[PATCH 0/2] nios2: Add architecture support for clone3

[PATCH 0/2] nios2: Add architecture support for clone3

[Simon Schuster via B4 Relay]

This series adds support for the clone3 system call to the nios2
architecture. This addresses the build-time warning "warning: clone3()
entry point is missing, please fix" introduced in 505d66d1abfb9
("clone3: drop __ARCH_WANT_SYS_CLONE3 macro"). The implementation passes
the relevant clone3 tests of kselftest when applied on top of
next-20250815:

	./run_kselftest.sh
	TAP version 13
	1..4
	# selftests: clone3: clone3
	ok 1 selftests: clone3: clone3
	# selftests: clone3: clone3_clear_sighand
	ok 2 selftests: clone3: clone3_clear_sighand
	# selftests: clone3: clone3_set_tid
	ok 3 selftests: clone3: clone3_set_tid
	# selftests: clone3: clone3_cap_checkpoint_restore
	ok 4 selftests: clone3: clone3_cap_checkpoint_restore

The series also includes a small patch to kernel/fork.c that ensures
that clone_flags are passed correctly on architectures where unsigned
long is insufficient to store the u64 clone_flags.

Signed-off-by: Simon Schuster <schuster.simon@siemens-energy.com>
---
Simon Schuster (2):
      copy_process: Handle architectures where sizeof(unsigned long) < sizeof(u64)
      nios2: implement architecture-specific portion of sys_clone3

 arch/nios2/include/asm/syscalls.h |  1 +
 arch/nios2/include/asm/unistd.h   |  2 --
 arch/nios2/kernel/entry.S         |  6 ++++++
 arch/nios2/kernel/syscall_table.c |  1 +
 kernel/fork.c                     | 10 +++++-----
 5 files changed, 13 insertions(+), 7 deletions(-)
---
base-commit: 1357b2649c026b51353c84ddd32bc963e8999603
change-id: 20250818-nios2-implement-clone3-7f252c20860b

Best regards,
-- 
Simon Schuster <schuster.simon@siemens-energy.com>

[PATCH 1/2] copy_process: Handle architectures where sizeof(unsigned long) < sizeof(u64)

[Simon Schuster via B4 Relay]

From: Simon Schuster <schuster.simon@siemens-energy.com>

With the introduction of clone3 in commit 7f192e3cd316 ("fork: add
clone3") the effective bit width of clone_flags on all architectures was
increased from 32bit to 64bit. However, the signature of the copy_*
helper functions (e.g., copy_sighand) used by copy_process was not
adapted, as such, they potentially truncate the flags on architectures
such as nios2, where unsigned long is a 32bit unsigned integer type.

This can, for instance, be observed via failures of kernel selftest
clone3_clear_sighand, which attempts to trigger the conditional

	if (clone_flags & CLONE_CLEAR_SIGHAND)

in function copy_sighand within fork.c that will always fail given:

	unsigned long /* == uint32_t */ clone_flags
	#define CLONE_CLEAR_SIGHAND 0x100000000ULL

This commit fixes the bug by always passing clone_flags via their
declared u64 type, invariant of architecture-dependent integer sizes.

Signed-off-by: Simon Schuster <schuster.simon@siemens-energy.com>
---
 kernel/fork.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index 5115be549234..0e9b2dd6c365 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1510,7 +1510,7 @@ static struct mm_struct *dup_mm(struct task_struct *tsk,
 	return NULL;
 }
 
-static int copy_mm(unsigned long clone_flags, struct task_struct *tsk)
+static int copy_mm(u64 clone_flags, struct task_struct *tsk)
 {
 	struct mm_struct *mm, *oldmm;
 
@@ -1548,7 +1548,7 @@ static int copy_mm(unsigned long clone_flags, struct task_struct *tsk)
 	return 0;
 }
 
-static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
+static int copy_fs(u64 clone_flags, struct task_struct *tsk)
 {
 	struct fs_struct *fs = current->fs;
 	if (clone_flags & CLONE_FS) {
@@ -1569,7 +1569,7 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
 	return 0;
 }
 
-static int copy_files(unsigned long clone_flags, struct task_struct *tsk,
+static int copy_files(u64 clone_flags, struct task_struct *tsk,
 		      int no_files)
 {
 	struct files_struct *oldf, *newf;
@@ -1599,7 +1599,7 @@ static int copy_files(unsigned long clone_flags, struct task_struct *tsk,
 	return 0;
 }
 
-static int copy_sighand(unsigned long clone_flags, struct task_struct *tsk)
+static int copy_sighand(u64 clone_flags, struct task_struct *tsk)
 {
 	struct sighand_struct *sig;
 
@@ -1648,7 +1648,7 @@ static void posix_cpu_timers_init_group(struct signal_struct *sig)
 	posix_cputimers_group_init(pct, cpu_limit);
 }
 
-static int copy_signal(unsigned long clone_flags, struct task_struct *tsk)
+static int copy_signal(u64 clone_flags, struct task_struct *tsk)
 {
 	struct signal_struct *sig;
 

-- 
2.39.5

[PATCH 2/2] nios2: implement architecture-specific portion of sys_clone3

[Simon Schuster via B4 Relay]

From: Simon Schuster <schuster.simon@siemens-energy.com>

This commit adds the sys_clone3 entrypoint for nios2. An
architecture-specific wrapper (__sys_clone3) is required to save and
restore additional registers to the kernel stack via SAVE_SWITCH_STACK
and RESTORE_SWITCH_STACK.

Signed-off-by: Simon Schuster <schuster.simon@siemens-energy.com>
---
 arch/nios2/include/asm/syscalls.h | 1 +
 arch/nios2/include/asm/unistd.h   | 2 --
 arch/nios2/kernel/entry.S         | 6 ++++++
 arch/nios2/kernel/syscall_table.c | 1 +
 4 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/arch/nios2/include/asm/syscalls.h b/arch/nios2/include/asm/syscalls.h
index b4d4ed3bf9c8..0e214b0a0ac8 100644
--- a/arch/nios2/include/asm/syscalls.h
+++ b/arch/nios2/include/asm/syscalls.h
@@ -7,6 +7,7 @@
 
 int sys_cacheflush(unsigned long addr, unsigned long len,
 				unsigned int op);
+asmlinkage long __sys_clone3(struct clone_args __user *uargs, size_t size);
 
 #include <asm-generic/syscalls.h>
 
diff --git a/arch/nios2/include/asm/unistd.h b/arch/nios2/include/asm/unistd.h
index 1146e56473c5..213f6de3cf7b 100644
--- a/arch/nios2/include/asm/unistd.h
+++ b/arch/nios2/include/asm/unistd.h
@@ -7,6 +7,4 @@
 #define __ARCH_WANT_STAT64
 #define __ARCH_WANT_SET_GET_RLIMIT
 
-#define __ARCH_BROKEN_SYS_CLONE3
-
 #endif
diff --git a/arch/nios2/kernel/entry.S b/arch/nios2/kernel/entry.S
index 99f0a65e6234..dd40dfd908e5 100644
--- a/arch/nios2/kernel/entry.S
+++ b/arch/nios2/kernel/entry.S
@@ -403,6 +403,12 @@ ENTRY(sys_clone)
 	addi    sp, sp, 4
 	RESTORE_SWITCH_STACK
 	ret
+/* long syscall(SYS_clone3, struct clone_args *cl_args, size_t size); */
+ENTRY(__sys_clone3)
+	SAVE_SWITCH_STACK
+	call	sys_clone3
+	RESTORE_SWITCH_STACK
+	ret
 
 ENTRY(sys_rt_sigreturn)
 	SAVE_SWITCH_STACK
diff --git a/arch/nios2/kernel/syscall_table.c b/arch/nios2/kernel/syscall_table.c
index 434694067d8f..c99818aac9e1 100644
--- a/arch/nios2/kernel/syscall_table.c
+++ b/arch/nios2/kernel/syscall_table.c
@@ -13,6 +13,7 @@
 #define __SYSCALL_WITH_COMPAT(nr, native, compat)        __SYSCALL(nr, native)
 
 #define sys_mmap2 sys_mmap_pgoff
+#define sys_clone3 __sys_clone3
 
 void *sys_call_table[__NR_syscalls] = {
 	[0 ... __NR_syscalls-1] = sys_ni_syscall,

-- 
2.39.5

Re: [PATCH 1/2] copy_process: Handle architectures where sizeof(unsigned long) < sizeof(u64)

[David Hildenbrand]

On 21.08.25 13:27, Simon Schuster via B4 Relay wrote:
> From: Simon Schuster <schuster.simon@siemens-energy.com>
> 
> With the introduction of clone3 in commit 7f192e3cd316 ("fork: add
> clone3") the effective bit width of clone_flags on all architectures was
> increased from 32bit to 64bit. However, the signature of the copy_*
> helper functions (e.g., copy_sighand) used by copy_process was not
> adapted, as such, they potentially truncate the flags on architectures
> such as nios2, where unsigned long is a 32bit unsigned integer type.
> 
> This can, for instance, be observed via failures of kernel selftest
> clone3_clear_sighand, which attempts to trigger the conditional
> 
> 	if (clone_flags & CLONE_CLEAR_SIGHAND)
> 
> in function copy_sighand within fork.c that will always fail given:
> 
> 	unsigned long /* == uint32_t */ clone_flags
> 	#define CLONE_CLEAR_SIGHAND 0x100000000ULL
> 
> This commit fixes the bug by always passing clone_flags via their
> declared u64 type, invariant of architecture-dependent integer sizes.

Sounds reasonable.

But is this actually something that is already exposed before patch#2 on 
other architectures?

(I assume above output is with patch #2 but without patch #1)

If so, we need a Fixes:. If not, we're good.

-- 
Cheers

David / dhildenb

Re: [PATCH 1/2] copy_process: Handle architectures where sizeof(unsigned long) < sizeof(u64)

[schuster.simon]

On Thu, Aug 21, 2025 at 11:14:00PM +0200, David Hildenbrand wrote:
> Sounds reasonable.
>
> But is this actually something that is already exposed before patch#2
> on other architectures?

I'm not sure, but I would assume so, as e.g., arch/arm seems to have
support for clone3, but also seems to use 32bit unsigned longs as far as
I can tell and, thus, should also be affected:

$ cat /tmp/printulsize.c
#include <stdio.h>

int main(void) {
	printf("sizeof(unsigned long): %zu\n", sizeof(unsigned long));
}
$ arm-linux-gnueabi-gcc-12 /tmp/printulsize.c -o printulsize
$ qemu-arm -L /usr/arm-linux-gnueabi ./printulsize
sizeof(unsigned long): 4

Is the above test enough to warrant a "Fixes: ", or do we need a
reproduced kselftest failure on some arch for that?

> (I assume above output is with patch #2 but without patch #1)

Yes, sorry, that one is on me; I've naturally first implemented support
for clone3 on nios2 and then investigated the test failures, but somehow
deemed it wise for whatever reason to switch the commit order in the
patch submission...

Best regards,
Simon

Re: [PATCH 1/2] copy_process: Handle architectures where sizeof(unsigned long) < sizeof(u64)

[David Hildenbrand]

On 22.08.25 10:52, schuster.simon@siemens-energy.com wrote:
> On Thu, Aug 21, 2025 at 11:14:00PM +0200, David Hildenbrand wrote:
>> Sounds reasonable.
>>
>> But is this actually something that is already exposed before patch#2
>> on other architectures?
> 
> I'm not sure, but I would assume so, as e.g., arch/arm seems to have
> support for clone3, but also seems to use 32bit unsigned longs as far as
> I can tell and, thus, should also be affected:
> 
> $ cat /tmp/printulsize.c
> #include <stdio.h>
> 
> int main(void) {
> 	printf("sizeof(unsigned long): %zu\n", sizeof(unsigned long));
> }
> $ arm-linux-gnueabi-gcc-12 /tmp/printulsize.c -o printulsize
> $ qemu-arm -L /usr/arm-linux-gnueabi ./printulsize
> sizeof(unsigned long): 4
> 
> Is the above test enough to warrant a "Fixes: ", or do we need a
> reproduced kselftest failure on some arch for that?

It would be good to describe that this would be an issue on nios2 and 
was reproduced there without this fix. Then you can mention that this 
should be an issue on 32bit archs with clone3 support as well, like arm.

Then we should add a Fixes:

> 
>> (I assume above output is with patch #2 but without patch #1)
> 
> Yes, sorry, that one is on me; I've naturally first implemented support
> for clone3 on nios2 and then investigated the test failures, but somehow
> deemed it wise for whatever reason to switch the commit order in the
> patch submission...

Right.

I'll note that copy_process() ends up calling other functions with 
clone_flags that accept an "unsigned long", like sched_fork(), which you 
don't handle here.

$ git grep "long clone_flags"

likely is a good indication what needs changing outside of kernel/fork.c.

It should be spelled out why you don't have to handle the others. And 
likely in the fix, we should really only fix the ones that are really 
required for now.

As a follow-up, we should likely better convert *all* users of 
clone_flags to use u64 (at least the one in core code), not just the 
ones in kernel/fork.c you tried to handle here.


For now, only the following require 64bit:

	CLONE_CLEAR_SIGHAND
	CLONE_INTO_CGROUP

CLONE_CLEAR_SIGHAND is only checked against extracted flags in:

* copy_process()->copy_sighand() and
  -> We don't use u64
* copy_process()->perf_event_init_task()->perf_event_init_context()->
   inherit_task_group()
  -> We do use u64 already

CLONE_INTO_CGROUP doesn't seem to be checked against extracted flags AFAIKS.


So I suggest making this fix CLONE_CLEAR_SIGHAND-specific and fixing 
only copy_sighand(). That one should carry Fixes:

Then, have a second patch where we convert all remaining "unsigned long 
clone_flags" in the core to use u64. That one would not be a fix.

Makes sense?

-- 
Cheers

David / dhildenb

Re: [PATCH 1/2] copy_process: Handle architectures where sizeof(unsigned long) < sizeof(u64)

[Arnd Bergmann]

On Fri, Aug 22, 2025, at 10:52, schuster.simon@siemens-energy.com wrote:
> On Thu, Aug 21, 2025 at 11:14:00PM +0200, David Hildenbrand wrote:
>> Sounds reasonable.
>>
>> But is this actually something that is already exposed before patch#2
>> on other architectures?
>
> I'm not sure, but I would assume so, as e.g., arch/arm seems to have
> support for clone3, but also seems to use 32bit unsigned longs as far as
> I can tell and, thus, should also be affected:

Correct. 'unsigned long' is always the native word size for an ISA
on architectures that Linux runs on, and the same size as a pointer,
so the bug affects all 32-bit architectures that have clone3:

arc, arm, csky, m68k, microblaze, mips32, openrisc, parisc32,
powerpc32, riscv32, x86-32 and xtensa.

However, since the ABI itself is fine and 64-bit kernels pass the
value as native words internally, the 'compat' mode support on
arm/mips/ parisc/powerpc/riscv/s390/x86 does not have the same
problem, and running the same 32-bit executable on a 64-bit kernel
should work fine. This may explain why nobody caught this so far,
even when they were testing the new flags with x86-32 or arm32
userland, but using 64-bit machines.

>> (I assume above output is with patch #2 but without patch #1)
>
> Yes, sorry, that one is on me; I've naturally first implemented support
> for clone3 on nios2 and then investigated the test failures, but somehow
> deemed it wise for whatever reason to switch the commit order in the
> patch submission...

The order you picked is fine: we generally want bug fixes before
new features to allow backporting them more easily. Please add

Fixes: b612e5df4587 ("clone3: add CLONE_CLEAR_SIGHAND")
Cc: stable@vger.kernel.org # linux-5.5+

above your Signed-off-by for this patch, to ensure the fix gets
picked up. I would also suggest changing the text to not mention
nios2 specifically but just say that it affects "all 32-bit kernels".

    Arnd

Re: [PATCH 1/2] copy_process: Handle architectures where sizeof(unsigned long) < sizeof(u64)

[Lorenzo Stoakes]

On Thu, Aug 21, 2025 at 01:27:37PM +0200, Simon Schuster via B4 Relay wrote:
> From: Simon Schuster <schuster.simon@siemens-energy.com>
>
> With the introduction of clone3 in commit 7f192e3cd316 ("fork: add
> clone3") the effective bit width of clone_flags on all architectures was
> increased from 32bit to 64bit. However, the signature of the copy_*
> helper functions (e.g., copy_sighand) used by copy_process was not
> adapted, as such, they potentially truncate the flags on architectures
> such as nios2, where unsigned long is a 32bit unsigned integer type.
>
> This can, for instance, be observed via failures of kernel selftest
> clone3_clear_sighand, which attempts to trigger the conditional
>
> 	if (clone_flags & CLONE_CLEAR_SIGHAND)
>
> in function copy_sighand within fork.c that will always fail given:
>
> 	unsigned long /* == uint32_t */ clone_flags
> 	#define CLONE_CLEAR_SIGHAND 0x100000000ULL
>
> This commit fixes the bug by always passing clone_flags via their
> declared u64 type, invariant of architecture-dependent integer sizes.
>
> Signed-off-by: Simon Schuster <schuster.simon@siemens-energy.com>

Ah this is a change after my own heart :) as I have worked to make mm flags
at a fixed size per architecture (and indeed, expandable in the future)
[0], and plan to do so for VMA flags also.

It'd be nice to go further and make this an opaque type etc. etc. but not
sure if worth it.

In any case for a backportable fix (I agree with others that indeed this
needs a fixes and backporting as this is a bug fundamentally) this is fine.

So,

Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>

[0]: https://lore.kernel.org/linux-mm/cover.1755012943.git.lorenzo.stoakes@oracle.com/

> ---
>  kernel/fork.c | 10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/kernel/fork.c b/kernel/fork.c
> index 5115be549234..0e9b2dd6c365 100644
> --- a/kernel/fork.c
> +++ b/kernel/fork.c
> @@ -1510,7 +1510,7 @@ static struct mm_struct *dup_mm(struct task_struct *tsk,
>  	return NULL;
>  }
>
> -static int copy_mm(unsigned long clone_flags, struct task_struct *tsk)
> +static int copy_mm(u64 clone_flags, struct task_struct *tsk)
>  {
>  	struct mm_struct *mm, *oldmm;
>
> @@ -1548,7 +1548,7 @@ static int copy_mm(unsigned long clone_flags, struct task_struct *tsk)
>  	return 0;
>  }
>
> -static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
> +static int copy_fs(u64 clone_flags, struct task_struct *tsk)
>  {
>  	struct fs_struct *fs = current->fs;
>  	if (clone_flags & CLONE_FS) {
> @@ -1569,7 +1569,7 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
>  	return 0;
>  }
>
> -static int copy_files(unsigned long clone_flags, struct task_struct *tsk,
> +static int copy_files(u64 clone_flags, struct task_struct *tsk,
>  		      int no_files)
>  {
>  	struct files_struct *oldf, *newf;
> @@ -1599,7 +1599,7 @@ static int copy_files(unsigned long clone_flags, struct task_struct *tsk,
>  	return 0;
>  }
>
> -static int copy_sighand(unsigned long clone_flags, struct task_struct *tsk)
> +static int copy_sighand(u64 clone_flags, struct task_struct *tsk)
>  {
>  	struct sighand_struct *sig;
>
> @@ -1648,7 +1648,7 @@ static void posix_cpu_timers_init_group(struct signal_struct *sig)
>  	posix_cputimers_group_init(pct, cpu_limit);
>  }
>
> -static int copy_signal(unsigned long clone_flags, struct task_struct *tsk)
> +static int copy_signal(u64 clone_flags, struct task_struct *tsk)
>  {
>  	struct signal_struct *sig;
>
>
> --
> 2.39.5
>
>

Re: [PATCH 1/2] copy_process: Handle architectures where sizeof(unsigned long) < sizeof(u64)

[schuster.simon]

Thanks for the comments and explanations.

On Fri, Aug 22, 2025 at 12:08:00PM +0200, David Hildenbrand wrote:
> Makes sense?

Makes perfect sense.

I'm going to split the patch into an actual "Fixes:" and a refactoring
part, reword the fix portion to make the reference clearer that any
32bit arch is affected, take a closer look at the call tree to where
else clone_flags is passed to and explicitly Cc: the stable list for the
bugfix commit in series v2.

Best regards
Simon