# git rev-parse -q --verify 4f30a60aa78410496e5ffe632a371c00f0d83a8d^{commit} 4f30a60aa78410496e5ffe632a371c00f0d83a8d already have revision, skipping fetch # git checkout -q -f -B kisskb 4f30a60aa78410496e5ffe632a371c00f0d83a8d # git clean -qxdf # < git log -1 # commit 4f30a60aa78410496e5ffe632a371c00f0d83a8d # Merge: 74858abbb103 a5161eeef97c # Author: Linus Torvalds # Date: Tue Aug 4 15:12:02 2020 -0700 # # Merge tag 'close-range-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux # # Pull close_range() implementation from Christian Brauner: # "This adds the close_range() syscall. It allows to efficiently close a # range of file descriptors up to all file descriptors of a calling # task. # # This is coordinated with the FreeBSD folks which have copied our # version of this syscall and in the meantime have already merged it in # April 2019: # # https://reviews.freebsd.org/D21627 # https://svnweb.freebsd.org/base?view=revision&revision=359836 # # The syscall originally came up in a discussion around the new mount # API and making new file descriptor types cloexec by default. During # this discussion, Al suggested the close_range() syscall. # # First, it helps to close all file descriptors of an exec()ing task. # This can be done safely via (quoting Al's example from [1] verbatim): # # /* that exec is sensitive */ # unshare(CLONE_FILES); # /* we don't want anything past stderr here */ # close_range(3, ~0U); # execve(....); # # The code snippet above is one way of working around the problem that # file descriptors are not cloexec by default. This is aggravated by the # fact that we can't just switch them over without massively regressing # userspace. For a whole class of programs having an in-kernel method of # closing all file descriptors is very helpful (e.g. demons, service # managers, programming language standard libraries, container managers # etc.). # # Second, it allows userspace to avoid implementing closing all file # descriptors by parsing through /proc//fd/* and calling close() on # each file descriptor and other hacks. From looking at various # large(ish) userspace code bases this or similar patterns are very # common in service managers, container runtimes, and programming # language runtimes/standard libraries such as Python or Rust. # # In addition, the syscall will also work for tasks that do not have # procfs mounted and on kernels that do not have procfs support compiled # in. In such situations the only way to make sure that all file # descriptors are closed is to call close() on each file descriptor up # to UINT_MAX or RLIMIT_NOFILE, OPEN_MAX trickery. # # Based on Linus' suggestion close_range() also comes with a new flag # CLOSE_RANGE_UNSHARE to more elegantly handle file descriptor dropping # right before exec. This would usually be expressed in the sequence: # # unshare(CLONE_FILES); # close_range(3, ~0U); # # as pointed out by Linus it might be desirable to have this be a part # of close_range() itself under a new flag CLOSE_RANGE_UNSHARE which # gets especially handy when we're closing all file descriptors above a # certain threshold. # # Test-suite as always included" # # * tag 'close-range-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux: # tests: add CLOSE_RANGE_UNSHARE tests # close_range: add CLOSE_RANGE_UNSHARE # tests: add close_range() tests # arch: wire-up close_range() # open: add close_range() # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux-ld --version # < git log --format=%s --max-count=1 4f30a60aa78410496e5ffe632a371c00f0d83a8d # < make -s -j 10 ARCH=x86_64 O=/kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux- randconfig KCONFIG_SEED=0xD696C1E8 # Added to kconfig CONFIG_STANDALONE=y # Added to kconfig CONFIG_PREVENT_FIRMWARE_BUILD=y # Added to kconfig CONFIG_CC_STACKPROTECTOR_STRONG=n # Added to kconfig CONFIG_GCC_PLUGINS=n # Added to kconfig CONFIG_GCC_PLUGIN_CYC_COMPLEXITY=n # Added to kconfig CONFIG_GCC_PLUGIN_SANCOV=n # Added to kconfig CONFIG_GCC_PLUGIN_LATENT_ENTROPY=n # < make -s -j 10 ARCH=x86_64 O=/kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux- help # make -s -j 10 ARCH=x86_64 O=/kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux- olddefconfig .config:5462:warning: override: reassigning to symbol STANDALONE # make -s -j 10 ARCH=x86_64 O=/kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux- /kisskb/src/drivers/mailbox/imx-mailbox.c:638:12: warning: 'imx_mu_runtime_resume' defined but not used [-Wunused-function] static int imx_mu_runtime_resume(struct device *dev) ^~~~~~~~~~~~~~~~~~~~~ /kisskb/src/drivers/mailbox/imx-mailbox.c:629:12: warning: 'imx_mu_runtime_suspend' defined but not used [-Wunused-function] static int imx_mu_runtime_suspend(struct device *dev) ^~~~~~~~~~~~~~~~~~~~~~ /kisskb/src/drivers/mailbox/imx-mailbox.c:611:12: warning: 'imx_mu_resume_noirq' defined but not used [-Wunused-function] static int imx_mu_resume_noirq(struct device *dev) ^~~~~~~~~~~~~~~~~~~ /kisskb/src/drivers/mailbox/imx-mailbox.c:601:12: warning: 'imx_mu_suspend_noirq' defined but not used [-Wunused-function] static int imx_mu_suspend_noirq(struct device *dev) ^~~~~~~~~~~~~~~~~~~~ Completed OK # rm -rf /kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 # Build took: 0:07:40.770933