linux/arch/sh/kernel
Linus Torvalds 83fa805bcb threads-v5.6
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCXjFo8wAKCRCRxhvAZXjc
 omaGAQDVwCHQekqxp2eC8EJH4Pkt+Bn1BLrA25stlTo93YBPHgEAsPVUCRNcrZAl
 VncYmxCfpt3Yu0S/MTVXu5xrRiIXPQk=
 =uqTN
 -----END PGP SIGNATURE-----

Merge tag 'threads-v5.6' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux

Pull thread management updates from Christian Brauner:
 "Sargun Dhillon over the last cycle has worked on the pidfd_getfd()
  syscall.

  This syscall allows for the retrieval of file descriptors of a process
  based on its pidfd. A task needs to have ptrace_may_access()
  permissions with PTRACE_MODE_ATTACH_REALCREDS (suggested by Oleg and
  Andy) on the target.

  One of the main use-cases is in combination with seccomp's user
  notification feature. As a reminder, seccomp's user notification
  feature was made available in v5.0. It allows a task to retrieve a
  file descriptor for its seccomp filter. The file descriptor is usually
  handed of to a more privileged supervising process. The supervisor can
  then listen for syscall events caught by the seccomp filter of the
  supervisee and perform actions in lieu of the supervisee, usually
  emulating syscalls. pidfd_getfd() is needed to expand its uses.

  There are currently two major users that wait on pidfd_getfd() and one
  future user:

   - Netflix, Sargun said, is working on a service mesh where users
     should be able to connect to a dns-based VIP. When a user connects
     to e.g. 1.2.3.4:80 that runs e.g. service "foo" they will be
     redirected to an envoy process. This service mesh uses seccomp user
     notifications and pidfd to intercept all connect calls and instead
     of connecting them to 1.2.3.4:80 connects them to e.g.
     127.0.0.1:8080.

   - LXD uses the seccomp notifier heavily to intercept and emulate
     mknod() and mount() syscalls for unprivileged containers/processes.
     With pidfd_getfd() more uses-cases e.g. bridging socket connections
     will be possible.

   - The patchset has also seen some interest from the browser corner.
     Right now, Firefox is using a SECCOMP_RET_TRAP sandbox managed by a
     broker process. In the future glibc will start blocking all signals
     during dlopen() rendering this type of sandbox impossible. Hence,
     in the future Firefox will switch to a seccomp-user-nofication
     based sandbox which also makes use of file descriptor retrieval.
     The thread for this can be found at
     https://sourceware.org/ml/libc-alpha/2019-12/msg00079.html

  With pidfd_getfd() it is e.g. possible to bridge socket connections
  for the supervisee (binding to a privileged port) and taking actions
  on file descriptors on behalf of the supervisee in general.

  Sargun's first version was using an ioctl on pidfds but various people
  pushed for it to be a proper syscall which he duely implemented as
  well over various review cycles. Selftests are of course included.
  I've also added instructions how to deal with merge conflicts below.

  There's also a small fix coming from the kernel mentee project to
  correctly annotate struct sighand_struct with __rcu to fix various
  sparse warnings. We've received a few more such fixes and even though
  they are mostly trivial I've decided to postpone them until after -rc1
  since they came in rather late and I don't want to risk introducing
  build warnings.

  Finally, there's a new prctl() command PR_{G,S}ET_IO_FLUSHER which is
  needed to avoid allocation recursions triggerable by storage drivers
  that have userspace parts that run in the IO path (e.g. dm-multipath,
  iscsi, etc). These allocation recursions deadlock the device.

  The new prctl() allows such privileged userspace components to avoid
  allocation recursions by setting the PF_MEMALLOC_NOIO and
  PF_LESS_THROTTLE flags. The patch carries the necessary acks from the
  relevant maintainers and is routed here as part of prctl()
  thread-management."

* tag 'threads-v5.6' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux:
  prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim
  sched.h: Annotate sighand_struct with __rcu
  test: Add test for pidfd getfd
  arch: wire up pidfd_getfd syscall
  pid: Implement pidfd_getfd syscall
  vfs, fdtable: Add fget_task helper
2020-01-29 19:38:34 -08:00
..
cpu Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2020-01-28 10:07:09 -08:00
syscalls threads-v5.6 2020-01-29 19:38:34 -08:00
vsyscall sh: vsyscall: drop unnecessary cc-ldoption 2019-05-18 11:29:01 +09:00
.gitignore
asm-offsets.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
crash_dump.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugtraps.S sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
disassemble.c sh: kernel: disassemble: Mark expected switch fall-throughs 2019-08-11 16:15:16 -05:00
dma-coherent.c remove ioremap_nocache and devm_ioremap_nocache 2020-01-06 09:45:59 +01:00
dumpstack.c Tracing changes for v4.21: 2018-12-31 11:46:59 -08:00
dwarf.c It appears that the zero-day bot did find a bug in my sh build. 2019-01-05 14:08:00 -08:00
entry-common.S sched/rt, sh: Use CONFIG_PREEMPTION 2019-12-08 14:37:35 +01:00
ftrace.c sh/function_graph: Simplify with function_graph_enter() 2018-11-27 20:31:39 -05:00
head_32.S sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
head_64.S sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
hw_breakpoint.c sh: kernel: hw_breakpoint: Fix missing break in switch statement 2019-08-11 16:15:16 -05:00
idle.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
io_trapped.c sh: Use pr_warn instead of pr_warning 2019-10-18 13:52:05 +02:00
io.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
iomap.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
ioport.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
irq_32.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
irq_64.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
irq.c softirq/sh: Use nmi_count() on /proc/interrupts print out 2018-05-14 11:25:27 +02:00
kdebugfs.c sh: no need to check return value of debugfs_create functions 2019-06-03 15:39:40 +02:00
kgdb.c sh: kgdb: Mark expected switch fall-throughs 2019-12-10 16:11:42 -06:00
kprobes.c arch/sh: Check for kprobe trap number before trying to handle a kprobe trap 2019-06-26 19:11:13 +09:00
machine_kexec.c memblock: drop __memblock_alloc_base() 2019-03-12 10:04:01 -07:00
machvec.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
Makefile sh: use generic dma_noncoherent_ops 2018-08-02 13:54:20 +02:00
module.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
nmi_debug.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
perf_callchain.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
perf_event.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
process_32.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
process_64.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
process.c Kbuild: rename CC_STACKPROTECTOR[_STRONG] config variables 2018-06-14 12:21:18 +09:00
ptrace_32.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
ptrace_64.c signal: Remove task parameter from force_sig 2019-05-27 09:36:28 -05:00
ptrace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
reboot.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
relocate_kernel.S sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
return_address.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
setup.c arch/sh/setup: Drop dummy_con initialization 2020-01-14 15:29:18 +01:00
sh_bios.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
sh_ksyms_32.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sh_ksyms_64.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
signal_32.c signal: Remove task parameter from force_sig 2019-05-27 09:36:28 -05:00
signal_64.c signal: Remove task parameter from force_sig 2019-05-27 09:36:28 -05:00
smp.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
stacktrace.c sh/stacktrace: Remove the pointless ULONG_MAX marker 2019-04-14 19:58:28 +02:00
swsusp.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
sys_sh32.c mm: add ksys_fadvise64_64() helper; remove in-kernel call to sys_fadvise64_64() 2018-04-02 20:16:10 +02:00
sys_sh.c mm: add ksys_mmap_pgoff() helper; remove in-kernel calls to sys_mmap_pgoff() 2018-04-02 20:16:11 +02:00
syscalls_32.S sh: remove nargs from __SYSCALL 2019-03-05 21:07:13 -08:00
syscalls_64.S sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
time.c sh: add the sh_ prefix to early platform symbols 2019-10-07 13:50:48 +02:00
topology.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
traps_32.c signal: Remove the task parameter from force_sig_fault 2019-05-29 09:31:43 -05:00
traps_64.c signal: Remove task parameter from force_sig 2019-05-27 09:36:28 -05:00
traps.c signal: Remove task parameter from force_sig 2019-05-27 09:36:28 -05:00
unwinder.c sh: kernel: convert to SPDX identifiers 2018-12-28 12:11:45 -08:00
vmlinux.lds.S vmlinux.lds.h: Replace RW_DATA_SECTION with RW_DATA 2019-11-04 15:57:41 +01:00