From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751734AbcFWHHC (ORCPT <rfc822;w@1wt.eu>);
	Thu, 23 Jun 2016 03:07:02 -0400
Received: from mail-wm0-f49.google.com ([74.125.82.49]:37773 "EHLO
	mail-wm0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751241AbcFWHG7 (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Thu, 23 Jun 2016 03:06:59 -0400
Subject: Re: Documenting ptrace access mode checking
To: Oleg Nesterov <oleg@redhat.com>,
        "Eric W. Biederman" <ebiederm@xmission.com>
References: <e335a243-2199-2185-c7b3-fb1c898e9ab4@gmail.com>
 <87ziqewc3r.fsf@x220.int.ebiederm.org> <20160622215142.GA14751@redhat.com>
Cc: mtk.manpages@gmail.com, Jann Horn <jann@thejh.net>,
        James Morris <jmorris@namei.org>,
        linux-man <linux-man@vger.kernel.org>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        lkml <linux-kernel@vger.kernel.org>, Kees Cook <keescook@chromium.org>,
        linux-security-module <linux-security-module@vger.kernel.org>,
        Linux API <linux-api@vger.kernel.org>
From: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
Message-ID: <f8069f83-f7b6-ee2c-5167-fa0d50732180@gmail.com>
Date: Thu, 23 Jun 2016 09:06:55 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.1.0
MIME-Version: 1.0
In-Reply-To: <20160622215142.GA14751@redhat.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Oleg,

On 06/22/2016 11:51 PM, Oleg Nesterov wrote:
> On 06/21, Eric W. Biederman wrote:
>>
>> Adding Oleg just because he seems to do most of the ptrace related
>> maintenance these days.
>
> so I have to admit that I never even tried to actually understand
> ptrace_may_access ;)
>
>> We certainly need something that gives a high level view so people
>> reading the man page can know what to expect.   If you get down into the
>> weeds we run the danger of people beginning to think they can depend
>> upon bugs in the implementation.
>
> Personally I agree. I think "man ptrace" shouldn't not tell too much
> about kernel internals.

See my other replies on this topic. Somehow, we need a way of
describing the behavior that user-space sees. I think it's
inevitable that that means talking about what;s going on
"under the hood".

Regarding Eric's point that "we run the danger of people beginning
to think they can depend upon bugs in the implementation": when it
comes to breaking the ABI, the presence or absence of documentation
doesn't save us on that point (Linus has a few times made his position
wrt to documentation clear).

Cheers,

Michael

-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/