From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C280FC433FE for ; Thu, 29 Sep 2022 22:16:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229627AbiI2WP6 (ORCPT ); Thu, 29 Sep 2022 18:15:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55164 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229908AbiI2WPw (ORCPT ); Thu, 29 Sep 2022 18:15:52 -0400 Received: from out02.mta.xmission.com (out02.mta.xmission.com [166.70.13.232]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3D655FE066; Thu, 29 Sep 2022 15:15:51 -0700 (PDT) Received: from in02.mta.xmission.com ([166.70.13.52]:55560) by out02.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1oe1oq-002lCZ-1p; Thu, 29 Sep 2022 16:15:48 -0600 Received: from ip68-110-29-46.om.om.cox.net ([68.110.29.46]:45284 helo=email.froward.int.ebiederm.org.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1oe1op-000Pl2-7Q; Thu, 29 Sep 2022 16:15:47 -0600 From: "Eric W. Biederman" To: Linus Torvalds Cc: Al Viro , David Laight , "linux-kernel@vger.kernel.org" , "netdev@vger.kernel.org" , "Serge E. Hallyn" References: Date: Thu, 29 Sep 2022 17:14:15 -0500 In-Reply-To: (Linus Torvalds's message of "Thu, 29 Sep 2022 14:29:03 -0700") Message-ID: <871qrt4ymg.fsf@email.froward.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1oe1op-000Pl2-7Q;;;mid=<871qrt4ymg.fsf@email.froward.int.ebiederm.org>;;;hst=in02.mta.xmission.com;;;ip=68.110.29.46;;;frm=ebiederm@xmission.com;;;spf=softfail X-XM-AID: U2FsdGVkX1/Kgg40InDQOLmiJmmc2A5ti3S+yB3YXvs= X-SA-Exim-Connect-IP: 68.110.29.46 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [PATCH 3/4] proc: Point /proc/net at /proc/thread-self/net instead of /proc/self/net X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Linus Torvalds writes: > On Thu, Sep 29, 2022 at 2:15 PM Al Viro wrote: >> >> FWIW, what e.g. debian profile for dhclient has is >> @{PROC}/@{pid}/net/dev r, >> >> Note that it's not >> @{PROC}/net/dev r, > > Argh. Yeah, then a bind mount or a hardlink won't work either, you're > right. I was assuming that any Apparmor rules allowed for just > /proc/net. > > Oh well. I guess we're screwed any which way we turn. I actually think there is a solution. Instead of going to /proc/self/net -> /proc/tgid/net or /proc/thread-self/net -> /proc/tgid/task/tid/net We should be able to go to: /proc/tid/net That directory does not show up in readdir, but the tid directories were put in /proc because of how our pthread support evolved and gdb which made gdb expect them to be their. That should continue to work with the incomplete apparmor rules that don't allow accessing /proc/tgid/tid/net for some reason. Eric