Re: [PATCH 1/2] clone3: add CLONE3_CLEAR_SIGHAND

[Christian Brauner]

On Sat, Oct 12, 2019 at 08:53:34AM +0200, Michael Kerrisk (man-pages) wrote:
> Hello Aleksa,
> 
> On Sat, 12 Oct 2019 at 00:12, Aleksa Sarai <cyphar@xxxxxxxxxx> wrote:
> >
> > On 2019-10-11, Michael Kerrisk <mtk.manpages@xxxxxxxxx> wrote:
> > > Why CLONE3_CLEAR_SIGHAND rather than just CLONE_CLEAR_SIGHAND?

I don't care much how we name this apart from the "_CLEAR_SIGHAND"
suffix. But see for a little rationale below.

> >
> > There are no more flag bits left for the classic clone()/clone2() (the
> > last one was used up by CLONE_PIDFD) -- thus this flag is clone3()-only.
> 
> Yes, I understand that. But, I'm not sure that the "3" in the prefix
> is necessary. "CLONE_" still seems better to me.
> 
> Consider this: sometime in the near future we will probably have time
> namespaces. The new flag for those namespaces will only be usable with
> clone3(). It should NOT be called CLONE3_NEWTIME, but rather
> CLONE_NEWTIME (or similar), because that same flag will presumably
> also be used in other APIs such as unshare() and setns(). (Hmm -- I

There are some noteable differences though. CLONE_NEWTIME takes the
CSIGNAL bit which is in the range of a 32bit integer and thus useable by
unshare() too. The same does not hold for CLONE{3}_CLEAR_SIGHAND. You
can't pass it to unshare(). unshare() also just deals with
namespace-relevant stuff so CLONE{3}_CLEAR_SIGHAND doesn't make much
sense there.

> wonder if we are going to need a new unshare2() or some such...)

We still have one 32bit bit left (CLONE_DETACHED) which we can't reuse
with clone()/clone2() but we can reuse with clone3(). We can simply
earmark it for namespace-related stuff and thus still have one bit left
for unshare() before we have to go for unshare2() (If we have to go
there at all since I'm not sure how much more namespaces we can come up
with.).

Christian