In some cases this replaces an FD_CLOEXEC dance, in others it is new.
Linux has had O_CLOEXEC since 2.6.23 (October 2007), so we can rely on
it from Xen 4.7 I think. Some libc headers may still lack the
definition, so we take care of that if need be by defining to 0 (on
the premise that such an old glibc might barf on O_CLOEXEC even if the
kernel may or may not be so old).
All stable versions of FreeBSD support O_CLOEXEC (10.2, 9.3 and 8.4),
and we assume the libc there does too.
Remove various comments about having to take responsibility for this
(since really it is just hygiene, politeness, not a requirement) and
the reasons for using O_CLOEXEC seem pretty straightforward.
Backends for other OSes are untouched.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
Cc: Roger.Pau@citrix.com
Cc: jbeulich@suse.com
int osdep_xencall_open(xencall_handle *xcall)
{
- int flags, saved_errno;
- int fd = open(PRIVCMD_DEV, O_RDWR);
+ int saved_errno;
+ int fd = open(PRIVCMD_DEV, O_RDWR|O_CLOEXEC);
+
+ /*
+ * This file descriptor is opaque to the caller, thus we are
+ * polite and try and ensure it doesn't propagate (ie leak)
+ * outside the process, by using O_CLOEXEC.
+ */
if ( fd == -1 )
{
return -1;
}
- /*
- * Although we return the file handle as the 'xc handle' the API
- * does not specify / guarentee that this integer is in fact
- * a file handle. Thus we must take responsiblity to ensure
- * it doesn't propagate (ie leak) outside the process.
- */
- if ( (flags = fcntl(fd, F_GETFD)) < 0 )
- {
- PERROR("Could not get file handle flags");
- goto error;
- }
-
- flags |= FD_CLOEXEC;
-
- if ( fcntl(fd, F_SETFD, flags) < 0 )
- {
- PERROR("Could not set file handle flags");
- goto error;
- }
-
xcall->fd = fd;
return 0;
#include "private.h"
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 0
+#endif
+
int osdep_xencall_open(xencall_handle *xcall)
{
- int flags, saved_errno;
- int fd = open("/dev/xen/privcmd", O_RDWR); /* prefer this newer interface */
+ int fd;
+
+ /*
+ * Prefer the newer interface.
+ */
+ fd = open("/dev/xen/privcmd", O_RDWR|O_CLOEXEC);
if ( fd == -1 && ( errno == ENOENT || errno == ENXIO || errno == ENODEV ))
{
/* Fallback to /proc/xen/privcmd */
- fd = open("/proc/xen/privcmd", O_RDWR);
+ fd = open("/proc/xen/privcmd", O_RDWR|O_CLOEXEC);
}
if ( fd == -1 )
return -1;
}
- /* Although we return the file handle as the 'xc handle' the API
- does not specify / guarentee that this integer is in fact
- a file handle. Thus we must take responsiblity to ensure
- it doesn't propagate (ie leak) outside the process */
- if ( (flags = fcntl(fd, F_GETFD)) < 0 )
- {
- PERROR("Could not get file handle flags");
- goto error;
- }
-
- flags |= FD_CLOEXEC;
-
- if ( fcntl(fd, F_SETFD, flags) < 0 )
- {
- PERROR("Could not set file handle flags");
- goto error;
- }
-
xcall->fd = fd;
return 0;
-
- error:
- saved_errno = errno;
- close(fd);
- errno = saved_errno;
- return -1;
}
int osdep_xencall_close(xencall_handle *xcall)
int osdep_evtchn_open(xenevtchn_handle *xce)
{
- int fd = open(EVTCHN_DEV, O_RDWR);
+ int fd = open(EVTCHN_DEV, O_RDWR|O_CLOEXEC);
if ( fd == -1 )
return -1;
xce->fd = fd;
#include "private.h"
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 0
+#endif
+
int osdep_evtchn_open(xenevtchn_handle *xce)
{
- int fd = open("/dev/xen/evtchn", O_RDWR);
+ int fd = open("/dev/xen/evtchn", O_RDWR|O_CLOEXEC);
if ( fd == -1 )
return -1;
xce->fd = fd;
int osdep_xenforeignmemory_open(xenforeignmemory_handle *fmem)
{
- int flags, saved_errno;
- int fd = open(PRIVCMD_DEV, O_RDWR);
+ int saved_errno;
+ int fd = open(PRIVCMD_DEV, O_RDWR|O_CLOEXEC);
if ( fd == -1 )
{
return -1;
}
- /*
- * Although we return the file handle as the 'xc handle' the API
- * does not specify / guarentee that this integer is in fact
- * a file handle. Thus we must take responsiblity to ensure
- * it doesn't propagate (ie leak) outside the process.
- */
- if ( (flags = fcntl(fd, F_GETFD)) < 0 )
- {
- PERROR("Could not get file handle flags");
- goto error;
- }
-
- flags |= FD_CLOEXEC;
-
- if ( fcntl(fd, F_SETFD, flags) < 0 )
- {
- PERROR("Could not set file handle flags");
- goto error;
- }
-
fmem->fd = fd;
return 0;
#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1))
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 0
+#endif
+
int osdep_xenforeignmemory_open(xenforeignmemory_handle *fmem)
{
- int flags, saved_errno;
- int fd = open("/dev/xen/privcmd", O_RDWR); /* prefer this newer interface */
+ int fd;
+
+ /* prefer this newer interface */
+ fd = open("/dev/xen/privcmd", O_RDWR|O_CLOEXEC);
if ( fd == -1 && ( errno == ENOENT || errno == ENXIO || errno == ENODEV ))
{
/* Fallback to /proc/xen/privcmd */
- fd = open("/proc/xen/privcmd", O_RDWR);
+ fd = open("/proc/xen/privcmd", O_RDWR|O_CLOEXEC);
}
if ( fd == -1 )
return -1;
}
- /* Although we return the file handle as the 'xc handle' the API
- does not specify / guarentee that this integer is in fact
- a file handle. Thus we must take responsiblity to ensure
- it doesn't propagate (ie leak) outside the process */
- if ( (flags = fcntl(fd, F_GETFD)) < 0 )
- {
- PERROR("Could not get file handle flags");
- goto error;
- }
-
- flags |= FD_CLOEXEC;
-
- if ( fcntl(fd, F_SETFD, flags) < 0 )
- {
- PERROR("Could not set file handle flags");
- goto error;
- }
-
fmem->fd = fd;
return 0;
-
- error:
- saved_errno = errno;
- close(fd);
- errno = saved_errno;
- return -1;
}
int osdep_xenforeignmemory_close(xenforeignmemory_handle *fmem)
#define PAGE_SIZE (1UL << PAGE_SHIFT)
#define PAGE_MASK (~(PAGE_SIZE-1))
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 0
+#endif
+
int osdep_gnttab_open(xengnttab_handle *xgt)
{
- int fd = open(DEVXEN "gntdev", O_RDWR);
+ int fd = open(DEVXEN "gntdev", O_RDWR|O_CLOEXEC);
if ( fd == -1 )
return -1;
xgt->fd = fd;
projects / people / liuw / libxenctrl-split / xen.git / commitdiff