From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.4 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A0920C56201 for ; Tue, 27 Oct 2020 10:39:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3A5ED20829 for ; Tue, 27 Oct 2020 10:39:58 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SX3vumt+" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2898131AbgJ0K2v (ORCPT ); Tue, 27 Oct 2020 06:28:51 -0400 Received: from mail-lj1-f194.google.com ([209.85.208.194]:32911 "EHLO mail-lj1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2898049AbgJ0K2u (ORCPT ); Tue, 27 Oct 2020 06:28:50 -0400 Received: by mail-lj1-f194.google.com with SMTP id c21so1168209ljj.0 for ; Tue, 27 Oct 2020 03:28:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SXBs8vJX4cJod5E0ma8hUPOwIJojpK61dnpKV/ODZKw=; b=SX3vumt+l2xFwFJ7RtGU6f2QwqvLXBNvJIBGPSr2ScNXfHRvXmCpg0n+1g5TYU5nLS er6t1l0zNORBj09H+ZooUZPlhEvAKaZMbyK0tHvjx0xf52Lc9zV+/VxaRuXfwO4j3DZS BSNoLT8j8uzFqjMddbNAbinjHbTmVWxpugf1ax7hBpEqrp2fvnzsaWEb4iG/OB2c4AIp FrLQX+f5C4iZYd6tWM5RnEW7S020S60vUQngFeSZlbJMHUEJWPe4WaELOPFP4YaGQrF2 Er58dEZ1XpSNCN8LI1ddVAiSEzdRCBcuY84l0Wi5OvgFYxs5XmBA8iYYSQdbkdikXUET gTzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SXBs8vJX4cJod5E0ma8hUPOwIJojpK61dnpKV/ODZKw=; b=C1nOBNhgUc5c9bqUs2hX3d+HhjNkFYoWadpo/6ejoce/opnF+3BGVhHTDdM8jnEbvm wTq3y/Swmgm0wOb2VV5MaMT58jOBZ0QMZuz0lXiPGza45ytlM6NQl7vKhJ35KL/AY/+k m/p7+0ZBkimo+XOlxLTkTiskq2WJp1Bk+IR3D0zHB9s1JNAHNQG4gGx9zJ5Pq5AplfML P8J6DtpWSuv5UCbnHcsmiBq8R1mFKyO/P8B/Nk2IabIvNF7eCGgn9H0FCY8jwqYdB7F5 Sc5lNJ1OzTxot1rVNvQPx25QrDijP9QHIEThmEmR6NPBmWfcYUsrNo84i54gxJwWLrld 6bcg== X-Gm-Message-State: AOAM530cVtqK2V2rGOCnSdWfj62y0W6ajc4CXSNSSRDdNp9FdyVrpkKl vre3fkAU6ufis5vcbeNIU65SmGFlG6S9Cl0+AKNfKQ== X-Google-Smtp-Source: ABdhPJxJshhNft3hUOxXAULUlOUPgHVANJYgBC/Mm8PWirgk1D2JwvX0yuxEiO1qIxFs4Z4pw393eScZt+DPrsMeX1c= X-Received: by 2002:a2e:9c84:: with SMTP id x4mr750615lji.326.1603794527981; Tue, 27 Oct 2020 03:28:47 -0700 (PDT) MIME-Version: 1.0 References: <45f07f17-18b6-d187-0914-6f341fe90857@gmail.com> <20200930150330.GC284424@cisco> <8bcd956f-58d2-d2f0-ca7c-0a30f3fcd5b8@gmail.com> <20200930230327.GA1260245@cisco> <20200930232456.GB1260245@cisco> <656a37b5-75e3-0ded-6ba8-3bb57b537b24@gmail.com> In-Reply-To: From: Jann Horn Date: Tue, 27 Oct 2020 11:28:20 +0100 Message-ID: Subject: Re: For review: seccomp_user_notif(2) manual page To: "Michael Kerrisk (man-pages)" Cc: Tycho Andersen , Sargun Dhillon , Kees Cook , Christian Brauner , linux-man , lkml , Aleksa Sarai , Alexei Starovoitov , Will Drewry , bpf , Song Liu , Daniel Borkmann , Andy Lutomirski , Linux Containers , Giuseppe Scrivano , Robert Sesek Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-man@vger.kernel.org On Tue, Oct 27, 2020 at 7:14 AM Michael Kerrisk (man-pages) wrote: > On 10/26/20 4:54 PM, Jann Horn wrote: > > I'm a bit on the fence now on whether non-blocking mode should use > > ENOTCONN or not... I guess if we returned ENOENT even when there are > > no more listeners, you'd have to disambiguate through the poll() > > revents, which would be kinda ugly? > > I must confess, I'm not quite clear on which two cases you > are trying to distinguish. Can you elaborate? Let's say someone writes a program whose responsibilities are just to handle seccomp events and to listen on some other fd for commands. And this is implemented with an event loop. Then once all the target processes are gone (including zombie reaping), we'll start getting EPOLLERR. If NOTIF_RECV starts returning -ENOTCONN at this point, the event loop can just call into the seccomp logic without any arguments; it can just call NOTIF_RECV one more time, see the -ENOTCONN, and terminate. The downside is that there's one more error code userspace has to special-case. This would be more consistent with what we'd be doing in the blocking case. If NOTIF_RECV keeps returning -ENOENT, the event loop has to also tell the seccomp logic what the revents are. I guess it probably doesn't really matter much.