From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) by sourceware.org (Postfix) with ESMTPS id C59D1385783F for ; Tue, 16 May 2023 12:26:31 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C59D1385783F Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-ot1-x333.google.com with SMTP id 46e09a7af769-6ab611e57c2so4305552a34.1 for ; Tue, 16 May 2023 05:26:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1684239991; x=1686831991; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:from:to:cc:subject:date:message-id:reply-to; bh=xQfnWU9AnnTikX76OGG/w7JCpsPWkN6wYAysMp+bWBE=; b=hlMPgLo/a2JCCSLz8Sv3srSPwOt4VlI3OC2Nl2DHO8YFWm+DXMpvLB9EvbRQ4i2+Vf UmeFQLWgJclQ5iVhn0bwTZ1zEHWGocL00HybiENWNHHlXjoNd76m8xv0tGPiAteX7gJo ZCb1ejQzjGsXFbo9e+ecKZV4i0BzPU+RDBEps8WCtk2uA5zEr8Wq/i+EzekOKDx5NNw5 UmqC0RETbz0dp4bfxel0zpX+nGoMAmugqmyOT/Lq/+fk0HvSKalxddmCx58chJGhdk8t V4eRY4WDfF6hGxjVI1XoEOPevTGWxNfM/tCs7zUjIyBWYPXswfFP43WHmOLyx2JrPH0T RlIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684239991; x=1686831991; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=xQfnWU9AnnTikX76OGG/w7JCpsPWkN6wYAysMp+bWBE=; b=bp86/Sbb0cLt4OzqC1SD6Qc6LTclHMO7hv1oG+j96WV8IlwlNXHUdhFTsnle8i9HC5 TSNGEBvPppAmNyitNDlXgj9EXEaHfxzALXX0B8BZgGJSg2c0n0ZdxtKGtG1L8h7iVkdv q/0nLI8iyhQODc29LHy66sKqiRiPIopGva1mS0+4hoJBwPmKgL3Hy0kRznVn9EpuNjaO 5PKTZ64eNrXApcyUEIPdZWTN4S0M4/BbHKMlEAVVx1znIc8pe0/qh5faY7Kst5GAS4x5 gBvKQ9fIZbe/Au7OXqJOu+6CDt888bW8CLnbsq+KIYgZ+3Y8pAeFQWeqPRdHHhlft82B DCvA== X-Gm-Message-State: AC+VfDy2CNBV2oxl2yokiZIWFXIxKKfq6XScymRHokAQTfhfPJZLnLXM x3s9jT+ehUEYvbRlrUyj3bHxXw== X-Google-Smtp-Source: ACHHUZ4rLTsE6JsyrWSOIqlMCV6R6ZeN/Jq/p+Ia0HoKTn3q6TZdnCsU3GAiGGdSqif9/dlcXI1k2g== X-Received: by 2002:a54:4613:0:b0:384:67e1:c9f7 with SMTP id p19-20020a544613000000b0038467e1c9f7mr12591051oip.45.1684239990775; Tue, 16 May 2023 05:26:30 -0700 (PDT) Received: from ?IPV6:2804:1b3:a7c0:c914:28b3:cbf9:a103:6f88? ([2804:1b3:a7c0:c914:28b3:cbf9:a103:6f88]) by smtp.gmail.com with ESMTPSA id n206-20020acabdd7000000b0038cabdbe3a7sm8737503oif.3.2023.05.16.05.26.27 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 16 May 2023 05:26:28 -0700 (PDT) Message-ID: Date: Tue, 16 May 2023 09:26:25 -0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.11.0 Subject: Re: [PATCH v3 3/3] linux: Add pidfd_getpid Content-Language: en-US To: Luca Boccassi Cc: libc-alpha@sourceware.org, Florian Weimer , Philip Withnall References: <20230516114612.159103-1-adhemerval.zanella@linaro.org> <20230516114612.159103-4-adhemerval.zanella@linaro.org> From: Adhemerval Zanella Netto Organization: Linaro In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-8.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 16/05/23 08:54, Luca Boccassi wrote: > On Tue, 16 May 2023 at 12:46, Adhemerval Zanella > wrote: >> >> This interface allows to obtain the associated pid ID from the >> process file descriptor. It is done by parsing the procps fdinfo >> information. Its prototype is: >> >> pid_t pidfd_getpid (int fd) >> >> It returns the associated pid or -1 in case of an error and set the >> errno accordingly. The possible errno values are the smae from >> open, read, and close (used on procps parsing), along with: >> >> - EINVAL if the FP is negative (similar to fexecve). >> >> - EBADF if the FD does not have a PID associated of if the fdinfo >> fields contains a value larger than pid_t. >> >> - EREMOTE if the PID is in a separate namespace. >> >> - ESRCH if the process is already terminated. >> >> Checked on x86_64-linux-gnu on Linux 4.15 (no CLONE_PID or waitid >> support), Linux 5.15 (only clone support), and Linux 5.19 (full >> support including clone3). >> --- > <..> >> +#define FDINFO_TO_FILENAME_PREFIX "/proc/self/fdinfo/" >> + >> +#define FDINFO_FILENAME_LEN \ >> + (sizeof (FDINFO_TO_FILENAME_PREFIX) + INT_STRLEN_BOUND (int)) >> + >> +struct parse_fdinfo_t >> +{ >> + bool found; >> + pid_t pid; >> +}; >> + >> +static int >> +parse_fdinfo (const char *l, void *arg) >> +{ >> + enum { fieldlen = sizeof ("Pid:") - 1 }; >> + if (strncmp (l, "Pid:", fieldlen) != 0) >> + return 0; >> + >> + l += fieldlen; >> + >> + char *endp; >> + unsigned long n = strtoul (l, &endp, 10); >> + if (l == endp || (n > INT_MAX && n != ULONG_MAX)) >> + return 0; > > How can this tell the difference between '-1' and garbage input? It > seems to me this will confuse mangled input here with ESRCH, given the > pid in fdinfo is initialized to -1, no? Because -1 will be parsed as ULONG_MAX. For instance, with the inputs: Input: | Function result | parse_fdinfo_t -------------------|-----------------|----------------------- "Pid: 0" | 1 | {1, 0} "Pid: 1" | 1 | {1, 1} "Pid: 2147483647" | 1 | {1, 2147483647} "Pid: 2147483648" | 0 | {0, -1} "Pid: -1" | 1 | {1, -1} "Pid: -3" | 0 | {0, -1} "Pid: -24x" | 0 | {0, -1} So only if the PID if positive less than INT_MAX or -1 the function will set that the PID as found. > >> + struct parse_fdinfo_t *fdinfo = arg; >> + fdinfo->found = true; >> + fdinfo->pid = n; >> + >> + return 1; >> +} >> + >> +pid_t >> +pidfd_getpid (int fd) >> +{ >> + if (__glibc_unlikely (fd < 0)) >> + { >> + __set_errno (EINVAL); >> + return -1; >> + } >> + >> + char fdinfoname[FDINFO_FILENAME_LEN]; >> + >> + char *p = mempcpy (fdinfoname, FDINFO_TO_FILENAME_PREFIX, >> + strlen (FDINFO_TO_FILENAME_PREFIX)); >> + *_fitoa_word (fd, p, 10, 0) = '\0'; >> + >> + struct parse_fdinfo_t fdinfo = { .found = false, .pid = -1 }; >> + if (procutils_read_file (fdinfoname, parse_fdinfo, &fdinfo) == -1) >> + /* The fdinfo contains an invalid 'Pid:' value. */ >> + return INLINE_SYSCALL_ERROR_RETURN_VALUE (EBADF); >> + >> + /* The FD does not have a 'Pid:' entry associated. */ >> + if (!fdinfo.found) >> + return INLINE_SYSCALL_ERROR_RETURN_VALUE (EBADF); >> + >> + /* The pidfd cannot be resolved because it is in a separate pid >> + namespace. */ >> + if (fdinfo.pid == 0) >> + return INLINE_SYSCALL_ERROR_RETURN_VALUE (EREMOTE); >> + >> + /* A negative value means the process is terminated. */ >> + if (fdinfo.pid < 0) >> + return INLINE_SYSCALL_ERROR_RETURN_VALUE (ESRCH); > > Here it just assumes this is an ESRSCH case, but again it could be > failing to parse it for other corner cases of stroul. It should return > ESRCH _only_ if it really parsed -1 from fdinfo, otherwise we cannot > rely on it. It is already handled by the 'found' check above, where for values not in PID range or error in strtoul, EBADF will be returned. I might improve the comments to make it clear.