From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1M1c3Y-0001Ap-Mi
	for qemu-devel@nongnu.org; Wed, 06 May 2009 04:00:44 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1M1c3U-0001AI-2T
	for qemu-devel@nongnu.org; Wed, 06 May 2009 04:00:43 -0400
Received: from [199.232.76.173] (port=44934 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1M1c3T-0001AF-Ss
	for qemu-devel@nongnu.org; Wed, 06 May 2009 04:00:39 -0400
Received: from mx20.gnu.org ([199.232.41.8]:46115)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <nchip@kos.to>) id 1M1c3T-0000yV-3g
	for qemu-devel@nongnu.org; Wed, 06 May 2009 04:00:39 -0400
Received: from naru.obs2.net ([84.20.150.76])
	by mx20.gnu.org with esmtp (Exim 4.60) (envelope-from <nchip@kos.to>)
	id 1M1c3P-0008Lb-04
	for qemu-devel@nongnu.org; Wed, 06 May 2009 04:00:35 -0400
Date: Wed, 6 May 2009 11:00:23 +0300
From: Riku Voipio <riku.voipio@iki.fi>
Subject: Re: [Qemu-devel] [PATCH] linux-user: implement pipe2 syscall
Message-ID: <20090506080023.GA7230@kos.to>
References: <20090505133048.GA29646@kos.to>
	<20090505225809.GJ7574@shareable.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20090505225809.GJ7574@shareable.org>
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Jamie Lokier <jamie@shareable.org>
Cc: qemu-devel@nongnu.org

On Tue, May 05, 2009 at 11:58:09PM +0100, Jamie Lokier wrote:
> Riku Voipio wrote:
> > implement pipe2 syscall. instead of calling pipe2 directly
> > (which was introduced in 2.6.27), emulate the flag functionality
> > with fcntl.

> This is wrong with multiple threads if the flag contains FD_CLOEXEC.
> If that situation is possible, please don't do this.

> The point of pipe2() with FD_CLOEXEC is to be atomic: make sure
> another thread can never see the file descriptor with FD_CLOEXEC not set.

> If you can't guarantee that, it's better to return ENOSYS as every
> application using pipe2() like this has a fallback to use pipe() and
> FD_CLOEXEC itself, and probably has application logic to protect
> against the race condition.

> If there's only one thread, or if you can arrange to block any
> concurrent clone/fork/execve calls in other threads (in QEMU) during
> the race window, then it's fine to emulate it with fcntl.

We haven't returned from the pipe2 syscall when setting the flag with fcntl.
Before returning from the syscall, the pipe file descriptors could point
to anything (unitialized memory, zeros, ...)