Re: For review: seccomp_user_notif(2) manual page

From: Michael Kerrisk (man-pages)
Date: Mon Oct 26 2020 - 05:51:45 EST

Next message: Paolo Abeni: "Re: [PATCH] net: udp: increase UDP_MIB_RCVBUFERRORS when ENOBUFS"
Previous message: Jan Kara: "Re: kernel BUG at mm/page-writeback.c:2241 [ BUG_ON(PageWriteback(page); ]"
In reply to: Jann Horn: "Re: For review: seccomp_user_notif(2) manual page"
Next in thread: Michael Kerrisk (man-pages): "Re: For review: seccomp_user_notif(2) manual page"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Jann,

On 10/26/20 10:32 AM, Jann Horn wrote:
> On Sat, Oct 24, 2020 at 2:53 PM Michael Kerrisk (man-pages)
> <mtk.manpages@xxxxxxxxx> wrote:
>> On 10/17/20 2:25 AM, Jann Horn wrote:
>>> On Fri, Oct 16, 2020 at 8:29 PM Michael Kerrisk (man-pages)
>>> <mtk.manpages@xxxxxxxxx> wrote:
> [...]
>>>> I'm not sure if I should write anything about this small UAPI
>>>> breakage in BUGS, or not. Your thoughts?
>>>
>>> Thinking about it a bit more: Any code that relies on pause() or
>>> epoll_wait() not restarting is buggy anyway, right? Because a signal
>>> could also arrive directly before entering the syscall, while
>>> userspace code is still executing? So one could argue that we're just
>>> enlarging a preexisting race. (Unless the signal handler checks the
>>> interrupted register state to figure out whether we already entered
>>> syscall handling?)
>>
>> Yes, that all makes sense.
>>
>>> If userspace relies on non-restarting behavior, it should be using
>>> something like epoll_pwait(). And that stuff only unblocks signals
>>> after we've already past the seccomp checks on entry.
>>
>> Thanks for elaborating that detail, since as soon as you talked
>> about "enlarging a preexisting race" above, I immediately wondered
>> sigsuspend(), pselect(), etc.
>>
>> (Mind you, I still wonder about the effect on system calls that
>> are normally nonrestartable because they have timeouts. My
>> understanding is that the kernel doesn't restart those system
>> calls because it's impossible for the kernel to restart the call
>> with the right timeout value. I wonder what happens when those
>> system calls are restarted in the scenario we're discussing.)
>
> Ah, that's an interesting edge case...

I'm going to drop a FIXME into the page source so that
there's a reminder of this issue in the next draft of
the page, which I'm about to send out.

[...]

Thanks for checking the other pieces, Jann.

Cheers,

Michael

--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

Next message: Paolo Abeni: "Re: [PATCH] net: udp: increase UDP_MIB_RCVBUFERRORS when ENOBUFS"
Previous message: Jan Kara: "Re: kernel BUG at mm/page-writeback.c:2241 [ BUG_ON(PageWriteback(page); ]"
In reply to: Jann Horn: "Re: For review: seccomp_user_notif(2) manual page"
Next in thread: Michael Kerrisk (man-pages): "Re: For review: seccomp_user_notif(2) manual page"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]