seccomp_unotify.2: EXAMPLES: Improve comments describing checkNotificationIdIsValid()

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2020-10-29 12:19:16 +01:00
parent 8a7703864c
commit 6f0ca7da71
1 changed files with 10 additions and 6 deletions

View File

@ -1315,11 +1315,14 @@ targetProcess(int sockPair[2], char *argv[])
}
/* Check that the notification ID provided by a SECCOMP_IOCTL_NOTIF_RECV
operation is still valid. It will no longer be valid if the process
has terminated. This operation can be used when accessing /proc/PID
files in the target process in order to avoid TOCTOU race conditions
where the PID that is returned by SECCOMP_IOCTL_NOTIF_RECV terminates
and is reused by another process. */
operation is still valid. It will no longer be valid if the target
process has terminated or is no longer blocked in the system call that
generated the notification (because it was interrupted by a signal).
This operation can be used when doing such things as accessing
/proc/PID files in the target process in order to avoid TOCTOU race
conditions where the PID that is returned by SECCOMP_IOCTL_NOTIF_RECV
terminates and is reused by another process. */
static void
checkNotificationIdIsValid(int notifyFd, uint64_t id)
@ -1349,7 +1352,8 @@ getTargetPathname(struct seccomp_notif *req, int notifyFd,
if (procMemFd == \-1)
errExit("\etS: open");
/* Check that the process whose info we are accessing is still alive.
/* Check that the process whose info we are accessing is still alive
and blocked in the system call that caused the notification.
If the SECCOMP_IOCTL_NOTIF_ID_VALID operation (performed
in checkNotificationIdIsValid()) succeeds, we know that the
/proc/PID/mem file descriptor that we opened corresponds to the