From: "Mickaël Salaün" <mic@digikod.net>
To: "Alejandro Colomar" <alx.manpages@gmail.com>,
"Günther Noack" <gnoack3000@gmail.com>
Cc: linux-man@vger.kernel.org
Subject: Re: [PATCH v6 1/1] landlock.7: Explain the best-effort fallback mechanism in the example
Date: Mon, 17 Apr 2023 22:54:04 +0200 [thread overview]
Message-ID: <dca3298a-c65a-1270-6540-7ec66feb0c49@digikod.net> (raw)
In-Reply-To: <31ecebc5-1b97-b610-a097-f260ec4d4c8d@gmail.com>
On 17/04/2023 19:24, Alejandro Colomar wrote:
> Hello Günther!
>
> On 4/15/23 09:16, Günther Noack wrote:
>> Hello Alejandro!
>>
>>>> +if (abi <= 0) {
>>>> + perror("Giving up \- No Landlock support");
>>>
>>> Using perror(3) will already print "Operation not supported", since
>>> errno is ENOTSUP. Maybe this string is redundant? How about the
>>> following?
>>>
>>> perror("landlock_create_ruleset"); // EOPNOTSUPP
>>
>> The fallback code assumes that we don't know the kernel that we run on,
>> so in practice we also have to handle ENOSYS.
>>
>> See https://docs.kernel.org/userspace-api/landlock.html#landlock-abi-versions
>>
>> I'd suggest to just make it more explicit here that it can be two
>> different error codes:
>>
>> if (abi <= 0) {
>> /* ENOTSUP or ENOSYS */
>> perror("Giving up \- No Landlock support");
>> }
>>
>> Does that sound reasonable?
>
> Sounds reasonable (with a call to exit(3) too).
>
> BTW, now I see ENOSYS is not documented in syscall(2) (there's actually no
> ERRORS section there). Should we add it?
>
>>
>>
>>> BTW, now I checked that while in Linux ENOTSUP and EOPNOTSUPP are
>>> equivalent, in POSIX the latter has a connotation that it's about
For Linux:
#define EOPNOTSUPP 95 /* Operation not supported on transport endpoint */
#define ENOTSUPP 524 /* Operation is not supported */
EOPNOTSUPP is not only used for network error, but to identify generic
unsupported operations, while ENOTSUPP was initially dedicated to NFS
error (but now also slipped to other areas)
>>> sockets. Should we document ENOTSUP in landlock_create_ruleset(2)
>>> instead of EOPNOTSUPP? >>
>> EOPNOTSUP is also used in Landlock's kernel documentation,
>> we'd maybe have to update it there as well.
>> I'll have a look at what is more common.
>
> Thanks. In the man pages I see both often, so maybe we need to fix
> consistency there too.
No, ENOTSUP*P* is not used by Landlock.
next prev parent reply other threads:[~2023-04-17 21:05 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-14 15:59 [PATCH v6 0/1] landlock.7: Explain best-effort fallback in example Günther Noack
2023-04-14 15:59 ` [PATCH v6 1/1] landlock.7: Explain the best-effort fallback mechanism in the example Günther Noack
2023-04-14 16:35 ` Alejandro Colomar
2023-04-15 7:16 ` Günther Noack
2023-04-17 17:24 ` Alejandro Colomar
2023-04-17 20:54 ` Mickaël Salaün [this message]
2023-04-18 14:37 ` Alejandro Colomar
2023-04-18 20:50 ` Mickaël Salaün
2023-04-18 20:54 ` Alejandro Colomar
2023-04-18 20:55 ` Alejandro Colomar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dca3298a-c65a-1270-6540-7ec66feb0c49@digikod.net \
--to=mic@digikod.net \
--cc=alx.manpages@gmail.com \
--cc=gnoack3000@gmail.com \
--cc=linux-man@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).