[PATCH v1 1/2] proc: get process file descriptor from /proc/<pid>

From: Christian Brauner
Date: Mon Nov 19 2018 - 05:33:43 EST

Next message: Christian Brauner: "[PATCH v1 2/2] signal: add procfd_signal() syscall"
Previous message: Christian Brauner: "[PATCH v1 0/2] proc: allow signaling processes via file descriptors"
In reply to: Christian Brauner: "[PATCH v1 0/2] proc: allow signaling processes via file descriptors"
Next in thread: Andy Lutomirski: "Re: [PATCH v1 1/2] proc: get process file descriptor from /proc/<pid>"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

With this patch an open() call on /proc/<pid> will give userspace a handle
to struct pid of the process associated with /proc/<pid>. This allows to
maintain a stable handle on a process.
I have been discussing various approaches extensively during technical
conferences this year culminating in a long argument with Eric at Linux
Plumbers. The general consensus was that having a handle on a process
should be something that is very simple and easy to maintain with the
option of being extensible via a more advanced api if the need arises. I
believe that this patch is the most simple, dumb, and therefore
maintainable solution.

[1]: https://lkml.org/lkml/2018/10/30/118

Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Cc: Serge Hallyn <serge@xxxxxxxxxx>
Cc: Jann Horn <jannh@xxxxxxxxxx>
Cc: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: Andy Lutomirsky <luto@xxxxxxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Cc: Oleg Nesterov <oleg@xxxxxxxxxx>
Cc: Aleksa Sarai <cyphar@xxxxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Christian Brauner <christian@xxxxxxxxxx>
---
Changelog:
v1:
- remove ioctl() to signal processes and replace with a dedicated syscall
in the next patch
---
fs/proc/base.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)

diff --git a/fs/proc/base.c b/fs/proc/base.c
index ce3465479447..6365a4fea314 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -3032,10 +3032,27 @@ static int proc_tgid_base_readdir(struct file *file, struct dir_context *ctx)
tgid_base_stuff, ARRAY_SIZE(tgid_base_stuff));
}

+static int proc_tgid_open(struct inode *inode, struct file *file)
+{
+ /* grab reference to struct pid and stash the pointer away */
+ file->private_data = get_pid(proc_pid(inode));
+ return 0;
+}
+
+static int proc_tgid_release(struct inode *inode, struct file *file)
+{
+ struct pid *pid = file->private_data;
+ /* drop reference to struct pid */
+ put_pid(pid);
+ return 0;
+}
+
static const struct file_operations proc_tgid_base_operations = {
+ .open = proc_tgid_open,
.read = generic_read_dir,
.iterate_shared = proc_tgid_base_readdir,
.llseek = generic_file_llseek,
+ .release = proc_tgid_release,
};

static struct dentry *proc_tgid_base_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags)
--
2.19.1

Next message: Christian Brauner: "[PATCH v1 2/2] signal: add procfd_signal() syscall"
Previous message: Christian Brauner: "[PATCH v1 0/2] proc: allow signaling processes via file descriptors"
In reply to: Christian Brauner: "[PATCH v1 0/2] proc: allow signaling processes via file descriptors"
Next in thread: Andy Lutomirski: "Re: [PATCH v1 1/2] proc: get process file descriptor from /proc/<pid>"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]