2 This file is part of systemd.
4 Copyright 2010 Lennart Poettering
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/resource.h>
23 #include <sys/socket.h>
30 #include "parse-util.h"
31 #include "path-util.h"
32 #include "socket-util.h"
35 int close_nointr(int fd) {
42 * Just ignore EINTR; a retry loop is the wrong thing to do on
45 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
46 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
47 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
48 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
56 int safe_close(int fd) {
59 * Like close_nointr() but cannot fail. Guarantees errno is
60 * unchanged. Is a NOP with negative fds passed, and returns
61 * -1, so that it can be used in this syntax:
63 * fd = safe_close(fd);
69 /* The kernel might return pretty much any error code
70 * via close(), but the fd will be closed anyway. The
71 * only condition we want to check for here is whether
72 * the fd was invalid at all... */
74 assert_se(close_nointr(fd) != -EBADF);
80 void safe_close_pair(int p[]) {
84 /* Special case pairs which use the same fd in both
86 p[0] = p[1] = safe_close(p[0]);
90 p[0] = safe_close(p[0]);
91 p[1] = safe_close(p[1]);
94 void close_many(const int fds[], unsigned n_fd) {
97 assert(fds || n_fd <= 0);
99 for (i = 0; i < n_fd; i++)
103 int fclose_nointr(FILE *f) {
106 /* Same as close_nointr(), but for fclose() */
117 FILE* safe_fclose(FILE *f) {
119 /* Same as safe_close(), but for fclose() */
124 assert_se(fclose_nointr(f) != EBADF);
130 #if 0 /// UNNEEDED by elogind
131 DIR* safe_closedir(DIR *d) {
136 assert_se(closedir(d) >= 0 || errno != EBADF);
143 int fd_nonblock(int fd, bool nonblock) {
148 flags = fcntl(fd, F_GETFL, 0);
153 nflags = flags | O_NONBLOCK;
155 nflags = flags & ~O_NONBLOCK;
160 if (fcntl(fd, F_SETFL, nflags) < 0)
166 int fd_cloexec(int fd, bool cloexec) {
171 flags = fcntl(fd, F_GETFD, 0);
176 nflags = flags | FD_CLOEXEC;
178 nflags = flags & ~FD_CLOEXEC;
183 if (fcntl(fd, F_SETFD, nflags) < 0)
189 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
192 assert(n_fdset == 0 || fdset);
194 for (i = 0; i < n_fdset; i++)
201 int close_all_fds(const int except[], unsigned n_except) {
202 _cleanup_closedir_ DIR *d = NULL;
206 assert(n_except == 0 || except);
208 d = opendir("/proc/self/fd");
213 /* When /proc isn't available (for example in chroots)
214 * the fallback is brute forcing through the fd
217 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
218 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
220 if (fd_in_set(fd, except, n_except))
223 if (close_nointr(fd) < 0)
224 if (errno != EBADF && r == 0)
231 while ((de = readdir(d))) {
234 if (hidden_file(de->d_name))
237 if (safe_atoi(de->d_name, &fd) < 0)
238 /* Let's better ignore this, just in case */
247 if (fd_in_set(fd, except, n_except))
250 if (close_nointr(fd) < 0) {
251 /* Valgrind has its own FD and doesn't want to have it closed */
252 if (errno != EBADF && r == 0)
260 #if 0 /// UNNEEDED by elogind
261 int same_fd(int a, int b) {
262 struct stat sta, stb;
269 /* Compares two file descriptors. Note that semantics are
270 * quite different depending on whether we have kcmp() or we
271 * don't. If we have kcmp() this will only return true for
272 * dup()ed file descriptors, but not otherwise. If we don't
273 * have kcmp() this will also return true for two fds of the same
274 * file, created by separate open() calls. Since we use this
275 * call mostly for filtering out duplicates in the fd store
276 * this difference hopefully doesn't matter too much. */
281 /* Try to use kcmp() if we have it. */
283 r = kcmp(pid, pid, KCMP_FILE, a, b);
291 /* We don't have kcmp(), use fstat() instead. */
292 if (fstat(a, &sta) < 0)
295 if (fstat(b, &stb) < 0)
298 if ((sta.st_mode & S_IFMT) != (stb.st_mode & S_IFMT))
301 /* We consider all device fds different, since two device fds
302 * might refer to quite different device contexts even though
303 * they share the same inode and backing dev_t. */
305 if (S_ISCHR(sta.st_mode) || S_ISBLK(sta.st_mode))
308 if (sta.st_dev != stb.st_dev || sta.st_ino != stb.st_ino)
311 /* The fds refer to the same inode on disk, let's also check
312 * if they have the same fd flags. This is useful to
313 * distinguish the read and write side of a pipe created with
315 fa = fcntl(a, F_GETFL);
319 fb = fcntl(b, F_GETFL);
326 void cmsg_close_all(struct msghdr *mh) {
327 struct cmsghdr *cmsg;
331 CMSG_FOREACH(cmsg, mh)
332 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS)
333 close_many((int*) CMSG_DATA(cmsg), (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int));
336 bool fdname_is_valid(const char *s) {
339 /* Validates a name for $LISTEN_FDNAMES. We basically allow
340 * everything ASCII that's not a control character. Also, as
341 * special exception the ":" character is not allowed, as we
342 * use that as field separator in $LISTEN_FDNAMES.
344 * Note that the empty string is explicitly allowed
345 * here. However, we limit the length of the names to 255
351 for (p = s; *p; p++) {