lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <45111.76.180.38.217.1181288832.squirrel@vpn.merrillpress.com>
Date:	Fri, 8 Jun 2007 03:47:12 -0400 (EDT)
From:	"Daniel Colascione" <danc@...rillpress.com>
To:	linux-kernel@...r.kernel.org
Subject: O_CLOEXEC: An alternate proposal

Hey, this is my first post to linux-kernel, so please be kind. :-)

Linus Torvalds wrote on May 31:
> I'm with Uli on this one. "Stateful" stuff is bad. It's essentially
> impossible to handle with libraries - either the library would have to
> explciitly always turn the state the way _it_ needs it, or the library
> will do the wrogn thing.

I agree that stateful stuff is generally not very elegant,
but I think it's a win here -- we wouldn't have to create any
new APIs except for the state-setting stuff.

The state just has to be thread-local.

If it's thread-local, a library, say, glibc,
can use code like this:

  /* Internal library function */
  old_fd_flags = kernel_default_fd_flags(FD_CLOEXEC | FD_RANDFD);
  event_fd = super_duper_event_polling_mechanism_fd();
  kernel_default_fd_flags(old_fd_flags);

I think that's a lot cleaner than augmenting every
present and future fd-creating syscall to take some kind
of flags parameter and adding some kind of funny dup().

Other threads, and the caller of this function in the same thread,
aren't even aware that the library is changing any state. It's
race-free, since the default flags wouldn't be inherited across clone()
or exec(). It's still POSIX compliant too as long as the default
flags set remains empty.

The only disadvantage I can think of is that it requires three
system calls instead of one, but most of your time is going to be spent
working with event_fd, not creating it.

Also, what about an FD_CLOFORK as well? That seems to match
more closely what you'd want out of a library-internal FD than
FD_CLOEXEC.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ