Re: [PATCH 4/5] pidfd: add CLONE_WAIT_PID

From: Christian Brauner <christian@brauner.io>
To: Jann Horn <jannh@google.com>
Cc: kernel list <linux-kernel@vger.kernel.org>,
	Oleg Nesterov <oleg@redhat.com>, Arnd Bergmann <arnd@arndb.de>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	Kees Cook <keescook@chromium.org>,
	"Joel Fernandes (Google)" <joel@joelfernandes.org>,
	Thomas Gleixner <tglx@linutronix.de>, Tejun Heo <tj@kernel.org>,
	David Howells <dhowells@redhat.com>,
	Andy Lutomirski <luto@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Aleksa Sarai <cyphar@cyphar.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Al Viro <viro@zeniv.linux.org.uk>,
	kernel-team <kernel-team@android.com>,
	Ingo Molnar <mingo@redhat.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Linux API <linux-api@vger.kernel.org>
Subject: Re: [PATCH 4/5] pidfd: add CLONE_WAIT_PID
Date: Wed, 24 Jul 2019 20:27:21 +0200	[thread overview]
Message-ID: <CFB4D39F-24B9-4AD9-B19C-E2D14D38A808@brauner.io> (raw)
In-Reply-To: <CAG48ez3nuY__qvctoOnX7mQbjjP4chEs4K-OPxSQficiPLS18w@mail.gmail.com>

On July 24, 2019 8:14:26 PM GMT+02:00, Jann Horn <jannh@google.com> wrote:
>On Wed, Jul 24, 2019 at 4:48 PM Christian Brauner
><christian@brauner.io> wrote:
>> If CLONE_WAIT_PID is set the newly created process will not be
>> considered by process wait requests that wait generically on children
>> such as:
>>
>>         syscall(__NR_wait4, -1, wstatus, options, rusage)
>>         syscall(__NR_waitpid, -1, wstatus, options)
>>         syscall(__NR_waitid, P_ALL, -1, siginfo, options, rusage)
>>         syscall(__NR_waitid, P_PGID, -1, siginfo, options, rusage)
>>         syscall(__NR_waitpid, -pid, wstatus, options)
>>         syscall(__NR_wait4, -pid, wstatus, options, rusage)
>>
>> A process created with CLONE_WAIT_PID can only be waited upon with a
>> focussed wait call. This ensures that processes can be reaped even if
>> all file descriptors referring to it are closed.
>[...]
>> diff --git a/kernel/fork.c b/kernel/fork.c
>> index baaff6570517..a067f3876e2e 100644
>> --- a/kernel/fork.c
>> +++ b/kernel/fork.c
>> @@ -1910,6 +1910,8 @@ static __latent_entropy struct task_struct
>*copy_process(
>>         delayacct_tsk_init(p);  /* Must remain after
>dup_task_struct() */
>>         p->flags &= ~(PF_SUPERPRIV | PF_WQ_WORKER | PF_IDLE);
>>         p->flags |= PF_FORKNOEXEC;
>> +       if (clone_flags & CLONE_WAIT_PID)
>> +               p->flags |= PF_WAIT_PID;
>>         INIT_LIST_HEAD(&p->children);
>>         INIT_LIST_HEAD(&p->sibling);
>>         rcu_copy_process(p);
>
>This means that if a process with PF_WAIT_PID forks, the child
>inherits the flag, right? That seems unintended? You might have to add
>something like "if (clone_flags & CLONE_THREAD == 0) p->flags &=
>~PF_WAIT_PID;" before this. (I think threads do have to inherit the
>flag so that the case where a non-leader thread of the child goes
>through execve and steals the leader's identity is handled properly.)
>Or you could cram it somewhere into signal_struct instead of on the
>task - that might be a more logical place for it?

Hm, CLONE_WAIT_PID is only useable with CLONE_PIDFD which in turn is
not useable with CLONE_THREAD.
But we should probably make that explicit for CLONE_WAIT_PID too.