| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 29 Feb 2008 11:19:37 -0800 (PST) From: Davide Libenzi <davidel@...ilserver.org> To: Michael Kerrisk <mtk.manpages@...glemail.com> cc: Chris "еп" Heath <chris@...thens.co.nz>, David Schwartz <davids@...master.com>, dada1@...mosbay.com, "Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>, linux-man@...r.kernel.org Subject: Re: epoll design problems with common fork/exec patterns On Fri, 29 Feb 2008, Michael Kerrisk wrote: > As I think is clear, I've only given it very limited thought ;-). > > The point is that the existing implementation actually supports > "different *processes* sharing a single epoll fd and doing > epoll_wait() over it", but the semantics are unintuitive. It may be > that the existing implementation was the best way of doing things. > But when I see the strange corner cases in the semantics, I can't help > but wonder (way too late), whether there might have been some other > way of implementing things that led to more intuitive semantics. Oh boy. The fact that you can have an epoll fd cross the fork boundary, does not mean that any indiscriminate use of it leads to sane results: efd = epoll_create(); fork(); pipe(fds); epoll_ctl(efd, ADD, fds[0]); epoll_wait(); ???? ... pipe(fds); epoll_ctl(efd, ADD, fds[0]); epoll_wait(); ???? It is *NOT* a matter of semantics. > > If the next question is "But then why we made the epoll fd inheritable?", > > the answer is, because it makes sense in many cases for a parent to hand > > over an fd set to a child. > > Fair enough. > > So here's an idea about how things might alternatively have been done: > > a) The key for epoll entries could have been [file *, fd, PID] > > b) an epoll_wait() only returns events for fds where the PID maps that > of the caller. > > c) a close of a file descriptor removes the corresponding [file *, > fd, PID] from the epoll set. > > d) when a fork() is done, then the epoll set has a new set of keys > added. These are duplicates of the [file *, fd, PID] entries for the > parent, but with the PID of the child substituted into the new keys. > Say the parent had PID 1000, and the child has PID 2000. If the epoll > set initially contained: > > [X, 3, 1000] > [Y, 4, 1000] > > then after fork() we'd have: > > [X, 3, 1000] > [Y, 4, 1000] > [X, 3, 2000] > [Y, 4, 2000] > > There is of course room for debate about the efficiency of this > approach, I suppose. There sure is :) > You said elsewhere: > > [[ > That'd mean placing an eventpoll custom hook into sys_close(). Looks very > bad to me, and probably will look even worse to other kernel folks. > Is not much a performance issue (a check to see if a file* is an eventpoll > file is as easy as comparing the f_op pointer), but a design/style issue. > ]] > > But that wasn't very clear to me actually. I note that filp_close() > already has special case handling for dnotify (R.I.P.) and fcntl() > )aka POSIX) file locks, so there was already precedent for a custom > hook, AFAICS, and epoll is at least as worthy of special treatment as > either of those cases. I guess that over the time, Al became software WRT junk going there :) - Davide -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists