From: Ian Campbell <ian.campbell@citrix.com>
To: ian.jackson@eu.citrix.com, wei.liu2@citrix.com, xen-devel@lists.xen.org
Cc: Ian Campbell <ian.campbell@citrix.com>,
jbeulich@suse.com, Roger.Pau@citrix.com
Subject: [PATCH XEN v7 27/29] tools/libs/*: Use O_CLOEXEC on Linux and FreeBSD
Date: Wed, 16 Dec 2015 12:31:34 +0000 [thread overview]
Message-ID: <1450269096-27598-28-git-send-email-ian.campbell@citrix.com> (raw)
In-Reply-To: <1450269096-27598-1-git-send-email-ian.campbell@citrix.com>
In some cases this replaces an FD_CLOEXEC dance, in others it is new.
Linux has had O_CLOEXEC since 2.6.23 (October 2007), so we can rely on
it from Xen 4.7 I think. Some libc headers may still lack the
definition, so we take care of that if need be.
All stable versions of FreeBSD support O_CLOEXEC (10.2, 9.3 and 8.4),
and we assume the libc there does too.
Remove various comments about having to take responsibility for this
(since really it is just hygiene, politeness, not a requirement) and
the reasons for using O_CLOEXEC seem pretty straightforward.
Backends for other OSes are untouched.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Cc: Roger.Pau@citrix.com
Cc: jbeulich@suse.com
---
v6: New
v7: New, replaces "tools/libs/call: Use O_CLOEXEC when opening
/dev/xen/privcmd on Linux"
---
tools/libs/call/freebsd.c | 30 ++++++++----------------------
tools/libs/call/linux.c | 38 +++++++++++---------------------------
tools/libs/evtchn/freebsd.c | 2 +-
tools/libs/evtchn/linux.c | 6 +++++-
tools/libs/foreignmemory/freebsd.c | 24 ++----------------------
tools/libs/foreignmemory/linux.c | 36 +++++++++---------------------------
tools/libs/gnttab/linux.c | 6 +++++-
7 files changed, 41 insertions(+), 101 deletions(-)
diff --git a/tools/libs/call/freebsd.c b/tools/libs/call/freebsd.c
index 2413966..b3cbccd 100644
--- a/tools/libs/call/freebsd.c
+++ b/tools/libs/call/freebsd.c
@@ -35,8 +35,14 @@
int osdep_xencall_open(xencall_handle *xcall)
{
- int flags, saved_errno;
- int fd = open(PRIVCMD_DEV, O_RDWR);
+ int saved_errno;
+ int fd = open(PRIVCMD_DEV, O_RDWR|O_CLOEXEC);
+
+ /*
+ * This file descriptor is opaque to the caller, thus we are
+ * polite and try and ensure it doesn't propagate (ie leak)
+ * outside the process, by using O_CLOEXEC.
+ */
if ( fd == -1 )
{
@@ -45,26 +51,6 @@ int osdep_xencall_open(xencall_handle *xcall)
return -1;
}
- /*
- * Although we return the file handle as the 'xc handle' the API
- * does not specify / guarentee that this integer is in fact
- * a file handle. Thus we must take responsiblity to ensure
- * it doesn't propagate (ie leak) outside the process.
- */
- if ( (flags = fcntl(fd, F_GETFD)) < 0 )
- {
- PERROR("Could not get file handle flags");
- goto error;
- }
-
- flags |= FD_CLOEXEC;
-
- if ( fcntl(fd, F_SETFD, flags) < 0 )
- {
- PERROR("Could not set file handle flags");
- goto error;
- }
-
xcall->fd = fd;
return 0;
diff --git a/tools/libs/call/linux.c b/tools/libs/call/linux.c
index 651f380..1d6c40f 100644
--- a/tools/libs/call/linux.c
+++ b/tools/libs/call/linux.c
@@ -26,15 +26,23 @@
#include "private.h"
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 02000000
+#endif
+
int osdep_xencall_open(xencall_handle *xcall)
{
- int flags, saved_errno;
- int fd = open("/dev/xen/privcmd", O_RDWR); /* prefer this newer interface */
+ int fd;
+
+ /*
+ * Prefer the newer interface.
+ */
+ fd = open("/dev/xen/privcmd", O_RDWR|O_CLOEXEC);
if ( fd == -1 && ( errno == ENOENT || errno == ENXIO || errno == ENODEV ))
{
/* Fallback to /proc/xen/privcmd */
- fd = open("/proc/xen/privcmd", O_RDWR);
+ fd = open("/proc/xen/privcmd", O_RDWR|O_CLOEXEC);
}
if ( fd == -1 )
@@ -43,32 +51,8 @@ int osdep_xencall_open(xencall_handle *xcall)
return -1;
}
- /* Although we return the file handle as the 'xc handle' the API
- does not specify / guarentee that this integer is in fact
- a file handle. Thus we must take responsiblity to ensure
- it doesn't propagate (ie leak) outside the process */
- if ( (flags = fcntl(fd, F_GETFD)) < 0 )
- {
- PERROR("Could not get file handle flags");
- goto error;
- }
-
- flags |= FD_CLOEXEC;
-
- if ( fcntl(fd, F_SETFD, flags) < 0 )
- {
- PERROR("Could not set file handle flags");
- goto error;
- }
-
xcall->fd = fd;
return 0;
-
- error:
- saved_errno = errno;
- close(fd);
- errno = saved_errno;
- return -1;
}
int osdep_xencall_close(xencall_handle *xcall)
diff --git a/tools/libs/evtchn/freebsd.c b/tools/libs/evtchn/freebsd.c
index 636f052..cc14991 100644
--- a/tools/libs/evtchn/freebsd.c
+++ b/tools/libs/evtchn/freebsd.c
@@ -32,7 +32,7 @@
int osdep_evtchn_open(xenevtchn_handle *xce)
{
- int fd = open(EVTCHN_DEV, O_RDWR);
+ int fd = open(EVTCHN_DEV, O_RDWR|O_CLOEXEC);
if ( fd == -1 )
return -1;
xce->fd = fd;
diff --git a/tools/libs/evtchn/linux.c b/tools/libs/evtchn/linux.c
index 27fd6e9..119dbc6 100644
--- a/tools/libs/evtchn/linux.c
+++ b/tools/libs/evtchn/linux.c
@@ -28,9 +28,13 @@
#include "private.h"
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 02000000
+#endif
+
int osdep_evtchn_open(xenevtchn_handle *xce)
{
- int fd = open("/dev/xen/evtchn", O_RDWR);
+ int fd = open("/dev/xen/evtchn", O_RDWR|O_CLOEXEC);
if ( fd == -1 )
return -1;
xce->fd = fd;
diff --git a/tools/libs/foreignmemory/freebsd.c b/tools/libs/foreignmemory/freebsd.c
index 38138dc..7bf3939 100644
--- a/tools/libs/foreignmemory/freebsd.c
+++ b/tools/libs/foreignmemory/freebsd.c
@@ -33,8 +33,8 @@
int osdep_xenforeignmemory_open(xenforeignmemory_handle *fmem)
{
- int flags, saved_errno;
- int fd = open(PRIVCMD_DEV, O_RDWR);
+ int saved_errno;
+ int fd = open(PRIVCMD_DEV, O_RDWR|O_CLOEXEC);
if ( fd == -1 )
{
@@ -43,26 +43,6 @@ int osdep_xenforeignmemory_open(xenforeignmemory_handle *fmem)
return -1;
}
- /*
- * Although we return the file handle as the 'xc handle' the API
- * does not specify / guarentee that this integer is in fact
- * a file handle. Thus we must take responsiblity to ensure
- * it doesn't propagate (ie leak) outside the process.
- */
- if ( (flags = fcntl(fd, F_GETFD)) < 0 )
- {
- PERROR("Could not get file handle flags");
- goto error;
- }
-
- flags |= FD_CLOEXEC;
-
- if ( fcntl(fd, F_SETFD, flags) < 0 )
- {
- PERROR("Could not set file handle flags");
- goto error;
- }
-
fmem->fd = fd;
return 0;
diff --git a/tools/libs/foreignmemory/linux.c b/tools/libs/foreignmemory/linux.c
index 32b6def..498efc6 100644
--- a/tools/libs/foreignmemory/linux.c
+++ b/tools/libs/foreignmemory/linux.c
@@ -30,15 +30,21 @@
#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1))
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 02000000
+#endif
+
int osdep_xenforeignmemory_open(xenforeignmemory_handle *fmem)
{
- int flags, saved_errno;
- int fd = open("/dev/xen/privcmd", O_RDWR); /* prefer this newer interface */
+ int fd;
+
+ /* prefer this newer interface */
+ fd = open("/dev/xen/privcmd", O_RDWR|O_CLOEXEC);
if ( fd == -1 && ( errno == ENOENT || errno == ENXIO || errno == ENODEV ))
{
/* Fallback to /proc/xen/privcmd */
- fd = open("/proc/xen/privcmd", O_RDWR);
+ fd = open("/proc/xen/privcmd", O_RDWR|O_CLOEXEC);
}
if ( fd == -1 )
@@ -47,32 +53,8 @@ int osdep_xenforeignmemory_open(xenforeignmemory_handle *fmem)
return -1;
}
- /* Although we return the file handle as the 'xc handle' the API
- does not specify / guarentee that this integer is in fact
- a file handle. Thus we must take responsiblity to ensure
- it doesn't propagate (ie leak) outside the process */
- if ( (flags = fcntl(fd, F_GETFD)) < 0 )
- {
- PERROR("Could not get file handle flags");
- goto error;
- }
-
- flags |= FD_CLOEXEC;
-
- if ( fcntl(fd, F_SETFD, flags) < 0 )
- {
- PERROR("Could not set file handle flags");
- goto error;
- }
-
fmem->fd = fd;
return 0;
-
- error:
- saved_errno = errno;
- close(fd);
- errno = saved_errno;
- return -1;
}
int osdep_xenforeignmemory_close(xenforeignmemory_handle *fmem)
diff --git a/tools/libs/gnttab/linux.c b/tools/libs/gnttab/linux.c
index be04295..1c31863 100644
--- a/tools/libs/gnttab/linux.c
+++ b/tools/libs/gnttab/linux.c
@@ -43,9 +43,13 @@
#define PAGE_SIZE (1UL << PAGE_SHIFT)
#define PAGE_MASK (~(PAGE_SIZE-1))
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 02000000
+#endif
+
int osdep_gnttab_open(xengnttab_handle *xgt)
{
- int fd = open(DEVXEN "gntdev", O_RDWR);
+ int fd = open(DEVXEN "gntdev", O_RDWR|O_CLOEXEC);
if ( fd == -1 )
return -1;
xgt->fd = fd;
--
2.1.4
next prev parent reply other threads:[~2015-12-16 12:31 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1450269007.4053.48.camel@citrix.com>
2015-12-16 12:31 ` [PATCH XEN v7 00/29] Begin to disentangle libxenctrl and provide some stable libraries Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 01/29] stubdom: recurse into tools/include in mk-headers-$(XEN_TARGET_ARCH) rule Ian Campbell
2015-12-16 22:13 ` Samuel Thibault
2016-01-05 14:52 ` Ian Campbell
2015-12-19 3:14 ` Wei Liu
2015-12-16 12:31 ` [PATCH XEN v7 02/29] tools: Refactor "xentoollog" into its own library Ian Campbell
2016-01-05 14:53 ` Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 03/29] tools/libxc: Remove osdep indirection for xc_evtchn Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 04/29] tools: Refactor /dev/xen/evtchn wrappers into libxenevtchn Ian Campbell
2016-01-07 10:39 ` Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 05/29] tools: Arrange to check public headers for ANSI compatiblity Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 06/29] tools/libxc: Remove osdep indirection for xc_gnt{shr, tab} Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 07/29] tools: Refactor /dev/xen/gnt{dev, shr} wrappers into libxengnttab Ian Campbell
2015-12-16 18:40 ` Andrew Cooper
2015-12-17 8:37 ` Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 08/29] tools/libxc: Remove osdep indirection for privcmd Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 09/29] tools: Refactor hypercall calling wrappers into libxencall Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 10/29] tools/libxc: drop xc_map_foreign_bulk_compat wrappers Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 11/29] tools: Remove xc_map_foreign_batch Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 12/29] tools: Implement xc_map_foreign_range(s) in terms of common helper Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 13/29] tools: Refactor foreign memory mapping into libxenforeignmemory Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 14/29] tools/libs/foreignmemory: provide xenforeignmemory_unmap Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 15/29] tools/libs/foreignmemory: use size_t for size arguments Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 16/29] tools/libs/foreignmemory: Mention restrictions on fork in docs Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 17/29] tools/libs/foreignmemory: Support err == NULL to map Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 18/29] tools/libs/foreignmemory: pull array length argument to map forward Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 19/29] tools/libs/evtchn: Review and update doc comments Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 20/29] tools/libs: Clean up hard tabs Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 21/29] tools/libs/gnttab: Extensive updates to API documentation Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 22/29] tools/libs/call: Update some log messages to not refer to xc Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 23/29] tools/libs/call: Describe return values and error semantics for xencall* Ian Campbell
2015-12-16 12:38 ` Roger Pau Monné
2015-12-16 12:31 ` [PATCH XEN v7 24/29] tools/libs/call: Avoid xc_memalign in netbsd and solaris backends Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 25/29] tools/libs/call: linux: touch newly allocated pages after madvise lockdown Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 26/29] tools/libs/{call, evtchn}: Document requirements around forking Ian Campbell
2015-12-16 12:31 ` Ian Campbell [this message]
2015-12-16 12:37 ` [PATCH XEN v7 27/29] tools/libs/*: Use O_CLOEXEC on Linux and FreeBSD Roger Pau Monné
2015-12-16 13:16 ` Jan Beulich
2015-12-16 14:04 ` Ian Campbell
2015-12-16 14:43 ` Jan Beulich
2015-12-16 14:50 ` Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 28/29] tools: Update CFLAGS for qemu-xen to allow it to use new libraries Ian Campbell
2015-12-16 12:31 ` [PATCH XEN v7 29/29] HACK: Update Config.mk to pull all the right bits from my xenbits trees Ian Campbell
2015-12-16 17:17 ` [PATCH XEN-BONUS v7] tools/libs/*: Introduce APIs to restrict handles to a specific domain Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 0/8] Begin to disentangle libxenctrl and provide some stable libraries Ian Campbell
[not found] ` <1450269131-27735-1-git-send-email-ian.campbell@citrix.com>
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 1/8] xen_console: correctly cleanup primary console on teardown Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 2/8] xen: Switch to libxenevtchn interface for compat shims Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 3/8] xen: Switch to libxengnttab " Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 4/8] xen: Switch uses of xc_map_foreign_range into xc_map_foreign_pages Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 5/8] xen: Switch uses of xc_map_foreign_{pages, bulk} to use libxenforeignmemory API Ian Campbell
2015-12-16 14:39 ` Stefano Stabellini
[not found] ` <alpine.DEB.2.02.1512161436410.17516@kaball.uk.xensource.com>
2015-12-16 14:44 ` Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 6/8] xen: Use stable library interfaces when they are available Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 7/8] xen: domainbuild: reopen libxenctrl interface after forking for domain watcher Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN v7 8/8] xen: make it possible to build without the Xen PV domain builder Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN-TRADITIONAL v7 0/4] Begin to disentangle libxenctrl and provide some stable libraries Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN-TRADITIONAL v7 1/4] qemu-xen-traditional: Use libxenevtchn Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN-TRADITIONAL v7 2/4] qemu-xen-traditional: Use libxengnttab Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN-TRADITIONAL v7 3/4] qemu-xen-traditional: Add libxencall to rpath-link Ian Campbell
2015-12-16 12:32 ` [PATCH QEMU-XEN-TRADITIONAL v7 4/4] qemu-xen-traditional: Add libxenforeignmemory " Ian Campbell
2015-12-16 12:32 ` [PATCH MINI-OS v7 0/4] Begin to disentangle libxenctrl and provide some stable libraries Ian Campbell
2015-12-16 12:32 ` [PATCH MINI-OS v7 1/4] mini-os: Include libxenevtchn with libxc Ian Campbell
2015-12-16 12:32 ` [PATCH MINI-OS v7 2/4] mini-os: Include libxengnttab " Ian Campbell
2015-12-16 12:32 ` [PATCH MINI-OS v7 3/4] mini-os: Include libxencall " Ian Campbell
2015-12-16 12:32 ` [PATCH MINI-OS v7 4/4] mini-os: Include libxenforeignmemory " Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1450269096-27598-28-git-send-email-ian.campbell@citrix.com \
--to=ian.campbell@citrix.com \
--cc=Roger.Pau@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).