src/basic/fd-util.c

   1 /***
   2   This file is part of systemd.
   3
   4   Copyright 2010 Lennart Poettering
   5
   6   systemd is free software; you can redistribute it and/or modify it
   7   under the terms of the GNU Lesser General Public License as published by
   8   the Free Software Foundation; either version 2.1 of the License, or
   9   (at your option) any later version.
  10
  11   systemd is distributed in the hope that it will be useful, but
  12   WITHOUT ANY WARRANTY; without even the implied warranty of
  13   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14   Lesser General Public License for more details.
  15
  16   You should have received a copy of the GNU Lesser General Public License
  17   along with systemd; If not, see <http://www.gnu.org/licenses/>.
  18 ***/
  19
  20 #include <errno.h>
  21 #include <fcntl.h>
  22 #include <sys/resource.h>
  23 #include <sys/socket.h>
  24 #include <sys/stat.h>
  25 #include <unistd.h>
  26
  27 #include "dirent-util.h"
  28 #include "fd-util.h"
  29 #include "fs-util.h"
  30 #include "macro.h"
  31 #include "missing.h"
  32 #include "parse-util.h"
  33 #include "path-util.h"
  34 #include "process-util.h"
  35 #include "socket-util.h"
  36 #include "stdio-util.h"
  37 #include "util.h"
  38
  39 int close_nointr(int fd) {
  40         assert(fd >= 0);
  41
  42         if (close(fd) >= 0)
  43                 return 0;
  44
  45         /*
  46          * Just ignore EINTR; a retry loop is the wrong thing to do on
  47          * Linux.
  48          *
  49          * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
  50          * https://bugzilla.gnome.org/show_bug.cgi?id=682819
  51          * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
  52          * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
  53          */
  54         if (errno == EINTR)
  55                 return 0;
  56
  57         return -errno;
  58 }
  59
  60 int safe_close(int fd) {
  61
  62         /*
  63          * Like close_nointr() but cannot fail. Guarantees errno is
  64          * unchanged. Is a NOP with negative fds passed, and returns
  65          * -1, so that it can be used in this syntax:
  66          *
  67          * fd = safe_close(fd);
  68          */
  69
  70         if (fd >= 0) {
  71                 PROTECT_ERRNO;
  72
  73                 /* The kernel might return pretty much any error code
  74                  * via close(), but the fd will be closed anyway. The
  75                  * only condition we want to check for here is whether
  76                  * the fd was invalid at all... */
  77
  78                 assert_se(close_nointr(fd) != -EBADF);
  79         }
  80
  81         return -1;
  82 }
  83
  84 void safe_close_pair(int p[]) {
  85         assert(p);
  86
  87         if (p[0] == p[1]) {
  88                 /* Special case pairs which use the same fd in both
  89                  * directions... */
  90                 p[0] = p[1] = safe_close(p[0]);
  91                 return;
  92         }
  93
  94         p[0] = safe_close(p[0]);
  95         p[1] = safe_close(p[1]);
  96 }
  97
  98 void close_many(const int fds[], unsigned n_fd) {
  99         unsigned i;
 100
 101         assert(fds || n_fd <= 0);
 102
 103         for (i = 0; i < n_fd; i++)
 104                 safe_close(fds[i]);
 105 }
 106
 107 int fclose_nointr(FILE *f) {
 108         assert(f);
 109
 110         /* Same as close_nointr(), but for fclose() */
 111
 112         if (fclose(f) == 0)
 113                 return 0;
 114
 115         if (errno == EINTR)
 116                 return 0;
 117
 118         return -errno;
 119 }
 120
 121 FILE* safe_fclose(FILE *f) {
 122
 123         /* Same as safe_close(), but for fclose() */
 124
 125         if (f) {
 126                 PROTECT_ERRNO;
 127
 128                 assert_se(fclose_nointr(f) != EBADF);
 129         }
 130
 131         return NULL;
 132 }
 133
 134 DIR* safe_closedir(DIR *d) {
 135
 136         if (d) {
 137                 PROTECT_ERRNO;
 138
 139                 assert_se(closedir(d) >= 0 || errno != EBADF);
 140         }
 141
 142         return NULL;
 143 }
 144
 145 int fd_nonblock(int fd, bool nonblock) {
 146         int flags, nflags;
 147
 148         assert(fd >= 0);
 149
 150         flags = fcntl(fd, F_GETFL, 0);
 151         if (flags < 0)
 152                 return -errno;
 153
 154         if (nonblock)
 155                 nflags = flags | O_NONBLOCK;
 156         else
 157                 nflags = flags & ~O_NONBLOCK;
 158
 159         if (nflags == flags)
 160                 return 0;
 161
 162         if (fcntl(fd, F_SETFL, nflags) < 0)
 163                 return -errno;
 164
 165         return 0;
 166 }
 167
 168 int fd_cloexec(int fd, bool cloexec) {
 169         int flags, nflags;
 170
 171         assert(fd >= 0);
 172
 173         flags = fcntl(fd, F_GETFD, 0);
 174         if (flags < 0)
 175                 return -errno;
 176
 177         if (cloexec)
 178                 nflags = flags | FD_CLOEXEC;
 179         else
 180                 nflags = flags & ~FD_CLOEXEC;
 181
 182         if (nflags == flags)
 183                 return 0;
 184
 185         if (fcntl(fd, F_SETFD, nflags) < 0)
 186                 return -errno;
 187
 188         return 0;
 189 }
 190
 191 void stdio_unset_cloexec(void) {
 192         fd_cloexec(STDIN_FILENO, false);
 193         fd_cloexec(STDOUT_FILENO, false);
 194         fd_cloexec(STDERR_FILENO, false);
 195 }
 196
 197 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
 198         unsigned i;
 199
 200         assert(n_fdset == 0 || fdset);
 201
 202         for (i = 0; i < n_fdset; i++)
 203                 if (fdset[i] == fd)
 204                         return true;
 205
 206         return false;
 207 }
 208
 209 int close_all_fds(const int except[], unsigned n_except) {
 210         _cleanup_closedir_ DIR *d = NULL;
 211         struct dirent *de;
 212         int r = 0;
 213
 214         assert(n_except == 0 || except);
 215
 216         d = opendir("/proc/self/fd");
 217         if (!d) {
 218                 int fd;
 219                 struct rlimit rl;
 220
 221                 /* When /proc isn't available (for example in chroots)
 222                  * the fallback is brute forcing through the fd
 223                  * table */
 224
 225                 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
 226                 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
 227
 228                         if (fd_in_set(fd, except, n_except))
 229                                 continue;
 230
 231                         if (close_nointr(fd) < 0)
 232                                 if (errno != EBADF && r == 0)
 233                                         r = -errno;
 234                 }
 235
 236                 return r;
 237         }
 238
 239         FOREACH_DIRENT(de, d, return -errno) {
 240                 int fd = -1;
 241
 242                 if (safe_atoi(de->d_name, &fd) < 0)
 243                         /* Let's better ignore this, just in case */
 244                         continue;
 245
 246                 if (fd < 3)
 247                         continue;
 248
 249                 if (fd == dirfd(d))
 250                         continue;
 251
 252                 if (fd_in_set(fd, except, n_except))
 253                         continue;
 254
 255                 if (close_nointr(fd) < 0) {
 256                         /* Valgrind has its own FD and doesn't want to have it closed */
 257                         if (errno != EBADF && r == 0)
 258                                 r = -errno;
 259                 }
 260         }
 261
 262         return r;
 263 }
 264
 265 int same_fd(int a, int b) {
 266         struct stat sta, stb;
 267         pid_t pid;
 268         int r, fa, fb;
 269
 270         assert(a >= 0);
 271         assert(b >= 0);
 272
 273         /* Compares two file descriptors. Note that semantics are
 274          * quite different depending on whether we have kcmp() or we
 275          * don't. If we have kcmp() this will only return true for
 276          * dup()ed file descriptors, but not otherwise. If we don't
 277          * have kcmp() this will also return true for two fds of the same
 278          * file, created by separate open() calls. Since we use this
 279          * call mostly for filtering out duplicates in the fd store
 280          * this difference hopefully doesn't matter too much. */
 281
 282         if (a == b)
 283                 return true;
 284
 285         /* Try to use kcmp() if we have it. */
 286         pid = getpid_cached();
 287         r = kcmp(pid, pid, KCMP_FILE, a, b);
 288         if (r == 0)
 289                 return true;
 290         if (r > 0)
 291                 return false;
 292         if (errno != ENOSYS)
 293                 return -errno;
 294
 295         /* We don't have kcmp(), use fstat() instead. */
 296         if (fstat(a, &sta) < 0)
 297                 return -errno;
 298
 299         if (fstat(b, &stb) < 0)
 300                 return -errno;
 301
 302         if ((sta.st_mode & S_IFMT) != (stb.st_mode & S_IFMT))
 303                 return false;
 304
 305         /* We consider all device fds different, since two device fds
 306          * might refer to quite different device contexts even though
 307          * they share the same inode and backing dev_t. */
 308
 309         if (S_ISCHR(sta.st_mode) || S_ISBLK(sta.st_mode))
 310                 return false;
 311
 312         if (sta.st_dev != stb.st_dev || sta.st_ino != stb.st_ino)
 313                 return false;
 314
 315         /* The fds refer to the same inode on disk, let's also check
 316          * if they have the same fd flags. This is useful to
 317          * distinguish the read and write side of a pipe created with
 318          * pipe(). */
 319         fa = fcntl(a, F_GETFL);
 320         if (fa < 0)
 321                 return -errno;
 322
 323         fb = fcntl(b, F_GETFL);
 324         if (fb < 0)
 325                 return -errno;
 326
 327         return fa == fb;
 328 }
 329
 330 void cmsg_close_all(struct msghdr *mh) {
 331         struct cmsghdr *cmsg;
 332
 333         assert(mh);
 334
 335         CMSG_FOREACH(cmsg, mh)
 336                 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS)
 337                         close_many((int*) CMSG_DATA(cmsg), (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int));
 338 }
 339
 340 bool fdname_is_valid(const char *s) {
 341         const char *p;
 342
 343         /* Validates a name for $LISTEN_FDNAMES. We basically allow
 344          * everything ASCII that's not a control character. Also, as
 345          * special exception the ":" character is not allowed, as we
 346          * use that as field separator in $LISTEN_FDNAMES.
 347          *
 348          * Note that the empty string is explicitly allowed
 349          * here. However, we limit the length of the names to 255
 350          * characters. */
 351
 352         if (!s)
 353                 return false;
 354
 355         for (p = s; *p; p++) {
 356                 if (*p < ' ')
 357                         return false;
 358                 if (*p >= 127)
 359                         return false;
 360                 if (*p == ':')
 361                         return false;
 362         }
 363
 364         return p - s < 256;
 365 }
 366
 367 int fd_get_path(int fd, char **ret) {
 368         char procfs_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)];
 369         int r;
 370
 371         xsprintf(procfs_path, "/proc/self/fd/%i", fd);
 372
 373         r = readlink_malloc(procfs_path, ret);
 374
 375         if (r == -ENOENT) /* If the file doesn't exist the fd is invalid */
 376                 return -EBADF;
 377
 378         return r;
 379 }