From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.4 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D8A5C4363A for ; Tue, 27 Oct 2020 10:37:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0E09E22281 for ; Tue, 27 Oct 2020 10:37:59 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SX3vumt+" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2898133AbgJ0K2v (ORCPT ); Tue, 27 Oct 2020 06:28:51 -0400 Received: from mail-lj1-f196.google.com ([209.85.208.196]:39181 "EHLO mail-lj1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2898050AbgJ0K2u (ORCPT ); Tue, 27 Oct 2020 06:28:50 -0400 Received: by mail-lj1-f196.google.com with SMTP id m16so1138648ljo.6 for ; Tue, 27 Oct 2020 03:28:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SXBs8vJX4cJod5E0ma8hUPOwIJojpK61dnpKV/ODZKw=; b=SX3vumt+l2xFwFJ7RtGU6f2QwqvLXBNvJIBGPSr2ScNXfHRvXmCpg0n+1g5TYU5nLS er6t1l0zNORBj09H+ZooUZPlhEvAKaZMbyK0tHvjx0xf52Lc9zV+/VxaRuXfwO4j3DZS BSNoLT8j8uzFqjMddbNAbinjHbTmVWxpugf1ax7hBpEqrp2fvnzsaWEb4iG/OB2c4AIp FrLQX+f5C4iZYd6tWM5RnEW7S020S60vUQngFeSZlbJMHUEJWPe4WaELOPFP4YaGQrF2 Er58dEZ1XpSNCN8LI1ddVAiSEzdRCBcuY84l0Wi5OvgFYxs5XmBA8iYYSQdbkdikXUET gTzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SXBs8vJX4cJod5E0ma8hUPOwIJojpK61dnpKV/ODZKw=; b=ZL8R9+xfH73tkTL0irllxt9afjXWgOxX4bKhqJshCj6m9J2/PtE9Xf/m6AbIgWNt2S mhn8TyPgfh4EV+01/gqDbj4yiTO/1DMrGRp+SVU/KwYW/Mtz/M0pwzDk6A5kW1vjf93t wGnAqdojIOwq/8CCO6HFOv/EmE1JikngyW80C+yKBk0Me6iq9fuTqFC6purAdwwHV7VL GrBUqCGqt3eglih3PJoq5oma3VwqyuXwYdBIDh9XLe9rkBwBWHdgaf9ZnYrN5hWq65lJ k343DTHo5FQuV1NL/ikDU3xneBnK1f90IL/wzZM3MwPKzzj8KZ9tH7MQLN5XRjngY2EI CaTQ== X-Gm-Message-State: AOAM533MT/Q8/+mdNuy32/RaOhix/dxU+Wjguo8Mlnk64Fw3L//5OSr9 z4fIYjIZV0dazNBdot8D4Yd/URv28jWvmVQZZUVBMA== X-Google-Smtp-Source: ABdhPJxJshhNft3hUOxXAULUlOUPgHVANJYgBC/Mm8PWirgk1D2JwvX0yuxEiO1qIxFs4Z4pw393eScZt+DPrsMeX1c= X-Received: by 2002:a2e:9c84:: with SMTP id x4mr750615lji.326.1603794527981; Tue, 27 Oct 2020 03:28:47 -0700 (PDT) MIME-Version: 1.0 References: <45f07f17-18b6-d187-0914-6f341fe90857@gmail.com> <20200930150330.GC284424@cisco> <8bcd956f-58d2-d2f0-ca7c-0a30f3fcd5b8@gmail.com> <20200930230327.GA1260245@cisco> <20200930232456.GB1260245@cisco> <656a37b5-75e3-0ded-6ba8-3bb57b537b24@gmail.com> In-Reply-To: From: Jann Horn Date: Tue, 27 Oct 2020 11:28:20 +0100 Message-ID: Subject: Re: For review: seccomp_user_notif(2) manual page To: "Michael Kerrisk (man-pages)" Cc: Tycho Andersen , Sargun Dhillon , Kees Cook , Christian Brauner , linux-man , lkml , Aleksa Sarai , Alexei Starovoitov , Will Drewry , bpf , Song Liu , Daniel Borkmann , Andy Lutomirski , Linux Containers , Giuseppe Scrivano , Robert Sesek Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org On Tue, Oct 27, 2020 at 7:14 AM Michael Kerrisk (man-pages) wrote: > On 10/26/20 4:54 PM, Jann Horn wrote: > > I'm a bit on the fence now on whether non-blocking mode should use > > ENOTCONN or not... I guess if we returned ENOENT even when there are > > no more listeners, you'd have to disambiguate through the poll() > > revents, which would be kinda ugly? > > I must confess, I'm not quite clear on which two cases you > are trying to distinguish. Can you elaborate? Let's say someone writes a program whose responsibilities are just to handle seccomp events and to listen on some other fd for commands. And this is implemented with an event loop. Then once all the target processes are gone (including zombie reaping), we'll start getting EPOLLERR. If NOTIF_RECV starts returning -ENOTCONN at this point, the event loop can just call into the seccomp logic without any arguments; it can just call NOTIF_RECV one more time, see the -ENOTCONN, and terminate. The downside is that there's one more error code userspace has to special-case. This would be more consistent with what we'd be doing in the blocking case. If NOTIF_RECV keeps returning -ENOENT, the event loop has to also tell the seccomp logic what the revents are. I guess it probably doesn't really matter much.