Re: [PATCH v2 0/5] pid: add pidfd_open()
From: Aleksa Sarai
Date: Mon Apr 01 2019 - 07:41:29 EST
On 2019-03-31, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> > On Mar 31, 2019, at 3:17 PM, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> >> On Sun, Mar 31, 2019 at 2:10 PM Christian Brauner <christian@xxxxxxxxxx> wrote:
> >>
> >> I don't think that we want or can make them equivalent since that would
> >> mean we depend on procfs.
> >
> > Sure we can.
> >
> > If /proc is enabled, then you always do that dance YOU ALREADY WROTE
> > THE CODE FOR to do the stupid ioctl.
> >
> > And if /procfs isn't enabled, then you don't do that.
> >
> > Ta-daa. Done. No stupid ioctl, and now /proc and pidfd_open() return
> > the same damn thing.
> >
> > And guess what? If /proc isn't enabled, then obviously pidfd_open()
> > gives you the /proc-less thing, but at least there is no crazy "two
> > different file descriptors for the same thing" situation, because then
> > the /proc one doesn't exist.
> >
>
> I wish we could do this, and, in a clean design, it would be a
> no-brainer. But /proc has too much baggage. Just to mention two such
> things, thereâs ânetâ and â../sysâ. This crud is why we have all
> kinds of crazy rules that prevent programs in sandboxes from making a
> new mounts and mounting /proc in it. If we make it possible to clone
> a new process and this access /proc without having /proc mounted,
> weâll open up a big can of worms.
>
> Maybe we could have a sanitized view of /proc and make a pidfd be a
> directory fd pointing at that.
Eric pitched a procfs2 which would *just* be the PIDs some time ago (in
an attempt to make it possible one day to mount /proc inside a container
without adding a bunch of masked paths), though it was just an idea and
I don't know if he ever had a patch for it.
--
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
<https://www.cyphar.com/>
Attachment:
signature.asc
Description: PGP signature