Re: [RFC PATCH] fdinfo: Option for public fdinfo

Next message: Bartosz Golaszewski: "[PATCH net-next v10 4/6] net: stmmac: qcom-ethqos: split power management fields into a separate structure"
Previous message: Pasha Tatashin: "Re: [PATCH 1/2] liveupdate: prevent double management of files"
In reply to: Christian Brauner: "Re: [RFC PATCH] fdinfo: Option for public fdinfo"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christian König

Date: Mon Mar 23 2026 - 09:25:43 EST

On 3/23/26 13:13, Christian Brauner wrote:
> On Mon, Mar 16, 2026 at 02:38:28PM -0400, David Francis wrote:
>> We want some GPU information to be publicly available to all
>> processes for basic system-wide profiling (think GPU versions
>> of top).
>>
>> This information is available in fdinfo and not easily exposed
>> by other interfaces.
>>
>> Add fd_op flag FOP_PUBLIC_FDINFO, which, if set, makes the fdinfo
>> for that file available to read for processes without ptrace
>> permissions.
>>
>> Note that this makes public how many files each process has open,
>> and what their fds are.
>>
>> Signed-off-by: David Francis <David.Francis@xxxxxxx>
>> ---
>
> Eew, please let's not. Add an ioctl if you need to be able to retrieve
> that info.

Yeah the problem is an IOCTL is even worse from the security pov.

This is for an tool which doesn't have access to the file descriptor which provides that information.

So using pidfd_getfd() or similar to get the FD and then call an IOCTL on it would be a security violation.

The real question is how should we make this information public available in the system?

Regards,
Christian.