Re: [PATCH v2 0/5] pid: add pidfd_open()

From: Linus Torvalds
Date: Sun Mar 31 2019 - 10:52:49 EST

Next message: Christian Brauner: "Re: [PATCH v2 0/5] pid: add pidfd_open()"
Previous message: Wesley: "PÄknÃ setkÃnÃ s vÃmi"
In reply to: Jann Horn: "Re: [PATCH v2 0/5] pid: add pidfd_open()"
Next in thread: Christian Brauner: "Re: [PATCH v2 0/5] pid: add pidfd_open()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Mar 30, 2019 at 9:47 PM Jann Horn <jannh@xxxxxxxxxx> wrote:
>
> Sure, given a pidfd_clone() syscall, as long as the parent of the
> process is giving you a pidfd for it and you don't have to deal with
> grandchildren created by fork() calls outside your control, that
> works.

Don't do pidfd_clone() and pidfd_wait().

Both of those existing system calls already get a "flags" argument.
Just make a WPIDFD (for waitid) and CLONE_PIDFD (for clone) bit, and
make the existing system calls just take/return a pidfd.

Side note: we could (should?) also make the default maxpid just be
larger. It needs to fit in an 'int', but MAXINT instead of 65535 would
likely alreadt make a lot of these attacks harder.

There was some really old legacy reason why we actually limited it to
65535 originally. It was old and crufty even back when..

Linus

Linus

Next message: Christian Brauner: "Re: [PATCH v2 0/5] pid: add pidfd_open()"
Previous message: Wesley: "PÄknÃ setkÃnÃ s vÃmi"
In reply to: Jann Horn: "Re: [PATCH v2 0/5] pid: add pidfd_open()"
Next in thread: Christian Brauner: "Re: [PATCH v2 0/5] pid: add pidfd_open()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]