From: Christian Brauner <brauner@kernel.org>
To: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Cc: Christian Brauner <christian@brauner.io>,
Shuah Khan <shuah@kernel.org>,
"Liam R . Howlett" <Liam.Howlett@oracle.com>,
Suren Baghdasaryan <surenb@google.com>,
Vlastimil Babka <vbabka@suse.cz>,
pedro.falcato@gmail.com, linux-kselftest@vger.kernel.org,
linux-mm@kvack.org, linux-fsdevel@vger.kernel.org,
linux-api@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 1/3] pidfd: extend pidfd_get_pid() and de-duplicate pid lookup
Date: Wed, 16 Oct 2024 15:00:55 +0200 [thread overview]
Message-ID: <20241016-beinbruch-zeltplatz-4bfdedca1ee8@brauner> (raw)
In-Reply-To: <8e7edaf2f648fb01a71def749f17f76c0502dee1.1728643714.git.lorenzo.stoakes@oracle.com>
On Fri, Oct 11, 2024 at 12:05:55PM +0100, Lorenzo Stoakes wrote:
> The means by which a pid is determined from a pidfd is duplicated, with
> some callers holding a reference to the (pid)fd, and others explicitly
> pinning the pid.
>
> Introduce __pidfd_get_pid() which abstracts both approaches and provide
> optional output parameters for file->f_flags and the fd (the latter of
> which, if provided, prevents the function from decrementing the fd's
> refernce count).
>
> Additionally, allow the ability to open a pidfd by opening a /proc/<pid>
> directory, utilised by the pidfd_send_signal() system call, providing a
> pidfd_get_pid_proc() helper function to do so.
>
> Doing this allows us to eliminate open-coded pidfd pid lookup and to
> consistently handle this in one place.
>
> This lays the groundwork for a subsequent patch which adds a new sentinel
> pidfd to explicitly reference the current process (i.e. thread group
> leader) without the need for a pidfd.
>
> Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
> ---
> include/linux/pid.h | 42 +++++++++++++++++++++++++++++++-
> kernel/pid.c | 58 ++++++++++++++++++++++++++++++---------------
> kernel/signal.c | 22 ++++-------------
> 3 files changed, 84 insertions(+), 38 deletions(-)
>
> diff --git a/include/linux/pid.h b/include/linux/pid.h
> index a3aad9b4074c..68b02eab7509 100644
> --- a/include/linux/pid.h
> +++ b/include/linux/pid.h
> @@ -2,6 +2,7 @@
> #ifndef _LINUX_PID_H
> #define _LINUX_PID_H
>
> +#include <linux/file.h>
> #include <linux/pid_types.h>
> #include <linux/rculist.h>
> #include <linux/rcupdate.h>
> @@ -72,8 +73,47 @@ extern struct pid init_struct_pid;
>
> struct file;
>
> +
> +/**
> + * __pidfd_get_pid() - Retrieve a pid associated with the specified pidfd.
> + *
> + * @pidfd: The pidfd whose pid we want, or the fd of a /proc/<pid> file if
> + * @alloc_proc is also set.
> + * @pin_pid: If set, then the reference counter of the returned pid is
> + * incremented. If not set, then @fd should be provided to pin the
> + * pidfd.
> + * @allow_proc: If set, then an fd of a /proc/<pid> file can be passed instead
> + * of a pidfd, and this will be used to determine the pid.
> + * @flags: Output variable, if non-NULL, then the file->f_flags of the
> + * pidfd will be set here.
> + * @fd: Output variable, if non-NULL, then the pidfd reference will
> + * remain elevated and the caller will need to decrement it
> + * themselves.
> + *
> + * Returns: If successful, the pid associated with the pidfd, otherwise an
> + * error.
> + */
> +struct pid *__pidfd_get_pid(unsigned int pidfd, bool pin_pid,
> + bool allow_proc, unsigned int *flags,
> + struct fd *fd);
> +
> +static inline struct pid *pidfd_get_pid(unsigned int pidfd, unsigned int *flags)
> +{
> + return __pidfd_get_pid(pidfd, /* pin_pid = */ true,
> + /* allow_proc = */ false,
> + flags, /* fd = */ NULL);
> +}
> +
> +static inline struct pid *pidfd_to_pid_proc(unsigned int pidfd,
> + unsigned int *flags,
> + struct fd *fd)
> +{
> + return __pidfd_get_pid(pidfd, /* pin_pid = */ false,
> + /* allow_proc = */ true,
> + flags, fd);
> +}
> +
> struct pid *pidfd_pid(const struct file *file);
> -struct pid *pidfd_get_pid(unsigned int fd, unsigned int *flags);
> struct task_struct *pidfd_get_task(int pidfd, unsigned int *flags);
> int pidfd_prepare(struct pid *pid, unsigned int flags, struct file **ret);
> void do_notify_pidfd(struct task_struct *task);
> diff --git a/kernel/pid.c b/kernel/pid.c
> index 2715afb77eab..25cc1c36a1b1 100644
> --- a/kernel/pid.c
> +++ b/kernel/pid.c
> @@ -36,6 +36,7 @@
> #include <linux/pid_namespace.h>
> #include <linux/init_task.h>
> #include <linux/syscalls.h>
> +#include <linux/proc_fs.h>
> #include <linux/proc_ns.h>
> #include <linux/refcount.h>
> #include <linux/anon_inodes.h>
> @@ -534,22 +535,46 @@ struct pid *find_ge_pid(int nr, struct pid_namespace *ns)
> }
> EXPORT_SYMBOL_GPL(find_ge_pid);
>
> -struct pid *pidfd_get_pid(unsigned int fd, unsigned int *flags)
> +struct pid *__pidfd_get_pid(unsigned int pidfd, bool pin_pid,
> + bool allow_proc, unsigned int *flags,
> + struct fd *fd)
Hm, we should never return a struct fd. A struct fd is an inherently
scoped-bound concept - or at least aims to be. Simply put, we always
want to have the fdget() and the fdput() in the same scope as the file
pointer you can access via fd_file() is only valid as long as we're in
the syscall.
Ideally we mostly use CLASS(fd/fd_raw) and nearly never fdget(). The
point is that this is the wrong api to expose.
It would probably be wiser if you added a pidfd based fdget() inspired
primitive.
next prev parent reply other threads:[~2024-10-16 13:01 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-11 11:05 [PATCH v2 0/3] introduce PIDFD_SELF* sentinels Lorenzo Stoakes
2024-10-11 11:05 ` [PATCH v2 1/3] pidfd: extend pidfd_get_pid() and de-duplicate pid lookup Lorenzo Stoakes
2024-10-15 19:40 ` Suren Baghdasaryan
2024-10-16 6:05 ` Lorenzo Stoakes
2024-10-16 8:16 ` Suren Baghdasaryan
2024-10-16 8:22 ` Lorenzo Stoakes
2024-10-16 9:02 ` Suren Baghdasaryan
2024-10-16 8:50 ` kernel test robot
2024-10-16 9:46 ` Lorenzo Stoakes
2024-10-16 13:00 ` Christian Brauner [this message]
2024-10-16 20:00 ` Lorenzo Stoakes
2024-10-11 11:05 ` [PATCH v2 2/3] pidfd: add PIDFD_SELF_* sentinels to refer to own thread/process Lorenzo Stoakes
2024-10-11 11:05 ` [PATCH v2 3/3] selftests: pidfd: add tests for PIDFD_SELF_* Lorenzo Stoakes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241016-beinbruch-zeltplatz-4bfdedca1ee8@brauner \
--to=brauner@kernel.org \
--cc=Liam.Howlett@oracle.com \
--cc=christian@brauner.io \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=pedro.falcato@gmail.com \
--cc=shuah@kernel.org \
--cc=surenb@google.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox