From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tycho Andersen Subject: Re: [PATCH v6 4/5] seccomp: add support for passing fds via USER_NOTIF Date: Tue, 25 Sep 2018 06:53:27 -0600 Message-ID: <20180925125327.GB9537@cisco> References: <20180906152859.7810-1-tycho@tycho.ws> <20180906152859.7810-5-tycho@tycho.ws> <20180919095536.GM4672@cisco> <20180919143842.GN4672@cisco> <20180920234240.GR4672@cisco> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org To: Andy Lutomirski Cc: Kees Cook , LKML , Linux Containers , Linux API , Oleg Nesterov , "Eric W. Biederman" , "Serge E. Hallyn" , Christian Brauner , Tyler Hicks , Akihiro Suda , Jann Horn List-Id: linux-api@vger.kernel.org On Thu, Sep 20, 2018 at 07:18:45PM -0700, Andy Lutomirski wrote: > Hmm. This does mean that we need a test case for a user notifier > returning -ERESTARTSYS. It should Just Work (tm), but those are > famous last words. Just to confirm, I've got a test case that works like this: 1. fork and install a SIGUSR1 handler 2. tracee does a syscall that gets trapped 3. send SIGUSR1 4. respond from the listener with -ERESTARTSYS 5. see another of the same syscall, even though the tracee still thinks its in the first one 6. respond with something reasonable, the tracee sees this response I think that's the intended behavior. Note that when the listener responds with -ERESTARTSYS and there is no signal pending, the task just dies. That might be reasonable, I'm not sure. Tycho