Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier

[PATCH 0/5] Add seccomp notifier ioctl that enables adding fds · Sargun Dhillon <hidden> · 2020-05-24
[PATCH 1/5] seccomp: Add find_notification helper · Sargun Dhillon <hidden> · 2020-05-24
Re: [PATCH 1/5] seccomp: Add find_notification helper · Tycho Andersen <hidden> · 2020-05-24
Re: [PATCH 1/5] seccomp: Add find_notification helper · Christian Brauner <hidden> · 2020-05-25
[PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Sargun Dhillon <hidden> · 2020-05-24
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Tycho Andersen <hidden> · 2020-05-24
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Tycho Andersen <hidden> · 2020-05-24
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Al Viro <viro@zeniv.linux.org.uk> · 2020-05-25
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Sargun Dhillon <hidden> · 2020-05-25
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Al Viro <viro@zeniv.linux.org.uk> · 2020-05-25
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Christian Brauner <hidden> · 2020-05-25
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Sargun Dhillon <hidden> · 2020-05-26
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Christian Brauner <hidden> · 2020-05-26
[PATCH 3/5] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD · Sargun Dhillon <hidden> · 2020-05-24
[PATCH 4/5] seccomp: Add SECCOMP_ADDFD_FLAG_MOVE flag to add fd ioctl · Sargun Dhillon <hidden> · 2020-05-24
Re: [PATCH 4/5] seccomp: Add SECCOMP_ADDFD_FLAG_MOVE flag to add fd ioctl · Christian Brauner <hidden> · 2020-05-25
Re: [PATCH 4/5] seccomp: Add SECCOMP_ADDFD_FLAG_MOVE flag to add fd ioctl · Sargun Dhillon <hidden> · 2020-05-26
[PATCH 5/5] selftests/seccomp: Add test for addfd move semantics · Sargun Dhillon <hidden> · 2020-05-24

From: Sargun Dhillon <hidden>
Date: 2020-05-25 00:28:37
Also in: lkml

On Sun, May 24, 2020 at 5:05 PM Al Viro [off-list ref] wrote:

On Sun, May 24, 2020 at 04:39:39PM -0700, Sargun Dhillon wrote:

Bad refcounting rules.  *IF* we go with anything of that sort (and I'm not
convinced that the entire series makes sense), it's better to have more
uniform rules re reference consumption/disposal.

Make the destructor of addfd *ALWAYS* drop its reference.  And have this
function go

Are you suggesting the in both the error, and non-error cases the ioctl
invoker side is responsible for fput'ing the final reference in both the
success and non-success cases? Would we take an extra reference
prior to fd_install?

        if (addfd->fd >= 0) {
                ret = replace_fd(addfd->fd, addfd->file, addfd->flags);
        } else {
                ret = get_unused_fd_flags(addfd->flags);
                if (ret >= 0)
                        fd_install(ret, get_file(addfd->file));
        }

Wouldn't this result in consumption of reference in one case (fd_install),
and the fd still having a reference in the replace_fd case?

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help