Re: [PATCH 0/5] Add pidfd support to the fanotify API

[PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-05-20
[PATCH 1/5] kernel/pid.c: remove static qualifier from pidfd_create() · Matthew Bobrowski <repnop@google.com> · 2021-05-20
[PATCH 2/5] kernel/pid.c: implement checks on parameters passed to pidfd_create() · Matthew Bobrowski <repnop@google.com> · 2021-05-20
[PATCH 3/5] fanotify_user.c: minor cosmetic adjustments to fid labels · Matthew Bobrowski <repnop@google.com> · 2021-05-20
[PATCH 4/5] fanotify/fanotify_user.c: introduce a generic info record copying function · Matthew Bobrowski <repnop@google.com> · 2021-05-20
Re: [PATCH 4/5] fanotify/fanotify_user.c: introduce a generic info record copying function · Amir Goldstein <amir73il@gmail.com> · 2021-05-20
Re: [PATCH 4/5] fanotify/fanotify_user.c: introduce a generic info record copying function · Matthew Bobrowski <repnop@google.com> · 2021-05-21
[PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-05-20
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Christian Brauner <hidden> · 2021-05-20
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Amir Goldstein <amir73il@gmail.com> · 2021-05-20
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-05-21
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Amir Goldstein <amir73il@gmail.com> · 2021-05-21
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Jan Kara <jack@suse.cz> · 2021-05-21
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Amir Goldstein <amir73il@gmail.com> · 2021-05-21
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Jan Kara <jack@suse.cz> · 2021-05-21
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Amir Goldstein <amir73il@gmail.com> · 2021-05-21
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Jan Kara <jack@suse.cz> · 2021-05-21
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-05-22
Re: [PATCH 5/5] fanotify: Add pidfd info record support to the fanotify API · Amir Goldstein <amir73il@gmail.com> · 2021-05-22
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Jan Kara <jack@suse.cz> · 2021-05-20
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-05-21
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Jan Kara <jack@suse.cz> · 2021-05-21
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-05-21
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Jan Kara <jack@suse.cz> · 2021-05-24
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Christian Brauner <hidden> · 2021-05-25
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-05-25
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Christian Brauner <hidden> · 2021-05-26
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-05-26
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-06-01
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Christian Brauner <hidden> · 2021-06-01
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-06-02
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Amir Goldstein <amir73il@gmail.com> · 2021-06-02
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Christian Brauner <hidden> · 2021-06-02
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-06-02
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Christian Brauner <hidden> · 2021-06-02
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-06-02
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Amir Goldstein <amir73il@gmail.com> · 2021-06-02
Re: [PATCH 0/5] Add pidfd support to the fanotify API · Matthew Bobrowski <repnop@google.com> · 2021-06-03

From: Christian Brauner <hidden>
Date: 2021-05-25 10:33:12
Also in: linux-fsdevel

On Mon, May 24, 2021 at 10:47:46AM +0200, Jan Kara wrote:

On Sat 22-05-21 09:32:36, Matthew Bobrowski wrote:

quoted

On Fri, May 21, 2021 at 12:40:56PM +0200, Jan Kara wrote:

quoted

On Fri 21-05-21 20:15:35, Matthew Bobrowski wrote:

quoted

On Thu, May 20, 2021 at 03:55:27PM +0200, Jan Kara wrote:
There's one thing that I'd like to mention, and it's something in
regards to the overall approach we've taken that I'm not particularly
happy about and I'd like to hear all your thoughts. Basically, with
this approach the pidfd creation is done only once an event has been
queued and the notification worker wakes up and picks up the event
from the queue processes it. There's a subtle latency introduced when
taking such an approach which at times leads to pidfd creation
failures. As in, by the time pidfd_create() is called the struct pid
has already been reaped, which then results in FAN_NOPIDFD being
returned in the pidfd info record.

Having said that, I'm wondering what the thoughts are on doing pidfd
creation earlier on i.e. in the event allocation stages? This way, the
struct pid is pinned earlier on and rather than FAN_NOPIDFD being
returned in the pidfd info record because the struct pid has been
already reaped, userspace application will atleast receive a valid
pidfd which can be used to check whether the process still exists or
not. I think it'll just set the expectation better from an API
perspective.

Yes, there's this race. OTOH if FAN_NOPIDFD is returned, the listener can
be sure the original process doesn't exist anymore. So is it useful to
still receive pidfd of the dead process?

Well, you're absolutely right. However, FWIW I was approaching this
from two different angles:

1) I wanted to keep the pattern in which the listener checks for the
   existence/recycling of the process consistent. As in, the listener
   would receive the pidfd, then send the pidfd a signal via
   pidfd_send_signal() and check for -ESRCH which clearly indicates
   that the target process has terminated.

2) I didn't want to mask failed pidfd creation because of early
   process termination and other possible failures behind a single
   FAN_NOPIDFD. IOW, if we take the -ESRCH approach above, the
   listener can take clear corrective branches as what's to be done
   next if a race is to have been detected, whereas simply returning
   FAN_NOPIDFD at this stage can mean multiple things.

Now that I've written the above and keeping in mind that we'd like to
refrain from doing anything in the event allocation stages, perhaps we
could introduce a different error code for detecting early process
termination while attempting to construct the info record. WDYT?

Sure, I wouldn't like to overengineer it but having one special fd value for
"process doesn't exist anymore" and another for general "creating pidfd
failed" looks OK to me.

FAN_EPIDFD -> "creation failed"
FAN_NOPIDFD -> "no such process"

?

Christian

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help