Date: Mon, 15 Aug 2022 14:57:18 -0400 From: Rich Felker <dalias@...c.org> To: Érico Nogueira <ericonr@...root.org> Cc: musl@...ts.openwall.com Subject: Re: [PATCH] remove extraneous syscall from fopen(3) On Mon, Aug 15, 2022 at 03:31:30PM -0300, Érico Nogueira wrote: > On Mon Aug 15, 2022 at 3:16 PM -03, Rich Felker wrote: > > On Mon, Aug 15, 2022 at 02:58:40PM -0300, Érico Nogueira wrote: > > > On Mon Aug 15, 2022 at 2:54 PM -03, Rich Felker wrote: > > > > On Mon, Aug 15, 2022 at 02:50:21PM -0300, Érico Nogueira wrote: > > > > > the __fdopen() call afterwards will set the close-on-exec flag with the > > > > > same syscall if "e" was specified in mode > > > > > --- > > > > > src/stdio/fopen.c | 2 -- > > > > > 1 file changed, 2 deletions(-) > > > > > > > > > > diff --git a/src/stdio/fopen.c b/src/stdio/fopen.c > > > > > index e1b91e12..22b72edf 100644 > > > > > --- a/src/stdio/fopen.c > > > > > +++ b/src/stdio/fopen.c > > > > > @@ -20,8 +20,6 @@ FILE *fopen(const char *restrict filename, const char *restrict mode) > > > > > > > > > > fd = sys_open(filename, flags, 0666); > > > > > if (fd < 0) return 0; > > > > > - if (flags & O_CLOEXEC) > > > > > - __syscall(SYS_fcntl, fd, F_SETFD, FD_CLOEXEC); > > > > > > > > > > f = __fdopen(fd, mode); > > > > > if (f) return f; > > > > > -- > > > > > 2.37.2 > > > > > > > > See commit 7765706c0584ed4a30e0b7a3ada742e490ef02b0 > > > > > > If the relevant part of that commit is that the flag is added > > > immediately after, would moving the SYS_fcntl call in __fdopen to the > > > top of the functon be acceptable? > > > > Oh, I missed that it also happens in __fdopen from the 'e' being > > present, and misunderstood your patch as just removing the fallback > > entirely. > > > > No, it's not acceptable to move the fcntl in __fdopen above the malloc > > because it would make fdopen modify the fd status on failure. I guess > > it's questionable whether we care "how soon" after the open it happens > > -- either way this is not a thread-safe fallback precluding fd leak on > > old/broken kernels. But since malloc may be application-provided, > > failure to set it before the malloc like we're doing now would be a > > "worse behavior" in some sense, exposing the incorrect fd state to a > > non-multithreaded application. > > On some level, unless someone inherited a file descriptor or something > similar, I'd expect them to have used O_CLOEXEC if they are also using > "e" in mode. So hopefully this is not as much of a concern. > > And I don't think fdopen setting the close-on-exec flag is behavior > users can rely on, seeing as glibc doesn't take "e" into account in > their fdopen implementation. Then they probably need to fix this, as the POSIX-future 'e' behavior (see #1526 and earlier stuff too, I think) specifies that presence of 'e' causes fdopen to set the FD_CLOEXEC flag and absence causes fdopen to leave it alone. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.