All of lore.kernel.org
 help / color / mirror / Atom feed
From: Eric Dumazet <dada1@cosmosbay.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Davide Libenzi <davidel@xmailserver.org>,
	Ingo Molnar <mingo@elte.hu>, Ulrich Drepper <drepper@redhat.com>,
	Jeff Garzik <jeff@garzik.org>, Zach Brown <zach.brown@oracle.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Arjan van de Ven <arjan@infradead.org>,
	Christoph Hellwig <hch@infradead.org>,
	Andrew Morton <akpm@zip.com.au>,
	Alan Cox <alan@lxorguk.ukuu.org.uk>,
	Evgeniy Polyakov <johnpol@2ka.mipt.ru>,
	"David S. Miller" <davem@davemloft.net>,
	Suparna Bhattacharya <suparna@in.ibm.com>,
	Jens Axboe <jens.axboe@oracle.com>,
	Thomas Gleixner <tglx@linutronix.de>
Subject: Re: Syslets, Threadlets, generic AIO support, v6
Date: Wed, 30 May 2007 23:53:54 +0200	[thread overview]
Message-ID: <465DF272.3000108@cosmosbay.com> (raw)
In-Reply-To: <alpine.LFD.0.98.0705301341480.26602@woody.linux-foundation.org>

Linus Torvalds a écrit :
> 
> On Wed, 30 May 2007, Eric Dumazet wrote:
>>> No, Davide, the problem is that some applications depend on getting
>>> _specific_ file descriptors.
>> Fix the application, and not adding kernel bloat ?
> 
> No. The application is _correct_. It's how file descriptors are defined to 
> work. 
> 
>> Then you can also exclude multi-threading, since a thread (even not inside
>> glibc) can also use socket()/pipe()/open()/whatever and take the zero file
>> descriptor as well.
> 
> Totally different. That's an application internal issue. It does *not* 
> mean that we can break existing standards.
> 
>> The only hardcoded thing in Unix is 0, 1 and 2 fds.
> 
> Wrong. I already gave an example of real code that just didn't bother to 
> keep track of which fd's it had open, and closed them all. Partly, in 
> fact, because you can't even _know_ which fd's you have open when somebody 
> else just execve's you.

If someone really cares, /proc/self/fd can help. But one shouldn't care at all.

About the things that the process can do before execing() a process, file 
descriptors outside of 0,1,2 are the most obvious thing, but you also have 
alarm(), or stupid rlimits.

> 
> You can call it buggy, but the fact is, if you do, you're SIMPLY WRONG. 
> 
> You cannot just change years and years of coding practice, and standard 
> documentations. The behaviour of file descriptors is a fact. Ignoring that 
> fact because you don't like it is naïve and simply not realistic.

I want to change nothing. Current situation is fine and well documented, thank 
you.

If a program does "for (i = 0; i < NR_OPEN; i++) close(i);", this 
*will*/*should* work as intended : close all files descriptors from 0 to 
NR_OPEN. Big deal.

But you wont find in a program :

FILE *fp = fopen("somefile", "r");
for (i = 0; i < NR_OPEN; i++)
     close(i);
while (fgets(buff, sizeof(buff), fp)) {
}


You and/or others want to add fd namespaces and other hacks.

I saw on this thread suspicious examples, I am waiting for a real one, 
justifying all this stuff.

After file descriptors separation, I guess we'll need memory space separation 
as well, signal separations (SIGALRM comes to mind), uid/gid separation, cpu 
time separation, and so on... setrlimit() layered for every shared lib.



  reply	other threads:[~2007-05-30 21:57 UTC|newest]

Thread overview: 71+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-05-29 21:27 Syslets, Threadlets, generic AIO support, v6 Zach Brown
2007-05-29 21:49 ` Linus Torvalds
2007-05-29 22:49   ` Zach Brown
2007-05-29 22:16 ` Jeff Garzik
2007-05-29 23:09   ` Zach Brown
2007-05-29 23:20     ` Ulrich Drepper
2007-05-30  1:11       ` Dave Jones
2007-05-30 17:08         ` Zach Brown
2007-05-30  7:26     ` Ingo Molnar
2007-05-30  7:20   ` Ingo Molnar
2007-05-30  7:31     ` Ulrich Drepper
2007-05-30  8:42       ` Ingo Molnar
2007-05-30  8:51         ` Evgeniy Polyakov
2007-05-30  9:05           ` Ingo Molnar
2007-05-30 15:16         ` Linus Torvalds
2007-05-30 15:39         ` Ulrich Drepper
2007-05-30 19:40         ` Davide Libenzi
2007-05-30 19:55           ` Ulrich Drepper
2007-05-30 20:00           ` Linus Torvalds
2007-05-30 20:21             ` Davide Libenzi
2007-05-30 20:31             ` Eric Dumazet
2007-05-30 20:44               ` Linus Torvalds
2007-05-30 21:53                 ` Eric Dumazet [this message]
2007-05-30 21:31               ` Davide Libenzi
2007-05-30 21:16             ` Ulrich Drepper
2007-05-30 21:27               ` Linus Torvalds
2007-05-30 21:47                 ` Ulrich Drepper
2007-05-30 22:06                   ` Davide Libenzi
2007-05-30 21:48                 ` Davide Libenzi
2007-05-30 22:01                   ` Linus Torvalds
2007-05-31  6:13                     ` Ingo Molnar
2007-05-31  7:35                       ` Eric Dumazet
2007-05-31  9:26                         ` Ingo Molnar
2007-05-31  9:02                       ` Ingo Molnar
2007-05-31 10:41                         ` Eric Dumazet
2007-05-31 10:50                           ` Ingo Molnar
2007-05-31  9:32                       ` Ingo Molnar
2007-05-31  9:34                         ` Jens Axboe
2007-05-30 22:09                   ` Eric Dumazet
2007-05-30 21:51                 ` David M. Lloyd
2007-05-30 22:24                 ` William Lee Irwin III
2007-05-30 21:38               ` Jeremy Fitzhardinge
2007-05-30 21:39               ` Davide Libenzi
2007-05-30 21:36             ` Jeremy Fitzhardinge
2007-05-30 21:44               ` Linus Torvalds
2007-05-30 21:48                 ` Linus Torvalds
2007-05-30 21:54                   ` Jeremy Fitzhardinge
2007-05-30 22:27             ` Matt Mackall
2007-05-30 22:38               ` William Lee Irwin III
2007-05-30  8:32     ` Evgeniy Polyakov
2007-05-30  8:54       ` Ingo Molnar
2007-05-30  9:30         ` Evgeniy Polyakov
2007-05-30  9:28     ` Jeff Garzik
2007-05-30 13:02       ` Ingo Molnar
2007-05-30 13:20         ` Ingo Molnar
2007-05-30 15:31       ` Linus Torvalds
2007-05-30 16:09         ` Ingo Molnar
2007-05-30 17:57           ` Jens Axboe
2007-05-30 19:05           ` Mark Lord
2007-05-30 19:10             ` Jens Axboe
2007-05-30 19:15             ` Linus Torvalds
2007-05-30 19:32               ` Jens Axboe
2007-05-30 20:07               ` Eric Dumazet
2007-05-30 20:31                 ` Linus Torvalds
2007-05-30 20:46                   ` Eric Dumazet
2007-05-30 19:52           ` Davide Libenzi
2007-05-30  7:40 ` Jens Axboe
2007-05-30 16:55   ` Zach Brown
2007-05-30 17:33     ` Jens Axboe
  -- strict thread matches above, loose matches on Subject: below --
2007-05-31  8:15 Albert Cahalan
2007-05-31  9:50 ` Ingo Molnar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=465DF272.3000108@cosmosbay.com \
    --to=dada1@cosmosbay.com \
    --cc=akpm@zip.com.au \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=arjan@infradead.org \
    --cc=davem@davemloft.net \
    --cc=davidel@xmailserver.org \
    --cc=drepper@redhat.com \
    --cc=hch@infradead.org \
    --cc=jeff@garzik.org \
    --cc=jens.axboe@oracle.com \
    --cc=johnpol@2ka.mipt.ru \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@elte.hu \
    --cc=suparna@in.ibm.com \
    --cc=tglx@linutronix.de \
    --cc=torvalds@linux-foundation.org \
    --cc=zach.brown@oracle.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.