On Fri, 2009-06-12 at 13:26 +1000, Bojan Smojver wrote:
> Before we even contemplate having this in 1.3.x
And if you want to play with it in 1.3.x, here is the patch. It should
save you some conflict resolution.
--
Bojan
Property changes on: .
___________________________________________________________________
Modified: svn:mergeinfo
Merged /apr/apr/branches/1.4.x:r783970
Merged /apr/apr/trunk:r747990,748361,748371,748565,748988,749810,783958
Index: CHANGES
===================================================================
--- CHANGES (revision 783970)
+++ CHANGES (working copy)
@@ -1,8 +1,11 @@
-*- coding: utf-8 -*-
Changes for APR 1.3.6
+ *) Set CLOEXEC flags where appropriate. Either use new O_CLOEXEC flag and
+ associated functions, such as dup3(), accept4(), epoll_create1() etc.,
+ or simply set CLOEXEC flag using fcntl(). PR 46425. [Stefan Fritsch
+ <sf sfritsch.de>, Arkadiusz Miskiewicz <arekm pld-linux.org>]
-
Changes for APR 1.3.5
*) Dropped kqueue and apr_poll detection from Mac OS/X 10.5/Darwin 9
Index: network_io/unix/sockets.c
===================================================================
--- network_io/unix/sockets.c (revision 783970)
+++ network_io/unix/sockets.c (working copy)
@@ -83,8 +83,12 @@
apr_status_t apr_socket_create(apr_socket_t **new, int ofamily, int type,
int protocol, apr_pool_t *cont)
{
- int family = ofamily;
+ int family = ofamily, flags = 0;
+#ifdef HAVE_SOCK_CLOEXEC
+ flags |= SOCK_CLOEXEC;
+#endif
+
if (family == APR_UNSPEC) {
#if APR_HAVE_IPV6
family = APR_INET6;
@@ -96,19 +100,19 @@
alloc_socket(new, cont);
#ifndef BEOS_R5
- (*new)->socketdes = socket(family, type, protocol);
+ (*new)->socketdes = socket(family, type|flags, protocol);
#else
/* For some reason BeOS R5 has an unconventional protocol numbering,
* so we need to translate here. */
switch (protocol) {
case 0:
- (*new)->socketdes = socket(family, type, 0);
+ (*new)->socketdes = socket(family, type|flags, 0);
break;
case APR_PROTO_TCP:
- (*new)->socketdes = socket(family, type, IPPROTO_TCP);
+ (*new)->socketdes = socket(family, type|flags, IPPROTO_TCP);
break;
case APR_PROTO_UDP:
- (*new)->socketdes = socket(family, type, IPPROTO_UDP);
+ (*new)->socketdes = socket(family, type|flags, IPPROTO_UDP);
break;
case APR_PROTO_SCTP:
default:
@@ -121,7 +125,7 @@
#if APR_HAVE_IPV6
if ((*new)->socketdes < 0 && ofamily == APR_UNSPEC) {
family = APR_INET;
- (*new)->socketdes = socket(family, type, protocol);
+ (*new)->socketdes = socket(family, type|flags, protocol);
}
#endif
@@ -130,6 +134,19 @@
}
set_socket_vars(*new, family, type, protocol);
+#ifndef HAVE_SOCK_CLOEXEC
+ {
+ int flags;
+
+ if ((flags = fcntl((*new)->socketdes, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl((*new)->socketdes, F_SETFD, flags) == -1)
+ return errno;
+ }
+#endif
+
(*new)->timeout = -1;
(*new)->inherit = 0;
apr_pool_cleanup_register((*new)->pool, (void *)(*new), socket_cleanup,
@@ -181,7 +198,11 @@
sa.salen = sizeof(sa.sa);
+#ifdef HAVE_ACCEPT4
+ s = accept4(sock->socketdes, (struct sockaddr *)&sa.sa, &sa.salen, SOCK_CLOEXEC);
+#else
s = accept(sock->socketdes, (struct sockaddr *)&sa.sa, &sa.salen);
+#endif
if (s < 0) {
return errno;
@@ -255,6 +276,19 @@
(*new)->local_interface_unknown = 1;
}
+#ifndef HAVE_ACCEPT4
+ {
+ int flags;
+
+ if ((flags = fcntl((*new)->socketdes, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl((*new)->socketdes, F_SETFD, flags) == -1)
+ return errno;
+ }
+#endif
+
(*new)->inherit = 0;
apr_pool_cleanup_register((*new)->pool, (void *)(*new), socket_cleanup,
socket_cleanup);
Index: include/arch/unix/apr_arch_inherit.h
===================================================================
--- include/arch/unix/apr_arch_inherit.h (revision 783970)
+++ include/arch/unix/apr_arch_inherit.h (working copy)
@@ -27,6 +27,12 @@
if (the##name->flag & APR_FILE_NOCLEANUP) \
return APR_EINVAL; \
if (!(the##name->flag & APR_INHERIT)) { \
+ int flags = fcntl(the##name->name##des, F_GETFD); \
+ if (flags == -1) \
+ return errno; \
+ flags &= ~(FD_CLOEXEC); \
+ if (fcntl(the##name->name##des, F_SETFD, flags) == -1) \
+ return errno; \
the##name->flag |= APR_INHERIT; \
apr_pool_child_cleanup_set(the##name->pool, \
(void *)the##name, \
@@ -41,6 +47,12 @@
if (the##name->flag & APR_FILE_NOCLEANUP) \
return APR_EINVAL; \
if (the##name->flag & APR_INHERIT) { \
+ int flags; \
+ if ((flags = fcntl(the##name->name##des, F_GETFD)) == -1) \
+ return errno; \
+ flags |= FD_CLOEXEC; \
+ if (fcntl(the##name->name##des, F_SETFD, flags) == -1) \
+ return errno; \
the##name->flag &= ~APR_INHERIT; \
apr_pool_child_cleanup_set(the##name->pool, \
(void *)the##name, \
Index: configure.in
===================================================================
--- configure.in (revision 783970)
+++ configure.in (working copy)
@@ -775,6 +775,23 @@
AC_DEFINE([HAVE_EPOLL], 1, [Define if the epoll interface is supported])
fi
+dnl ----------------------------- Checking for extended file descriptor handling
+AC_CHECK_FUNCS(dup3 accept4 epoll_create1)
+
+AC_CACHE_CHECK([for SOCK_CLOEXEC support], [apr_cv_sock_cloexec],
+[AC_TRY_RUN([
+#include <sys/types.h>
+#include <sys/socket.h>
+
+int main()
+{
+ return socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC, 0) == -1;
+}], [apr_cv_sock_cloexec=yes], [apr_cv_sock_cloexec=no], [apr_cv_sock_cloexec=no])])
+
+if test "$apr_cv_sock_cloexec" = "yes"; then
+ AC_DEFINE([HAVE_SOCK_CLOEXEC], 1, [Define if the SOCK_CLOEXEC flag is supported])
+fi
+
dnl ----------------------------- Checking for missing POSIX thread functions
AC_CHECK_FUNCS([getpwnam_r getpwuid_r getgrnam_r getgrgid_r])
Index: poll/unix/kqueue.c
===================================================================
--- poll/unix/kqueue.c (revision 783970)
+++ poll/unix/kqueue.c (working copy)
@@ -15,6 +15,7 @@
*/
#include "apr_arch_poll_private.h"
+#include "apr_arch_inherit.h"
#ifdef POLLSET_USES_KQUEUE
@@ -101,6 +102,17 @@
return apr_get_netos_error();
}
+ {
+ int flags;
+
+ if ((flags = fcntl((*pollset)->kqueue_fd, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl((*pollset)->kqueue_fd, F_SETFD, flags) == -1)
+ return errno;
+ }
+
apr_pool_cleanup_register(p, (void *) (*pollset), backend_cleanup,
apr_pool_cleanup_null);
@@ -309,7 +321,18 @@
*pollcb = NULL;
return apr_get_netos_error();
}
-
+
+ {
+ int flags;
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl(fd, F_SETFD, flags) == -1)
+ return errno;
+ }
+
*pollcb = apr_palloc(p, sizeof(**pollcb));
(*pollcb)->nalloc = size;
(*pollcb)->pool = p;
Index: poll/unix/port.c
===================================================================
--- poll/unix/port.c (revision 783970)
+++ poll/unix/port.c (working copy)
@@ -16,6 +16,7 @@
#include "apr_arch_poll_private.h"
#include "apr_atomic.h"
+#include "apr_arch_inherit.h"
#ifdef POLLSET_USES_PORT
@@ -127,6 +128,17 @@
return APR_ENOMEM;
}
+ {
+ int flags;
+
+ if ((flags = fcntl((*pollset)->port_fd, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl((*pollset)->port_fd, F_SETFD, flags) == -1)
+ return errno;
+ }
+
apr_pool_cleanup_register(p, (void *) (*pollset), backend_cleanup,
apr_pool_cleanup_null);
@@ -391,6 +403,17 @@
return apr_get_netos_error();
}
+ {
+ int flags;
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl(fd, F_SETFD, flags) == -1)
+ return errno;
+ }
+
*pollcb = apr_palloc(p, sizeof(**pollcb));
(*pollcb)->nalloc = size;
(*pollcb)->pool = p;
Index: poll/unix/epoll.c
===================================================================
--- poll/unix/epoll.c (revision 783970)
+++ poll/unix/epoll.c (working copy)
@@ -15,6 +15,7 @@
*/
#include "apr_arch_poll_private.h"
+#include "apr_arch_inherit.h"
#ifdef POLLSET_USES_EPOLL
@@ -95,12 +96,29 @@
#endif
int fd;
+#ifdef HAVE_EPOLL_CREATE1
+ fd = epoll_create1(EPOLL_CLOEXEC);
+#else
fd = epoll_create(size);
+#endif
if (fd < 0) {
*pollset = NULL;
return errno;
}
+#ifndef HAVE_EPOLL_CREATE1
+ {
+ int flags;
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl(fd, F_SETFD, flags) == -1)
+ return errno;
+ }
+#endif
+
*pollset = apr_palloc(p, sizeof(**pollset));
#if APR_HAS_THREADS
if ((flags & APR_POLLSET_THREADSAFE) &&
@@ -319,12 +337,29 @@
{
int fd;
+#ifdef HAVE_EPOLL_CREATE1
+ fd = epoll_create1(EPOLL_CLOEXEC);
+#else
fd = epoll_create(size);
+#endif
if (fd < 0) {
*pollcb = NULL;
return apr_get_netos_error();
}
+
+#ifndef HAVE_EPOLL_CREATE1
+ {
+ int flags;
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl(fd, F_SETFD, flags) == -1)
+ return errno;
+ }
+#endif
*pollcb = apr_palloc(p, sizeof(**pollcb));
(*pollcb)->nalloc = size;
Index: file_io/unix/open.c
===================================================================
--- file_io/unix/open.c (revision 783970)
+++ file_io/unix/open.c (working copy)
@@ -127,7 +127,15 @@
oflags |= O_BINARY;
}
#endif
-
+
+#ifdef O_CLOEXEC
+ /* Introduced in Linux 2.6.23. Silently ignored on earlier Linux kernels.
+ */
+ if (!(flag & APR_FILE_NOCLEANUP)) {
+ oflags |= O_CLOEXEC;
+}
+#endif
+
#if APR_HAS_LARGE_FILES && defined(_LARGEFILE64_SOURCE)
oflags |= O_LARGEFILE;
#elif defined(O_LARGEFILE)
@@ -155,7 +163,17 @@
if (fd < 0) {
return errno;
}
+ if (!(flag & APR_FILE_NOCLEANUP)) {
+ int flags;
+ if ((flags = fcntl(fd, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl(fd, F_SETFD, flags) == -1)
+ return errno;
+ }
+
(*new) = (apr_file_t *)apr_pcalloc(pool, sizeof(apr_file_t));
(*new)->pool = pool;
(*new)->flags = flag;
@@ -337,6 +355,15 @@
return APR_EINVAL;
}
if (thefile->flags & APR_INHERIT) {
+ int flags;
+
+ if ((flags = fcntl(thefile->filedes, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl(thefile->filedes, F_SETFD, flags) == -1)
+ return errno;
+
thefile->flags &= ~APR_INHERIT;
apr_pool_child_cleanup_set(thefile->pool,
(void *)thefile,
Index: file_io/unix/filedup.c
===================================================================
--- file_io/unix/filedup.c (revision 783970)
+++ file_io/unix/filedup.c (working copy)
@@ -25,13 +25,36 @@
int which_dup)
{
int rv;
-
+#ifdef HAVE_DUP3
+ int flags = 0;
+#endif
+
if (which_dup == 2) {
if ((*new_file) == NULL) {
/* We can't dup2 unless we have a valid new_file */
return APR_EINVAL;
}
+#ifdef HAVE_DUP3
+ if (!((*new_file)->flags & (APR_FILE_NOCLEANUP|APR_INHERIT)))
+ flags |= O_CLOEXEC;
+ rv = dup3(old_file->filedes, (*new_file)->filedes, flags);
+#else
rv = dup2(old_file->filedes, (*new_file)->filedes);
+ if (!((*new_file)->flags & (APR_FILE_NOCLEANUP|APR_INHERIT))) {
+ int flags;
+
+ if (rv == -1)
+ return errno;
+
+ if ((flags = fcntl((*new_file)->filedes, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl((*new_file)->filedes, F_SETFD, flags) == -1)
+ return errno;
+
+ }
+#endif
} else {
rv = dup(old_file->filedes);
}
Index: file_io/unix/mktemp.c
===================================================================
--- file_io/unix/mktemp.c (revision 783970)
+++ file_io/unix/mktemp.c (working copy)
@@ -51,6 +51,7 @@
#include "apr_strings.h" /* prototype of apr_mkstemp() */
#include "apr_arch_file_io.h" /* prototype of apr_mkstemp() */
#include "apr_portable.h" /* for apr_os_file_put() */
+#include "apr_arch_inherit.h"
#ifndef HAVE_MKSTEMP
@@ -203,6 +204,15 @@
(*fp)->fname = apr_pstrdup(p, template);
if (!(flags & APR_FILE_NOCLEANUP)) {
+ int flags;
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl(fd, F_SETFD, flags) == -1)
+ return errno;
+
apr_pool_cleanup_register((*fp)->pool, (void *)(*fp),
apr_unix_file_cleanup,
apr_unix_child_file_cleanup);
Index: file_io/netware/mktemp.c
===================================================================
--- file_io/netware/mktemp.c (revision 783970)
+++ file_io/netware/mktemp.c (working copy)
@@ -19,6 +19,7 @@
#include "apr_strings.h" /* prototype of apr_mkstemp() */
#include "apr_arch_file_io.h" /* prototype of apr_mkstemp() */
#include "apr_portable.h" /* for apr_os_file_put() */
+#include "apr_arch_inherit.h"
#include <stdlib.h> /* for mkstemp() - Single Unix */
@@ -43,6 +44,15 @@
if (!(flags & APR_FILE_NOCLEANUP)) {
+ int flags;
+
+ if ((flags = fcntl((*fp)->filedes, F_GETFD)) == -1)
+ return errno;
+
+ flags |= FD_CLOEXEC;
+ if (fcntl((*fp)->filedes, F_SETFD, flags) == -1)
+ return errno;
+
apr_pool_cleanup_register((*fp)->pool, (void *)(*fp),
apr_unix_file_cleanup,
apr_unix_child_file_cleanup);
