lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 12 Apr 2019 14:32:53 -0700
From:   Andy Lutomirski <>
To:     "Joel Fernandes (Google)" <>
Cc:     LKML <>,
        Steven Rostedt <>,
        Daniel Colascione <>,
        Christian Brauner <>,
        Jann Horn <>,
        Suren Baghdasaryan <>,
        Linus Torvalds <>,
        Alexey Dobriyan <>,
        Al Viro <>,
        Andrei Vagin <>,
        Andrew Morton <>,
        Arnd Bergmann <>,
        "Eric W. Biederman" <>,
        Kees Cook <>,
        Linux FS Devel <>,
        "open list:KERNEL SELFTEST FRAMEWORK" 
        <>, Michal Hocko <>,
        Nadav Amit <>, Oleg Nesterov <>,
        Serge Hallyn <>, Shuah Khan <>,
        Stephen Rothwell <>,
        Taehee Yoo <>, Tejun Heo <>,
        Thomas Gleixner <>,
        Tycho Andersen <>
Subject: Re: [PATCH RFC 1/2] Add polling support to pidfd

On Thu, Apr 11, 2019 at 10:51 AM Joel Fernandes (Google)
<> wrote:
> pidfd are /proc/pid directory file descriptors referring to a task group
> leader. Android low memory killer (LMK) needs pidfd polling support to
> replace code that currently checks for existence of /proc/pid for
> knowing a process that is signalled to be killed has died, which is both
> racy and slow. The pidfd poll approach is race-free, and also allows the
> LMK to do other things (such as by polling on other fds) while awaiting
> the process being killed to die.
> It prevents a situation where a PID is reused between when LMK sends a
> kill signal and checks for existence of the PID, since the wrong PID is
> now possibly checked for existence.
> In this patch, we follow the same mechanism used uhen the parent of the
> task group is to be notified, that is when the tasks waiting on a poll
> of pidfd are also awakened.
> We have decided to include the waitqueue in struct pid for the following
> reasons:
> 1. The wait queue has to survive for the lifetime of the poll. Including
> it in task_struct would not be option in this case because the task can
> be reaped and destroyed before the poll returns.

Are you sure?  I admit I'm not all that familiar with the innards of
poll() on Linux, but I thought that the waitqueue only had to survive
long enough to kick the polling thread and did *not* have to survive
until poll() actually returned.

> 2. By including the struct pid for the waitqueue means that during
> de_exec, the thread doing de_thread() automatically gets the new
> waitqueue/pid even though its task_struct is different.

I didn't follow this.  Can you clarify?

Also, please don't call your new helper wake_up_pidfd_pollers().  One
of the goals of my patch was to make it generically possible for
kernel code to wait for a task to exit.  There are other cases besides
pidfd for which this would be useful.  Ahem, kthread.  (The kthread
implementation currently does some seriously awful things to detect
when kthreads die.)  Also, some hypothetical future vastly improved
debugging API (to supercede ptrace for new applications) might want


Powered by blists - more mailing lists