Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp1054327rdb; Wed, 6 Dec 2023 07:27:39 -0800 (PST) X-Google-Smtp-Source: AGHT+IEYGJ6RE+XaWVhGC05wjDmSc4QdbyT1XOzNyERB+8A5pghlj1T+FZIRF3t2w6jYEUfIwqD4 X-Received: by 2002:a17:90b:3ec4:b0:286:a940:3f40 with SMTP id rm4-20020a17090b3ec400b00286a9403f40mr1004935pjb.74.1701876459171; Wed, 06 Dec 2023 07:27:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701876459; cv=none; d=google.com; s=arc-20160816; b=dTsYulE7xJk84tUmVBHsw9u5MRB8QpAVBMVHtujRSvtMnigVwrBUfRoq7y0viQ6iJg GVlFqu8yT04hb32E20gCMxFwtOI6k0lpxvmt2LbxR1OCttXeZbcQakYhzmLK4Bc67TIp 2/1xhVPJiugR8sypzBjFBiqOpbdtUJpbotWd2jZ9gAkHj8V6yJtPY5vnS3etj+sWMvjD IOQxLUPk+WECAK7VSOqxevNFgHhboqFXDP/mwlWDmkcoxmC72hMVvO1G0gee6O0iW/Wq FDrwhKaNweyJRpmiPe88iZd/pjwXZ4mpgPUCD7eKzOZ69++yNs94RR6Y7ZGkrDwWJBlP KrUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id :dkim-signature:dkim-signature; bh=FT6UEoWVsDlfq8nOucO+L8572l+DeQGXhub/tbWtdrE=; fh=SvF4lXAk6QGZxKotzi70MbkRM45Ff/PLq5FtAeAAaU8=; b=jU9GalUGSjqZ4sKMMOBFyz38f8ScZD2JFpGNHeXeuw0fTPnioqfrtOECvHOmYuBKUQ 1Al/uSKdlds9WUg+cmr0UTaogRkt513MSzOI8shhR1iMSiTNVmLPQWTzOwnp3bdbwiac emBrhzNPz95mUdhsueWdqVoHnm9v2X3w7ahZf5bN6Ls+tY68Ve9+8mWXCHhmebsmBTNi rLMTsCAFJwNW6kWe10Chxb+h1tn7p0hg12SzPwcFjEfIyIaobpk6tNB8Tw6esn/TvqrF 6w7pPeqfWwBMmm69f6+mIT2mbEXBCkJ083mnOZjF3IvLcxCpV5iTzCZYRZT4v5UUyyh9 7hKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@tycho.pizza header.s=fm3 header.b=eIx0mXmL; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=IwmUrbSA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id t13-20020a17090aba8d00b00285a0b546eesi3377pjr.155.2023.12.06.07.27.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 Dec 2023 07:27:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; dkim=pass header.i=@tycho.pizza header.s=fm3 header.b=eIx0mXmL; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=IwmUrbSA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 51022833CE0E; Wed, 6 Dec 2023 07:27:36 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1379147AbjLFP1Q (ORCPT + 99 others); Wed, 6 Dec 2023 10:27:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41300 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1379088AbjLFP1O (ORCPT ); Wed, 6 Dec 2023 10:27:14 -0500 Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 340B9FA; Wed, 6 Dec 2023 07:27:20 -0800 (PST) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 8D6935C02A9; Wed, 6 Dec 2023 10:27:19 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Wed, 06 Dec 2023 10:27:19 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho.pizza; h= cc:cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm3; t=1701876439; x=1701962839; bh=FT 6UEoWVsDlfq8nOucO+L8572l+DeQGXhub/tbWtdrE=; b=eIx0mXmLhdGLez1Q+u Ee0o8vn+1rJ13CAy0ryFOtVnfnOY+WReKAgmoSV4pq8Vs+TP72SYcIjuSMtCtzmF pcievzijmVoLfI5+sB+MIS70mdvBmkCKNnevaxVwbbb+MN26eH3A+uEhzKjczoSz u/w7NDif0QudJR6wwfRTVoiP4d+2of1LB8BF2NPwvPsUJQ4avEJ2oRbuaXGfLvqC baZt32UXCPuIV1Havxch7H5KmOP951fwRSdaA3lvrM6Er6BQ+SyiMvZ/t++Idn/h BzUIwjgzuEB4bYUqfTeYDhkBXdkIxnu5csUDEWBrWdloWM4PdhCVYfpFTuklaPZh Deyw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; t=1701876439; x=1701962839; bh=FT6UEoWVsDlfq 8nOucO+L8572l+DeQGXhub/tbWtdrE=; b=IwmUrbSAlb0Twy6EorGSDlLkjaeuS gncuJoTYDmFaLztU8O1f+k3nVftAOr6uwAvtyQ2p25abP9n9ABGhJ8HeWmKEzu3w VQ5jFbnTPgX4KnHsLip9ZBlpBn8X0NcOay6IDDfDYUc01iljg0GzwZ+cSVK0gVvf PIZSUKS7rgrirb4BeGeNXq89LXAzbi+JbpJB2agitfOedDLq+NQYgHhAaKeQ4wPs ZZcQIdB2L6OMg5Zc1zal6ba21fu60MRp0c6V9f8jnsbfDdNrYARTx9bRqvR2JCUy acVwAoJWgdzb708JXKEDmayeajdLhfiWQi5uvI+Tawqxd5bR2JIGV7UIA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrudektddgjeekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkfhggtggujgesthdtredttddtvdenucfhrhhomhepvfihtghh ohcutehnuggvrhhsvghnuceothihtghhohesthihtghhohdrphhiiiiirgeqnecuggftrf grthhtvghrnhepueettdetgfejfeffheffffekjeeuveeifeduleegjedutdefffetkeel hfelleetnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epthihtghhohesthihtghhohdrphhiiiiirg X-ME-Proxy: Feedback-ID: i21f147d5:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 6 Dec 2023 10:27:18 -0500 (EST) Date: Wed, 6 Dec 2023 08:27:17 -0700 From: Tycho Andersen To: Florian Weimer Cc: Mathieu Desnoyers , Christian Brauner , Oleg Nesterov , "Eric W . Biederman" , linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, Tycho Andersen Subject: Re: [RFC 1/3] pidfd: allow pidfd_open() on non-thread-group leaders Message-ID: References: <20231130163946.277502-1-tycho@tycho.pizza> <874jh3t7e9.fsf@oldenburg.str.redhat.com> <87ttp3rprd.fsf@oldenburg.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87ttp3rprd.fsf@oldenburg.str.redhat.com> X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Wed, 06 Dec 2023 07:27:36 -0800 (PST) On Thu, Nov 30, 2023 at 08:43:18PM +0100, Florian Weimer wrote: > * Mathieu Desnoyers: > > >>> I'd like to offer a userspace API which allows safe stashing of > >>> unreachable file descriptors on a service thread. > > >> By "safe" here do you mean not accessible via pidfd_getfd()? > > No, unreachable by close/close_range/dup2/dup3. I expect we can do an > intra-process transfer using /proc, but I'm hoping for something nicer. It occurred to me that we could get the seccomp() protected-memory functionality almost all the way via some combination of memfd_create(MFD_ALLOW_SEALING), fcntl(F_SEAL_WRITE|F_SEAL_SEAL), and mmap(PROT_NONE). Some other thread could come along and unmap/remap, but perhaps with some kind of F_SEAL_NOUNMAP married to one of these special files we could both get what we want? I submitted a talk to FOSDEM just for grins, if anyone is planning to attend that. Tycho