From bca17d16ca0dabbe1b533bb78f367d64e076fe73 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Thu, 14 Jul 2022 21:18:15 -0700 Subject: syscall: add CgroupFD support for ForkExec on Linux Implement CLONE_INTO_CGROUP feature, allowing to put a child in a specified cgroup in a clean and simple way. Note that the feature only works for cgroup v2, and requires Linux kernel 5.7 or newer. Using the feature requires a new syscall, clone3. Currently this is the only reason to use clone3, but the code is structured in a way so that other cases may be easily added in the future. Add a test case. While at it, try to simplify the syscall calling code in forkAndExecInChild1, which became complicated over time because: 1. It was using either rawVforkSyscall or RawSyscall6 depending on whether CLONE_NEWUSER was set. 2. On Linux/s390, the first two arguments to clone(2) system call are swapped (which deserved a mention in Linux ABI hall of shame). It was worked around in rawVforkSyscall on s390, but had to be implemented via a switch/case when using RawSyscall6, making the code less clear. Let's - modify rawVforkSyscall to have two arguments (which is also required for clone3); - remove the arguments workaround from s390 asm, instead implementing arguments swap in the caller (which still looks ugly but at least it's done once and is clearly documented now); - use rawVforkSyscall for all cases (since it is essentially similar to RawSyscall6, except for having less parameters, not returning r2, and saving/restoring the return address before/after syscall on 386 and amd64). Updates #51246. Change-Id: Ifcd418ebead9257177338ffbcccd0bdecb94474e Reviewed-on: https://go-review.googlesource.com/c/go/+/417695 Auto-Submit: Ian Lance Taylor Reviewed-by: Michael Knyszek Reviewed-by: Ian Lance Taylor Run-TryBot: Ian Lance Taylor Run-TryBot: Kirill Kolyshkin TryBot-Result: Gopher Robot --- src/syscall/asm_linux_386.s | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'src/syscall/asm_linux_386.s') diff --git a/src/syscall/asm_linux_386.s b/src/syscall/asm_linux_386.s index e86a859f4e..a8e63f7079 100644 --- a/src/syscall/asm_linux_386.s +++ b/src/syscall/asm_linux_386.s @@ -13,24 +13,24 @@ // instead of the glibc-specific "CALL 0x10(GS)". #define INVOKE_SYSCALL INT $0x80 -// func rawVforkSyscall(trap, a1 uintptr) (r1, err uintptr) -TEXT ·rawVforkSyscall(SB),NOSPLIT|NOFRAME,$0-16 +// func rawVforkSyscall(trap, a1, a2 uintptr) (r1, err uintptr) +TEXT ·rawVforkSyscall(SB),NOSPLIT|NOFRAME,$0-20 MOVL trap+0(FP), AX // syscall entry MOVL a1+4(FP), BX - MOVL $0, CX + MOVL a2+8(FP), CX MOVL $0, DX POPL SI // preserve return address INVOKE_SYSCALL PUSHL SI CMPL AX, $0xfffff001 JLS ok - MOVL $-1, r1+8(FP) + MOVL $-1, r1+12(FP) NEGL AX - MOVL AX, err+12(FP) + MOVL AX, err+16(FP) RET ok: - MOVL AX, r1+8(FP) - MOVL $0, err+12(FP) + MOVL AX, r1+12(FP) + MOVL $0, err+16(FP) RET // func rawSyscallNoError(trap uintptr, a1, a2, a3 uintptr) (r1, r2 uintptr); -- cgit v1.3-5-g9baa