Received: by 2002:ab2:710b:0:b0:1ef:a325:1205 with SMTP id z11csp965502lql;
        Tue, 12 Mar 2024 03:35:57 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCXPDTia5WlRxkyd8PcjnYCJRCWqO5BVAmKD5BmRZeJvjb+X7Dyg9mmQRjlcaaVrCPOMqP2TiaHnSFOWPzavvj7oO0iFYheKrX2NIXlm1g==
X-Google-Smtp-Source: AGHT+IHTkHjiSdKGNIUMwEL/EY5NfT3j+Fyo+70wR4XJPeUC/hc4qxIIRE9cI7gBfIDVmq2aHO2U
X-Received: by 2002:a50:cd55:0:b0:565:2458:4f5a with SMTP id d21-20020a50cd55000000b0056524584f5amr6263388edj.4.1710239757721;
        Tue, 12 Mar 2024 03:35:57 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1710239757; cv=pass;
        d=google.com; s=arc-20160816;
        b=QLq91kaOu+wHrFPuoTPOlHSHKRwCNlxhcStj25xaB5FwU85EjHoLPn9hTAvogOJK0Y
         1SpBs/x//8WXI0I6CT8CuOmLdOnB4uCV5Im8mj1GVb6v+ng7oNNyvv+GX3tOAdEOgGfV
         KHKHVSDsEwlD3C4sFq1u3PRdk7BQ5h7bZBs50ShNRKVf0WdXKRtiKSA+dsVqRfaQeLcE
         zj3zDQdIinBtwJRdkruhuTqkINeF7IJ2YiQ29WI8BKI+kv5Qj1tQPGD5PNvabcoEIyHP
         PegczbPuMeeNq1INmhDmJOuaQGvI96ojIQA4nF33fcTVGm0htDjCfbGAm0ydqODP8kEE
         PwQw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=mime-version:list-unsubscribe:list-subscribe:list-id:precedence
         :references:message-id:in-reply-to:subject:cc:to:from:date;
        bh=TO3K+O8Pf+MG4ydP/5DoZRrYR7jRzLWyY8TI89FhpmE=;
        fh=N4ODomiQX+kLhuRNtAodjJFzfPJMLt327ZKykmm/8u4=;
        b=lVu/VBiSbGKQkLHr3OI4G5A5wQ+e1t/6U3DL4t/De69cerGJ/v8faAxpeC9rHUw4z2
         y7jFlwzdsnbvBNe+p7T8hsIKxxVXGdqqn0xH9ltc7PWVZ0jtLCYv19EFKeDbyCS/4Z4t
         qqgAbldY0PhWh1IqNfbTt584Z+RUqrGNqVClRNCT3E4btQGUkIlE3UFjogxulZ8eWpRs
         iiKbnu7Bu78X0rIXC05/rnb8FlZOlyjwcvWx3ZFGWb+AZjf7EZa4Rvr1RR1L1Eo4Tbb9
         fQehDWgqKNKXsK2mU/Dzkb63uC3nM2jix9C+985orU64O+oD4BO5URnqvJrDk/2waHcv
         hFOA==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       arc=pass (i=1);
       spf=pass (google.com: domain of linux-kernel+bounces-100126-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-100126-linux.lists.archive=gmail.com@vger.kernel.org"
Return-Path: <linux-kernel+bounces-100126-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3])
        by mx.google.com with ESMTPS id s21-20020a056402521500b0056842f7dbf8si2862636edd.342.2024.03.12.03.35.57
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 12 Mar 2024 03:35:57 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-100126-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3;
Authentication-Results: mx.google.com;
       arc=pass (i=1);
       spf=pass (google.com: domain of linux-kernel+bounces-100126-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-100126-linux.lists.archive=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by am.mirrors.kernel.org (Postfix) with ESMTPS id 6801E1F21D25
	for <linux.lists.archive@gmail.com>; Tue, 12 Mar 2024 10:35:57 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id DDA3A78B44;
	Tue, 12 Mar 2024 10:35:07 +0000 (UTC)
Received: from andre.telenet-ops.be (andre.telenet-ops.be [195.130.132.53])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 300D741C89
	for <linux-kernel@vger.kernel.org>; Tue, 12 Mar 2024 10:35:03 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.130.132.53
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1710239707; cv=none; b=UP6oodvAb9o+9Vy8h9lMEOgR9JFupClRcXJfGrIFYV6IpPhEgfKkgbHljgNfi3d75KOkogdVNOwvm83jCne1BHHHO1y3nOJNfqHI/Zv2XrPbQhsIRdgBhG3MAKSkvQLmOjrWMcgcasTmTPG9yEY9pzeDwoB97K7ShhGQSNySpds=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1710239707; c=relaxed/simple;
	bh=XBc7Af1NkUozACweWiULsPD5xPfiFYsgN8mpnQ4+IEo=;
	h=Date:From:To:cc:Subject:In-Reply-To:Message-ID:References:
	 MIME-Version:Content-Type; b=IObkDpBf+17YBYb62KpuhGSFK5QMEZSXb0Nz2kHXrJ2oc2EMqT1/38aDGCipaL+tIbWNDC9MjRThSNIFeqFOT7yUl6VnP55Kz4pJsreTb2MN1ysBsV8rrDr5Jni0sdb7CK2RSCvlP3cLPetdI8FB5Bo5jpxYWn5ZHTetxzIHIBQ=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux-m68k.org; spf=none smtp.mailfrom=linux-m68k.org; arc=none smtp.client-ip=195.130.132.53
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux-m68k.org
Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux-m68k.org
Received: from ramsan.of.borg ([IPv6:2a02:1810:ac12:ed80:76d0:2bff:fec8:549])
	by andre.telenet-ops.be with bizsmtp
	id xmb22B0020SSLxL01mb2E4; Tue, 12 Mar 2024 11:35:02 +0100
Received: from geert (helo=localhost)
	by ramsan.of.borg with local-esmtp (Exim 4.95)
	(envelope-from <geert@linux-m68k.org>)
	id 1rjzTJ-003RY5-Tk;
	Tue, 12 Mar 2024 11:35:01 +0100
Date: Tue, 12 Mar 2024 11:35:01 +0100 (CET)
From: Geert Uytterhoeven <geert@linux-m68k.org>
To: Christian Brauner <brauner@kernel.org>
cc: linux-fsdevel@vger.kernel.org, 
    Linus Torvalds <torvalds@linux-foundation.org>, 
    Alexander Viro <viro@zeniv.linux.org.uk>, 
    Seth Forshee <sforshee@kernel.org>, Tycho Andersen <tycho@tycho.pizza>, 
    linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2] pidfd: add pidfdfs
In-Reply-To: <20240213-vfs-pidfd_fs-v1-2-f863f58cfce1@kernel.org>
Message-ID: <71bc82f4-b2df-c813-3aba-107d95c67d33@linux-m68k.org>
References: <20240213-vfs-pidfd_fs-v1-0-f863f58cfce1@kernel.org> <20240213-vfs-pidfd_fs-v1-2-f863f58cfce1@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed

 	Hi Christian,

On Tue, 13 Feb 2024, Christian Brauner wrote:
> This moves pidfds from the anonymous inode infrastructure to a tiny
> pseudo filesystem. This has been on my todo for quite a while as it will
> unblock further work that we weren't able to do simply because of the
> very justified limitations of anonymous inodes. Moving pidfds to a tiny
> pseudo filesystem allows:
>
> * statx() on pidfds becomes useful for the first time.
> * pidfds can be compared simply via statx() and then comparing inode
>  numbers.
> * pidfds have unique inode numbers for the system lifetime.
> * struct pid is now stashed in inode->i_private instead of
>  file->private_data. This means it is now possible to introduce
>  concepts that operate on a process once all file descriptors have been
>  closed. A concrete example is kill-on-last-close.
> * file->private_data is freed up for per-file options for pidfds.
> * Each struct pid will refer to a different inode but the same struct
>  pid will refer to the same inode if it's opened multiple times. In
>  contrast to now where each struct pid refers to the same inode. Even
>  if we were to move to anon_inode_create_getfile() which creates new
>  inodes we'd still be associating the same struct pid with multiple
>  different inodes.
> * Pidfds now go through the regular dentry_open() path which means that
>  all security hooks are called unblocking proper LSM management for
>  pidfds. In addition fsnotify hooks are called and allow for listening
>  to open events on pidfds.
>
> The tiny pseudo filesystem is not visible anywhere in userspace exactly
> like e.g., pipefs and sockfs. There's no lookup, there's no complex
> inode operations, nothing. Dentries and inodes are always deleted when
> the last pidfd is closed.
>
> The code is entirely optional and fairly small. If it's not selected we
> fallback to anonymous inodes. Heavily inspired by nsfs which uses a
> similar stashing mechanism just for namespaces.
>
> Signed-off-by: Christian Brauner <brauner@kernel.org>

Thanks for your patch, which is now commit cb12fd8e0dabb9a1
("pidfd: add pidfs") upstream.

> --- a/fs/Kconfig
> +++ b/fs/Kconfig
> @@ -174,6 +174,12 @@ source "fs/proc/Kconfig"
> source "fs/kernfs/Kconfig"
> source "fs/sysfs/Kconfig"
>
> +config FS_PIDFD
> +	bool "Pseudo filesystem for process file descriptors"
> +	depends on 64BIT

I think it would have been good if this dependency would have been
explained in the commit message.  I.e. why does this depend on 64BIT?

What is the risk this will not stay entirely optional?  I.e. can it
become a requirement for modern userspace, and thus be used as a stick
to kill support for 32-bit architectures?

> +	help
> +	  Pidfdfs implements advanced features for process file descriptors.
> +
> config TMPFS
> 	bool "Tmpfs virtual memory file system support (former shm fs)"
> 	depends on SHMEM

Gr{oetje,eeting}s,

 						Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
 							    -- Linus Torvalds