From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77286C433EF for ; Mon, 27 Sep 2021 10:19:45 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id F3E3F60FBF for ; Mon, 27 Sep 2021 10:19:44 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org F3E3F60FBF Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org Received: by kanga.kvack.org (Postfix) id 492FB6B0071; Mon, 27 Sep 2021 06:19:44 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 469926B0072; Mon, 27 Sep 2021 06:19:44 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 331A6900002; Mon, 27 Sep 2021 06:19:44 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 1FE366B0071 for ; Mon, 27 Sep 2021 06:19:44 -0400 (EDT) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id B73BC181B0492 for ; Mon, 27 Sep 2021 10:19:43 +0000 (UTC) X-FDA: 78632957046.28.F3A5491 Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by imf06.hostedemail.com (Postfix) with ESMTP id 7E611801A8A0 for ; Mon, 27 Sep 2021 10:19:43 +0000 (UTC) Received: by mail-pf1-f173.google.com with SMTP id m26so15404570pff.3 for ; Mon, 27 Sep 2021 03:19:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=lGc/CzSQycY/xWJ1m4mngd/wcGf436LBm02sP257mfQ=; b=qQplR5jS4hN+7PorT/8qNQKzvaxsOVzAfshiYTenTPS6Zul05Sq9g8cEvUXNp+gft6 x7fAY1qmAAgh2Tm9QYFQaG9no+nVQjbBGlAJQJspyXwmaOKBlBkGHafGmfx1iBHbZbNN pzoNUMVxOHb9edoBCHKrDnK9IMsweGTJA+0KBbwXpRtmkIFDrvcFJbfz2VCyrqEhK57P 7LCejOlhGpTnoIh6qH3q37w8GFUr8zbA3vKXudHVe3cxiVsmycd6Ut1NAstbwp65Tmhr 7oUs1KWKqE6EW8fFCCdxbqSejthDclT/rUxt2jwJToRfuSfxY80Y0/fRrJdORuQiiiJl Bo1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=lGc/CzSQycY/xWJ1m4mngd/wcGf436LBm02sP257mfQ=; b=hFt9HprmR6HSHlITYkmr3tDYcSdvVdwmmAmXN36q4+9/Tzu5v8CGm47OHDjBDTvWXu 1PvfOR3gSrrzgSrUzWeyHh+oomSD6tU1dNoH9k+rzhmDXfpcIw/QWsj32KHdfJZgZPk/ FKIgQICZU43jzhDccjcOt9Go8dncSo6jpL1hk6pavZ3Stl+8/x6pEl42E7WV5oiGXJ9S +2NAII4SkxgQrFbzxqfGqkHhT4yxfiOHDqo13KeuFIgif905eCoA7+y6djaE2NckatLQ 6NOOE8ywkEo1aD0inP/g79itIVCzDZgkHGTG76nbbuaat8stCEP7CjcNzQgHbTlQnEsN /FZA== X-Gm-Message-State: AOAM533QaSoqTllOY2OSHOlvN2Dq1HaWv+GSYpxoLxn3U5Rj18RtYcM/ CQYRH/dPK5iEqvnSwIjx9nM= X-Google-Smtp-Source: ABdhPJxtAuU6kacR8G0BiV9fnEl5Mzi54ToWnlElpmacJjRU8brXg9lwvSW5WJwE7Ile5u9a/SJcWQ== X-Received: by 2002:a65:6a0f:: with SMTP id m15mr1444214pgu.298.1632737982252; Mon, 27 Sep 2021 03:19:42 -0700 (PDT) Received: from smtpclient.apple (c-24-6-216-183.hsd1.ca.comcast.net. [24.6.216.183]) by smtp.gmail.com with ESMTPSA id g11sm18453073pgn.41.2021.09.27.03.19.41 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Sep 2021 03:19:41 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\)) Subject: Re: [RFC PATCH] userfaultfd: support control over mm of remote PIDs From: Nadav Amit In-Reply-To: <83827672-0996-4c25-9991-697ad443b6b3@redhat.com> Date: Mon, 27 Sep 2021 03:19:40 -0700 Cc: Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrea Arcangeli , Mike Rapoport , Peter Xu Content-Transfer-Encoding: 7bit Message-Id: References: <20210926170637.245699-1-namit@vmware.com> <83827672-0996-4c25-9991-697ad443b6b3@redhat.com> To: David Hildenbrand X-Mailer: Apple Mail (2.3654.120.0.1.13) X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 7E611801A8A0 X-Stat-Signature: baxmmz94ymrfx9rea9erqcqckf4qrtfc Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=qQplR5jS; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf06.hostedemail.com: domain of nadav.amit@gmail.com designates 209.85.210.173 as permitted sender) smtp.mailfrom=nadav.amit@gmail.com X-HE-Tag: 1632737983-181017 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000009, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: > On Sep 27, 2021, at 2:29 AM, David Hildenbrand wrote: > > On 26.09.21 19:06, Nadav Amit wrote: >> From: Nadav Amit >> Non-cooperative mode is useful but only for forked processes. >> Userfaultfd can be useful to monitor, debug and manage memory of remote >> processes. >> To support this mode, add a new flag, UFFD_REMOTE_PID, and an optional >> second argument to the userfaultfd syscall. When the flag is set, the >> second argument is assumed to be the PID of the process that is to be >> monitored. Otherwise the flag is ignored. >> The syscall enforces that the caller has CAP_SYS_PTRACE to prevent >> misuse of this feature. > > What supposed to happen if the target process intents to use uffd itself? Thanks for the quick response. First, sorry that I mistakenly dropped the changes to userfaultfd.h that define UFFD_REMOTE_PID. As for your question: there are standard ways to deal with such cases, similarly to when a debugged program wants to use PTRACE. One way is to block the userfaultfd syscall, using seccomp. Another way is to do chaining using ptrace (although using ptrace for anything is challenging). It is also possible to add tailor something specific to userfaultfd, but I think seccomp is a good enough solution. I am open to suggestions.