This change adds two new methods for invoking system calls
under Linux: syscall.AllThreadsSyscall() and
syscall.AllThreadsSyscall6().
These system call wrappers ensure that all OSThreads mirror
a common system call. The wrappers serialize execution of the
runtime to ensure no race conditions where any Go code observes
a non-atomic OS state change. As such, the syscalls have
higher runtime overhead than regular system calls, and only
need to be used where such thread (or 'm' in the parlance
of the runtime sources) consistency is required.
The new support is used to enable these functions under Linux:
syscall.Setegid(), syscall.Seteuid(), syscall.Setgroups(),
syscall.Setgid(), syscall.Setregid(), syscall.Setreuid(),
syscall.Setresgid(), syscall.Setresuid() and syscall.Setuid().
They work identically to their glibc counterparts.
Extensive discussion of the background issue addressed in this
patch can be found here:
https://github.com/golang/go/issues/1435
In the case where cgo is used, the C runtime can launch pthreads that
are not managed by the Go runtime. As such, the added
syscall.AllThreadsSyscall*() return ENOTSUP when cgo is enabled.
However, for the 9 syscall.Set*() functions listed above, when cgo is
active, these functions redirect to invoke their C.set*() equivalents
in glibc, which wraps the raw system calls with a nptl:setxid fixup
mechanism. This achieves POSIX semantics for these functions in the
combined Go and C runtime.
As a side note, the glibc/nptl:setxid support (2019-11-30) does not
extend to all security related system calls under Linux so using
native Go (CGO_ENABLED=0) and these AllThreadsSyscall*()s, where
needed, will yield more well defined/consistent behavior over all
threads of a Go program. That is, using the
syscall.AllThreadsSyscall*() wrappers for things like setting state
through SYS_PRCTL and SYS_CAPSET etc.
Fixes#1435
Change-Id: Ib1a3e16b9180f64223196a32fc0f9dce14d9105c
Reviewed-on: https://go-review.googlesource.com/c/go/+/210639
Trust: Emmanuel Odeke <emm.odeke@gmail.com>
Trust: Ian Lance Taylor <iant@golang.org>
Trust: Michael Pratt <mpratt@google.com>
Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Reviewed-by: Austin Clements <austin@google.com>
Reportedly some Docker images accept the prlimit64 system call,
used by syscall.prlimit, but prohibit the getrlimit and setrlimit
system calls.
Fixes#38604
Change-Id: I91ff9370450b4869098cc8e335bbb7b863060508
Reviewed-on: https://go-review.googlesource.com/c/go/+/230339
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
Reimplement syscall wrappers for linux/arm64 in terms of supported
syscalls (or in case of Ustat make it return ENOSYS) and remove the
manually added SYS_* consts for the deprecated syscalls. Adapted from
golang.org/x/sys/unix where this is already done since CL 119655.
Change-Id: I94ab48a4645924df3822497d0575f1a1573d509f
Reviewed-on: https://go-review.googlesource.com/c/go/+/199140
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
On linux/riscv64, the renameat syscall no longer exists and has been
superseded by renameat2. Thus we'll have to use Renameat2 to implement
Renameat on linux/riscv64 for #27532. Prepare for this by moving the
Renameat definition to the GOARCH specific files.
Follow CL 157899 which did the same for golang.org/x/sys/unix
Change-Id: I9670213cc3987df48fee962ddee36915a7785560
Reviewed-on: https://go-review.googlesource.com/c/go/+/192077
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
The Linux kernel faccessat system call does not take a flags parameter.
The flag parameter to the C library faccessat function is implemented in C.
The syscall.Faccessat function takes a flags parameter. In older releases
we have passed the flags parameter to the kernel, which ignored it.
In CL 120015 we started returning an error if any flags were set.
That seems clearly better than ignoring them, but it turns out that some
code was using the flags. The code was previously subtly broken.
Now it is obviously broken. That is better, but we can do better still:
we can implement the flags as the C library does. That is what this CL does.
Change-Id: I259bd6f240c3951e939b81c3032dead3d9c567b4
Reviewed-on: https://go-review.googlesource.com/126415
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
As mentioned in #25845, port CL 46474 from golang.org/x/sys/unix to the
syscall package.
Currently Linux' fchmodat(2) syscall implementation doesn't support the
flags parameter (though it might in future versions [1]). Fchmodat in
the syscall package takes the parameter and (wrongly) passes it on to the
syscall which will ignore it.
According to the POSIX.1-2008 manual page [2], AT_SYMLINK_NOFOLLOW is
the only valid value for the flags parameter and EOPNOTSUPP should be
returned in case changing the mode of a symbolic link is not supported
by the underlying system. EINVAL should be returned for any other value
of the flags parameter.
[1] https://patchwork.kernel.org/patch/9596301/
[2] http://pubs.opengroup.org/onlinepubs/9699919799/functions/chmod.html
Updates #20130
Updates #25845
Change-Id: I1021dd0e6a4f4cb3557cb1c1b34dd618c378cda6
Reviewed-on: https://go-review.googlesource.com/118658
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Add the rawSyscallNoError wrapper function which is used for Linux
syscalls that don't return an error and convert all applicable
occurences of RawSyscall to use it instead.
Fixes#22924
Change-Id: Iff1eddb54573d459faa01471f10398b3d38528dd
Reviewed-on: https://go-review.googlesource.com/84485
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
The getdents64 syscall is only available for mips64/mips64le starting
with Linux kernel 3.10. Since mips64le requires at least 4.8 according
to [1] (regarding #16848) using it should be fine.
[1] https://golang.org/wiki/MinimumRequirements
This CL changes the binary layout of type Dirent for mips64/mips64le,
but not the public API. But since the currently used layout doesn't
match the struct linux_dirent returned by the getdents syscall this
should be fine as well.
Fixes#23624
Change-Id: Iaa7306fa6e4442ad2fed41c60b37627a7314f117
Reviewed-on: https://go-review.googlesource.com/91055
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Cherry Zhang <cherryyz@google.com>
syscall.Select uses SYS_PSELECT6 on arm64 and mipx64x, however this
syscall expects its 5th argument to be of type Timespec (with seconds
and nanoseconds) instead of type Timeval (with seconds and microseconds)
This leads to the timeout being too short by a factor of 1000.
This CL fixes this by adjusting the timeout argument accordingly,
similarly to how glibc does it for architectures where neither
SYS_SELECT nor SYS__NEWSELECT are available.
Fixes#22246
Change-Id: I33a183b0b87c2dae4a77a2d00f8615169fad48dd
Reviewed-on: https://go-review.googlesource.com/70590
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
syscall.Exit and runtime.exit do the same thing.
Why duplicate code?
CL 45115 fixed bug where windows runtime.exit was correct,
but syscall.Exit was broken. So CL 45115 fixed windows
syscall.Exit by calling runtime.exit.
Austin suggested that all OSes should do the same, and
this CL implements his idea.
While making changes, I discovered that nacl syscall.Exit
returned error
func Exit(code int) (err error)
and I changed it into
func Exit(code int)
like all other OSes. I assumed it was a mistake and it
is OK to do because cmd/api does not complain about it.
Also I changed plan9 runtime.exit to accept int32 just
like all other OSes do.
Change-Id: I12f6022ad81406566cf9befcc6edc382eebd413b
Reviewed-on: https://go-review.googlesource.com/66170
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Austin Clements <austin@google.com>
Reviewed-by: David du Colombier <0intro@gmail.com>
Fixes#21437
Change-Id: I55fbf5114ae1bb7f4aa1a20450e8d5309756cd5b
Reviewed-on: https://go-review.googlesource.com/55430
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Update syscall code generators to set build tags.
Regenerate zsyscall files, which makes the following changes:
- remove calls to "use"
- update build tags, adding missing ones in some cases
- "stat" renamed to "st" in some cases
- "libc_Utimes" renamed "libc_utimes" in one case
I'll mirror this change to x/sys/unix once committed.
Change-Id: Ic07e0ae1433dd133eb57e8dd2a3b86a62aab4eda
Reviewed-on: https://go-review.googlesource.com/36616
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Syscall getdents64 is relatively new in linux/mips64, only since kernel
version 3.10. To support older kernel, syscall getdents is used for
mips64.
Change-Id: I892b05dff7d93e7ddb0d700abd6a5e6d4084ab4c
Reviewed-on: https://go-review.googlesource.com/14449
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Minux Ma <minux@golang.org>
Fixes#11918
Replace calls to lchown(2) with fchownat(2) for linux/arm64 as the former is not suppored.
This change has also landed on the x/sys repo as CL 12837.
Change-Id: I58d4b144e051e36dd650ec9b7f3a02610ea943e5
Reviewed-on: https://go-review.googlesource.com/12833
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Dave Cheney <dave@cheney.net>
Run-TryBot: Dave Cheney <dave@cheney.net>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-generated using the following bash script:
for i in z*_*_*.go; do
goosgoarch=`basename ${i/${i/_*/}_/} .go`
goos=${goosgoarch/_*/}
goarch=${goosgoarch/*_/}
echo $i $goos $goarch
[ "$goos" = "windows" ] && continue
sed -i -e "/^package /i\/\/ +build $goarch,$goos\n" "$i"
done
Change-Id: I756fee551d1698080e4591fed8f058ae0450aaa5
Signed-off-by: Shenghou Ma <minux@golang.org>
Reviewed-on: https://go-review.googlesource.com/10113
Reviewed-by: Ian Lance Taylor <iant@golang.org>
There is no SYS_INOTIFY_INIT on linux/arm64, only SYS_INOTIFY_INIT1.
Change-Id: I97f430f2c2b910fb19dce495ff1adf591b8634fc
Reviewed-on: https://go-review.googlesource.com/9870
Run-TryBot: Minux Ma <minux@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Dave Cheney <dave@cheney.net>
The previously-submitted https://go-review.googlesource.com/#/c/6701
didn't include dragonfly, freebsd, nacl, netbsd, openbsd, or solaris.
(or things like darwin/arm or ppc64 or arm64)
So do them all.
Note I had to copy the function into tables_nacl.go. I found that
preferable to creating a new file just to have suitable build
tags. It's likely this function will be mirrored to plan9 and windows
later too, each of the 4 with their own policy of which error values
are common.
The corresponding x/sys CL for this CL is https://golang.org/cl/8190
but it excludes nacl (not in x/sys) and solaris (already broken).
Update Issue #8859
Change-Id: I91902615692b29b69c905edd9e126a26337294f6
Reviewed-on: https://go-review.googlesource.com/8192
Reviewed-by: Rob Pike <r@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
This avoids hanging when a Go program uses a FUSE filesystem and the
dup system call has to close a file descriptor. When dup uses
RawSyscall then the goroutine calling dup will occupy a scheduler slot
(a p structure) during the call, and may block waiting for some other
goroutine to respond to the close call on the FUSE filesystem.
Changing to Syscall avoids the problem. This makes Dup a tiny bit
slower but is quite unlikely to make a difference for any real
programs.
Fixes#10202.
Change-Id: If6490a8f9b3c9cfed6acbfb4bfd1eaeac62ced17
Reviewed-on: https://go-review.googlesource.com/8095
Reviewed-by: Rob Pike <r@golang.org>
Fixes newly introduced test on linux/arm64 because linux/arm64 doesn't
have the getpgrp syscall. Getpgid(0) is documented to be equivalent to
Getpgrp.
Change-Id: I8f30f4f8de8c32fe04a29c9c4a9330d4e4e6b46d
Signed-off-by: Shenghou Ma <minux@golang.org>
Reviewed-on: https://go-review.googlesource.com/8022
Reviewed-by: Aram Hăvărneanu <aram@mgk.ro>
Reviewed-by: Rob Pike <r@golang.org>
Andrew G. Morgan
Ian Lance Taylor
Tobias Klauser
Wei Xiao
Alex Brainman
Yuval Pavel Zholkover
Sameer Ajmani
Brad Fitzpatrick
Yao Zhang
Dave Cheney
Shenghou Ma
Aram Hăvărneanu