Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp832250yba; Thu, 16 May 2019 09:33:22 -0700 (PDT) X-Google-Smtp-Source: APXvYqzB0ISbFTE6JpWK2N6IZWoCr2zbHMI7jU3TfbJZIp+XHaXjoXkMFtPbAbW+J00TnEs9kpmN X-Received: by 2002:a62:1cd5:: with SMTP id c204mr16023092pfc.205.1558024402054; Thu, 16 May 2019 09:33:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558024402; cv=none; d=google.com; s=arc-20160816; b=vpmJi/mK1jBguAF1pW8iDVP5/z6yeZAMIJoaZQNeVcdKiXa/3Kq0TW44iRFAaocSYA 6XVdI4vOlYcs4EgkzHmFHnL3rM96r3xxiIH0ClmXQGYoB2aYHANA8lqCz9oYmSgSA2ot ju+0xFr4/XjVMiAgPCDCvsPAxX+C3dL2x3WGhXQOsllohuKDFjK06c+9GjCB/hnFJRPX pfObQt23Rrhcd5Wcj3b0MRC4ecudXLqj8Hp2IaCkH4/VOcuarOrZO/VIdgl0+lkMvW56 DLrQEb21ReeJKERTsrTkMBRB4Dvk6fC32o+Ianwy2GpsOzq4CwHIfg6o+bbD8NbRn4L/ sAqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=exQ2E901v1jf4OQuhb6lcQDzdnBKSTneXQpclYeUddM=; b=IgISJbvuHLwtt6lEuFHEW/qDl6gDIKkYujD+gKMLW27QXXg0g45gtEOYT+J7/sAAGs 0O7byXHcRICt3tNXb4pYYLqDNI2TX+RM2RJYhiqUGOxyH4zh2wGGNTK4OC2iWa2a6/g0 mMms+fnySWX3vkcnKLuWPY3h8+hq9fpaYGfJgg2BDAR34KvGsbHadxuALAK17P9Bym0O ZGBENZGUz2Mw5uEgoku2dhbComN0ia6cb6jPeUZfn56MFJgPUlAmQ9WUUbSG1Y+LgsIX YMWNrO3k3RpADpfZ7aAVXoMjIFJQmI1FmemowN80br9qWVsGDe14vdvtOVi7L1vAJdud uD2g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k17si6317037pfi.230.2019.05.16.09.33.06; Thu, 16 May 2019 09:33:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727125AbfEPQbg (ORCPT + 99 others); Thu, 16 May 2019 12:31:36 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:59076 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726449AbfEPQbg (ORCPT ); Thu, 16 May 2019 12:31:36 -0400 Received: from viro by ZenIV.linux.org.uk with local (Exim 4.92 #3 (Red Hat Linux)) id 1hRJI2-0003d6-Oy; Thu, 16 May 2019 16:31:30 +0000 Date: Thu, 16 May 2019 17:31:30 +0100 From: Al Viro To: David Howells Cc: torvalds@linux-foundation.org, Christian Brauner , Arnd Bergmann , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ver #2] Message-ID: <20190516163130.GC17978@ZenIV.linux.org.uk> References: <155800752418.4037.9567789434648701032.stgit@warthog.procyon.org.uk> <20190516162259.GB17978@ZenIV.linux.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190516162259.GB17978@ZenIV.linux.org.uk> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 16, 2019 at 05:22:59PM +0100, Al Viro wrote: > On Thu, May 16, 2019 at 12:52:04PM +0100, David Howells wrote: > > > > Hi Linus, Al, > > > > Here are some patches that make changes to the mount API UAPI and two of > > them really need applying, before -rc1 - if they're going to be applied at > > all. > > I'm fine with 2--4, but I'm not convinced that cloexec-by-default crusade > makes any sense. Could somebody give coherent arguments in favour of > abandoning the existing conventions? To elaborate: existing syscalls (open, socket, pipe, accept, epoll_create, etc., etc.) are not cloexec-by-default and that's not going to change, simply because it would be break the living hell out of existing userland code. IOW, the userland has to worry about leaking stuff over sensitive execve(), no matter what. All this change does is complicate things for userland programmer - which syscall belongs to which class. Where's the benefit? I could buy an argument about gradually changing over to APIs that are cloexec-by-default across the board, except for the obvious fact that it's not going to happen; not with the things like open() involved.