From: Rich Felker <dalias@aerifal.cx>
To: Al Viro <viro@ZenIV.linux.org.uk>
Cc: David Drysdale <drysdale@google.com>,
"Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Andy Lutomirski <luto@amacapital.net>,
Meredydd Luff <meredydd@senatehouse.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
David Miller <davem@davemloft.net>,
Thomas Gleixner <tglx@linutronix.de>,
Stephen Rothwell <sfr@canb.auug.org.au>,
Oleg Nesterov <oleg@redhat.com>, Ingo Molnar <mingo@redhat.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Kees Cook <keescook@chromium.org>, Arnd Bergmann <arnd@arndb.de>,
Christoph Hellwig <hch@infradead.org>, X86 ML <x86@kernel.org>,
linux-arch <linux-arch@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
sparclinux@vger.kernel.org
Subject: Re: [PATCHv10 man-pages 5/5] execveat.2: initial man page for execveat(2)
Date: Fri, 9 Jan 2015 17:42:52 -0500 [thread overview]
Message-ID: <20150109224252.GY4574@brightrain.aerifal.cx> (raw)
In-Reply-To: <20150109223300.GO22149@ZenIV.linux.org.uk>
On Fri, Jan 09, 2015 at 10:33:00PM +0000, Al Viro wrote:
> On Fri, Jan 09, 2015 at 05:17:28PM -0500, Rich Felker wrote:
> > > Back then the procfs-free environments had been pushed as a serious argument
> > > in favour of merging the damn thing. Now you guys turn around and say that
> > > we not only need procfs mounted, we need a yet-to-be-added kludge in there
> > > to cope with the actual intended uses.
> >
> > Reverting does not fix the problem. There is no way to make fexecve
> > work for scripts without kernel support, and the needed kernel support
> > without fexecve would be even nastier, since handling of /proc/self/fd
> > magic-symlinks would need to be special-cased. The added fexecveat
> > syscall supports fully /proc-less operation for non-scripts.
>
> Oh, yes it does. It's not *our* problem if it's out of tree and not
> a part of ABI. That way if you need it, *you* get to come up with clean
> implementation. If it's in-tree you get leverage to push ugly kludges
> further in. And frankly, I don't trust you to abstain from using that
> leverage in rather nasty ways.
>
> Out of curiosity, how would you expect that "open only once" to work?
> All reliable variants I see are beyond sick...
Here's a very simple way it could work -- it could put the O_PATH fd
on a previously-unused fd number, and put a special flag on the fd,
like FD_CLOEXEC, but that causes the kernel to close it whenever it's
opened. The pathname passed could then simply be /dev/fd/%d or
/proc/self/fd/%d, and although this is presently dependent on /proc
being mounted, virtual /dev/fd/* could someday be something completely
independent of procfs. The kernel keeps all the freedom to choose how
to pass the name to the interpreter. I'm not proposing any kernel
API/ABI lock-in and I'm with you in opposing such lock-in.
Rich
next prev parent reply other threads:[~2015-01-09 22:42 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-24 11:53 [PATCHv10 0/5] syscalls,x86,sparc: Add execveat() system call David Drysdale
2014-11-24 11:53 ` [PATCHv10 1/5] syscalls: implement " David Drysdale
2014-11-24 11:53 ` [PATCHv10 2/5] x86: Hook up execveat " David Drysdale
[not found] ` <1416830039-21952-3-git-send-email-drysdale-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2014-11-24 12:45 ` Thomas Gleixner
2014-11-24 17:06 ` Dan Carpenter
2014-11-24 18:26 ` David Drysdale
[not found] ` <CAHse=S-DS=NGC619Uhzkbd-EKa0D+HgBq3rE1czmLdoxAFswPg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-25 12:16 ` Dan Carpenter
2014-11-24 18:53 ` Thomas Gleixner
2014-11-24 11:53 ` [PATCHv10 3/5] syscalls: add selftest for execveat(2) David Drysdale
2014-11-24 11:53 ` [PATCHv10 4/5] sparc: Hook up execveat system call David Drysdale
2014-11-24 18:36 ` David Miller
2014-11-24 11:53 ` [PATCHv10 man-pages 5/5] execveat.2: initial man page for execveat(2) David Drysdale
2015-01-09 15:47 ` Michael Kerrisk (man-pages)
2015-01-09 16:13 ` Rich Felker
[not found] ` <20150109161302.GQ4574-C3MtFaGISjmo6RMmaWD+6Sb1p8zYI1N1@public.gmane.org>
2015-01-09 17:46 ` David Drysdale
[not found] ` <CAHse=S88Jy5ZKM_VY5onfvxX7dTMngnxuHfuLeSuzvKvQNP19A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-01-09 20:48 ` Rich Felker
2015-01-09 20:56 ` Al Viro
[not found] ` <20150109205626.GK22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-09 20:59 ` Rich Felker
[not found] ` <20150109205926.GT4574-C3MtFaGISjmo6RMmaWD+6Sb1p8zYI1N1@public.gmane.org>
2015-01-09 21:09 ` Al Viro
2015-01-09 21:28 ` Rich Felker
2015-01-09 21:50 ` Al Viro
2015-01-09 22:17 ` Rich Felker
2015-01-09 22:33 ` Al Viro
2015-01-09 22:42 ` Rich Felker [this message]
[not found] ` <20150109224252.GY4574-C3MtFaGISjmo6RMmaWD+6Sb1p8zYI1N1@public.gmane.org>
2015-01-09 22:57 ` Al Viro
2015-01-09 23:12 ` Rich Felker
2015-01-09 23:24 ` Andy Lutomirski
2015-01-09 23:37 ` Rich Felker
2015-01-10 0:01 ` Al Viro
2015-01-09 23:36 ` Al Viro
[not found] ` <20150109233644.GR22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-10 3:03 ` Al Viro
2015-01-10 3:41 ` Rich Felker
2015-01-10 4:14 ` Al Viro
2015-01-10 5:57 ` Rich Felker
2015-01-10 22:27 ` Eric W. Biederman
2015-01-11 1:15 ` Rich Felker
2015-01-11 2:09 ` Eric W. Biederman
[not found] ` <87oaq6oypl.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-11 11:02 ` Christoph Hellwig
2015-01-12 14:18 ` David Drysdale
[not found] ` <20150109212852.GU4574-C3MtFaGISjmo6RMmaWD+6Sb1p8zYI1N1@public.gmane.org>
2015-01-09 22:13 ` Eric W. Biederman
2015-01-09 22:38 ` Rich Felker
[not found] ` <20150109223843.GX4574-C3MtFaGISjmo6RMmaWD+6Sb1p8zYI1N1@public.gmane.org>
2015-01-10 1:17 ` Eric W. Biederman
[not found] ` <87mw5rtowa.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-10 1:33 ` Rich Felker
2015-01-12 11:33 ` David Drysdale
2015-01-12 16:07 ` Rich Felker
2015-01-10 7:13 ` Michael Kerrisk (man-pages)
2015-01-09 21:20 ` Eric W. Biederman
[not found] ` <877fwvy7ln.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-09 21:31 ` Rich Felker
2015-01-10 7:43 ` Michael Kerrisk (man-pages)
2015-01-10 8:27 ` Michael Kerrisk (man-pages)
2015-01-10 13:31 ` Rich Felker
2015-01-10 7:38 ` Michael Kerrisk (man-pages)
2015-01-09 18:02 ` David Drysdale
[not found] ` <CAHse=S9kRj00eRbB+7DQd39Cso1O2LcmZpBVCbuUa9EwRQKv_w-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-01-10 7:56 ` Michael Kerrisk (man-pages)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150109224252.GY4574@brightrain.aerifal.cx \
--to=dalias@aerifal.cx \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=davem@davemloft.net \
--cc=drysdale@google.com \
--cc=ebiederm@xmission.com \
--cc=hch@infradead.org \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=meredydd@senatehouse.org \
--cc=mingo@redhat.com \
--cc=mtk.manpages@gmail.com \
--cc=oleg@redhat.com \
--cc=sfr@canb.auug.org.au \
--cc=sparclinux@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=viro@ZenIV.linux.org.uk \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).