unotify.2 | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/man2/seccomp_unotify.2 b/man2/seccomp_unotify.2
index 2673d9bc7..9bd27214f 100644
--- a/man2/seccomp_unotify.2
+++ b/man2/seccomp_unotify.2
@@ -739,6 +739,17 @@ When allocating the file descriptor in the target,
 use the file descriptor number specified in the
 .I newfd
 field.
+.TP
+.BR SECCOMP_ADDFD_FLAG_SEND
+Available since Linux 5.14, combines the
+.B SECCOMP_IOCTL_NOTIF_ADDFD
+ioctl with
+.B SECCOMP_IOCTL_NOTIF_SEND
+into an atomic operation. On successful invocation, the target process's
+errno will be 0 and the return value will be the file descriptor number that was
+installed in the target. If allocating the file descriptor in the tatget fails,
+the target's syscall continues to be blocked until a successful response is
+sent.
 .RE
 .TP
 .I srcfd
@@ -801,6 +812,13 @@ Allocating the file descriptor in the target would cause the target's
 limit to be exceeded (see
 .BR getrlimit (2)).
 .TP
+.B EBUSY
+If the flag
+.B SECCOMP_IOCTL_NOTIF_SEND
+is used, this means the operation can't proceed until other
+.B SECCOMP_IOCTL_NOTIF_ADDFD
+requests are processed.
+.TP
 .B EINPROGRESS
 The user-space notification specified in the
 .I id
@@ -1131,6 +1149,14 @@ that would
 normally be restarted by the
 .BR SA_RESTART
 flag.
+.PP
+Furthermore, if the supervisor response is a file descriptor
+added with
+.B SECCOMP_IOCTL_NOTIF_ADDFD,
+then the flag
+.B SECCOMP_ADDFD_FLAG_SEND
+can be used to atomically add the file descriptor and return that value,
+making sure no file descriptors are inadvertently leaked into the target.
 .\" FIXME
 .\" About the above, Kees Cook commented:
 .\"
-- 
2.30.2