GNU bug report logs -
#77232
[PATCH] Allow also to get attributes of the terminal line
Previous Next
To reply to this bug, email your comments to 77232 AT debbugs.gnu.org.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#77232; Package
emacs.
(Mon, 24 Mar 2025 08:54:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Werner Fink <werner <at> suse.de>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Mon, 24 Mar 2025 08:54:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
as well as support mmap(2) flag MAP_DROPPABLE to allow
zero memory under memory pressure on newer Linux systems.
Otherwise a `make -k check` fails here in our build environment
with newer kernels and with /dev/console as physical device.
Signed-off-by: Werner Fink <werner <at> suse.de>
---
lib-src/seccomp-filter.c | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git lib-src/seccomp-filter.c lib-src/seccomp-filter.c
index d6421f0ebdb..4dda7d8f020 100644
--- lib-src/seccomp-filter.c
+++ lib-src/seccomp-filter.c
@@ -42,6 +42,9 @@ variants of those files that can be used to sandbox Emacs before
#include <stdlib.h>
#include <stdint.h>
#include <stdio.h>
+/* glibc uses internal an other TCGETS ioctl for its
+ tcgetattr(3) call with its internal struct termios */
+#include <asm/termbits.h>
#include <time.h>
#include <asm/prctl.h>
@@ -64,6 +67,11 @@ variants of those files that can be used to sandbox Emacs before
#define ARCH_CET_STATUS 0x3001
#endif
+/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */
+#ifndef MAP_DROPPABLE
+#define MAP_DROPPABLE 0x0
+#endif
+
static ATTRIBUTE_FORMAT_PRINTF (2, 3) _Noreturn void
fail (int error, const char *format, ...)
{
@@ -187,7 +195,7 @@ main (int argc, char **argv)
some versions of the dynamic loader still use it. Also
allow allocating thread stacks. */
SCMP_A3_32 (SCMP_CMP_MASKED_EQ,
- ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE
+ ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE | MAP_DROPPABLE
| MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE
| MAP_STACK | MAP_NORESERVE),
0));
@@ -274,6 +282,11 @@ main (int argc, char **argv)
SCMP_A0_32 (SCMP_CMP_EQ, STDIN_FILENO),
SCMP_A1_32 (SCMP_CMP_EQ, TIOCGPGRP));
+ /* Allow `tcgetattr' call of glibc on physical terminal devices. */
+ RULE (SCMP_ACT_ALLOW, SCMP_SYS (ioctl),
+ SCMP_A0_32 (SCMP_CMP_EQ, STDERR_FILENO),
+ SCMP_A1_32 (SCMP_CMP_EQ, TCGETS));
+
/* Allow reading (but not setting) file flags. */
RULE (SCMP_ACT_ALLOW, SCMP_SYS (fcntl),
SCMP_A1_32 (SCMP_CMP_EQ, F_GETFL));
--
2.35.3
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#77232; Package
emacs.
(Mon, 24 Mar 2025 12:43:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 77232 <at> debbugs.gnu.org (full text, mbox):
> Cc: Werner Fink <werner <at> suse.de>
> From: Werner Fink <werner <at> suse.de>
> Date: Mon, 24 Mar 2025 09:51:47 +0100
>
> as well as support mmap(2) flag MAP_DROPPABLE to allow
> zero memory under memory pressure on newer Linux systems.
>
> Otherwise a `make -k check` fails here in our build environment
> with newer kernels and with /dev/console as physical device.
>
> Signed-off-by: Werner Fink <werner <at> suse.de>
Thanks.
Philipp, any comments?
> ---
> lib-src/seccomp-filter.c | 19 ++++++++++++++++++-
> 1 file changed, 18 insertions(+), 1 deletion(-)
>
> diff --git lib-src/seccomp-filter.c lib-src/seccomp-filter.c
> index d6421f0ebdb..4dda7d8f020 100644
> --- lib-src/seccomp-filter.c
> +++ lib-src/seccomp-filter.c
> @@ -42,6 +42,9 @@ variants of those files that can be used to sandbox Emacs before
> #include <stdlib.h>
> #include <stdint.h>
> #include <stdio.h>
> +/* glibc uses internal an other TCGETS ioctl for its
> + tcgetattr(3) call with its internal struct termios */
> +#include <asm/termbits.h>
> #include <time.h>
>
> #include <asm/prctl.h>
> @@ -64,6 +67,11 @@ variants of those files that can be used to sandbox Emacs before
> #define ARCH_CET_STATUS 0x3001
> #endif
>
> +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */
> +#ifndef MAP_DROPPABLE
> +#define MAP_DROPPABLE 0x0
> +#endif
> +
> static ATTRIBUTE_FORMAT_PRINTF (2, 3) _Noreturn void
> fail (int error, const char *format, ...)
> {
> @@ -187,7 +195,7 @@ main (int argc, char **argv)
> some versions of the dynamic loader still use it. Also
> allow allocating thread stacks. */
> SCMP_A3_32 (SCMP_CMP_MASKED_EQ,
> - ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE
> + ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE | MAP_DROPPABLE
> | MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE
> | MAP_STACK | MAP_NORESERVE),
> 0));
> @@ -274,6 +282,11 @@ main (int argc, char **argv)
> SCMP_A0_32 (SCMP_CMP_EQ, STDIN_FILENO),
> SCMP_A1_32 (SCMP_CMP_EQ, TIOCGPGRP));
>
> + /* Allow `tcgetattr' call of glibc on physical terminal devices. */
> + RULE (SCMP_ACT_ALLOW, SCMP_SYS (ioctl),
> + SCMP_A0_32 (SCMP_CMP_EQ, STDERR_FILENO),
> + SCMP_A1_32 (SCMP_CMP_EQ, TCGETS));
> +
> /* Allow reading (but not setting) file flags. */
> RULE (SCMP_ACT_ALLOW, SCMP_SYS (fcntl),
> SCMP_A1_32 (SCMP_CMP_EQ, F_GETFL));
> --
> 2.35.3
>
>
>
>
>
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#77232; Package
emacs.
(Tue, 25 Mar 2025 15:07:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 77232 <at> debbugs.gnu.org (full text, mbox):
> Am 24.03.2025 um 13:42 schrieb Eli Zaretskii <eliz <at> gnu.org>:
>
>> Cc: Werner Fink <werner <at> suse.de>
>> From: Werner Fink <werner <at> suse.de>
>> Date: Mon, 24 Mar 2025 09:51:47 +0100
>>
>> as well as support mmap(2) flag MAP_DROPPABLE to allow
>> zero memory under memory pressure on newer Linux systems.
>>
>> Otherwise a `make -k check` fails here in our build environment
>> with newer kernels and with /dev/console as physical device.
>>
>> Signed-off-by: Werner Fink <werner <at> suse.de>
>
> Thanks.
>
> Philipp, any comments?
>
>> ---
>> lib-src/seccomp-filter.c | 19 ++++++++++++++++++-
>> 1 file changed, 18 insertions(+), 1 deletion(-)
>>
>> diff --git lib-src/seccomp-filter.c lib-src/seccomp-filter.c
>> index d6421f0ebdb..4dda7d8f020 100644
>> --- lib-src/seccomp-filter.c
>> +++ lib-src/seccomp-filter.c
>> @@ -42,6 +42,9 @@ variants of those files that can be used to sandbox Emacs before
>> #include <stdlib.h>
>> #include <stdint.h>
>> #include <stdio.h>
>> +/* glibc uses internal an other TCGETS ioctl for its
>> + tcgetattr(3) call with its internal struct termios */
>> +#include <asm/termbits.h>
>> #include <time.h>
>>
>> #include <asm/prctl.h>
>> @@ -64,6 +67,11 @@ variants of those files that can be used to sandbox Emacs before
>> #define ARCH_CET_STATUS 0x3001
>> #endif
>>
>> +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */
>> +#ifndef MAP_DROPPABLE
>> +#define MAP_DROPPABLE 0x0
Shouldn't this be 0x08? At least that's how it's defined in mman.h.
>> +#endif
>> +
>> static ATTRIBUTE_FORMAT_PRINTF (2, 3) _Noreturn void
>> fail (int error, const char *format, ...)
>> {
>> @@ -187,7 +195,7 @@ main (int argc, char **argv)
>> some versions of the dynamic loader still use it. Also
>> allow allocating thread stacks. */
>> SCMP_A3_32 (SCMP_CMP_MASKED_EQ,
>> - ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE
>> + ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE | MAP_DROPPABLE
>> | MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE
>> | MAP_STACK | MAP_NORESERVE),
>> 0));
>> @@ -274,6 +282,11 @@ main (int argc, char **argv)
>> SCMP_A0_32 (SCMP_CMP_EQ, STDIN_FILENO),
>> SCMP_A1_32 (SCMP_CMP_EQ, TIOCGPGRP));
>>
>> + /* Allow `tcgetattr' call of glibc on physical terminal devices. */
>> + RULE (SCMP_ACT_ALLOW, SCMP_SYS (ioctl),
>> + SCMP_A0_32 (SCMP_CMP_EQ, STDERR_FILENO),
>> + SCMP_A1_32 (SCMP_CMP_EQ, TCGETS));
>> +
>> /* Allow reading (but not setting) file flags. */
>> RULE (SCMP_ACT_ALLOW, SCMP_SYS (fcntl),
>> SCMP_A1_32 (SCMP_CMP_EQ, F_GETFL));
>> --
>> 2.35.3
>>
>>
>>
>>
>>
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#77232; Package
emacs.
(Tue, 25 Mar 2025 15:25:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 77232 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On 2025/03/25 16:06:39 +0100, Philipp Stephani wrote:
> >> #endif
> >>
> >> +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */
> >> +#ifndef MAP_DROPPABLE
> >> +#define MAP_DROPPABLE 0x0
>
> Shouldn't this be 0x08? At least that's how it's defined in mman.h.
If the kernel does not know (means header does not know) we should not
set an unknown flags as this will fail also (IMHO).
Only if older header files are used in combination with newer kernel
we would see the current behaviour.
Werner
--
"Having a smoking section in a restaurant is like having
a peeing section in a swimming pool." -- Edward Burr
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#77232; Package
emacs.
(Tue, 25 Mar 2025 16:23:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 77232 <at> debbugs.gnu.org (full text, mbox):
> Am 25.03.2025 um 16:24 schrieb Dr. Werner Fink <werner <at> suse.de>:
>
> On 2025/03/25 16:06:39 +0100, Philipp Stephani wrote:
>>>> #endif
>>>>
>>>> +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */
>>>> +#ifndef MAP_DROPPABLE
>>>> +#define MAP_DROPPABLE 0x0
>>
>> Shouldn't this be 0x08? At least that's how it's defined in mman.h.
>
> If the kernel does not know (means header does not know) we should not
> set an unknown flags as this will fail also (IMHO).
> Only if older header files are used in combination with newer kernel
> we would see the current behaviour.
The code in question doesn't actually call mmap, it creates a syscall filter that tests whether any unknown flags are set. Basically
if ((flags & ~known_flags) != 0) abort();
So putting something into known_flags that might not be known to the kernel when Emacs is run is harmless. In fact, it's beneficial for the case where the mman.h that's used when compiling seccomp-filter.c is older than the kernel that will be used to run Emacs.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#77232; Package
emacs.
(Wed, 26 Mar 2025 16:02:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 77232 <at> debbugs.gnu.org (full text, mbox):
Werner Fink <werner <at> suse.de> writes:
> as well as support mmap(2) flag MAP_DROPPABLE to allow
> zero memory under memory pressure on newer Linux systems.
>
> Otherwise a `make -k check` fails here in our build environment
> with newer kernels and with /dev/console as physical device.
>
> Signed-off-by: Werner Fink <werner <at> suse.de>
> ---
> lib-src/seccomp-filter.c | 19 ++++++++++++++++++-
> 1 file changed, 18 insertions(+), 1 deletion(-)
>
> diff --git lib-src/seccomp-filter.c lib-src/seccomp-filter.c
> index d6421f0ebdb..4dda7d8f020 100644
> --- lib-src/seccomp-filter.c
> +++ lib-src/seccomp-filter.c
> @@ -42,6 +42,9 @@ variants of those files that can be used to sandbox Emacs before
> #include <stdlib.h>
> #include <stdint.h>
> #include <stdio.h>
> +/* glibc uses internal an other TCGETS ioctl for its
> + tcgetattr(3) call with its internal struct termios */
> +#include <asm/termbits.h>
> #include <time.h>
>
> #include <asm/prctl.h>
> @@ -64,6 +67,11 @@ variants of those files that can be used to sandbox Emacs before
> #define ARCH_CET_STATUS 0x3001
> #endif
>
> +/*
> https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1
> */
Nit pick could you link to kernel.org instead?
The replacement link would be:
https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1
This bug report was last modified 8 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.