From patchwork Sat Oct 15 12:26:10 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alban Crequy <alban.crequy@gmail.com>
X-Patchwork-Id: 682531
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3sx3g051FRz9s3s
	for <patchwork-incoming@ozlabs.org>;
	Sat, 15 Oct 2016 23:29:00 +1100 (AEDT)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com header.b=eNoc9v2b;
	dkim-atps=neutral
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754269AbcJOM2w (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Sat, 15 Oct 2016 08:28:52 -0400
Received: from mail-wm0-f66.google.com ([74.125.82.66]:33515 "EHLO
	mail-wm0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754106AbcJOM2r (ORCPT
	<rfc822;netdev@vger.kernel.org>); Sat, 15 Oct 2016 08:28:47 -0400
Received: by mail-wm0-f66.google.com with SMTP id 191so2360760wmr.0;
	Sat, 15 Oct 2016 05:28:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=sender:from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=fjvGXiA1VpTSaWDPRe5vDfc9l3PQn3Af8cfzzliDexk=;
	b=eNoc9v2bPVSNGAGywD8KPmCOcUcZq9I0rAaB2Iwdhc8VugPsd+5tyLAqAxeiuN8rwl
	hmNmPWFgz2vfyi42MyqzFN4VuH2E+wi2GHpIo1oNuNdYrw7FB2pwLjlKEkLfC2Lcj+Io
	tlq3sIVU4Svhf9iC0L4CFjHIaL6okM3KAdcIrm6+8X1DFyv8LwSqt2fp8khPjS1lJdYM
	cYaEW0KxPYtfwAnkJRIKOxzhjNQIoyYxQf04Z99wxfRiSFIOckwXacRcLXLUj0Nu6Vrr
	9UoNOkqQUlpT0v7JjQHJoyva7DRoCp8vPG3BaDUavhYcfQz56TMX4urTX+BvRxqsW9DY
	RFdQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
	:in-reply-to:references;
	bh=fjvGXiA1VpTSaWDPRe5vDfc9l3PQn3Af8cfzzliDexk=;
	b=aQ3lFQ/UT5P/TZIAUXpYxRY++U5J2hNzLmU/I1FQznDqiF4gWjQcWslmwUqQHCJ1s5
	BjI0xip3DBjmA1EiVj63Sft9FvM147o3u36YCIIclC4SxiOZ8RzQ+qEOgzxrovfsA7MB
	mMb3iVOjh/sRSTG7cbJNW/fAgXnPn4PHQe7wCly1WX9c+mMvOWT46II5dxUrZDcVuakm
	ygaoQFfOa/S70fZF7urFn+5l73QX1PtDNkRE5Xi1n+fBcaJ2elgKTbYfwZdmB0kR7YQr
	oUNCPw45ILJB1MpjZtI3IKje3NYaSI9k0/5Ao/LKzMoQaMRX8qj1v4D7an6moAqs6OqQ
	RgUw==
X-Gm-Message-State: 
 AA6/9RnFOIbgrKz0zpuUNnFPLo9ifjMhE+Vk5tDFoLZDHHeygxz3ooTx0aoGP0VaxebuFw==
X-Received: by 10.28.7.198 with SMTP id 189mr2016085wmh.65.1476534524739;
	Sat, 15 Oct 2016 05:28:44 -0700 (PDT)
Received: from rainbow.primacom.net
	([2a00:c1a0:48c0:2b00:8e70:5aff:fe29:2928])
	by smtp.gmail.com with ESMTPSA id
	u77sm3247971wmd.18.2016.10.15.05.28.43
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Sat, 15 Oct 2016 05:28:44 -0700 (PDT)
From: Alban Crequy <alban.crequy@gmail.com>
X-Google-Original-From: Alban Crequy <alban@kinvolk.io>
To: linux-kernel@vger.kernel.org,
	containers@lists.linux-foundation.org, netdev@vger.kernel.org
Cc: Jesper Derehag <jderehag@hotmail.com>,
	"Serge E . Hallyn" <serge@hallyn.com>,
	Evgeniy Polyakov <zbr@ioremap.net>,
	Jiri Benc <jbenc@redhat.com>, Tejun Heo <tj@kernel.org>,
	Aditya Kali <adityakali@google.com>,
	Iago Lopez Galeiras <iago@kinvolk.io>,
	Dimitri John Ledkov <dimitri.j.ledkov@intel.com>,
	Aaron Campbell <aaron@monkey.org>, Alban Crequy <alban@kinvolk.io>
Subject: [RFC v2 2/2] proc connector: add a "get feature" op
Date: Sat, 15 Oct 2016 14:26:10 +0200
Message-Id: <1476534370-4027-3-git-send-email-alban@kinvolk.io>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1476534370-4027-1-git-send-email-alban@kinvolk.io>
References: <1476534370-4027-1-git-send-email-alban@kinvolk.io>
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Alban Crequy <alban@kinvolk.io>

As more kinds of events are being added in the proc connector, userspace
needs a way to detect whether the kernel supports those new events.

When a kind of event is not supported, userspace should report an error
propertly, or fallback to other methods (regular polling of procfs).

The events fork, exec, uid, gid, sid, ptrace, comm, exit were added
together. Then commit 2b5faa4c ("connector: Added coredumping event to
the process connector") added coredump events but without a way for
userspace to detect if the kernel will emit those. So I am grouping
them all together in PROC_CN_FEATURE_BASIC.

- PROC_CN_FEATURE_BASIC: supports fork, exec, uid, gid, sid, ptrace,
  comm, exit, coredump.

- PROC_CN_FEATURE_NS: supports ns.

Signed-off-by: Alban Crequy <alban@kinvolk.io>
---
 drivers/connector/cn_proc.c  | 25 +++++++++++++++----------
 include/uapi/linux/cn_proc.h |  4 ++++
 2 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c
index c38733d..5f9ace6 100644
--- a/drivers/connector/cn_proc.c
+++ b/drivers/connector/cn_proc.c
@@ -442,15 +442,12 @@ void proc_ns_connector_send(struct ns_event_prepare *prepare, struct task_struct
  * values because it's not being returned via syscall return
  * mechanisms.
  */
-static void cn_proc_ack(int err, int rcvd_seq, int rcvd_ack)
+static void cn_proc_ack(int err, u16 flags, int rcvd_seq, int rcvd_ack)
 {
 	struct cn_msg *msg;
 	struct proc_event *ev;
 	__u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
 
-	if (atomic_read(&proc_event_num_listeners) < 1)
-		return;
-
 	msg = buffer_to_cn_msg(buffer);
 	ev = (struct proc_event *)msg->data;
 	memset(&ev->event_data, 0, sizeof(ev->event_data));
@@ -462,7 +459,7 @@ static void cn_proc_ack(int err, int rcvd_seq, int rcvd_ack)
 	memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
 	msg->ack = rcvd_ack + 1;
 	msg->len = sizeof(*ev);
-	msg->flags = 0; /* not used */
+	msg->flags = flags;
 	send_msg(msg);
 }
 
@@ -475,9 +472,12 @@ static void cn_proc_mcast_ctl(struct cn_msg *msg,
 {
 	enum proc_cn_mcast_op *mc_op = NULL;
 	int err = 0;
+	u16 flags = 0;
 
-	if (msg->len != sizeof(*mc_op))
-		return;
+	if (msg->len != sizeof(*mc_op)) {
+		err = EINVAL;
+		goto out;
+	}
 
 	/* 
 	 * Events are reported with respect to the initial pid
@@ -485,8 +485,10 @@ static void cn_proc_mcast_ctl(struct cn_msg *msg,
 	 * other namespaces.
 	 */
 	if ((current_user_ns() != &init_user_ns) ||
-	    (task_active_pid_ns(current) != &init_pid_ns))
-		return;
+	    (task_active_pid_ns(current) != &init_pid_ns)) {
+		err = EPERM;
+		goto out;
+	}
 
 	/* Can only change if privileged. */
 	if (!__netlink_ns_capable(nsp, &init_user_ns, CAP_NET_ADMIN)) {
@@ -496,6 +498,9 @@ static void cn_proc_mcast_ctl(struct cn_msg *msg,
 
 	mc_op = (enum proc_cn_mcast_op *)msg->data;
 	switch (*mc_op) {
+	case PROC_CN_GET_FEATURES:
+		flags = PROC_CN_FEATURE_BASIC | PROC_CN_FEATURE_NS;
+		break;
 	case PROC_CN_MCAST_LISTEN:
 		atomic_inc(&proc_event_num_listeners);
 		break;
@@ -508,7 +513,7 @@ static void cn_proc_mcast_ctl(struct cn_msg *msg,
 	}
 
 out:
-	cn_proc_ack(err, msg->seq, msg->ack);
+	cn_proc_ack(err, flags, msg->seq, msg->ack);
 }
 
 /*
diff --git a/include/uapi/linux/cn_proc.h b/include/uapi/linux/cn_proc.h
index 3270e8c..2ea0e5d 100644
--- a/include/uapi/linux/cn_proc.h
+++ b/include/uapi/linux/cn_proc.h
@@ -25,10 +25,14 @@
  * for events on the connector.
  */
 enum proc_cn_mcast_op {
+	PROC_CN_GET_FEATURES = 0,
 	PROC_CN_MCAST_LISTEN = 1,
 	PROC_CN_MCAST_IGNORE = 2
 };
 
+#define PROC_CN_FEATURE_BASIC 0x0001
+#define PROC_CN_FEATURE_NS    0x0002
+
 /*
  * From the user's point of view, the process
  * ID is the thread group ID and thread ID is the internal