summaryrefslogtreecommitdiff
path: root/src/basic/fd-util.h
Commit message (Collapse)AuthorAgeFilesLines
* fd-util: add ASSERT_FD() that is similar to ASSERT_PTR() but for fdsLennart Poettering2023-04-241-0/+8
|
* fd-util: introduce dir_fd_is_root_or_cwd()Yu Watanabe2023-04-051-0/+4
|
* fd-util: add helper for converting O_RDONLY/WRONLY/RDWR to stringsLennart Poettering2023-03-291-0/+2
|
* fd-util: Add dir_fd_is_root()Daan De Meyer2023-03-151-0/+2
|
* fd-util: move ACQUIRE_NO_XYZ flags to the header the function using them is inLennart Poettering2023-03-091-8/+0
| | | | Follow-up for: b25a930f0e2ebe77bc8b0f0acfac8a3b27ef1f0a
* fd-util: introduce a simple helper to check a file descriptor has O_PATHYu Watanabe2023-02-171-0/+1
|
* Consolidate various TAKE_* into TAKE_GENERIC(), add TAKE_STRUCT()Dan Streetman2023-01-241-8/+2
|
* tree-wide: use -EBADF moreYu Watanabe2022-12-211-3/+3
|
* tree-wide: introduce PIPE_EBADF macroYu Watanabe2022-12-201-0/+1
|
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-191-1/+1
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* fd-util: add new helper fd_reopen_conditional()Lennart Poettering2022-11-291-0/+1
| | | | | | | | | This is a wrapper around fd_reopen() that will reopen an fd if the F_GETFL flags indicate this is necessary, and otherwise not. This is useful for various utility calls that shall be able to operate on O_PATH and without it, and might need to convert between the two depending on what's passed in.
* fd-util: add new fd_cloexec_many() helperLennart Poettering2022-11-041-0/+1
|
* btrfs-util: move btrfs_defrag_fd() from fd-util.[ch]Yu Watanabe2022-10-251-1/+0
| | | | | | After d71ece3f0b85c7a3decc50143b68ac07fc5831ae, the function is not used in libbasic or libsystemd anymore. Let's move it to more appropriate place.
* fd-util: rename CLOSE_AND_REPLACE() -> close_and_replace()Yu Watanabe2022-09-171-1/+1
| | | | | | | | We have free_and_replace() and friends, they are all named with lower letters, even they are macros, not functions. For consistency, let's rename CLOSE_AND_REPLACE() with lower letters. This also mekes the macro used more places.
* fd-util: rename loop_get_diskseq() -> fd_get_diskseq()Yu Watanabe2022-04-011-0/+1
| | | | And move it from loop-util.[ch] -> fd-util.[ch]
* fd-util: make TAKE_FD free of double evaluationLennart Poettering2021-11-031-3/+4
| | | | Better be safe than sorry.
* fd-util: export get_max_fd() so that we can use it in testsLennart Poettering2021-10-271-0/+2
|
* fd-util: split out inner fallback loop of close_all_fds() as ↵Lennart Poettering2021-10-271-0/+1
| | | | close_all_fds_without_malloc()
* Revert "basic/fd-util: sort the 'except' array in place"Lennart Poettering2021-10-271-1/+1
| | | | This reverts commit 9c46228b7deb53d6384545535b37b2844a102b2b.
* Revert "Add variant of close_all_fds() that does not allocate and use it in ↵Lennart Poettering2021-10-271-4/+1
| | | | | | freeze()" This reverts commit cbcf371abc328167fa869721c1add4850c793240.
* fd-util: add macro for generating /proc/self/fd/ paths on the flyLennart Poettering2021-08-191-1/+15
|
* Add variant of close_all_fds() that does not allocate and use it in freeze()Zbigniew Jędrzejewski-Szmek2021-07-231-1/+4
| | | | | | | | | | | | Even though it's just a fallback path, let's not be sloppy and allocate in the crash handler. > The deadlock happens because systemd crash in malloc() then in signal > handler, it calls malloc() (close_all_fds()-> opendir()-> __alloc_dir()) > again. malloc() is not a signal-safe function, maybe we should re-think > the logic here. Fixes #20266.
* basic/fd-util: sort the 'except' array in placeZbigniew Jędrzejewski-Szmek2021-07-231-1/+1
| | | | | | | | | | | | | | We need a sorted list of fds to skip over when closing. We would allocate a copy of the passed array to do the sort. But all callers construct a temporary array to pass to us, so it is pointless to copy it again. close_all_fds/safe_fork_full/namespace_fork/fork_agent are changed to pass a non-const int array. I checked all users, and all callers are fine with the array being sorted. The function was returning some number (sometimes 1, sometimes the extent of the range passed over to close_range(), ???). Anyway, all callers only check for error, so let's return 0 on success.
* basic: move acquire_data_fd() and fd_duplicate_data_fd() to new data-fd-util.cZbigniew Jędrzejewski-Szmek2021-06-241-4/+0
| | | | | | | | | | | fd_duplicate_data_fd() is renamed to copy_data_fd(). This makes the two functions have nicely similar names. Now fd-util.[ch] is again about low-level file descriptor manipulations. copy_data_fd() is a complex function that internally wraps the other functions in copy.c. I want to move copy.c and the whole cluster of related code from basic/ to shared/ later on, and this is a preparatory step for that.
* basic: drop one btrfs-related function and move anotherZbigniew Jędrzejewski-Szmek2021-06-241-1/+1
| | | | | This will become useful later, it is the first step to moving btrfs-util.[ch] out of src/basic/.
* fd-util: introduce FDNAME_MAXYu Watanabe2021-05-121-0/+3
|
* tree-wide: reset the cleaned-up variable in cleanup functionsZbigniew Jędrzejewski-Szmek2021-02-161-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the cleanup function returns the appropriate type, use that to reset the variable. For other functions (usually the foreign ones which return void), add an explicit value to reset to. This causes a bit of code churn, but I think it might be worth it. In a following patch static destructors will be called from a fuzzer, and this change allows them to be called multiple times. But I think such a change might help with detecting unitialized code reuse too. We hit various bugs like this, and things are more obvious when a pointer has been set to NULL. I was worried whether this change increases text size, but it doesn't seem to: -Dbuildtype=debug: before "tree-wide: return NULL from freeing functions": -rwxrwxr-x 1 zbyszek zbyszek 4117672 Feb 16 14:36 build/libsystemd.so.0.30.0* -rwxrwxr-x 1 zbyszek zbyszek 4494520 Feb 16 15:06 build/systemd* after "tree-wide: return NULL from freeing functions": -rwxrwxr-x 1 zbyszek zbyszek 4117672 Feb 16 14:36 build/libsystemd.so.0.30.0* -rwxrwxr-x 1 zbyszek zbyszek 4494576 Feb 16 15:10 build/systemd* now: -rwxrwxr-x 1 zbyszek zbyszek 4117672 Feb 16 14:36 build/libsystemd.so.0.30.0* -rwxrwxr-x 1 zbyszek zbyszek 4494640 Feb 16 15:15 build/systemd* -Dbuildtype=release: before "tree-wide: return NULL from freeing functions": -rwxrwxr-x 1 zbyszek zbyszek 5252256 Feb 14 14:47 build-rawhide/libsystemd.so.0.30.0* -rwxrwxr-x 1 zbyszek zbyszek 1834184 Feb 16 15:09 build-rawhide/systemd* after "tree-wide: return NULL from freeing functions": -rwxrwxr-x 1 zbyszek zbyszek 5252256 Feb 14 14:47 build-rawhide/libsystemd.so.0.30.0* -rwxrwxr-x 1 zbyszek zbyszek 1834184 Feb 16 15:10 build-rawhide/systemd* now: -rwxrwxr-x 1 zbyszek zbyszek 5252256 Feb 14 14:47 build-rawhide/libsystemd.so.0.30.0* -rwxrwxr-x 1 zbyszek zbyszek 1834184 Feb 16 15:16 build-rawhide/systemd* I would expect that the compiler would be able to elide the setting of a variable if the variable is never used again. And this seems to be the case: in optimized builds there is no change in size whatsoever. And the change in size in unoptimized build is negligible. Something strange is happening with size of libsystemd: it's bigger in optimized builds. Something to figure out, but unrelated to this patch.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* Add CLOSE_AND_REPLACE helperZbigniew Jędrzejewski-Szmek2020-09-181-0/+10
| | | | | | Similar to free_and_replace. I think this should be uppercase to make it clear that this is a macro. free_and_replace should probably be uppercased too.
* util: move ERRNO_IS_xyz macros to errno-util.hLennart Poettering2019-03-191-12/+0
| | | | It's where they fit much better.
* fd-util: beef up ERRNO_IS_xyz() macros a bitLennart Poettering2019-03-191-2/+2
| | | | | Let's implicit drop the negation if there is one, to simplify things a bit, similar how we do it in log_xyz()...
* tree-wide: use c99 static for array size declarationsZbigniew Jędrzejewski-Szmek2019-01-041-1/+1
| | | | | | | | | | | | | | | | https://hamberg.no/erlend/posts/2013-02-18-static-array-indices.html This only works with clang, unfortunately gcc doesn't seem to implement the check (tested with gcc-8.2.1-5.fc29.x86_64). Simulated error: [2/3] Compiling C object 'systemd-nspawn@exe/src_nspawn_nspawn.c.o'. ../src/nspawn/nspawn.c:3179:45: warning: array argument is too small; contains 15 elements, callee requires at least 16 [-Warray-bounds] candidate = (uid_t) siphash24(arg_machine, strlen(arg_machine), hash_key); ^ ~~~~~~~~ ../src/basic/siphash24.h:24:64: note: callee declares array parameter as static here uint64_t siphash24(const void *in, size_t inlen, const uint8_t k[static 16]); ^~~~~~~~~~~~
* resolve: treat some icmp errors as disconnectedYu Watanabe2018-08-061-2/+6
| | | | Fixes #9773.
* tree-wide: remove Lennart's copyright linesLennart Poettering2018-06-141-4/+0
| | | | | | | | | | | These lines are generally out-of-date, incomplete and unnecessary. With SPDX and git repository much more accurate and fine grained information about licensing and authorship is available, hence let's drop the per-file copyright notice. Of course, removing copyright lines of others is problematic, hence this commit only removes my own lines and leaves all others untouched. It might be nicer if sooner or later those could go away too, making git the only and accurate source of authorship information.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* main: split out reading of /proc/sys/fs/nr_open into its own functionLennart Poettering2018-06-061-0/+2
| | | | | This doesn't really reduce the code size over all, but it does make main.c shorter and more readable, and that's always a good thing.
* fd-util: add new helper call fd_duplicate_data_fd()Lennart Poettering2018-05-241-0/+2
| | | | | | | | | | | | This call creates an fd from another fd containing the same data. Specifically, repeated read() on the returned fd should return the same data as the original fd. This call is useful when we want to copy data out of disk images and suchlike, and want to be pass fds with the data around without having to keep the disk image continously mounted. The implementation tries to be somewhat smart and tries to prefer memfds/pipes over files in /tmp or /var/tmp based on the size of the data, but has appropropriate fallbacks in place.
* tree-wide: be more careful with the type of array sizesLennart Poettering2018-04-271-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously we were a bit sloppy with the index and size types of arrays, we'd regularly use unsigned. While I don't think this ever resulted in real issues I think we should be more careful there and follow a stricter regime: unless there's a strong reason not to use size_t for array sizes and indexes, size_t it should be. Any allocations we do ultimately will use size_t anyway, and converting forth and back between unsigned and size_t will always be a source of problems. Note that on 32bit machines "unsigned" and "size_t" are equivalent, and on 64bit machines our arrays shouldn't grow that large anyway, and if they do we have a problem, however that kind of overly large allocation we have protections for usually, but for overflows we do not have that so much, hence let's add it. So yeah, it's a story of the current code being already "good enough", but I think some extra type hygiene is better. This patch tries to be comprehensive, but it probably isn't and I missed a few cases. But I guess we can cover that later as we notice it. Among smaller fixes, this changes: 1. strv_length()' return type becomes size_t 2. the unit file changes array size becomes size_t 3. DNS answer and query array sizes become size_t Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* Merge pull request #8617 from keszybz/tmpfiles-relaxLennart Poettering2018-04-051-0/+4
|\ | | | | Do not exit with error when systemd-tmpfiles --boot fails
| * tmpfiles: add a new return code for "operational failure" when processingZbigniew Jędrzejewski-Szmek2018-04-051-0/+4
| | | | | | | | | | | | | | | | Things can fail, and we have no control over it: - file system issues (immutable bits, file system errors, MAC refusals, etc) - kernel refusing certain arguments when writing to /proc/sys or /sys Let's add a new code for the case where we parsed configuration but failed to execute it because of external errors.
* | fd-util: introduce fd_reopen() helper for reopening an fdLennart Poettering2018-03-291-0/+2
|/ | | | | | We have the same code for this in place at various locations, let's unify that. Also, let's repurpose test-fs-util.c as a test for this new helper cal..
* macro: introduce new TAKE_FD() macroLennart Poettering2018-03-221-0/+8
| | | | | | | This is similar to TAKE_PTR() but operates on file descriptors, and thus assigns -1 to the fd parameter after returning it. Removes 60 lines from our codebase. Pretty good too I think.
* fd-util: drop stdio_unset_cloexec(), it's not used anymoreLennart Poettering2018-03-021-1/+0
|
* terminal-util: port some generic code over to rearrange_stdio()Lennart Poettering2018-03-021-0/+4
|
* fd-util: add new call rearrange_stdio()Lennart Poettering2018-03-021-0/+2
| | | | | | | | | | | | | | | | | | | Quite often we need to set up a number of fds as stdin/stdout/stderr of a process we are about to start. Add a generic implementation for a routine doing that that takes care to do so properly: 1. Can handle the case where stdin/stdout/stderr where previously closed, and the fds to set as stdin/stdout/stderr hence likely in the 0..2 range. handling this properly is nasty, since we need to first move the fds out of this range in order to later move them back in, to make things fully robust. 2. Can optionally open /dev/null in case for one or more of the fds, in a smart way, sharing the open file if possible between multiple of the fds. 3. Guarantees that O_CLOEXEC is not set on the three fds, even if the fds already were in the 0..2 range and hence possibly weren't moved.
* util: add new safe_close_above_stdio() wrapperLennart Poettering2018-02-281-0/+7
| | | | | | At various places we only want to close fds if they are not stdin/stdout/stderr, i.e. fds 0, 1, 2. Let's add a unified helper call for that, and port everything over.
* fd-util: move certain fds above fd #2 (#8129)Lennart Poettering2018-02-091-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds some paranoia code that moves some of the fds we allocate for longer periods of times to fds > 2 if they are allocated below this boundary. This is a paranoid safety thing, in order to avoid that external code might end up erroneously use our fds under the assumption they were valid stdin/stdout/stderr. Think: some app closes stdin/stdout/stderr and then invokes 'fprintf(stderr, …' which causes writes on our fds. This both adds the helper to do the moving as well as ports over a number of users to this new logic. Since we don't want to litter all our code with invocations of this I tried to strictly focus on fds we keep open for long periods of times only and only in code that is frequently loaded into foreign programs (under the assumptions that in our own codebase we are smart enough to always keep stdin/stdout/stderr allocated to avoid this pitfall). Specifically this means all code used by NSS and our sd-xyz API: 1. our logging APIs 2. sd-event 3. sd-bus 4. sd-resolve 5. sd-netlink This changed was inspired by this: https://github.com/systemd/systemd/issues/8075#issuecomment-363689755 This shows that apparently IRL there are programs that do close stdin/stdout/stderr, and we should accomodate for that. Note that this won't fix any bugs, this just makes sure that buggy programs are less likely to interfere with out own code.
* Merge pull request #7198 from poettering/stdin-stdoutLennart Poettering2017-11-191-0/+12
|\ | | | | Add StandardInput=data, StandardInput=file:... and more
| * fd-util: add new acquire_data_fd() API helperLennart Poettering2017-11-171-0/+10
| | | | | | | | | | | | | | | | | | All this function does is place some data in an in-memory read-only fd, that may be read back to get the original data back. Doing this in a way that works everywhere, given the different kernels we support as well as different privilege levels is surprisingly complex.
View Lorry Controller Status