lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-07-29 11:41:21 +03:00
Code Activity

Assume that O_CLOEXEC is always defined and works

Browse Source
This commit is contained in:
Florian Weimer
2017-04-18 14:56:51 +02:00
parent b48061e1a5
commit cef9b65376
27 changed files with 91 additions and 565 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
ChangeLog
View File

@ -1,3 +1,59 @@
2017-04-18 Florian Weimer <fweimer@redhat.com>
* elf/dl-misc.c (_dl_sysdep_read_whole_file): Assume that
O_CLOEXEC is defined.
* include/fcntl.h (__have_o_cloexec): Remove declaration.
* io/Makefile (aux): Remove.
* io/have_o_cloexec.c: Remove file.
* libio/fileops.c (_IO_new_file_fopen): Assume that O_CLOEXEC is
defined and works.
* libio/iopopen.c (_IO_new_proc_open): Assume that O_CLOEXEC is
defined.
* login/utmp_file.c (O_flags): Remove definition.
(setutent_file): Use O_CLOEXEC instead of O_flags. Assume that
O_CLOEXEC works.
(pututline_file): Likewise.
* malloc/mtrace.c: Assume that O_CLOEXEC works.
* nis/nss_compat/compat-grp.c (__compat_have_cloexec): Remove
definition.
(internal_setgrent): Assume that O_CLOEXEC works.
* nis/nss_compat/compat-initgroups.c (__compat_have_cloexec):
Remove definition.
(internal_setgrent): Assume that O_CLOEXEC works.
* nis/nss_compat/compat-pwd.c (__compat_have_cloexec): Remove
definition.
(internal_setpwent): Assume that O_CLOEXEC works.
* nis/nss_compat/compat-spwd.c (__compat_have_cloexec): Remove
definition.
(internal_setspent): Assume that O_CLOEXEC works.
* nscd/connections.c (EXTRA_O_FLAGS): Remove definition.
(nscd_init): Use O_CLOEXEC instead of EXTRA_O_FLAGS. Assume that
O_CLOEXEC is defined and works.
* nss/Makefile (libnss_files-routines): Remove
files-have_o_cloexec.
* nss/nss_db/db-open.c (internal_setent): Assume that O_CLOEXEC is
defined.
* nss/nss_files/files-XXX.c (internal_setent): Assume that
O_CLOEXEC is defined and works.
* nss/nss_files/files-alias.c (internal_setent): Likewise.
* nss/nss_files/files-have_o_cloexec.c: Remove.
* posix/wordexp.c (exec_comm_child): Assume that O_CLOEXEC is
defined.
* shadow/lckpwdf.c (__lckpwdf): Assume that O_CLOEXEC is defined
and works.
* sysdeps/mach/hurd/kernel-features.h (__ASSUME_O_CLOEXEC): Remove
definition.
* sysdeps/nacl/kernel-features.h (__ASSUME_O_CLOEXEC): Likewise.
* sysdeps/posix/getcwd.c (__getcwd): Assume that O_CLOEXEC works.
* sysdeps/posix/opendir.c (opendir_oflags): Turn into enum constant.
(__opendirat, __opendir): Adjust opendir_oflags call.
(check_have_o_cloexec): Remove.
(__alloc_dir): Assume that O_CLOEXEC is defined and works.
* sysdeps/posix/shm_open.c (shm_open): Assume that O_CLOEXEC is
defined.
* sysdeps/unix/sysv/linux/kernel-features.h (__ASSUME_O_CLOEXEC):
Remove definition.
2017-04-18 Florian Weimer <fweimer@redhat.com> 2017-04-18 Florian Weimer <fweimer@redhat.com>
* include/unistd.h (__have_dup3): Remove declaration. * include/unistd.h (__have_dup3): Remove declaration.

6
elf/dl-misc.c
View File

@ -45,11 +45,7 @@ _dl_sysdep_read_whole_file (const char *file, size_t *sizep, int prot)
{ {
void *result = MAP_FAILED; void *result = MAP_FAILED;
struct stat64 st; struct stat64 st;
int flags = O_RDONLY; int fd = __open (file, O_RDONLY | O_CLOEXEC);
#ifdef O_CLOEXEC
flags |= O_CLOEXEC;
#endif
int fd = __open (file, flags);
if (fd >= 0) if (fd >= 0)
{ {
if (__fxstat64 (_STAT_VER, fd, &st) >= 0) if (__fxstat64 (_STAT_VER, fd, &st) >= 0)

4
include/fcntl.h
View File

@ -36,10 +36,6 @@ extern int __openat64_2 (int __fd, const char *__path, int __oflag);
/* Flag determining whether the *at system calls are available. */ /* Flag determining whether the *at system calls are available. */
extern int __have_atfcts attribute_hidden; extern int __have_atfcts attribute_hidden;
#ifdef O_CLOEXEC
extern int __have_o_cloexec attribute_hidden;
#endif
#endif #endif
#endif #endif

2
io/Makefile
View File

@ -55,8 +55,6 @@ routines := \
sendfile sendfile64 \ sendfile sendfile64 \
utimensat futimens utimensat futimens
aux := have_o_cloexec
# These routines will be omitted from the libc shared object. # These routines will be omitted from the libc shared object.
# Instead the static object files will be included in a special archive # Instead the static object files will be included in a special archive
# linked against when the shared library will be used. # linked against when the shared library will be used.

23
io/have_o_cloexec.c
View File

@ -1,23 +0,0 @@
/* Copyright (C) 2007-2017 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <fcntl.h>
#include <kernel-features.h>
#if defined O_CLOEXEC && !defined __ASSUME_O_CLOEXEC
int __have_o_cloexec;
#endif

16
libio/fileops.c
View File

@ -321,9 +321,7 @@ _IO_new_file_fopen (_IO_FILE *fp, const char *filename, const char *mode,
fp->_flags2 |= _IO_FLAGS2_NOTCANCEL; fp->_flags2 |= _IO_FLAGS2_NOTCANCEL;
continue; continue;
case 'e': case 'e':
#ifdef O_CLOEXEC
oflags |= O_CLOEXEC; oflags |= O_CLOEXEC;
#endif
fp->_flags2 |= _IO_FLAGS2_CLOEXEC; fp->_flags2 |= _IO_FLAGS2_CLOEXEC;
continue; continue;
default: default:
@ -338,20 +336,6 @@ _IO_new_file_fopen (_IO_FILE *fp, const char *filename, const char *mode,
if (result != NULL) if (result != NULL)
{ {
#ifndef __ASSUME_O_CLOEXEC
if ((fp->_flags2 & _IO_FLAGS2_CLOEXEC) != 0 && __have_o_cloexec <= 0)
{
int fd = _IO_fileno (fp);
if (__have_o_cloexec == 0)
{
int flags = __fcntl (fd, F_GETFD);
__have_o_cloexec = (flags & FD_CLOEXEC) == 0 ? -1 : 1;
}
if (__have_o_cloexec < 0)
__fcntl (fd, F_SETFD, FD_CLOEXEC);
}
#endif
/* Test whether the mode string specifies the conversion. */ /* Test whether the mode string specifies the conversion. */
cs = strstr (last_recognized + 1, ",ccs="); cs = strstr (last_recognized + 1, ",ccs=");
if (cs != NULL) if (cs != NULL)

2
libio/iopopen.c
View File

@ -173,12 +173,10 @@ _IO_new_proc_open (_IO_FILE *fp, const char *command, const char *mode)
if (child_end != child_std_end) if (child_end != child_std_end)
_IO_dup2 (child_end, child_std_end); _IO_dup2 (child_end, child_std_end);
#ifdef O_CLOEXEC
else else
/* The descriptor is already the one we will use. But it must /* The descriptor is already the one we will use. But it must
not be marked close-on-exec. Undo the effects. */ not be marked close-on-exec. Undo the effects. */
__fcntl (child_end, F_SETFD, 0); __fcntl (child_end, F_SETFD, 0);
#endif
/* POSIX.2: "popen() shall ensure that any streams from previous /* POSIX.2: "popen() shall ensure that any streams from previous
popen() calls that remain open in the parent process are closed popen() calls that remain open in the parent process are closed
in the new child process." */ in the new child process." */

65
login/utmp_file.c
View File

@ -141,42 +141,11 @@ setutent_file (void)
file_name = TRANSFORM_UTMP_FILE_NAME (__libc_utmp_file_name); file_name = TRANSFORM_UTMP_FILE_NAME (__libc_utmp_file_name);
#ifdef O_CLOEXEC
# define O_flags O_LARGEFILE | O_CLOEXEC
#else
# define O_flags O_LARGEFILE
#endif
file_writable = false; file_writable = false;
file_fd = open_not_cancel_2 (file_name, O_RDONLY | O_flags); file_fd = open_not_cancel_2
(file_name, O_RDONLY | O_LARGEFILE | O_CLOEXEC);
if (file_fd == -1) if (file_fd == -1)
return 0; return 0;
#ifndef __ASSUME_O_CLOEXEC
# ifdef O_CLOEXEC
if (__have_o_cloexec <= 0)
# endif
{
/* We have to make sure the file is `closed on exec'. */
int result = fcntl_not_cancel (file_fd, F_GETFD, 0);
if (result >= 0)
{
# ifdef O_CLOEXEC
if (__have_o_cloexec == 0)
__have_o_cloexec = (result & FD_CLOEXEC) ? 1 : -1;
if (__have_o_cloexec < 0)
# endif
result = fcntl_not_cancel (file_fd, F_SETFD,
result | FD_CLOEXEC);
}
if (result == -1)
{
close_not_cancel_no_status (file_fd);
return 0;
}
}
#endif
} }
__lseek64 (file_fd, 0, SEEK_SET); __lseek64 (file_fd, 0, SEEK_SET);
@ -404,37 +373,11 @@ pututline_file (const struct utmp *data)
/* We must make the file descriptor writable before going on. */ /* We must make the file descriptor writable before going on. */
const char *file_name = TRANSFORM_UTMP_FILE_NAME (__libc_utmp_file_name); const char *file_name = TRANSFORM_UTMP_FILE_NAME (__libc_utmp_file_name);
int new_fd = open_not_cancel_2 (file_name, O_RDWR | O_flags); int new_fd = open_not_cancel_2
(file_name, O_RDWR | O_LARGEFILE | O_CLOEXEC);
if (new_fd == -1) if (new_fd == -1)
return NULL; return NULL;
#ifndef __ASSUME_O_CLOEXEC
# ifdef O_CLOEXEC
if (__have_o_cloexec <= 0)
# endif
{
/* We have to make sure the file is `closed on exec'. */
int result = fcntl_not_cancel (file_fd, F_GETFD, 0);
if (result >= 0)
{
# ifdef O_CLOEXEC
if (__have_o_cloexec == 0)
__have_o_cloexec = (result & FD_CLOEXEC) ? 1 : -1;
if (__have_o_cloexec < 0)
# endif
result = fcntl_not_cancel (file_fd, F_SETFD,
result | FD_CLOEXEC);
}
if (result == -1)
{
close_not_cancel_no_status (file_fd);
return NULL;
}
}
#endif
if (__lseek64 (new_fd, __lseek64 (file_fd, 0, SEEK_CUR), SEEK_SET) == -1 if (__lseek64 (new_fd, __lseek64 (file_fd, 0, SEEK_CUR), SEEK_SET) == -1
|| __dup2 (new_fd, file_fd) < 0) || __dup2 (new_fd, file_fd) < 0)
{ {

9
malloc/mtrace.c
View File

@ -300,15 +300,6 @@ mtrace (void)
mallstream = fopen (mallfile != NULL ? mallfile : "/dev/null", "wce"); mallstream = fopen (mallfile != NULL ? mallfile : "/dev/null", "wce");
if (mallstream != NULL) if (mallstream != NULL)
{ {
#ifndef __ASSUME_O_CLOEXEC
/* Make sure we close the file descriptor on exec. */
int flags = __fcntl (fileno (mallstream), F_GETFD, 0);
if (flags >= 0)
{
flags |= FD_CLOEXEC;
__fcntl (fileno (mallstream), F_SETFD, flags);
}
#endif
/* Be sure it doesn't malloc its buffer! */ /* Be sure it doesn't malloc its buffer! */
malloc_trace_buffer = mtb; malloc_trace_buffer = mtb;
setvbuf (mallstream, malloc_trace_buffer, _IOFBF, TRACE_BUFFER_SIZE); setvbuf (mallstream, malloc_trace_buffer, _IOFBF, TRACE_BUFFER_SIZE);

52
nis/nss_compat/compat-grp.c
View File

@ -70,19 +70,6 @@ static ent_t ext_ent = { TRUE, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 }};
/* Protect global state against multiple changers. */ /* Protect global state against multiple changers. */
__libc_lock_define_initialized (static, lock) __libc_lock_define_initialized (static, lock)
/* Positive if O_CLOEXEC is supported, negative if it is not supported,
zero if it is still undecided. This variable is shared with the
other compat functions. */
#ifdef __ASSUME_O_CLOEXEC
# define __compat_have_cloexec 1
#else
# ifdef O_CLOEXEC
int __compat_have_cloexec;
# else
# define __compat_have_cloexec -1
# endif
#endif
/* Prototypes for local functions. */ /* Prototypes for local functions. */
static void blacklist_store_name (const char *, ent_t *); static void blacklist_store_name (const char *, ent_t *);
static int in_blacklist (const char *, int, ent_t *); static int in_blacklist (const char *, int, ent_t *);
@ -125,43 +112,8 @@ internal_setgrent (ent_t *ent, int stayopen, int needent)
if (ent->stream == NULL) if (ent->stream == NULL)
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
else else
{ /* We take care of locking ourself. */
/* We have to make sure the file is `closed on exec'. */ __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
int result = 0;
if (__compat_have_cloexec <= 0)
{
int flags;
result = flags = fcntl (fileno_unlocked (ent->stream), F_GETFD,
0);
if (result >= 0)
{
#if defined O_CLOEXEC && !defined __ASSUME_O_CLOEXEC
if (__compat_have_cloexec == 0)
__compat_have_cloexec = (flags & FD_CLOEXEC) ? 1 : -1;
if (__compat_have_cloexec < 0)
#endif
{
flags |= FD_CLOEXEC;
result = fcntl (fileno_unlocked (ent->stream), F_SETFD,
flags);
}
}
}
if (result < 0)
{
/* Something went wrong. Close the stream and return a
failure. */
fclose (ent->stream);
ent->stream = NULL;
status = NSS_STATUS_UNAVAIL;
}
else
/* We take care of locking ourself. */
__fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
}
} }
else else
rewind (ent->stream); rewind (ent->stream);

52
nis/nss_compat/compat-initgroups.c
View File

@ -77,20 +77,6 @@ struct ent_t
}; };
typedef struct ent_t ent_t; typedef struct ent_t ent_t;
/* Positive if O_CLOEXEC is supported, negative if it is not supported,
zero if it is still undecided. This variable is shared with the
other compat functions. */
#ifdef __ASSUME_O_CLOEXEC
# define __compat_have_cloexec 1
#else
# ifdef O_CLOEXEC
extern int __compat_have_cloexec;
# else
# define __compat_have_cloexec -1
# endif
#endif
/* Prototypes for local functions. */ /* Prototypes for local functions. */
static void blacklist_store_name (const char *, ent_t *); static void blacklist_store_name (const char *, ent_t *);
static int in_blacklist (const char *, int, ent_t *); static int in_blacklist (const char *, int, ent_t *);
@ -141,42 +127,8 @@ internal_setgrent (ent_t *ent)
if (ent->stream == NULL) if (ent->stream == NULL)
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
else else
{ /* We take care of locking ourself. */
/* We have to make sure the file is `closed on exec'. */ __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
int result = 0;
if (__compat_have_cloexec <= 0)
{
int flags;
result = flags = fcntl (fileno_unlocked (ent->stream), F_GETFD, 0);
if (result >= 0)
{
#if defined O_CLOEXEC && !defined __ASSUME_O_CLOEXEC
if (__compat_have_cloexec == 0)
__compat_have_cloexec = (flags & FD_CLOEXEC) ? 1 : -1;
if (__compat_have_cloexec < 0)
#endif
{
flags |= FD_CLOEXEC;
result = fcntl (fileno_unlocked (ent->stream), F_SETFD,
flags);
}
}
}
if (result < 0)
{
/* Something went wrong. Close the stream and return a
failure. */
fclose (ent->stream);
ent->stream = NULL;
status = NSS_STATUS_UNAVAIL;
}
else
/* We take care of locking ourself. */
__fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
}
return status; return status;
} }

52
nis/nss_compat/compat-pwd.c
View File

@ -80,19 +80,6 @@ static ent_t ext_ent = { false, false, true, NSS_STATUS_SUCCESS, NULL,
/* Protect global state against multiple changers. */ /* Protect global state against multiple changers. */
__libc_lock_define_initialized (static, lock) __libc_lock_define_initialized (static, lock)
/* Positive if O_CLOEXEC is supported, negative if it is not supported,
zero if it is still undecided. This variable is shared with the
other compat functions. */
#ifdef __ASSUME_O_CLOEXEC
# define __compat_have_cloexec 1
#else
# ifdef O_CLOEXEC
extern int __compat_have_cloexec;
# else
# define __compat_have_cloexec -1
# endif
#endif
/* Prototypes for local functions. */ /* Prototypes for local functions. */
static void blacklist_store_name (const char *, ent_t *); static void blacklist_store_name (const char *, ent_t *);
static int in_blacklist (const char *, int, ent_t *); static int in_blacklist (const char *, int, ent_t *);
@ -240,43 +227,8 @@ internal_setpwent (ent_t *ent, int stayopen, int needent)
if (ent->stream == NULL) if (ent->stream == NULL)
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
else else
{ /* We take care of locking ourself. */
/* We have to make sure the file is `closed on exec'. */ __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
int result = 0;
if (__compat_have_cloexec <= 0)
{
int flags;
result = flags = fcntl (fileno_unlocked (ent->stream), F_GETFD,
0);
if (result >= 0)
{
#if defined O_CLOEXEC && !defined __ASSUME_O_CLOEXEC
if (__compat_have_cloexec == 0)
__compat_have_cloexec = (flags & FD_CLOEXEC) ? 1 : -1;
if (__compat_have_cloexec < 0)
#endif
{
flags |= FD_CLOEXEC;
result = fcntl (fileno_unlocked (ent->stream), F_SETFD,
flags);
}
}
}
if (result < 0)
{
/* Something went wrong. Close the stream and return a
failure. */
fclose (ent->stream);
ent->stream = NULL;
status = NSS_STATUS_UNAVAIL;
}
else
/* We take care of locking ourself. */
__fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
}
} }
else else
rewind (ent->stream); rewind (ent->stream);

52
nis/nss_compat/compat-spwd.c
View File

@ -77,19 +77,6 @@ static ent_t ext_ent = { false, true, false, NSS_STATUS_SUCCESS, NULL,
/* Protect global state against multiple changers. */ /* Protect global state against multiple changers. */
__libc_lock_define_initialized (static, lock) __libc_lock_define_initialized (static, lock)
/* Positive if O_CLOEXEC is supported, negative if it is not supported,
zero if it is still undecided. This variable is shared with the
other compat functions. */
#ifdef __ASSUME_O_CLOEXEC
# define __compat_have_cloexec 1
#else
# ifdef O_CLOEXEC
extern int __compat_have_cloexec;
# else
# define __compat_have_cloexec -1
# endif
#endif
/* Prototypes for local functions. */ /* Prototypes for local functions. */
static void blacklist_store_name (const char *, ent_t *); static void blacklist_store_name (const char *, ent_t *);
static int in_blacklist (const char *, int, ent_t *); static int in_blacklist (const char *, int, ent_t *);
@ -196,43 +183,8 @@ internal_setspent (ent_t *ent, int stayopen, int needent)
if (ent->stream == NULL) if (ent->stream == NULL)
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
else else
{ /* We take care of locking ourself. */
/* We have to make sure the file is `closed on exec'. */ __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
int result = 0;
if (__compat_have_cloexec <= 0)
{
int flags;
result = flags = fcntl (fileno_unlocked (ent->stream), F_GETFD,
0);
if (result >= 0)
{
#if defined O_CLOEXEC && !defined __ASSUME_O_CLOEXEC
if (__compat_have_cloexec == 0)
__compat_have_cloexec = (flags & FD_CLOEXEC) ? 1 : -1;
if (__compat_have_cloexec < 0)
#endif
{
flags |= FD_CLOEXEC;
result = fcntl (fileno_unlocked (ent->stream), F_SETFD,
flags);
}
}
}
if (result < 0)
{
/* Something went wrong. Close the stream and return a
failure. */
fclose (ent->stream);
ent->stream = NULL;
status = NSS_STATUS_UNAVAIL;
}
else
/* We take care of locking ourself. */
__fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
}
} }
else else
rewind (ent->stream); rewind (ent->stream);

37
nscd/connections.c
View File

@ -499,13 +499,6 @@ fail:
} }
#ifdef O_CLOEXEC
# define EXTRA_O_FLAGS O_CLOEXEC
#else
# define EXTRA_O_FLAGS 0
#endif
/* Initialize database information structures. */ /* Initialize database information structures. */
void void
nscd_init (void) nscd_init (void)
@ -528,7 +521,7 @@ nscd_init (void)
if (dbs[cnt].persistent) if (dbs[cnt].persistent)
{ {
/* Try to open the appropriate file on disk. */ /* Try to open the appropriate file on disk. */
int fd = open (dbs[cnt].db_filename, O_RDWR | EXTRA_O_FLAGS); int fd = open (dbs[cnt].db_filename, O_RDWR | O_CLOEXEC);
if (fd != -1) if (fd != -1)
{ {
char *msg = NULL; char *msg = NULL;
@ -608,7 +601,7 @@ nscd_init (void)
if (dbs[cnt].shared) if (dbs[cnt].shared)
{ {
dbs[cnt].ro_fd = open (dbs[cnt].db_filename, dbs[cnt].ro_fd = open (dbs[cnt].db_filename,
O_RDONLY | EXTRA_O_FLAGS); O_RDONLY | O_CLOEXEC);
if (dbs[cnt].ro_fd == -1) if (dbs[cnt].ro_fd == -1)
dbg_log (_("\ dbg_log (_("\
cannot create read-only descriptor for \"%s\"; no mmap"), cannot create read-only descriptor for \"%s\"; no mmap"),
@ -648,23 +641,23 @@ cannot create read-only descriptor for \"%s\"; no mmap"),
if (dbs[cnt].persistent) if (dbs[cnt].persistent)
{ {
fd = open (dbs[cnt].db_filename, fd = open (dbs[cnt].db_filename,
O_RDWR | O_CREAT | O_EXCL | O_TRUNC | EXTRA_O_FLAGS, O_RDWR | O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC,
S_IRUSR | S_IWUSR); S_IRUSR | S_IWUSR);
if (fd != -1 && dbs[cnt].shared) if (fd != -1 && dbs[cnt].shared)
ro_fd = open (dbs[cnt].db_filename, ro_fd = open (dbs[cnt].db_filename,
O_RDONLY | EXTRA_O_FLAGS); O_RDONLY | O_CLOEXEC);
} }
else else
{ {
char fname[] = _PATH_NSCD_XYZ_DB_TMP; char fname[] = _PATH_NSCD_XYZ_DB_TMP;
fd = mkostemp (fname, EXTRA_O_FLAGS); fd = mkostemp (fname, O_CLOEXEC);
/* We do not need the file name anymore after we /* We do not need the file name anymore after we
opened another file descriptor in read-only mode. */ opened another file descriptor in read-only mode. */
if (fd != -1) if (fd != -1)
{ {
if (dbs[cnt].shared) if (dbs[cnt].shared)
ro_fd = open (fname, O_RDONLY | EXTRA_O_FLAGS); ro_fd = open (fname, O_RDONLY | O_CLOEXEC);
unlink (fname); unlink (fname);
} }
@ -782,24 +775,6 @@ cannot create read-only descriptor for \"%s\"; no mmap"),
} }
} }
#if !defined O_CLOEXEC || !defined __ASSUME_O_CLOEXEC
/* We do not check here whether the O_CLOEXEC provided to the
open call was successful or not. The two fcntl calls are
only performed once each per process start-up and therefore
is not noticeable at all. */
if (paranoia
&& ((dbs[cnt].wr_fd != -1
&& fcntl (dbs[cnt].wr_fd, F_SETFD, FD_CLOEXEC) == -1)
|| (dbs[cnt].ro_fd != -1
&& fcntl (dbs[cnt].ro_fd, F_SETFD, FD_CLOEXEC) == -1)))
{
dbg_log (_("\
cannot set socket to close on exec: %s; disabling paranoia mode"),
strerror (errno));
paranoia = 0;
}
#endif
if (dbs[cnt].head == NULL) if (dbs[cnt].head == NULL)
{ {
/* We do not use the persistent database. Just /* We do not use the persistent database. Just

2
nss/Makefile
View File

@ -74,7 +74,7 @@ vpath %.c $(subdir-dirs) ../locale/programs ../intl
libnss_files-routines := $(addprefix files-,$(databases)) \ libnss_files-routines := $(addprefix files-,$(databases)) \
files-initgroups files-have_o_cloexec files-init files-initgroups files-init
libnss_db-dbs := $(addprefix db-,\ libnss_db-dbs := $(addprefix db-,\
$(filter-out hosts network key alias,\ $(filter-out hosts network key alias,\

6
nss/nss_db/db-open.c
View File

@ -36,11 +36,7 @@ internal_setent (const char *file, struct nss_db_map *mapping)
{ {
enum nss_status status = NSS_STATUS_UNAVAIL; enum nss_status status = NSS_STATUS_UNAVAIL;
int mode = O_RDONLY | O_LARGEFILE; int fd = open_not_cancel_2 (file, O_RDONLY | O_LARGEFILE | O_CLOEXEC);
#ifdef O_CLOEXEC
mode |= O_CLOEXEC;
#endif
int fd = open_not_cancel_2 (file, mode);
if (fd != -1) if (fd != -1)
{ {
struct nss_db_header header; struct nss_db_header header;

35
nss/nss_files/files-XXX.c
View File

@ -78,41 +78,6 @@ internal_setent (FILE **stream)
if (*stream == NULL) if (*stream == NULL)
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
else
{
#if !defined O_CLOEXEC || !defined __ASSUME_O_CLOEXEC
# ifdef O_CLOEXEC
if (__have_o_cloexec <= 0)
# endif
{
/* We have to make sure the file is `closed on exec'. */
int result;
int flags;
result = flags = fcntl (fileno (*stream), F_GETFD, 0);
if (result >= 0)
{
# ifdef O_CLOEXEC
if (__have_o_cloexec == 0)
__have_o_cloexec = (flags & FD_CLOEXEC) == 0 ? -1 : 1;
if (__have_o_cloexec < 0)
# endif
{
flags |= FD_CLOEXEC;
result = fcntl (fileno (*stream), F_SETFD, flags);
}
}
if (result < 0)
{
/* Something went wrong. Close the stream and return a
failure. */
fclose (*stream);
*stream = NULL;
status = NSS_STATUS_UNAVAIL;
}
}
#endif
}
} }
else else
rewind (*stream); rewind (*stream);

35
nss/nss_files/files-alias.c
View File

@ -51,41 +51,6 @@ internal_setent (FILE **stream)
if (*stream == NULL) if (*stream == NULL)
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
else
{
#if !defined O_CLOEXEC || !defined __ASSUME_O_CLOEXEC
# ifdef O_CLOEXEC
if (__have_o_cloexec <= 0)
# endif
{
/* We have to make sure the file is `closed on exec'. */
int result;
int flags;
result = flags = fcntl (fileno (*stream), F_GETFD, 0);
if (result >= 0)
{
# ifdef O_CLOEXEC
if (__have_o_cloexec == 0)
__have_o_cloexec = (flags & FD_CLOEXEC) == 0 ? -1 : 1;
if (__have_o_cloexec < 0)
# endif
{
flags |= FD_CLOEXEC;
result = fcntl (fileno (*stream), F_SETFD, flags);
}
}
if (result < 0)
{
/* Something went wrong. Close the stream and return a
failure. */
fclose (*stream);
stream = NULL;
status = NSS_STATUS_UNAVAIL;
}
}
#endif
}
} }
else else
rewind (*stream); rewind (*stream);

23
nss/nss_files/files-have_o_cloexec.c
View File

@ -1,23 +0,0 @@
/* Copyright (C) 2007-2017 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <fcntl.h>
#include <kernel-features.h>
#if defined O_CLOEXEC && !defined __ASSUME_O_CLOEXEC
int __have_o_cloexec;
#endif

8
posix/wordexp.c
View File

@ -833,12 +833,8 @@ exec_comm_child (char *comm, int *fildes, int showerr, int noexec)
__close (fildes[1]); __close (fildes[1]);
} }
else else
{ /* Reset the close-on-exec flag (if necessary). */
#ifdef O_CLOEXEC __fcntl (fildes[1], F_SETFD, 0);
/* Reset the close-on-exec flag (if necessary). */
__fcntl (fildes[1], F_SETFD, 0);
#endif
}
/* Redirect stderr to /dev/null if we have to. */ /* Redirect stderr to /dev/null if we have to. */
if (showerr == 0) if (showerr == 0)

29
shadow/lckpwdf.c
View File

@ -96,39 +96,12 @@ __lckpwdf (void)
/* Prevent problems caused by multiple threads. */ /* Prevent problems caused by multiple threads. */
__libc_lock_lock (lock); __libc_lock_lock (lock);
int oflags = O_WRONLY | O_CREAT; int oflags = O_WRONLY | O_CREAT | O_CLOEXEC;
#ifdef O_CLOEXEC
oflags |= O_CLOEXEC;
#endif
lock_fd = __open (PWD_LOCKFILE, oflags, 0600); lock_fd = __open (PWD_LOCKFILE, oflags, 0600);
if (lock_fd == -1) if (lock_fd == -1)
/* Cannot create lock file. */ /* Cannot create lock file. */
RETURN_CLOSE_FD (-1); RETURN_CLOSE_FD (-1);
#ifndef __ASSUME_O_CLOEXEC
# ifdef O_CLOEXEC
if (__have_o_cloexec <= 0)
# endif
{
/* Make sure file gets correctly closed when process finished. */
int flags = __fcntl (lock_fd, F_GETFD, 0);
if (flags == -1)
/* Cannot get file flags. */
RETURN_CLOSE_FD (-1);
# ifdef O_CLOEXEC
if (__have_o_cloexec == 0)
__have_o_cloexec = (flags & FD_CLOEXEC) == 0 ? -1 : 1;
if (__have_o_cloexec < 0)
# endif
{
flags |= FD_CLOEXEC; /* Close on exit. */
if (__fcntl (lock_fd, F_SETFD, flags) < 0)
/* Cannot set new flags. */
RETURN_CLOSE_FD (-1);
}
}
#endif
/* Now we have to get exclusive write access. Since multiple /* Now we have to get exclusive write access. Since multiple
process could try this we won't stop when it first fails. process could try this we won't stop when it first fails.
Instead we set a timeout for the system call. Once the timer Instead we set a timeout for the system call. Once the timer

1
sysdeps/mach/hurd/kernel-features.h
View File

@ -20,5 +20,4 @@
Almost none of these are used outside of sysdeps/unix/sysv/linux code. Almost none of these are used outside of sysdeps/unix/sysv/linux code.
But those referring to POSIX-level features like O_* flags can be. */ But those referring to POSIX-level features like O_* flags can be. */
#define __ASSUME_O_CLOEXEC 1
#define __ASSUME_ACCEPT4 1 #define __ASSUME_ACCEPT4 1

2
sysdeps/nacl/kernel-features.h
View File

@ -20,8 +20,6 @@
Almost none of these are used outside of sysdeps/unix/sysv/linux code. Almost none of these are used outside of sysdeps/unix/sysv/linux code.
But those referring to POSIX-level features like O_* flags can be. */ But those referring to POSIX-level features like O_* flags can be. */
#define __ASSUME_O_CLOEXEC 1
/* /*
#define __ASSUME_ACCEPT4 1 #define __ASSUME_ACCEPT4 1
*/ */

8
sysdeps/posix/getcwd.c
View File

@ -281,13 +281,7 @@ __getcwd (char *buf, size_t size)
while (!(thisdev == rootdev && thisino == rootino)) while (!(thisdev == rootdev && thisino == rootino))
{ {
if (__have_atfcts >= 0) if (__have_atfcts >= 0)
{ fd = openat64_not_cancel_3 (fd, "..", O_RDONLY | O_CLOEXEC);
int mode = O_RDONLY;
#ifdef O_CLOEXEC
mode |= O_CLOEXEC;
#endif
fd = openat64_not_cancel_3 (fd, "..", mode);
}
else else
fd = -1; fd = -1;
if (fd >= 0) if (fd >= 0)

47
sysdeps/posix/opendir.c
View File

@ -81,6 +81,9 @@ tryopen_o_directory (void)
# define EXTRA_FLAGS 0 # define EXTRA_FLAGS 0
#endif #endif
enum {
opendir_oflags = O_RDONLY|O_NDELAY|EXTRA_FLAGS|O_LARGEFILE|O_CLOEXEC
};
static bool static bool
invalid_name (const char *name) invalid_name (const char *name)
@ -110,18 +113,6 @@ need_isdir_precheck (void)
return true; return true;
} }
static int
opendir_oflags (void)
{
int flags = O_RDONLY|O_NDELAY|EXTRA_FLAGS|O_LARGEFILE;
#ifdef O_CLOEXEC
flags |= O_CLOEXEC;
#endif
return flags;
}
static DIR * static DIR *
opendir_tail (int fd) opendir_tail (int fd)
{ {
@ -170,7 +161,7 @@ __opendirat (int dfd, const char *name)
} }
} }
return opendir_tail (openat_not_cancel_3 (dfd, name, opendir_oflags ())); return opendir_tail (openat_not_cancel_3 (dfd, name, opendir_oflags));
} }
#endif #endif
@ -197,39 +188,19 @@ __opendir (const char *name)
} }
} }
return opendir_tail (open_not_cancel_2 (name, opendir_oflags ())); return opendir_tail (open_not_cancel_2 (name, opendir_oflags));
} }
weak_alias (__opendir, opendir) weak_alias (__opendir, opendir)
#ifdef __ASSUME_O_CLOEXEC
# define check_have_o_cloexec(fd) 1
#else
static int
check_have_o_cloexec (int fd)
{
if (__have_o_cloexec == 0)
__have_o_cloexec = (__fcntl (fd, F_GETFD, 0) & FD_CLOEXEC) == 0 ? -1 : 1;
return __have_o_cloexec > 0;
}
#endif
DIR * DIR *
internal_function internal_function
__alloc_dir (int fd, bool close_fd, int flags, const struct stat64 *statp) __alloc_dir (int fd, bool close_fd, int flags, const struct stat64 *statp)
{ {
/* We always have to set the close-on-exit flag if the user provided /* We have to set the close-on-exit flag if the user provided the
the file descriptor. Otherwise only if we have no working file descriptor. */
O_CLOEXEC support. */ if (!close_fd
#ifdef O_CLOEXEC && __builtin_expect (__fcntl (fd, F_SETFD, FD_CLOEXEC), 0) < 0)
if ((! close_fd && (flags & O_CLOEXEC) == 0)
|| ! check_have_o_cloexec (fd))
#endif
{
if (__builtin_expect (__fcntl (fd, F_SETFD, FD_CLOEXEC), 0) < 0)
goto lose; goto lose;
}
const size_t default_allocation = (4 * BUFSIZ < sizeof (struct dirent64) const size_t default_allocation = (4 * BUFSIZ < sizeof (struct dirent64)
? sizeof (struct dirent64) : 4 * BUFSIZ); ? sizeof (struct dirent64) : 4 * BUFSIZ);

28
sysdeps/posix/shm_open.c
View File

@ -34,10 +34,7 @@ shm_open (const char *name, int oflag, mode_t mode)
{ {
SHM_GET_NAME (EINVAL, -1, ""); SHM_GET_NAME (EINVAL, -1, "");
oflag |= O_NOFOLLOW; oflag |= O_NOFOLLOW | O_CLOEXEC;
# ifdef O_CLOEXEC
oflag |= O_CLOEXEC;
# endif
/* Disable asynchronous cancellation. */ /* Disable asynchronous cancellation. */
int state; int state;
@ -50,29 +47,6 @@ shm_open (const char *name, int oflag, mode_t mode)
object names and the standard does not mention EISDIR. */ object names and the standard does not mention EISDIR. */
__set_errno (EINVAL); __set_errno (EINVAL);
# ifndef O_CLOEXEC
if (fd != -1)
{
/* We got a descriptor. Now set the FD_CLOEXEC bit. */
int flags = fcntl (fd, F_GETFD, 0);
if (__glibc_likely (flags != -1))
{
flags |= FD_CLOEXEC;
flags = fcntl (fd, F_SETFD, flags);
}
if (flags == -1)
{
/* Something went wrong. We cannot return the descriptor. */
int save_errno = errno;
close (fd);
fd = -1;
__set_errno (save_errno);
}
}
# endif
pthread_setcancelstate (state, NULL); pthread_setcancelstate (state, NULL);
return fd; return fd;

4
sysdeps/unix/sysv/linux/kernel-features.h
View File

@ -67,10 +67,6 @@
/* Support for private futexes was added in 2.6.22. */ /* Support for private futexes was added in 2.6.22. */
#define __ASSUME_PRIVATE_FUTEX 1 #define __ASSUME_PRIVATE_FUTEX 1
/* Support for various CLOEXEC and NONBLOCK flags was added in
2.6.23. */
#define __ASSUME_O_CLOEXEC 1
/* Support for various CLOEXEC and NONBLOCK flags was added in /* Support for various CLOEXEC and NONBLOCK flags was added in
2.6.27. */ 2.6.27. */
#define __ASSUME_IN_NONBLOCK 1 #define __ASSUME_IN_NONBLOCK 1