From: Arnd Bergmann > Sent: 20 September 2020 21:49 > > On Sun, Sep 20, 2020 at 9:28 PM Andy Lutomirski <luto@xxxxxxxxxx> wrote: > > On Sun, Sep 20, 2020 at 12:23 PM Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote: > > > > > > On Sun, Sep 20, 2020 at 08:10:31PM +0100, Al Viro wrote: > > > > IMO it's much saner to mark those and refuse to touch them from io_uring... > > > > > > Simpler solution is to remove io_uring from the 32-bit syscall list. > > > If you're a 32-bit process, you don't get to use io_uring. Would > > > any real users actually care about that? > > > > We could go one step farther and declare that we're done adding *any* > > new compat syscalls :) > > Would you also stop adding system calls to native 32-bit systems then? > > On memory constrained systems (less than 2GB a.t.m.), there is still a > strong demand for running 32-bit user space, but all of the recent Arm > cores (after Cortex-A55) dropped the ability to run 32-bit kernels, so > that compat mode may eventually become the primary way to run > Linux on cheap embedded systems. > > I don't think there is any chance we can realistically take away io_uring > from the 32-bit ABI any more now. Can't it just run requests from 32bit apps in a kernel thread that has the 'in_compat_syscall' flag set? Not that i recall seeing the code where it saves the 'compat' nature of any requests. It is already completely f*cked if you try to pass the command ring to a child process - it uses the wrong 'mm'. I suspect there are some really horrid security holes in that area. David. - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
