Re: [PATCH] [BZ #18433] Check file access/existence before forking.

[Zack Weinberg <zackw at panix dot com>]

On Wed, Sep 16, 2015 at 4:35 AM, Szabolcs Nagy <szabolcs.nagy@arm.com> wrote:
> On 15/09/15 23:02, Mike Frysinger wrote:
>> On 14 Sep 2015 15:04, Szabolcs Nagy wrote:
>>> On 11/09/15 22:01, Zack Weinberg wrote:
>>>> On Fri, Sep 11, 2015 at 5:18 AM, Florian Weimer wrote:
>>>>> We need to move people off fork and clone to posix_spawn.  If it is
>>>>> missing functionality, we should add it.
>>>>
>>>> ... I honestly have no idea why you say that.
>>>
>>> because fork has issues [...]
>>
>> how does posix_spawn magically fix these things ?  it still calls
>> fork internally [...]
>
> the api is such that user code is not run with a copy of the
> address space in the child so an implementation without fork
> is possible (that's the point of this api). [...]  (of course the kinds
> of actions before exec are limited by the api so it's not always
> useful/simple).

So that means migrating to posix_spawn doesn't fix anything until a
better kernel API exists, so developer effort should go into _that_,
and then applications should migrate directly to the new kernel API,
not to posix_spawn.

(I actually have a design sketched out in my head; unfortunately I
have neither the time nor the kernel programming experience to get it
done.  The fundamental idea is a new process state, "egg," in which
the process has a PID and a task_struct assigned but does not have an
address space and cannot execute instructions.  There are a bunch of
new system calls to set the kernel state of an egg -- open file
descriptors and the like -- and a modified execve() that loads a
program into an egg and sets it going.)

zw