Hacker News new | ask | show | jobs
by caf 1684 days ago
It's a leaky abstraction over the underlying system call mechanism. Because the user stack lives in user space and accessing it from the kernel requires the same dance as any other access to user memory, system call arguments are instead passed in registers where they are immediately available to the kernel with no possibility of faults or TOCTTOU holes.

Here 'unsigned long' is just a convenient stand-in for "generic register-sized argument".

A "void * pointing to struct" requires a copy from user space. If a particular prctl() does need a struct, it can certainly stuff a pointer into one of those 'unsigned long' parameters (in the kernel environment, a pointer can be converted to and from an unsigned long without concern).
1 comments
dataflow 1684 days ago
> Here 'unsigned long' is just a convenient stand-in for "generic register-sized argument".

That wouldn't be register-sized on x86 would it?

link
cesarb 1684 days ago
On all Linux architectures, "unsigned long" and "long" are always register-sized. For 32-bit architectures, "long" is 32 bits (the same as "int" which is always 32 bits), and for 64-bit architectures, "long" is 64 bits (the same as "long long" which is always 64 bits). This is different from Windows, in which "long" is always 32 bits, even on 64-bit architectures (and you have to use "long long" if you want 64 bits).

Therefore, Linux-only code (including the Linux kernel itself) commonly uses "long" or "unsigned long" to mean "register-sized" and "large enough to fit a pointer"; portable code normally uses "size_t" or "uintptr_t" for that.

link
caf 1684 days ago
It's not even just Linux - way back in the mid 90s there was an agreement among UNIX vendors to use the "LP64" model for 64 bit architectures, and ILP32 was already the de facto standard for 32 bit UNIX-likes, so "long can hold a pointer" is somewhat of a tradition in the POSIXy world.
link
dataflow 1684 days ago
Thanks, yeah. Any idea why they still do this instead of switching to `uintptr_t`?
link
dxuh 1684 days ago
Afaik the kernel is built as C89 and uintptr_t was introduced in C99.
link
dataflow 1684 days ago
Damn. I'd have they they could just typedef it manually, but interesting, thanks.
link
caf 1684 days ago
It's not even about how the kernel is built. The userspace-side system call declarations need to be #include-able in C89 user code, so they can't use C99 types.
link
oynqr 1684 days ago
The minimum size for unsigned long is 4 bytes
link
dataflow 1684 days ago
Oh I didn't realize its size varies on x86 and x64... I thought it's always 64-bit under compilers that target Linux! Today I learned...
link
tomsmeding 1684 days ago
There is a difference between 'long' and 'long long'. I believe the latter is always 64 bits on Linux.
link
dataflow 1684 days ago
I'm indeed aware of that one :-)
link
jamesfinlayson 1684 days ago
I think the size can vary by compiler rather than just by architecture.
link
dataflow 1684 days ago
Yeah it can but in practice systems have a canonical model in their official headers.
link
gpderetta 1684 days ago
And yet msvc and gcc disagree on sizeof(long) on AMD64.

Edit: but of course you meant OS with system, not hardware architecture :)

link