[PATCH 1/2] CLONE_PIDFD: do not use the value pointed by parent_tidptr

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: "Dmitry V. Levin" <ldv@altlinux.org>
To: Christian Brauner <christian@brauner.io>
Cc: Jann Horn <jannh@google.com>, Oleg Nesterov <oleg@redhat.com>,
	Arnd Bergmann <arnd@arndb.de>,
	linux-api@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH 1/2] CLONE_PIDFD: do not use the value pointed by parent_tidptr
Date: Sun, 23 Jun 2019 14:27:17 +0300	[thread overview]
Message-ID: <20190623112717.GA20697@altlinux.org> (raw)
In-Reply-To: <20190621221339.6yj4vg4zexv4y2j7@brauner.io>

Userspace needs a cheap and reliable way to tell whether CLONE_PIDFD
is supported by the kernel or not.

While older kernels without CLONE_PIDFD support just leave unchanged
the value pointed by parent_tidptr, current implementation fails with
EINVAL if that value is non-zero.

If CLONE_PIDFD is supported and fd 0 is closed, then mandatory pidfd == 0
pointed by parent_tidptr also remains unchanged, which effectively
means that userspace must either check CLONE_PIDFD support beforehand
or ensure that fd 0 is not closed when invoking CLONE_PIDFD.

The check for pidfd == 0 was introduced during v5.2 release cycle
by commit b3e583825266 ("clone: add CLONE_PIDFD") to ensure that
CLONE_PIDFD could be potentially extended by passing in flags through
the return argument.

However, that extension would look horrendous, and with introduction of
clone3 syscall in v5.3 there is no need to extend legacy clone syscall
this way.

So remove the pidfd == 0 check.  Userspace that needs to be portable
to kernels without CLONE_PIDFD support is advised to initialize pidfd
with -1 and check the pidfd value returned by CLONE_PIDFD.

Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
---
 kernel/fork.c | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index 75675b9bf6df..39a3adaa4ad1 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1822,8 +1822,6 @@ static __latent_entropy struct task_struct *copy_process(
 	}

 	if (clone_flags & CLONE_PIDFD) {
-		int reserved;
-
 		/*
 		 * - CLONE_PARENT_SETTID is useless for pidfds and also
 		 *   parent_tidptr is used to return pidfds.
@@ -1834,16 +1832,6 @@ static __latent_entropy struct task_struct *copy_process(
 		if (clone_flags &
 		    (CLONE_DETACHED | CLONE_PARENT_SETTID | CLONE_THREAD))
 			return ERR_PTR(-EINVAL);
-
-		/*
-		 * Verify that parent_tidptr is sane so we can potentially
-		 * reuse it later.
-		 */
-		if (get_user(reserved, parent_tidptr))
-			return ERR_PTR(-EFAULT);
-
-		if (reserved != 0)
-			return ERR_PTR(-EINVAL);
 	}

 	/*
-- 
ldv

next prev parent reply	other threads:[~2019-06-23 11:27 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-06-20  3:11 [PATCH] samples: make pidfd-metadata fail gracefully on older kernels Dmitry V. Levin
2019-06-20 10:31 ` Christian Brauner
2019-06-20 11:00   ` Dmitry V. Levin
2019-06-20 11:10     ` Christian Brauner
2019-06-21 17:06       ` Dmitry V. Levin
2019-06-21 22:13         ` Christian Brauner
2019-06-23 11:27           ` Dmitry V. Levin [this message]
2019-06-23 11:28             ` [PATCH 2/2] " Dmitry V. Levin
2019-06-24  9:50               ` Christian Brauner
2019-06-24  9:49             ` [PATCH 1/2] CLONE_PIDFD: do not use the value pointed by parent_tidptr Christian Brauner
2019-06-24 11:59               ` Christian Brauner
2019-06-24 13:45                 ` Dmitry V. Levin
2019-06-24 13:49                   ` Christian Brauner
2019-06-23 11:32           ` [PATCH] samples: make pidfd-metadata fail gracefully on older kernels Dmitry V. Levin
2019-06-24  9:52             ` Christian Brauner

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:75675b9bf6d dfblob:39a3adaa4ad )
 OR (
bs:"[PATCH 1/2] CLONE_PIDFD: do not use the value pointed by parent_tidptr" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190623112717.GA20697@altlinux.org \
    --to=ldv@altlinux.org \
    --cc=arnd@arndb.de \
    --cc=christian@brauner.io \
    --cc=jannh@google.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=oleg@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox