lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 4 Dec 2020 12:32:38 +0100
From:   Christian Brauner <christian.brauner@...ntu.com>
To:     Giuseppe Scrivano <gscrivan@...hat.com>
Cc:     linux-kernel@...r.kernel.org, linux@...musvillemoes.dk,
        viro@...iv.linux.org.uk, linux-fsdevel@...r.kernel.org,
        containers@...ts.linux-foundation.org
Subject: Re: [PATCH v3 0/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC

On Wed, Nov 18, 2020 at 11:47:44AM +0100, Giuseppe Scrivano wrote:
> When the new flag is used, close_range will set the close-on-exec bit
> for the file descriptors instead of close()-ing them.
> 
> It is useful for e.g. container runtimes that want to minimize the
> number of syscalls used after a seccomp profile is installed but want
> to keep some fds open until the container process is executed.
> 
> v3:
> - fixed indentation
> - selftests: use ASSERT_EQ instead of EXPECT_EQ for hard failures
> 
> v2: https://lkml.kernel.org/lkml/20201019102654.16642-1-gscrivan@redhat.com/
> - move close_range(..., CLOSE_RANGE_CLOEXEC) implementation to a separate function.
> - use bitmap_set() to set the close-on-exec bits in the bitmap.
> - add test with rlimit(RLIMIT_NOFILE) in place.
> - use "cur_max" that is already used by close_range(..., 0).
> 
> v1: https://lkml.kernel.org/lkml/20201013140609.2269319-1-gscrivan@redhat.com/
> 
> Giuseppe Scrivano (2):
>   fs, close_range: add flag CLOSE_RANGE_CLOEXEC
>   selftests: core: add tests for CLOSE_RANGE_CLOEXEC
> 
>  fs/file.c                                     | 44 ++++++++---
>  include/uapi/linux/close_range.h              |  3 +
>  .../testing/selftests/core/close_range_test.c | 74 +++++++++++++++++++
>  3 files changed, 111 insertions(+), 10 deletions(-)

I've picked this up and stuffed it into -next. This solves a real
problem and I don't want it to sit around another merge window. (If you
pick it up later I'll simply drop it, Al.)

Christian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ