Re: [PATCH] linux: Add openat2 (BZ 31664)

unofficial mirror of libc-alpha@sourceware.org
 help / color / mirror / Atom feed

From: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
To: Florian Weimer <fweimer@redhat.com>
Cc: libc-alpha@sourceware.org, Stas Sergeev <stsp@users.sourceforge.net>
Subject: Re: [PATCH] linux: Add openat2 (BZ 31664)
Date: Wed, 1 May 2024 11:14:22 -0300	[thread overview]
Message-ID: <e5fa1352-3821-4079-88f3-39dec5b29bee@linaro.org> (raw)
In-Reply-To: <87edaouw4y.fsf@oldenburg.str.redhat.com>



On 29/04/24 10:38, Florian Weimer wrote:
> * Adhemerval Zanella:
> 
>> diff --git a/sysdeps/unix/sysv/linux/bits/openat2.h b/sysdeps/unix/sysv/linux/bits/openat2.h
>> new file mode 100644
>> index 0000000000..a07984dace
>> --- /dev/null
>> +++ b/sysdeps/unix/sysv/linux/bits/openat2.h
> 
>> +#ifndef __glibc_has_open_how
>> +/* Arguments for how openat2 should open the target path.  */
>> +struct open_how
>> +{
>> +  __uint64_t flags;
>> +  __uint64_t mode;
>> +  __uint64_t resolve;
>> +};
>> +#endif
> 
> I think this needs better documentation that this is an extensible
> struct which must only be used with the openat2 function, and must not
> be nested in other structs or exposed in any way where the exact struct
> size matters.
> 
> Symbol versioning is not able to solve this problem because the only
> symbol involved here (openat2) does not actually depend on the struct
> size.

Another possibility would to not use the kernel definition and instead
add a 'open_how' with some spare size (kernel will only reject large
sizes if is not zero-initialized and it does not support the extra fields).
It will require glibc to update the new fields on kernel updates tough.

Indeed we don't need symbol versioning, we can infer the struct layout
by the size alone.

> 
>> diff --git a/sysdeps/unix/sysv/linux/tst-openat2.c b/sysdeps/unix/sysv/linux/tst-openat2.c
>> new file mode 100644
>> index 0000000000..d0c26f2bce
>> --- /dev/null
>> +++ b/sysdeps/unix/sysv/linux/tst-openat2.c
> 
>> +static int
>> +do_test_struct (void)
>> +{
>> +  static struct struct_test
>> +  {
>> +    struct open_how_ext
>> +    {
>> +      struct open_how inner;
>> +      int extra1;
>> +      int extra2;
>> +      int extra3;
>> +    } arg;
>> +    size_t size;
>> +    int err;
>> +  } tests[] =
>> +  {
>> +    {
>> +      /* Zero size.  */
>> +      .arg.inner.flags = O_RDONLY,
>> +      .size = 0,
>> +      .err = EINVAL,
>> +    },
>> +    {
>> +      /* Normal struct.  */
>> +      .arg.inner.flags = O_RDONLY,
>> +      .size = sizeof (struct open_how),
>> +    },
>> +    {
>> +      /* Larger struct, zeroed out the unused values.  */
>> +      .arg.inner.flags = O_RDONLY,
>> +      .size = sizeof (struct open_how_ext),
>> +    },
>> +    {
>> +      /* Larger struct, non-zeroed out the unused values.  */
>> +      .arg.inner.flags = O_RDONLY,
>> +      .arg.extra1 = 0xdeadbeef,
>> +      .size = sizeof (struct open_how_ext),
>> +      .err = E2BIG,
>> +    },
>> +    {
>> +      /* Larger struct, non-zeroed out the unused values.  */
>> +      .arg.inner.flags = O_RDONLY,
>> +      .arg.extra2 = 0xdeadbeef,
>> +      .size = sizeof (struct open_how_ext),
>> +      .err = E2BIG,
>> +    },
> 
> These tests will require constant maintenance on kernel upgrades.  Are
> they really helpful?

It would if the idea is to try to keep the fallback interface in sync
with kernel (or if we skip kernel inclusion altogether).  

I don't have a strong opinion which strategy we should use for these new
kernel interfaces.

     prev parent reply	other threads:[~2024-05-01 14:14 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-24 17:38 [PATCH] linux: Add openat2 (BZ 31664) Adhemerval Zanella
2024-04-24 17:42 ` enh
2024-04-24 18:05   ` Adhemerval Zanella Netto
2024-04-24 21:18     ` enh
2024-04-25 14:00       ` Adhemerval Zanella Netto
2024-04-25 14:10         ` enh
2024-04-25 16:10           ` Adhemerval Zanella Netto
2024-04-29 13:38 ` Florian Weimer
2024-05-01 14:14   ` Adhemerval Zanella Netto [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.gnu.org/software/libc/involved.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=e5fa1352-3821-4079-88f3-39dec5b29bee@linaro.org \
    --to=adhemerval.zanella@linaro.org \
    --cc=fweimer@redhat.com \
    --cc=libc-alpha@sourceware.org \
    --cc=stsp@users.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).