Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp5605374rwd; Wed, 24 May 2023 04:27:32 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ75zONwKAWLj/l/fQA7HXElEwg1YNMcgES0mz3qOq0B4WfpOxDrj9sGSi5WDBuI6BFd7+c/ X-Received: by 2002:a17:90b:1912:b0:24d:e4fd:f487 with SMTP id mp18-20020a17090b191200b0024de4fdf487mr12390200pjb.14.1684927651820; Wed, 24 May 2023 04:27:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684927651; cv=none; d=google.com; s=arc-20160816; b=fbBVLehIzKEm0M+UwOowxYKR6MC2v4jq7stBAZUBk8Bm/9ocDWpdyeHAzvTLbO92xX ccpDITOEXPNHLZcGaoExCHef2axBOntbrL7/1r9VfecpiyskF8ogr4svmbqh4lYaW9BK UXNroHTwL442Q9Z4zfchWSiTj0jZHclYKR9tjkV4nCqGZqqFQyUv9Ecy03gCUqbVb40U DVF8gQQM17fwFHtIeee9PB1KrCyjB+l3coAWtw4dZxHEers9hN5Re51b1Pp7pwoC0EYN 5s37VEtkY+ymAICtDUEphBQOcr5G3So4V3tVgplZjYwXmDt9t3L7OxlE4w3JcMZjcQt5 22jA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version; bh=dwL/c8JeQ2tID5pWCGqpfRlef52lpnF/NlVNl+mWiI4=; b=QIFoAuvTYKX6ZuhgbhyhIpSU8OP+Cjb2GjMp5wAgNCqRxNaVad6gwFaEk2cI+HOZui 8fjBiycYpo60x40HQpRMNTikQxAl0KrgFb7TqjGfbVVHzyiTXFW04pCMFgknbL+9EytE JABp3RZOm9ooZsEL5EzwpBQvrN+iyglzNypbiUvQGYP32urLjWvkVTrPeQ9xeN41yZxB 2gLrv3/u442c+g9DXhoZUBw0KWdoHmAi86eH2XD6iE1WWA55Vct8rJ8oJMDePyAjkQbI wvLAGZBpyz7cXNgu58PKyx4ZQ6ONEpYNWQwUyhopANSksUb+QEWDAjIYJqrZIr1MGogv ShRA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z14-20020a17090a7b8e00b0024e22853a90si1113751pjc.170.2023.05.24.04.27.17; Wed, 24 May 2023 04:27:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233768AbjEXKsR convert rfc822-to-8bit (ORCPT + 99 others); Wed, 24 May 2023 06:48:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59374 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233738AbjEXKsQ (ORCPT ); Wed, 24 May 2023 06:48:16 -0400 Received: from mail-yw1-f176.google.com (mail-yw1-f176.google.com [209.85.128.176]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BDBFE1A8; Wed, 24 May 2023 03:48:03 -0700 (PDT) Received: by mail-yw1-f176.google.com with SMTP id 00721157ae682-561f10b6139so7345777b3.2; Wed, 24 May 2023 03:48:03 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684925283; x=1687517283; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QnWIVHFoNbsQTI/EkqM6iBpWOcV5CSw3JS4i0UJMOqA=; b=gCIXS72YrHlzIeOO6bfhahYysz0R+nKKEVwaB7pVFp1Y4OBEw5KXwXXH+X1HnUUhP/ JxgdLKsWHzt+MUzT7wSVFk1x/bdH2Xn81aJVPlW+0HickVg98davDmwyJPnos/2AKuUz 8tkhHBtoGQl0kaJCAEDcoy5NbwlThbJnfT2HbAwUaA6nlj111GF5Zk+MUvtIn0xeyq9O r3KoGLoDb22GpWBPc6XSat5v3o02KeQCA8zkrug83WJY/SZeoohNTqQBEJNGMQ52i+gh vhSIq4GQrDa4II22N0AP3C9Akp427mCylGXKhhYWg2UvglG9r7Lus4be4FQUvzomqAYT TlJw== X-Gm-Message-State: AC+VfDzq6hoF2oqU9/JetA4mVauUbIqI2r2jQTyv598GbnmdC9dSlqlc piNTKRsFkZeVqWAW09qtbThyT5UnVPI16A== X-Received: by 2002:a81:6c43:0:b0:561:a7fd:4fe4 with SMTP id h64-20020a816c43000000b00561a7fd4fe4mr18794588ywc.28.1684925282680; Wed, 24 May 2023 03:48:02 -0700 (PDT) Received: from mail-yw1-f181.google.com (mail-yw1-f181.google.com. [209.85.128.181]) by smtp.gmail.com with ESMTPSA id x11-20020a817c0b000000b0055a4fe11ce0sm1485796ywc.130.2023.05.24.03.48.01 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 24 May 2023 03:48:01 -0700 (PDT) Received: by mail-yw1-f181.google.com with SMTP id 00721157ae682-563b1e5f701so7313997b3.3; Wed, 24 May 2023 03:48:01 -0700 (PDT) X-Received: by 2002:a81:9245:0:b0:561:beec:89d3 with SMTP id j66-20020a819245000000b00561beec89d3mr20362339ywg.6.1684925281318; Wed, 24 May 2023 03:48:01 -0700 (PDT) MIME-Version: 1.0 References: <20230522132439.634031-1-aleksandr.mikhalitsyn@canonical.com> <20230522132439.634031-2-aleksandr.mikhalitsyn@canonical.com> <20230522133409.5c6e839a@kernel.org> <20230523-flechten-ortsschild-e5724ecc4ed0@brauner> <20230523140844.5895d645@kernel.org> In-Reply-To: From: Luca Boccassi Date: Wed, 24 May 2023 11:47:50 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH net-next v6 1/3] scm: add SO_PASSPIDFD and SCM_PIDFD To: Aleksandr Mikhalitsyn Cc: Jakub Kicinski , Christian Brauner , davem@davemloft.net, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, Eric Dumazet , Paolo Abeni , Leon Romanovsky , David Ahern , Arnd Bergmann , Kees Cook , Kuniyuki Iwashima , Lennart Poettering , linux-arch@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8BIT X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 24 May 2023 at 11:43, Aleksandr Mikhalitsyn wrote: > > On Tue, May 23, 2023 at 11:08 PM Jakub Kicinski wrote: > > > > On Tue, 23 May 2023 11:44:01 +0100 Luca Boccassi wrote: > > > > I really would like to avoid that because it will just mean that someone > > > > else will abuse that function and then make an argument why we should > > > > export the other function. > > > > > > > > I think it would be ok if we required that unix support is built in > > > > because it's not unprecedented either and we're not breaking anything. > > > > Bpf has the same requirement: > > > > > > > > #if IS_BUILTIN(CONFIG_UNIX) && defined(CONFIG_BPF_SYSCALL) > > > > struct bpf_unix_iter_state { > > > > struct seq_net_private p; > > > > unsigned int cur_sk; > > > > unsigned int end_sk; > > > > unsigned int max_sk; > > > > struct sock **batch; > > > > bool st_bucket_done; > > > > }; > > > > > > > > and > > > > > > > > #if IS_BUILTIN(CONFIG_UNIX) && defined(CONFIG_BPF_SYSCALL) && defined(CONFIG_PROC_FS) > > > > DEFINE_BPF_ITER_FUNC(unix, struct bpf_iter_meta *meta, > > > > struct unix_sock *unix_sk, uid_t uid) > > > > Don't think we should bring BPF into arguments about uAPI consistency :S > > > > > Some data points: Debian, Ubuntu, Fedora, RHEL, CentOS, Archlinux all > > > ship with CONFIG_UNIX=y, so a missing SCM_PIDFD in unlikely to have a > > > widespread impact, and if it does, it might encourage someone to > > > review their kconfig. > > > > IDK how you can argue that everyone sets UNIX to =y so hiding SCM_PIDFD > > is fine and at the same time not be okay with making UNIX a bool :S > > > > > As mentioned on the v5 thread, we are waiting for this API to get the > > > userspace side sorted (systemd/dbus/dbus-broker/polkit), so I'd be > > > really grateful if we could start with the simplest and most > > > conservative approach (which seems to be the current one in v6 to me), > > > and then eventually later decide whether to export more functions, or > > > to deprecate CONFIG_UNIX=m, or something else entirely, as that > > > doesn't really affect the shape of the UAPI, just the details of its > > > availability. Thank you. > > > > Just throw in a patch to make UNIX a bool and stop arguing then. > > Dear Jakub, > > Thanks for your attention to these patch series! > > I'm ready to prepare/send a patch to make CONFIG_UNIX bool. > > I will send SO_PEERPIDFD as an independent patch too, because it > doesn't require this change with CONFIG_UNIX > and we can avoid waiting until CONFIG_UNIX change will be merged. > I've a feeling that the discussion around making CONFIG_UNIX to be a > boolean won't be easy and fast ;-) Thank you, that sounds great to me, I can start using SO_PEERPIDFD independently of SCM_PIDFD, there's no hard dependency between the two. Kind regards, Luca Boccassi