2019-06-26 14:10:10

by Christian Brauner

[permalink] [raw]
Subject: [GIT PULL] fixes for v5.2-rc7

Hi Linus,

This pull request removes the validation of the pidfd return argument if
CLONE_PIDFD is specified:

The following changes since commit 4b972a01a7da614b4796475f933094751a295a2f:

Linux 5.2-rc6 (2019-06-22 16:01:36 -0700)

are available in the Git repository at:

[email protected]:pub/scm/linux/kernel/git/brauner/linux tags/for-linus-20190626

for you to fetch changes up to bee19cd8f241ab3cd1bf79e03884e5371f9ef514:

samples: make pidfd-metadata fail gracefully on older kernels (2019-06-24 15:55:50 +0200)

Userspace tools and libraries such as strace or glibc need a cheap and
reliable way to tell whether CLONE_PIDFD is supported.
The easiest way is to pass an invalid fd value in the return argument,
perform the syscall and verify the value in the return argument has been
changed to a valid fd.

However, if CLONE_PIDFD is specified we currently check if pidfd == 0 and
return EINVAL if not.

The check for pidfd == 0 was originally added to enable us to abuse the
return argument for passing additional flags along with CLONE_PIDFD in the
future.

However, extending legacy clone this way would be a terrible idea and with
clone3 on the horizon and the ability to reuse CLONE_DETACHED with
CLONE_PIDFD there's no real need for this clutch. So remove the pidfd == 0
check and help userspace out.

Please consider pulling these changes from the signed for-linus-20190626 tag.

Thanks!
Christian

----------------------------------------------------------------
for-linus-20190626

----------------------------------------------------------------
Dmitry V. Levin (2):
fork: don't check parent_tidptr with CLONE_PIDFD
samples: make pidfd-metadata fail gracefully on older kernels

kernel/fork.c | 12 ------------
samples/pidfd/pidfd-metadata.c | 8 ++++++--
2 files changed, 6 insertions(+), 14 deletions(-)


2019-06-27 04:58:31

by Christian Brauner

[permalink] [raw]
Subject: Re: [GIT PULL] fixes for v5.2-rc7

On Wed, Jun 26, 2019 at 04:07:33PM +0200, Christian Brauner wrote:
> Hi Linus,
>
> This pull request removes the validation of the pidfd return argument if
> CLONE_PIDFD is specified:
>
> The following changes since commit 4b972a01a7da614b4796475f933094751a295a2f:
>
> Linux 5.2-rc6 (2019-06-22 16:01:36 -0700)
>
> are available in the Git repository at:
>
> [email protected]:pub/scm/linux/kernel/git/brauner/linux tags/for-linus-20190626
>
> for you to fetch changes up to bee19cd8f241ab3cd1bf79e03884e5371f9ef514:
>
> samples: make pidfd-metadata fail gracefully on older kernels (2019-06-24 15:55:50 +0200)
>
> Userspace tools and libraries such as strace or glibc need a cheap and
> reliable way to tell whether CLONE_PIDFD is supported.
> The easiest way is to pass an invalid fd value in the return argument,
> perform the syscall and verify the value in the return argument has been
> changed to a valid fd.
>
> However, if CLONE_PIDFD is specified we currently check if pidfd == 0 and
> return EINVAL if not.
>
> The check for pidfd == 0 was originally added to enable us to abuse the
> return argument for passing additional flags along with CLONE_PIDFD in the
> future.
>
> However, extending legacy clone this way would be a terrible idea and with
> clone3 on the horizon and the ability to reuse CLONE_DETACHED with
> CLONE_PIDFD there's no real need for this clutch. So remove the pidfd == 0
> check and help userspace out.
>
> Please consider pulling these changes from the signed for-linus-20190626 tag.

Al has another patch that removes the use of anon_inode_getfd() for the
sake of anon_inode_getfile() + fd_install() to avoid the use of
ksys_close().
I'll put it in my fixes branch and send a new PR with all those fixes in
a few hours.

Thanks!
Christian

2019-06-27 11:27:01

by Christian Brauner

[permalink] [raw]
Subject: [GIT PULL] fixes for v5.2-rc7

Hi Linus,

This contains a couple of fixes for the pidfd api by Dmitry, Al, and
myself:

The following changes since commit 4b972a01a7da614b4796475f933094751a295a2f:

Linux 5.2-rc6 (2019-06-22 16:01:36 -0700)

are available in the Git repository at:

[email protected]:pub/scm/linux/kernel/git/brauner/linux tags/for-linus-20190627

for you to fetch changes up to 30d158b143b6575261ab610ae7b1b4f7fe3830b3:

proc: remove useless d_is_dir() check (2019-06-27 12:25:09 +0200)

/* Remove check for pidfd == 0 with CLONE_PIDFD */
Userspace tools and libraries such as strace or glibc need a cheap and
reliable way to tell whether CLONE_PIDFD is supported.
The easiest way is to pass an invalid fd value in the return argument,
perform the syscall and verify the value in the return argument has been
changed to a valid fd.

However, if CLONE_PIDFD is specified we currently check if pidfd == 0 and
return EINVAL if not.

The check for pidfd == 0 was originally added to enable us to abuse the
return argument for passing additional flags along with CLONE_PIDFD in the
future.

Since extending legacy clone this way would be a terrible idea and with
clone3 on the horizon and the ability to reuse CLONE_DETACHED with
CLONE_PIDFD there's no real need for this clutch. So remove the pidfd == 0
check and help userspace out.

/* Avoid using anon_inode_getfd() and ksys_close() */
Accordig to Al, anon_inode_getfd() should only be used past the point of no
failure and ksys_close() should not be used at all since it is far too easy
to get wrong. Al's motto being "basically, once it's in descriptor table,
it's out of your control".
So Al's patch switches back to what we already had in v1 of the original
patchset and uses a anon_inode_getfile() + put_user() + fd_install()
sequence in the success path and a fput() + put_unused_fd() in the failure
path.

The other two changes should be trivial.

Please consider pulling these changes from the signed for-linus-20190627 tag.

Thanks!
Christian

----------------------------------------------------------------
for-linus-20190627

----------------------------------------------------------------
Al Viro (1):
copy_process(): don't use ksys_close() on cleanups

Christian Brauner (1):
proc: remove useless d_is_dir() check

Dmitry V. Levin (2):
fork: don't check parent_tidptr with CLONE_PIDFD
samples: make pidfd-metadata fail gracefully on older kernels

fs/proc/base.c | 3 +--
kernel/fork.c | 58 +++++++++++++-----------------------------
samples/pidfd/pidfd-metadata.c | 8 ++++--
3 files changed, 25 insertions(+), 44 deletions(-)

2019-06-28 00:55:31

by pr-tracker-bot

[permalink] [raw]
Subject: Re: [GIT PULL] fixes for v5.2-rc7

The pull request you sent on Thu, 27 Jun 2019 13:24:30 +0200:

> [email protected]:pub/scm/linux/kernel/git/brauner/linux tags/for-linus-20190627

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/7a702b4e82d8730d6964bfd98b3b024c126e9846

Thank you!

--
Deet-doot-dot, I am a bot.
https://korg.wiki.kernel.org/userdoc/prtracker

2019-06-28 00:56:09

by pr-tracker-bot

[permalink] [raw]
Subject: Re: [GIT PULL] fixes for v5.2-rc7

The pull request you sent on Wed, 26 Jun 2019 16:07:33 +0200:

> [email protected]:pub/scm/linux/kernel/git/brauner/linux tags/for-linus-20190626

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/6fd2fe494b17bf2dec37b610d23a43a72b16923a

Thank you!

--
Deet-doot-dot, I am a bot.
https://korg.wiki.kernel.org/userdoc/prtracker