1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include "dirent-util.h"
24 #include "parse-util.h"
25 #include "socket-util.h"
28 int close_nointr(int fd) {
35 * Just ignore EINTR; a retry loop is the wrong thing to do on
38 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
39 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
40 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
41 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
49 int safe_close(int fd) {
52 * Like close_nointr() but cannot fail. Guarantees errno is
53 * unchanged. Is a NOP with negative fds passed, and returns
54 * -1, so that it can be used in this syntax:
56 * fd = safe_close(fd);
62 /* The kernel might return pretty much any error code
63 * via close(), but the fd will be closed anyway. The
64 * only condition we want to check for here is whether
65 * the fd was invalid at all... */
67 assert_se(close_nointr(fd) != -EBADF);
73 void safe_close_pair(int p[]) {
77 /* Special case pairs which use the same fd in both
79 p[0] = p[1] = safe_close(p[0]);
83 p[0] = safe_close(p[0]);
84 p[1] = safe_close(p[1]);
87 void close_many(const int fds[], unsigned n_fd) {
90 assert(fds || n_fd <= 0);
92 for (i = 0; i < n_fd; i++)
96 int fclose_nointr(FILE *f) {
99 /* Same as close_nointr(), but for fclose() */
110 FILE* safe_fclose(FILE *f) {
112 /* Same as safe_close(), but for fclose() */
117 assert_se(fclose_nointr(f) != EBADF);
123 DIR* safe_closedir(DIR *d) {
128 assert_se(closedir(d) >= 0 || errno != EBADF);
134 int fd_nonblock(int fd, bool nonblock) {
139 flags = fcntl(fd, F_GETFL, 0);
144 nflags = flags | O_NONBLOCK;
146 nflags = flags & ~O_NONBLOCK;
151 if (fcntl(fd, F_SETFL, nflags) < 0)
157 int fd_cloexec(int fd, bool cloexec) {
162 flags = fcntl(fd, F_GETFD, 0);
167 nflags = flags | FD_CLOEXEC;
169 nflags = flags & ~FD_CLOEXEC;
174 if (fcntl(fd, F_SETFD, nflags) < 0)
180 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
183 assert(n_fdset == 0 || fdset);
185 for (i = 0; i < n_fdset; i++)
192 int close_all_fds(const int except[], unsigned n_except) {
193 _cleanup_closedir_ DIR *d = NULL;
197 assert(n_except == 0 || except);
199 d = opendir("/proc/self/fd");
204 /* When /proc isn't available (for example in chroots)
205 * the fallback is brute forcing through the fd
208 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
209 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
211 if (fd_in_set(fd, except, n_except))
214 if (close_nointr(fd) < 0)
215 if (errno != EBADF && r == 0)
222 while ((de = readdir(d))) {
225 if (hidden_file(de->d_name))
228 if (safe_atoi(de->d_name, &fd) < 0)
229 /* Let's better ignore this, just in case */
238 if (fd_in_set(fd, except, n_except))
241 if (close_nointr(fd) < 0) {
242 /* Valgrind has its own FD and doesn't want to have it closed */
243 if (errno != EBADF && r == 0)
251 int same_fd(int a, int b) {
252 struct stat sta, stb;
259 /* Compares two file descriptors. Note that semantics are
260 * quite different depending on whether we have kcmp() or we
261 * don't. If we have kcmp() this will only return true for
262 * dup()ed file descriptors, but not otherwise. If we don't
263 * have kcmp() this will also return true for two fds of the same
264 * file, created by separate open() calls. Since we use this
265 * call mostly for filtering out duplicates in the fd store
266 * this difference hopefully doesn't matter too much. */
271 /* Try to use kcmp() if we have it. */
273 r = kcmp(pid, pid, KCMP_FILE, a, b);
281 /* We don't have kcmp(), use fstat() instead. */
282 if (fstat(a, &sta) < 0)
285 if (fstat(b, &stb) < 0)
288 if ((sta.st_mode & S_IFMT) != (stb.st_mode & S_IFMT))
291 /* We consider all device fds different, since two device fds
292 * might refer to quite different device contexts even though
293 * they share the same inode and backing dev_t. */
295 if (S_ISCHR(sta.st_mode) || S_ISBLK(sta.st_mode))
298 if (sta.st_dev != stb.st_dev || sta.st_ino != stb.st_ino)
301 /* The fds refer to the same inode on disk, let's also check
302 * if they have the same fd flags. This is useful to
303 * distinguish the read and write side of a pipe created with
305 fa = fcntl(a, F_GETFL);
309 fb = fcntl(b, F_GETFL);
316 void cmsg_close_all(struct msghdr *mh) {
317 struct cmsghdr *cmsg;
321 CMSG_FOREACH(cmsg, mh)
322 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS)
323 close_many((int*) CMSG_DATA(cmsg), (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int));
326 bool fdname_is_valid(const char *s) {
329 /* Validates a name for $LISTEN_FDNAMES. We basically allow
330 * everything ASCII that's not a control character. Also, as
331 * special exception the ":" character is not allowed, as we
332 * use that as field separator in $LISTEN_FDNAMES.
334 * Note that the empty string is explicitly allowed
335 * here. However, we limit the length of the names to 255
341 for (p = s; *p; p++) {