This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH 1/2] clone3: add CLONE3_CLEAR_SIGHAND
- From: Christian Brauner <christian dot brauner at ubuntu dot com>
- To: linux-kernel at vger dot kernel dot org, Oleg Nesterov <oleg at redhat dot com>, Florian Weimer <fweimer at redhat dot com>, libc-alpha at sourceware dot org
- Cc: Ingo Molnar <mingo at redhat dot com>, Peter Zijlstra <peterz at infradead dot org>, Juri Lelli <juri dot lelli at redhat dot com>, Vincent Guittot <vincent dot guittot at linaro dot org>, Dietmar Eggemann <dietmar dot eggemann at arm dot com>, Steven Rostedt <rostedt at goodmis dot org>, Ben Segall <bsegall at google dot com>, Mel Gorman <mgorman at suse dot de>, Shuah Khan <shuah at kernel dot org>, Andrew Morton <akpm at linux-foundation dot org>, Michal Hocko <mhocko at suse dot com>, Elena Reshetova <elena dot reshetova at intel dot com>, Thomas Gleixner <tglx at linutronix dot de>, Roman Gushchin <guro at fb dot com>, Andrea Arcangeli <aarcange at redhat dot com>, Al Viro <viro at zeniv dot linux dot org dot uk>, Aleksa Sarai <cyphar at cyphar dot com>, "Dmitry V. Levin" <ldv at altlinux dot org>, linux-kselftest at vger dot kernel dot org, Christian Brauner <christian dot brauner at ubuntu dot com>
- Date: Thu, 10 Oct 2019 15:35:17 +0200
- Subject: [PATCH 1/2] clone3: add CLONE3_CLEAR_SIGHAND
- Arc-authentication-results: i=2; mx.google.com; arc=pass (i=1); spf=pass (google.com: best guess record for domain of christian.brauner+caf_=christian=brauner dot io at canonical dot com designates 91.189.89.112 as permitted sender) smtp.mailfrom="christian.brauner+caf_=christian=brauner dot io at canonical dot com"
- Arc-authentication-results: i=1; mx.google.com; spf=neutral (google.com: 91.189.89.112 is neither permitted nor denied by best guess record for domain of christian dot brauner at ubuntu dot com) smtp.mailfrom=christian dot brauner at ubuntu dot com
- Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:delivered-to; bh=ojv6YG6RITwlcY5aroAxXtMlkW/FY86TUJN6zaSvQas=; b=j8mrKajqfVfiX/PqTM+TLUm6/2p9UllFgjOtDoWYRuiInuNBne3DghlRP8ifHXXDut b+MU47wuMF0ivEQXdpnNbCOw8MP//0cG82i1HxJcMqEjBSfaWBASuVYUR1SLdWBR+1cu UPH49G/WnqnZU9KevdoufSELrU8iPMDekzv0kATnR4I63R+zpIgiUkdkN+zO9nyjCD50 YuuUT8nHyOVQhA6ecsojIPYRc5euj7MU7n1h58OOfyO8eMxmj7878U9J/2usUCW/Oe2/ t85sdtxY+TMTs9iM0EAUkL3OplWApcBd/tobdP1RMg8ibez8YLNaPfy6mP3gPjb082Am GVCw==
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from; bh=ojv6YG6RITwlcY5aroAxXtMlkW/FY86TUJN6zaSvQas=; b=lbolqUsuByo5Rp2KYVByv6vRfq2TFfGil2k7u+ZMBX5H7D1N2b1BC5wV7riRMWo1vF kCV7vZtXBBiI1aIrNLU+MZbCppz1h6yPZJHoGSoZ/QflexphSZa6KuturHNT25APW8A9 Q5LD4TxUBfQejo2eErMO70gmXzRopQEDYtqqW/xb1IPvaz0w+IH/eLB3pHaYtVDVW5H8 prUKG9QZaRIJTMoRtk+nNqNqUtfk1rQ136TIRxZ3gN+D2oJRKIOiketBFCXbhCDwXeQ+ V+u4ukzbC6Y+nMJpSAJSaXonPzu3gABKAA8jYngq/UOnaFogiquUPjNbHR5zL3sgpYMk Jslg==
- Arc-seal: i=2; a=rsa-sha256; t=1570714608; cv=pass; d=google.com; s=arc-20160816; b=ZWIQoSEOmOg1I6u3R1MivFfVHC/otpVbIdOPunaQxDct/QynSfs0AbQXBiEUZgNnfl 9JcHMe8oihE8JfvAompTxs6Q3VqS48dciHYwf0OmM3Sq6haResFkIQyaRc+wOMWWOKf0 NIZV5RWzt+hrmAo8jmd4LcA1nMla8BB4wNdyNEIW8O1iDdn0udgYjCDsa0Dj4USGlY0q Ur9WJ82e/YqldSD+vYv1sn/q/U+6PouGgl0TYG+tmdOLq8GU7h4eA4AoYc2jktVSwhYN oFiq+5ZuyE5gapJ6Q6e9uW1pPdliHndP0+6xBJxF8/bkSGWdwQNF7XGBvQS4DMLyyahj 4tBQ==
- Arc-seal: i=1; a=rsa-sha256; t=1570714605; cv=none; d=google.com; s=arc-20160816; b=PwyZdd9b18tlnDd+20kPV+Dn7rlsNQojmYbugHWbdaRw0SzUZsMzCyA97xH0kyjKOC WMAJ1Wr9KYU4pByG6eUqCrBGFgLUqxQ7ouAyvKtQHesAULejtT80NxNGRnkPIN57+BV0 sKi5B4791C+xSZakbN/S3oFV/pIcUEG5D2rkkcq9xI2HW3hMGzaV7LbvaV8Lp/YtmxCY AJ4UZk1lJpiKVnaZrdTDt7iw+MlesD9ye438xQlz9MtlHSPfUW2f/wJwzp3coKn3JYlJ w9CN/nt+lB/6cUfN+NpvMpsBLMeiTTAjeIXpEdayEk+/xB9o+fJ4UGuEF0teL3dNYLRg HCZg==
Reset all signal handlers of the child not set to SIG_IGN to SIG_DFL.
Mutually exclusive with CLONE_SIGHAND to not disturb other thread's
signal handler.
In the spirit of closer cooperation between glibc developers and kernel
developers (cf. [2]) this patchset came out of a discussion on the glibc
mailing list for improving posix_spawn() (cf. [1], [3], [4]). Kernel
support for this feature has been explicitly requested by glibc and I
see no reason not to help them with this.
The child helper process on Linux posix_spawn must ensure that no signal
handlers are enabled, so the signal disposition must be either SIG_DFL
or SIG_IGN. However, it requires a sigprocmask to obtain the current
signal mask and at least _NSIG sigaction calls to reset the signal
handlers for each posix_spawn call or complex state tracking that might
lead to data corruption in glibc. Adding this flags lets glibc avoid
these problems.
[1]: https://www.sourceware.org/ml/libc-alpha/2019-10/msg00149.html
[3]: https://www.sourceware.org/ml/libc-alpha/2019-10/msg00158.html
[4]: https://www.sourceware.org/ml/libc-alpha/2019-10/msg00160.html
[2]: https://lwn.net/Articles/799331/
'[...] by asking for better cooperation with the C-library projects
in general. They should be copied on patches containing ABI
changes, for example. I noted that there are often times where
C-library developers wish the kernel community had done things
differently; how could those be avoided in the future? Members of
the audience suggested that more glibc developers should perhaps
join the linux-api list. The other suggestion was to "copy Florian
on everything".'
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Florian Weimer <fweimer@redhat.com>
Cc: libc-alpha@sourceware.org
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
include/uapi/linux/sched.h | 3 +++
kernel/fork.c | 11 ++++++++++-
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/include/uapi/linux/sched.h b/include/uapi/linux/sched.h
index 99335e1f4a27..c583720f689f 100644
--- a/include/uapi/linux/sched.h
+++ b/include/uapi/linux/sched.h
@@ -33,6 +33,9 @@
#define CLONE_NEWNET 0x40000000 /* New network namespace */
#define CLONE_IO 0x80000000 /* Clone io context */
+/* Flags for the clone3() syscall */
+#define CLONE3_CLEAR_SIGHAND 0x100000000ULL /* Clear any signal handler and reset to SIG_DFL. */
+
#ifndef __ASSEMBLY__
/**
* struct clone_args - arguments for the clone3 syscall
diff --git a/kernel/fork.c b/kernel/fork.c
index 1f6c45f6a734..661f8d1f3881 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1517,6 +1517,11 @@ static int copy_sighand(unsigned long clone_flags, struct task_struct *tsk)
spin_lock_irq(¤t->sighand->siglock);
memcpy(sig->action, current->sighand->action, sizeof(sig->action));
spin_unlock_irq(¤t->sighand->siglock);
+
+ /* Reset all signal handler not set to SIG_IGN to SIG_DFL. */
+ if (clone_flags & CLONE3_CLEAR_SIGHAND)
+ flush_signal_handlers(tsk, 0);
+
return 0;
}
@@ -2567,7 +2572,7 @@ static bool clone3_args_valid(const struct kernel_clone_args *kargs)
* All lower bits of the flag word are taken.
* Verify that no other unknown flags are passed along.
*/
- if (kargs->flags & ~CLONE_LEGACY_FLAGS)
+ if (kargs->flags & ~(CLONE_LEGACY_FLAGS | CLONE3_CLEAR_SIGHAND))
return false;
/*
@@ -2577,6 +2582,10 @@ static bool clone3_args_valid(const struct kernel_clone_args *kargs)
if (kargs->flags & (CLONE_DETACHED | CSIGNAL))
return false;
+ if ((kargs->flags & (CLONE_SIGHAND | CLONE3_CLEAR_SIGHAND)) ==
+ (CLONE_SIGHAND | CLONE3_CLEAR_SIGHAND))
+ return false;
+
if ((kargs->flags & (CLONE_THREAD | CLONE_PARENT)) &&
kargs->exit_signal)
return false;
--
2.23.0