Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp913506iob; Thu, 12 May 2022 07:19:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJysUIuV3I19mQpcSHRQZd7VCZQD1DwFekdeAs615yT/NweD4iGfNtjPS5sN9befKqgTK0JT X-Received: by 2002:aa7:c54d:0:b0:425:d8c9:efc6 with SMTP id s13-20020aa7c54d000000b00425d8c9efc6mr35405169edr.48.1652365148666; Thu, 12 May 2022 07:19:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652365148; cv=none; d=google.com; s=arc-20160816; b=E+/aCRpI5IRd7lfMtvF/DMh+oQukydTh0TBTnIIzyW3RchsewZcBTKrYD+twJnmdSp 4h+qfTRnOroCYPoPMfWI67EJGfa2GzIfy3uBvCLj2cjGlax4mJ9ZirOF9AC9Qp0OLU70 ZYo9OVwG9vRlY35eU4Tjmbw9VE+nCx4oVauWv3vesT3fzqE8463PUwnF1iTzzkPhdTOx W2NT8f3E8TiMQN+yvIzbfs6n6RGCd8NShz827ChQcAPeG3ZwrXQE03042RaS6EMUjjn6 bTro9EGvjkeXMjmXQW5lARYetYsS4EwdM+ygAAb/bSY6yzK+/PJi5wPWNPvd1GTzcV1O 1A7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent:message-id:in-reply-to :date:references:subject:cc:to:from:dkim-signature; bh=ch8AYJSR0bVojuLA0JpsnHZw3evm/2ziMe/ALgDSt0o=; b=kUUISXf4gnQwbfHFdDD88eCxXrpWH5wyEAYAVUo34irWxGBa/JqVpE09vRAAJXOSfW Uv9oAAtykcID2TTDZhe6i/KbeY/DZSm6pVFukDCcmrImu2ssLyjkHq0jT9px095EAHpc V74QSNbyXLHmyMxHBm/0rU2qqhCnm7HuktocvVX4t4wghA5qNbBTXSBzL592DgaWyS7h 52jB1jhLbdtb0gxileGsoaVVc8YTszRzRVgS/3VYFLSGSZSvdhH9XUBanMXzGF8O2AA+ pmPFHtf03LX4RBT65bd2cYc7UlYJBoCM31P7GZdGYw2PXSITbAWM7xrqq+G69/oMHXBY Lp0Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=LTa4hovt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id js7-20020a17090797c700b006df76385d10si6217812ejc.432.2022.05.12.07.18.41; Thu, 12 May 2022 07:19:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=LTa4hovt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344588AbiEKQRo (ORCPT + 99 others); Wed, 11 May 2022 12:17:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39526 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344589AbiEKQRf (ORCPT ); Wed, 11 May 2022 12:17:35 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 40A363C480 for ; Wed, 11 May 2022 09:17:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652285842; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=ch8AYJSR0bVojuLA0JpsnHZw3evm/2ziMe/ALgDSt0o=; b=LTa4hovtxTdZUSHIazBqExY97I5Y63pxvlxA/aREFEe7jVVsKaMp7gOVEKOsGQaUMBLnuH XLz9VRI81IblyLle9tv7iTIxn4b6Z6Xp+5R9WO3i8deAUQ5s5NA4ielh+Jo23wRpJlUOYV bMFy4EYVFPDqnbVocIWnBqBEsb2RO4U= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-152-gvGzGxhpO0KBaP3E_N9zzA-1; Wed, 11 May 2022 12:17:16 -0400 X-MC-Unique: gvGzGxhpO0KBaP3E_N9zzA-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C32A380418F; Wed, 11 May 2022 16:17:15 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.39.192.194]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D295640CF8E4; Wed, 11 May 2022 16:17:10 +0000 (UTC) From: Florian Weimer To: Christian Brauner Cc: Arnd Bergmann , Huacai Chen , Huacai Chen , Andy Lutomirski , Thomas Gleixner , Peter Zijlstra , Andrew Morton , David Airlie , Jonathan Corbet , Linus Torvalds , linux-arch , "open list:DOCUMENTATION" , Linux Kernel Mailing List , Xuefeng Li , Yanteng Si , Guo Ren , Xuerui Wang , Jiaxun Yang , Linux API Subject: Re: [PATCH V9 13/24] LoongArch: Add system call support References: <20220430090518.3127980-1-chenhuacai@loongson.cn> <20220430090518.3127980-14-chenhuacai@loongson.cn> <20220507121104.7soocpgoqkvwv3gc@wittgenstein> <20220509100058.vmrgn5fkk3ayt63v@wittgenstein> Date: Wed, 11 May 2022 18:17:09 +0200 In-Reply-To: <20220509100058.vmrgn5fkk3ayt63v@wittgenstein> (Christian Brauner's message of "Mon, 9 May 2022 12:00:58 +0200") Message-ID: <87bkw4doxm.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Scanned-By: MIMEDefang 2.84 on 10.11.54.1 X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Christian Brauner: > Without an approach like this certain sandboxes will fallback to > ENOSYSing system calls they can't filter. This is a generic problem > though with clone3() being one promiment example. Furthermore, for glibc (and I believe musl as well), the trick with in-process emulation of clone3 using SIGSYS does not work here because we must inhibit delivery of signals on the nascent thread, before it is fully set up. This means that we have to block signals around the clone/clone3 system call, so that the new thread is created with all signals blocked. This means that instead of calling the SIGSYS handler, the filtered system call simply terminates the process. (I think there have been discussions of using out-of-process filtering, but I don't know where we are with that.) Thanks, Florian