| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKgNAkjeUo4j9f=nBvoK3Vg1U9MqT=SgQBxHQ046-eL1nFbF2w@mail.gmail.com>
Date: Wed, 8 Apr 2020 10:32:47 +0200
From: "Michael Kerrisk (man-pages)" <mtk.manpages@...il.com>
To: Christian Brauner <christian.brauner@...ntu.com>
Cc: Sargun Dhillon <sargun@...gun.me>,
linux-man <linux-man@...r.kernel.org>,
Linux API <linux-api@...r.kernel.org>,
lkml <linux-kernel@...r.kernel.org>,
Tycho Andersen <tycho@...ho.ws>, Jann Horn <jannh@...gle.com>,
Aleksa Sarai <cyphar@...har.com>,
Christian Brauner <christian@...uner.io>,
Oleg Nesterov <oleg@...hat.com>,
Andy Lutomirski <luto@...capital.net>,
Alexander Viro <viro@...iv.linux.org.uk>, jld@...illa.com,
Arnd Bergmann <arnd@...db.de>,
Florian Weimer <fweimer@...hat.com>, gpascutto@...illa.com,
ealvarez@...illa.com
Subject: Re: [RESEND] RFC: pidfd_getfd(2) manual page
Hello Christian,
On Wed, 8 Apr 2020 at 09:45, Christian Brauner
<christian.brauner@...ntu.com> wrote:
>
> On Tue, Apr 07, 2020 at 08:49:35PM +0200, Michael Kerrisk (man-pages) wrote:
> > [No response on my mail of a week ago, so I try again; the page
> > text is unchanged since the draft sent out on 31 March]
>
> Sorry for the delay.
>
> >
> > Hello Sargun et al.
> >
> > I've taken a shot at writing a manual page for pidfd_getfd().
> > I would be happy to receive comments, suggestions for
> > improvements, etc. The text is as follows (the groff source
> > is at the foot of this mail):
>
> Thanks for that! Really appreciated. Just a few nits below.
Thanks for the review!
> > NAME
> > pidfd_getfd - obtain a duplicate of another process's file
> > descriptor
> >
> > SYNOPSIS
> > int pidfd_getfd(int pidfd, int targetfd, unsigned int flags);
> >
> > DESCRIPTION
> > The pidfd_getfd() system call allocates a new file descriptor in
> > the calling process. This new file descriptor is a duplicate of
> > an existing file descriptor, targetfd, in the process referred to
> > by the PID file descriptor pidfd.
> >
> > The duplicate file descriptor refers to the same open file
> > description (see open(2)) as the original file descriptor in the
> > process referred to by pidfd. The two file descriptors thus share
> > file status flags and file offset. Furthermore, operations on the
> > underlying file object (for example, assigning an address to a
> > socket object using bind(2)) can be equally be performed via the
>
> s/can be equally be performed/can be equally performed
> ?
Thanks. I made it: "can equally be performed"
> > duplicate file descriptor.
> >
> > The close-on-exec flag (FD_CLOEXEC; see fcntl(2)) is set on the
> > file descriptor returned by pidfd_getfd().
> >
> > The flags argument is reserved for future use. Currently, it must
> > be specified as 0.
> >
> > Permission to duplicate another process's file descriptor is gov‐
> > erned by a ptrace access mode PTRACE_MODE_ATTACH_REALCREDS check
> > (see ptrace(2)).
> >
> > RETURN VALUE
> > On success, pidfd_getfd() returns a nonnegative file descriptor.
>
> Imho, this makes it sound like there are negative file descriptor
> numbers. But as a non-native speaker that might just be a subtle
> misreading on my part. Maybe just like open() just mention:
> "On success, pidfd_getfd() returns a file descriptor."
You're right. That wording is just clumsy! I fixed it.
On success, pidfd_getfd() returns a file descriptor (a
nonnegative integer).
And I also fixed similar clumsy wordings in a number of other pages.
> > On error, -1 is returned and errno is set to indicate the cause of
> > the error.
> >
> > ERRORS
> > EBADF pidfd is not a valid PID file descriptor.
> >
> > EBADF targetfd is not an open file descriptor in the process
> > referred to by pidfd.
> >
> > EINVAL flags is not 0.
> >
> > EMFILE The per-process limit on the number of open file descrip‐
> > tors has been reached (see the description of RLIMIT_NOFILE
> > in getrlimit(2)).
> >
> > ENFILE The system-wide limit on the total number of open files has
> > been reached.
> >
> > ESRCH The process referred to by pidfd does not exist (i.e., it
> > has terminated and been waited on).
>
> EPERM The calling process did not have PTRACE_MODE_ATTACH_REALCREDS
> permissions (see ptrace(2)) over the process referred to by
> pidfd.
Oh yes. Thanks. Added.
> Technically, there should also be a disclaimer that other errno values
> are possible because of LSM denials, e.g. selinux could return EACCES or
> any other errno code in their file_receive() hook. But I'm not whether we
> generally do this. In any case, I would find it useful as a developer.
No, the manual pages don't generally include this. Mainly because I
just don't know all the details.
> (Is there actually a place where all LSMs are forced to record their
> errno returns for their security hooks for each syscall they hook into and
> that's visible to userspace? Because that'd be really useful...)
Nothing that I'm aware of, unfortunately.
Thanks again for the review!
Cheers,
Michael
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
Powered by blists - more mailing lists