From: Zvi Gilboa <zg7s@eservices.virginia.edu>
To: <musl@lists.openwall.com>
Subject: Re: Difficulty emulating F_DUPFD_CLOEXEC
Date: Sat, 23 Mar 2013 22:10:10 -0400 [thread overview]
Message-ID: <514E6082.4070104@eservices.virginia.edu> (raw)
In-Reply-To: <20130324015923.GA5905@brightrain.aerifal.cx>
On 03/23/2013 09:59 PM, Rich Felker wrote:
> Hi again,
>
> Old kernels lack fcntl F_DUPFD_CLOEXEC, which musl needs internally
> and wants to provide to applications. Thus, I'd like to emulate it
> like we do for pipe2, dup3, socket SOCK_CLOEXEC, etc.; the emulation
> has a race condition that leaks fds, but it's better than nothing.
>
> The problem I'm having is how to detect the case where the kernel
> lacks F_DUPFD_CLOEXEC. For other other atomic close-on-exec
> operations, we either have ENOSYS (newly added syscall) or an
> unambiguous EINVAL. But for fcntl, we could get EINVAL because
> F_DUPFD_CLOEXEC is not recognized by the kernel, or because the
> argument is larger than OPEN_MAX. So we need a test for the cause
> behind EINVAL.
>
> False positives are not an option, because if we wrongly detect that
> F_DUPFD_CLOEXEC was not supported, we would emulate it with the code
> that has race conditions and fd leaks, even on new kernels which
> should not have these problems.
>
> The best idea I have so far is:
>
> 1. Try F_DUPFD_CLOEXEC. If it succeeds or fails with any error other
> than EINVAL, we're done.
>
> 2. If it fails with EINVAL, retry with an argument of 0. This will
> eliminate the other cause of EINVAL, so now we should get EINVAL
> only on old kernels that lack F_DUPFD_CLOEXEC. If this test
> succeeds, we need to close the new duplicate fd we made (on the
> wrong fd number) and report EINVAL back to the caller.
>
> 3. If the test in step 2 failed, F_DUPFD_CLOEXEC is unsupported, and
> we have to use the fallback code with race conditions.
>
> This uglifies fcntl.c a bit more, but I think it works. Does the above
> reasoning make sense? Any other ideas?
In the hope that this matches the project's spirit... how about running
these tests during the build, and have a script (or a simple test
program) #define whether the target architecture supports
F_DUPFD_CLOEXEC or not? Potentially, this test could be added at the
very end of alltypes.h.sh
>
> Rich
next prev parent reply other threads:[~2013-03-24 2:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-24 1:59 Rich Felker
2013-03-24 2:09 ` Rich Felker
2013-03-24 2:12 ` Rich Felker
2013-03-24 2:10 ` Zvi Gilboa [this message]
2013-03-24 2:14 ` Szabolcs Nagy
2013-03-24 2:17 ` Rich Felker
2013-03-24 2:27 ` Zvi Gilboa
2013-03-24 2:33 ` Rich Felker
2013-03-24 2:57 ` Zvi Gilboa
2013-03-24 3:08 ` Rich Felker
2013-03-24 23:51 ` Rob Landley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=514E6082.4070104@eservices.virginia.edu \
--to=zg7s@eservices.virginia.edu \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).