• Sargun Dhillon's avatar
    pid: Implement pidfd_getfd syscall · 8649c322
    Sargun Dhillon authored
    This syscall allows for the retrieval of file descriptors from other
    processes, based on their pidfd. This is possible using ptrace, and
    injection of parasitic code to inject code which leverages SCM_RIGHTS
    to move file descriptors between a tracee and a tracer. Unfortunately,
    ptrace comes with a high cost of requiring the process to be stopped,
    and breaks debuggers. This does not require stopping the process under
    manipulation.
    
    One reason to use this is to allow sandboxers to take actions on file
    descriptors on the behalf of another process. For example, this can be
    combined with seccomp-bpf's user notification to do on-demand fd
    extraction and take privileged actions. One such privileged action
    is binding a socket to a privileged port.
    
    /* prototype */
      /* flags is currently reserved and should be set to 0 */
      int sys_pidfd_getfd(int pidfd, int fd, unsigned int flags);
    
    /* testing */
    Ran self-test suite on x86_64
    Signed-off-by: default avatarSargun Dhillon <sargun@sargun.me>
    Acked-by: default avatarChristian Brauner <christian.brauner@ubuntu.com>
    Reviewed-by: default avatarArnd Bergmann <arnd@arndb.de>
    Link: https://lore.kernel.org/r/20200107175927.4558-3-sargun@sargun.meSigned-off-by: default avatarChristian Brauner <christian.brauner@ubuntu.com>
    8649c322
pid.c 15.9 KB