Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp2377615ybp; Thu, 10 Oct 2019 06:36:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqyPKwrrm9ZkaOF6D4PDDl8+IwbrcEYFkz3IlOg6HdmBsYQzQDUnCdVW5i/MmgPwUubkDpkv X-Received: by 2002:aa7:df07:: with SMTP id c7mr8001643edy.110.1570714570546; Thu, 10 Oct 2019 06:36:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570714570; cv=none; d=google.com; s=arc-20160816; b=eboX+boFmkMyfh9krztfgEosH8BYrHC1dvR6lzVllUTZnEdLGKFhZ0kMD4v4NUP3AT mgysxP71p1QLYCAkXnJGL42I9iZF/oPs0Ov3rB3ji2qpuYZOYxkYyQrUhFqUBY7UdUKO k4oQ8th5YWXyuJzUDb3qccTXw1ngc0eAgYjFAP+oc6DjPZyJEnlWAsUSIpzYkgmqOQ7a DAanBmCauvCvg1xu3wNBWtDTgrEywPrQPurcIc8kVMBeulHYCstDtMw+j4RHi4vpDEF4 2n3V4N4XxiUEP0s+TEDlx+lxEm7R0Yx1Aa3f3IIHTg4MmBeBjkuadXtauk4nemjVYR2y 7Wzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=ojv6YG6RITwlcY5aroAxXtMlkW/FY86TUJN6zaSvQas=; b=AeBhjd9rQ0XMe+Flhecb+YG9Fhem/KA5iSM5qyrXhuAB+kpr9eQu7kIOCFXsM4jAwU Yul5PW8xKdglvSqT7bYgOJtzLdh2YlbY5tD8nAA1OS21ms284gD2sJ0BCo0hBR3vMk5V uWfXfOzd1V+r1ZzauyIfExi3AFikoP2hpi6s2iYtoQgHHJ617qhS5mktQ+kTtosTfmVT DwzDjBj+9p5akFMGrwuLpZNBDKoILRUmYltONBK4d4QjAoOBOE+TvCYORyG5Wg6CXTlN AOcnNXv8vjEBW87JKCQx1SOQ1wYCAkHQFezEylXQ/9FsdO8pqnOjttoUpNdufoU1wOe9 8u6w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n8si3013816ejz.22.2019.10.10.06.35.46; Thu, 10 Oct 2019 06:36:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387992AbfJJNff (ORCPT + 99 others); Thu, 10 Oct 2019 09:35:35 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:54313 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728011AbfJJNff (ORCPT ); Thu, 10 Oct 2019 09:35:35 -0400 Received: from [193.96.224.244] (helo=localhost.localdomain) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iIYbL-0001XF-Re; Thu, 10 Oct 2019 13:35:32 +0000 From: Christian Brauner To: linux-kernel@vger.kernel.org, Oleg Nesterov , Florian Weimer , libc-alpha@sourceware.org Cc: Ingo Molnar , Peter Zijlstra , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Steven Rostedt , Ben Segall , Mel Gorman , Shuah Khan , Andrew Morton , Michal Hocko , Elena Reshetova , Thomas Gleixner , Roman Gushchin , Andrea Arcangeli , Al Viro , Aleksa Sarai , "Dmitry V. Levin" , linux-kselftest@vger.kernel.org, Christian Brauner Subject: [PATCH 1/2] clone3: add CLONE3_CLEAR_SIGHAND Date: Thu, 10 Oct 2019 15:35:17 +0200 Message-Id: <20191010133518.5420-1-christian.brauner@ubuntu.com> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Reset all signal handlers of the child not set to SIG_IGN to SIG_DFL. Mutually exclusive with CLONE_SIGHAND to not disturb other thread's signal handler. In the spirit of closer cooperation between glibc developers and kernel developers (cf. [2]) this patchset came out of a discussion on the glibc mailing list for improving posix_spawn() (cf. [1], [3], [4]). Kernel support for this feature has been explicitly requested by glibc and I see no reason not to help them with this. The child helper process on Linux posix_spawn must ensure that no signal handlers are enabled, so the signal disposition must be either SIG_DFL or SIG_IGN. However, it requires a sigprocmask to obtain the current signal mask and at least _NSIG sigaction calls to reset the signal handlers for each posix_spawn call or complex state tracking that might lead to data corruption in glibc. Adding this flags lets glibc avoid these problems. [1]: https://www.sourceware.org/ml/libc-alpha/2019-10/msg00149.html [3]: https://www.sourceware.org/ml/libc-alpha/2019-10/msg00158.html [4]: https://www.sourceware.org/ml/libc-alpha/2019-10/msg00160.html [2]: https://lwn.net/Articles/799331/ '[...] by asking for better cooperation with the C-library projects in general. They should be copied on patches containing ABI changes, for example. I noted that there are often times where C-library developers wish the kernel community had done things differently; how could those be avoided in the future? Members of the audience suggested that more glibc developers should perhaps join the linux-api list. The other suggestion was to "copy Florian on everything".' Cc: Oleg Nesterov Cc: Florian Weimer Cc: libc-alpha@sourceware.org Signed-off-by: Christian Brauner --- include/uapi/linux/sched.h | 3 +++ kernel/fork.c | 11 ++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/include/uapi/linux/sched.h b/include/uapi/linux/sched.h index 99335e1f4a27..c583720f689f 100644 --- a/include/uapi/linux/sched.h +++ b/include/uapi/linux/sched.h @@ -33,6 +33,9 @@ #define CLONE_NEWNET 0x40000000 /* New network namespace */ #define CLONE_IO 0x80000000 /* Clone io context */ +/* Flags for the clone3() syscall */ +#define CLONE3_CLEAR_SIGHAND 0x100000000ULL /* Clear any signal handler and reset to SIG_DFL. */ + #ifndef __ASSEMBLY__ /** * struct clone_args - arguments for the clone3 syscall diff --git a/kernel/fork.c b/kernel/fork.c index 1f6c45f6a734..661f8d1f3881 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1517,6 +1517,11 @@ static int copy_sighand(unsigned long clone_flags, struct task_struct *tsk) spin_lock_irq(¤t->sighand->siglock); memcpy(sig->action, current->sighand->action, sizeof(sig->action)); spin_unlock_irq(¤t->sighand->siglock); + + /* Reset all signal handler not set to SIG_IGN to SIG_DFL. */ + if (clone_flags & CLONE3_CLEAR_SIGHAND) + flush_signal_handlers(tsk, 0); + return 0; } @@ -2567,7 +2572,7 @@ static bool clone3_args_valid(const struct kernel_clone_args *kargs) * All lower bits of the flag word are taken. * Verify that no other unknown flags are passed along. */ - if (kargs->flags & ~CLONE_LEGACY_FLAGS) + if (kargs->flags & ~(CLONE_LEGACY_FLAGS | CLONE3_CLEAR_SIGHAND)) return false; /* @@ -2577,6 +2582,10 @@ static bool clone3_args_valid(const struct kernel_clone_args *kargs) if (kargs->flags & (CLONE_DETACHED | CSIGNAL)) return false; + if ((kargs->flags & (CLONE_SIGHAND | CLONE3_CLEAR_SIGHAND)) == + (CLONE_SIGHAND | CLONE3_CLEAR_SIGHAND)) + return false; + if ((kargs->flags & (CLONE_THREAD | CLONE_PARENT)) && kargs->exit_signal) return false; -- 2.23.0