| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250901-lammfell-kaninchen-c160a69e6b36@brauner>
Date: Mon, 1 Sep 2025 15:40:26 +0200
From: Christian Brauner <brauner@...nel.org>
To: schuster.simon@...mens-energy.com
Cc: Dinh Nguyen <dinguyen@...nel.org>, Arnd Bergmann <arnd@...db.de>,
Andrew Morton <akpm@...ux-foundation.org>, David Hildenbrand <david@...hat.com>,
Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, "Liam R. Howlett" <Liam.Howlett@...cle.com>,
Vlastimil Babka <vbabka@...e.cz>, Mike Rapoport <rppt@...nel.org>,
Suren Baghdasaryan <surenb@...gle.com>, Michal Hocko <mhocko@...e.com>, Ingo Molnar <mingo@...hat.com>,
Peter Zijlstra <peterz@...radead.org>, Juri Lelli <juri.lelli@...hat.com>,
Vincent Guittot <vincent.guittot@...aro.org>, Dietmar Eggemann <dietmar.eggemann@....com>,
Steven Rostedt <rostedt@...dmis.org>, Ben Segall <bsegall@...gle.com>, Mel Gorman <mgorman@...e.de>,
Valentin Schneider <vschneid@...hat.com>, Kees Cook <kees@...nel.org>,
Paul Walmsley <paul.walmsley@...ive.com>, Palmer Dabbelt <palmer@...belt.com>,
Albert Ou <aou@...s.berkeley.edu>, Alexandre Ghiti <alex@...ti.fr>, Guo Ren <guoren@...nel.org>,
Oleg Nesterov <oleg@...hat.com>, Jens Axboe <axboe@...nel.dk>,
Alexander Viro <viro@...iv.linux.org.uk>, Jan Kara <jack@...e.cz>, Tejun Heo <tj@...nel.org>,
Johannes Weiner <hannes@...xchg.org>, Michal Koutný <mkoutny@...e.com>,
Paul Moore <paul@...l-moore.com>, Serge Hallyn <sergeh@...nel.org>,
James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>,
Anna-Maria Behnsen <anna-maria@...utronix.de>, Frederic Weisbecker <frederic@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>, Masami Hiramatsu <mhiramat@...nel.org>,
"David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Arnaldo Carvalho de Melo <acme@...nel.org>,
Namhyung Kim <namhyung@...nel.org>, Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>, Jiri Olsa <jolsa@...nel.org>, Ian Rogers <irogers@...gle.com>,
Adrian Hunter <adrian.hunter@...el.com>, John Johansen <john.johansen@...onical.com>,
Stephen Smalley <stephen.smalley.work@...il.com>, Ondrej Mosnacek <omosnace@...hat.com>,
Kentaro Takeda <takedakn@...data.co.jp>, Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
Richard Henderson <richard.henderson@...aro.org>, Matt Turner <mattst88@...il.com>,
Vineet Gupta <vgupta@...nel.org>, Russell King <linux@...linux.org.uk>,
Catalin Marinas <catalin.marinas@....com>, Will Deacon <will@...nel.org>, Brian Cain <bcain@...nel.org>,
Huacai Chen <chenhuacai@...nel.org>, WANG Xuerui <kernel@...0n.name>,
Geert Uytterhoeven <geert@...ux-m68k.org>, Michal Simek <monstr@...str.eu>,
Thomas Bogendoerfer <tsbogend@...ha.franken.de>, Jonas Bonn <jonas@...thpole.se>,
Stefan Kristiansson <stefan.kristiansson@...nalahti.fi>, Stafford Horne <shorne@...il.com>,
"James E.J. Bottomley" <James.Bottomley@...senpartnership.com>, Helge Deller <deller@....de>,
Madhavan Srinivasan <maddy@...ux.ibm.com>, Michael Ellerman <mpe@...erman.id.au>,
Nicholas Piggin <npiggin@...il.com>, Christophe Leroy <christophe.leroy@...roup.eu>,
Heiko Carstens <hca@...ux.ibm.com>, Vasily Gorbik <gor@...ux.ibm.com>,
Alexander Gordeev <agordeev@...ux.ibm.com>, Christian Borntraeger <borntraeger@...ux.ibm.com>,
Sven Schnelle <svens@...ux.ibm.com>, Yoshinori Sato <ysato@...rs.sourceforge.jp>,
Rich Felker <dalias@...c.org>, John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>,
Andreas Larsson <andreas@...sler.com>, Richard Weinberger <richard@....at>,
Anton Ivanov <anton.ivanov@...bridgegreys.com>, Johannes Berg <johannes@...solutions.net>,
Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>, Chris Zankel <chris@...kel.net>,
Max Filippov <jcmvbkbc@...il.com>, linux-mm@...ck.org, linux-kernel@...r.kernel.org,
linux-riscv@...ts.infradead.org, linux-csky@...r.kernel.org, linux-block@...r.kernel.org,
linux-fsdevel@...r.kernel.org, cgroups@...r.kernel.org, linux-security-module@...r.kernel.org,
linux-trace-kernel@...r.kernel.org, netdev@...r.kernel.org, linux-perf-users@...r.kernel.org,
apparmor@...ts.ubuntu.com, selinux@...r.kernel.org, linux-alpha@...r.kernel.org,
linux-snps-arc@...ts.infradead.org, linux-arm-kernel@...ts.infradead.org,
linux-hexagon@...r.kernel.org, loongarch@...ts.linux.dev, linux-m68k@...ts.linux-m68k.org,
linux-mips@...r.kernel.org, linux-openrisc@...r.kernel.org, linux-parisc@...r.kernel.org,
linuxppc-dev@...ts.ozlabs.org, linux-s390@...r.kernel.org, linux-sh@...r.kernel.org,
sparclinux@...r.kernel.org, linux-um@...ts.infradead.org, stable@...r.kernel.org
Subject: Re: [PATCH v2 0/4] nios2: Add architecture support for clone3
On Mon, Sep 01, 2025 at 03:09:49PM +0200, Simon Schuster via B4 Relay wrote:
> This series adds support for the clone3 system call to the nios2
> architecture. This addresses the build-time warning "warning: clone3()
I did not expect that to happen or matter but fine.
> entry point is missing, please fix" introduced in 505d66d1abfb9
> ("clone3: drop __ARCH_WANT_SYS_CLONE3 macro"). The implementation passes
> the relevant clone3 tests of kselftest when applied on top of
> next-20250815:
>
> ./run_kselftest.sh
> TAP version 13
> 1..4
> # selftests: clone3: clone3
> ok 1 selftests: clone3: clone3
> # selftests: clone3: clone3_clear_sighand
> ok 2 selftests: clone3: clone3_clear_sighand
> # selftests: clone3: clone3_set_tid
> ok 3 selftests: clone3: clone3_set_tid
> # selftests: clone3: clone3_cap_checkpoint_restore
> ok 4 selftests: clone3: clone3_cap_checkpoint_restore
>
> The series also includes a small patch to kernel/fork.c that ensures
> that clone_flags are passed correctly on architectures where unsigned
> long is insufficient to store the u64 clone_flags. It is marked as a fix
> for stable backporting.
>
> As requested, in v2, this series now further tries to correct this type
> error throughout the whole code base. Thus, it now touches a larger
> number of subsystems and all architectures.
I've reworked copy_thread()/copy_thread_tls() a few years ago but I
don't remember why I didn't switch to a u64 for them. Probably because
only CLONE_VM and CLONE_SETTLS mattered. Thanks for doing that.
> Therefore, another test was performed for ARCH=x86_64 (as a
> representative for 64-bit architectures). Here, the series builds cleanly
> without warnings on defconfig with CONFIG_SECURITY_APPARMOR=y and
> CONFIG_SECURITY_TOMOYO=y (to compile-check the LSM-related changes).
> The build further successfully passes testing/selftests/clone3 (with the
> patch from 20241105062948.1037011-1-zhouyuhang1010@....com to prepare
> clone3_cap_checkpoint_restore for compatibility with the newer libcap
> version on my system).
>
> Is there any option to further preflight check this patch series via
> lkp/KernelCI/etc. for a broader test across architectures, or is this
> degree of testing sufficient to eventually get the series merged?
>
> N.B.: The series is not checkpatch clean right now:
> - include/linux/cred.h, include/linux/mnt_namespace.h:
> function definition arguments without identifier name
> - include/trace/events/task.h:
> space prohibited after that open parenthesis
>
> I did not fix these warnings to keep my changes minimal and reviewable,
> as the issues persist throughout the files and they were not introduced
> by me; I only followed the existing code style and just replaced the
> types. If desired, I'd be happy to make the changes in a potential v3,
> though.
>
> Signed-off-by: Simon Schuster <schuster.simon@...mens-energy.com>
> ---
> Changes in v2:
> - Introduce "Fixes:" and "Cc: stable@...r.kernel.org" where necessary
> - Factor out "Fixes:" when adapting the datatype of clone_flags for
> easier backports
> - Fix additional instances where `unsigned long` clone_flags is used
> - Reword commit message to make it clearer that any 32-bit arch is
> affected by this bug
> - Link to v1: https://lore.kernel.org/r/20250821-nios2-implement-clone3-v1-0-1bb24017376a@siemens-energy.com
>
> ---
> Simon Schuster (4):
> copy_sighand: Handle architectures where sizeof(unsigned long) < sizeof(u64)
> copy_process: pass clone_flags as u64 across calltree
> arch: copy_thread: pass clone_flags as u64
> nios2: implement architecture-specific portion of sys_clone3
>
> arch/alpha/kernel/process.c | 2 +-
> arch/arc/kernel/process.c | 2 +-
> arch/arm/kernel/process.c | 2 +-
> arch/arm64/kernel/process.c | 2 +-
> arch/csky/kernel/process.c | 2 +-
> arch/hexagon/kernel/process.c | 2 +-
> arch/loongarch/kernel/process.c | 2 +-
> arch/m68k/kernel/process.c | 2 +-
> arch/microblaze/kernel/process.c | 2 +-
> arch/mips/kernel/process.c | 2 +-
> arch/nios2/include/asm/syscalls.h | 1 +
> arch/nios2/include/asm/unistd.h | 2 --
> arch/nios2/kernel/entry.S | 6 ++++++
> arch/nios2/kernel/process.c | 2 +-
> arch/nios2/kernel/syscall_table.c | 1 +
> arch/openrisc/kernel/process.c | 2 +-
> arch/parisc/kernel/process.c | 2 +-
> arch/powerpc/kernel/process.c | 2 +-
> arch/riscv/kernel/process.c | 2 +-
> arch/s390/kernel/process.c | 2 +-
> arch/sh/kernel/process_32.c | 2 +-
> arch/sparc/kernel/process_32.c | 2 +-
> arch/sparc/kernel/process_64.c | 2 +-
> arch/um/kernel/process.c | 2 +-
> arch/x86/include/asm/fpu/sched.h | 2 +-
> arch/x86/include/asm/shstk.h | 4 ++--
> arch/x86/kernel/fpu/core.c | 2 +-
> arch/x86/kernel/process.c | 2 +-
> arch/x86/kernel/shstk.c | 2 +-
> arch/xtensa/kernel/process.c | 2 +-
> block/blk-ioc.c | 2 +-
> fs/namespace.c | 2 +-
> include/linux/cgroup.h | 4 ++--
> include/linux/cred.h | 2 +-
> include/linux/iocontext.h | 6 +++---
> include/linux/ipc_namespace.h | 4 ++--
> include/linux/lsm_hook_defs.h | 2 +-
> include/linux/mnt_namespace.h | 2 +-
> include/linux/nsproxy.h | 2 +-
> include/linux/pid_namespace.h | 4 ++--
> include/linux/rseq.h | 4 ++--
> include/linux/sched/task.h | 2 +-
> include/linux/security.h | 4 ++--
> include/linux/sem.h | 4 ++--
> include/linux/time_namespace.h | 4 ++--
> include/linux/uprobes.h | 4 ++--
> include/linux/user_events.h | 4 ++--
> include/linux/utsname.h | 4 ++--
> include/net/net_namespace.h | 4 ++--
> include/trace/events/task.h | 6 +++---
> ipc/namespace.c | 2 +-
> ipc/sem.c | 2 +-
> kernel/cgroup/namespace.c | 2 +-
> kernel/cred.c | 2 +-
> kernel/events/uprobes.c | 2 +-
> kernel/fork.c | 10 +++++-----
> kernel/nsproxy.c | 4 ++--
> kernel/pid_namespace.c | 2 +-
> kernel/sched/core.c | 4 ++--
> kernel/sched/fair.c | 2 +-
> kernel/sched/sched.h | 4 ++--
> kernel/time/namespace.c | 2 +-
> kernel/utsname.c | 2 +-
> net/core/net_namespace.c | 2 +-
> security/apparmor/lsm.c | 2 +-
> security/security.c | 2 +-
> security/selinux/hooks.c | 2 +-
> security/tomoyo/tomoyo.c | 2 +-
> 68 files changed, 95 insertions(+), 89 deletions(-)
> ---
> base-commit: 1357b2649c026b51353c84ddd32bc963e8999603
> change-id: 20250818-nios2-implement-clone3-7f252c20860b
>
> Best regards,
> --
> Simon Schuster <schuster.simon@...mens-energy.com>
>
>
Powered by blists - more mailing lists