From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 24 04:53:38 2025 Received: (at submit) by debbugs.gnu.org; 24 Mar 2025 08:53:38 +0000 Received: from localhost ([127.0.0.1]:54157 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1twdYw-0001K7-E1 for submit@debbugs.gnu.org; Mon, 24 Mar 2025 04:53:38 -0400 Received: from lists.gnu.org ([2001:470:142::17]:60598) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1twdYt-0001Jo-R9 for submit@debbugs.gnu.org; Mon, 24 Mar 2025 04:53:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1twdYo-0005YG-7p for bug-gnu-emacs@gnu.org; Mon, 24 Mar 2025 04:53:30 -0400 Received: from smtp-out2.suse.de ([2a07:de40:b251:101:10:150:64:2]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1twdYl-00044p-Tz for bug-gnu-emacs@gnu.org; Mon, 24 Mar 2025 04:53:29 -0400 Received: from mydomainname.com (unknown [IPv6:2a07:de40:a101:3:21c:c0ff:fea4:1c14]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 4562B1F387; Mon, 24 Mar 2025 08:53:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1742806404; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=nHfD+CmtZpuhay19JMz/vPY7yZFz6iM5923K0lixyLY=; b=0Yya/jpThUub6llGTJjmPD8RDMY/ZIVHaNecDEoGcys5N6khrvBp/bR533geIbZC8Xg303 1PEGGOLPN4wCfaQEaQWKM+4lKS2LO/CvdqsYIe0xQEBSe5KnO+Ji0p7u4l71uPz6aIDvB3 Q2gd/0rn53Nb+xqJvISpzEU+gXO9x/c= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1742806404; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=nHfD+CmtZpuhay19JMz/vPY7yZFz6iM5923K0lixyLY=; b=ic7MjWfc7s88VG0x2Rd9rjWSNy7z2Mx+yheVPVnjUia1hJ8VSJJBtmNvPFOfSmY9+ZBLlN 3U3I7GPEl4zJLrDg== Authentication-Results: smtp-out2.suse.de; dkim=pass header.d=suse.de header.s=susede2_rsa header.b="0Yya/jpT"; dkim=pass header.d=suse.de header.s=susede2_ed25519 header.b=ic7MjWfc DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1742806404; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=nHfD+CmtZpuhay19JMz/vPY7yZFz6iM5923K0lixyLY=; b=0Yya/jpThUub6llGTJjmPD8RDMY/ZIVHaNecDEoGcys5N6khrvBp/bR533geIbZC8Xg303 1PEGGOLPN4wCfaQEaQWKM+4lKS2LO/CvdqsYIe0xQEBSe5KnO+Ji0p7u4l71uPz6aIDvB3 Q2gd/0rn53Nb+xqJvISpzEU+gXO9x/c= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1742806404; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=nHfD+CmtZpuhay19JMz/vPY7yZFz6iM5923K0lixyLY=; b=ic7MjWfc7s88VG0x2Rd9rjWSNy7z2Mx+yheVPVnjUia1hJ8VSJJBtmNvPFOfSmY9+ZBLlN 3U3I7GPEl4zJLrDg== Received: from boole.nue2.suse.org (localhost [127.0.0.1]) by mydomainname.com (8.18.1/8.18.1/SUSE Linux 0.8) with ESMTPS id 52O8rL8m003701 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 24 Mar 2025 09:53:23 +0100 Received: (from werner@localhost) by boole.nue2.suse.org (8.18.1/8.18.1/Submit) id 52O8rLVJ003700; Mon, 24 Mar 2025 09:53:21 +0100 From: Werner Fink To: bug-gnu-emacs@gnu.org Subject: [PATCH] Allow also to get attributes of the terminal line Date: Mon, 24 Mar 2025 09:51:47 +0100 Message-Id: <20250324085146.3152-1-werner@suse.de> X-Mailer: git-send-email 2.35.3 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Level: * X-Spamd-Result: default: False [1.49 / 50.00]; BAYES_HAM(-3.00)[99.99%]; HFILTER_HOSTNAME_UNKNOWN(2.50)[]; RDNS_NONE(2.00)[]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; R_MISSING_CHARSET(0.50)[]; R_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MX_GOOD(-0.01)[]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:25478, ipnet:::/0, country:RU]; FUZZY_BLOCKED(0.00)[rspamd.com]; RCPT_COUNT_TWO(0.00)[2]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[suse.de:+] X-Spam-Score: 1.49 X-Spamd-Bar: + X-Rspamd-Queue-Id: 4562B1F387 X-Rspamd-Action: no action X-Rspamd-Server: rspamd2.dmz-prg2.suse.org X-Spam-Flag: NO Received-SPF: pass client-ip=2a07:de40:b251:101:10:150:64:2; envelope-from=werner@suse.de; helo=smtp-out2.suse.de X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: submit Cc: Werner Fink X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) as well as support mmap(2) flag MAP_DROPPABLE to allow zero memory under memory pressure on newer Linux systems. Otherwise a `make -k check` fails here in our build environment with newer kernels and with /dev/console as physical device. Signed-off-by: Werner Fink --- lib-src/seccomp-filter.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git lib-src/seccomp-filter.c lib-src/seccomp-filter.c index d6421f0ebdb..4dda7d8f020 100644 --- lib-src/seccomp-filter.c +++ lib-src/seccomp-filter.c @@ -42,6 +42,9 @@ variants of those files that can be used to sandbox Emacs before #include #include #include +/* glibc uses internal an other TCGETS ioctl for its + tcgetattr(3) call with its internal struct termios */ +#include #include #include @@ -64,6 +67,11 @@ variants of those files that can be used to sandbox Emacs before #define ARCH_CET_STATUS 0x3001 #endif +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */ +#ifndef MAP_DROPPABLE +#define MAP_DROPPABLE 0x0 +#endif + static ATTRIBUTE_FORMAT_PRINTF (2, 3) _Noreturn void fail (int error, const char *format, ...) { @@ -187,7 +195,7 @@ main (int argc, char **argv) some versions of the dynamic loader still use it. Also allow allocating thread stacks. */ SCMP_A3_32 (SCMP_CMP_MASKED_EQ, - ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE + ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE | MAP_DROPPABLE | MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE | MAP_STACK | MAP_NORESERVE), 0)); @@ -274,6 +282,11 @@ main (int argc, char **argv) SCMP_A0_32 (SCMP_CMP_EQ, STDIN_FILENO), SCMP_A1_32 (SCMP_CMP_EQ, TIOCGPGRP)); + /* Allow `tcgetattr' call of glibc on physical terminal devices. */ + RULE (SCMP_ACT_ALLOW, SCMP_SYS (ioctl), + SCMP_A0_32 (SCMP_CMP_EQ, STDERR_FILENO), + SCMP_A1_32 (SCMP_CMP_EQ, TCGETS)); + /* Allow reading (but not setting) file flags. */ RULE (SCMP_ACT_ALLOW, SCMP_SYS (fcntl), SCMP_A1_32 (SCMP_CMP_EQ, F_GETFL)); -- 2.35.3 From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 24 08:42:25 2025 Received: (at 77232) by debbugs.gnu.org; 24 Mar 2025 12:42:25 +0000 Received: from localhost ([127.0.0.1]:54662 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1twh8L-0007oo-0I for submit@debbugs.gnu.org; Mon, 24 Mar 2025 08:42:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:41780) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1twh8H-0007oM-3F for 77232@debbugs.gnu.org; Mon, 24 Mar 2025 08:42:22 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1twh8A-0001W1-K3; Mon, 24 Mar 2025 08:42:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=hxfTXAePs7cmOFyAb/pj8OSTGIPaIQTKbXm48Trd45Y=; b=UiD1QPOt7sC2 u+y/FoHzi4jKq2LzUU0w/MT/XskG6wfLYc+dTqMZVEs+dkVfesAt1cMv53ASKQnPdsY8KvTJez/LI 7buhrkx30XUtq3wl1sgz6SAwsATxCToiXRwXBFu1CMpUG1WjU1Oag+aNcn0hxJQpTfg08VZBNL4R2 KogttmJbO/poUSP+jEAfRjB9ZcHVNm4f47zeKjAv51mkHwHNRQCkxGMNwuy0FpZzg2/RESCGsgrxK g9WyIjtLpZHGyXQpH0+QK9iVZBnuKGaKWRX98zcs6STyItaYPauc+ghodXomNeVGD3KnQ0PH92qnU oxuknaWp5eFL8Ca/SbeMwQ==; Date: Mon, 24 Mar 2025 14:42:02 +0200 Message-Id: <86a59afvmt.fsf@gnu.org> From: Eli Zaretskii To: Werner Fink , Philipp Stephani , Philipp Stephani In-Reply-To: <20250324085146.3152-1-werner@suse.de> (message from Werner Fink on Mon, 24 Mar 2025 09:51:47 +0100) Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line References: <20250324085146.3152-1-werner@suse.de> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 77232 Cc: 77232@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > Cc: Werner Fink > From: Werner Fink > Date: Mon, 24 Mar 2025 09:51:47 +0100 > > as well as support mmap(2) flag MAP_DROPPABLE to allow > zero memory under memory pressure on newer Linux systems. > > Otherwise a `make -k check` fails here in our build environment > with newer kernels and with /dev/console as physical device. > > Signed-off-by: Werner Fink Thanks. Philipp, any comments? > --- > lib-src/seccomp-filter.c | 19 ++++++++++++++++++- > 1 file changed, 18 insertions(+), 1 deletion(-) > > diff --git lib-src/seccomp-filter.c lib-src/seccomp-filter.c > index d6421f0ebdb..4dda7d8f020 100644 > --- lib-src/seccomp-filter.c > +++ lib-src/seccomp-filter.c > @@ -42,6 +42,9 @@ variants of those files that can be used to sandbox Emacs before > #include > #include > #include > +/* glibc uses internal an other TCGETS ioctl for its > + tcgetattr(3) call with its internal struct termios */ > +#include > #include > > #include > @@ -64,6 +67,11 @@ variants of those files that can be used to sandbox Emacs before > #define ARCH_CET_STATUS 0x3001 > #endif > > +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */ > +#ifndef MAP_DROPPABLE > +#define MAP_DROPPABLE 0x0 > +#endif > + > static ATTRIBUTE_FORMAT_PRINTF (2, 3) _Noreturn void > fail (int error, const char *format, ...) > { > @@ -187,7 +195,7 @@ main (int argc, char **argv) > some versions of the dynamic loader still use it. Also > allow allocating thread stacks. */ > SCMP_A3_32 (SCMP_CMP_MASKED_EQ, > - ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE > + ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE | MAP_DROPPABLE > | MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE > | MAP_STACK | MAP_NORESERVE), > 0)); > @@ -274,6 +282,11 @@ main (int argc, char **argv) > SCMP_A0_32 (SCMP_CMP_EQ, STDIN_FILENO), > SCMP_A1_32 (SCMP_CMP_EQ, TIOCGPGRP)); > > + /* Allow `tcgetattr' call of glibc on physical terminal devices. */ > + RULE (SCMP_ACT_ALLOW, SCMP_SYS (ioctl), > + SCMP_A0_32 (SCMP_CMP_EQ, STDERR_FILENO), > + SCMP_A1_32 (SCMP_CMP_EQ, TCGETS)); > + > /* Allow reading (but not setting) file flags. */ > RULE (SCMP_ACT_ALLOW, SCMP_SYS (fcntl), > SCMP_A1_32 (SCMP_CMP_EQ, F_GETFL)); > -- > 2.35.3 > > > > > From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 25 11:06:59 2025 Received: (at 77232) by debbugs.gnu.org; 25 Mar 2025 15:06:59 +0000 Received: from localhost ([127.0.0.1]:39611 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tx5rn-0000w9-Dj for submit@debbugs.gnu.org; Tue, 25 Mar 2025 11:06:59 -0400 Received: from mail-wm1-x334.google.com ([2a00:1450:4864:20::334]:41657) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tx5rl-0000vv-0W for 77232@debbugs.gnu.org; Tue, 25 Mar 2025 11:06:58 -0400 Received: by mail-wm1-x334.google.com with SMTP id 5b1f17b1804b1-43cf89f81c5so6224255e9.2 for <77232@debbugs.gnu.org>; Tue, 25 Mar 2025 08:06:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1742915210; x=1743520010; darn=debbugs.gnu.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=dn2+0GnrvxVDWeEtqJVaRpnSg7Z86Qi35PeRU8PN7tU=; b=V49YUak4mwiEs6Up1T3bUoDTMfL4vPoPyr/aOU18iwrX7IDQbjp3quM+FbBv8Z7+xw ivy8UzJM6v51lbvSaoq7eyzXrTIiSqSCzoqK6pnliJrf39dnT0iOgSUQ3CUV1Ul6a+Ko lb3+Gfps7FDlvmsDgXlossThYqIqVJ6mLrV6ZZ5PI6On8ByIVLsqb7oYs4ASANRWHq3P oNZq/YEp5b10H8r4RI0ckkWnujkFSM9X77+gE4w9KdPW0n1GMpgU0dBvenZZVToCwbRi acTyHQ024m6vMmtx6ADdJHjG0xqY4lompr7DzA8ztoy0keeCOC+AjEhItCsdstASFLMT P+gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1742915210; x=1743520010; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dn2+0GnrvxVDWeEtqJVaRpnSg7Z86Qi35PeRU8PN7tU=; b=S4B6+Zv8gIzNjSE3zVU93tls6iKHpiCkAmXk02gxCg/AWQ/aaFzNQAr2bzrsbcEmr5 qTG9/iDcREgwit+Ru6CX2DkrK+4bYD8ozp0XTUB6bIkjeuLu/ZSqhM8xclG8iXD+9gSx nDVYNZvLG8b56qaqzRmjQccFMm4W3lPpVtSdN6LryNyCL12U0nIgkRw+Twj14K12Uh9H d9gvAgpKSRgzFrlKUl9G7Nk+Rjk56+YLaOZS/nn1i7RU4sZofMH1jB0STvDyophum59J kh4AwWLbxe1PkqSvGWxyx2wJ57G4PswOeEw3ekQXB/3n8qWwzn4/d7ZycpIIcyIHXxy0 Hxvg== X-Forwarded-Encrypted: i=1; AJvYcCWAoQyDhZJrjJwwGI/XBnnrPj+jk8d4aanpylDxKyk9p4JyaUAwgLcoTDdKJEibpNVgu/qkAw==@debbugs.gnu.org X-Gm-Message-State: AOJu0Yy3+0zfOq6WtTEgUT54QSvhHl1pF5JC9Wah/2QZvtpIhsPThh7y 5lpAXM34GgAZbT7obO6i43ZhPx/L9piXnkikLLgTx4iTuYsu1zDM X-Gm-Gg: ASbGnctVEX42+EYyW+GP1lYLsB4dCubEefh7RhUFN8jU3PeKyw74k/ZqDZZK/DeIFWW U/ghUZdZINfs4j0+Rx5Q1oOFk2L7djfIu5LBeB0a8EN3QOMzaX8CPDDMsDiDNNrlFong78FdoaL aSY2plkvIWnHXc0kSTS1XHAqQBsQyge8GqjFnioIZ8yZb3hDjpIDyluH1iPx5wS7O8LQOtt8CkH IAxJg9I7zgD5OGoeeqiH3rJxho/qeKoASXxVuqHkPQsj4Hg10/dAI/ETS5gPpQkXfiNDR2MKQiZ dYY4e/hfZ+nlbvE2ijOFceL2d3nBmOVYS48VQgEYVCd/Oib8/+3bk+1Axqp3OFLsSGK4AOCgLVg KR3wD X-Google-Smtp-Source: AGHT+IF3ydX9/XLoazY+F2sKrnBDNYnS2dSkuasRov40p4FnryYlrhz7SyJDvghF1JkhafjkfnlunA== X-Received: by 2002:a5d:5e0e:0:b0:39a:ca59:a616 with SMTP id ffacd0b85a97d-39aca59a81dmr675722f8f.9.1742915210185; Tue, 25 Mar 2025 08:06:50 -0700 (PDT) Received: from smtpclient.apple ([2001:a61:3af9:de01:2859:7d0b:e4ac:f9d8]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3997f9f0107sm14240670f8f.99.2025.03.25.08.06.49 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 25 Mar 2025 08:06:49 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.400.131.1.6\)) Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line From: Philipp Stephani In-Reply-To: <86a59afvmt.fsf@gnu.org> Date: Tue, 25 Mar 2025 16:06:39 +0100 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20250324085146.3152-1-werner@suse.de> <86a59afvmt.fsf@gnu.org> To: Eli Zaretskii X-Mailer: Apple Mail (2.3826.400.131.1.6) X-Spam-Score: 0.3 (/) X-Debbugs-Envelope-To: 77232 Cc: Philipp Stephani , 77232@debbugs.gnu.org, Werner Fink X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) > Am 24.03.2025 um 13:42 schrieb Eli Zaretskii : >=20 >> Cc: Werner Fink >> From: Werner Fink >> Date: Mon, 24 Mar 2025 09:51:47 +0100 >>=20 >> as well as support mmap(2) flag MAP_DROPPABLE to allow >> zero memory under memory pressure on newer Linux systems. >>=20 >> Otherwise a `make -k check` fails here in our build environment >> with newer kernels and with /dev/console as physical device. >>=20 >> Signed-off-by: Werner Fink >=20 > Thanks. >=20 > Philipp, any comments? >=20 >> --- >> lib-src/seccomp-filter.c | 19 ++++++++++++++++++- >> 1 file changed, 18 insertions(+), 1 deletion(-) >>=20 >> diff --git lib-src/seccomp-filter.c lib-src/seccomp-filter.c >> index d6421f0ebdb..4dda7d8f020 100644 >> --- lib-src/seccomp-filter.c >> +++ lib-src/seccomp-filter.c >> @@ -42,6 +42,9 @@ variants of those files that can be used to sandbox = Emacs before >> #include >> #include >> #include >> +/* glibc uses internal an other TCGETS ioctl for its >> + tcgetattr(3) call with its internal struct termios */ >> +#include >> #include >>=20 >> #include >> @@ -64,6 +67,11 @@ variants of those files that can be used to = sandbox Emacs before >> #define ARCH_CET_STATUS 0x3001 >> #endif >>=20 >> +/* = https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85= ee10fc1 */ >> +#ifndef MAP_DROPPABLE >> +#define MAP_DROPPABLE 0x0 Shouldn't this be 0x08? At least that's how it's defined in mman.h. >> +#endif >> + >> static ATTRIBUTE_FORMAT_PRINTF (2, 3) _Noreturn void >> fail (int error, const char *format, ...) >> { >> @@ -187,7 +195,7 @@ main (int argc, char **argv) >> some versions of the dynamic loader still use it. Also >> allow allocating thread stacks. */ >> SCMP_A3_32 (SCMP_CMP_MASKED_EQ, >> - ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE >> + ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE | = MAP_DROPPABLE >> | MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE >> | MAP_STACK | MAP_NORESERVE), >> 0)); >> @@ -274,6 +282,11 @@ main (int argc, char **argv) >> SCMP_A0_32 (SCMP_CMP_EQ, STDIN_FILENO), >> SCMP_A1_32 (SCMP_CMP_EQ, TIOCGPGRP)); >>=20 >> + /* Allow `tcgetattr' call of glibc on physical terminal devices. = */ >> + RULE (SCMP_ACT_ALLOW, SCMP_SYS (ioctl), >> + SCMP_A0_32 (SCMP_CMP_EQ, STDERR_FILENO), >> + SCMP_A1_32 (SCMP_CMP_EQ, TCGETS)); >> + >> /* Allow reading (but not setting) file flags. */ >> RULE (SCMP_ACT_ALLOW, SCMP_SYS (fcntl), >> SCMP_A1_32 (SCMP_CMP_EQ, F_GETFL)); >> --=20 >> 2.35.3 >>=20 >>=20 >>=20 >>=20 >>=20 From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 25 11:24:41 2025 Received: (at 77232) by debbugs.gnu.org; 25 Mar 2025 15:24:42 +0000 Received: from localhost ([127.0.0.1]:39655 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tx68v-0001tb-Iv for submit@debbugs.gnu.org; Tue, 25 Mar 2025 11:24:41 -0400 Received: from smtp-out1.suse.de ([2a07:de40:b251:101:10:150:64:1]:36876) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tx68r-0001tJ-Ca for 77232@debbugs.gnu.org; Tue, 25 Mar 2025 11:24:39 -0400 Received: from mydomainname.com (unknown [IPv6:2a07:de40:a101:3:21c:c0ff:fea4:1c14]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 229A3211AB; Tue, 25 Mar 2025 15:24:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1742916269; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=L1skkN6p1ORrDi2vL69BqqzMlv8Cs1Z3VGgCN5guUag=; b=uG/3kIupJosHsBGLG0sc7iZzMAbprxPptBui1vGAHaODbVXNDNtxwBOdL3mMqGnW9dURBi yuar35aeIjCLgrpdgK+tLyPKMIbAPmOX9YTyIBpm4zubKjD+Ox0tkjFC0y+2USWagDwHre N8CVZBDWg8IwYcYq39mDM6Vu3Sk6RXw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1742916269; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=L1skkN6p1ORrDi2vL69BqqzMlv8Cs1Z3VGgCN5guUag=; b=JnMnkB7uRiWdRMThCJnM5BlhVxWlPLquUeVjtbFdqhXITG1R1EIn/daD2LkC9YI0Qs8UKs kPXIyyyY4AoVHMCg== Authentication-Results: smtp-out1.suse.de; dkim=pass header.d=suse.de header.s=susede2_rsa header.b="uG/3kIup"; dkim=pass header.d=suse.de header.s=susede2_ed25519 header.b=JnMnkB7u DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1742916269; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=L1skkN6p1ORrDi2vL69BqqzMlv8Cs1Z3VGgCN5guUag=; b=uG/3kIupJosHsBGLG0sc7iZzMAbprxPptBui1vGAHaODbVXNDNtxwBOdL3mMqGnW9dURBi yuar35aeIjCLgrpdgK+tLyPKMIbAPmOX9YTyIBpm4zubKjD+Ox0tkjFC0y+2USWagDwHre N8CVZBDWg8IwYcYq39mDM6Vu3Sk6RXw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1742916269; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=L1skkN6p1ORrDi2vL69BqqzMlv8Cs1Z3VGgCN5guUag=; b=JnMnkB7uRiWdRMThCJnM5BlhVxWlPLquUeVjtbFdqhXITG1R1EIn/daD2LkC9YI0Qs8UKs kPXIyyyY4AoVHMCg== Received: from boole.nue2.suse.org (localhost [127.0.0.1]) by mydomainname.com (8.18.1/8.18.1/SUSE Linux 0.8) with ESMTPS id 52PFOQSd022072 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Tue, 25 Mar 2025 16:24:28 +0100 Received: (from werner@localhost) by boole.nue2.suse.org (8.18.1/8.18.1/Submit) id 52PFOQTP022071; Tue, 25 Mar 2025 16:24:26 +0100 Date: Tue, 25 Mar 2025 16:24:22 +0100 From: "Dr. Werner Fink" To: Philipp Stephani Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line Message-ID: References: <20250324085146.3152-1-werner@suse.de> <86a59afvmt.fsf@gnu.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="N71bsfT3FQk7NsCA" Content-Disposition: inline In-Reply-To: X-GPG-Fingerprint: 1B06 BF5A 3829 90FB CBA2 75BE 50E9 0D55 1DC1 6B2E X-MS-Reactions: disallow X-Spamd-Result: default: False [0.39 / 50.00]; BAYES_HAM(-3.00)[99.99%]; HFILTER_HOSTNAME_UNKNOWN(2.50)[]; RDNS_NONE(2.00)[]; SIGNED_PGP(-2.00)[]; SUSPICIOUS_RECIPS(1.50)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; FROM_NAME_HAS_TITLE(1.00)[dr]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; R_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MX_GOOD(-0.01)[]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; FREEMAIL_ENVRCPT(0.00)[gmail.com]; ARC_NA(0.00)[]; FREEMAIL_TO(0.00)[gmail.com]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FUZZY_BLOCKED(0.00)[rspamd.com]; RCVD_TLS_LAST(0.00)[]; DKIM_TRACE(0.00)[suse.de:+]; TO_DN_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; MISSING_XM_UA(0.00)[]; TAGGED_RCPT(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:dkim] X-Spam-Flag: NO X-Spamd-Bar: / X-Rspamd-Queue-Id: 229A3211AB X-Rspamd-Action: no action X-Rspamd-Server: rspamd1.dmz-prg2.suse.org X-Spam-Score: 0.39 X-Spam-Level: X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 77232 Cc: Philipp Stephani , 77232@debbugs.gnu.org, Eli Zaretskii X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --N71bsfT3FQk7NsCA Content-Type: text/plain; protected-headers=v1; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Date: Tue, 25 Mar 2025 16:24:22 +0100 From: "Dr. Werner Fink" To: Philipp Stephani Cc: Eli Zaretskii , Philipp Stephani , 77232@debbugs.gnu.org Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line On 2025/03/25 16:06:39 +0100, Philipp Stephani wrote: > >> #endif > >>=20 > >> +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e= 8ab55b85ee10fc1 */ > >> +#ifndef MAP_DROPPABLE > >> +#define MAP_DROPPABLE 0x0 >=20 > Shouldn't this be 0x08? At least that's how it's defined in mman.h. If the kernel does not know (means header does not know) we should not set an unknown flags as this will fail also (IMHO). Only if older header files are used in combination with newer kernel we would see the current behaviour. Werner --=20 "Having a smoking section in a restaurant is like having a peeing section in a swimming pool." -- Edward Burr --N71bsfT3FQk7NsCA Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJgBAABCABKFiEEGwa/WjgpkPvLonW+UOkNVR3Bay4FAmfiyqYsFIAAAAAAFQAO cGthLWFkZHJlc3NAZ251cGcub3Jnd2VybmVyQHN1c2UuZGUACgkQUOkNVR3Bay7x 5xAAmjZsHWA0xnEneO5F8rLkCgAMIMV7I8BQtSfaGSRHFrbShy1zxKRVVo4a8vJu e405kYU+WEiN4JDbrvhisVLJWnZMKr/id7nnJYugkz4wRHTp9pG8P39tdLe18bJD YdZ7jCBBmN1Vm0t4tdtALcufrcy+9IeYwcCxaH99Titb5CbxuGJGwVC63h1etoPy WZTXJVevXuvyW/uCoafqb8tcHaEqKQg+UegQPkpgEztcYdB5V5eOmSU0qSzwOEfB VxRtBUOSYiT6FVqJBRnx/4WyS2oOupNiAtIwSn6asn2c/NldE7yiD7yXBEAYeCqS E709oLw+lkjVlfa1SOnHsddF7owmVrQn6epAj2x4n5XKUB0QuQ43gAIfkhi9ZBNA UkEU0djZ5pn/hnUY/geP2wCBQHo6Qz8CCjKXVlbylDzmwT9FZpZrNSQW4Fzu96M+ aySNT3PS9kqWudfqOuUk4RS84cDqE/mqBaKp47k/9fPzGeQSIjkHHdGRDX7Ta4J5 1GDgjixTt5QNDt8xwa/dfb8a/URczgTh9GYb1W6mMK+fof1Q3vZkbxRgCbZ5uKK4 z27jOZoiD9oyXWohhZW4xOTmpG5CJAvHg4hrd0qBeLiHM835MoBf4o5KKnXV2ntO i9GXdRZosP9Y430IJSVj1mGVhuZNBcrCVxSsnZDMmMdklXg= =MvMz -----END PGP SIGNATURE----- --N71bsfT3FQk7NsCA-- From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 25 12:22:44 2025 Received: (at 77232) by debbugs.gnu.org; 25 Mar 2025 16:22:44 +0000 Received: from localhost ([127.0.0.1]:39756 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tx735-0004ud-W3 for submit@debbugs.gnu.org; Tue, 25 Mar 2025 12:22:44 -0400 Received: from mail-wm1-x32a.google.com ([2a00:1450:4864:20::32a]:38057) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tx732-0004uL-AS for 77232@debbugs.gnu.org; Tue, 25 Mar 2025 12:22:41 -0400 Received: by mail-wm1-x32a.google.com with SMTP id 5b1f17b1804b1-43cf7c2c351so3042655e9.0 for <77232@debbugs.gnu.org>; Tue, 25 Mar 2025 09:22:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1742919754; x=1743524554; darn=debbugs.gnu.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=p0SodrJu4O2O3YxdJ3k7iiDWMHicJWW96dsMTcMnEbo=; b=MVxI8+Sxcp1zWJcXVoBTi5CE/Gx/L0ntsFm/tAD++dD7kUmK5/1U39o9NIx6jwMZd5 U49daqhrtxHEAStdSzUkavomfaSnmcqJnopzWxyLba9XZlICWJByUxWTdACvdrtFBhlm P6ufLI6z8obltcY9Orot2QfqOBZ/RcccqajXALW42AeUHQjz2h2LJclYHizT9nXAYYGP IQFdgG0UXaTul5PY8i76Xga8XC/FkipLQ3NRG2++CPl7Evu030RGdZ1tD6Ncet02XUES qbViuVytp19t/h/8mF9XBNLVhiFPpnV05N9BG3OV725V2Bjw9IzggSI2gYg1NJ0BPs36 K+cQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1742919754; x=1743524554; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=p0SodrJu4O2O3YxdJ3k7iiDWMHicJWW96dsMTcMnEbo=; b=r/lOAsGMTJNyiglGzSjSw3xSSCVywElNH4Sd7P9oGiGtsQdzarV3qRlBy1FU2PUYzK CtzZ/TgAi/sGUrUZuDcydjs8xp58YFKSnAgvcJkTp2CsEREV/+X5roY8IUOz08WbZ3tP RkBzdyMJdzTrhTji1MvBlu0kzqsVQRvVK+rYtaWbzSzl0q8OlJyAC8V2kNWJKmThV7Je ZPHWsj23eeOZEl8JEu3LxzW3ccfMMnScIGwTxrVktA1k6hA/IMIHuaUr66uQUAEpg9u3 bsdxEXtS8RMOW+XiTzO4Q2/D43hCObLtz+OF2Kig6L+ikbBXYp8vIsLUSZu7xOlGIWUe bhzw== X-Forwarded-Encrypted: i=1; AJvYcCWHwszgynxCL78eDnfrYkiIinCxVAxkdfbMjBsqTr0yUJqJC6GYYVakzTzFs/EMHFEwsuNOtQ==@debbugs.gnu.org X-Gm-Message-State: AOJu0YzCf4GjVlwSu9VHwuhLiItEa8j5orK2euu6gSvk6rgm6KtTSkVY Dp9CciQzB6B5CaZeR3MMCmny8f76qjMDJ24GLJVurDDk0X9PzCCZl270FQ== X-Gm-Gg: ASbGncvnng/elcEApT1QNKg9jTWoFa4jTPgQo+vFx8MDFsVxxSVolQOUb6ZNGX7c3Mt WL15Jx9/Kowe6A8L64PU4AmbmHhsRV8bZDMcUge+JAh1Irvmi9FrdWBZ2vLqPh10LK9Tw1ajD16 gfQm0VV3qTPTOlMe4m1J/PYR/pNjXPOqcvWhZ/VHLXP3UfnDcKXT6SRiMweiaLvmjm9sU1AaCAc 37/bNnsTy0SeaX7ZtTxkFkpf9huHMi19yueV86b44nb7so2K4sIF94lUyRwsqIKYXxyhX/buqaM sj93uzqzmk/sx1HEjs2RGndgZMPvlNvs0rijpkrP4lQSO8IRJJMv+ae/sLdU9o6Bh5t9sLfp6CQ l5vtSbFwwSw== X-Google-Smtp-Source: AGHT+IFBxh9aLNaCZCnKml25RL0s5/BVCOMIyo/w95DDeoOwW1TR8wDhiI91ewlJvBk/Jwy3boO+eQ== X-Received: by 2002:a5d:47a2:0:b0:38a:615c:8266 with SMTP id ffacd0b85a97d-39ac7fcf284mr1204965f8f.1.1742919753603; Tue, 25 Mar 2025 09:22:33 -0700 (PDT) Received: from smtpclient.apple ([2001:a61:3af9:de01:2859:7d0b:e4ac:f9d8]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3997f9efe61sm14379062f8f.97.2025.03.25.09.22.32 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 25 Mar 2025 09:22:33 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.400.131.1.6\)) Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line From: Philipp Stephani In-Reply-To: Date: Tue, 25 Mar 2025 17:22:22 +0100 Content-Transfer-Encoding: quoted-printable Message-Id: <7E3713E8-E0F3-4B1A-8A00-D2E81557C191@gmail.com> References: <20250324085146.3152-1-werner@suse.de> <86a59afvmt.fsf@gnu.org> To: "Dr. Werner Fink" X-Mailer: Apple Mail (2.3826.400.131.1.6) X-Spam-Score: 0.3 (/) X-Debbugs-Envelope-To: 77232 Cc: 77232@debbugs.gnu.org, Eli Zaretskii X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) > Am 25.03.2025 um 16:24 schrieb Dr. Werner Fink : >=20 > On 2025/03/25 16:06:39 +0100, Philipp Stephani wrote: >>>> #endif >>>>=20 >>>> +/* = https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85= ee10fc1 */ >>>> +#ifndef MAP_DROPPABLE >>>> +#define MAP_DROPPABLE 0x0 >>=20 >> Shouldn't this be 0x08? At least that's how it's defined in mman.h. >=20 > If the kernel does not know (means header does not know) we should not > set an unknown flags as this will fail also (IMHO). > Only if older header files are used in combination with newer kernel > we would see the current behaviour. The code in question doesn't actually call mmap, it creates a syscall = filter that tests whether any unknown flags are set. Basically if ((flags & ~known_flags) !=3D 0) abort(); So putting something into known_flags that might not be known to the = kernel when Emacs is run is harmless. In fact, it's beneficial for the = case where the mman.h that's used when compiling seccomp-filter.c is = older than the kernel that will be used to run Emacs.= From debbugs-submit-bounces@debbugs.gnu.org Wed Mar 26 12:01:16 2025 Received: (at 77232) by debbugs.gnu.org; 26 Mar 2025 16:01:16 +0000 Received: from localhost ([127.0.0.1]:43999 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1txTBr-0006Wg-Lp for submit@debbugs.gnu.org; Wed, 26 Mar 2025 12:01:16 -0400 Received: from thaodan.de ([185.216.177.71]:50194) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1txTBk-0006WE-Oo for 77232@debbugs.gnu.org; Wed, 26 Mar 2025 12:01:13 -0400 Received: from odin (dsl-trebng12-50dc7b-49.dhcp.inet.fi [80.220.123.49]) by thaodan.de (Postfix) with ESMTPSA id D0A62D00050; Wed, 26 Mar 2025 18:01:01 +0200 (EET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=thaodan.de; s=mail; t=1743004861; bh=XBLv42o8eDpb+4RUCN+g56LfDXzM59KEZoafjesCQ9Y=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=H4E5Ve6t1SHvZnvt5swayb5IoZWXQnOMqQd7gFpNQWJXiFIBt7m1XTNPSP+erlbq2 /ViceqRR81PPsqDu1Bv9iXHY70AscQGNExKyWnNpt4gyZywFHcp5hRnObvJ6Ygu1e0 i8JRp9Cp52rs5AMZvb5rbZnsXDOwEM0fT8cx5g0b9kNwwcLPGFu1HFarOWZ+hT3Pmw 0slZ9c2QYPAop38r40dD9QV3pci1R30tLG9Knlc/1Y6QkZLDkWzkQm6JiwgCg+yeoP DYma9bec0DWvoTXRljA9AeMTNkfr9QUMdPDHJgNxebddg4H9W/IvFVEIcms6p6xkXm 5UZkyrg5DFHQ6m4gNH5IN7/s8iLLMFWtSycXBSgjfHdU6TuSSLBl10ILBDAexjvZax +4++RDxQXzGxkuFK7y4YbcKisQa0flJqtFkmSomXaZyUJSavbnhVnvAV1KwflXrnwW TZN6FxXtLsT0U7BxdMvrAI3k14VhW2PJfgsi746KVC0TTrXOQrjWkjy4jxw6FBpR3A DPTYIrkUVKQRlGp/4QkF+94dgRegJi8pn4Lt1FhsoA08Ii5Cr1wAihB/tfpQgAKovb e8P+FzHKaqNODG4YBT8nHB1aWdiZTYJS3SvDIshbwTiC4L7cy44f1Zr8CPQI80jvFa jXE0JOfre/Eg1/ier8GwUhe0= From: =?utf-8?Q?Bj=C3=B6rn?= Bidar To: Werner Fink Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line In-Reply-To: <20250324085146.3152-1-werner@suse.de> (Werner Fink's message of "Mon, 24 Mar 2025 09:51:47 +0100") References: <20250324085146.3152-1-werner@suse.de> Autocrypt: addr=bjorn.bidar@thaodan.de; prefer-encrypt=nopreference; keydata= mDMEZNfpPhYJKwYBBAHaRw8BAQdACBEmr+0xwIIHZfIDlZmm7sa+lHHSb0g9FZrN6qE6ru60JUJq w7ZybiBCaWRhciA8Ympvcm4uYmlkYXJAdGhhb2Rhbi5kZT6IlgQTFgoAPgIbAwULCQgHAgIiAgYV CgkICwIEFgIDAQIeBwIXgBYhBFHxdut1RzAepymoq1wbdKFlHF9oBQJk1/YmAhkBAAoJEFwbdKFl HF9oB9cBAJoIIGQKXm4cpap+Flxc/EGnYl0123lcEyzuduqvlDT0AQC3OlFKm/OiqJ8IMTrzJRZ8 phFssTkSrrFXnM2jm5PYDoiTBBMWCgA7FiEEUfF263VHMB6nKairXBt0oWUcX2gFAmTX6T4CGwMF CwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQXBt0oWUcX2hbCQEAtru7kvM8hi8zo6z9ux2h K+B5xViKuo7Z8K3IXuK5ugwA+wUfKzomzdBPhfxDsqLcEziGRxoyx0Q3ld9aermBUccHtBxCasO2 cm4gQmlkYXIgPG1lQHRoYW9kYW4uZGU+iJMEExYKADsCGwMFCwkIBwICIgIGFQoJCAsCBBYCAwEC HgcCF4AWIQRR8XbrdUcwHqcpqKtcG3ShZRxfaAUCZNf2FQAKCRBcG3ShZRxfaCzSAP4hZ7cSp0YN XYpcjHdsySh2MuBhhoPeLGXs+2kSiqBiOwD/TP8AgPEg/R+SI9GI9on7fBJJ0mp2IT8kZ2rhDOjg gA6IkwQTFgoAOxYhBFHxdut1RzAepymoq1wbdKFlHF9oBQJk1+ntAhsDBQsJCAcCAiICBhUKCQgL AgQWAgMBAh4HAheAAAoJEFwbdKFlHF9oBgwA/iQHwe0VL4Df4GGTYlNjMSHFlIkBmN4UfYGLYj3E TrOUAQC51M+M3cjsL8WHdpBz6VAo6df9d+rVwhQ9vQuFHqevArg4BGTX6T4SCisGAQQBl1UBBQEB B0Cbohc3JEfn005/cm0AOGjSsW1ZxAkgaoVNjbpqk4MgNAMBCAeIeAQYFgoAIBYhBFHxdut1RzAe pymoq1wbdKFlHF9oBQJk1+k+AhsMAAoJEFwbdKFlHF9ooHABAKGmrGBic/Vys3BBrOQiRB3Z7izO HwhqTRpAqFZtXS2nAQDZhp/5aYw1TZjTzkm1KVt9QiYnjd/MvxRE9iaY6x4mDbgzBGTX6T4WCSsG AQQB2kcPAQEHQAgRJq/tMcCCB2XyA5WZpu7GvpRx0m9IPRWazeqhOq7uiO8EGBYKACAWIQRR8Xbr dUcwHqcpqKtcG3ShZRxfaAUCZNf71AIbIgCBCRBcG3ShZRxfaHYgBBkWCgAdFiEEUfF263VHMB6n KairXBt0oWUcX2gFAmTX+9QACgkQXBt0oWUcX2jeSwD6AtWn0cuo8IF35YRo4o3cDRJnUfJnbvJy GxyCDThR+zYBAKG6/jdwmZkBQZKslnDAbMMd2WfiZZT5JW3IWC4EaKMO7HkBAKYPGZ3UbfkRvfFK S+pQ9CgtNfkSJQBtT1Ob7Y6nsacgAQCpyXN7yppmhW/oBgivITPy9Lkg+V4NK9WZYZCU9Q7LBA== Date: Wed, 26 Mar 2025 18:00:59 +0200 Message-ID: <87wmcbaiis.fsf@> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 1.2 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Werner Fink writes: > as well as support mmap(2) flag MAP_DROPPABLE to allow > zero memory under memory pressure on newer Linux systems. > > Otherwise a `make -k check` fails here in our build environment > with newer ke [...] Content analysis details: (1.2 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [185.216.177.71 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [185.216.177.71 listed in bl.score.senderscore.com] 1.2 INVALID_MSGID Message-Id is not valid, according to RFC 2822 X-Debbugs-Envelope-To: 77232 Cc: 77232@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.2 (/) Werner Fink writes: > as well as support mmap(2) flag MAP_DROPPABLE to allow > zero memory under memory pressure on newer Linux systems. > > Otherwise a `make -k check` fails here in our build environment > with newer kernels and with /dev/console as physical device. > > Signed-off-by: Werner Fink > --- > lib-src/seccomp-filter.c | 19 ++++++++++++++++++- > 1 file changed, 18 insertions(+), 1 deletion(-) > > diff --git lib-src/seccomp-filter.c lib-src/seccomp-filter.c > index d6421f0ebdb..4dda7d8f020 100644 > --- lib-src/seccomp-filter.c > +++ lib-src/seccomp-filter.c > @@ -42,6 +42,9 @@ variants of those files that can be used to sandbox Emacs before > #include > #include > #include > +/* glibc uses internal an other TCGETS ioctl for its > + tcgetattr(3) call with its internal struct termios */ > +#include > #include > > #include > @@ -64,6 +67,11 @@ variants of those files that can be used to sandbox Emacs before > #define ARCH_CET_STATUS 0x3001 > #endif > > +/* > https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 > */ Nit pick could you link to kernel.org instead? The replacement link would be: https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 From debbugs-submit-bounces@debbugs.gnu.org Sat Apr 05 04:43:56 2025 Received: (at 77232) by debbugs.gnu.org; 5 Apr 2025 08:43:56 +0000 Received: from localhost ([127.0.0.1]:41451 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1u0z87-0005K5-Ve for submit@debbugs.gnu.org; Sat, 05 Apr 2025 04:43:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39330) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1u0z85-0005Jp-78 for 77232@debbugs.gnu.org; Sat, 05 Apr 2025 04:43:53 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1u0z7y-0004Z5-EL; Sat, 05 Apr 2025 04:43:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=v4G5BwuVX2J0jwu0y7d0LaahbFSzidGLWIBT2Ic9w14=; b=j6/UPr/rhFDv 5ByRuH/rUExqIcqhDU2FEPihZLkNT7IjRZ+pU1FmEVOKXPAAGRzp09OiCY6GBhA4MY+PuFA2Vzsa8 6QWbcso3lua/tVQDWQ76YF0xkPqOsoazxR5RKxHX98kNceLZz1v7g6oY9LKYfs5CkU8duyfW0J1ZT BEU9Os9AnYPESA80q+eqxJyR6Q0bl6fnk1DXZb2MS+xbmkmkzcHH0dPFgcSTajceQd2Bn2tY2YVZH Y5LzP/CUKmysRyxqFwzkqDMbq2Z2WOt/YrOiAXn+JObhhzHuL0cm1KbKJkVHpyYaq6qs6ytLUYlQa lRdnkLogB4EiCJtdRjff+A==; Date: Sat, 05 Apr 2025 11:43:40 +0300 Message-Id: <865xjjxakj.fsf@gnu.org> From: Eli Zaretskii To: Philipp Stephani In-Reply-To: <7E3713E8-E0F3-4B1A-8A00-D2E81557C191@gmail.com> (message from Philipp Stephani on Tue, 25 Mar 2025 17:22:22 +0100) Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line References: <20250324085146.3152-1-werner@suse.de> <86a59afvmt.fsf@gnu.org> <7E3713E8-E0F3-4B1A-8A00-D2E81557C191@gmail.com> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 77232 Cc: 77232@debbugs.gnu.org, werner@suse.de X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Ping! Werner, do you plan on submitting a modified patch? > From: Philipp Stephani > Date: Tue, 25 Mar 2025 17:22:22 +0100 > Cc: Eli Zaretskii , > 77232@debbugs.gnu.org > > > > > Am 25.03.2025 um 16:24 schrieb Dr. Werner Fink : > > > > On 2025/03/25 16:06:39 +0100, Philipp Stephani wrote: > >>>> #endif > >>>> > >>>> +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */ > >>>> +#ifndef MAP_DROPPABLE > >>>> +#define MAP_DROPPABLE 0x0 > >> > >> Shouldn't this be 0x08? At least that's how it's defined in mman.h. > > > > If the kernel does not know (means header does not know) we should not > > set an unknown flags as this will fail also (IMHO). > > Only if older header files are used in combination with newer kernel > > we would see the current behaviour. > > The code in question doesn't actually call mmap, it creates a syscall filter that tests whether any unknown flags are set. Basically > if ((flags & ~known_flags) != 0) abort(); > So putting something into known_flags that might not be known to the kernel when Emacs is run is harmless. In fact, it's beneficial for the case where the mman.h that's used when compiling seccomp-filter.c is older than the kernel that will be used to run Emacs. From debbugs-submit-bounces@debbugs.gnu.org Mon Apr 07 07:51:27 2025 Received: (at 77232) by debbugs.gnu.org; 7 Apr 2025 11:51:27 +0000 Received: from localhost ([127.0.0.1]:53137 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1u1l0g-0006Vw-Ke for submit@debbugs.gnu.org; Mon, 07 Apr 2025 07:51:27 -0400 Received: from smtp-out2.suse.de ([2a07:de40:b251:101:10:150:64:2]:60708) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1u1l0d-0006V9-Ah for 77232@debbugs.gnu.org; Mon, 07 Apr 2025 07:51:24 -0400 Received: from mydomainname.com (unknown [IPv6:2a07:de40:a101:3:21c:c0ff:fea4:1c14]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id BA9AA1F388; Mon, 7 Apr 2025 11:51:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1744026674; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=RphyxT0dYe7SqCsWYvHx2V4CzraL5FylwvUB6nIr968=; b=u0V4b5Bao6SEC9lNx/lDLz96bvcZGLMoc9weT4+mG51mMOr+ol/2K3w95/EKPqDQr5v4bi jB5nh4FsR+MSG1ZQJCmvhh0ea38Jb7IO9CN6bic+0uG/shBoAWtgw7yzPvB0LLsQOexJ/u 0iztnWdyyXap7AWgezapSNnbb6ncPoM= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1744026674; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=RphyxT0dYe7SqCsWYvHx2V4CzraL5FylwvUB6nIr968=; b=pKooPzv7Ua+PoJuufosG6sqGrWXACOCG2E520U6bJk3eIdrnPCxRjO8RBMq44WjpkpFvFk eaJ78BGAeDXfImCg== Authentication-Results: smtp-out2.suse.de; dkim=pass header.d=suse.de header.s=susede2_rsa header.b=u0V4b5Ba; dkim=pass header.d=suse.de header.s=susede2_ed25519 header.b=pKooPzv7 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1744026674; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=RphyxT0dYe7SqCsWYvHx2V4CzraL5FylwvUB6nIr968=; b=u0V4b5Bao6SEC9lNx/lDLz96bvcZGLMoc9weT4+mG51mMOr+ol/2K3w95/EKPqDQr5v4bi jB5nh4FsR+MSG1ZQJCmvhh0ea38Jb7IO9CN6bic+0uG/shBoAWtgw7yzPvB0LLsQOexJ/u 0iztnWdyyXap7AWgezapSNnbb6ncPoM= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1744026674; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=RphyxT0dYe7SqCsWYvHx2V4CzraL5FylwvUB6nIr968=; b=pKooPzv7Ua+PoJuufosG6sqGrWXACOCG2E520U6bJk3eIdrnPCxRjO8RBMq44WjpkpFvFk eaJ78BGAeDXfImCg== Received: from boole.nue2.suse.org (localhost [127.0.0.1]) by mydomainname.com (8.18.1/8.18.1/SUSE Linux 0.8) with ESMTPS id 537BpC0h032337 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 7 Apr 2025 13:51:14 +0200 Received: (from werner@localhost) by boole.nue2.suse.org (8.18.1/8.18.1/Submit) id 537BpCu4032336; Mon, 7 Apr 2025 13:51:12 +0200 Date: Mon, 7 Apr 2025 13:51:07 +0200 From: "Dr. Werner Fink" To: Eli Zaretskii Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line Message-ID: References: <20250324085146.3152-1-werner@suse.de> <86a59afvmt.fsf@gnu.org> <7E3713E8-E0F3-4B1A-8A00-D2E81557C191@gmail.com> <865xjjxakj.fsf@gnu.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="xef98d1+nQ+fA4g6" Content-Disposition: inline In-Reply-To: <865xjjxakj.fsf@gnu.org> X-GPG-Fingerprint: 1B06 BF5A 3829 90FB CBA2 75BE 50E9 0D55 1DC1 6B2E X-MS-Reactions: disallow X-Rspamd-Queue-Id: BA9AA1F388 X-Spam-Score: -1.11 X-Rspamd-Action: no action X-Spamd-Result: default: False [-1.11 / 50.00]; BAYES_HAM(-3.00)[100.00%]; HFILTER_HOSTNAME_UNKNOWN(2.50)[]; SIGNED_PGP(-2.00)[]; RDNS_NONE(2.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; FROM_NAME_HAS_TITLE(1.00)[dr]; R_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain,text/x-patch]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MX_GOOD(-0.01)[]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; RCVD_TLS_LAST(0.00)[]; FUZZY_BLOCKED(0.00)[rspamd.com]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:+,4:~]; FREEMAIL_ENVRCPT(0.00)[gmail.com]; DKIM_TRACE(0.00)[suse.de:+]; HAS_ATTACHMENT(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_HAS_DN(0.00)[]; FREEMAIL_CC(0.00)[gmail.com,debbugs.gnu.org]; TAGGED_RCPT(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; MISSING_XM_UA(0.00)[]; TO_DN_SOME(0.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:email,suse.de:dkim,gnu.org:email] X-Rspamd-Server: rspamd1.dmz-prg2.suse.org X-Spam-Flag: NO X-Spam-Level: X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 77232 Cc: 77232@debbugs.gnu.org, Philipp Stephani X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) --xef98d1+nQ+fA4g6 Content-Type: multipart/mixed; protected-headers=v1; boundary="H262eUqN6QMi9u+L" Content-Disposition: inline Date: Mon, 7 Apr 2025 13:51:07 +0200 From: "Dr. Werner Fink" To: Eli Zaretskii Cc: Philipp Stephani , 77232@debbugs.gnu.org Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line --H262eUqN6QMi9u+L Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2025/04/05 11:43:40 +0300, Eli Zaretskii wrote: > Ping! Werner, do you plan on submitting a modified patch? What is about the attacheds patch ... here I go with the latest manual page ioctl_tty(2) as well if the macro MAP_DROPPABLE is not defined then the value 0x08 is used. > > From: Philipp Stephani > > Date: Tue, 25 Mar 2025 17:22:22 +0100 > > Cc: Eli Zaretskii , > > 77232@debbugs.gnu.org > >=20 > >=20 > >=20 > > > Am 25.03.2025 um 16:24 schrieb Dr. Werner Fink : > > >=20 > > > On 2025/03/25 16:06:39 +0100, Philipp Stephani wrote: > > >>>> #endif > > >>>>=20 > > >>>> +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab= 179e8ab55b85ee10fc1 */ > > >>>> +#ifndef MAP_DROPPABLE > > >>>> +#define MAP_DROPPABLE 0x0 > > >>=20 > > >> Shouldn't this be 0x08? At least that's how it's defined in mman.h. > > >=20 > > > If the kernel does not know (means header does not know) we should not > > > set an unknown flags as this will fail also (IMHO). > > > Only if older header files are used in combination with newer kernel > > > we would see the current behaviour. > >=20 > > The code in question doesn't actually call mmap, it creates a syscall f= ilter that tests whether any unknown flags are set. Basically > > if ((flags & ~known_flags) !=3D 0) abort(); > > So putting something into known_flags that might not be known to the ke= rnel when Emacs is run is harmless. In fact, it's beneficial for the case = where the mman.h that's used when compiling seccomp-filter.c is older than = the kernel that will be used to run Emacs. Werner --=20 "Having a smoking section in a restaurant is like having a peeing section in a swimming pool." -- Edward Burr --H262eUqN6QMi9u+L Content-Type: text/x-patch; charset=utf-8 Content-Disposition: attachment; filename="emacs-30.1-seccomp.patch" Content-Transfer-Encoding: quoted-printable Allow also to get attributes of the terminal line as well as support mmap(2) flag MAP_DROPPABLE to allow zero memory under memory pressure. --- lib-src/seccomp-filter.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) --- lib-src/seccomp-filter.c +++ lib-src/seccomp-filter.c 2025-03-19 12:29:10.689765873 +0000 @@ -42,6 +42,7 @@ variants of those files that can be used #include #include #include +#include /* mandatory accordingly to latest ioctl_tty(2)= */ #include =20 #include @@ -64,6 +71,11 @@ variants of those files that can be used #define ARCH_CET_STATUS 0x3001 #endif =20 +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55= b85ee10fc1 */ +#ifndef MAP_DROPPABLE +#define MAP_DROPPABLE 0x08 +#endif + static ATTRIBUTE_FORMAT_PRINTF (2, 3) _Noreturn void fail (int error, const char *format, ...) { @@ -187,7 +199,7 @@ main (int argc, char **argv) some versions of the dynamic loader still use it. Also allow allocating thread stacks. */ SCMP_A3_32 (SCMP_CMP_MASKED_EQ, - ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE + ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE | MAP_DROPPABLE | MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE | MAP_STACK | MAP_NORESERVE), 0)); @@ -274,6 +286,11 @@ main (int argc, char **argv) SCMP_A0_32 (SCMP_CMP_EQ, STDIN_FILENO), SCMP_A1_32 (SCMP_CMP_EQ, TIOCGPGRP)); =20 + /* Allow `tcgetattr' call of glibc on physical terminal devices. */ + RULE (SCMP_ACT_ALLOW, SCMP_SYS (ioctl), + SCMP_A0_32 (SCMP_CMP_EQ, STDERR_FILENO), + SCMP_A1_32 (SCMP_CMP_EQ, TCGETS)); + /* Allow reading (but not setting) file flags. */ RULE (SCMP_ACT_ALLOW, SCMP_SYS (fcntl), SCMP_A1_32 (SCMP_CMP_EQ, F_GETFL)); --H262eUqN6QMi9u+L-- --xef98d1+nQ+fA4g6 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJgBAABCABKFiEEGwa/WjgpkPvLonW+UOkNVR3Bay4FAmfzvCwsFIAAAAAAFQAO cGthLWFkZHJlc3NAZ251cGcub3Jnd2VybmVyQHN1c2UuZGUACgkQUOkNVR3Bay6T qA//VPHXKuuvNDjr8g8u/1cYn3u/YQVysfsz5wOPqjdKBjxBTaFi+SZly+ASfw1k 6sq+BaIspdTZdlPoT0WN9uljr2K7P4gwj62bM4okI0F6Lyrq3cl/DVVlVNwHi4vj /d+iNxs0k+EyEwKiwBUtZ4L1MC0PBxCs5Gx2jmjLI/kxhNTe1WzuAkJgv3XKm621 mSJYiK5dZAfTqQEsK9zTi4NK+ywAc7DDI1os3c74LTB6Zc6CvLj3RhguR9GnNLiU kRbt0KaG3tV7OZVvVGWhblqRwRZFK0B568DYMbqWZ4YDYl4Qnh8snnPZneQXqy5o 6lbYByHWXobAkBoWKt6gKefoY1UOT1trySo5S7QjBS2Alv3B1qiqLToJyRUtXFgG u7kwtFgExpXtz1q+HchryfEtBrRJhK2kVW1q/kZX3t2/meto0q53ec5csCW6vgoK YLoqwziFbPLg52M495qDcR31CMPKoULtYfxBjRidvlBIxmdF8lu4vh4MfN29LXMm I/rIeBI/kUJ18w6csVB51eU+rXAO3byWJbpEH8rOMpCu8TiqPXxqYpqRL2lG1MnF PFo6BzCTUVyentKH/HomJN7/8IPA8imrXRDbI1Ig+bnM1cpV5XCrCxipcOJsnkrN GQBOZYVj25jvsufQoeRJPAJxhwSQ3oe8bH0rnmD88LC2VNk= =I0Qp -----END PGP SIGNATURE----- --xef98d1+nQ+fA4g6-- From debbugs-submit-bounces@debbugs.gnu.org Sat Apr 19 09:56:05 2025 Received: (at 77232) by debbugs.gnu.org; 19 Apr 2025 13:56:06 +0000 Received: from localhost ([127.0.0.1]:60492 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1u68fr-0005oz-9U for submit@debbugs.gnu.org; Sat, 19 Apr 2025 09:56:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:54888) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1u68fZ-0005mE-JJ for 77232@debbugs.gnu.org; Sat, 19 Apr 2025 09:55:59 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1u68fU-0002Ln-1d; Sat, 19 Apr 2025 09:55:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=LUaCVP95trpyg0eGcr3BubCCxvJddPaXiNHkhilhQNQ=; b=SUrMgsnDRhoO n4N17BpIgduXXzwvL9h+RdhU7z2ZnY6DhsHOV1AXNzTqeW+n4MEnqswF1x51bCpwNC9kerNvkhFcI H8w72VqOYX8w6aZ8k41P+TQSUqey3h35iuVR9WWbTvmtY8XS6bnn5BmmXu7sLDMZXZSn8AeTueDz6 x63CHTmfO4kXVd4qfX7E2bblFbEh5yo5iSS3rcIJ3ovW0aaAhHhOKkU30rUKWyMKZKg4JSuhOkCy7 /CW69cssF59yovxUAZaBtZa/+2p0yPIa1Ke4hQmzYNlq99jVu24JTmG66eVS6a2GDraAr7DQkru5x DlbKnQdXvuRTFfYv8da5Vw==; Date: Sat, 19 Apr 2025 16:55:38 +0300 Message-Id: <867c3g8dd1.fsf@gnu.org> From: Eli Zaretskii To: p.stephani2@gmail.com, "Dr. Werner Fink" In-Reply-To: (werner@suse.de) Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line References: <20250324085146.3152-1-werner@suse.de> <86a59afvmt.fsf@gnu.org> <7E3713E8-E0F3-4B1A-8A00-D2E81557C191@gmail.com> <865xjjxakj.fsf@gnu.org> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 77232 Cc: 77232@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Ping! Philipp, any further comments? Should we install this? > Date: Mon, 7 Apr 2025 13:51:07 +0200 > From: "Dr. Werner Fink" > Cc: Philipp Stephani , 77232@debbugs.gnu.org > > > On 2025/04/05 11:43:40 +0300, Eli Zaretskii wrote: > > Ping! Werner, do you plan on submitting a modified patch? > > What is about the attacheds patch ... here I go with the > latest manual page ioctl_tty(2) as well if the macro > MAP_DROPPABLE is not defined then the value 0x08 is > used. From debbugs-submit-bounces@debbugs.gnu.org Sat Apr 19 10:42:33 2025 Received: (at 77232) by debbugs.gnu.org; 19 Apr 2025 14:42:34 +0000 Received: from localhost ([127.0.0.1]:35170 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1u69Oo-0002yf-NW for submit@debbugs.gnu.org; Sat, 19 Apr 2025 10:42:33 -0400 Received: from mail-ed1-x530.google.com ([2a00:1450:4864:20::530]:40405) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1u69Og-0002wr-Od for 77232@debbugs.gnu.org; Sat, 19 Apr 2025 10:42:26 -0400 Received: by mail-ed1-x530.google.com with SMTP id 4fb4d7f45d1cf-5e61a18c05aso373872a12.1 for <77232@debbugs.gnu.org>; Sat, 19 Apr 2025 07:42:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1745073736; x=1745678536; darn=debbugs.gnu.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=ShGBB/yOZw+ABFKpeau3hppZiKxzpMRIUjOjQfLErfc=; b=IDiLpm6eOJz9cTGUy5copopUtfNyuHC98Hkavx/F4c4vJU6wt9twqs4LfemPKNAY5z I+g0H7d30Icpk7rVr6EenuWWYEEsJaaudDzKZ8XTSfuV9nP71qJIJvC7OdxawAsD5zuM az+rQnyZr61uHzkVGWkMx+efjquqOE6OmNg9cNqPe87bbxwISa24+oQUrAf6kjShnu/G 3LrjZn6yk8i4mMjGghoWfL+3spfOqVmt4C6fOobIBNNrn3fbJ8dZf289/tyxDn0VC9NJ 0Hf7zipfvksB+c/XPLDquYOCq9ps4PekrMvS3ITd0Nmj1Rj1HMB8Ys0RGu2HCY0UGU5z X/HA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745073736; x=1745678536; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ShGBB/yOZw+ABFKpeau3hppZiKxzpMRIUjOjQfLErfc=; b=m6bL1zwjmUIuMDht5MANfoR8Rh6ti4xYuSHntDw+AeQPMcHQ4Yk4wHESx89w9uPBKK xqQVX13tLpSafynL81TlTmYaA1rpdheLdkS5/WGnQdmzlfCh8vF5ImxW45fIN1ARrp/y c0IRFGJX9cog1NOoW6kL2fQ+2kxrwgoH0npRM2jvOYtaoQzgBwgN2A4A2gfFjhK1tDlq Djbb9ZvuIwCULNSmIBfN7RsRLSQBN9LP29GxYsmnHf9dA1JY9MVoQmv15oeUln3qL105 zThovM5QOG4vbtylIN8jp682RVGF2LKMXRgSJu9QqTlZX2C0OezE6qkUJ80HSLC4ju3m aFJQ== X-Forwarded-Encrypted: i=1; AJvYcCWqu+eG+KCVZVzLs2Qf6490eJ+7MlHCwXaNdxRghlgpBwo3Ek/m/d3k7kkuDKyNJggqFsdLtg==@debbugs.gnu.org X-Gm-Message-State: AOJu0YyW9UY2QGElEV/4q033pI1hLdTdIA/zUrTy1p0PEZLTAD5coNC9 p7kmr5yAgmjXOfuYuRAdNr/qks6ZIbmeU2Cw9e4TanmES5kd/VFI X-Gm-Gg: ASbGnctqirrEcVgGlcFC+lfINC7IHcbjQYa78L/lYiks3Ggv/Omcb6EPYK+DSGSwSYv Zs2jLO8iwNIwLOJgFdeo6KWGNLy2BUnJCyNVK8JCa7GN/+oYGILClT9rulBn0JFj54rVvQsp1MQ Lr0wcWI6NdIceTejr/SUHf052lL5KGtDlDzzyV61+HrFjAffBAaMByXEkCx5/7doFoS/t5Ex+MS J4DywSnQ7Mkesb0Ldp1DexDytl7ecnndPgTI1bJdDJY2N0lGxwGTu0+wfF8HBA33+HS/FF/sEvH lthbYofMk6LJ8PIYGNpsVJbd9ghMVNB7RV0z9Z2gkFnU5Kqxv/t81KDdPjHnKw0VftLrfA== X-Google-Smtp-Source: AGHT+IFwobd/ZwMyN0n57B/T0qBod/AtvEU5RAOvDq4IZkW0j52wA4q8/PAt4MtT8upuoUg1ddvPgA== X-Received: by 2002:a17:907:3e92:b0:acb:beb:e5df with SMTP id a640c23a62f3a-acb74745ea4mr160830966b.0.1745073735772; Sat, 19 Apr 2025 07:42:15 -0700 (PDT) Received: from smtpclient.apple ([2001:a61:3a7b:4401:707b:223f:676:c447]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-acb6ec0c64csm277609966b.13.2025.04.19.07.42.14 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 19 Apr 2025 07:42:15 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.500.181.1.5\)) Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line From: Philipp Stephani In-Reply-To: <867c3g8dd1.fsf@gnu.org> Date: Sat, 19 Apr 2025 16:42:04 +0200 Content-Transfer-Encoding: 7bit Message-Id: References: <20250324085146.3152-1-werner@suse.de> <86a59afvmt.fsf@gnu.org> <7E3713E8-E0F3-4B1A-8A00-D2E81557C191@gmail.com> <865xjjxakj.fsf@gnu.org> <867c3g8dd1.fsf@gnu.org> To: Eli Zaretskii X-Mailer: Apple Mail (2.3826.500.181.1.5) X-Spam-Score: 0.3 (/) X-Debbugs-Envelope-To: 77232 Cc: 77232@debbugs.gnu.org, "Dr. Werner Fink" X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) > Am 19.04.2025 um 15:55 schrieb Eli Zaretskii : > > Ping! Philipp, any further comments? Should we install this? Yeah, looks good > >> Date: Mon, 7 Apr 2025 13:51:07 +0200 >> From: "Dr. Werner Fink" >> Cc: Philipp Stephani , 77232@debbugs.gnu.org >> >> >> On 2025/04/05 11:43:40 +0300, Eli Zaretskii wrote: >>> Ping! Werner, do you plan on submitting a modified patch? >> >> What is about the attacheds patch ... here I go with the >> latest manual page ioctl_tty(2) as well if the macro >> MAP_DROPPABLE is not defined then the value 0x08 is >> used. From debbugs-submit-bounces@debbugs.gnu.org Sat Apr 19 11:12:28 2025 Received: (at 77232-done) by debbugs.gnu.org; 19 Apr 2025 15:12:28 +0000 Received: from localhost ([127.0.0.1]:35388 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1u69rn-0006HL-O4 for submit@debbugs.gnu.org; Sat, 19 Apr 2025 11:12:28 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60612) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1u69ri-0006GV-58 for 77232-done@debbugs.gnu.org; Sat, 19 Apr 2025 11:12:24 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1u69rc-0003LC-3o; Sat, 19 Apr 2025 11:12:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=k6Zif8bpV4ByjDyYSJ8f9PYrZuoaksUri1mIf7uJBzg=; b=Dvc57m23V0oc sgtf2xLr5ZvmXUGnj847vSYugUUZ6YrYyjiULeJv7pBddlnhYEYVJIinGoF+XWqluNYTP2NWNb9FF vRLOxy/f6oGQfZyu0s7NQ1Hvl8Q3bSFggoeJXQIMiBq2X8zqzl+c8UZvpgfAOmqZ7jVmuhY+zDNo5 YSzM6DqsO+zoadZdKK5wVY+ptmoxYUqT9tePgntlkW3aOHscP4Kfz5otIH8vf6HWKyjgCs5piuFBD lupJVxRzLUnXNmsBuzSiAzDihv3ejxrbUd+UQTb36CIQghx55LaUHX6jB4CeiAMlLC1h7VsFuTiW2 V/tcLR8O68rnBh4MQr37IQ==; Date: Sat, 19 Apr 2025 18:12:13 +0300 Message-Id: <86wmbg6v8y.fsf@gnu.org> From: Eli Zaretskii To: Philipp Stephani In-Reply-To: (message from Philipp Stephani on Sat, 19 Apr 2025 16:42:04 +0200) Subject: Re: bug#77232: [PATCH] Allow also to get attributes of the terminal line References: <20250324085146.3152-1-werner@suse.de> <86a59afvmt.fsf@gnu.org> <7E3713E8-E0F3-4B1A-8A00-D2E81557C191@gmail.com> <865xjjxakj.fsf@gnu.org> <867c3g8dd1.fsf@gnu.org> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 77232-done Cc: 77232-done@debbugs.gnu.org, werner@suse.de X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > From: Philipp Stephani > Date: Sat, 19 Apr 2025 16:42:04 +0200 > Cc: "Dr. Werner Fink" , > 77232@debbugs.gnu.org > > > > > Am 19.04.2025 um 15:55 schrieb Eli Zaretskii : > > > > Ping! Philipp, any further comments? Should we install this? > > Yeah, looks good Thanks, installed on the master branch, and closing the bug. From unknown Wed Jun 18 00:26:54 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Sun, 18 May 2025 11:24:10 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator