Re: [RFC PATCH] fdinfo: Option for public fdinfo

Next message: Krzysztof Kozlowski: "Re: [PATCH v3 1/2] dt-bindings: power: supply: gpio-charger: add support for fast-charge timer"
Previous message: Dragos Tatulea: "Re: [PATCH net-next 5/5] net/mlx5e: XDP, Use page fragments for linear data in multibuf-mode"
Next in thread: Christian K&#xF6;nig: "Re: [RFC PATCH] fdinfo: Option for public fdinfo"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christian Brauner

Date: Tue Mar 24 2026 - 04:59:52 EST

On Mon, Mar 23, 2026 at 02:16:59PM +0100, Christian König wrote:
> On 3/23/26 13:13, Christian Brauner wrote:
> > On Mon, Mar 16, 2026 at 02:38:28PM -0400, David Francis wrote:
> >> We want some GPU information to be publicly available to all
> >> processes for basic system-wide profiling (think GPU versions
> >> of top).
> >>
> >> This information is available in fdinfo and not easily exposed
> >> by other interfaces.
> >>
> >> Add fd_op flag FOP_PUBLIC_FDINFO, which, if set, makes the fdinfo
> >> for that file available to read for processes without ptrace
> >> permissions.
> >>
> >> Note that this makes public how many files each process has open,
> >> and what their fds are.
> >>
> >> Signed-off-by: David Francis <David.Francis@xxxxxxx>
> >> ---
> >
> > Eew, please let's not. Add an ioctl if you need to be able to retrieve
> > that info.
>
> Yeah the problem is an IOCTL is even worse from the security pov.
>
> This is for an tool which doesn't have access to the file descriptor which provides that information.
>
> So using pidfd_getfd() or similar to get the FD and then call an IOCTL on it would be a security violation.
>
> The real question is how should we make this information public available in the system?

Don't you have a way to make this info available in sysfs? Just like
networking exposes info about network devices in there that may come and
go?