From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 47F5C385DC2E; Tue, 25 Aug 2020 14:57:26 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 47F5C385DC2E From: "mztyvop at 0pointer dot net" To: glibc-bugs@sourceware.org Subject: [Bug libc/26371] [RFE] please add clone3() wrapper (in particular the CLONE_INTO_CGROUP feature of it) Date: Tue, 25 Aug 2020 14:57:26 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: mztyvop at 0pointer dot net X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: security- X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: glibc-bugs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-bugs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Aug 2020 14:57:26 -0000 https://sourceware.org/bugzilla/show_bug.cgi?id=3D26371 --- Comment #3 from Lennart Poettering --- > My understanding if this issue is that the clone3 wrapper will not actual= ly help you that much. It would, if it was a wrapper like fork(), i.e. that it exposes this return-twice behaviour. It would be much less useful if it was like glibc's existing clone() wrapper, which hides that, or even worse if it was like posix_spawn(), that gives us no chance to change process attributes in the child between the clone3() and the execve(). > I suspect what you actually need is a way to perform certain system calls= after calling clone3. The newly created userspace thread will eventually c= all execve, but it is *not* expected to replace the original process (unlik= e calling execve from a full libc thread created by pthread_create). Correct. > Can you describe in a bit more detail what you need? To what extent to do= you need to share address space? Are you looking for a vfork-style clone? = It makes things simpler because you could share the stack, and error report= ing could use shared memory. vfork() would not really suffice. We do NSS stuff (getpwnam() and friends) = in the child before we execve(), and that's blocking, but we really can't block PID 1. In fact we do various other blocking things too there, that we explicitly chose to do in the child so not to block PID 1. > Which system calls do you need to call? Many. The obvious ones are process attributes, such as nice levels, other scheduling params, prctl, and so on. Then there's the per-process and per-cgroup stuff exposed in the fs. For that we use open() and related call= s.=20 keyring stuff, selinux and other MAC stuff. fs namespacing stuff, seccomp setup. There's some IPC going on, hidden behind NSS and in some form even in our code. In some cases we ask a question via /dev/console (for confirmatio= n, if the user asks for interactive boot-up). We also set up some per-service = dirs if that's configured. Also, if people specify RootImage=3D we'll attach a loopback block device and mount a file system off it as chroot() env. We don't do threads in the child process between fork() and execve(), but pretty much everything else ends up being on the table I guess. > Would you be able to call different functions than the usual system call = wrappers to perform the tasks you need? Well, we invoke NSS to resolve user names and groups, and we don't know what might be behind that... --=20 You are receiving this mail because: You are on the CC list for the bug.=