Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Date:   Thu, 12 Jan 2023 10:15:39 -0800
From:   Andrei Vagin <avagin@gmail.com>
To:     Gregory Price <gourry.memverge@gmail.com>
Cc:     linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
        linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org,
        krisman@collabora.com, tglx@linutronix.de, luto@kernel.org,
        oleg@redhat.com, peterz@infradead.org, ebiederm@xmission.com,
        akpm@linux-foundation.org, adobriyan@gmail.com, corbet@lwn.net,
        shuah@kernel.org, Gregory Price <gregory.price@memverge.com>
Subject: Re: [PATCH 3/3] prctl,syscall_user_dispatch: add a getter for
 configuration info
Message-ID: <Y8BOSwkISphWtEQ5@gmail.com>
References: <20230109153348.5625-1-gregory.price@memverge.com>
 <20230109153348.5625-4-gregory.price@memverge.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <20230109153348.5625-4-gregory.price@memverge.com>
Precedence: bulk

On Mon, Jan 09, 2023 at 10:33:48AM -0500, Gregory Price wrote:
> This patch implements simple getter interface for syscall user dispatch
> configuration info.
> 
> To support checkpoint/resume of a syscall user dispatch process,
> the prctl settings for syscall user dispatch must be fetchable.
> Presently, these settings are write-only, making it impossible to
> implement transparent checkpoint (coordination with the software is
> required).
> 
> As Syscall User Dispatch is explicitly not for secure-container
> development, exposing the configuration state via prctl does not
> violate the original design intent.
> 
> Signed-off-by: Gregory Price <gregory.price@memverge.com>
> ---
>  .../admin-guide/syscall-user-dispatch.rst     | 18 +++++++
>  include/linux/syscall_user_dispatch.h         |  7 +++
>  include/uapi/linux/prctl.h                    |  3 ++
>  kernel/entry/syscall_user_dispatch.c          | 14 +++++
>  kernel/sys.c                                  |  4 ++
>  .../syscall_user_dispatch/sud_test.c          | 54 +++++++++++++++++++
>  6 files changed, 100 insertions(+)
> 
> diff --git a/Documentation/admin-guide/syscall-user-dispatch.rst b/Documentation/admin-guide/syscall-user-dispatch.rst
> index 60314953c728..8b2c8b6441b7 100644
> --- a/Documentation/admin-guide/syscall-user-dispatch.rst
> +++ b/Documentation/admin-guide/syscall-user-dispatch.rst
> @@ -45,6 +45,10 @@ only the syscall dispatcher address and the userspace key.
>  As the ABI of these intercepted syscalls is unknown to Linux, these
>  syscalls are not instrumentable via ptrace or the syscall tracepoints.
>  
> +A getter interface is supplied for the purpose of userland
> +checkpoint/restore software being able to suspend and restore the
> +current state of the system.
> +
>  Interface
>  ---------
>  
> @@ -73,6 +77,20 @@ thread-wide, without the need to invoke the kernel directly.  selector
>  can be set to SYSCALL_DISPATCH_FILTER_ALLOW or SYSCALL_DISPATCH_FILTER_BLOCK.
>  Any other value should terminate the program with a SIGSYS.
>  
> +
> +A thread can fetch the current Syscall User Dispatch configuration with the following prctl:
> +
> +  prctl(PR_GET_SYSCALL_USER_DISPATCH, <dispatch_config>))
> +
> +<dispatch_config> is a pointer to a ``struct syscall_user_dispatch`` as defined in ``linux/include/linux/syscall_user_dispatch.h``::

syscall_user_dispatch.h isn't a part of uapi, so I am not sure that it
is a good idea to use it here.

For criu, it is much more convinient to have a ptrace interface to get
this sort of parameters. prctl requires to execute a system call from a
context of the target process. It is tricky so we want to minimize a
number of such calls.

Thanks,
Andrei