From: ebiederm@xmission.com (Eric W. Biederman)
To: Mathieu Poirier <mathieu.poirier@linaro.org>
Cc: Kim Phillips <kim.phillips@arm.com>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
Alex Williamson <alex.williamson@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
David Howells <dhowells@redhat.com>,
Eric Auger <eric.auger@redhat.com>,
Gargi Sharma <gs051095@gmail.com>,
Geert Uytterhoeven <geert+renesas@glider.be>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Kefeng Wang <wangkefeng.wang@huawei.com>,
Kirill Tkhai <ktkhai@virtuozzo.com>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Oleg Nesterov <oleg@redhat.com>,
Pavel Tatashin <pasha.tatashin@oracle.com>,
Rik van Riel <riel@redhat.com>,
Robin Murphy <robin.murphy@arm.com>,
Russell King <linux@armlinux.org.uk>,
Thierry Reding <treding@nvidia.com>,
Todd Kjos <tkjos@google.com>,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/4] pid: Export find_task_by_vpid for use in external modules
Date: Wed, 09 May 2018 21:35:07 -0500 [thread overview]
Message-ID: <87k1scs0f8.fsf@xmission.com> (raw)
In-Reply-To: <20180509152505.GA25559@xps15> (Mathieu Poirier's message of "Wed, 9 May 2018 09:25:05 -0600")
Mathieu Poirier <mathieu.poirier@linaro.org> writes:
> On Tue, May 08, 2018 at 11:59:38PM -0500, Eric W. Biederman wrote:
>> Kim Phillips <kim.phillips@arm.com> writes:
>>
>> > This patch is in the context of allowing the Coresight h/w
>> > trace driver suite to be loaded as modules. Coresight uses
>> > find_task_by_vpid when running in direct capture mode (via sysfs)
>> > when getting/setting the context ID comparator to trigger on
>> > (/sys/bus/coresight/devices/<x>.etm/ctxid_pid).
>>
>> Aside from my objection about how bad an interface a pid in sysfs is.
>> The implementation of coresight_vpid_to_pid is horrible.
>>
>> The code should be just:
>>
>> static inline pid_t coresight_vpid_to_pid(pid_t vpid)
>> {
>> rcu_read_lock();
>> pid = pid_nr(find_vpid(vpid));
>> rcu_read_unlock();
>>
>> return pid;
>> }
>> Which takes find_task_by_vpid out of the picture.
>
> Many thanks for pointing out the right way to do this. When Chunyan added
> this feature she broadly published her work and find_task_by_vpid() is the
> function she was asked to used.
Clearly no one was thinking through the implications of a sysfs file
which does not have pid namespace support on namespacing. I am quite
upset at this mess of an API. It is not a maintainable way to do things.
>> But reading further I am seeing code writing a pid to hardware. That is
>> broken. That is a layering violation of the first order. Giving
>> implementation details like that to hardware.
>
> This is how the feature works - as Robin pointed out tracers are designed to
> match pid values with the CPU's contextID register. The input value has no
> other effect than triggering trace collection, which has absolutely no baring on
> the CPU.
So please tell me how we make the tracer pid namespace aware. Or is it
guaranteed that only the global root user will use this functionality?
As you are taking a vpid it looks like users with lesser privileges are
able to request this. From the other reply it appears this is the
value the tracer returns to put in logs. Perhaps I missed it but I
didn't see anything that translated from the global pid to something
else. Which would make using this feature in a pid namespace confusing
and a problematic information leak if I have understood what has been
said so far.
Eric
next prev parent reply other threads:[~2018-05-10 2:35 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-08 19:06 [PATCH 2/4] pid: Export find_task_by_vpid for use in external modules Kim Phillips
2018-05-09 1:23 ` Eric W. Biederman
2018-05-09 4:59 ` Eric W. Biederman
2018-05-09 11:17 ` Robin Murphy
2018-05-09 15:25 ` Mathieu Poirier
2018-05-10 2:35 ` Eric W. Biederman [this message]
2018-05-10 8:40 ` Russell King - ARM Linux
2018-05-10 19:39 ` Mathieu Poirier
2018-05-10 19:44 ` Russell King - ARM Linux
2018-05-17 5:39 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87k1scs0f8.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=akpm@linux-foundation.org \
--cc=alex.williamson@redhat.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=dhowells@redhat.com \
--cc=eric.auger@redhat.com \
--cc=geert+renesas@glider.be \
--cc=gregkh@linuxfoundation.org \
--cc=gs051095@gmail.com \
--cc=kim.phillips@arm.com \
--cc=ktkhai@virtuozzo.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=mathieu.poirier@linaro.org \
--cc=oleg@redhat.com \
--cc=pasha.tatashin@oracle.com \
--cc=riel@redhat.com \
--cc=robin.murphy@arm.com \
--cc=rppt@linux.vnet.ibm.com \
--cc=tkjos@google.com \
--cc=treding@nvidia.com \
--cc=wangkefeng.wang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox