From: Christian Brauner <christian@brauner.io> To: ebiederm@xmission.com, linux-kernel@vger.kernel.org Cc: serge@hallyn.com, jannh@google.com, luto@kernel.org, akpm@linux-foundation.org, oleg@redhat.com, cyphar@cyphar.com, viro@zeniv.linux.org.uk, linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org, dancol@google.com, timmurray@google.com, linux-man@vger.kernel.org, Christian Brauner <christian@brauner.io> Subject: [PATCH v1 0/2] proc: allow signaling processes via file descriptors Date: Mon, 19 Nov 2018 11:32:37 +0100 [thread overview] Message-ID: <20181119103241.5229-1-christian@brauner.io> (raw) Hey, This little series introduces the ability to signal processes via file descriptors to eliminate race-conditions caused by pid recycling. With this patch an open() call on /proc/<pid> will give userspace a handle to struct pid of the process associated with /proc/<pid>. This allows to maintain a stable handle on a process. Discussion has shown that a dedicated syscall is prefered over an ioctl(). Thus, the new syscall procfd_signal() is introduced to solve this problem. It operates on a process file descriptor. More details are found in the individual commit messages. With this series a process can be killed via: #define _GNU_SOURCE #include <errno.h> #include <fcntl.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <signal.h> #include <sys/stat.h> #include <sys/syscall.h> #include <sys/types.h> #include <unistd.h> int main(int argc, char *argv[]) { int ret; char buf[1000]; if (argc < 2) exit(EXIT_FAILURE); ret = snprintf(buf, sizeof(buf), "/proc/%s", argv[1]); if (ret < 0) exit(EXIT_FAILURE); int fd = open(buf, O_DIRECTORY | O_CLOEXEC); if (fd < 0) { printf("%s - Failed to open \"%s\"\n", strerror(errno), buf); exit(EXIT_FAILURE); } ret = syscall(__NR_procfd_signal, fd, SIGKILL, NULL, 0); if (ret < 0) { printf("Failed to send SIGKILL \"%s\"\n", strerror(errno)); close(fd); exit(EXIT_FAILURE); } close(fd); exit(EXIT_SUCCESS); } Thanks! Christian Christian Brauner (2): proc: get process file descriptor from /proc/<pid> signal: add procfd_signal() syscall procfd_signal.2: document procfd_signal syscall arch/x86/entry/syscalls/syscall_32.tbl | 1 + arch/x86/entry/syscalls/syscall_64.tbl | 1 + fs/proc/base.c | 23 ++++++++ include/linux/proc_fs.h | 1 + include/linux/syscalls.h | 2 + kernel/signal.c | 76 ++++++++++++++++++++++++-- 6 files changed, 98 insertions(+), 6 deletions(-) -- 2.19.1
next reply other threads:[~2018-11-19 10:33 UTC|newest] Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-11-19 10:32 Christian Brauner [this message] 2018-11-19 10:32 ` [PATCH v1 1/2] proc: get process file descriptor from /proc/<pid> Christian Brauner 2018-11-19 15:32 ` Andy Lutomirski 2018-11-19 18:20 ` Christian Brauner 2018-11-19 10:32 ` [PATCH v1 2/2] signal: add procfd_signal() syscall Christian Brauner 2018-11-19 15:45 ` Andy Lutomirski 2018-11-19 15:57 ` Daniel Colascione 2018-11-19 18:39 ` Christian Brauner 2018-11-19 15:59 ` Daniel Colascione 2018-11-19 18:29 ` Christian Brauner 2018-11-19 19:02 ` Eric W. Biederman 2018-11-19 19:31 ` Christian Brauner 2018-11-19 19:39 ` Daniel Colascione 2018-11-19 17:10 ` Eugene Syromiatnikov 2018-11-19 18:23 ` Christian Brauner 2018-11-19 17:14 ` Eugene Syromiatnikov 2018-11-19 20:28 ` Aleksa Sarai 2018-11-19 20:55 ` Christian Brauner 2018-11-19 21:13 ` Christian Brauner 2018-11-19 21:18 ` Aleksa Sarai 2018-11-19 21:20 ` Christian Brauner 2018-11-19 21:21 ` Christian Brauner 2018-11-19 21:25 ` Aleksa Sarai 2018-11-19 21:26 ` Daniel Colascione 2018-11-19 21:36 ` Aleksa Sarai 2018-11-19 21:37 ` Christian Brauner 2018-11-19 21:41 ` Daniel Colascione 2018-11-20 4:59 ` Eric W. Biederman 2018-11-20 10:31 ` Christian Brauner 2018-11-21 21:39 ` Serge E. Hallyn 2018-11-19 21:23 ` Aleksa Sarai 2018-11-22 7:41 ` Serge E. Hallyn 2018-11-19 22:39 ` Tycho Andersen 2018-11-19 22:49 ` Daniel Colascione 2018-11-19 23:07 ` Tycho Andersen 2018-11-20 0:27 ` Andy Lutomirski 2018-11-20 0:32 ` Christian Brauner 2018-11-20 0:34 ` Andy Lutomirski 2018-11-20 0:49 ` Daniel Colascione 2018-11-22 7:48 ` Serge E. Hallyn 2018-11-19 23:35 ` kbuild test robot 2018-11-19 23:37 ` kbuild test robot 2018-11-19 23:45 ` Christian Brauner 2018-11-28 21:45 ` Joey Pabalinas 2018-11-28 22:05 ` Christian Brauner 2018-11-28 23:02 ` Joey Pabalinas 2018-11-19 10:32 ` [PATCH] procfd_signal.2: document procfd_signal syscall Christian Brauner 2018-11-20 13:29 ` Michael Kerrisk (man-pages) 2018-11-28 20:59 ` Florian Weimer 2018-11-28 21:12 ` Christian Brauner
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181119103241.5229-1-christian@brauner.io \ --to=christian@brauner.io \ --cc=akpm@linux-foundation.org \ --cc=cyphar@cyphar.com \ --cc=dancol@google.com \ --cc=ebiederm@xmission.com \ --cc=jannh@google.com \ --cc=linux-api@vger.kernel.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-man@vger.kernel.org \ --cc=luto@kernel.org \ --cc=oleg@redhat.com \ --cc=serge@hallyn.com \ --cc=timmurray@google.com \ --cc=viro@zeniv.linux.org.uk \ --subject='Re: [PATCH v1 0/2] proc: allow signaling processes via file descriptors' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).