1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include "dirent-util.h"
24 #include "parse-util.h"
25 #include "socket-util.h"
28 int close_nointr(int fd) {
35 * Just ignore EINTR; a retry loop is the wrong thing to do on
38 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
39 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
40 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
41 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
49 int safe_close(int fd) {
52 * Like close_nointr() but cannot fail. Guarantees errno is
53 * unchanged. Is a NOP with negative fds passed, and returns
54 * -1, so that it can be used in this syntax:
56 * fd = safe_close(fd);
62 /* The kernel might return pretty much any error code
63 * via close(), but the fd will be closed anyway. The
64 * only condition we want to check for here is whether
65 * the fd was invalid at all... */
67 assert_se(close_nointr(fd) != -EBADF);
73 void safe_close_pair(int p[]) {
77 /* Special case pairs which use the same fd in both
79 p[0] = p[1] = safe_close(p[0]);
83 p[0] = safe_close(p[0]);
84 p[1] = safe_close(p[1]);
87 void close_many(const int fds[], unsigned n_fd) {
90 assert(fds || n_fd <= 0);
92 for (i = 0; i < n_fd; i++)
96 int fclose_nointr(FILE *f) {
99 /* Same as close_nointr(), but for fclose() */
110 FILE* safe_fclose(FILE *f) {
112 /* Same as safe_close(), but for fclose() */
117 assert_se(fclose_nointr(f) != EBADF);
123 #if 0 /// UNNEEDED by elogind
124 DIR* safe_closedir(DIR *d) {
129 assert_se(closedir(d) >= 0 || errno != EBADF);
136 int fd_nonblock(int fd, bool nonblock) {
141 flags = fcntl(fd, F_GETFL, 0);
146 nflags = flags | O_NONBLOCK;
148 nflags = flags & ~O_NONBLOCK;
153 if (fcntl(fd, F_SETFL, nflags) < 0)
159 int fd_cloexec(int fd, bool cloexec) {
164 flags = fcntl(fd, F_GETFD, 0);
169 nflags = flags | FD_CLOEXEC;
171 nflags = flags & ~FD_CLOEXEC;
176 if (fcntl(fd, F_SETFD, nflags) < 0)
182 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
185 assert(n_fdset == 0 || fdset);
187 for (i = 0; i < n_fdset; i++)
194 int close_all_fds(const int except[], unsigned n_except) {
195 _cleanup_closedir_ DIR *d = NULL;
199 assert(n_except == 0 || except);
201 d = opendir("/proc/self/fd");
206 /* When /proc isn't available (for example in chroots)
207 * the fallback is brute forcing through the fd
210 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
211 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
213 if (fd_in_set(fd, except, n_except))
216 if (close_nointr(fd) < 0)
217 if (errno != EBADF && r == 0)
224 while ((de = readdir(d))) {
227 if (hidden_file(de->d_name))
230 if (safe_atoi(de->d_name, &fd) < 0)
231 /* Let's better ignore this, just in case */
240 if (fd_in_set(fd, except, n_except))
243 if (close_nointr(fd) < 0) {
244 /* Valgrind has its own FD and doesn't want to have it closed */
245 if (errno != EBADF && r == 0)
253 #if 0 /// UNNEEDED by elogind
254 int same_fd(int a, int b) {
255 struct stat sta, stb;
262 /* Compares two file descriptors. Note that semantics are
263 * quite different depending on whether we have kcmp() or we
264 * don't. If we have kcmp() this will only return true for
265 * dup()ed file descriptors, but not otherwise. If we don't
266 * have kcmp() this will also return true for two fds of the same
267 * file, created by separate open() calls. Since we use this
268 * call mostly for filtering out duplicates in the fd store
269 * this difference hopefully doesn't matter too much. */
274 /* Try to use kcmp() if we have it. */
276 r = kcmp(pid, pid, KCMP_FILE, a, b);
284 /* We don't have kcmp(), use fstat() instead. */
285 if (fstat(a, &sta) < 0)
288 if (fstat(b, &stb) < 0)
291 if ((sta.st_mode & S_IFMT) != (stb.st_mode & S_IFMT))
294 /* We consider all device fds different, since two device fds
295 * might refer to quite different device contexts even though
296 * they share the same inode and backing dev_t. */
298 if (S_ISCHR(sta.st_mode) || S_ISBLK(sta.st_mode))
301 if (sta.st_dev != stb.st_dev || sta.st_ino != stb.st_ino)
304 /* The fds refer to the same inode on disk, let's also check
305 * if they have the same fd flags. This is useful to
306 * distinguish the read and write side of a pipe created with
308 fa = fcntl(a, F_GETFL);
312 fb = fcntl(b, F_GETFL);
319 void cmsg_close_all(struct msghdr *mh) {
320 struct cmsghdr *cmsg;
324 CMSG_FOREACH(cmsg, mh)
325 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS)
326 close_many((int*) CMSG_DATA(cmsg), (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int));
329 bool fdname_is_valid(const char *s) {
332 /* Validates a name for $LISTEN_FDNAMES. We basically allow
333 * everything ASCII that's not a control character. Also, as
334 * special exception the ":" character is not allowed, as we
335 * use that as field separator in $LISTEN_FDNAMES.
337 * Note that the empty string is explicitly allowed
338 * here. However, we limit the length of the names to 255
344 for (p = s; *p; p++) {