Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5114770yba; Tue, 30 Apr 2019 09:21:20 -0700 (PDT) X-Google-Smtp-Source: APXvYqwbNy9tHtntT9E35alcPu3wUd1bnrqoeRBrWPaZ3GzZg5/y8UbqsiQXJvhmIEGrEYN5sRma X-Received: by 2002:aa7:8190:: with SMTP id g16mr25812201pfi.92.1556641280657; Tue, 30 Apr 2019 09:21:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556641280; cv=none; d=google.com; s=arc-20160816; b=Nln7yvxC5iLulS3MIMgq1ye7AMeotbahyGwRtoXUwqhnHj1AeziXvJanxeNzQ+nuQ5 s+nPSMjUcMsAZOjHGDqX4mKvpUHtBo2G+2A/lhbON7vHS8J5CMe6zXw78pQtAvuK1rwG xXrzuPFoMIRuJ4hyZpBwiHQolmNvnxghLvDqhFQ1Yc/fKwjixllylB7UxV7cNxSVjQSO H4n8TcfqptXAShIbWzYBW+6Sj+/jwgNwnYSL2+O1cQkFcsbaZUDkEO9XVf97LQdZkEjk baTkufsI8HrUUj8dklROVtNv/xNHUv/zaVfFldtMFnqUoOm6Z3RuwpZg21EvOND4vMxF mheA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=I0mkWPXxdneoX6ZtNfTUi9Tvo+w8cp5wN8Xc0PEQw60=; b=NPHuqWe59rfjICZb7v20TNXbtTkXeDYWBZcWf24o+uJHf9f5Vql65a+apZ1EjoKuYh 34JVG/6wDlqyUEebnWRo07EvOuWWZ6tsZJT1weXFkj3CF/vB6QPu1NnaXjM4vHjf9YK+ p6LdAdhDkCXASC8+WChUhHWSzhU96ptyl39att9ghDQdpRTV5HYuBDOJ/Ors+79pgKi8 hdIzMViZOD11I+AgLe7iW6iKdOX0VkzaBzyOL0nanIuFfCdH3cp/lwoX4tJV27osmoB3 eYpA9xnICyLJWEDcaOafBOhd2tsECZcT9RwG/Ck65AUimj66Lyx5WP2U/3HI2XHVH5Ld jDSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=EbjP++XK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e35si39188291plb.38.2019.04.30.09.21.03; Tue, 30 Apr 2019 09:21:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=EbjP++XK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726209AbfD3QTc (ORCPT + 99 others); Tue, 30 Apr 2019 12:19:32 -0400 Received: from mail-lf1-f67.google.com ([209.85.167.67]:36840 "EHLO mail-lf1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725976AbfD3QTc (ORCPT ); Tue, 30 Apr 2019 12:19:32 -0400 Received: by mail-lf1-f67.google.com with SMTP id u17so11360072lfi.3 for ; Tue, 30 Apr 2019 09:19:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=I0mkWPXxdneoX6ZtNfTUi9Tvo+w8cp5wN8Xc0PEQw60=; b=EbjP++XKgHxEkneKGZLizrtbM/P7rph4iLyi00CwA3AQOQ0XrmvNGA7c0yA2ueK8Uz mygblbiGSrjljLAhCMoYE5sU13o9Bt+rMjweu0Grl3dyGako9+M+H/dusOy0YkCu4M0r 3R5BK1XDGR+K6UwjSp6+/jpIH7TevLCGc14QE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=I0mkWPXxdneoX6ZtNfTUi9Tvo+w8cp5wN8Xc0PEQw60=; b=kKO64+hiTqueQTTUq2/jI3ZUdfRCifbfkOk5LOyx94MgwdnWxPpVAYZstM02FTF/Tz y+dUo4FY0rGT150MFwqDJWFXEcB7AmyHCkDGUs9/GZOfa8g1Ux6rmv0mQFfN6jn6WI5U F9TymNuPnOU8cXrp4JICDS/1WlVFdTQM0QWkvdbr9GPvrUAp6wUfnQGmOrmwOVNMFgmz 2Q8M37OxiJWNtCSte/fSCxQszxEF09q/PIGGOFKtgykB4fFsAlHranbXbEO3V/6q9hHZ +dQc5QUc5uD7400XwMzm/XUu3drU9OPvo4veh6AG1PW8pK0hsc0AQTnjvNGZm3lWnpZo GNDw== X-Gm-Message-State: APjAAAUBFc8jFQV2GOiUtXRvqr4Koi2p/wt+gwuMCBVxOwebcKwISJku DWcp5iWPm5l8wYkKZDznCEjKL7w8Wug= X-Received: by 2002:a19:f24c:: with SMTP id d12mr36292500lfk.163.1556641169781; Tue, 30 Apr 2019 09:19:29 -0700 (PDT) Received: from mail-lj1-f175.google.com (mail-lj1-f175.google.com. [209.85.208.175]) by smtp.gmail.com with ESMTPSA id p19sm8014395lfc.48.2019.04.30.09.19.26 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 30 Apr 2019 09:19:27 -0700 (PDT) Received: by mail-lj1-f175.google.com with SMTP id h21so13323955ljk.13 for ; Tue, 30 Apr 2019 09:19:26 -0700 (PDT) X-Received: by 2002:a2e:5dd2:: with SMTP id v79mr37367875lje.22.1556641166346; Tue, 30 Apr 2019 09:19:26 -0700 (PDT) MIME-Version: 1.0 References: <20190414201436.19502-1-christian@brauner.io> <20190415195911.z7b7miwsj67ha54y@yavin> <20190420071406.GA22257@ip-172-31-15-78> <87r29jaoov.fsf@oldenburg2.str.redhat.com> In-Reply-To: <87r29jaoov.fsf@oldenburg2.str.redhat.com> From: Linus Torvalds Date: Tue, 30 Apr 2019 09:19:10 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: RFC: on adding new CLONE_* flags [WAS Re: [PATCH 0/4] clone: add CLONE_PIDFD] To: Florian Weimer Cc: Jann Horn , Kevin Easton , Andy Lutomirski , Christian Brauner , Aleksa Sarai , "Enrico Weigelt, metux IT consult" , Al Viro , David Howells , Linux API , LKML , "Serge E. Hallyn" , Arnd Bergmann , "Eric W. Biederman" , Kees Cook , Thomas Gleixner , Michael Kerrisk , Andrew Morton , Oleg Nesterov , Joel Fernandes , Daniel Colascione Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 30, 2019 at 1:21 AM Florian Weimer wrote: > > > (In fact, if I recall correctly, the _reason_ we have an explicit > > 'vfork()' entry point rather than using clone() with magic parameters > > was that the lack of arguments meant that you didn't have to > > save/restore any registers in user space, which made the whole stack > > issue simpler. But it's been two decades, so my memory is bitrotting). > > That's an interesting point. Using a callback-style interface avoids > that because you never need to restore the registers in the new > subprocess. It's still appropriate to use an assembler implementation, > I think, because it will be more obviously correct. I agree that a callback interface would have been a whole lot more obvious and less prone to subtle problems. But if you want vfork() because the programs you want to build use it, that's the interface you need.. Of course, if you *don't* need the exact vfork() semantics, clone itself actually very much supports a callback model with s separate stack. You can basically do this: - allocate new stack for the child - in trivial asm wrapper, do: - push the callback address on the child stack - clone(CLONE_VFORK|CLONE_VM|CLONE_SIGCHLD, chld_stack, NULL, NULL,NULL) - "ret" - free new stack where the "ret" in the child will just go to the callback, while the parent (eventually) just returns from the trivial wrapper and frees the new stack (which by definition is no longer used, since the child has exited or execve'd. So you can most definitely create a "vfork_with_child_callback()" with clone, and it would arguably be a much superior interface to vfork() anyway (maybe you'd like to pass in some arguments to the callback too - add more stack setup for the child as needed), but it wouldn't be the right solution for programs that just want to use the standard BSD vfork() model. > vfork is also more benign from a memory accounting perspective. In some > environments, it's not possible to call fork from a large process > because the accounting assumes (conservatively) that the new process > will dirty a lot of its private memory. Indeed. Linus