Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp1835414rdb; Thu, 7 Dec 2023 09:58:31 -0800 (PST) X-Google-Smtp-Source: AGHT+IGnQDaEmCi0IQEIHaGNopmFvJUaI1s25Uuoevvpwm6PLXBlNDuHvjJ/Bq4DvGH5NXxxO8Bv X-Received: by 2002:a05:6358:60cc:b0:170:17eb:1df with SMTP id i12-20020a05635860cc00b0017017eb01dfmr2838819rwi.34.1701971910448; Thu, 07 Dec 2023 09:58:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701971910; cv=none; d=google.com; s=arc-20160816; b=cA5ddPv+eo4xSIJD2SW/QiYUaPubeXAYHglxmSEXxVeu8ZVg+L8CekQB+dtWritkDy 6qoDUji+os3F+GpUMmGV8coP1YS2isn5gd8CO4Lu+911TYeqUKoIkWpAcLxvFOdN8n4n n7J16ifITiDYvvXj0mpF7Kl0g/Wh82NEp+ppxhFQhyaIlCgpa4ohqfN0xHcd0nBPnXj5 Ag+BvoPuhdRyQapNokMG8Fj05yGtqJK7goWddtjJs5M/b3DvIRs7NDS6yMAk/8sQExeb GJjbw/xI7r5BFr7rpwFAPzGhP/HVrESV9kJkdQmidIlEvTfQlNDwJHoJhqwhui2FTbS6 XSNQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=ou6DS8vVEKaGmpzU1zaQUBlttfNdLt0/Jq4rLF+GPyg=; fh=LhvObmnrxjRmjQWhIXY2wpwX8dtHWidFP9kHDR6q7HQ=; b=kh8MejL7w6WjVHpELeUrD8D9Y8IYGiJqEqELHxrptDOdP4LOZwItA1FcSH+sJ/BNmL Td3nJcemQlSHvZ5PYd8fOMTZ6dLIOnspOJNJNm/RCoAUBF94/FNXra0Od19C+3oVaGJB WUJm3ZN7QV5aMds3G7jZCNrMxGGBQEBhxFP98/rJwk0tITCYCHU7NfxZm7rDdAr18S/q AyNJSQFrvceJV7GIkz1GlaKoAjTIg5hCMbYg5tfKpJEfFLqpe3fOGr6iRkjLHlyyKC8g iMv5gCUb6vKOjMFrqMTzVwFUbE4j6BjRlAVuK4nFEAcu87S7lvaCrnDm+dY9FqM1+YqB CmKA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=l4TN7o1b; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id q19-20020a632a13000000b005b96e63bc5esi57321pgq.631.2023.12.07.09.58.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 07 Dec 2023 09:58:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=l4TN7o1b; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 144D78028B49; Thu, 7 Dec 2023 09:58:28 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1443576AbjLGR6O (ORCPT + 99 others); Thu, 7 Dec 2023 12:58:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49422 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235228AbjLGR6L (ORCPT ); Thu, 7 Dec 2023 12:58:11 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 41CCA173C for ; Thu, 7 Dec 2023 09:57:48 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 500ABC433C8; Thu, 7 Dec 2023 17:57:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1701971867; bh=he6LQ25WriwrUDDfYMH36GaKEnf82jbzGv13WZYSigA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=l4TN7o1bbCnfchU9RLrHJPvjo+IZ4KULQNSU5zsj3q64CV1bTzf9IP4m/+rGhIOIn oODMJChWCx477zxVUlNsE6IiNamrGVAYLkSOsAW8UWbIDDKQEU0zCFkl5Mk4fYQIts HOo+02W54XWWpeoEuIF0nOJ7f0mHuv24kSBz+ftktQSyzd2VhtGnUmbfYn1oR9I4w+ TEmD0BS8uKH8WiFT3owGtMdsYPLRGGonI2MbEl75vFuxW7WT48v05dZDyYWiqibHTF pdqXCqbnIvyVn+8rcYo+hwaS9FmzBMzKw7Ff6x4+jlp2JrR99IxRJkBwBIDAwizBwj cQ2PSv3eCw8wg== Date: Thu, 7 Dec 2023 18:57:42 +0100 From: Christian Brauner To: Tycho Andersen , Oleg Nesterov Cc: "Eric W . Biederman" , linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, Tycho Andersen , Jan Kara , linux-fsdevel@vger.kernel.org, Joel Fernandes Subject: Re: [RFC 1/3] pidfd: allow pidfd_open() on non-thread-group leaders Message-ID: <20231207-weither-autopilot-8daee206e6c5@brauner> References: <20231130163946.277502-1-tycho@tycho.pizza> <20231130173938.GA21808@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Thu, 07 Dec 2023 09:58:28 -0800 (PST) On Fri, Dec 01, 2023 at 09:31:40AM -0700, Tycho Andersen wrote: > On Thu, Nov 30, 2023 at 10:57:01AM -0700, Tycho Andersen wrote: > > On Thu, Nov 30, 2023 at 06:39:39PM +0100, Oleg Nesterov wrote: > > > I think that wake_up_all(wait_pidfd) should have a single caller, > > > do_notify_pidfd(). This probably means it should be shiftef from > > > do_notify_parent() to exit_notify(), I am not sure... > > Indeed, below passes the tests without issue and is much less ugly. So I think I raised that question on another medium already but what does the interaction with de_thread() look like? Say some process creates pidfd for a thread in a non-empty thread-group is created via CLONE_PIDFD. The pidfd_file->private_data is set to struct pid of that task. The task the pidfd refers to later exec's. Once it passed de_thread() the task the pidfd refers to assumes the struct pid of the old thread-group leader and continues. At the same time, the old thread-group leader now assumes the struct pid of the task that just exec'd. So after de_thread() the pidfd now referes to the old thread-group leaders struct pid. Any subsequent operation will fail because the process has already exited. Basically, the pidfd now refers to the old thread-group leader and any subsequent operation will fail even though the task still exists. Conversely, if someone had created a pidfd that referred to the old thread-group leader task then this pidfd will now suddenly refer to the new thread-group leader task for the same reason: the struct pid's were exchanged. So this also means, iiuc, that the pidfd could now be passed to waitid(P_PIFD) to retrieve the status of the old thread-group leader that just got zapped. And for the case where the pidfd referred to the old thread-group leader task you would now suddenly _not_ be able to wait on that task anymore. If these concerns are correct, then I think we need to decide what semantics we want and how to handle this because that's not ok.