| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Nov 2020 11:02:25 +0100
From: Christian Brauner <christian.brauner@...ntu.com>
To: Giuseppe Scrivano <gscrivan@...hat.com>
Cc: linux-kernel@...r.kernel.org, linux@...musvillemoes.dk,
viro@...iv.linux.org.uk, linux-fsdevel@...r.kernel.org,
containers@...ts.linux-foundation.org
Subject: Re: [PATCH v2 0/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
On Thu, Oct 29, 2020 at 05:47:53PM +0100, Giuseppe Scrivano wrote:
> Hi Christian,
>
> Christian Brauner <christian.brauner@...ntu.com> writes:
>
> > On Mon, Oct 19, 2020 at 12:26:52PM +0200, Giuseppe Scrivano wrote:
> >> When the new flag is used, close_range will set the close-on-exec bit
> >> for the file descriptors instead of close()-ing them.
> >>
> >> It is useful for e.g. container runtimes that want to minimize the
> >> number of syscalls used after a seccomp profile is installed but want
> >> to keep some fds open until the container process is executed.
> >>
> >> v1->v2:
> >> * move close_range(..., CLOSE_RANGE_CLOEXEC) implementation to a separate function.
> >> * use bitmap_set() to set the close-on-exec bits in the bitmap.
> >> * add test with rlimit(RLIMIT_NOFILE) in place.
> >> * use "cur_max" that is already used by close_range(..., 0).
> >
> > I'm picking this up for some testing, thanks
> > Christian
>
> thanks! I've addressed the comments you had for v2 and pushed them
> here[1] but I've not sent yet v3 as I was waiting for a feedback from Al
> whether using bitmap_set() is fine.
Send it please.
Christian
Powered by blists - more mailing lists