1 .\" Copyright (c) 2020 Stephen Kitt <steve@sk2.org>
2 .\" and Copyright (c) 2021 Michael Kerrisk <mtk.manpages@gmail.com>
4 .\" SPDX-License-Identifier: Linux-man-pages-copyleft
6 .TH close_range 2 (date) "Linux man-pages (unreleased)"
8 close_range \- close all file descriptors in a given range
11 .RI ( libc ", " \-lc )
14 .B #include <linux/close_range.h>
16 .BI "int close_range(unsigned int " first ", unsigned int " last ,
17 .BI " unsigned int " flags );
22 system call closes all open file descriptors from
28 Errors closing a given file descriptor are currently ignored.
31 is a bit mask containing 0 or more of the following:
33 .BR CLOSE_RANGE_CLOEXEC " (since Linux 5.11)"
34 Set the close-on-exec flag on the specified file descriptors,
35 rather than immediately closing them.
37 .B CLOSE_RANGE_UNSHARE
38 Unshare the specified file descriptors from any other processes
40 avoiding races with other threads sharing the file descriptor table.
45 On error, \-1 is returned and
47 is set to indicate the error.
57 The following can occur with
58 .B CLOSE_RANGE_UNSHARE
59 (when constructing the new descriptor table):
62 The number of open file descriptors exceeds the limit specified in
63 .I /proc/sys/fs/nr_open
66 This error can occur in situations where that limit was lowered before
70 .B CLOSE_RANGE_UNSHARE
74 Insufficient kernel memory was available.
82 .SS Closing all open file descriptors
83 .\" 278a5fbaed89dacd04e9d052f4594ffd0e0585de
84 To avoid blindly closing file descriptors
85 in the range of possible file descriptors,
86 this is sometimes implemented (on Linux)
87 by listing open file descriptors in
93 can take care of this without requiring
95 and within a single system call,
96 which provides significant performance benefits.
97 .SS Closing file descriptors before exec
98 .\" 60997c3d45d9a67daf01c56d805ae4fec37e0bd8
99 File descriptors can be closed safely using
103 /* we don't want anything past stderr here */
104 close_range(3, \[ti]0U, CLOSE_RANGE_UNSHARE);
109 .B CLOSE_RANGE_UNSHARE
110 is conceptually equivalent to
114 unshare(CLONE_FILES);
115 close_range(first, last, 0);
119 but can be more efficient:
120 if the unshared range extends past
121 the current maximum number of file descriptors allocated
122 in the caller's file descriptor table
123 (the common case when
126 the kernel will unshare a new file descriptor table for the caller up to
128 copying as few file descriptors as possible.
129 This avoids subsequent
132 the whole operation is complete once the table is unshared.
133 .SS Closing files on \fBexec\fP
134 .\" 582f1fb6b721facf04848d2ca57f34468da1813e
135 This is particularly useful in cases where multiple
137 setup steps risk conflicting with each other.
138 For example, setting up a
140 profile can conflict with a
143 if the file descriptors are closed before the
146 the profile setup can't use them itself,
147 or control their closure;
148 if the file descriptors are closed afterwards,
149 the seccomp profile can't block the
151 call or any fallbacks.
153 .B CLOSE_RANGE_CLOEXEC
155 the descriptors can be marked before the
158 and the profile can control access to
160 without affecting the calling process.
162 The program shown below opens the files named in its command-line arguments,
163 displays the list of files that it has opened
164 (by iterating through the entries in
168 to close all file descriptors greater than or equal to 3,
169 and then once more displays the process's list of open files.
170 The following example demonstrates the use of the program:
174 $ \fBtouch /tmp/a /tmp/b /tmp/c\fP
175 $ \fB./a.out /tmp/a /tmp/b /tmp/c\fP
176 /tmp/a opened as FD 3
177 /tmp/b opened as FD 4
178 /tmp/c opened as FD 5
179 /proc/self/fd/0 ==> /dev/pts/1
180 /proc/self/fd/1 ==> /dev/pts/1
181 /proc/self/fd/2 ==> /dev/pts/1
182 /proc/self/fd/3 ==> /tmp/a
183 /proc/self/fd/4 ==> /tmp/b
184 /proc/self/fd/5 ==> /tmp/b
185 /proc/self/fd/6 ==> /proc/9005/fd
186 ========= About to call close_range() =======
187 /proc/self/fd/0 ==> /dev/pts/1
188 /proc/self/fd/1 ==> /dev/pts/1
189 /proc/self/fd/2 ==> /dev/pts/1
190 /proc/self/fd/3 ==> /proc/9005/fd
194 Note that the lines showing the pathname
196 result from the calls to
200 .\" SRC BEGIN (close_range.c)
208 #include <sys/syscall.h>
211 /* Show the contents of the symbolic links in /proc/self/fd */
217 char path[PATH_MAX], target[PATH_MAX];
221 dirp = opendir("/proc/self/fd");
232 if (dp\->d_type == DT_LNK) {
233 snprintf(path, sizeof(path), "/proc/self/fd/%s",
236 len = readlink(path, target, sizeof(target));
237 printf("%s ==> %.*s\en", path, (int) len, target);
245 main(int argc, char *argv[])
249 for (size_t j = 1; j < argc; j++) {
250 fd = open(argv[j], O_RDONLY);
255 printf("%s opened as FD %d\en", argv[j], fd);
260 printf("========= About to call close_range() =======\en");
262 if (syscall(SYS_close_range, 3, \[ti]0U, 0) == \-1) {
263 perror("close_range");