Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp2285028pxb; Fri, 5 Feb 2021 13:51:31 -0800 (PST) X-Google-Smtp-Source: ABdhPJy5PI+eeG08e+2kY3PPTL8b+h4KysPPjd6oky26uCTUz8z/JVp0rpnZL1sxMBAgPq28z9zG X-Received: by 2002:a17:906:a091:: with SMTP id q17mr6120983ejy.286.1612561891670; Fri, 05 Feb 2021 13:51:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612561891; cv=none; d=google.com; s=arc-20160816; b=k+icb31Dp/OQyT6VxYnhu5/47CckMVAsrlFLjTN67uiCCN1rthK4dhx+Fs8zZXzVM6 z8nUPx6vEkkF7lO+bvtMALHk5iZTH41ZTjxD6nzAql6oVGinU1rVrVvXCx+eIMDr5uOc WJ6e3bXb4JwD4U160aQmMpvAg1Mzgrng8m0gVfCrkGLM4GWoEJ8AWE/9PdXFw8qJTr0q DE8wNLvos83NfnWE+OV3g3bwIyiQzLWfYO2SP3DdWNtGgDYCeYUdzpovSVXF2qvLBIuk oLkixJlz0Jck3448qkoHLWs9lQ/Qz1clRI3jgR+Zln8+3aYHlD+RnRcxf+SKvyHyA1XD fiPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature; bh=5pnuSpNEKdmcoBjj2QdJNC7CgKySzqePnnhN0iJ74KE=; b=seeo90Gba8xSYL67uBpU3VMY/Grbf1/TU9+ez5tz2oVqI7Pof6WCEg8wMcfSnymws8 2dkXXnDGHvXBk0X0NXp2p2jHPP1gL5ZMTZuoswteKLerECVod3OFPWJEpr4/WS+ynfas AJc8YlMDY8zAd2VczUvIFNZGwh125yTYufvTB5czLyy5LIIxd+rY6cRHWOd3cPpSULxH xfo1QqG+Oi98ghU3x+mmEl+TMx0p33IYPdoERshtn7G0PCEyFNtCJWQxDsnnWKHc1VcV 2HyvUZ7AyR8Cl08uk3pjttWFp2/FpPVbfnWDRjN8M9TRJq7TchxFANXF43NBW8t4BvzC S8CA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=CazZD3ga; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l13si5459446ejg.422.2021.02.05.13.51.06; Fri, 05 Feb 2021 13:51:31 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=CazZD3ga; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233019AbhBEVuJ (ORCPT + 99 others); Fri, 5 Feb 2021 16:50:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60090 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231725AbhBEVse (ORCPT ); Fri, 5 Feb 2021 16:48:34 -0500 Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C9C2AC06174A for ; Fri, 5 Feb 2021 13:47:53 -0800 (PST) Received: by mail-ed1-x529.google.com with SMTP id s5so10626007edw.8 for ; Fri, 05 Feb 2021 13:47:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rasmusvillemoes.dk; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=5pnuSpNEKdmcoBjj2QdJNC7CgKySzqePnnhN0iJ74KE=; b=CazZD3gaSDfOEUuMFkR/IQY8QFmfUv80CHWEbco/8E0oftbEwwOIJ3fjX/atsGd7wj evBDAPwAJv0WyagdvYzl42paXlsjQMsJ/RGozF1eefiPC5SzIh4WIwOVjh4BY5hIiGBz N62/fb3kVV42RVbaHipmcM3KLdUFhQxMvqvNw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=5pnuSpNEKdmcoBjj2QdJNC7CgKySzqePnnhN0iJ74KE=; b=jvjTpd700ESw9FdEtATeXNkKiQKAaFGIIqMYdq3UjhejiDTR+4JQ68P2ynWhHXz+N0 i0Cc7s6gejurhIK7cQFIJeqROQuwi2qMUA1QECEZdtbMmMu2rfq7ZzumHrGK/xz5dKwY zq+tstHORgbnxjaMCaaSRox2vP1PGYEL/VLWQzT2mPlEauG21FLimaIwXWbIPFk3BsDn wITpz1LVAYCZ4RDiH+DgOOw69T9XD686xb+ftagioL8A1Is6HPXBOTR2DkWg6tyVMJhI rjq2RPwCn98Cf0uqvWLy7YSqNmxPq+drKCMj68tb/fgNwOMIG3a81Psh+/cL86ycWccr 5Zew== X-Gm-Message-State: AOAM533dcsAApVVvmJSOeXBE3CwrfquhQOddyo+nteG9RPzQhfBr1G6D aDz5Nxu/+6hHdVYnurmy6gIk1A== X-Received: by 2002:a05:6402:10ce:: with SMTP id p14mr5530673edu.261.1612561672579; Fri, 05 Feb 2021 13:47:52 -0800 (PST) Received: from [192.168.1.149] (5.186.115.188.cgn.fibianet.dk. [5.186.115.188]) by smtp.gmail.com with ESMTPSA id y11sm4515813ejd.72.2021.02.05.13.47.49 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 05 Feb 2021 13:47:52 -0800 (PST) Subject: Re: [PATCH v2] kernel: Expose SYS_kcmp by default To: Chris Wilson , linux-kernel@vger.kernel.org Cc: dri-devel@lists.freedesktop.org, intel-gfx@lists.freedesktop.org, Kees Cook , Andy Lutomirski , Will Drewry , Andrew Morton , Dave Airlie , Daniel Vetter , Lucas Stach , Daniel Vetter , Cyrill Gorcunov References: <20210205163752.11932-1-chris@chris-wilson.co.uk> <20210205210610.29837-1-chris@chris-wilson.co.uk> From: Rasmus Villemoes Message-ID: Date: Fri, 5 Feb 2021 22:47:47 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20210205210610.29837-1-chris@chris-wilson.co.uk> Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 05/02/2021 22.06, Chris Wilson wrote: > Userspace has discovered the functionality offered by SYS_kcmp and has > started to depend upon it. In particular, Mesa uses SYS_kcmp for > os_same_file_description() in order to identify when two fd (e.g. device > or dmabuf) point to the same struct file. Since they depend on it for > core functionality, lift SYS_kcmp out of the non-default > CONFIG_CHECKPOINT_RESTORE into the selectable syscall category. > > Note that some distributions such as Ubuntu are already enabling > CHECKPOINT_RESTORE in their configs and so, by extension, SYS_kcmp. > Looks a lot like https://lore.kernel.org/lkml/20200710075632.14661-1-linux@rasmusvillemoes.dk/. So FWIW, ack from me. cc += Cyrill. > References: https://gitlab.freedesktop.org/drm/intel/-/issues/3046 > Signed-off-by: Chris Wilson > Cc: Kees Cook > Cc: Andy Lutomirski > Cc: Will Drewry > Cc: Andrew Morton > Cc: Dave Airlie > Cc: Daniel Vetter > Cc: Lucas Stach > Acked-by: Daniel Vetter # DRM depends on SYS_kcmp > > --- > v2: > - Default n. > - Borrrow help message from man kcmp. > - Export get_epoll_tfile_raw_ptr() for CONFIG_KCMP > --- > fs/eventpoll.c | 4 ++-- > include/linux/eventpoll.h | 2 +- > init/Kconfig | 12 ++++++++++++ > kernel/Makefile | 2 +- > tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +- > 5 files changed, 17 insertions(+), 5 deletions(-) > > diff --git a/fs/eventpoll.c b/fs/eventpoll.c > index a829af074eb5..3196474cbe24 100644 > --- a/fs/eventpoll.c > +++ b/fs/eventpoll.c > @@ -979,7 +979,7 @@ static struct epitem *ep_find(struct eventpoll *ep, struct file *file, int fd) > return epir; > } > > -#ifdef CONFIG_CHECKPOINT_RESTORE > +#ifdef CONFIG_KCMP > static struct epitem *ep_find_tfd(struct eventpoll *ep, int tfd, unsigned long toff) > { > struct rb_node *rbp; > @@ -1021,7 +1021,7 @@ struct file *get_epoll_tfile_raw_ptr(struct file *file, int tfd, > > return file_raw; > } > -#endif /* CONFIG_CHECKPOINT_RESTORE */ > +#endif /* CONFIG_KCMP */ > > /** > * Adds a new entry to the tail of the list in a lockless way, i.e. > diff --git a/include/linux/eventpoll.h b/include/linux/eventpoll.h > index 0350393465d4..593322c946e6 100644 > --- a/include/linux/eventpoll.h > +++ b/include/linux/eventpoll.h > @@ -18,7 +18,7 @@ struct file; > > #ifdef CONFIG_EPOLL > > -#ifdef CONFIG_CHECKPOINT_RESTORE > +#ifdef CONFIG_KCMP > struct file *get_epoll_tfile_raw_ptr(struct file *file, int tfd, unsigned long toff); > #endif > > diff --git a/init/Kconfig b/init/Kconfig > index b77c60f8b963..1b75141bc18b 100644 > --- a/init/Kconfig > +++ b/init/Kconfig > @@ -1194,6 +1194,7 @@ endif # NAMESPACES > config CHECKPOINT_RESTORE > bool "Checkpoint/restore support" > select PROC_CHILDREN > + select KCMP > default n > help > Enables additional kernel features in a sake of checkpoint/restore. > @@ -1737,6 +1738,17 @@ config ARCH_HAS_MEMBARRIER_CALLBACKS > config ARCH_HAS_MEMBARRIER_SYNC_CORE > bool > > +config KCMP > + bool "Enable kcmp() system call" if EXPERT > + default n > + help > + Enable the kernel resource comparison system call. It provides > + user-space with the ability to compare two processes to see if they > + share a common resource, such as a file descriptor or even virtual > + memory space. > + > + If unsure, say N. > + > config RSEQ > bool "Enable rseq() system call" if EXPERT > default y > diff --git a/kernel/Makefile b/kernel/Makefile > index aa7368c7eabf..320f1f3941b7 100644 > --- a/kernel/Makefile > +++ b/kernel/Makefile > @@ -51,7 +51,7 @@ obj-y += livepatch/ > obj-y += dma/ > obj-y += entry/ > > -obj-$(CONFIG_CHECKPOINT_RESTORE) += kcmp.o > +obj-$(CONFIG_KCMP) += kcmp.o > obj-$(CONFIG_FREEZER) += freezer.o > obj-$(CONFIG_PROFILING) += profile.o > obj-$(CONFIG_STACKTRACE) += stacktrace.o > diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c > index 26c72f2b61b1..1b6c7d33c4ff 100644 > --- a/tools/testing/selftests/seccomp/seccomp_bpf.c > +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c > @@ -315,7 +315,7 @@ TEST(kcmp) > ret = __filecmp(getpid(), getpid(), 1, 1); > EXPECT_EQ(ret, 0); > if (ret != 0 && errno == ENOSYS) > - SKIP(return, "Kernel does not support kcmp() (missing CONFIG_CHECKPOINT_RESTORE?)"); > + SKIP(return, "Kernel does not support kcmp() (missing CONFIG_KCMP?)"); > } > > TEST(mode_strict_support) >