* [PATCH 1/4] uapi, fs: make all new mount api fds cloexec by default [ver #2]
2019-05-16 11:52 [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2] David Howells
@ 2019-05-16 11:52 ` David Howells
2019-05-16 11:52 ` [PATCH 2/4] uapi, fsopen: use square brackets around "fscontext" " David Howells
` (3 subsequent siblings)
4 siblings, 0 replies; 20+ messages in thread
From: David Howells @ 2019-05-16 11:52 UTC (permalink / raw)
To: torvalds, viro
Cc: Christian Brauner, dhowells, christian, arnd, linux-fsdevel,
linux-kernel
From: Christian Brauner <christian@brauner.io>
This makes all file descriptors returned from new syscalls of the new mount
api cloexec by default.
>From a userspace perspective it is rarely the case that fds are supposed to
be inherited across exec. Having them not cloexec by default forces
userspace to remember to pass the <SPECIFIC>_CLOEXEC flag along or to
invoke fcntl() on the fd to prevent leaking it. And leaking the fd is a
much bigger issue than forgetting to remove the cloexec flag and failing to
inherit the fd.
For old fd types we can't break userspace. But for new ones we should
whenever reasonable make them cloexec by default (Examples of this policy
are the new seccomp notify fds and also pidfds.). If userspace wants to
inherit fds across exec they can remove the O_CLOEXEC flag and so opt in to
inheritance explicitly.
This patch also has the advantage that we can get rid of all the special
flags per file descriptor type for the new mount api. In total this lets us
remove 4 flags:
- FSMOUNT_CLOEXEC
- FSOPEN_CLOEXEC
- FSPICK_CLOEXEC
- OPEN_TREE_CLOEXEC
Signed-off-by: Christian Brauner <christian@brauner.io>
Signed-off-by: David Howells <dhowells@redhat.com>
---
fs/fsopen.c | 13 ++++++-------
fs/namespace.c | 11 ++++-------
include/uapi/linux/mount.h | 18 +++---------------
3 files changed, 13 insertions(+), 29 deletions(-)
diff --git a/fs/fsopen.c b/fs/fsopen.c
index 3bb9c0c8cbcc..a38fa8c616cf 100644
--- a/fs/fsopen.c
+++ b/fs/fsopen.c
@@ -88,12 +88,12 @@ const struct file_operations fscontext_fops = {
/*
* Attach a filesystem context to a file and an fd.
*/
-static int fscontext_create_fd(struct fs_context *fc, unsigned int o_flags)
+static int fscontext_create_fd(struct fs_context *fc)
{
int fd;
fd = anon_inode_getfd("fscontext", &fscontext_fops, fc,
- O_RDWR | o_flags);
+ O_RDWR | O_CLOEXEC);
if (fd < 0)
put_fs_context(fc);
return fd;
@@ -126,7 +126,7 @@ SYSCALL_DEFINE2(fsopen, const char __user *, _fs_name, unsigned int, flags)
if (!ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN))
return -EPERM;
- if (flags & ~FSOPEN_CLOEXEC)
+ if (flags)
return -EINVAL;
fs_name = strndup_user(_fs_name, PAGE_SIZE);
@@ -149,7 +149,7 @@ SYSCALL_DEFINE2(fsopen, const char __user *, _fs_name, unsigned int, flags)
if (ret < 0)
goto err_fc;
- return fscontext_create_fd(fc, flags & FSOPEN_CLOEXEC ? O_CLOEXEC : 0);
+ return fscontext_create_fd(fc);
err_fc:
put_fs_context(fc);
@@ -169,8 +169,7 @@ SYSCALL_DEFINE3(fspick, int, dfd, const char __user *, path, unsigned int, flags
if (!ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN))
return -EPERM;
- if ((flags & ~(FSPICK_CLOEXEC |
- FSPICK_SYMLINK_NOFOLLOW |
+ if ((flags & ~(FSPICK_SYMLINK_NOFOLLOW |
FSPICK_NO_AUTOMOUNT |
FSPICK_EMPTY_PATH)) != 0)
return -EINVAL;
@@ -203,7 +202,7 @@ SYSCALL_DEFINE3(fspick, int, dfd, const char __user *, path, unsigned int, flags
goto err_fc;
path_put(&target);
- return fscontext_create_fd(fc, flags & FSPICK_CLOEXEC ? O_CLOEXEC : 0);
+ return fscontext_create_fd(fc);
err_fc:
put_fs_context(fc);
diff --git a/fs/namespace.c b/fs/namespace.c
index ffb13f0562b0..3d14e83787b1 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2369,11 +2369,8 @@ SYSCALL_DEFINE3(open_tree, int, dfd, const char *, filename, unsigned, flags)
int error;
int fd;
- BUILD_BUG_ON(OPEN_TREE_CLOEXEC != O_CLOEXEC);
-
if (flags & ~(AT_EMPTY_PATH | AT_NO_AUTOMOUNT | AT_RECURSIVE |
- AT_SYMLINK_NOFOLLOW | OPEN_TREE_CLONE |
- OPEN_TREE_CLOEXEC))
+ AT_SYMLINK_NOFOLLOW | OPEN_TREE_CLONE))
return -EINVAL;
if ((flags & (AT_RECURSIVE | OPEN_TREE_CLONE)) == AT_RECURSIVE)
@@ -2389,7 +2386,7 @@ SYSCALL_DEFINE3(open_tree, int, dfd, const char *, filename, unsigned, flags)
if (detached && !may_mount())
return -EPERM;
- fd = get_unused_fd_flags(flags & O_CLOEXEC);
+ fd = get_unused_fd_flags(O_CLOEXEC);
if (fd < 0)
return fd;
@@ -3352,7 +3349,7 @@ SYSCALL_DEFINE3(fsmount, int, fs_fd, unsigned int, flags,
if (!may_mount())
return -EPERM;
- if ((flags & ~(FSMOUNT_CLOEXEC)) != 0)
+ if (flags)
return -EINVAL;
if (attr_flags & ~(MOUNT_ATTR_RDONLY |
@@ -3457,7 +3454,7 @@ SYSCALL_DEFINE3(fsmount, int, fs_fd, unsigned int, flags,
}
file->f_mode |= FMODE_NEED_UNMOUNT;
- ret = get_unused_fd_flags((flags & FSMOUNT_CLOEXEC) ? O_CLOEXEC : 0);
+ ret = get_unused_fd_flags(O_CLOEXEC);
if (ret >= 0)
fd_install(ret, file);
else
diff --git a/include/uapi/linux/mount.h b/include/uapi/linux/mount.h
index 96a0240f23fe..c688e4ac843b 100644
--- a/include/uapi/linux/mount.h
+++ b/include/uapi/linux/mount.h
@@ -59,7 +59,6 @@
* open_tree() flags.
*/
#define OPEN_TREE_CLONE 1 /* Clone the target tree and attach the clone */
-#define OPEN_TREE_CLOEXEC O_CLOEXEC /* Close the file on execve() */
/*
* move_mount() flags.
@@ -72,18 +71,12 @@
#define MOVE_MOUNT_T_EMPTY_PATH 0x00000040 /* Empty to path permitted */
#define MOVE_MOUNT__MASK 0x00000077
-/*
- * fsopen() flags.
- */
-#define FSOPEN_CLOEXEC 0x00000001
-
/*
* fspick() flags.
*/
-#define FSPICK_CLOEXEC 0x00000001
-#define FSPICK_SYMLINK_NOFOLLOW 0x00000002
-#define FSPICK_NO_AUTOMOUNT 0x00000004
-#define FSPICK_EMPTY_PATH 0x00000008
+#define FSPICK_SYMLINK_NOFOLLOW 0x00000001
+#define FSPICK_NO_AUTOMOUNT 0x00000002
+#define FSPICK_EMPTY_PATH 0x00000004
/*
* The type of fsconfig() call made.
@@ -99,11 +92,6 @@ enum fsconfig_command {
FSCONFIG_CMD_RECONFIGURE = 7, /* Invoke superblock reconfiguration */
};
-/*
- * fsmount() flags.
- */
-#define FSMOUNT_CLOEXEC 0x00000001
-
/*
* Mount attributes.
*/
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [PATCH 2/4] uapi, fsopen: use square brackets around "fscontext" [ver #2]
2019-05-16 11:52 [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2] David Howells
2019-05-16 11:52 ` [PATCH 1/4] uapi, fs: make all new mount api fds cloexec by default " David Howells
@ 2019-05-16 11:52 ` David Howells
2019-05-16 11:52 ` [PATCH 3/4] uapi, x86: Fix the syscall numbering of the mount API syscalls " David Howells
` (2 subsequent siblings)
4 siblings, 0 replies; 20+ messages in thread
From: David Howells @ 2019-05-16 11:52 UTC (permalink / raw)
To: torvalds, viro
Cc: Christian Brauner, dhowells, christian, arnd, linux-fsdevel,
linux-kernel
From: Christian Brauner <christian@brauner.io>
Make the name of the anon inode fd "[fscontext]" instead of "fscontext".
This is minor but most core-kernel anon inode fds already carry square
brackets around their name:
[eventfd]
[eventpoll]
[fanotify]
[io_uring]
[pidfd]
[signalfd]
[timerfd]
[userfaultfd]
For the sake of consistency lets do the same for the fscontext anon inode
fd that comes with the new mount api.
Signed-off-by: Christian Brauner <christian@brauner.io>
Signed-off-by: David Howells <dhowells@redhat.com>
---
fs/fsopen.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/fsopen.c b/fs/fsopen.c
index a38fa8c616cf..83d0d2001bb2 100644
--- a/fs/fsopen.c
+++ b/fs/fsopen.c
@@ -92,7 +92,7 @@ static int fscontext_create_fd(struct fs_context *fc)
{
int fd;
- fd = anon_inode_getfd("fscontext", &fscontext_fops, fc,
+ fd = anon_inode_getfd("[fscontext]", &fscontext_fops, fc,
O_RDWR | O_CLOEXEC);
if (fd < 0)
put_fs_context(fc);
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [PATCH 3/4] uapi, x86: Fix the syscall numbering of the mount API syscalls [ver #2]
2019-05-16 11:52 [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2] David Howells
2019-05-16 11:52 ` [PATCH 1/4] uapi, fs: make all new mount api fds cloexec by default " David Howells
2019-05-16 11:52 ` [PATCH 2/4] uapi, fsopen: use square brackets around "fscontext" " David Howells
@ 2019-05-16 11:52 ` David Howells
2019-05-16 13:01 ` Christian Brauner
2019-05-16 11:52 ` [PATCH 4/4] uapi: Wire up the mount API syscalls on non-x86 arches " David Howells
2019-05-16 16:22 ` [PATCH 0/4] uapi, vfs: Change the mount API UAPI " Al Viro
4 siblings, 1 reply; 20+ messages in thread
From: David Howells @ 2019-05-16 11:52 UTC (permalink / raw)
To: torvalds, viro
Cc: Arnd Bergmann, Arnd Bergmann, dhowells, christian, arnd,
linux-fsdevel, linux-kernel
Fix the syscall numbering of the mount API syscalls so that the numbers
match between i386 and x86_64 and that they're in the common numbering
scheme space.
Fixes: a07b20004793 ("vfs: syscall: Add open_tree(2) to reference or clone a mount")
Fixes: 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around")
Fixes: 24dcb3d90a1f ("vfs: syscall: Add fsopen() to prepare for superblock creation")
Fixes: ecdab150fddb ("vfs: syscall: Add fsconfig() for configuring and managing a context")
Fixes: 93766fbd2696 ("vfs: syscall: Add fsmount() to create a mount for a superblock")
Fixes: cf3cba4a429b ("vfs: syscall: Add fspick() to select a superblock for reconfiguration")
Reported-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
---
arch/x86/entry/syscalls/syscall_32.tbl | 12 ++++++------
arch/x86/entry/syscalls/syscall_64.tbl | 12 ++++++------
2 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl
index 4cd5f982b1e5..ad968b7bac72 100644
--- a/arch/x86/entry/syscalls/syscall_32.tbl
+++ b/arch/x86/entry/syscalls/syscall_32.tbl
@@ -398,12 +398,6 @@
384 i386 arch_prctl sys_arch_prctl __ia32_compat_sys_arch_prctl
385 i386 io_pgetevents sys_io_pgetevents_time32 __ia32_compat_sys_io_pgetevents
386 i386 rseq sys_rseq __ia32_sys_rseq
-387 i386 open_tree sys_open_tree __ia32_sys_open_tree
-388 i386 move_mount sys_move_mount __ia32_sys_move_mount
-389 i386 fsopen sys_fsopen __ia32_sys_fsopen
-390 i386 fsconfig sys_fsconfig __ia32_sys_fsconfig
-391 i386 fsmount sys_fsmount __ia32_sys_fsmount
-392 i386 fspick sys_fspick __ia32_sys_fspick
393 i386 semget sys_semget __ia32_sys_semget
394 i386 semctl sys_semctl __ia32_compat_sys_semctl
395 i386 shmget sys_shmget __ia32_sys_shmget
@@ -438,3 +432,9 @@
425 i386 io_uring_setup sys_io_uring_setup __ia32_sys_io_uring_setup
426 i386 io_uring_enter sys_io_uring_enter __ia32_sys_io_uring_enter
427 i386 io_uring_register sys_io_uring_register __ia32_sys_io_uring_register
+428 i386 open_tree sys_open_tree __ia32_sys_open_tree
+429 i386 move_mount sys_move_mount __ia32_sys_move_mount
+430 i386 fsopen sys_fsopen __ia32_sys_fsopen
+431 i386 fsconfig sys_fsconfig __ia32_sys_fsconfig
+432 i386 fsmount sys_fsmount __ia32_sys_fsmount
+433 i386 fspick sys_fspick __ia32_sys_fspick
diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl
index 64ca0d06259a..b4e6f9e6204a 100644
--- a/arch/x86/entry/syscalls/syscall_64.tbl
+++ b/arch/x86/entry/syscalls/syscall_64.tbl
@@ -343,18 +343,18 @@
332 common statx __x64_sys_statx
333 common io_pgetevents __x64_sys_io_pgetevents
334 common rseq __x64_sys_rseq
-335 common open_tree __x64_sys_open_tree
-336 common move_mount __x64_sys_move_mount
-337 common fsopen __x64_sys_fsopen
-338 common fsconfig __x64_sys_fsconfig
-339 common fsmount __x64_sys_fsmount
-340 common fspick __x64_sys_fspick
# don't use numbers 387 through 423, add new calls after the last
# 'common' entry
424 common pidfd_send_signal __x64_sys_pidfd_send_signal
425 common io_uring_setup __x64_sys_io_uring_setup
426 common io_uring_enter __x64_sys_io_uring_enter
427 common io_uring_register __x64_sys_io_uring_register
+428 common open_tree __x64_sys_open_tree
+429 common move_mount __x64_sys_move_mount
+430 common fsopen __x64_sys_fsopen
+431 common fsconfig __x64_sys_fsconfig
+432 common fsmount __x64_sys_fsmount
+433 common fspick __x64_sys_fspick
#
# x32-specific system call numbers start at 512 to avoid cache impact
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: [PATCH 3/4] uapi, x86: Fix the syscall numbering of the mount API syscalls [ver #2]
2019-05-16 11:52 ` [PATCH 3/4] uapi, x86: Fix the syscall numbering of the mount API syscalls " David Howells
@ 2019-05-16 13:01 ` Christian Brauner
0 siblings, 0 replies; 20+ messages in thread
From: Christian Brauner @ 2019-05-16 13:01 UTC (permalink / raw)
To: David Howells; +Cc: torvalds, viro, Arnd Bergmann, linux-fsdevel, linux-kernel
On Thu, May 16, 2019 at 12:52:27PM +0100, David Howells wrote:
> Fix the syscall numbering of the mount API syscalls so that the numbers
> match between i386 and x86_64 and that they're in the common numbering
> scheme space.
>
> Fixes: a07b20004793 ("vfs: syscall: Add open_tree(2) to reference or clone a mount")
> Fixes: 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around")
> Fixes: 24dcb3d90a1f ("vfs: syscall: Add fsopen() to prepare for superblock creation")
> Fixes: ecdab150fddb ("vfs: syscall: Add fsconfig() for configuring and managing a context")
> Fixes: 93766fbd2696 ("vfs: syscall: Add fsmount() to create a mount for a superblock")
> Fixes: cf3cba4a429b ("vfs: syscall: Add fspick() to select a superblock for reconfiguration")
> Reported-by: Arnd Bergmann <arnd@arndb.de>
> Signed-off-by: David Howells <dhowells@redhat.com>
> Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christian Brauner <christian@brauner.io>
> ---
>
> arch/x86/entry/syscalls/syscall_32.tbl | 12 ++++++------
> arch/x86/entry/syscalls/syscall_64.tbl | 12 ++++++------
> 2 files changed, 12 insertions(+), 12 deletions(-)
>
> diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl
> index 4cd5f982b1e5..ad968b7bac72 100644
> --- a/arch/x86/entry/syscalls/syscall_32.tbl
> +++ b/arch/x86/entry/syscalls/syscall_32.tbl
> @@ -398,12 +398,6 @@
> 384 i386 arch_prctl sys_arch_prctl __ia32_compat_sys_arch_prctl
> 385 i386 io_pgetevents sys_io_pgetevents_time32 __ia32_compat_sys_io_pgetevents
> 386 i386 rseq sys_rseq __ia32_sys_rseq
> -387 i386 open_tree sys_open_tree __ia32_sys_open_tree
> -388 i386 move_mount sys_move_mount __ia32_sys_move_mount
> -389 i386 fsopen sys_fsopen __ia32_sys_fsopen
> -390 i386 fsconfig sys_fsconfig __ia32_sys_fsconfig
> -391 i386 fsmount sys_fsmount __ia32_sys_fsmount
> -392 i386 fspick sys_fspick __ia32_sys_fspick
> 393 i386 semget sys_semget __ia32_sys_semget
> 394 i386 semctl sys_semctl __ia32_compat_sys_semctl
> 395 i386 shmget sys_shmget __ia32_sys_shmget
> @@ -438,3 +432,9 @@
> 425 i386 io_uring_setup sys_io_uring_setup __ia32_sys_io_uring_setup
> 426 i386 io_uring_enter sys_io_uring_enter __ia32_sys_io_uring_enter
> 427 i386 io_uring_register sys_io_uring_register __ia32_sys_io_uring_register
> +428 i386 open_tree sys_open_tree __ia32_sys_open_tree
> +429 i386 move_mount sys_move_mount __ia32_sys_move_mount
> +430 i386 fsopen sys_fsopen __ia32_sys_fsopen
> +431 i386 fsconfig sys_fsconfig __ia32_sys_fsconfig
> +432 i386 fsmount sys_fsmount __ia32_sys_fsmount
> +433 i386 fspick sys_fspick __ia32_sys_fspick
> diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl
> index 64ca0d06259a..b4e6f9e6204a 100644
> --- a/arch/x86/entry/syscalls/syscall_64.tbl
> +++ b/arch/x86/entry/syscalls/syscall_64.tbl
> @@ -343,18 +343,18 @@
> 332 common statx __x64_sys_statx
> 333 common io_pgetevents __x64_sys_io_pgetevents
> 334 common rseq __x64_sys_rseq
> -335 common open_tree __x64_sys_open_tree
> -336 common move_mount __x64_sys_move_mount
> -337 common fsopen __x64_sys_fsopen
> -338 common fsconfig __x64_sys_fsconfig
> -339 common fsmount __x64_sys_fsmount
> -340 common fspick __x64_sys_fspick
> # don't use numbers 387 through 423, add new calls after the last
> # 'common' entry
> 424 common pidfd_send_signal __x64_sys_pidfd_send_signal
> 425 common io_uring_setup __x64_sys_io_uring_setup
> 426 common io_uring_enter __x64_sys_io_uring_enter
> 427 common io_uring_register __x64_sys_io_uring_register
> +428 common open_tree __x64_sys_open_tree
> +429 common move_mount __x64_sys_move_mount
> +430 common fsopen __x64_sys_fsopen
> +431 common fsconfig __x64_sys_fsconfig
> +432 common fsmount __x64_sys_fsmount
> +433 common fspick __x64_sys_fspick
>
> #
> # x32-specific system call numbers start at 512 to avoid cache impact
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH 4/4] uapi: Wire up the mount API syscalls on non-x86 arches [ver #2]
2019-05-16 11:52 [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2] David Howells
` (2 preceding siblings ...)
2019-05-16 11:52 ` [PATCH 3/4] uapi, x86: Fix the syscall numbering of the mount API syscalls " David Howells
@ 2019-05-16 11:52 ` David Howells
2019-05-16 13:01 ` Christian Brauner
2019-05-16 14:56 ` Geert Uytterhoeven
2019-05-16 16:22 ` [PATCH 0/4] uapi, vfs: Change the mount API UAPI " Al Viro
4 siblings, 2 replies; 20+ messages in thread
From: David Howells @ 2019-05-16 11:52 UTC (permalink / raw)
To: torvalds, viro
Cc: Arnd Bergmann, Arnd Bergmann, dhowells, christian, arnd,
linux-fsdevel, linux-kernel
Wire up the mount API syscalls on non-x86 arches.
Reported-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
---
arch/alpha/kernel/syscalls/syscall.tbl | 6 ++++++
arch/arm/tools/syscall.tbl | 6 ++++++
arch/arm64/include/asm/unistd.h | 2 +-
arch/arm64/include/asm/unistd32.h | 12 ++++++++++++
arch/ia64/kernel/syscalls/syscall.tbl | 6 ++++++
arch/m68k/kernel/syscalls/syscall.tbl | 6 ++++++
arch/microblaze/kernel/syscalls/syscall.tbl | 6 ++++++
arch/mips/kernel/syscalls/syscall_n32.tbl | 6 ++++++
arch/mips/kernel/syscalls/syscall_n64.tbl | 6 ++++++
arch/mips/kernel/syscalls/syscall_o32.tbl | 6 ++++++
arch/parisc/kernel/syscalls/syscall.tbl | 6 ++++++
arch/powerpc/kernel/syscalls/syscall.tbl | 6 ++++++
arch/s390/kernel/syscalls/syscall.tbl | 6 ++++++
arch/sh/kernel/syscalls/syscall.tbl | 6 ++++++
arch/sparc/kernel/syscalls/syscall.tbl | 6 ++++++
arch/xtensa/kernel/syscalls/syscall.tbl | 6 ++++++
include/uapi/asm-generic/unistd.h | 14 +++++++++++++-
17 files changed, 110 insertions(+), 2 deletions(-)
diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl
index 165f268beafc..9e7704e44f6d 100644
--- a/arch/alpha/kernel/syscalls/syscall.tbl
+++ b/arch/alpha/kernel/syscalls/syscall.tbl
@@ -467,3 +467,9 @@
535 common io_uring_setup sys_io_uring_setup
536 common io_uring_enter sys_io_uring_enter
537 common io_uring_register sys_io_uring_register
+538 common open_tree sys_open_tree
+539 common move_mount sys_move_mount
+540 common fsopen sys_fsopen
+541 common fsconfig sys_fsconfig
+542 common fsmount sys_fsmount
+543 common fspick sys_fspick
diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl
index 0393917eaa57..aaf479a9e92d 100644
--- a/arch/arm/tools/syscall.tbl
+++ b/arch/arm/tools/syscall.tbl
@@ -441,3 +441,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h
index f2a83ff6b73c..70e6882853c0 100644
--- a/arch/arm64/include/asm/unistd.h
+++ b/arch/arm64/include/asm/unistd.h
@@ -44,7 +44,7 @@
#define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5)
#define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800)
-#define __NR_compat_syscalls 428
+#define __NR_compat_syscalls 434
#endif
#define __ARCH_WANT_SYS_CLONE
diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h
index 23f1a44acada..c39e90600bb3 100644
--- a/arch/arm64/include/asm/unistd32.h
+++ b/arch/arm64/include/asm/unistd32.h
@@ -874,6 +874,18 @@ __SYSCALL(__NR_io_uring_setup, sys_io_uring_setup)
__SYSCALL(__NR_io_uring_enter, sys_io_uring_enter)
#define __NR_io_uring_register 427
__SYSCALL(__NR_io_uring_register, sys_io_uring_register)
+#define __NR_open_tree 428
+__SYSCALL(__NR_open_tree, sys_open_tree)
+#define __NR_move_mount 429
+__SYSCALL(__NR_move_mount, sys_move_mount)
+#define __NR_fsopen 430
+__SYSCALL(__NR_fsopen, sys_fsopen)
+#define __NR_fsconfig 431
+__SYSCALL(__NR_fsconfig, sys_fsconfig)
+#define __NR_fsmount 432
+__SYSCALL(__NR_fsmount, sys_fsmount)
+#define __NR_fspick 433
+__SYSCALL(__NR_fspick, sys_fspick)
/*
* Please add new compat syscalls above this comment and update
diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl
index 56e3d0b685e1..e01df3f2f80d 100644
--- a/arch/ia64/kernel/syscalls/syscall.tbl
+++ b/arch/ia64/kernel/syscalls/syscall.tbl
@@ -348,3 +348,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl
index df4ec3ec71d1..7e3d0734b2f3 100644
--- a/arch/m68k/kernel/syscalls/syscall.tbl
+++ b/arch/m68k/kernel/syscalls/syscall.tbl
@@ -427,3 +427,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl
index 4964947732af..26339e417695 100644
--- a/arch/microblaze/kernel/syscalls/syscall.tbl
+++ b/arch/microblaze/kernel/syscalls/syscall.tbl
@@ -433,3 +433,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl
index 9392dfe33f97..0e2dd68ade57 100644
--- a/arch/mips/kernel/syscalls/syscall_n32.tbl
+++ b/arch/mips/kernel/syscalls/syscall_n32.tbl
@@ -366,3 +366,9 @@
425 n32 io_uring_setup sys_io_uring_setup
426 n32 io_uring_enter sys_io_uring_enter
427 n32 io_uring_register sys_io_uring_register
+428 n32 open_tree sys_open_tree
+429 n32 move_mount sys_move_mount
+430 n32 fsopen sys_fsopen
+431 n32 fsconfig sys_fsconfig
+432 n32 fsmount sys_fsmount
+433 n32 fspick sys_fspick
diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl
index cd0c8aa21fba..5eebfa0d155c 100644
--- a/arch/mips/kernel/syscalls/syscall_n64.tbl
+++ b/arch/mips/kernel/syscalls/syscall_n64.tbl
@@ -342,3 +342,9 @@
425 n64 io_uring_setup sys_io_uring_setup
426 n64 io_uring_enter sys_io_uring_enter
427 n64 io_uring_register sys_io_uring_register
+428 n64 open_tree sys_open_tree
+429 n64 move_mount sys_move_mount
+430 n64 fsopen sys_fsopen
+431 n64 fsconfig sys_fsconfig
+432 n64 fsmount sys_fsmount
+433 n64 fspick sys_fspick
diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl
index e849e8ffe4a2..3cc1374e02d0 100644
--- a/arch/mips/kernel/syscalls/syscall_o32.tbl
+++ b/arch/mips/kernel/syscalls/syscall_o32.tbl
@@ -415,3 +415,9 @@
425 o32 io_uring_setup sys_io_uring_setup
426 o32 io_uring_enter sys_io_uring_enter
427 o32 io_uring_register sys_io_uring_register
+428 o32 open_tree sys_open_tree
+429 o32 move_mount sys_move_mount
+430 o32 fsopen sys_fsopen
+431 o32 fsconfig sys_fsconfig
+432 o32 fsmount sys_fsmount
+433 o32 fspick sys_fspick
diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl
index fe8ca623add8..c9e377d59232 100644
--- a/arch/parisc/kernel/syscalls/syscall.tbl
+++ b/arch/parisc/kernel/syscalls/syscall.tbl
@@ -424,3 +424,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl
index 00f5a63c8d9a..103655d84b4b 100644
--- a/arch/powerpc/kernel/syscalls/syscall.tbl
+++ b/arch/powerpc/kernel/syscalls/syscall.tbl
@@ -509,3 +509,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl
index 061418f787c3..e822b2964a83 100644
--- a/arch/s390/kernel/syscalls/syscall.tbl
+++ b/arch/s390/kernel/syscalls/syscall.tbl
@@ -430,3 +430,9 @@
425 common io_uring_setup sys_io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree sys_open_tree
+429 common move_mount sys_move_mount sys_move_mount
+430 common fsopen sys_fsopen sys_fsopen
+431 common fsconfig sys_fsconfig sys_fsconfig
+432 common fsmount sys_fsmount sys_fsmount
+433 common fspick sys_fspick sys_fspick
diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl
index 480b057556ee..016a727d4357 100644
--- a/arch/sh/kernel/syscalls/syscall.tbl
+++ b/arch/sh/kernel/syscalls/syscall.tbl
@@ -430,3 +430,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl
index a1dd24307b00..e047480b1605 100644
--- a/arch/sparc/kernel/syscalls/syscall.tbl
+++ b/arch/sparc/kernel/syscalls/syscall.tbl
@@ -473,3 +473,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl
index 30084eaf8422..5fa0ee1c8e00 100644
--- a/arch/xtensa/kernel/syscalls/syscall.tbl
+++ b/arch/xtensa/kernel/syscalls/syscall.tbl
@@ -398,3 +398,9 @@
425 common io_uring_setup sys_io_uring_setup
426 common io_uring_enter sys_io_uring_enter
427 common io_uring_register sys_io_uring_register
+428 common open_tree sys_open_tree
+429 common move_mount sys_move_mount
+430 common fsopen sys_fsopen
+431 common fsconfig sys_fsconfig
+432 common fsmount sys_fsmount
+433 common fspick sys_fspick
diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h
index dee7292e1df6..a87904daf103 100644
--- a/include/uapi/asm-generic/unistd.h
+++ b/include/uapi/asm-generic/unistd.h
@@ -832,9 +832,21 @@ __SYSCALL(__NR_io_uring_setup, sys_io_uring_setup)
__SYSCALL(__NR_io_uring_enter, sys_io_uring_enter)
#define __NR_io_uring_register 427
__SYSCALL(__NR_io_uring_register, sys_io_uring_register)
+#define __NR_open_tree 428
+__SYSCALL(__NR_open_tree, sys_open_tree)
+#define __NR_move_mount 429
+__SYSCALL(__NR_move_mount, sys_move_mount)
+#define __NR_fsopen 430
+__SYSCALL(__NR_fsopen, sys_fsopen)
+#define __NR_fsconfig 431
+__SYSCALL(__NR_fsconfig, sys_fsconfig)
+#define __NR_fsmount 432
+__SYSCALL(__NR_fsmount, sys_fsmount)
+#define __NR_fspick 433
+__SYSCALL(__NR_fspick, sys_fspick)
#undef __NR_syscalls
-#define __NR_syscalls 428
+#define __NR_syscalls 434
/*
* 32 bit systems traditionally used different
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: [PATCH 4/4] uapi: Wire up the mount API syscalls on non-x86 arches [ver #2]
2019-05-16 11:52 ` [PATCH 4/4] uapi: Wire up the mount API syscalls on non-x86 arches " David Howells
@ 2019-05-16 13:01 ` Christian Brauner
2019-05-16 14:56 ` Geert Uytterhoeven
1 sibling, 0 replies; 20+ messages in thread
From: Christian Brauner @ 2019-05-16 13:01 UTC (permalink / raw)
To: David Howells; +Cc: torvalds, viro, Arnd Bergmann, linux-fsdevel, linux-kernel
On Thu, May 16, 2019 at 12:52:34PM +0100, David Howells wrote:
> Wire up the mount API syscalls on non-x86 arches.
>
> Reported-by: Arnd Bergmann <arnd@arndb.de>
> Signed-off-by: David Howells <dhowells@redhat.com>
> Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christian Brauner <christian@brauner.io>
> ---
>
> arch/alpha/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/arm/tools/syscall.tbl | 6 ++++++
> arch/arm64/include/asm/unistd.h | 2 +-
> arch/arm64/include/asm/unistd32.h | 12 ++++++++++++
> arch/ia64/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/m68k/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/microblaze/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/mips/kernel/syscalls/syscall_n32.tbl | 6 ++++++
> arch/mips/kernel/syscalls/syscall_n64.tbl | 6 ++++++
> arch/mips/kernel/syscalls/syscall_o32.tbl | 6 ++++++
> arch/parisc/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/powerpc/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/s390/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/sh/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/sparc/kernel/syscalls/syscall.tbl | 6 ++++++
> arch/xtensa/kernel/syscalls/syscall.tbl | 6 ++++++
> include/uapi/asm-generic/unistd.h | 14 +++++++++++++-
> 17 files changed, 110 insertions(+), 2 deletions(-)
>
> diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl
> index 165f268beafc..9e7704e44f6d 100644
> --- a/arch/alpha/kernel/syscalls/syscall.tbl
> +++ b/arch/alpha/kernel/syscalls/syscall.tbl
> @@ -467,3 +467,9 @@
> 535 common io_uring_setup sys_io_uring_setup
> 536 common io_uring_enter sys_io_uring_enter
> 537 common io_uring_register sys_io_uring_register
> +538 common open_tree sys_open_tree
> +539 common move_mount sys_move_mount
> +540 common fsopen sys_fsopen
> +541 common fsconfig sys_fsconfig
> +542 common fsmount sys_fsmount
> +543 common fspick sys_fspick
> diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl
> index 0393917eaa57..aaf479a9e92d 100644
> --- a/arch/arm/tools/syscall.tbl
> +++ b/arch/arm/tools/syscall.tbl
> @@ -441,3 +441,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h
> index f2a83ff6b73c..70e6882853c0 100644
> --- a/arch/arm64/include/asm/unistd.h
> +++ b/arch/arm64/include/asm/unistd.h
> @@ -44,7 +44,7 @@
> #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5)
> #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800)
>
> -#define __NR_compat_syscalls 428
> +#define __NR_compat_syscalls 434
> #endif
>
> #define __ARCH_WANT_SYS_CLONE
> diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h
> index 23f1a44acada..c39e90600bb3 100644
> --- a/arch/arm64/include/asm/unistd32.h
> +++ b/arch/arm64/include/asm/unistd32.h
> @@ -874,6 +874,18 @@ __SYSCALL(__NR_io_uring_setup, sys_io_uring_setup)
> __SYSCALL(__NR_io_uring_enter, sys_io_uring_enter)
> #define __NR_io_uring_register 427
> __SYSCALL(__NR_io_uring_register, sys_io_uring_register)
> +#define __NR_open_tree 428
> +__SYSCALL(__NR_open_tree, sys_open_tree)
> +#define __NR_move_mount 429
> +__SYSCALL(__NR_move_mount, sys_move_mount)
> +#define __NR_fsopen 430
> +__SYSCALL(__NR_fsopen, sys_fsopen)
> +#define __NR_fsconfig 431
> +__SYSCALL(__NR_fsconfig, sys_fsconfig)
> +#define __NR_fsmount 432
> +__SYSCALL(__NR_fsmount, sys_fsmount)
> +#define __NR_fspick 433
> +__SYSCALL(__NR_fspick, sys_fspick)
>
> /*
> * Please add new compat syscalls above this comment and update
> diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl
> index 56e3d0b685e1..e01df3f2f80d 100644
> --- a/arch/ia64/kernel/syscalls/syscall.tbl
> +++ b/arch/ia64/kernel/syscalls/syscall.tbl
> @@ -348,3 +348,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl
> index df4ec3ec71d1..7e3d0734b2f3 100644
> --- a/arch/m68k/kernel/syscalls/syscall.tbl
> +++ b/arch/m68k/kernel/syscalls/syscall.tbl
> @@ -427,3 +427,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl
> index 4964947732af..26339e417695 100644
> --- a/arch/microblaze/kernel/syscalls/syscall.tbl
> +++ b/arch/microblaze/kernel/syscalls/syscall.tbl
> @@ -433,3 +433,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl
> index 9392dfe33f97..0e2dd68ade57 100644
> --- a/arch/mips/kernel/syscalls/syscall_n32.tbl
> +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl
> @@ -366,3 +366,9 @@
> 425 n32 io_uring_setup sys_io_uring_setup
> 426 n32 io_uring_enter sys_io_uring_enter
> 427 n32 io_uring_register sys_io_uring_register
> +428 n32 open_tree sys_open_tree
> +429 n32 move_mount sys_move_mount
> +430 n32 fsopen sys_fsopen
> +431 n32 fsconfig sys_fsconfig
> +432 n32 fsmount sys_fsmount
> +433 n32 fspick sys_fspick
> diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl
> index cd0c8aa21fba..5eebfa0d155c 100644
> --- a/arch/mips/kernel/syscalls/syscall_n64.tbl
> +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl
> @@ -342,3 +342,9 @@
> 425 n64 io_uring_setup sys_io_uring_setup
> 426 n64 io_uring_enter sys_io_uring_enter
> 427 n64 io_uring_register sys_io_uring_register
> +428 n64 open_tree sys_open_tree
> +429 n64 move_mount sys_move_mount
> +430 n64 fsopen sys_fsopen
> +431 n64 fsconfig sys_fsconfig
> +432 n64 fsmount sys_fsmount
> +433 n64 fspick sys_fspick
> diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl
> index e849e8ffe4a2..3cc1374e02d0 100644
> --- a/arch/mips/kernel/syscalls/syscall_o32.tbl
> +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl
> @@ -415,3 +415,9 @@
> 425 o32 io_uring_setup sys_io_uring_setup
> 426 o32 io_uring_enter sys_io_uring_enter
> 427 o32 io_uring_register sys_io_uring_register
> +428 o32 open_tree sys_open_tree
> +429 o32 move_mount sys_move_mount
> +430 o32 fsopen sys_fsopen
> +431 o32 fsconfig sys_fsconfig
> +432 o32 fsmount sys_fsmount
> +433 o32 fspick sys_fspick
> diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl
> index fe8ca623add8..c9e377d59232 100644
> --- a/arch/parisc/kernel/syscalls/syscall.tbl
> +++ b/arch/parisc/kernel/syscalls/syscall.tbl
> @@ -424,3 +424,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl
> index 00f5a63c8d9a..103655d84b4b 100644
> --- a/arch/powerpc/kernel/syscalls/syscall.tbl
> +++ b/arch/powerpc/kernel/syscalls/syscall.tbl
> @@ -509,3 +509,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl
> index 061418f787c3..e822b2964a83 100644
> --- a/arch/s390/kernel/syscalls/syscall.tbl
> +++ b/arch/s390/kernel/syscalls/syscall.tbl
> @@ -430,3 +430,9 @@
> 425 common io_uring_setup sys_io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree sys_open_tree
> +429 common move_mount sys_move_mount sys_move_mount
> +430 common fsopen sys_fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount sys_fsmount
> +433 common fspick sys_fspick sys_fspick
> diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl
> index 480b057556ee..016a727d4357 100644
> --- a/arch/sh/kernel/syscalls/syscall.tbl
> +++ b/arch/sh/kernel/syscalls/syscall.tbl
> @@ -430,3 +430,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl
> index a1dd24307b00..e047480b1605 100644
> --- a/arch/sparc/kernel/syscalls/syscall.tbl
> +++ b/arch/sparc/kernel/syscalls/syscall.tbl
> @@ -473,3 +473,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl
> index 30084eaf8422..5fa0ee1c8e00 100644
> --- a/arch/xtensa/kernel/syscalls/syscall.tbl
> +++ b/arch/xtensa/kernel/syscalls/syscall.tbl
> @@ -398,3 +398,9 @@
> 425 common io_uring_setup sys_io_uring_setup
> 426 common io_uring_enter sys_io_uring_enter
> 427 common io_uring_register sys_io_uring_register
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
> diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h
> index dee7292e1df6..a87904daf103 100644
> --- a/include/uapi/asm-generic/unistd.h
> +++ b/include/uapi/asm-generic/unistd.h
> @@ -832,9 +832,21 @@ __SYSCALL(__NR_io_uring_setup, sys_io_uring_setup)
> __SYSCALL(__NR_io_uring_enter, sys_io_uring_enter)
> #define __NR_io_uring_register 427
> __SYSCALL(__NR_io_uring_register, sys_io_uring_register)
> +#define __NR_open_tree 428
> +__SYSCALL(__NR_open_tree, sys_open_tree)
> +#define __NR_move_mount 429
> +__SYSCALL(__NR_move_mount, sys_move_mount)
> +#define __NR_fsopen 430
> +__SYSCALL(__NR_fsopen, sys_fsopen)
> +#define __NR_fsconfig 431
> +__SYSCALL(__NR_fsconfig, sys_fsconfig)
> +#define __NR_fsmount 432
> +__SYSCALL(__NR_fsmount, sys_fsmount)
> +#define __NR_fspick 433
> +__SYSCALL(__NR_fspick, sys_fspick)
>
> #undef __NR_syscalls
> -#define __NR_syscalls 428
> +#define __NR_syscalls 434
>
> /*
> * 32 bit systems traditionally used different
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 4/4] uapi: Wire up the mount API syscalls on non-x86 arches [ver #2]
2019-05-16 11:52 ` [PATCH 4/4] uapi: Wire up the mount API syscalls on non-x86 arches " David Howells
2019-05-16 13:01 ` Christian Brauner
@ 2019-05-16 14:56 ` Geert Uytterhoeven
2019-05-16 14:59 ` Christian Brauner
1 sibling, 1 reply; 20+ messages in thread
From: Geert Uytterhoeven @ 2019-05-16 14:56 UTC (permalink / raw)
To: David Howells, Christian Brauner
Cc: torvalds, Al Viro, Arnd Bergmann, Linux FS Devel,
Linux Kernel Mailing List
Hi David, Christian,
On Thu, May 16, 2019 at 1:54 PM David Howells <dhowells@redhat.com> wrote:
> Wire up the mount API syscalls on non-x86 arches.
>
> Reported-by: Arnd Bergmann <arnd@arndb.de>
> Signed-off-by: David Howells <dhowells@redhat.com>
> Reviewed-by: Arnd Bergmann <arnd@arndb.de>
> +428 common open_tree sys_open_tree
> +429 common move_mount sys_move_mount
> +430 common fsopen sys_fsopen
> +431 common fsconfig sys_fsconfig
> +432 common fsmount sys_fsmount
> +433 common fspick sys_fspick
The first number conflicts with "[PATCH v1 1/2] pid: add pidfd_open()".
Note that none of this is part of linux-next.
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 4/4] uapi: Wire up the mount API syscalls on non-x86 arches [ver #2]
2019-05-16 14:56 ` Geert Uytterhoeven
@ 2019-05-16 14:59 ` Christian Brauner
0 siblings, 0 replies; 20+ messages in thread
From: Christian Brauner @ 2019-05-16 14:59 UTC (permalink / raw)
To: Geert Uytterhoeven
Cc: David Howells, torvalds, Al Viro, Arnd Bergmann, Linux FS Devel,
Linux Kernel Mailing List
On Thu, May 16, 2019 at 04:56:10PM +0200, Geert Uytterhoeven wrote:
> Hi David, Christian,
>
> On Thu, May 16, 2019 at 1:54 PM David Howells <dhowells@redhat.com> wrote:
> > Wire up the mount API syscalls on non-x86 arches.
> >
> > Reported-by: Arnd Bergmann <arnd@arndb.de>
> > Signed-off-by: David Howells <dhowells@redhat.com>
> > Reviewed-by: Arnd Bergmann <arnd@arndb.de>
>
> > +428 common open_tree sys_open_tree
> > +429 common move_mount sys_move_mount
> > +430 common fsopen sys_fsopen
> > +431 common fsconfig sys_fsconfig
> > +432 common fsmount sys_fsmount
> > +433 common fspick sys_fspick
>
> The first number conflicts with "[PATCH v1 1/2] pid: add pidfd_open()".
>
> Note that none of this is part of linux-next.
Yep, already spotted this thanks to Arnd.
David, there's nothing you need to do of course. I'll change the syscall
number for pidfd_open(). Your patchset obviously has priority!
Thanks!
Christian
>
> Gr{oetje,eeting}s,
>
> Geert
>
>
> --
> Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org
>
> In personal conversations with technical people, I call myself a hacker. But
> when I'm talking to journalists I just say "programmer" or something like that.
> -- Linus Torvalds
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 11:52 [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2] David Howells
` (3 preceding siblings ...)
2019-05-16 11:52 ` [PATCH 4/4] uapi: Wire up the mount API syscalls on non-x86 arches " David Howells
@ 2019-05-16 16:22 ` Al Viro
2019-05-16 16:31 ` Al Viro
2019-05-16 16:31 ` Christian Brauner
4 siblings, 2 replies; 20+ messages in thread
From: Al Viro @ 2019-05-16 16:22 UTC (permalink / raw)
To: David Howells
Cc: torvalds, Christian Brauner, Arnd Bergmann, linux-fsdevel, linux-kernel
On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote:
>
> Hi Linus, Al,
>
> Here are some patches that make changes to the mount API UAPI and two of
> them really need applying, before -rc1 - if they're going to be applied at
> all.
I'm fine with 2--4, but I'm not convinced that cloexec-by-default crusade
makes any sense. Could somebody give coherent arguments in favour of
abandoning the existing conventions?
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 16:22 ` [PATCH 0/4] uapi, vfs: Change the mount API UAPI " Al Viro
@ 2019-05-16 16:31 ` Al Viro
2019-05-16 16:31 ` Christian Brauner
1 sibling, 0 replies; 20+ messages in thread
From: Al Viro @ 2019-05-16 16:31 UTC (permalink / raw)
To: David Howells
Cc: torvalds, Christian Brauner, Arnd Bergmann, linux-fsdevel, linux-kernel
On Thu, May 16, 2019 at 05:22:59PM +0100, Al Viro wrote:
> On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote:
> >
> > Hi Linus, Al,
> >
> > Here are some patches that make changes to the mount API UAPI and two of
> > them really need applying, before -rc1 - if they're going to be applied at
> > all.
>
> I'm fine with 2--4, but I'm not convinced that cloexec-by-default crusade
> makes any sense. Could somebody give coherent arguments in favour of
> abandoning the existing conventions?
To elaborate: existing syscalls (open, socket, pipe, accept, epoll_create,
etc., etc.) are not cloexec-by-default and that's not going to change,
simply because it would be break the living hell out of existing userland
code.
IOW, the userland has to worry about leaking stuff over sensitive execve(),
no matter what. All this change does is complicate things for userland
programmer - which syscall belongs to which class.
Where's the benefit? I could buy an argument about gradually changing
over to APIs that are cloexec-by-default across the board, except for
the obvious fact that it's not going to happen; not with the things
like open() involved.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 16:22 ` [PATCH 0/4] uapi, vfs: Change the mount API UAPI " Al Viro
2019-05-16 16:31 ` Al Viro
@ 2019-05-16 16:31 ` Christian Brauner
2019-05-16 16:50 ` Al Viro
1 sibling, 1 reply; 20+ messages in thread
From: Christian Brauner @ 2019-05-16 16:31 UTC (permalink / raw)
To: Al Viro
Cc: David Howells, torvalds, Arnd Bergmann, linux-fsdevel, linux-kernel
On Thu, May 16, 2019 at 05:22:59PM +0100, Al Viro wrote:
> On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote:
> >
> > Hi Linus, Al,
> >
> > Here are some patches that make changes to the mount API UAPI and two of
> > them really need applying, before -rc1 - if they're going to be applied at
> > all.
>
> I'm fine with 2--4, but I'm not convinced that cloexec-by-default crusade
> makes any sense. Could somebody give coherent arguments in favour of
> abandoning the existing conventions?
So as I said in the commit message. From a userspace perspective it's
more of an issue if one accidently leaks an fd to a task during exec.
Also, most of the time one does not want to inherit an fd during an
exec. It is a hazzle to always have to specify an extra flag.
As Al pointed out to me open() semantics are not going anywhere. Sure,
no argument there at all.
But the idea of making fds cloexec by default is only targeted at fds
that come from separate syscalls. fsopen(), open_tree_clone(), etc. they
all return fds independent of open() so it's really easy to have them
cloexec by default without regressing anyone and we also remove the need
for a bunch of separate flags for each syscall to turn them into
cloexec-fds. I mean, those for syscalls came with 4 separate flags to be
able to specify that the returned fd should be made cloexec. The other
way around, cloexec by default, fcntl() to remove the cloexec bit is way
saner imho.
Christian
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 16:31 ` Christian Brauner
@ 2019-05-16 16:50 ` Al Viro
2019-05-16 17:01 ` Christian Brauner
` (3 more replies)
0 siblings, 4 replies; 20+ messages in thread
From: Al Viro @ 2019-05-16 16:50 UTC (permalink / raw)
To: Christian Brauner
Cc: David Howells, torvalds, Arnd Bergmann, linux-fsdevel,
linux-kernel, linux-abi
[linux-abi cc'd]
On Thu, May 16, 2019 at 06:31:52PM +0200, Christian Brauner wrote:
> On Thu, May 16, 2019 at 05:22:59PM +0100, Al Viro wrote:
> > On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote:
> > >
> > > Hi Linus, Al,
> > >
> > > Here are some patches that make changes to the mount API UAPI and two of
> > > them really need applying, before -rc1 - if they're going to be applied at
> > > all.
> >
> > I'm fine with 2--4, but I'm not convinced that cloexec-by-default crusade
> > makes any sense. Could somebody give coherent arguments in favour of
> > abandoning the existing conventions?
>
> So as I said in the commit message. From a userspace perspective it's
> more of an issue if one accidently leaks an fd to a task during exec.
>
> Also, most of the time one does not want to inherit an fd during an
> exec. It is a hazzle to always have to specify an extra flag.
>
> As Al pointed out to me open() semantics are not going anywhere. Sure,
> no argument there at all.
> But the idea of making fds cloexec by default is only targeted at fds
> that come from separate syscalls. fsopen(), open_tree_clone(), etc. they
> all return fds independent of open() so it's really easy to have them
> cloexec by default without regressing anyone and we also remove the need
> for a bunch of separate flags for each syscall to turn them into
> cloexec-fds. I mean, those for syscalls came with 4 separate flags to be
> able to specify that the returned fd should be made cloexec. The other
> way around, cloexec by default, fcntl() to remove the cloexec bit is way
> saner imho.
Re separate flags - it is, in principle, a valid argument. OTOH, I'm not
sure if they need to be separate - they all have the same value and
I don't see any reason for that to change...
Only tangentially related, but I wonder if something like close_range(from, to)
would be a more useful approach... That kind of open-coded loops is not
rare in userland and kernel-side code can do them much cheaper. Something
like
/* that exec is sensitive */
unshare(CLONE_FILES);
/* we don't want anything past stderr here */
close_range(3, ~0U);
execve(....);
on the userland side of thing. Comments?
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 16:50 ` Al Viro
@ 2019-05-16 17:01 ` Christian Brauner
2019-05-16 20:23 ` Dmitry V. Levin
` (2 subsequent siblings)
3 siblings, 0 replies; 20+ messages in thread
From: Christian Brauner @ 2019-05-16 17:01 UTC (permalink / raw)
To: Al Viro
Cc: David Howells, torvalds, Arnd Bergmann, linux-fsdevel,
linux-kernel, linux-abi
On May 16, 2019 6:50:22 PM GMT+02:00, Al Viro <viro@zeniv.linux.org.uk> wrote:
>[linux-abi cc'd]
>
>On Thu, May 16, 2019 at 06:31:52PM +0200, Christian Brauner wrote:
>> On Thu, May 16, 2019 at 05:22:59PM +0100, Al Viro wrote:
>> > On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote:
>> > >
>> > > Hi Linus, Al,
>> > >
>> > > Here are some patches that make changes to the mount API UAPI and
>two of
>> > > them really need applying, before -rc1 - if they're going to be
>applied at
>> > > all.
>> >
>> > I'm fine with 2--4, but I'm not convinced that cloexec-by-default
>crusade
>> > makes any sense. Could somebody give coherent arguments in favour
>of
>> > abandoning the existing conventions?
>>
>> So as I said in the commit message. From a userspace perspective it's
>> more of an issue if one accidently leaks an fd to a task during exec.
>>
>> Also, most of the time one does not want to inherit an fd during an
>> exec. It is a hazzle to always have to specify an extra flag.
>>
>> As Al pointed out to me open() semantics are not going anywhere.
>Sure,
>> no argument there at all.
>> But the idea of making fds cloexec by default is only targeted at fds
>> that come from separate syscalls. fsopen(), open_tree_clone(), etc.
>they
>> all return fds independent of open() so it's really easy to have them
>> cloexec by default without regressing anyone and we also remove the
>need
>> for a bunch of separate flags for each syscall to turn them into
>> cloexec-fds. I mean, those for syscalls came with 4 separate flags to
>be
>> able to specify that the returned fd should be made cloexec. The
>other
>> way around, cloexec by default, fcntl() to remove the cloexec bit is
>way
>> saner imho.
>
>Re separate flags - it is, in principle, a valid argument. OTOH, I'm
>not
>sure if they need to be separate - they all have the same value and
>I don't see any reason for that to change...
>
>Only tangentially related, but I wonder if something like
>close_range(from, to)
>would be a more useful approach... That kind of open-coded loops is
>not
>rare in userland and kernel-side code can do them much cheaper.
>Something
>like
> /* that exec is sensitive */
> unshare(CLONE_FILES);
> /* we don't want anything past stderr here */
> close_range(3, ~0U);
> execve(....);
>on the userland side of thing. Comments?
Very much in favor of that!
That'd be a neat new addition.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 16:50 ` Al Viro
2019-05-16 17:01 ` Christian Brauner
@ 2019-05-16 20:23 ` Dmitry V. Levin
2019-05-17 6:54 ` Christian Brauner
2019-05-17 7:01 ` Christian Brauner
2019-05-17 7:13 ` David Howells
3 siblings, 1 reply; 20+ messages in thread
From: Dmitry V. Levin @ 2019-05-16 20:23 UTC (permalink / raw)
To: Al Viro
Cc: Christian Brauner, David Howells, torvalds, Arnd Bergmann,
linux-fsdevel, linux-kernel, linux-api
[looks like linux-abi is a typo, Cc'ed linux-api instead]
On Thu, May 16, 2019 at 05:50:22PM +0100, Al Viro wrote:
> [linux-abi cc'd]
>
> On Thu, May 16, 2019 at 06:31:52PM +0200, Christian Brauner wrote:
> > On Thu, May 16, 2019 at 05:22:59PM +0100, Al Viro wrote:
> > > On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote:
> > > >
> > > > Hi Linus, Al,
> > > >
> > > > Here are some patches that make changes to the mount API UAPI and two of
> > > > them really need applying, before -rc1 - if they're going to be applied at
> > > > all.
> > >
> > > I'm fine with 2--4, but I'm not convinced that cloexec-by-default crusade
> > > makes any sense. Could somebody give coherent arguments in favour of
> > > abandoning the existing conventions?
> >
> > So as I said in the commit message. From a userspace perspective it's
> > more of an issue if one accidently leaks an fd to a task during exec.
> >
> > Also, most of the time one does not want to inherit an fd during an
> > exec. It is a hazzle to always have to specify an extra flag.
> >
> > As Al pointed out to me open() semantics are not going anywhere. Sure,
> > no argument there at all.
> > But the idea of making fds cloexec by default is only targeted at fds
> > that come from separate syscalls. fsopen(), open_tree_clone(), etc. they
> > all return fds independent of open() so it's really easy to have them
> > cloexec by default without regressing anyone and we also remove the need
> > for a bunch of separate flags for each syscall to turn them into
> > cloexec-fds. I mean, those for syscalls came with 4 separate flags to be
> > able to specify that the returned fd should be made cloexec. The other
> > way around, cloexec by default, fcntl() to remove the cloexec bit is way
> > saner imho.
>
> Re separate flags - it is, in principle, a valid argument. OTOH, I'm not
> sure if they need to be separate - they all have the same value and
> I don't see any reason for that to change...
>
> Only tangentially related, but I wonder if something like close_range(from, to)
> would be a more useful approach... That kind of open-coded loops is not
> rare in userland and kernel-side code can do them much cheaper. Something
> like
> /* that exec is sensitive */
> unshare(CLONE_FILES);
> /* we don't want anything past stderr here */
> close_range(3, ~0U);
> execve(....);
> on the userland side of thing. Comments?
glibc people need a syscall to implement closefrom properly, see
https://sourceware.org/bugzilla/show_bug.cgi?id=10353#c14
--
ldv
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 20:23 ` Dmitry V. Levin
@ 2019-05-17 6:54 ` Christian Brauner
0 siblings, 0 replies; 20+ messages in thread
From: Christian Brauner @ 2019-05-17 6:54 UTC (permalink / raw)
To: Dmitry V. Levin, Al Viro
Cc: David Howells, torvalds, Arnd Bergmann, linux-fsdevel,
linux-kernel, linux-api
On May 16, 2019 10:23:31 PM GMT+02:00, "Dmitry V. Levin" <ldv@altlinux.org> wrote:
>[looks like linux-abi is a typo, Cc'ed linux-api instead]
>
>On Thu, May 16, 2019 at 05:50:22PM +0100, Al Viro wrote:
>> [linux-abi cc'd]
>>
>> On Thu, May 16, 2019 at 06:31:52PM +0200, Christian Brauner wrote:
>> > On Thu, May 16, 2019 at 05:22:59PM +0100, Al Viro wrote:
>> > > On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote:
>> > > >
>> > > > Hi Linus, Al,
>> > > >
>> > > > Here are some patches that make changes to the mount API UAPI
>and two of
>> > > > them really need applying, before -rc1 - if they're going to be
>applied at
>> > > > all.
>> > >
>> > > I'm fine with 2--4, but I'm not convinced that cloexec-by-default
>crusade
>> > > makes any sense. Could somebody give coherent arguments in
>favour of
>> > > abandoning the existing conventions?
>> >
>> > So as I said in the commit message. From a userspace perspective
>it's
>> > more of an issue if one accidently leaks an fd to a task during
>exec.
>> >
>> > Also, most of the time one does not want to inherit an fd during an
>> > exec. It is a hazzle to always have to specify an extra flag.
>> >
>> > As Al pointed out to me open() semantics are not going anywhere.
>Sure,
>> > no argument there at all.
>> > But the idea of making fds cloexec by default is only targeted at
>fds
>> > that come from separate syscalls. fsopen(), open_tree_clone(), etc.
>they
>> > all return fds independent of open() so it's really easy to have
>them
>> > cloexec by default without regressing anyone and we also remove the
>need
>> > for a bunch of separate flags for each syscall to turn them into
>> > cloexec-fds. I mean, those for syscalls came with 4 separate flags
>to be
>> > able to specify that the returned fd should be made cloexec. The
>other
>> > way around, cloexec by default, fcntl() to remove the cloexec bit
>is way
>> > saner imho.
>>
>> Re separate flags - it is, in principle, a valid argument. OTOH, I'm
>not
>> sure if they need to be separate - they all have the same value and
>> I don't see any reason for that to change...
>>
>> Only tangentially related, but I wonder if something like
>close_range(from, to)
>> would be a more useful approach... That kind of open-coded loops is
>not
>> rare in userland and kernel-side code can do them much cheaper.
>Something
>> like
>> /* that exec is sensitive */
>> unshare(CLONE_FILES);
>> /* we don't want anything past stderr here */
>> close_range(3, ~0U);
>> execve(....);
>> on the userland side of thing. Comments?
>
>glibc people need a syscall to implement closefrom properly, see
>https://sourceware.org/bugzilla/show_bug.cgi?id=10353#c14
I have a prototype for close_range().
I'll send it out after rc1.
Christian
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 16:50 ` Al Viro
2019-05-16 17:01 ` Christian Brauner
2019-05-16 20:23 ` Dmitry V. Levin
@ 2019-05-17 7:01 ` Christian Brauner
2019-05-17 7:13 ` David Howells
3 siblings, 0 replies; 20+ messages in thread
From: Christian Brauner @ 2019-05-17 7:01 UTC (permalink / raw)
To: Al Viro
Cc: David Howells, torvalds, Arnd Bergmann, linux-fsdevel,
linux-kernel, linux-api
On May 16, 2019 6:50:22 PM GMT+02:00, Al Viro <viro@zeniv.linux.org.uk> wrote:
>[linux-abi cc'd]
>
>On Thu, May 16, 2019 at 06:31:52PM +0200, Christian Brauner wrote:
>> On Thu, May 16, 2019 at 05:22:59PM +0100, Al Viro wrote:
>> > On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote:
>> > >
>> > > Hi Linus, Al,
>> > >
>> > > Here are some patches that make changes to the mount API UAPI and
>two of
>> > > them really need applying, before -rc1 - if they're going to be
>applied at
>> > > all.
>> >
>> > I'm fine with 2--4, but I'm not convinced that cloexec-by-default
>crusade
>> > makes any sense. Could somebody give coherent arguments in favour
>of
>> > abandoning the existing conventions?
>>
>> So as I said in the commit message. From a userspace perspective it's
>> more of an issue if one accidently leaks an fd to a task during exec.
>>
>> Also, most of the time one does not want to inherit an fd during an
>> exec. It is a hazzle to always have to specify an extra flag.
>>
>> As Al pointed out to me open() semantics are not going anywhere.
>Sure,
>> no argument there at all.
>> But the idea of making fds cloexec by default is only targeted at fds
>> that come from separate syscalls. fsopen(), open_tree_clone(), etc.
>they
>> all return fds independent of open() so it's really easy to have them
>> cloexec by default without regressing anyone and we also remove the
>need
>> for a bunch of separate flags for each syscall to turn them into
>> cloexec-fds. I mean, those for syscalls came with 4 separate flags to
>be
>> able to specify that the returned fd should be made cloexec. The
>other
>> way around, cloexec by default, fcntl() to remove the cloexec bit is
>way
>> saner imho.
>
>Re separate flags - it is, in principle, a valid argument. OTOH, I'm
>not
>sure if they need to be separate - they all have the same value and
>I don't see any reason for that to change...
One last thing I'd like to point out is that
we already have syscalls and ioctls that
return cloexec fds. So the consistency
argument is kinda dead.
If you still prefer to have cloexec flags
for the 4 new syscalls then yes,
if they could at least all have the same name
(FSMOUNT_CLOEXEC?) that would be good.
>
>Only tangentially related, but I wonder if something like
>close_range(from, to)
>would be a more useful approach... That kind of open-coded loops is
>not
>rare in userland and kernel-side code can do them much cheaper.
>Something
>like
> /* that exec is sensitive */
> unshare(CLONE_FILES);
> /* we don't want anything past stderr here */
> close_range(3, ~0U);
> execve(....);
>on the userland side of thing. Comments?
Said it before but, the list was mistyped so again:
I think that's a great idea.
I have a prototype for close_range(start, end, flags).
I'll wait after rc1 and then send it out.
Christian
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-16 16:50 ` Al Viro
` (2 preceding siblings ...)
2019-05-17 7:01 ` Christian Brauner
@ 2019-05-17 7:13 ` David Howells
2019-05-17 7:25 ` Miklos Szeredi
2019-05-17 7:27 ` Christian Brauner
3 siblings, 2 replies; 20+ messages in thread
From: David Howells @ 2019-05-17 7:13 UTC (permalink / raw)
To: Christian Brauner
Cc: dhowells, Al Viro, torvalds, Arnd Bergmann, linux-fsdevel,
linux-kernel, linux-api
Christian Brauner <christian@brauner.io> wrote:
> If you still prefer to have cloexec flags
> for the 4 new syscalls then yes,
> if they could at least all have the same name
> (FSMOUNT_CLOEXEC?) that would be good.
They don't all have the same value (see OPEN_TREE_CLOEXEC).
Note that I also don't want to blindly #define them to O_CLOEXEC because it's
not necessarily the same value on all arches. Currently it can be 02000000,
010000000 or 0x400000 for instance, which means that if it's sharing a mask
with other flags, at least three bits have to be reserved for it or we have to
have arch-dependent bit juggling.
One thing I like about your approach of just making them O_CLOEXEC by default
and removing the constants is that it avoids this mess entirely.
David
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-17 7:13 ` David Howells
@ 2019-05-17 7:25 ` Miklos Szeredi
2019-05-17 7:27 ` Christian Brauner
1 sibling, 0 replies; 20+ messages in thread
From: Miklos Szeredi @ 2019-05-17 7:25 UTC (permalink / raw)
To: David Howells
Cc: Christian Brauner, Al Viro, Linus Torvalds, Arnd Bergmann,
linux-fsdevel, linux-kernel, linux-api
On Fri, May 17, 2019 at 9:13 AM David Howells <dhowells@redhat.com> wrote:
>
> Christian Brauner <christian@brauner.io> wrote:
>
> > If you still prefer to have cloexec flags
> > for the 4 new syscalls then yes,
> > if they could at least all have the same name
> > (FSMOUNT_CLOEXEC?) that would be good.
>
> They don't all have the same value (see OPEN_TREE_CLOEXEC).
>
> Note that I also don't want to blindly #define them to O_CLOEXEC because it's
> not necessarily the same value on all arches. Currently it can be 02000000,
> 010000000 or 0x400000 for instance, which means that if it's sharing a mask
> with other flags, at least three bits have to be reserved for it or we have to
> have arch-dependent bit juggling.
>
> One thing I like about your approach of just making them O_CLOEXEC by default
> and removing the constants is that it avoids this mess entirely.
+1.
Confusion caused by inconsistency of naming is going to hurt more than
inconsistency of semantics wrt. open(2).
Thanks,
Miklos
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2]
2019-05-17 7:13 ` David Howells
2019-05-17 7:25 ` Miklos Szeredi
@ 2019-05-17 7:27 ` Christian Brauner
1 sibling, 0 replies; 20+ messages in thread
From: Christian Brauner @ 2019-05-17 7:27 UTC (permalink / raw)
To: David Howells
Cc: dhowells, Al Viro, torvalds, Arnd Bergmann, linux-fsdevel,
linux-kernel, linux-api
On May 17, 2019 9:13:26 AM GMT+02:00, David Howells <dhowells@redhat.com> wrote:
>Christian Brauner <christian@brauner.io> wrote:
>
>> If you still prefer to have cloexec flags
>> for the 4 new syscalls then yes,
>> if they could at least all have the same name
>> (FSMOUNT_CLOEXEC?) that would be good.
>
>They don't all have the same value (see OPEN_TREE_CLOEXEC).
>
>Note that I also don't want to blindly #define them to O_CLOEXEC
>because it's
>not necessarily the same value on all arches. Currently it can be
>02000000,
>010000000 or 0x400000 for instance, which means that if it's sharing a
>mask
>with other flags, at least three bits have to be reserved for it or we
>have to
>have arch-dependent bit juggling.
Ugh. Right, I forgot about that entirely.
Christian
>
>One thing I like about your approach of just making them O_CLOEXEC by
>default
>and removing the constants is that it avoids this mess entirely.
>
>David
^ permalink raw reply [flat|nested] 20+ messages in thread