Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp2905284ybc; Wed, 20 Nov 2019 23:43:00 -0800 (PST) X-Google-Smtp-Source: APXvYqz1+dBmJQk4AXD2iVsoHeJC0H07PUEs1gK7OabiVV58aOy6kij/zzmrxrA9brW2WeaLkiJa X-Received: by 2002:a17:906:2505:: with SMTP id i5mr12068617ejb.18.1574322180252; Wed, 20 Nov 2019 23:43:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1574322180; cv=none; d=google.com; s=arc-20160816; b=rYdesgqxxQlyjvX4uX0zcvKMq2O47ClupfO7yjKb3Xz1NAEHyNu8fi3NFeWU6fRCO3 sgp36PJ5+C7h+PhhmOojPby8dQP6PxH8eGEFMq1WMqjMx2QhslqGXzUqebVrGd5pZFdj hWXQ0cd+mpHcqgSMrHHfw/yACempcGNkmHL2XsmX95UxBWAHPu+bWMaUyHwGIpQkuCAE CY6iIS3HgOeuX+llCG4lS2joaAxvVmNiL521MV4+Jk9SBMsI+wHHOZm9lNMeNHeBhcH1 ETf/sD2iMbHQd3UD4hDBqyjoN73tN2K9neCZQViH4h63yf13G8As6vy5gsJ3N+Jha1xy velQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=+ivP0t11qSgLHR500CRfbVMbU6+LuXa4U6V5HH6I6vo=; b=fpa2H6qJ4C9/9LXP+9q/AAtr1ugq2m2IsNnmBHaMHh+YIVJnpzyyAgwdPbMC/r+eBt O+NC+xxWf8ELiTPvpbITBgOxxVun9A1W7kFqatYdUm+eG8NFWdBonYPLKewbS6PFfGXD uWJEA0Xy3vIenNbXmXQEPO/c57D37rlSFpHIzaaI+cSvqszEpBAxQ6rI378fJdKLhBES ffuLuFEcaTgEUKyzuMydgU1tNtNsQQt7KvPTIP2uwSkLMHN/Lkh8R0SExMabvtnLsmyG clG3o1IMLzJG/9aKKkL32zMiN2Cp5a9J3wzYQ7MOOWeOrg/C6O5uz9IiBqJKl5sQ21d8 dUGg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=C+eT+CCB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e8si1585065edk.444.2019.11.20.23.42.36; Wed, 20 Nov 2019 23:43:00 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=C+eT+CCB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726705AbfKUHlJ (ORCPT + 99 others); Thu, 21 Nov 2019 02:41:09 -0500 Received: from mail-lf1-f67.google.com ([209.85.167.67]:33973 "EHLO mail-lf1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726014AbfKUHlH (ORCPT ); Thu, 21 Nov 2019 02:41:07 -0500 Received: by mail-lf1-f67.google.com with SMTP id l28so1801480lfj.1 for ; Wed, 20 Nov 2019 23:41:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rasmusvillemoes.dk; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=+ivP0t11qSgLHR500CRfbVMbU6+LuXa4U6V5HH6I6vo=; b=C+eT+CCBu8ohnBcx0TCg3g5E1+IZFpyG7hHpwW0/Wl2NU0XUc9mNlHVgij+cGnD9iu TVqYggV3M+UpxBgycfJh4T/Cg8RFqJhkTsrm/cBMRlXSaMg5Rlhsoy3cDkoOKa9oHfwk RYEZMUEfnXkYhPWKzckzp9YjqMikHwTpTi1ek= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=+ivP0t11qSgLHR500CRfbVMbU6+LuXa4U6V5HH6I6vo=; b=bCOWlsfxlxSagzgGg98+t0GmnHL3dT9T6/kDat3xzGZyhH89HrdwgOX0/dLWDK6fdS TbUGoP90hflBeeaiPE0vu9odneNRZwuOJ4zPC5lWR38E/rx1UG57WhkNujsUgmloLrZE sPStLwxFvKERQDQWtkXp1ig96D2ERqBDiL/9LgoCo4hyeRGytmLabib0Gv3SCHVTd1Wk jYbLy7qfQllPKzZlUwIDd+3YxsILcHyI9qQ/ODoGGkT2ViV/d+AM3ON0uTQ+SG++CWZq s2tvMSyfcFgpLNec2lMHpUwBcKMW4LLVJa94lWJ/Wdfv4OL/yCtzPWfFT7+9Hz5OYdcL PJvg== X-Gm-Message-State: APjAAAXHvZz/CPncZPFlHl24ozujEkQanHzKmRi9szO3aXa6S52hDOE9 LP+qc6ByddW/IX6jokuAkuJpP4LIfax0UIC7 X-Received: by 2002:ac2:4a8f:: with SMTP id l15mr6259977lfp.5.1574322063173; Wed, 20 Nov 2019 23:41:03 -0800 (PST) Received: from [172.16.11.28] ([81.216.59.226]) by smtp.gmail.com with ESMTPSA id c12sm743854ljk.77.2019.11.20.23.41.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Nov 2019 23:41:02 -0800 (PST) Subject: Re: [PATCH 2/3] docs, parallelism: Do not leak blocking mode to writer To: Kees Cook , Jonathan Corbet Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org References: <20191121000304.48829-1-keescook@chromium.org> <20191121000304.48829-3-keescook@chromium.org> From: Rasmus Villemoes Message-ID: <041953ef-0b6c-4ea8-8734-aa1e6703f9f8@rasmusvillemoes.dk> Date: Thu, 21 Nov 2019 08:41:01 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: <20191121000304.48829-3-keescook@chromium.org> Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 21/11/2019 01.03, Kees Cook wrote: > Setting non-blocking via a local copy of the jobserver file descriptor > is safer than just assuming the writer on the original fd is prepared > for it to be non-blocking. This is a bit inaccurate. The fd referring to the write side of the pipe is always blocking - it has to be, due to the protocol requiring you to write back the tokens you've read, so you can't just drop a token on the floor. But it's also rather moot, since the pipe will never hold anywhere near 4096 bytes, let alone a (linux) pipe's default capacity of 64K. But what we cannot do is change the mode of the open file description to non-blocking for the read side, in case the parent make (or some sibling process that has also inherited the same "struct file") expects it to be blocking. > Suggested-by: Rasmus Villemoes > Link: https://lore.kernel.org/lkml/44c01043-ab24-b4de-6544-e8efd153e27a@rasmusvillemoes.dk > Signed-off-by: Kees Cook > --- > scripts/jobserver-count | 15 +++++++-------- > 1 file changed, 7 insertions(+), 8 deletions(-) > > diff --git a/scripts/jobserver-count b/scripts/jobserver-count > index 6e15b38df3d0..a68a04ad304f 100755 > --- a/scripts/jobserver-count > +++ b/scripts/jobserver-count > @@ -12,12 +12,6 @@ default="1" > if len(sys.argv) > 1: > default=sys.argv[1] > > -# Set non-blocking for a given file descriptor. > -def nonblock(fd): > - flags = fcntl.fcntl(fd, fcntl.F_GETFL) > - fcntl.fcntl(fd, fcntl.F_SETFL, flags | os.O_NONBLOCK) > - return fd > - > # Extract and prepare jobserver file descriptors from envirnoment. > try: > # Fetch the make environment options. > @@ -31,8 +25,13 @@ try: > # Parse out R,W file descriptor numbers and set them nonblocking. > fds = opts[0].split("=", 1)[1] > reader, writer = [int(x) for x in fds.split(",", 1)] > - reader = nonblock(reader) > -except (KeyError, IndexError, ValueError, IOError): > + # Open a private copy of reader to avoid setting nonblocking > + # on an unexpecting writer. s/writer/reader/ > + reader = os.open("/proc/self/fd/%d" % (reader), os.O_RDONLY) > + flags = fcntl.fcntl(reader, fcntl.F_GETFL) > + fcntl.fcntl(reader, fcntl.F_SETFL, flags | os.O_NONBLOCK) I think you can just specify O_NONBLOCK in the open() call so you avoid those two fcntls. Rasmus