On Thu, Aug 14, 2025 at 07:12:55AM +0200, Stefano Brivio wrote:
> On Thu, 14 Aug 2025 14:10:20 +1000
> David Gibson <david@gibson.dropbear.id.au> wrote:
[snip]
> > Here we're adding a new syscall to work around the problems with
> > _exit().  In which case, why don't we add futex() to the syscall list
> > and go back to exit(3).
> 
> Because futex() just came up unexpectedly and Paul and myself had to
> spend hours figuring that out, and there are good chances we'll get
> something else like that from glibc in the future.

Yes, but that could happen with literally any libc function, I'm not
convinced that exit() is a target that deserves special attention.

> On top of that, see CVE-2014-3153 and CVE-2020-14381 about futex().
> >From a quick glance (and intuitively) fsync() is much simpler than that.

Eh.  Still not really convinced this isn't more trouble than it's
worth, but as you wish.

> > With Laurent working on multi-threading we might well want futexes
> > anyhow.
> 
> True, but then I'd still prefer to allow futex() explicitly, rather
> than re-enabling exit handlers, because that's more predictable.
> 

-- 
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson