Re: [PATCH 1/2] pid: add pidfd_open()

On Wed, May 15, 2019 at 05:35:15PM +0200, Oleg Nesterov wrote: > On 05/15, Oleg Nesterov wrote: > > > > On 05/15, Christian Brauner wrote: > > > > > > +SYSCALL_DEFINE2(pidfd_open, pid_t, pid, unsigned int, flags) > > > +{ > > > + int fd, ret; >

Re: [PATCH 1/2] pid: add pidfd_open()

On Wed, May 15, 2019 at 04:00:20PM +0200, Yann Droneaud wrote: > Hi, > > Le mercredi 15 mai 2019 à 12:03 +0200, Christian Brauner a écrit : > > > > diff --git a/kernel/pid.c b/kernel/pid.c > > index 20881598bdfa..237d18d6ecb8 100644 > > --- a/kernel/pid.c >

Re: [PATCH 1/2] pid: add pidfd_open()

On Wed, May 15, 2019 at 05:19:13PM +0200, Oleg Nesterov wrote: > On 05/15, Christian Brauner wrote: > > > > On Wed, May 15, 2019 at 04:38:58PM +0200, Oleg Nesterov wrote: > > > > > > it seems that you can do a single check > > > > > >

Re: [PATCH 1/2] pid: add pidfd_open()

On Wed, May 15, 2019 at 04:38:58PM +0200, Oleg Nesterov wrote: > On 05/15, Christian Brauner wrote: > > > > +SYSCALL_DEFINE2(pidfd_open, pid_t, pid, unsigned int, flags) > > +{ > > + int fd, ret; > > + struct pid *p; > > + struct ta

Re: [PATCH v2 2/2] tests: add close_range() tests

On Tue, May 28, 2019 at 12:33:41PM +1000, Michael Ellerman wrote: > Christian Brauner writes: > > This adds basic tests for the new close_range() syscall. > > - test that no invalid flags can be passed > > - test that a range of file descriptors is correctly closed > >

Re: [PATCH 1/2] open: add close_range()

On Tue, May 21, 2019 at 10:23 PM Linus Torvalds wrote: > > On Tue, May 21, 2019 at 9:41 AM Christian Brauner > wrote: > > > > Yeah, you mentioned this before. I do like being able to specify an > > upper bound to have the ability to place fds strategically after

[PATCH v1 2/2] tests: add close_range() tests

that max_fd is correctly capped to the current fdtable maximum Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Oleg Nesterov Cc: Linus Torvalds Cc: Florian Weimer Cc: linux-...@vger.kernel.org --- v1: unchanged --- tools/testing

[PATCH v1 1/2] open: add close_range()

pointlessly if the task just has 0, 1, and 2 open. Suggested-by: Al Viro Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Oleg Nesterov Cc: Linus Torvalds Cc: Florian Weimer Cc: linux-...@vger.kernel.org --- v1: - Linus Torvalds

Re: [PATCH v1 1/2] open: add close_range()

On Thu, May 23, 2019 at 04:32:14PM +0200, Jann Horn wrote: > On Thu, May 23, 2019 at 1:51 PM Christian Brauner > wrote: > [...] > > I kept it dumb and was about to reply that your solution introduces more > > code when it seemed we wanted to keep this very simple for no

Re: [PATCH v1 1/2] open: add close_range()

On Thu, May 23, 2019 at 04:14:47PM +0200, Christian Brauner wrote: > On Thu, May 23, 2019 at 01:51:18PM +0200, Christian Brauner wrote: > > On Wed, May 22, 2019 at 06:57:37PM +0200, Oleg Nesterov wrote: > > > On 05/22, Christian Brauner wrote: > > > > > > >

Re: [PATCH v1 1/2] open: add close_range()

On Wed, May 22, 2019 at 06:57:37PM +0200, Oleg Nesterov wrote: > On 05/22, Christian Brauner wrote: > > > > +static struct file *pick_file(struct files_struct *files, unsigned fd) > > { > > - struct file *file; > > + struct file *file =

Re: [PATCH v1 1/2] open: add close_range()

On Thu, May 23, 2019 at 01:51:18PM +0200, Christian Brauner wrote: > On Wed, May 22, 2019 at 06:57:37PM +0200, Oleg Nesterov wrote: > > On 05/22, Christian Brauner wrote: > > > > > > +static struct file *pick_file(struct files_struct *files, unsigned fd) > &g

Re: [PATCH v1 1/2] open: add close_range()

On Thu, May 23, 2019 at 07:22:17PM +0300, Konstantin Khlebnikov wrote: > On 22.05.2019 18:52, Christian Brauner wrote:> This adds the close_range() > syscall. It allows to efficiently close a range > > of file descriptors up to all file descriptors of a calling task. > > &g

[PATCH v2 0/2] close_range()

est for close_range(fd, fd, 0). Thanks! Christian Christian Brauner (2): open: add close_range() tests: add close_range() tests arch/alpha/kernel/syscalls/syscall.tbl| 1 + arch/arm/tools/syscall.tbl| 1 + arch/arm64/include/asm/unistd32.h | 2 + a

Re: [PATCH v2 1/2] open: add close_range()

On Thu, May 23, 2019 at 06:20:05PM +0200, Oleg Nesterov wrote: > On 05/23, Christian Brauner wrote: > > > > +int __close_range(struct files_struct *files, unsigned fd, unsigned max_fd) > > +{ > > + unsigned int cur_max; > > + > > + if (fd &

[PATCH v2 2/2] tests: add close_range() tests

that max_fd is correctly capped to the current fdtable maximum Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Oleg Nesterov Cc: Linus Torvalds Cc: Florian Weimer Cc: linux-...@vger.kernel.org --- v1: unchanged v2: - Christian Brauner

[PATCH v2 1/2] open: add close_range()

pointlessly if the task just has 0, 1, and 2 open. Suggested-by: Al Viro Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Oleg Nesterov Cc: Linus Torvalds Cc: Florian Weimer Cc: linux-...@vger.kernel.org --- v1: - Linus Torvalds

Re: [PATCH v1 1/2] open: add close_range()

On Fri, May 24, 2019 at 09:43:53AM +0200, Arnd Bergmann wrote: > On Thu, May 23, 2019 at 6:33 PM Christian Brauner > wrote: > > On Thu, May 23, 2019 at 07:22:17PM +0300, Konstantin Khlebnikov wrote: > > > On 22.05.2019 18:52, Christian Brauner wrote:> This adds the >

Re: [PATCH v1 1/2] open: add close_range()

On Thu, May 23, 2019 at 07:22:17PM +0300, Konstantin Khlebnikov wrote: > On 22.05.2019 18:52, Christian Brauner wrote:> This adds the close_range() > syscall. It allows to efficiently close a range > > of file descriptors up to all file descriptors of a calling task. > > &g

[PATCH v3 2/3] arch: wire-up close_range()

This wires up the close_range() syscall into all arches at once. Suggested-by: Arnd Bergmann Signed-off-by: Christian Brauner Reviewed-by: Oleg Nesterov Acked-by: Arnd Bergmann Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Linus Torvalds Cc: Al Viro Cc: Florian Weimer Cc

Re: [PATCH v3 1/2] pid: add pidfd_open()

On Tue, May 21, 2019 at 04:32:20PM +0200, Christian Brauner wrote: > On Mon, May 20, 2019 at 05:56:29PM +0200, Christian Brauner wrote: > > This adds the pidfd_open() syscall. It allows a caller to retrieve pollable > > pidfds for a process which did not get created via C

[PATCH v2 2/2] tests: add pidfd_open() tests

-by: Christian Brauner Cc: Arnd Bergmann Cc: "Eric W. Biederman" Cc: Kees Cook Cc: Joel Fernandes (Google) Cc: Thomas Gleixner Cc: Jann Horn Cc: David Howells Cc: "Michael Kerrisk (man-pages)" Cc: Andy Lutomirsky Cc: Andrew Morton Cc: Oleg Nesterov Cc: Aleksa Sarai Cc

[PATCH v2 1/2] pid: add pidfd_open()

-based processes we enable them to adopt this api. In line with Arnd's recent changes to consolidate syscall numbers across architectures, I have added the pidfd_open() syscall to all architectures at the same time. Signed-off-by: Christian Brauner Reviewed-by: Oleg Nesterov Cc: Arnd Bergmann Cc

Re: [PATCH v2 1/2] pid: add pidfd_open()

On Mon, May 20, 2019 at 04:37:03PM +0200, Arnd Bergmann wrote: > On Mon, May 20, 2019 at 3:46 PM Christian Brauner > wrote: > > > > In line with Arnd's recent changes to consolidate syscall numbers across > > architectures, I have added the pidfd_open() sysc

Re: [PATCH v1 1/2] pid: add pidfd_open()

w, thanks. Yip, totally. Just added them both to my Cc list. :) (I saw you added Suren manually. I added the Android kernel team now too.) > > On Thu, May 16, 2019 at 03:59:42PM +0200, Christian Brauner wrote: > [snip] > > diff --git a/kernel/pid.c b/kernel/pid.c > > ind

Re: [PATCH v3 1/2] pid: add pidfd_open()

On Mon, May 20, 2019 at 05:56:29PM +0200, Christian Brauner wrote: > This adds the pidfd_open() syscall. It allows a caller to retrieve pollable > pidfds for a process which did not get created via CLONE_PIDFD, i.e. for a > process that is created via traditional fork()/clone() calls tha

[PATCH 1/2] open: add close_range()

2 open. Suggested-by: Al Viro Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Oleg Nesterov Cc: Florian Weimer Cc: linux-...@vger.kernel.org --- arch/alpha/kernel/syscalls/syscall.tbl | 1 + arch/arm/tools/syscall.tbl

[PATCH 2/2] tests: add close_range() tests

that max_fd is correctly capped to the current fdtable maximum Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Oleg Nesterov Cc: Florian Weimer Cc: linux-...@vger.kernel.org --- tools/testing/selftests/Makefile | 1

Re: [PATCH 1/2] open: add close_range()

On Tue, May 21, 2019 at 02:09:29PM +0200, Florian Weimer wrote: > * Christian Brauner: > > > +/** > > + * __close_range() - Close all file descriptors in a given range. > > + * > > + * @fd: starting file descriptor to close > > + * @m

Re: [PATCH 1/2] open: add close_range()

On Tue, May 21, 2019 at 03:10:11PM +0200, Florian Weimer wrote: > * Christian Brauner: > > >> Solaris has an fdwalk function: > >> > >> <https://docs.oracle.com/cd/E88353_01/html/E37843/closefrom-3c.html> > >> > >> So a differen

Re: [PATCH 1/2] open: add close_range()

On Tue, May 21, 2019 at 03:10:11PM +0200, Florian Weimer wrote: > * Christian Brauner: > > >> Solaris has an fdwalk function: > >> > >> <https://docs.oracle.com/cd/E88353_01/html/E37843/closefrom-3c.html> > >> > >> So a differen

Re: [PATCH 1/2] open: add close_range()

On Tue, May 21, 2019 at 05:30:27PM +0100, David Howells wrote: > Al Viro wrote: > > > Umm... That's going to be very painful if you dup2() something to MAX_INT > > and > > then run that; roughly 2G iterations of bouncing ->file_lock up and down, > > without anything that would yield CPU in

Re: [PATCH 1/2] open: add close_range()

On Tue, May 21, 2019 at 04:00:06PM +0100, Al Viro wrote: > On Tue, May 21, 2019 at 01:34:47PM +0200, Christian Brauner wrote: > > > This adds the close_range() syscall. It allows to efficiently close a range > > of file descriptors up to all file descriptors

[PATCH v3 2/2] tests: add pidfd_open() tests

-by: Christian Brauner Cc: Arnd Bergmann Cc: "Eric W. Biederman" Cc: Kees Cook Cc: Joel Fernandes (Google) Cc: Thomas Gleixner Cc: Jann Horn Cc: David Howells Cc: "Michael Kerrisk (man-pages)" Cc: Andy Lutomirsky Cc: Andrew Morton Cc: Oleg Nesterov Cc: Aleksa Sarai Cc

[PATCH v3 1/2] pid: add pidfd_open()

-based processes we enable them to adopt this api. In line with Arnd's recent changes to consolidate syscall numbers across architectures, I have added the pidfd_open() syscall to all architectures at the same time. Signed-off-by: Christian Brauner Reviewed-by: Oleg Nesterov Acked-by: Arnd Bergmann

Re: [PATCH 1/2] pid: add pidfd_open()

On Thu, May 16, 2019 at 04:03:27PM +0200, Jann Horn wrote: > On Thu, May 16, 2019 at 3:08 PM Christian Brauner > wrote: > > On Wed, May 15, 2019 at 10:45:06AM -0700, Daniel Colascione wrote: > > > On Wed, May 15, 2019 at 3:04 AM Christian Brauner > > > wr

[PATCH v1 1/2] pid: add pidfd_open()

-based processes we enable them to adopt this api. In line with Arnd's recent changes to consolidate syscall numbers across architectures, I have added the pidfd_open() syscall to all architectures at the same time. Signed-off-by: Christian Brauner Acked-by: Geert Uytterhoeven Cc: Arnd Bergmann

Re: [PATCH 1/2] pid: add pidfd_open()

On Wed, May 15, 2019 at 10:45:06AM -0700, Daniel Colascione wrote: > On Wed, May 15, 2019 at 3:04 AM Christian Brauner > wrote: > > > > This adds the pidfd_open() syscall. It allows a caller to retrieve pollable > > pidfds for a process which did not get crea

[PATCH v1 2/2] tests: add pidfd_open() tests

-by: Christian Brauner Cc: Arnd Bergmann Cc: "Eric W. Biederman" Cc: Kees Cook Cc: Thomas Gleixner Cc: Jann Horn Cc: David Howells Cc: "Michael Kerrisk (man-pages)" Cc: Andy Lutomirsky Cc: Andrew Morton Cc: Oleg Nesterov Cc: Aleksa Sarai Cc: Linus Torvalds Cc

[PATCH 2/2] tests: add pidfd_open() tests

-by: Christian Brauner Cc: Arnd Bergmann Cc: "Eric W. Biederman" Cc: Kees Cook Cc: Thomas Gleixner Cc: Jann Horn Cc: David Howells Cc: "Michael Kerrisk (man-pages)" Cc: Andy Lutomirsky Cc: Andrew Morton Cc: Oleg Nesterov Cc: Aleksa Sarai Cc: Linus Torvalds Cc

[PATCH 1/2] pid: add pidfd_open()

-based processes we enable them to adopt this api. In line with Arnd's recent changes to consolidate syscall numbers across architectures, I have added the pidfd_open() syscall to all architectures at the same time. Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: "Eric W. Biederman

Re: [PATCH v1 1/2] pid: add pidfd_open()

On Thu, May 16, 2019 at 05:22:53PM +0200, Oleg Nesterov wrote: > On 05/17, Aleksa Sarai wrote: > > > > On 2019-05-16, Oleg Nesterov wrote: > > > On 05/17, Aleksa Sarai wrote: > > > > On 2019-05-16, Oleg Nesterov wrote: > &g

Re: [PATCH v1 1/2] pid: add pidfd_open()

On Thu, May 16, 2019 at 04:27:00PM +0200, Oleg Nesterov wrote: > On 05/16, Christian Brauner wrote: > > > > With the introduction of pidfds through CLONE_PIDFD it is possible to > > created pidfds at process creation time. > > Now I am wondering why do we need C

Re: [PATCH v1 1/2] pid: add pidfd_open()

On Thu, May 16, 2019 at 04:56:08PM +0200, Geert Uytterhoeven wrote: > Hi Christian, David, > > On Thu, May 16, 2019 at 4:00 PM Christian Brauner > wrote: > > This adds the pidfd_open() syscall. It allows a caller to retrieve pollable > > pidfds for a process which

[PATCH 1/2] arch: mark syscall number 435 reserved for clone3

it this ensures that new system calls coming after clone3 will have the same number on all architectures. Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: linux-a...@vger.kernel.org Cc: linux-al...@vger.kernel.org Cc: linux-ker...@vger.kernel.org Cc: linux-i...@vger.kernel.org Cc: linux-m

Re: [PATCH 1/2] arch: mark syscall number 435 reserved for clone3

On Mon, Jul 15, 2019 at 03:56:04PM +0200, Christian Borntraeger wrote: > I think Vasily already has a clone3 patch for s390x with 435. A quick follow-up on this. Helge and Michael have asked whether there are any tests for clone3. Yes, there will be and I try to have them ready by the end of the

Re: [PATCH 1/2] arch: mark syscall number 435 reserved for clone3

On Mon, Jul 15, 2019 at 03:56:04PM +0200, Christian Borntraeger wrote: > I think Vasily already has a clone3 patch for s390x with 435. Excellent. I'll leave the # 435 reserved for clone3 on s390x in until this patch has landed. It shouldn't be a merge conflict and if so it should be trivial.

Re: [PATCH 1/2] arch: mark syscall number 435 reserved for clone3

On Tue, Jul 16, 2019 at 08:53:10PM +0200, Sven Schnelle wrote: > Hi, > > [Adding Helge to CC list] > > On Tue, Jul 16, 2019 at 03:06:33PM +0200, Christian Brauner wrote: > > On Mon, Jul 15, 2019 at 03:56:04PM +0200, Christian Borntraeger wrote: > > > I think Vas

Re: [PATCH v12 01/12] lib: introduce copy_struct_{to,from}_user helpers

On Thu, Sep 05, 2019 at 09:27:18PM +1000, Aleksa Sarai wrote: > On 2019-09-05, Christian Brauner wrote: > > On Thu, Sep 05, 2019 at 06:19:22AM +1000, Aleksa Sarai wrote: > > > A common pattern for syscall extensions is increasing the size of a > > > s

Re: [PATCH v12 01/12] lib: introduce copy_struct_{to,from}_user helpers

On Thu, Sep 05, 2019 at 07:07:50PM +0100, Al Viro wrote: > On Thu, Sep 05, 2019 at 06:19:22AM +1000, Aleksa Sarai wrote: > > +/* > > + * "memset(p, 0, size)" but for user space buffers. Caller must have > > already > > + * checked access_ok(p, size). > > + */ > > +static int __memzero_user(void

Re: [PATCH v12 01/12] lib: introduce copy_struct_{to,from}_user helpers

On Thu, Sep 05, 2019 at 07:50:26PM +1000, Aleksa Sarai wrote: > On 2019-09-05, Rasmus Villemoes wrote: > > On 04/09/2019 22.19, Aleksa Sarai wrote: > > > A common pattern for syscall extensions is increasing the size of a > > > struct passed from userspace, such that the zero-value of the new

Re: [PATCH v12 01/12] lib: introduce copy_struct_{to,from}_user helpers

On Thu, Sep 05, 2019 at 06:19:22AM +1000, Aleksa Sarai wrote: > A common pattern for syscall extensions is increasing the size of a > struct passed from userspace, such that the zero-value of the new fields > result in the old kernel behaviour (allowing for a mix of userspace and > kernel vintages

Re: [PATCH v12 01/12] lib: introduce copy_struct_{to,from}_user helpers

On Thu, Sep 05, 2019 at 06:19:22AM +1000, Aleksa Sarai wrote: > A common pattern for syscall extensions is increasing the size of a > struct passed from userspace, such that the zero-value of the new fields > result in the old kernel behaviour (allowing for a mix of userspace and > kernel vintages

Re: [PATCH v12 01/12] lib: introduce copy_struct_{to,from}_user helpers

On Thu, Sep 05, 2019 at 01:17:38PM +0200, Rasmus Villemoes wrote: > On 05/09/2019 13.05, Christian Brauner wrote: > > On Thu, Sep 05, 2019 at 06:19:22AM +1000, Aleksa Sarai wrote: > > >> + if (unlikely(!access_ok(dst, usize))) > >> + return -EFAULT; > &

Re: [PATCH v12 01/12] lib: introduce copy_struct_{to,from}_user helpers

On Thu, Sep 05, 2019 at 07:28:01PM +0100, Al Viro wrote: > On Thu, Sep 05, 2019 at 08:23:03PM +0200, Christian Brauner wrote: > > > Because every caller of that function right now has that limit set > > anyway iirc. So we can either remove it from here and place it back for

Re: [PATCH v12 01/12] lib: introduce copy_struct_{to,from}_user helpers

On Fri, Sep 06, 2019 at 05:56:18AM +1000, Aleksa Sarai wrote: > On 2019-09-05, Al Viro wrote: > > On Thu, Sep 05, 2019 at 08:23:03PM +0200, Christian Brauner wrote: > > > > > Because every caller of that function right now has that limit set > > > anyway iirc

Re: [PATCH 1/2] arch: mark syscall number 435 reserved for clone3

On Fri, Jul 19, 2019 at 08:18:02PM +1000, Michael Ellerman wrote: > Christian Brauner writes: > > On Mon, Jul 15, 2019 at 03:56:04PM +0200, Christian Borntraeger wrote: > >> I think Vasily already has a clone3 patch for s390x with 435. > > > > A quick follow-up o

Re: [PATCH v9 08/10] open: openat2(2) syscall

On Fri, Jul 19, 2019 at 05:12:18AM +0300, Dmitry V. Levin wrote: > On Thu, Jul 18, 2019 at 11:29:50PM +0200, Arnd Bergmann wrote: > [...] > > 5. you get the same problem with seccomp and strace that > >clone3() has -- these and others only track the register > >arguments by default. > >

Re: [PATCH 1/2] arch: mark syscall number 435 reserved for clone3

On Fri, Jul 19, 2019 at 09:13:16PM +1000, Michael Ellerman wrote: > Christian Brauner writes: > > On Fri, Jul 19, 2019 at 08:18:02PM +1000, Michael Ellerman wrote: > >> Christian Brauner writes: > >> > On Mon, Jul 15, 2019 at 03:56:04PM +0200, Christian Borntraeger

Re: [PATCH] powerpc: Wire up clone3 syscall

On Wed, Jul 24, 2019 at 12:25:14PM +0700, Arseny Solokha wrote: > Hi, > > may I also ask to provide ppc_clone3 symbol also for 32-bit powerpc? Otherwise > Michael's patch breaks build for me: Makes sense. Michael, are you planning on picking this up? :) Christian > >

Re: [PATCH v2] powerpc: Wire up clone3 syscall

ll code. Otherwise we hit > the BUG_ON in CHECK_FULL_REGS in copy_thread(). > > Lightly tested using Christian's test code on a Power8 LE VM. > > Signed-off-by: Michael Ellerman Acked-by: Christian Brauner > --- > arch/powerpc/include/asm/unistd.h| 1 + &

[PATCH 3/5] arch: wire-up pidfd_wait()

This wires up the pidfd_wait() syscall into all arches at once. Signed-off-by: Christian Brauner Cc: Arnd Bergmann Cc: "Eric W. Biederman" Cc: Kees Cook Cc: Joel Fernandes (Google) Cc: Thomas Gleixner Cc: Jann Horn Cc: David Howells Cc: Andy Lutomirsky Cc: Andrew Morton

Re: [PATCH] powerpc: Wire up clone3 syscall

ll code. Otherwise we hit > the BUG_ON in CHECK_FULL_REGS in copy_thread(). > > Lightly tested using Christian's test code on a Power8 LE VM. > > Signed-off-by: Michael Ellerman Thank you, Michael! One comment below, otherwise: Acked-by: Christian Brauner > --- > arch/pow

Re: [PATCH 12/23] y2038: syscalls: change remaining timeval to __kernel_old_timeval

timeval type in user space. > > Signed-off-by: Arnd Bergmann Seems reasonable. Acked-by: Christian Brauner

Re: [PATCH v15 0/9] open: introduce openat2(2) syscall

On Tue, Nov 12, 2019 at 03:01:26PM -0800, Kees Cook wrote: > On Tue, Nov 12, 2019 at 12:24:04AM +1100, Aleksa Sarai wrote: > > On 2019-11-05, Aleksa Sarai wrote: > > > This patchset is being developed here: > > > > > > > > > Patch

[REVIEW PATCH v5 2/3] arch: wire-up close_range()

This wires up the close_range() syscall into all arches at once. Suggested-by: Arnd Bergmann Signed-off-by: Christian Brauner Reviewed-by: Oleg Nesterov Acked-by: Arnd Bergmann Acked-by: Michael Ellerman (powerpc) Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Linus Torvalds Cc

Re: [PATCH] selftests: pidfd: Add pidfd_fdinfo_test in .gitignore

On Fri, Feb 28, 2020 at 01:18:44AM +0100, Christian Brauner wrote: > On February 28, 2020 1:00:08 AM GMT+01:00, Christophe Leroy > wrote: > >The commit identified below added pidfd_fdinfo_test > >but failed to add it to .gitignore > > > >Fixes: 2def297ec7fb (&q

Re: [PATCH] selftests: pidfd: Add pidfd_fdinfo_test in .gitignore

ests/pidfd/.gitignore >+++ b/tools/testing/selftests/pidfd/.gitignore >@@ -2,4 +2,5 @@ pidfd_open_test > pidfd_poll_test > pidfd_test > pidfd_wait >+pidfd_fdinfo_test > pidfd_getfd_test Thanks for spotting this. I'll pick this up along with other fixes I have waiting. Acked-by: Christian Brauner

Re: [PATCH 04/15] selftests/seccomp: arm: Define SYSCALL_NUM_SET macro

On Sat, Sep 12, 2020 at 04:08:09AM -0700, Kees Cook wrote: > Remove the arm special-case in change_syscall(). > > Signed-off-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH 08/15] selftests/seccomp: Convert HAVE_GETREG into ARCH_GETREG/ARCH_SETREG

On Sat, Sep 12, 2020 at 04:08:13AM -0700, Kees Cook wrote: > Instead of special-casing the get/set-registers routines, move the > HAVE_GETREG logic into the new ARCH_GETREG() and ARCH_SETREG() macros. > > Signed-off-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH 01/15] selftests/seccomp: Refactor arch register macros to avoid xtensa special case

Looks good! Acked-by: Christian Brauner

Re: [PATCH 07/15] selftests/seccomp: Remove syscall setting #ifdefs

On Sat, Sep 12, 2020 at 04:08:12AM -0700, Kees Cook wrote: > With all architectures now using the common SYSCALL_NUM_SET() macro, the > arch-specific #ifdef can be removed from change_syscall() itself. > > Signed-off-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH 15/15] selftests/seccomp: Use __NR_mknodat instead of __NR_mknod

> --- Thanks! Looks good. Acked-by: Christian Brauner

Re: [PATCH 14/15] selftests/clone3: Avoid OS-defined clone_args

On Sat, Sep 12, 2020 at 04:08:19AM -0700, Kees Cook wrote: > As the UAPI headers start to appear in distros, we need to avoid > outdated versions of struct clone_args to be able to test modern > features. Additionally pull in the syscall numbers correctly. > > Signed-off-by: Kees Cook > --- Hm,

Re: [PATCH 06/15] selftests/seccomp: mips: Remove O32-specific macro

> Signed-off-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH 05/15] selftests/seccomp: arm64: Define SYSCALL_NUM_SET macro

On Sat, Sep 12, 2020 at 04:08:10AM -0700, Kees Cook wrote: > Remove the arm64 special-case in change_syscall(). > > Signed-off-by: Kees Cook > --- We're using iovecs in ptrace()?? Looks good! Acked-by: Christian Brauner

Re: [PATCH 10/15] selftests/seccomp: Avoid redundant register flushes

f-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH 03/15] selftests/seccomp: mips: Define SYSCALL_NUM_SET macro

\ (_regs).regs[2] = _nr; \ } while (0) would read better but that's just a matter of taste. :) Looks good! Acked-by: Christian Brauner

Re: [PATCH 02/15] selftests/seccomp: Provide generic syscall setting macro

ks good either way! Acked-by: Christian Brauner

Re: [PATCH 11/15] selftests/seccomp: Remove SYSCALL_NUM_RET_SHARE_REG in favor of SYSCALL_RET_SET

return value (for whatever reason), they can define SYSCALL_RET_SET() > without an associated SYSCALL_RET() macro. This also paves the way for > architectures that need to do special things to set the return value > (e.g. powerpc). > > Signed-off-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH 09/15] selftests/seccomp: Convert REGSET calls into ARCH_GETREG/ARCH_SETREG

On Sat, Sep 12, 2020 at 04:08:14AM -0700, Kees Cook wrote: > Consolidate the REGSET logic into the new ARCH_GETREG() and > ARCH_SETREG() macros, avoiding more #ifdef code in function bodies. > > Signed-off-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH v2 3/4] selftests/seccomp: powerpc: Set syscall return during ptrace syscall exit

; Suggested-by: Thadeu Lima de Souza Cascardo > Link: > https://lore.kernel.org/linux-kselftest/20200911181012.171027-1-casca...@canonical.com/ > Fixes: 58d0a862f573 ("seccomp: add tests for ptrace hole") > Signed-off-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH v2 2/4] selftests/seccomp: Allow syscall nr and ret value to be set separately

regset > read/write happening once and in one code path. > > Signed-off-by: Kees Cook > --- Looks good! Acked-by: Christian Brauner

Re: [PATCH v2 4/4] selftests/clone3: Avoid OS-defined clone_args

; macro names to match UAPI names. > > Signed-off-by: Kees Cook > --- Looks good, thanks! Acked-by: Christian Brauner

Re: [PATCH v2 1/4] selftests/seccomp: Record syscall during ptrace entry

if (!entry) > + /* > + * Some architectures only support setting return values during > + * syscall exit under ptrace, and on exit the syscall number may > + * no longer be available. Therefore, save the initial sycall s/sycall/syscall/ Oth

Re: [PATCH 17/17] arch: rename copy_thread_tls() back to copy_thread()

On Fri, Jun 26, 2020 at 06:17:49AM +0900, Stafford Horne wrote: > On Tue, Jun 23, 2020 at 01:43:26AM +0200, Christian Brauner wrote: > > > diff --git a/arch/openrisc/kernel/process.c b/arch/openrisc/kernel/process.c > > index d7010e72450c..19045a3efb8a 100644 > > --

Re: linux-next: manual merge of the pidfd tree with the powerpc-fixes tree

On Fri, Jun 19, 2020 at 09:17:30PM +1000, Michael Ellerman wrote: > Stephen Rothwell writes: > > Hi all, > > > > Today's linux-next merge of the pidfd tree got a conflict in: > > > > arch/powerpc/kernel/syscalls/syscall.tbl > > > > between commit: > > > > 35e32a6cb5f6 ("powerpc/syscalls:

[PATCH 17/17] arch: rename copy_thread_tls() back to copy_thread()

adead.org Cc: linux-s...@vger.kernel.org Cc: linux...@vger.kernel.org Cc: sparcli...@vger.kernel.org Cc: linux...@lists.infradead.org Cc: linux-xte...@linux-xtensa.org Signed-off-by: Christian Brauner --- arch/alpha/kernel/process.c | 2 +- arch/arc/kernel/process.c| 2 +- arch/arm

[PATCH 16/17] arch: remove HAVE_COPY_THREAD_TLS

recores.org Cc: linux-par...@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Cc: linux-ri...@lists.infradead.org Cc: linux-s...@vger.kernel.org Cc: linux...@vger.kernel.org Cc: sparcli...@vger.kernel.org Cc: linux...@lists.infradead.org Cc: linux-xte...@linux-xtensa.org Signed-off-by: Christian B

[PATCH v5 2/3] arch: wire-up close_range()

This wires up the close_range() syscall into all arches at once. Suggested-by: Arnd Bergmann Signed-off-by: Christian Brauner Reviewed-by: Oleg Nesterov Acked-by: Arnd Bergmann Acked-by: Michael Ellerman (powerpc) Cc: Jann Horn Cc: David Howells Cc: Dmitry V. Levin Cc: Linus Torvalds Cc

Re: [PATCH v4 1/3] audit: replace magic audit syscall class numbers with macros

d 32 bit in any compat code, causing > redefinition warnings. > > Signed-off-by: Richard Guy Briggs > Link: > https://lore.kernel.org/r/2300b1083a32aade7ae7efb95826e8f3f260b1df.1621363275.git@redhat.com Looks good. Acked-by: Christian Brauner Fwiw, I would exp

Re: [PATCH v4 2/3] audit: add support for the openat2 syscall

; @@ -76,6 +76,7 @@ > #include > #include > #include > +#include > > #include "audit.h" > > @@ -196,6 +197,8 @@ static int audit_match_perm(struct audit_context *ctx, > int mask) > return ((mask & AUDIT_PERM_WRITE) && ctx->argv[0] == SYS_BIND); > case AUDITSC_EXECVE: > return mask & AUDIT_PERM_EXEC; > + case AUDITSC_OPENAT2: > + return mask & ACC_MODE((u32)((struct open_how > *)ctx->argv[2])->flags); That's a lot of dereferncing, casting and masking all at once. Maybe a small static inline helper would be good for the sake of legibility? Sm like: static inline u32 audit_openat2_acc(struct open_how *how, int mask) { u32 flags = how->flags; return mask & ACC_MODE(flags); } but not sure. Just seems more legible to me. Otherwise. Acked-by: Christian Brauner

Re: [PATCH v1 1/1] kernel.h: Split out panic and oops helpers

ase. (Be good to see kbuild do an allmodconfig build of this though.) Acked-by: Christian Brauner > arch/powerpc/kernel/setup-common.c | 1 + > arch/x86/include/asm/desc.h | 1 + > arch/x86/kernel/cpu/mshyperv.c | 1 + > arch/x86/kernel/setup.c | 1 + &g

Re: [PATCH 1/9] fs: rename alloc_anon_inode to alloc_anon_inode_sb

kernel.org/lkml/20210310083040.ga5...@lst.de) Reviewed-by: Christian Brauner > arch/powerpc/platforms/pseries/cmm.c | 2 +- > drivers/dma-buf/dma-buf.c| 2 +- > drivers/gpu/drm/drm_drv.c| 2 +- > drivers/misc/cxl/api.c | 2 +- > drivers/mi

Re: [PATCH 2/9] fs: add an argument-less alloc_anon_inode

On Tue, Mar 09, 2021 at 04:53:41PM +0100, Christoph Hellwig wrote: > Add a new alloc_anon_inode helper that allocates an inode on > the anon_inode file system. > > Signed-off-by: Christoph Hellwig > --- Looks good! Reviewed-by: Christian Brauner

Re: [PATCH 1/2] audit: add support for the openat2 syscall

On Thu, Mar 18, 2021 at 11:48:45AM +0100, Christian Brauner wrote: > [+Cc Aleksa, the author of openat2()] > > and a comment below. :) > > On Wed, Mar 17, 2021 at 09:47:17PM -0400, Richard Guy Briggs wrote: > > The openat2(2) syscall was added in kernel v5.6 with commit fd

Re: [PATCH 1/2] audit: add support for the openat2 syscall

[+Cc Aleksa, the author of openat2()] and a comment below. :) On Wed, Mar 17, 2021 at 09:47:17PM -0400, Richard Guy Briggs wrote: > The openat2(2) syscall was added in kernel v5.6 with commit fddb5d430ad9 > ("open: introduce openat2(2) syscall") > > Add the openat2(2) syscall to the audit

Re: [PATCH 1/2] audit: add support for the openat2 syscall

On Thu, Apr 22, 2021 at 10:34:08PM -0400, Richard Guy Briggs wrote: > On 2021-03-18 08:08, Richard Guy Briggs wrote: > > On 2021-03-18 11:48, Christian Brauner wrote: > > > [+Cc Aleksa, the author of openat2()] > > > > Ah! Thanks for pulling in Aleksa

Re: [PATCH v13 15/35] fs: Export anon_inode_getfile_secure() for use by KVM

On Fri, Oct 27, 2023 at 11:21:57AM -0700, Sean Christopherson wrote: > Export anon_inode_getfile_secure() so that it can be used by KVM to create > and manage file-based guest memory without need a fullblow filesystem. > The "standard" anon_inode_getfd() doesn't work for KVM's use case as KVM >

Re: [PATCH 14/34] fs: Rename anon_inode_getfile_secure() and anon_inode_getfd_secure()

the symbol, they can ask or they can just use > anon_inode_create_getfile(), which will be exported very soon for use > in KVM. > > Suggested-by: Christian Brauner > Signed-off-by: Paolo Bonzini > --- Looks good to me, Reviewed-by: Christian Brauner

  1   2   >