Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp527552rdb; Thu, 30 Nov 2023 10:54:29 -0800 (PST) X-Google-Smtp-Source: AGHT+IE3edjfQUc8MXjNVQkSjOlA98MscyOsNMrlxvyl7m+YlDbZzT33wiojinrNSa+XUqgGujR6 X-Received: by 2002:a17:90b:1a89:b0:285:9912:a4c4 with SMTP id ng9-20020a17090b1a8900b002859912a4c4mr21519062pjb.41.1701370468971; Thu, 30 Nov 2023 10:54:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701370468; cv=none; d=google.com; s=arc-20160816; b=JY3JotKOkpvlxJch7lGeRa48T3i314CrUX06EtFugMQ6pzl9Da88iNKyGYXR1we6x/ mICg9LoHVLPQpR+7E1Mtb1h+Q9KMP+OETOGF0/2g6uPFsl9XoboNEcejLh3KzJ1RWkHs nIFp3e7m9xfNxmONH0cAcUfkFTcsmGyb21M7mtZNZ4+WAW/ghpJI8N8a2rI8ccDVzKC7 XF/Jxn7dUcw8PSOCSsgESZA6siPvZrFaLf+NVx+v5QF8GcHBTkH7ZVdRDhM7RcVrGdpB xNE3DMAB4F0qvGVGMazGIAqS7MROrNir1wX4Ot+Y2MLYg2zLZfu0/K6gGJzhj84uPU/s dblA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id :dkim-signature:dkim-signature; bh=Uq/dQOL7MFyNckFZYlFPvqGMEvyj/U2ZF5ZHzHRYYpA=; fh=+btNWDAjr9y4PgTFXrzGiOxpu8KQaJTrsW45J5mKVCs=; b=eJikbMyoKPFAUJPmEgmr74fAAXhkP3+rxL2GDI1kZ4Y/czy7AkDqDZq8YDPNlqmSm0 jKoGtsXzzuPpFusCv8874UjhIMkWaWbHL/73Y0VH1E8qTrIbXiR0vta4xJ1cN/o1FrJJ 6VBUG7ohq+kd/n1A8GkhdGQMBMRXBNv1+H1Xe+K0Wk8QI96/E0jZ50ZjpLJNHyCzbioY 6Rp4B3cFnpwNPMpsDAp7o6LJgRM2K6eCucyYCACCEGgUCud2srq9Tc+zuskL2chmcRWq fsvYgpPdLN5+LRXIPKMmLSllk/dR2CBftyDC4GwZA5eSpRarn8ObnXS/pZ/BQI7M9VBr A7GA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@tycho.pizza header.s=fm3 header.b=mtpqR8Dn; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=FHgPGGHT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id pb16-20020a17090b3c1000b002800b13adb7si1965041pjb.72.2023.11.30.10.54.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Nov 2023 10:54:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; dkim=pass header.i=@tycho.pizza header.s=fm3 header.b=mtpqR8Dn; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=FHgPGGHT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 398F680C4D8E; Thu, 30 Nov 2023 10:54:12 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232273AbjK3Sx6 (ORCPT + 99 others); Thu, 30 Nov 2023 13:53:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40058 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229782AbjK3Sx6 (ORCPT ); Thu, 30 Nov 2023 13:53:58 -0500 Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A2669B9; Thu, 30 Nov 2023 10:54:04 -0800 (PST) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id E75DB5C00B6; Thu, 30 Nov 2023 13:54:03 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Thu, 30 Nov 2023 13:54:03 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho.pizza; h= cc:cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm3; t=1701370443; x=1701456843; bh=Uq /dQOL7MFyNckFZYlFPvqGMEvyj/U2ZF5ZHzHRYYpA=; b=mtpqR8DnPt7LIPU3zA 18AYXoFwximEvSb/RzN0iZjqkYjwJcyVGgB6FmNMMqQ7/pG3U7nrbtQotMyX90jY f21xLfMpqmw9Gvv5Souba180t49U1gzdn9/IcH/pLI9RKNhfeqR3juCpljr3ieU8 x52/SXNpevjI+Sl6VTizJv1LLuo9Nwk+wnU/vWJXSv/AC4vhYVWuh1vAfsf9aMyq SDjZ2HD7KAiTqqmCNO5UjcsFjRcD2TRhlu4/xxUbCGglvBBnTlDyQsyEpZOhWs9k oa0am5q8y10s+149KvmhcQDVu7rqwci9UkeXrRvAEFedKEl1tVMboHH7J3mmTyVl grWQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; t=1701370443; x=1701456843; bh=Uq/dQOL7MFyNc kFZYlFPvqGMEvyj/U2ZF5ZHzHRYYpA=; b=FHgPGGHTyi17r4j/eS+WA6oC5qTf1 xDo6jDG+9HgyKjwVifWOZI+Q2FDeCQRDqyMwOl+nkKTz2rpoJobnBEa5ksZJUrbO ujj9ypm3J4nQAtdscJLqBXcXwFz2lwQwL5b5jtiST1Kb9764fV8GFjeW9MqOP785 lQuNsjMf6kxmcfCSTk5e5ySQjd8O/Uurnku+mkGpFTP921DiiPjIoq+IQGRl1/jZ 0tU+s+O9+3CiPmKaBop29xGB2urgaBQK0JEZ+vEZ6PlBq7/ICJZU49sZQusuyveZ k4OJqrVQ9q8XOF/R3JGd22oc4AEYMJNVc9dFFN2kyn7YsWzPTVC/JqXCA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrudeijedguddukecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvvefukfhfgggtuggjsehttdertddttddvnecuhfhrohhmpefvhigt hhhoucetnhguvghrshgvnhcuoehthigthhhosehthigthhhordhpihiiiigrqeenucggtf frrghtthgvrhhnpeeutedttefgjeefffehffffkeejueevieefudelgeejuddtfeffteek lefhleelteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhroh hmpehthigthhhosehthigthhhordhpihiiiigr X-ME-Proxy: Feedback-ID: i21f147d5:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 30 Nov 2023 13:54:02 -0500 (EST) Date: Thu, 30 Nov 2023 11:54:00 -0700 From: Tycho Andersen To: Florian Weimer Cc: Christian Brauner , Oleg Nesterov , "Eric W . Biederman" , linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, Tycho Andersen , mathieu.desnoyers@efficios.com Subject: Re: [RFC 1/3] pidfd: allow pidfd_open() on non-thread-group leaders Message-ID: References: <20231130163946.277502-1-tycho@tycho.pizza> <874jh3t7e9.fsf@oldenburg.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <874jh3t7e9.fsf@oldenburg.str.redhat.com> X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Thu, 30 Nov 2023 10:54:12 -0800 (PST) On Thu, Nov 30, 2023 at 07:37:02PM +0100, Florian Weimer wrote: > * Tycho Andersen: > > > From: Tycho Andersen > > > > We are using the pidfd family of syscalls with the seccomp userspace > > notifier. When some thread triggers a seccomp notification, we want to do > > some things to its context (munge fd tables via pidfd_getfd(), maybe write > > to its memory, etc.). However, threads created with ~CLONE_FILES or > > ~CLONE_VM mean that we can't use the pidfd family of syscalls for this > > purpose, since their fd table or mm are distinct from the thread group > > leader's. In this patch, we relax this restriction for pidfd_open(). > > Does this mean that pidfd_getfd cannot currently be used to get > descriptors for a TID if that TID doesn't happen to share its descriptor > set with the thread group leader? Correct, that's what I'm trying to solve. > I'd like to offer a userspace API which allows safe stashing of > unreachable file descriptors on a service thread. By "safe" here do you mean not accessible via pidfd_getfd()? Tycho