| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAhV-H7vJ69GD5RWOAtVVMAriGX8eVfqSTp_XadV9PTZJuoSAQ@mail.gmail.com> Date: Thu, 4 Jul 2024 10:38:12 +0800 From: Huacai Chen <chenhuacai@...nel.org> To: Xi Ruoyao <xry111@...111.site> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Christian Brauner <brauner@...nel.org>, libc-alpha@...rceware.org, "Andreas K. Huettel" <dilfridge@...too.org>, Arnd Bergmann <arnd@...db.de>, Mateusz Guzik <mjguzik@...il.com>, Alexander Viro <viro@...iv.linux.org.uk>, Jan Kara <jack@...e.cz>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, io-uring@...r.kernel.org, Jens Axboe <axboe@...nel.dk>, loongarch@...ts.linux.dev Subject: Re: [PATCH 2/2] vfs: support statx(..., NULL, AT_EMPTY_PATH, ...) On Thu, Jul 4, 2024 at 12:54 AM Xi Ruoyao <xry111@...111.site> wrote: > > On Wed, 2024-07-03 at 09:31 -0700, Linus Torvalds wrote: > > On Wed, 3 Jul 2024 at 01:46, Christian Brauner <brauner@...nel.org> > > wrote: > > > > > > We've now added AT_EMPTY_PATH support with NULL names because we > > > want to > > > allow that generically. But I clearly remember that this was > > > requested > > > to make statx() work with these sandboxes. So the kernel has done > > > its > > > part. Now it's for the sandbox to allow statx() with NULL paths and > > > AT_EMPTY_PATH but certainly not for the kernel to start reenabling > > > old > > > system calls. > > > > Those old system calls are still used. > > > > Just enable them. > > > > statx isn't the promised land. Existing applications matter. And there > > is absolutely nothing wrong with plain old 'stat' (well, we call it > > "newstat" in the kernel for historical reasons) on 64-bit > > architectures. > > > > Honestly, 'statx' is disgusting. I don't understand why anybody pushes > > that thing that nobody actually uses or cares about. > > Hmm why it was added in the first place then? Why not just NAK it? If > someone tries to add a "seccomp sandbox" into my project I'll > immediately NAK it anyway :). > > And should we add stat_time64, fstat_time64, and fstatat_time64 to stop > using statx on 32-bit platforms too as it's disgusting? > > Also some bad news: Glibc has this: > > #if (__WORDSIZE == 32 \ > && (!defined __SYSCALL_WORDSIZE || __SYSCALL_WORDSIZE == 32)) \ > || defined STAT_HAS_TIME32 \ > || (!defined __NR_newfstatat && !defined __NR_fstatat64) > # define FSTATAT_USE_STATX 1 > #else > # define FSTATAT_USE_STATX 0 > #endif > > So if a LoongArch Glibc is built with Linux kernel headers >= 6.11, > it'll use fstatat **even configured --with-kernel=5.19** and fail to run > on Linux kernel <= 6.10. This will immediately blow up building Linux > From Scratch on a host distro with an "old" kernel. The patch which adds newstat back will CC the stable list and be backported to old kernels. Huacai > > <sarcasm>Alright, some Google project matters but Glibc does not matter > because it uses a disgusting syscall in the first place.</sarcasm> > > We have to add some __ASSUME_blah_blah here now. > > To make things worse Glibc 2.40 is being frozen today :(. Copying to > libc-alpha and the RM. > > -- > Xi Ruoyao <xry111@...111.site> > School of Aerospace Science and Technology, Xidian University
Powered by blists - more mailing lists