-
Notifications
You must be signed in to change notification settings - Fork 17.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/sys/unix: fchmodat2 will handle flags in Linux 6.6 #61636
Comments
Related to #20130 |
(CC @tklauser) |
@tklauser Would be happy to work on it, if you don't mind |
We just have to make sure that the linked patch got indeed merged into the tree. It is expected to land in Linux 6.6 but I saw no official word on this yet. |
I don't see how to do this safely. Usually we can try the system call and do something else if it fails, but that doesn't seem to work here. Do we have to look at the kernel version to see whether the flags argument is supported? |
I'm not aware of another way to handle this as well. There is not much detail on this yet but I imagine we could somehow check if fchmodat2 is available and then use it or fallback to fchmodat. Another way as you said is to rely on a kernel version check. |
Presumably we could call (Although we would probably also have to deal with bad container implementations that return some bogus error like |
Sorry, I missed that it was an entirely new system call. We can handle that. |
Another option would be to only call func Fchmodat(dirfd int, path string, mode uint32, flags int) error {
// Linux fchmodat doesn't support the flags parameter, but fchmodat2 does. Try fchmodat2
// first, but only if flags are specified.
if flags&^(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 {
return EINVAL
} else if flags&(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 {
return fchmodat2(dirfd, path, mode, flags)
}
return fchmodat(dirfd, path, mode)
}
That way the caller would have to deal with the bogus errors. Or we could just keep returning |
Change https://go.dev/cl/539635 mentions this issue: |
@tklauser Thanks for sending a CL, I forgot to update here but after CL538378 was merged we now have access to SYS_FCHMODAT2 in x/sys. Regarding the implementation, I agree with your solution, seems to handle the corner cases properly. I also found this patch for glibc to use fchmodat2, maybe we can reason about it for the implementation details. I was also unable to find any man pages for fchmodat2, not sure if it was deliberately ommited, or there is just no man pages or references for it in the man-pages project. |
Change https://go.dev/cl/540435 mentions this issue: |
The fchmodat2 syscall was added in Linux kernel 6.6. Mirror the implementation in golang.org/x/sys/unix.Fchmodat (CL 539635) and use fchmodat2 in Fchmodat if flags are given. It will return ENOSYS on older kernels (or EINVAL or any other bogus error in some container implementations). Also update ztypes_linux_$GOARCH.go for all linux platforms to add _AT_EMPTY_PATH. It was added to linux/types in CL 407694 but was only updated for linux/loong64 at that time. Updates #61636 Change-Id: I863d06e35cd366f1cf99052e9f77c22ab8168b3f Reviewed-on: https://go-review.googlesource.com/c/go/+/540435 Reviewed-by: Mauri de Souza Meneguzzo <mauri870@gmail.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Heschi Kreinick <heschi@google.com> Reviewed-by: Bryan Mills <bcmills@google.com> Auto-Submit: Tobias Klauser <tobias.klauser@gmail.com>
Adding a note for reference.
I happened to run into exactly this during earlier WIP iterations of the upcoming linux/arm LUCI builder, which uses a container for installing a 32-bit arm C toolchain on an otherwise 64-bit arm64 VM. The problem was that the caller was
Fortunately, it's viable for the container on that builder to run with |
The current go implementation of Fchmodat has some workarounds since the flags argument on Linux is ignored:
flags can be
0
orAT_SYMLINK_NOFOLLOW
for POSIXThere is a proposed patch that creates a new version of this syscall (fchmodat2) that handles the posix flag
AT_SYMLINK_NOFOLLOW
properly at the kernel level.When made accessible in the release kernel, library implementations will be able to utilize it for their fchmodat() implementation, circumventing the need for existing workarounds.
The text was updated successfully, but these errors were encountered: