AW: [RESEND] RFC: pidfd_getfd(2) manual page
From: Walter Harms
Date: Wed Apr 08 2020 - 06:58:36 EST
________________________________________
Von: linux-man-owner@xxxxxxxxxxxxxxx <linux-man-owner@xxxxxxxxxxxxxxx> im Auftrag von Michael Kerrisk (man-pages) <mtk.manpages@xxxxxxxxx>
Gesendet: Mittwoch, 8. April 2020 10:32
An: Christian Brauner
Cc: Sargun Dhillon; linux-man; Linux API; lkml; Tycho Andersen; Jann Horn; Aleksa Sarai; Christian Brauner; Oleg Nesterov; Andy Lutomirski; Alexander Viro; jld@xxxxxxxxxxx; Arnd Bergmann; Florian Weimer; gpascutto@xxxxxxxxxxx; ealvarez@xxxxxxxxxxx
Betreff: Re: [RESEND] RFC: pidfd_getfd(2) manual page
Hello Christian,
On Wed, 8 Apr 2020 at 09:45, Christian Brauner
<christian.brauner@xxxxxxxxxx> wrote:
>
> On Tue, Apr 07, 2020 at 08:49:35PM +0200, Michael Kerrisk (man-pages) wrote:
> > [No response on my mail of a week ago, so I try again; the page
> > text is unchanged since the draft sent out on 31 March]
>
> Sorry for the delay.
>
> >
> > Hello Sargun et al.
> >
> > I've taken a shot at writing a manual page for pidfd_getfd().
> > I would be happy to receive comments, suggestions for
> > improvements, etc. The text is as follows (the groff source
> > is at the foot of this mail):
>
> Thanks for that! Really appreciated. Just a few nits below.
Thanks for the review!
> > NAME
> > pidfd_getfd - obtain a duplicate of another process's file
> > descriptor
> >
> > SYNOPSIS
> > int pidfd_getfd(int pidfd, int targetfd, unsigned int flags);
> >
> > DESCRIPTION
> > The pidfd_getfd() system call allocates a new file descriptor in
> > the calling process. This new file descriptor is a duplicate of
> > an existing file descriptor, targetfd, in the process referred to
> > by the PID file descriptor pidfd.
> >
> > The duplicate file descriptor refers to the same open file
> > description (see open(2)) as the original file descriptor in the
> > process referred to by pidfd. The two file descriptors thus share
> > file status flags and file offset. Furthermore, operations on the
> > underlying file object (for example, assigning an address to a
> > socket object using bind(2)) can be equally be performed via the
>
> s/can be equally be performed/can be equally performed
> ?
Thanks. I made it: "can equally be performed"
> > duplicate file descriptor.
> >
> > The close-on-exec flag (FD_CLOEXEC; see fcntl(2)) is set on the
> > file descriptor returned by pidfd_getfd().
> >
> > The flags argument is reserved for future use. Currently, it must
> > be specified as 0.
> >
> > Permission to duplicate another process's file descriptor is gov‐
> > erned by a ptrace access mode PTRACE_MODE_ATTACH_REALCREDS check
> > (see ptrace(2)).
> >
> > RETURN VALUE
> > On success, pidfd_getfd() returns a nonnegative file descriptor.
>
> Imho, this makes it sound like there are negative file descriptor
> numbers. But as a non-native speaker that might just be a subtle
> misreading on my part. Maybe just like open() just mention:
> "On success, pidfd_getfd() returns a file descriptor."
You're right. That wording is just clumsy! I fixed it.
On success, pidfd_getfd() returns a file descriptor (a
nonnegative integer).
And I also fixed similar clumsy wordings in a number of other pages.
perhaps "greater or equal 0" instead on nonnegativ, people are
bad with negations.
re,
wh
> > On error, -1 is returned and errno is set to indicate the cause of
> > the error.
> >
> > ERRORS
> > EBADF pidfd is not a valid PID file descriptor.
> >
> > EBADF targetfd is not an open file descriptor in the process
> > referred to by pidfd.
> >
> > EINVAL flags is not 0.
> >
> > EMFILE The per-process limit on the number of open file descrip‐
> > tors has been reached (see the description of RLIMIT_NOFILE
> > in getrlimit(2)).
> >
> > ENFILE The system-wide limit on the total number of open files has
> > been reached.
> >
> > ESRCH The process referred to by pidfd does not exist (i.e., it
> > has terminated and been waited on).
>
> EPERM The calling process did not have PTRACE_MODE_ATTACH_REALCREDS
> permissions (see ptrace(2)) over the process referred to by
> pidfd.
Oh yes. Thanks. Added.
> Technically, there should also be a disclaimer that other errno values
> are possible because of LSM denials, e.g. selinux could return EACCES or
> any other errno code in their file_receive() hook. But I'm not whether we
> generally do this. In any case, I would find it useful as a developer.
No, the manual pages don't generally include this. Mainly because I
just don't know all the details.
> (Is there actually a place where all LSMs are forced to record their
> errno returns for their security hooks for each syscall they hook into and
> that's visible to userspace? Because that'd be really useful...)
Nothing that I'm aware of, unfortunately.
Thanks again for the review!
Cheers,
Michael
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/