From: Hagen Paul Pfeifer <hagen@jauu.net>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Jann Horn <jannh@google.com>,
Christian Brauner <christian.brauner@ubuntu.com>,
kernel list <linux-kernel@vger.kernel.org>,
Florian Weimer <fweimer@redhat.com>,
Al Viro <viro@zeniv.linux.org.uk>,
Christian Brauner <christian@brauner.io>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>, Arnd Bergmann <arnd@arndb.de>,
Brian Gerst <brgerst@gmail.com>,
Sami Tolvanen <samitolvanen@google.com>,
David Howells <dhowells@redhat.com>,
Aleksa Sarai <cyphar@cyphar.com>,
Andy Lutomirski <luto@kernel.org>,
Oleg Nesterov <oleg@redhat.com>,
Arnaldo Carvalho de Melo <acme@redhat.com>,
Sargun Dhillon <sargun@sargun.me>,
Linux API <linux-api@vger.kernel.org>,
linux-arch <linux-arch@vger.kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [RFC v2] ptrace, pidfd: add pidfd_ptrace syscall
Date: Mon, 27 Apr 2020 20:59:29 +0200 [thread overview]
Message-ID: <20200427185929.GA1768@laniakea> (raw)
In-Reply-To: <87zhawdc6w.fsf@x220.int.ebiederm.org>
* Eric W. Biederman | 2020-04-27 13:18:47 [-0500]:
>I am conflicted about that but I have to agree. Instead of
>duplicating everything it would be good enough to duplicate the once
>that cause the process to be attached to use. Then there would be no
>more pid races to worry about.
>How does this differ using the tracing related infrastructure we have
>for the kernel on a userspace process? I suspect augmenting the tracing
>infrastructure with the ability to set breakpoints and watchpoints (aka
>stopping userspace threads and processes might be a more fertile
>direction to go).
>
>But I agree either we want to just address the races in PTRACE_ATTACH
>and PTRACE_SIEZE or we want to take a good hard look at things.
>
>There is a good case for minimal changes because one of the cases that
>comes up is how much work will it take to change existing programs. But
>ultimately ptrace pretty much sucks so a very good set of test cases and
>documentation for what we want to implement would be a very good idea.
Hey Eric, Jann, Christian, Arnd,
thank you for your valuable input! IMHO I think we have exactly two choices
here:
a) we go with my patchset that is 100% ptrace feature compatible - except the
pidfd thing - now and in the future. If ptrace is extended pidfd_ptrace is
automatically extended and vice versa. Both APIs are feature identical
without any headaches.
b) leave ptrace completely behind us and design ptrace that we have always
dreamed of! eBPF filters, ftrace kernel architecture, k/uprobe goodness,
a speedy API to copy & modify large chunks of data, io_uring/epoll support
and of course: pidfd based (missed likely thousands of other dreams)
I think a solution in between is not worth the effort! It will not be
compatible in any way for the userspace and the benefit will be negligible.
Ptrace is horrible API - everybody knows that but developers get comfy with
it. You find examples everywhere, why should we make it harder for the user for
no or little benefit (except that stable handle with pidfd and some cleanups)?
Any thoughts on this?
Hagen
next prev parent reply other threads:[~2020-04-27 18:59 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-26 13:01 [RFC] ptrace, pidfd: add pidfd_ptrace syscall Hagen Paul Pfeifer
2020-04-26 16:34 ` [RFC v2] " Hagen Paul Pfeifer
2020-04-27 8:30 ` Arnd Bergmann
2020-04-27 9:00 ` Hagen Paul Pfeifer
2020-04-27 17:08 ` Christian Brauner
2020-04-27 17:52 ` Jann Horn
2020-04-27 18:18 ` Eric W. Biederman
2020-04-27 18:59 ` Hagen Paul Pfeifer [this message]
2020-04-27 20:08 ` Arnd Bergmann
2020-04-27 20:13 ` Christian Brauner
2020-04-28 0:45 ` Aleksa Sarai
2020-04-28 1:36 ` Linus Torvalds
2020-04-28 4:17 ` Andy Lutomirski
2020-04-28 4:28 ` Linus Torvalds
2020-04-28 6:39 ` Hagen Paul Pfeifer
2020-04-28 7:45 ` Christian Brauner
2020-04-28 8:21 ` Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200427185929.GA1768@laniakea \
--to=hagen@jauu.net \
--cc=acme@redhat.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=christian.brauner@ubuntu.com \
--cc=christian@brauner.io \
--cc=cyphar@cyphar.com \
--cc=dhowells@redhat.com \
--cc=ebiederm@xmission.com \
--cc=fweimer@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=jannh@google.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=oleg@redhat.com \
--cc=samitolvanen@google.com \
--cc=sargun@sargun.me \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).