{"id":810681,"url":"http://patchwork.ozlabs.org/api/patches/810681/?format=json","web_url":"http://patchwork.ozlabs.org/project/glibc/patch/alpine.DEB.2.20.1709061529570.2445@digraph.polyomino.org.uk/","project":{"id":41,"url":"http://patchwork.ozlabs.org/api/projects/41/?format=json","name":"GNU C Library","link_name":"glibc","list_id":"libc-alpha.sourceware.org","list_email":"libc-alpha@sourceware.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<alpine.DEB.2.20.1709061529570.2445@digraph.polyomino.org.uk>","list_archive_url":null,"date":"2017-09-06T15:30:47","name":"Add fcntl sealing interfaces from Linux 3.17 to bits/fcntl-linux.h","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"1660b4ae32281902e469748961fe47c96a11842d","submitter":{"id":4349,"url":"http://patchwork.ozlabs.org/api/people/4349/?format=json","name":"Joseph Myers","email":"joseph@codesourcery.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/glibc/patch/alpine.DEB.2.20.1709061529570.2445@digraph.polyomino.org.uk/mbox/","series":[{"id":1839,"url":"http://patchwork.ozlabs.org/api/series/1839/?format=json","web_url":"http://patchwork.ozlabs.org/project/glibc/list/?series=1839","date":"2017-09-06T15:30:47","name":"Add fcntl sealing interfaces from Linux 3.17 to bits/fcntl-linux.h","version":1,"mbox":"http://patchwork.ozlabs.org/series/1839/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/810681/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/810681/checks/","tags":{},"related":[],"headers":{"Return-Path":"<libc-alpha-return-84268-incoming=patchwork.ozlabs.org@sourceware.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":["patchwork-incoming@bilbo.ozlabs.org","mailing list libc-alpha@sourceware.org"],"Authentication-Results":["ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=sourceware.org\n\t(client-ip=209.132.180.131; helo=sourceware.org;\n\tenvelope-from=libc-alpha-return-84268-incoming=patchwork.ozlabs.org@sourceware.org;\n\treceiver=<UNKNOWN>)","ozlabs.org; dkim=pass (1024-bit key;\n\tsecure) header.d=sourceware.org header.i=@sourceware.org\n\theader.b=\"oaB0c1PD\"; dkim-atps=neutral","sourceware.org; auth=none"],"Received":["from sourceware.org (server1.sourceware.org [209.132.180.131])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xnSGb0LS8z9t3Z\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu,  7 Sep 2017 01:31:02 +1000 (AEST)","(qmail 116720 invoked by alias); 6 Sep 2017 15:30:57 -0000","(qmail 116698 invoked by uid 89); 6 Sep 2017 15:30:56 -0000"],"DomainKey-Signature":"a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id\n\t:list-unsubscribe:list-subscribe:list-archive:list-post\n\t:list-help:sender:date:from:to:subject:message-id:mime-version\n\t:content-type; q=dns; s=default; b=toBTHCVbxqKOJ3v8f++bI2Ms/hNlg\n\t6DzmHpAc2O6zYscJv1PdedavPKILCsahRWsitRIiKbuPvKMlf29nqfjJfUSp05Iy\n\tQp0ko2k/FNtXFcT6QzocHXFa4OVU2nePY0bteT9PujMRf8l/Ym1/Wj+LDMb4BrWw\n\tc5WnxUMGymt2Qg=","DKIM-Signature":"v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id\n\t:list-unsubscribe:list-subscribe:list-archive:list-post\n\t:list-help:sender:date:from:to:subject:message-id:mime-version\n\t:content-type; s=default; bh=Yz6r9EdiyIPRzim2mxMMTfzoSgM=; b=oaB\n\t0c1PDTxhAqdx1UYFVXZKupm0RsnOl970+iUTLJi1G9OvDFtHZE91IiTXrOfJwfi2\n\t3IUZJ77m78jSoebqfBmc6DeWNCCD6fXo5rtTN2w0XwooDaWeVhzxnHsvYmIumK1d\n\tuyVYygj4dGH03lKkujL/Kl8+YPYadr/JoTssmjL4=","Mailing-List":"contact libc-alpha-help@sourceware.org; run by ezmlm","Precedence":"bulk","List-Id":"<libc-alpha.sourceware.org>","List-Unsubscribe":"<mailto:libc-alpha-unsubscribe-incoming=patchwork.ozlabs.org@sourceware.org>","List-Subscribe":"<mailto:libc-alpha-subscribe@sourceware.org>","List-Archive":"<http://sourceware.org/ml/libc-alpha/>","List-Post":"<mailto:libc-alpha@sourceware.org>","List-Help":"<mailto:libc-alpha-help@sourceware.org>,\n\t<http://sourceware.org/ml/#faqs>","Sender":"libc-alpha-owner@sourceware.org","X-Virus-Found":"No","X-Spam-SWARE-Status":"No, score=-24.5 required=5.0 tests=AWL, BAYES_00,\n\tGIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3,\n\tRCVD_IN_DNSWL_NONE, SPF_PASS,\n\tURIBL_RED autolearn=ham version=3.3.2 spammy=Hx-languages-length:2919,\n\t1031","X-HELO":"relay1.mentorg.com","Date":"Wed, 6 Sep 2017 15:30:47 +0000","From":"Joseph Myers <joseph@codesourcery.com>","To":"<libc-alpha@sourceware.org>","Subject":"Add fcntl sealing interfaces from Linux 3.17 to bits/fcntl-linux.h","Message-ID":"<alpine.DEB.2.20.1709061529570.2445@digraph.polyomino.org.uk>","User-Agent":"Alpine 2.20 (DEB 67 2015-01-07)","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"US-ASCII\"","X-ClientProxiedBy":"svr-ies-mbx-01.mgc.mentorg.com (139.181.222.1) To\n\tsvr-ies-mbx-01.mgc.mentorg.com (139.181.222.1)"},"content":"While reviewing Linux 4.13 for glibc header changes needed, I noticed\nthat bits/fcntl-linux.h was missing F_ADD_SEALS etc. from Linux 3.17.\n\nI didn't find any discussion indicating this omission is deliberate.\nNow, these interfaces can only be used with file descriptors created\nwith memfd_create, and we don't have a memfd_create wrapper in glibc\n(a patch was submitted in October 2014, albeit without documentation /\ntests, and discussions continued over the next few months, but without\nconsensus on whether to add the interface - and we still lack any\ngeneral consensus on syscall wrappers), but I don't think that's a\nreason to exclude the constants from bits/fcntl-linux.h (especially as\nthe header does not look compatible with simultaneously including\nlinux/fcntl.h).\n\n(Some of those 2014/2015 discussions raised concerns about difficulty\nusing the memfd_create / sealing interface, but those seem to me more\nlike a question of whether it should be part of the OS-independent GNU\nAPI - in my view, even fairly specialized syscalls ought to have\nwrappers added to glibc if not obsolescent, but there may be cases\nwhere we only want to include them in the Linux-specific API and\nanything in the OS-independent GNU API should be different - rather\nthan being relevant to whether constants for use with fcntl should\nappear in headers.)\n\n2017-09-06  Joseph Myers  <joseph@codesourcery.com>\n\n\t* sysdeps/unix/sysv/linux/bits/fcntl-linux.h [__USE_GNU]\n\t(F_ADD_SEALS): New macro.\n\t[__USE_GNU] (F_GET_SEALS): Likewise.\n\t[__USE_GNU] (F_SEAL_SEAL): Likewise.\n\t[__USE_GNU] (F_SEAL_SHRINK): Likewise.\n\t[__USE_GNU] (F_SEAL_GROW): Likewise.\n\t[__USE_GNU] (F_SEAL_WRITE): Likewise.","diff":"diff --git a/sysdeps/unix/sysv/linux/bits/fcntl-linux.h b/sysdeps/unix/sysv/linux/bits/fcntl-linux.h\nindex 0cd0a5d..fc65fc2 100644\n--- a/sysdeps/unix/sysv/linux/bits/fcntl-linux.h\n+++ b/sysdeps/unix/sysv/linux/bits/fcntl-linux.h\n@@ -202,6 +202,8 @@\n # define F_NOTIFY\t1026\t/* Request notifications on a directory.  */\n # define F_SETPIPE_SZ\t1031\t/* Set pipe page size array.  */\n # define F_GETPIPE_SZ\t1032\t/* Set pipe page size array.  */\n+# define F_ADD_SEALS\t1033\t/* Add seals to file.  */\n+# define F_GET_SEALS\t1034\t/* Get seals for file.  */\n #endif\n #ifdef __USE_XOPEN2K8\n # define F_DUPFD_CLOEXEC 1030\t/* Duplicate file descriptor with\n@@ -271,6 +273,14 @@ struct f_owner_ex\n   };\n #endif\n \n+#ifdef __USE_GNU\n+/* Types of seals.  */\n+# define F_SEAL_SEAL\t0x0001\t/* Prevent further seals from being set.  */\n+# define F_SEAL_SHRINK\t0x0002\t/* Prevent file from shrinking.  */\n+# define F_SEAL_GROW\t0x0004\t/* Prevent file from growing.  */\n+# define F_SEAL_WRITE\t0x0008\t/* Prevent writes.  */\n+#endif\n+\n /* Define some more compatibility macros to be backward compatible with\n    BSD systems which did not managed to hide these kernel macros.  */\n #ifdef\t__USE_MISC\n","prefixes":[]}