| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Oct 2020 12:26:52 +0200
From: Giuseppe Scrivano <gscrivan@...hat.com>
To: linux-kernel@...r.kernel.org
Cc: linux@...musvillemoes.dk, viro@...iv.linux.org.uk,
linux-fsdevel@...r.kernel.org, christian.brauner@...ntu.com,
containers@...ts.linux-foundation.org
Subject: [PATCH v2 0/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
When the new flag is used, close_range will set the close-on-exec bit
for the file descriptors instead of close()-ing them.
It is useful for e.g. container runtimes that want to minimize the
number of syscalls used after a seccomp profile is installed but want
to keep some fds open until the container process is executed.
v1->v2:
* move close_range(..., CLOSE_RANGE_CLOEXEC) implementation to a separate function.
* use bitmap_set() to set the close-on-exec bits in the bitmap.
* add test with rlimit(RLIMIT_NOFILE) in place.
* use "cur_max" that is already used by close_range(..., 0).
Giuseppe Scrivano (2):
fs, close_range: add flag CLOSE_RANGE_CLOEXEC
selftests: add tests for CLOSE_RANGE_CLOEXEC
fs/file.c | 44 ++++++++---
include/uapi/linux/close_range.h | 3 +
.../testing/selftests/core/close_range_test.c | 74 +++++++++++++++++++
3 files changed, 111 insertions(+), 10 deletions(-)
--
2.26.2
Powered by blists - more mailing lists