Re: SECCOMP_IOCTL_NOTIF_ADDFD race condition

2020-12-01 Thread Kees Cook
On Tue, Dec 01, 2020 at 08:13:34AM -0500, Tycho Andersen wrote: > On Tue, Dec 01, 2020 at 01:08:25PM +, Sargun Dhillon wrote: > > On Tue, Dec 01, 2020 at 07:41:05AM -0500, Tycho Andersen wrote: > > > On Mon, Nov 30, 2020 at 06:20:09PM -0500, Tycho Andersen wrote: > > > > Idea 1 sounds best to m

Re: SECCOMP_IOCTL_NOTIF_ADDFD race condition

2020-12-01 Thread Tycho Andersen
On Tue, Dec 01, 2020 at 01:08:25PM +, Sargun Dhillon wrote: > On Tue, Dec 01, 2020 at 07:41:05AM -0500, Tycho Andersen wrote: > > On Mon, Nov 30, 2020 at 06:20:09PM -0500, Tycho Andersen wrote: > > > Idea 1 sounds best to me, but maybe that's because it's the way I > > > originally did the fd s

Re: SECCOMP_IOCTL_NOTIF_ADDFD race condition

2020-12-01 Thread Sargun Dhillon
On Tue, Dec 01, 2020 at 07:41:05AM -0500, Tycho Andersen wrote: > On Mon, Nov 30, 2020 at 06:20:09PM -0500, Tycho Andersen wrote: > > Idea 1 sounds best to me, but maybe that's because it's the way I > > originally did the fd support that never landed :) > > > > But here's an Idea 4: we add a way

Re: SECCOMP_IOCTL_NOTIF_ADDFD race condition

2020-12-01 Thread Tycho Andersen
On Mon, Nov 30, 2020 at 06:20:09PM -0500, Tycho Andersen wrote: > Idea 1 sounds best to me, but maybe that's because it's the way I > originally did the fd support that never landed :) > > But here's an Idea 4: we add a way to remotely close an fd (I don't > see that the current infra can do this,

Re: SECCOMP_IOCTL_NOTIF_ADDFD race condition

2020-11-30 Thread Sargun Dhillon
On Mon, Nov 30, 2020 at 06:20:09PM -0500, Tycho Andersen wrote: > Hi, > > On Thu, Nov 26, 2020 at 02:09:33PM +0100, Alban Crequy wrote: > > Hi, > > > > With the addfd feature (added in “seccomp: Introduce addfd ioctl to > > seccomp user notifier”, commit 7cf97b125455), the new file is > > install

Re: SECCOMP_IOCTL_NOTIF_ADDFD race condition

2020-11-30 Thread Tycho Andersen
Hi, On Thu, Nov 26, 2020 at 02:09:33PM +0100, Alban Crequy wrote: > Hi, > > With the addfd feature (added in “seccomp: Introduce addfd ioctl to > seccomp user notifier”, commit 7cf97b125455), the new file is > installed in the target process during the SECCOMP_IOCTL_NOTIF_ADDFD > operation and no

SECCOMP_IOCTL_NOTIF_ADDFD race condition

2020-11-26 Thread Alban Crequy
Hi, With the addfd feature (added in “seccomp: Introduce addfd ioctl to seccomp user notifier”, commit 7cf97b125455), the new file is installed in the target process during the SECCOMP_IOCTL_NOTIF_ADDFD operation and not at the end with the SECCOMP_IOCTL_NOTIF_SEND operation. This can cause race c