| Message ID | cover.1689092120.git.legion@kernel.org |
|---|---|
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:a6b2:0:b0:3e4:2afc:c1 with SMTP id c18csp613004vqm;
Tue, 11 Jul 2023 09:44:27 -0700 (PDT)
X-Google-Smtp-Source:
APBJJlHtGCU3nKuwP1/pukeS2oqlkYsvoQgH6ce+psBbpRguWT/5yZ1uW2zN1DVZ+G3pmEWk9vLu
X-Received: by 2002:a17:90b:1d10:b0:263:8c2:6290 with SMTP id
on16-20020a17090b1d1000b0026308c26290mr12936878pjb.43.1689093867026;
Tue, 11 Jul 2023 09:44:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1689093867; cv=none;
d=google.com; s=arc-20160816;
b=v2477sEEm3WNEf1nPpw0iiOYbFf/kEAHdY2/d6v83BdOU10TjXQEeyePVdNX8ULxph
vBthVjSLBfGZbez/ZaWc74CqCQnVoctf5x0RZ0CtEZhFvpkIEgr0EcP40jkdd5PUbj1w
g/gT/Ke7LBy3auQ6F8nptqwlP0qz576GVuyvoja/3dUJj9ClUrY/p0Hymr5KYKJuyxp5
aUPyJRQY+54pnjoqaGcCHEzZaztDZF4BHuh3r3aHKTylxFk8qYxyZZSYgM8nElgacE4U
FHCZFxH6k1AqawYZkl14xmAZPn9dpxZTIwfCk/rLsZtOwX1SMKB5o2LmVVgdPFlwQ5qy
aztw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from;
bh=paYF/ClqUfzJxFjqkXBXaN4aOk+O1p6Iy8heS4mRRa4=;
fh=i60TeEA08aN3JZVDAO/E+5OS2juHVOuGEYofvoXtCF4=;
b=SnRnN6b4hJab1a0omwBPXT/FYfGFzNhga2aDGLDBL8GgzGU8/PVqIBWUJ5JpMKxiga
22B9x3LFrN0087OqFmy5UJ9S42QxhVbbb+pmCDxVMg00HVB8ZkuFT/WuHQuMfgA4naA5
Y/zQMt+kV+I2QpBrB1ke/kBWxzGdncVZIUnqYGT2JD7MMOxMpexS6j2nkmgN1/MTK90X
1LSOuo62Yd2Jvsn0Z8kNG4/NRWUNAHxNyeKQ0JUJ9bENeZn3VkLEd4AQshHwN7Orz7f8
NM2GpKcLSiNNrwKnDZvqxO/VElrFnBAS+HYbPAeLTTlpPrSh1nXCgOHIs+4407t3M4ec
kpsg==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
p2-20020a17090ac00200b0026384c02c03si1844502pjt.140.2023.07.11.09.44.13;
Tue, 11 Jul 2023 09:44:26 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S232181AbjGKQRD (ORCPT <rfc822;ybw1215001957@gmail.com>
+ 99 others); Tue, 11 Jul 2023 12:17:03 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51312 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S231575AbjGKQQ6 (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 11 Jul 2023 12:16:58 -0400
Received: from us-smtp-delivery-44.mimecast.com
(us-smtp-delivery-44.mimecast.com [205.139.111.44])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 232DD10CA
for <linux-kernel@vger.kernel.org>;
Tue, 11 Jul 2023 09:16:55 -0700 (PDT)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
[66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
(version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
us-mta-124-imzzeDBEMu-0xqerZ7W6tg-1; Tue, 11 Jul 2023 12:16:53 -0400
X-MC-Unique: imzzeDBEMu-0xqerZ7W6tg-1
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
[10.11.54.4])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1B32529AB45B;
Tue, 11 Jul 2023 16:16:49 +0000 (UTC)
Received: from localhost.localdomain.com (unknown [10.45.225.44])
by smtp.corp.redhat.com (Postfix) with ESMTP id 67B04200B406;
Tue, 11 Jul 2023 16:16:36 +0000 (UTC)
From: Alexey Gladkov <legion@kernel.org>
To: LKML <linux-kernel@vger.kernel.org>, Arnd Bergmann <arnd@arndb.de>,
linux-api@vger.kernel.org, linux-fsdevel@vger.kernel.org,
viro@zeniv.linux.org.uk
Cc: James.Bottomley@HansenPartnership.com, acme@kernel.org,
alexander.shishkin@linux.intel.com, axboe@kernel.dk,
benh@kernel.crashing.org, borntraeger@de.ibm.com, bp@alien8.de,
catalin.marinas@arm.com, christian@brauner.io, dalias@libc.org,
davem@davemloft.net, deepa.kernel@gmail.com, deller@gmx.de,
dhowells@redhat.com, fenghua.yu@intel.com, fweimer@redhat.com,
geert@linux-m68k.org, glebfm@altlinux.org, gor@linux.ibm.com,
hare@suse.com, hpa@zytor.com, ink@jurassic.park.msu.ru,
jhogan@kernel.org, kim.phillips@arm.com, ldv@altlinux.org,
linux-alpha@vger.kernel.org, linux-arch@vger.kernel.org,
linux-ia64@vger.kernel.org, linux-m68k@lists.linux-m68k.org,
linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org,
linux-s390@vger.kernel.org, linux-sh@vger.kernel.org,
linux@armlinux.org.uk, linuxppc-dev@lists.ozlabs.org,
luto@kernel.org, mattst88@gmail.com, mingo@redhat.com,
monstr@monstr.eu, mpe@ellerman.id.au, namhyung@kernel.org,
paulus@samba.org, peterz@infradead.org, ralf@linux-mips.org,
sparclinux@vger.kernel.org, stefan@agner.ch, tglx@linutronix.de,
tony.luck@intel.com, tycho@tycho.ws, will@kernel.org,
x86@kernel.org, ysato@users.sourceforge.jp
Subject: [PATCH v4 0/5] Add a new fchmodat2() syscall
Date: Tue, 11 Jul 2023 18:16:02 +0200
Message-Id: <cover.1689092120.git.legion@kernel.org>
In-Reply-To: <cover.1689074739.git.legion@kernel.org>
References: <cover.1689074739.git.legion@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4
X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,
RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE,
URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1771143291218196665
X-GMAIL-MSGID: 1771143291218196665
|
| Series | Add a new fchmodat2() syscall | |
Message
Alexey Gladkov
July 11, 2023, 4:16 p.m. UTC
In glibc, the fchmodat(3) function has a flags argument according to the POSIX specification [1], but kernel syscalls has no such argument. Therefore, libc implementations do workarounds using /proc. However, this requires procfs to be mounted and accessible. This patch set adds fchmodat2(), a new syscall. The syscall allows to pass the AT_SYMLINK_NOFOLLOW flag to disable LOOKUP_FOLLOW. In all other respects, this syscall is no different from fchmodat(). [1] https://pubs.opengroup.org/onlinepubs/9699919799/functions/chmod.html Changes since v3 [cover.1689074739.git.legion@kernel.org]: * Rebased to master because a new syscall has appeared in master. * Increased __NR_compat_syscalls as pointed out by Arnd Bergmann. * Syscall renamed fchmodat4 -> fchmodat2 as suggested by Christian Brauner. * Returned do_fchmodat4() the original name. We don't need to version internal functions. * Fixed warnings found by checkpatch.pl. Changes since v2 [20190717012719.5524-1-palmer@sifive.com]: * Rebased to master. * The lookup_flags passed to sys_fchmodat4 as suggested by Al Viro. * Selftest added. Changes since v1 [20190531191204.4044-1-palmer@sifive.com]: * All architectures are now supported, which support squashed into a single patch. * The do_fchmodat() helper function has been removed, in favor of directly calling do_fchmodat4(). * The patches are based on 5.2 instead of 5.1. --- Alexey Gladkov (2): fs: Add fchmodat2() selftests: Add fchmodat2 selftest Palmer Dabbelt (3): Non-functional cleanup of a "__user * filename" arch: Register fchmodat2, usually as syscall 452 tools headers UAPI: Sync files changed by new fchmodat2 syscall arch/alpha/kernel/syscalls/syscall.tbl | 1 + arch/arm/tools/syscall.tbl | 1 + arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 2 + arch/ia64/kernel/syscalls/syscall.tbl | 1 + arch/m68k/kernel/syscalls/syscall.tbl | 1 + arch/microblaze/kernel/syscalls/syscall.tbl | 1 + arch/mips/kernel/syscalls/syscall_n32.tbl | 1 + arch/mips/kernel/syscalls/syscall_n64.tbl | 1 + arch/mips/kernel/syscalls/syscall_o32.tbl | 1 + arch/parisc/kernel/syscalls/syscall.tbl | 1 + arch/powerpc/kernel/syscalls/syscall.tbl | 1 + arch/s390/kernel/syscalls/syscall.tbl | 1 + arch/sh/kernel/syscalls/syscall.tbl | 1 + arch/sparc/kernel/syscalls/syscall.tbl | 1 + arch/x86/entry/syscalls/syscall_32.tbl | 1 + arch/x86/entry/syscalls/syscall_64.tbl | 1 + arch/xtensa/kernel/syscalls/syscall.tbl | 1 + fs/open.c | 18 +- include/linux/syscalls.h | 4 +- include/uapi/asm-generic/unistd.h | 5 +- tools/include/uapi/asm-generic/unistd.h | 5 +- .../arch/mips/entry/syscalls/syscall_n64.tbl | 2 + .../arch/powerpc/entry/syscalls/syscall.tbl | 2 + .../perf/arch/s390/entry/syscalls/syscall.tbl | 2 + .../arch/x86/entry/syscalls/syscall_64.tbl | 2 + tools/testing/selftests/Makefile | 1 + tools/testing/selftests/fchmodat2/.gitignore | 2 + tools/testing/selftests/fchmodat2/Makefile | 6 + .../selftests/fchmodat2/fchmodat2_test.c | 162 ++++++++++++++++++ 30 files changed, 223 insertions(+), 8 deletions(-) create mode 100644 tools/testing/selftests/fchmodat2/.gitignore create mode 100644 tools/testing/selftests/fchmodat2/Makefile create mode 100644 tools/testing/selftests/fchmodat2/fchmodat2_test.c
Comments
On Tue, Jul 11, 2023, at 18:16, Alexey Gladkov wrote: > From: Palmer Dabbelt <palmer@sifive.com> > > This registers the new fchmodat2 syscall in most places as nuber 452, > with alpha being the exception where it's 562. I found all these sites > by grepping for fspick, which I assume has found me everything. > > Signed-off-by: Palmer Dabbelt <palmer@sifive.com> > Signed-off-by: Alexey Gladkov <legion@kernel.org> Acked-by: Arnd Bergmann <arnd@arndb.de>
On Tue, 11 Jul 2023 18:16:02 +0200, Alexey Gladkov wrote: > In glibc, the fchmodat(3) function has a flags argument according to the > POSIX specification [1], but kernel syscalls has no such argument. > Therefore, libc implementations do workarounds using /proc. However, > this requires procfs to be mounted and accessible. > > This patch set adds fchmodat2(), a new syscall. The syscall allows to > pass the AT_SYMLINK_NOFOLLOW flag to disable LOOKUP_FOLLOW. In all other > respects, this syscall is no different from fchmodat(). > > [...] Tools updates usually go separately. Flags argument ported to unsigned int; otherwise unchanged. --- Applied to the master branch of the vfs/vfs.git tree. Patches in the master branch should appear in linux-next soon. Please report any outstanding bugs that were missed during review in a new review to the original patch series allowing us to drop it. It's encouraged to provide Acked-bys and Reviewed-bys even though the patch has now been applied. If possible patch trailers will be updated. Note that commit hashes shown below are subject to change due to rebase, trailer updates or similar. If in doubt, please check the listed branch. tree: https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git branch: master [1/5] Non-functional cleanup of a "__user * filename" https://git.kernel.org/vfs/vfs/c/0f05a6af6b7e [2/5] fs: Add fchmodat2() https://git.kernel.org/vfs/vfs/c/8d593559ec09 [3/5] arch: Register fchmodat2, usually as syscall 452 https://git.kernel.org/vfs/vfs/c/2ee63b04f206 [5/5] selftests: Add fchmodat2 selftest https://git.kernel.org/vfs/vfs/c/f175b92081ec
On Tue, Jul 11, 2023 at 06:16:02PM +0200, Alexey Gladkov wrote: > In glibc, the fchmodat(3) function has a flags argument according to the > POSIX specification [1], but kernel syscalls has no such argument. > Therefore, libc implementations do workarounds using /proc. However, > this requires procfs to be mounted and accessible. > > This patch set adds fchmodat2(), a new syscall. The syscall allows to > pass the AT_SYMLINK_NOFOLLOW flag to disable LOOKUP_FOLLOW. In all other > respects, this syscall is no different from fchmodat(). > > [1] https://pubs.opengroup.org/onlinepubs/9699919799/functions/chmod.html > > Changes since v3 [cover.1689074739.git.legion@kernel.org]: > > * Rebased to master because a new syscall has appeared in master. > * Increased __NR_compat_syscalls as pointed out by Arnd Bergmann. > * Syscall renamed fchmodat4 -> fchmodat2 as suggested by Christian Brauner. > * Returned do_fchmodat4() the original name. We don't need to version > internal functions. > * Fixed warnings found by checkpatch.pl. > > Changes since v2 [20190717012719.5524-1-palmer@sifive.com]: > > * Rebased to master. > * The lookup_flags passed to sys_fchmodat4 as suggested by Al Viro. > * Selftest added. > > Changes since v1 [20190531191204.4044-1-palmer@sifive.com]: > > * All architectures are now supported, which support squashed into a > single patch. > * The do_fchmodat() helper function has been removed, in favor of directly > calling do_fchmodat4(). > * The patches are based on 5.2 instead of 5.1. It's good to see this moving forward. I originally proposed this in a patch submitted in 2020. I suspect implementation details have changed since then, but it might make sense to look back at that discussion if nobody has done so yet (apologies if this was already done and I missed it) to make sure nothing is overlooked -- I remember there were some subtleties with what fs backends might try to do with chmod on symlinks. My proposed commit message also documented a lot of the history of the issue that might be useful to have as context. https://lore.kernel.org/all/20200910170256.GK3265@brightrain.aerifal.cx/T/ Rich
Rather than adding a fchmodat2() syscall, should we add a "set_file_attrs()" syscall that takes a mask and allows you to set a bunch of stuff all in one go? Basically, an interface to notify_change() in the kernel that would allow several stats to be set atomically. This might be of particular interest to network filesystems. David
* David Howells: > Rather than adding a fchmodat2() syscall, should we add a "set_file_attrs()" > syscall that takes a mask and allows you to set a bunch of stuff all in one > go? Basically, an interface to notify_change() in the kernel that would allow > several stats to be set atomically. This might be of particular interest to > network filesystems. Do you mean atomically as in compare-and-swap (update only if old values match), or just a way to update multiple file attributes with a single system call? Thanks, Florian
On 2023-07-25, David Howells <dhowells@redhat.com> wrote: > Rather than adding a fchmodat2() syscall, should we add a "set_file_attrs()" > syscall that takes a mask and allows you to set a bunch of stuff all in one > go? Basically, an interface to notify_change() in the kernel that would allow > several stats to be set atomically. This might be of particular interest to > network filesystems. Presumably looking something like statx(2) (except hopefully with extensible structs this time :P)? I think that could also be useful, but given this is a fairly straight-forward syscall addition (and it also would resolve the AT_EMPTY_PATH issue for chmod as well as simplify the glibc wrapper), I think it makes sense to take this and we can do set_statx(2) separately?
Florian Weimer <fweimer@redhat.com> wrote: > > Rather than adding a fchmodat2() syscall, should we add a > > "set_file_attrs()" syscall that takes a mask and allows you to set a bunch > > of stuff all in one go? Basically, an interface to notify_change() in the > > kernel that would allow several stats to be set atomically. This might be > > of particular interest to network filesystems. > > Do you mean atomically as in compare-and-swap (update only if old values > match), or just a way to update multiple file attributes with a single > system call? I was thinking more in terms of the latter. AFAIK, there aren't any network filesystems support a CAS interface on file attributes like that. To be able to do a CAS operation, we'd need to pass in the old values as well as the new. Another thing we could look at is doing "create_and_set_attrs()", possibly allowing it to take a list of xattrs also. David
On Tue, Jul 25, 2023 at 07:39:51PM +0100, David Howells wrote: > Florian Weimer <fweimer@redhat.com> wrote: > > > > Rather than adding a fchmodat2() syscall, should we add a > > > "set_file_attrs()" syscall that takes a mask and allows you to set a bunch > > > of stuff all in one go? Basically, an interface to notify_change() in the > > > kernel that would allow several stats to be set atomically. This might be > > > of particular interest to network filesystems. > > > > Do you mean atomically as in compare-and-swap (update only if old values > > match), or just a way to update multiple file attributes with a single > > system call? > > I was thinking more in terms of the latter. AFAIK, there aren't any network > filesystems support a CAS interface on file attributes like that. To be able > to do a CAS operation, we'd need to pass in the old values as well as the new. > > Another thing we could look at is doing "create_and_set_attrs()", possibly > allowing it to take a list of xattrs also. Can we please not let " hey let's invent a new interface to do something that will be hard for underlying filesystems to even provide and that nothing needs because there's no standard API to do it" be the enemy of "fixing a known problem implementing an existing standard API that just requires a simple, clearly-scoped syscall to do it"? Rich
On Tue, Jul 25, 2023 at 07:39:51PM +0100, David Howells wrote: > Florian Weimer <fweimer@redhat.com> wrote: > > > > Rather than adding a fchmodat2() syscall, should we add a > > > "set_file_attrs()" syscall that takes a mask and allows you to set a bunch > > > of stuff all in one go? Basically, an interface to notify_change() in the That system call would likely be blocked in seccomp sandboxes completely as seccomp cannot filter structs. I don't consider this an argument to block new good functionality in general as that would mean arbitrarily limiting us but it is something to keep in mind. If there's additional benefit other than just being able to set mutliple values at once then yeah might be something to discuss. > > > kernel that would allow several stats to be set atomically. This might be > > > of particular interest to network filesystems. > > > > Do you mean atomically as in compare-and-swap (update only if old values > > match), or just a way to update multiple file attributes with a single > > system call? > > I was thinking more in terms of the latter. AFAIK, there aren't any network > filesystems support a CAS interface on file attributes like that. To be able > to do a CAS operation, we'd need to pass in the old values as well as the new. > > Another thing we could look at is doing "create_and_set_attrs()", possibly > allowing it to take a list of xattrs also. That would likely require variable sized pointers in a struct which is something we really try to stay away from. I also think it's not a good idea to lump xattrs toegether with generic file attributes. They should remain a separate api imho.
On Tue, Jul 25, 2023 at 04:58:34PM +0100, David Howells wrote: > Rather than adding a fchmodat2() syscall, should we add a "set_file_attrs()" > syscall that takes a mask and allows you to set a bunch of stuff all in one > go? Basically, an interface to notify_change() in the kernel that would allow > several stats to be set atomically. This might be of particular interest to > network filesystems. > > David > fchmodat2() is a simple addition that fits well with the existing syscalls. It fixes an oversight in fchmodat(). IMO we should just add fchmodat2(), and not get sidetracked by trying to add some super-generalized syscall instead. That can always be done later. - Eric
On Wed, Jul 26, 2023 at 08:57:10PM -0700, Eric Biggers wrote: > On Tue, Jul 25, 2023 at 04:58:34PM +0100, David Howells wrote: > > Rather than adding a fchmodat2() syscall, should we add a "set_file_attrs()" > > syscall that takes a mask and allows you to set a bunch of stuff all in one > > go? Basically, an interface to notify_change() in the kernel that would allow > > several stats to be set atomically. This might be of particular interest to > > network filesystems. > > > > David > > > > fchmodat2() is a simple addition that fits well with the existing syscalls. > It fixes an oversight in fchmodat(). > > IMO we should just add fchmodat2(), and not get sidetracked by trying to add > some super-generalized syscall instead. That can always be done later. Agreed.