summaryrefslogtreecommitdiffstats
path: root/arch
diff options
context:
space:
mode:
authorSargun Dhillon <sargun@sargun.me>2020-01-07 18:59:25 +0100
committerChristian Brauner <christian.brauner@ubuntu.com>2020-01-13 21:49:36 +0100
commit8649c322f75c96e7ced2fec201e123b2b073bf09 (patch)
tree791d90016044b13207400609c491f71654fc5f34 /arch
parentvfs, fdtable: Add fget_task helper (diff)
downloadlinux-8649c322f75c96e7ced2fec201e123b2b073bf09.tar.xz
linux-8649c322f75c96e7ced2fec201e123b2b073bf09.zip
pid: Implement pidfd_getfd syscall
This syscall allows for the retrieval of file descriptors from other processes, based on their pidfd. This is possible using ptrace, and injection of parasitic code to inject code which leverages SCM_RIGHTS to move file descriptors between a tracee and a tracer. Unfortunately, ptrace comes with a high cost of requiring the process to be stopped, and breaks debuggers. This does not require stopping the process under manipulation. One reason to use this is to allow sandboxers to take actions on file descriptors on the behalf of another process. For example, this can be combined with seccomp-bpf's user notification to do on-demand fd extraction and take privileged actions. One such privileged action is binding a socket to a privileged port. /* prototype */ /* flags is currently reserved and should be set to 0 */ int sys_pidfd_getfd(int pidfd, int fd, unsigned int flags); /* testing */ Ran self-test suite on x86_64 Signed-off-by: Sargun Dhillon <sargun@sargun.me> Acked-by: Christian Brauner <christian.brauner@ubuntu.com> Reviewed-by: Arnd Bergmann <arnd@arndb.de> Link: https://lore.kernel.org/r/20200107175927.4558-3-sargun@sargun.me Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Diffstat (limited to 'arch')
0 files changed, 0 insertions, 0 deletions