Skip to content

Commit

Permalink
kcmp: Support selection of SYS_kcmp without CHECKPOINT_RESTORE
Browse files Browse the repository at this point in the history
Userspace has discovered the functionality offered by SYS_kcmp and has
started to depend upon it. In particular, Mesa uses SYS_kcmp for
os_same_file_description() in order to identify when two fd (e.g. device
or dmabuf) point to the same struct file. Since they depend on it for
core functionality, lift SYS_kcmp out of the non-default
CONFIG_CHECKPOINT_RESTORE into the selectable syscall category.

Rasmus Villemoes also pointed out that systemd uses SYS_kcmp to
deduplicate the per-service file descriptor store.

Note that some distributions such as Ubuntu are already enabling
CHECKPOINT_RESTORE in their configs and so, by extension, SYS_kcmp.

References: https://gitlab.freedesktop.org/drm/intel/-/issues/3046
Signed-off-by: Chris Wilson <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: Andy Lutomirski <[email protected]>
Cc: Will Drewry <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: Dave Airlie <[email protected]>
Cc: Daniel Vetter <[email protected]>
Cc: Lucas Stach <[email protected]>
Cc: Rasmus Villemoes <[email protected]>
Cc: Cyrill Gorcunov <[email protected]>
Cc: [email protected]
Acked-by: Daniel Vetter <[email protected]> # DRM depends on kcmp
Acked-by: Rasmus Villemoes <[email protected]> # systemd uses kcmp
Reviewed-by: Cyrill Gorcunov <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Acked-by: Thomas Zimmermann <[email protected]>
Signed-off-by: Daniel Vetter <[email protected]>
Link: https://patchwork.freedesktop.org/patch/msgid/[email protected]
  • Loading branch information
ickle authored and danvet committed Feb 16, 2021
1 parent f40ddce commit bfe3911
Show file tree
Hide file tree
Showing 6 changed files with 19 additions and 5 deletions.
3 changes: 3 additions & 0 deletions drivers/gpu/drm/Kconfig
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ menuconfig DRM
select I2C_ALGOBIT
select DMA_SHARED_BUFFER
select SYNC_FILE
# gallium uses SYS_kcmp for os_same_file_description() to de-duplicate
# device and dmabuf fd. Let's make sure that is available for our userspace.
select KCMP
help
Kernel-level support for the Direct Rendering Infrastructure (DRI)
introduced in XFree86 4.0. If you say Y here, you need to select
Expand Down
4 changes: 2 additions & 2 deletions fs/eventpoll.c
Original file line number Diff line number Diff line change
Expand Up @@ -979,7 +979,7 @@ static struct epitem *ep_find(struct eventpoll *ep, struct file *file, int fd)
return epir;
}

#ifdef CONFIG_CHECKPOINT_RESTORE
#ifdef CONFIG_KCMP
static struct epitem *ep_find_tfd(struct eventpoll *ep, int tfd, unsigned long toff)
{
struct rb_node *rbp;
Expand Down Expand Up @@ -1021,7 +1021,7 @@ struct file *get_epoll_tfile_raw_ptr(struct file *file, int tfd,

return file_raw;
}
#endif /* CONFIG_CHECKPOINT_RESTORE */
#endif /* CONFIG_KCMP */

/**
* Adds a new entry to the tail of the list in a lockless way, i.e.
Expand Down
2 changes: 1 addition & 1 deletion include/linux/eventpoll.h
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ struct file;

#ifdef CONFIG_EPOLL

#ifdef CONFIG_CHECKPOINT_RESTORE
#ifdef CONFIG_KCMP
struct file *get_epoll_tfile_raw_ptr(struct file *file, int tfd, unsigned long toff);
#endif

Expand Down
11 changes: 11 additions & 0 deletions init/Kconfig
Original file line number Diff line number Diff line change
Expand Up @@ -1193,6 +1193,7 @@ endif # NAMESPACES
config CHECKPOINT_RESTORE
bool "Checkpoint/restore support"
select PROC_CHILDREN
select KCMP
default n
help
Enables additional kernel features in a sake of checkpoint/restore.
Expand Down Expand Up @@ -1736,6 +1737,16 @@ config ARCH_HAS_MEMBARRIER_CALLBACKS
config ARCH_HAS_MEMBARRIER_SYNC_CORE
bool

config KCMP
bool "Enable kcmp() system call" if EXPERT
help
Enable the kernel resource comparison system call. It provides
user-space with the ability to compare two processes to see if they
share a common resource, such as a file descriptor or even virtual
memory space.

If unsure, say N.

config RSEQ
bool "Enable rseq() system call" if EXPERT
default y
Expand Down
2 changes: 1 addition & 1 deletion kernel/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ obj-y += livepatch/
obj-y += dma/
obj-y += entry/

obj-$(CONFIG_CHECKPOINT_RESTORE) += kcmp.o
obj-$(CONFIG_KCMP) += kcmp.o
obj-$(CONFIG_FREEZER) += freezer.o
obj-$(CONFIG_PROFILING) += profile.o
obj-$(CONFIG_STACKTRACE) += stacktrace.o
Expand Down
2 changes: 1 addition & 1 deletion tools/testing/selftests/seccomp/seccomp_bpf.c
Original file line number Diff line number Diff line change
Expand Up @@ -315,7 +315,7 @@ TEST(kcmp)
ret = __filecmp(getpid(), getpid(), 1, 1);
EXPECT_EQ(ret, 0);
if (ret != 0 && errno == ENOSYS)
SKIP(return, "Kernel does not support kcmp() (missing CONFIG_CHECKPOINT_RESTORE?)");
SKIP(return, "Kernel does not support kcmp() (missing CONFIG_KCMP?)");
}

TEST(mode_strict_support)
Expand Down

0 comments on commit bfe3911

Please sign in to comment.