From mboxrd@z Thu Jan 1 00:00:00 1970 From: Christian Brauner Date: Tue, 21 May 2019 13:04:39 +0000 Subject: Re: [PATCH 1/2] open: add close_range() Message-Id: <20190521130438.q3u4wvve7p6md6cm@brauner.io> List-Id: References: <20190521113448.20654-1-christian@brauner.io> <87tvdoau12.fsf@oldenburg2.str.redhat.com> In-Reply-To: <87tvdoau12.fsf@oldenburg2.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable To: Florian Weimer Cc: viro@zeniv.linux.org.uk, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org, jannh@google.com, oleg@redhat.com, tglx@linutronix.de, torvalds@linux-foundation.org, arnd@arndb.de, shuah@kernel.org, dhowells@redhat.com, tkjos@android.com, ldv@altlinux.org, miklos@szeredi.hu, linux-alpha@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-xtensa@linux-xtensa.org, linux-arch@vger.kernel.org, linux-kselftest@vger.kernel.org, x86@kernel.org On Tue, May 21, 2019 at 02:09:29PM +0200, Florian Weimer wrote: > * Christian Brauner: >=20 > > +/** > > + * __close_range() - Close all file descriptors in a given range. > > + * > > + * @fd: starting file descriptor to close > > + * @max_fd: last file descriptor to close > > + * > > + * This closes a range of file descriptors. All file descriptors > > + * from @fd up to and including @max_fd are closed. > > + */ > > +int __close_range(struct files_struct *files, unsigned fd, unsigned ma= x_fd) > > +{ > > + unsigned int cur_max; > > + > > + if (fd > max_fd) > > + return -EINVAL; > > + > > + rcu_read_lock(); > > + cur_max =3D files_fdtable(files)->max_fds; > > + rcu_read_unlock(); > > + > > + /* cap to last valid index into fdtable */ > > + if (max_fd >=3D cur_max) > > + max_fd =3D cur_max - 1; > > + > > + while (fd <=3D max_fd) > > + __close_fd(files, fd++); > > + > > + return 0; > > +} >=20 > This seems rather drastic. How long does this block in kernel mode? > Maybe it's okay as long as the maximum possible value for cur_max stays > around 4 million or so. That's probably valid concern when you reach very high numbers though I wonder how relevant this is in practice. Also, you would only be blocking yourself I imagine, i.e. you can't DOS another task with this unless your multi-threaded. >=20 > Solaris has an fdwalk function: >=20 > >=20 > So a different way to implement this would expose a nextfd system call Meh. If nextfd() then I would like it to be able to: - get the nextfd(fd) >=3D fd - get highest open fd e.g. nextfd(-1) But then I wonder if nextfd() needs to be a syscall and isn't just either: fcntl(fd, F_GET_NEXT)? or prctl(PR_GET_NEXT)? Technically, one could also do: fd_range(unsigned fd, unsigend end_fd, unsigned flags); fd_range(3, 50, FD_RANGE_CLOSE); /* return highest fd within the range [3, 50] */ fd_range(3, 50, FD_RANGE_NEXT); /* return highest fd */ fd_range(3, UINT_MAX, FD_RANGE_NEXT); This syscall could also reasonably be extended. > to userspace, so that we can use that to implement both fdwalk and > closefrom. But maybe fdwalk is just too obscure, given the existence of > /proc. Yeah we probably don't need fdwalk. >=20 > I'll happily implement closefrom on top of close_range in glibc (plus > fallback for older kernels based on /proc=E2=80=94with an abort in case t= hat > doesn't work because the RLIMIT_NOFILE hack is unreliable > unfortunately). >=20 > Thanks, > Florian From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,USER_AGENT_NEOMUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 056D5C04AAF for ; Tue, 21 May 2019 13:04:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id CE9BE217D4 for ; Tue, 21 May 2019 13:04:44 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=brauner.io header.i=@brauner.io header.b="XJSG1EyP" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728276AbfEUNEo (ORCPT ); Tue, 21 May 2019 09:04:44 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:44025 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727819AbfEUNEo (ORCPT ); Tue, 21 May 2019 09:04:44 -0400 Received: by mail-wr1-f66.google.com with SMTP id r4so18501669wro.10 for ; Tue, 21 May 2019 06:04:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=UoeHu3yoNUcPPl9PKQVlxSlKB7SL3/RQXELHWxMzhXU=; b=XJSG1EyPYqVFv06qjxl82rQK6DnXz+zzZ5SuDKstpUJiXRNS8tQ5JU13/0R23pzYo8 CBflOikG7l96+4gPyOlywhufFiPRmoYNDl41896XQ/0MJatuwnRejMHB6TDC98rsUSsk 2AmSYFgAwYwyiIa3Uw0OG4PN7UgonE+wdbkLG/dhBH8kdQoOGpBbAw+wyKcjrVvNwBmM VMKMZI30ibz9pqFsG/Cn36t1s2Pm2QH0dtNNkeKYHL7aO5r+71RV9j9Ohu/+y3mncQUm NMgjzNYEt1ik5sf8wphXNVOj5VnbG86Jclu6wpcMm3hVcqUXQ13o2yCTql/kibMeVk3R 6GZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=UoeHu3yoNUcPPl9PKQVlxSlKB7SL3/RQXELHWxMzhXU=; b=Ze0IuLtnptMR8PrMyC8ASIeOyUQMQQaLot2TLMs0Vf0VW7nv+vSEOO5Bi3y9ECErHA cZ7pvI3YyspmHzdodmtPqU3aAHVC/dqcRXxGTiq/6mjfkLy5bCMWAj2xAW7FgkMgBRI2 ufaJjnMkYmQtMQRC6suKpE6AGT6H1Kjxt5/doJXHzkdHokKYpCDRLhvTyl9QTJkg51s8 US4wT733RapTprvjPiXEtR8k32iMGPBsp7ejY0rvwc9xe7bQvE0YG0kslhO/YlGH0Lln NhXHwNjFqNEr91OP5ic1CxNLBrK6HJpkmwbwy9Q4TPhpGoflfcn8gMpmhsYqB/fIukUB gjGg== X-Gm-Message-State: APjAAAWiS9sCkBBblXRoEuHO2sfu2V/eRIJ61t7YkxKS3iyTn9cU/VoA zV+syEJjhVn9X4eZwzGTN1ZClA== X-Google-Smtp-Source: APXvYqxG2D4TpRJtgA1by9C5SwilBq6kPP4Jw28l+Fw52p05f/l2TsKOiCci80kJtWr6XsY8G818bQ== X-Received: by 2002:a5d:6b12:: with SMTP id v18mr34420146wrw.306.1558443882738; Tue, 21 May 2019 06:04:42 -0700 (PDT) Received: from brauner.io (p548C9938.dip0.t-ipconnect.de. [84.140.153.56]) by smtp.gmail.com with ESMTPSA id x64sm5789182wmg.17.2019.05.21.06.04.41 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Tue, 21 May 2019 06:04:42 -0700 (PDT) Date: Tue, 21 May 2019 15:04:39 +0200 From: Christian Brauner To: Florian Weimer Cc: viro@zeniv.linux.org.uk, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org, jannh@google.com, oleg@redhat.com, tglx@linutronix.de, torvalds@linux-foundation.org, arnd@arndb.de, shuah@kernel.org, dhowells@redhat.com, tkjos@android.com, ldv@altlinux.org, miklos@szeredi.hu, linux-alpha@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-xtensa@linux-xtensa.org, linux-arch@vger.kernel.org, linux-kselftest@vger.kernel.org, x86@kernel.org Subject: Re: [PATCH 1/2] open: add close_range() Message-ID: <20190521130438.q3u4wvve7p6md6cm@brauner.io> References: <20190521113448.20654-1-christian@brauner.io> <87tvdoau12.fsf@oldenburg2.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87tvdoau12.fsf@oldenburg2.str.redhat.com> User-Agent: NeoMutt/20180716 Sender: linux-parisc-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-parisc@vger.kernel.org On Tue, May 21, 2019 at 02:09:29PM +0200, Florian Weimer wrote: > * Christian Brauner: > > > +/** > > + * __close_range() - Close all file descriptors in a given range. > > + * > > + * @fd: starting file descriptor to close > > + * @max_fd: last file descriptor to close > > + * > > + * This closes a range of file descriptors. All file descriptors > > + * from @fd up to and including @max_fd are closed. > > + */ > > +int __close_range(struct files_struct *files, unsigned fd, unsigned max_fd) > > +{ > > + unsigned int cur_max; > > + > > + if (fd > max_fd) > > + return -EINVAL; > > + > > + rcu_read_lock(); > > + cur_max = files_fdtable(files)->max_fds; > > + rcu_read_unlock(); > > + > > + /* cap to last valid index into fdtable */ > > + if (max_fd >= cur_max) > > + max_fd = cur_max - 1; > > + > > + while (fd <= max_fd) > > + __close_fd(files, fd++); > > + > > + return 0; > > +} > > This seems rather drastic. How long does this block in kernel mode? > Maybe it's okay as long as the maximum possible value for cur_max stays > around 4 million or so. That's probably valid concern when you reach very high numbers though I wonder how relevant this is in practice. Also, you would only be blocking yourself I imagine, i.e. you can't DOS another task with this unless your multi-threaded. > > Solaris has an fdwalk function: > > > > So a different way to implement this would expose a nextfd system call Meh. If nextfd() then I would like it to be able to: - get the nextfd(fd) >= fd - get highest open fd e.g. nextfd(-1) But then I wonder if nextfd() needs to be a syscall and isn't just either: fcntl(fd, F_GET_NEXT)? or prctl(PR_GET_NEXT)? Technically, one could also do: fd_range(unsigned fd, unsigend end_fd, unsigned flags); fd_range(3, 50, FD_RANGE_CLOSE); /* return highest fd within the range [3, 50] */ fd_range(3, 50, FD_RANGE_NEXT); /* return highest fd */ fd_range(3, UINT_MAX, FD_RANGE_NEXT); This syscall could also reasonably be extended. > to userspace, so that we can use that to implement both fdwalk and > closefrom. But maybe fdwalk is just too obscure, given the existence of > /proc. Yeah we probably don't need fdwalk. > > I'll happily implement closefrom on top of close_range in glibc (plus > fallback for older kernels based on /proc—with an abort in case that > doesn't work because the RLIMIT_NOFILE hack is unreliable > unfortunately). > > Thanks, > Florian From mboxrd@z Thu Jan 1 00:00:00 1970 From: christian at brauner.io (Christian Brauner) Date: Tue, 21 May 2019 15:04:39 +0200 Subject: [PATCH 1/2] open: add close_range() In-Reply-To: <87tvdoau12.fsf@oldenburg2.str.redhat.com> References: <20190521113448.20654-1-christian@brauner.io> <87tvdoau12.fsf@oldenburg2.str.redhat.com> Message-ID: <20190521130438.q3u4wvve7p6md6cm@brauner.io> On Tue, May 21, 2019 at 02:09:29PM +0200, Florian Weimer wrote: > * Christian Brauner: > > > +/** > > + * __close_range() - Close all file descriptors in a given range. > > + * > > + * @fd: starting file descriptor to close > > + * @max_fd: last file descriptor to close > > + * > > + * This closes a range of file descriptors. All file descriptors > > + * from @fd up to and including @max_fd are closed. > > + */ > > +int __close_range(struct files_struct *files, unsigned fd, unsigned max_fd) > > +{ > > + unsigned int cur_max; > > + > > + if (fd > max_fd) > > + return -EINVAL; > > + > > + rcu_read_lock(); > > + cur_max = files_fdtable(files)->max_fds; > > + rcu_read_unlock(); > > + > > + /* cap to last valid index into fdtable */ > > + if (max_fd >= cur_max) > > + max_fd = cur_max - 1; > > + > > + while (fd <= max_fd) > > + __close_fd(files, fd++); > > + > > + return 0; > > +} > > This seems rather drastic. How long does this block in kernel mode? > Maybe it's okay as long as the maximum possible value for cur_max stays > around 4 million or so. That's probably valid concern when you reach very high numbers though I wonder how relevant this is in practice. Also, you would only be blocking yourself I imagine, i.e. you can't DOS another task with this unless your multi-threaded. > > Solaris has an fdwalk function: > > > > So a different way to implement this would expose a nextfd system call Meh. If nextfd() then I would like it to be able to: - get the nextfd(fd) >= fd - get highest open fd e.g. nextfd(-1) But then I wonder if nextfd() needs to be a syscall and isn't just either: fcntl(fd, F_GET_NEXT)? or prctl(PR_GET_NEXT)? Technically, one could also do: fd_range(unsigned fd, unsigend end_fd, unsigned flags); fd_range(3, 50, FD_RANGE_CLOSE); /* return highest fd within the range [3, 50] */ fd_range(3, 50, FD_RANGE_NEXT); /* return highest fd */ fd_range(3, UINT_MAX, FD_RANGE_NEXT); This syscall could also reasonably be extended. > to userspace, so that we can use that to implement both fdwalk and > closefrom. But maybe fdwalk is just too obscure, given the existence of > /proc. Yeah we probably don't need fdwalk. > > I'll happily implement closefrom on top of close_range in glibc (plus > fallback for older kernels based on /proc—with an abort in case that > doesn't work because the RLIMIT_NOFILE hack is unreliable > unfortunately). > > Thanks, > Florian From mboxrd@z Thu Jan 1 00:00:00 1970 From: christian@brauner.io (Christian Brauner) Date: Tue, 21 May 2019 15:04:39 +0200 Subject: [PATCH 1/2] open: add close_range() In-Reply-To: <87tvdoau12.fsf@oldenburg2.str.redhat.com> References: <20190521113448.20654-1-christian@brauner.io> <87tvdoau12.fsf@oldenburg2.str.redhat.com> Message-ID: <20190521130438.q3u4wvve7p6md6cm@brauner.io> Content-Type: text/plain; charset="UTF-8" Message-ID: <20190521130439.ZYX3SA-fJ-Ks5WA59bcohujkNDdU2V0Va56FRTI5Mbw@z> On Tue, May 21, 2019@02:09:29PM +0200, Florian Weimer wrote: > * Christian Brauner: > > > +/** > > + * __close_range() - Close all file descriptors in a given range. > > + * > > + * @fd: starting file descriptor to close > > + * @max_fd: last file descriptor to close > > + * > > + * This closes a range of file descriptors. All file descriptors > > + * from @fd up to and including @max_fd are closed. > > + */ > > +int __close_range(struct files_struct *files, unsigned fd, unsigned max_fd) > > +{ > > + unsigned int cur_max; > > + > > + if (fd > max_fd) > > + return -EINVAL; > > + > > + rcu_read_lock(); > > + cur_max = files_fdtable(files)->max_fds; > > + rcu_read_unlock(); > > + > > + /* cap to last valid index into fdtable */ > > + if (max_fd >= cur_max) > > + max_fd = cur_max - 1; > > + > > + while (fd <= max_fd) > > + __close_fd(files, fd++); > > + > > + return 0; > > +} > > This seems rather drastic. How long does this block in kernel mode? > Maybe it's okay as long as the maximum possible value for cur_max stays > around 4 million or so. That's probably valid concern when you reach very high numbers though I wonder how relevant this is in practice. Also, you would only be blocking yourself I imagine, i.e. you can't DOS another task with this unless your multi-threaded. > > Solaris has an fdwalk function: > > > > So a different way to implement this would expose a nextfd system call Meh. If nextfd() then I would like it to be able to: - get the nextfd(fd) >= fd - get highest open fd e.g. nextfd(-1) But then I wonder if nextfd() needs to be a syscall and isn't just either: fcntl(fd, F_GET_NEXT)? or prctl(PR_GET_NEXT)? Technically, one could also do: fd_range(unsigned fd, unsigend end_fd, unsigned flags); fd_range(3, 50, FD_RANGE_CLOSE); /* return highest fd within the range [3, 50] */ fd_range(3, 50, FD_RANGE_NEXT); /* return highest fd */ fd_range(3, UINT_MAX, FD_RANGE_NEXT); This syscall could also reasonably be extended. > to userspace, so that we can use that to implement both fdwalk and > closefrom. But maybe fdwalk is just too obscure, given the existence of > /proc. Yeah we probably don't need fdwalk. > > I'll happily implement closefrom on top of close_range in glibc (plus > fallback for older kernels based on /proc—with an abort in case that > doesn't work because the RLIMIT_NOFILE hack is unreliable > unfortunately). > > Thanks, > Florian From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.8 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_NEOMUTT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 31866C04AAF for ; Tue, 21 May 2019 13:06:42 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A92D421773 for ; Tue, 21 May 2019 13:06:41 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=brauner.io header.i=@brauner.io header.b="XJSG1EyP" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A92D421773 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=brauner.io Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 457bcv60k2zDqLX for ; Tue, 21 May 2019 23:06:39 +1000 (AEST) Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=brauner.io (client-ip=2a00:1450:4864:20::441; helo=mail-wr1-x441.google.com; envelope-from=christian@brauner.io; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=brauner.io Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=brauner.io header.i=@brauner.io header.b="XJSG1EyP"; dkim-atps=neutral Received: from mail-wr1-x441.google.com (mail-wr1-x441.google.com [IPv6:2a00:1450:4864:20::441]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 457bZp2lQpzDqGG for ; Tue, 21 May 2019 23:04:47 +1000 (AEST) Received: by mail-wr1-x441.google.com with SMTP id w8so18545546wrl.6 for ; Tue, 21 May 2019 06:04:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=UoeHu3yoNUcPPl9PKQVlxSlKB7SL3/RQXELHWxMzhXU=; b=XJSG1EyPYqVFv06qjxl82rQK6DnXz+zzZ5SuDKstpUJiXRNS8tQ5JU13/0R23pzYo8 CBflOikG7l96+4gPyOlywhufFiPRmoYNDl41896XQ/0MJatuwnRejMHB6TDC98rsUSsk 2AmSYFgAwYwyiIa3Uw0OG4PN7UgonE+wdbkLG/dhBH8kdQoOGpBbAw+wyKcjrVvNwBmM VMKMZI30ibz9pqFsG/Cn36t1s2Pm2QH0dtNNkeKYHL7aO5r+71RV9j9Ohu/+y3mncQUm NMgjzNYEt1ik5sf8wphXNVOj5VnbG86Jclu6wpcMm3hVcqUXQ13o2yCTql/kibMeVk3R 6GZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=UoeHu3yoNUcPPl9PKQVlxSlKB7SL3/RQXELHWxMzhXU=; b=IX+GuUlcBGyQ0kKFu8/mAB4zzfADpigAfrMb8Cs+EBmCEVpRx+zVdjXtvZY5CUTE1E 7wo+YYDlDRWbmwuNMh2QdRAhvIpFsBUEqeIGsvfMxM/1BcEoQz09ucN4thWwkjzhuAtF 8eTeE0/XI4XsqK+CT0YtoRfqI6yRGF/Sh7ViPjWYf5yTfMDNJMS4YgvsY7R+i8kjl772 m+go6pkQEOIWSkXdR41Yt8X+bXsfBkEjpv4AxBSLu5psINV50s2l9H4rw9jM6b4bhiJE SBwwXagCvbJIWCFSBI+Hh4ZtZB0n+k3s8DdSttuD1GwyJa4SdgosXpZxatElyCD8i/RN iooQ== X-Gm-Message-State: APjAAAVH54A8pv9pdDpFhnL8XItzZv2q7e30K+HOs36B5pX5E2PC23ia b/dNy16IYJV6c2UhiMoyaLMtAQ== X-Google-Smtp-Source: APXvYqxG2D4TpRJtgA1by9C5SwilBq6kPP4Jw28l+Fw52p05f/l2TsKOiCci80kJtWr6XsY8G818bQ== X-Received: by 2002:a5d:6b12:: with SMTP id v18mr34420146wrw.306.1558443882738; Tue, 21 May 2019 06:04:42 -0700 (PDT) Received: from brauner.io (p548C9938.dip0.t-ipconnect.de. [84.140.153.56]) by smtp.gmail.com with ESMTPSA id x64sm5789182wmg.17.2019.05.21.06.04.41 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Tue, 21 May 2019 06:04:42 -0700 (PDT) Date: Tue, 21 May 2019 15:04:39 +0200 From: Christian Brauner To: Florian Weimer Subject: Re: [PATCH 1/2] open: add close_range() Message-ID: <20190521130438.q3u4wvve7p6md6cm@brauner.io> References: <20190521113448.20654-1-christian@brauner.io> <87tvdoau12.fsf@oldenburg2.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87tvdoau12.fsf@oldenburg2.str.redhat.com> User-Agent: NeoMutt/20180716 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-ia64@vger.kernel.org, linux-sh@vger.kernel.org, linux-kernel@vger.kernel.org, dhowells@redhat.com, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, shuah@kernel.org, linux-arch@vger.kernel.org, linux-s390@vger.kernel.org, miklos@szeredi.hu, x86@kernel.org, torvalds@linux-foundation.org, linux-mips@vger.kernel.org, linux-xtensa@linux-xtensa.org, tkjos@android.com, arnd@arndb.de, jannh@google.com, linux-m68k@lists.linux-m68k.org, viro@zeniv.linux.org.uk, tglx@linutronix.de, ldv@altlinux.org, linux-arm-kernel@lists.infradead.org, linux-parisc@vger.kernel.org, linux-api@vger.kernel.org, oleg@redhat.com, linux-alpha@vger.kernel.org, linux-fsdevel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" On Tue, May 21, 2019 at 02:09:29PM +0200, Florian Weimer wrote: > * Christian Brauner: > > > +/** > > + * __close_range() - Close all file descriptors in a given range. > > + * > > + * @fd: starting file descriptor to close > > + * @max_fd: last file descriptor to close > > + * > > + * This closes a range of file descriptors. All file descriptors > > + * from @fd up to and including @max_fd are closed. > > + */ > > +int __close_range(struct files_struct *files, unsigned fd, unsigned max_fd) > > +{ > > + unsigned int cur_max; > > + > > + if (fd > max_fd) > > + return -EINVAL; > > + > > + rcu_read_lock(); > > + cur_max = files_fdtable(files)->max_fds; > > + rcu_read_unlock(); > > + > > + /* cap to last valid index into fdtable */ > > + if (max_fd >= cur_max) > > + max_fd = cur_max - 1; > > + > > + while (fd <= max_fd) > > + __close_fd(files, fd++); > > + > > + return 0; > > +} > > This seems rather drastic. How long does this block in kernel mode? > Maybe it's okay as long as the maximum possible value for cur_max stays > around 4 million or so. That's probably valid concern when you reach very high numbers though I wonder how relevant this is in practice. Also, you would only be blocking yourself I imagine, i.e. you can't DOS another task with this unless your multi-threaded. > > Solaris has an fdwalk function: > > > > So a different way to implement this would expose a nextfd system call Meh. If nextfd() then I would like it to be able to: - get the nextfd(fd) >= fd - get highest open fd e.g. nextfd(-1) But then I wonder if nextfd() needs to be a syscall and isn't just either: fcntl(fd, F_GET_NEXT)? or prctl(PR_GET_NEXT)? Technically, one could also do: fd_range(unsigned fd, unsigend end_fd, unsigned flags); fd_range(3, 50, FD_RANGE_CLOSE); /* return highest fd within the range [3, 50] */ fd_range(3, 50, FD_RANGE_NEXT); /* return highest fd */ fd_range(3, UINT_MAX, FD_RANGE_NEXT); This syscall could also reasonably be extended. > to userspace, so that we can use that to implement both fdwalk and > closefrom. But maybe fdwalk is just too obscure, given the existence of > /proc. Yeah we probably don't need fdwalk. > > I'll happily implement closefrom on top of close_range in glibc (plus > fallback for older kernels based on /proc—with an abort in case that > doesn't work because the RLIMIT_NOFILE hack is unreliable > unfortunately). > > Thanks, > Florian From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,USER_AGENT_NEOMUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B2A38C46460 for ; Tue, 21 May 2019 13:04:48 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8723B217F9 for ; Tue, 21 May 2019 13:04:48 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="VlBE1+Gz"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=brauner.io header.i=@brauner.io header.b="XJSG1EyP" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8723B217F9 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=brauner.io Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Cd0JlT3m382ys5y3qfUONOcYBg8xXian6HQv6Y74F8Y=; b=VlBE1+GzGh/h3r 862W4ArwdYhpvILe86S24m1fq++XaJnG1D3cXiJMRVhbkVO8SonpruhoXhjPzMyQ/Chee3Yh2+NFe m/bXOYEhcuHp8EeIvd1aBwa+ds+nNACVZUyZlFsF4apKwdVvtcXIesCLkyVI2ioMAAzd2ijBPFSRI uvCFe7fprOIEZnyajvt+3cWJ+l3dv7mcRMe09qSlviogKbkFSVjIy79E6sJ/GQ1+kF16Pz7ORNV21 1oPNF4kLYRxeIZaGZnuEK+0SZsF/vcB9TgDLi6pfeo0DodjWxC6MqC4s5uMnO0JK0zrv8fPOuy0+K H3+V2SIzvf85FM2k9R7Q==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1hT4Rj-0004u6-OC; Tue, 21 May 2019 13:04:47 +0000 Received: from mail-wr1-x443.google.com ([2a00:1450:4864:20::443]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1hT4Rg-0004tK-En for linux-arm-kernel@lists.infradead.org; Tue, 21 May 2019 13:04:46 +0000 Received: by mail-wr1-x443.google.com with SMTP id b18so18475124wrq.12 for ; Tue, 21 May 2019 06:04:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=UoeHu3yoNUcPPl9PKQVlxSlKB7SL3/RQXELHWxMzhXU=; b=XJSG1EyPYqVFv06qjxl82rQK6DnXz+zzZ5SuDKstpUJiXRNS8tQ5JU13/0R23pzYo8 CBflOikG7l96+4gPyOlywhufFiPRmoYNDl41896XQ/0MJatuwnRejMHB6TDC98rsUSsk 2AmSYFgAwYwyiIa3Uw0OG4PN7UgonE+wdbkLG/dhBH8kdQoOGpBbAw+wyKcjrVvNwBmM VMKMZI30ibz9pqFsG/Cn36t1s2Pm2QH0dtNNkeKYHL7aO5r+71RV9j9Ohu/+y3mncQUm NMgjzNYEt1ik5sf8wphXNVOj5VnbG86Jclu6wpcMm3hVcqUXQ13o2yCTql/kibMeVk3R 6GZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=UoeHu3yoNUcPPl9PKQVlxSlKB7SL3/RQXELHWxMzhXU=; b=awdkYz1jxkPKRCH4+nVqaYtLf8UGZW49Cr54pYwHUXGctnqfhvl1o6h1uB32kL6qh/ tC9GdsWZFdkp+tR2RfNY4Px5tSd85UG4CkZX1Dvq5KV8xMQMgyp7QYseKKhOJIBGMT6R cC9ZuFj+8DaYKtjlr/MUEsBfoebk7lQ2xxYqKYEuc1d30UnaVOA86OpRknUMrLb4qsIc clg9giDa4yay0LkKPSRJ5m0SEk41wPdvPtcTLACXIvHTJx+CPfELF8HtmF8aVkeT0Wj3 P4dYSaBmgh+bDcUBjMQ3IynxA6+pA+WGCSu1u02/sWRHvdYGnwCjEG3jW5uAtueZLDiH ZmWg== X-Gm-Message-State: APjAAAVdyl1hwOxym0r1cWCIMOgoZiqjAJZrK//HYs3R2XSDEq0nKGCN vcy9buVEAgi3DfNdMYFVgV17ew== X-Google-Smtp-Source: APXvYqxG2D4TpRJtgA1by9C5SwilBq6kPP4Jw28l+Fw52p05f/l2TsKOiCci80kJtWr6XsY8G818bQ== X-Received: by 2002:a5d:6b12:: with SMTP id v18mr34420146wrw.306.1558443882738; Tue, 21 May 2019 06:04:42 -0700 (PDT) Received: from brauner.io (p548C9938.dip0.t-ipconnect.de. [84.140.153.56]) by smtp.gmail.com with ESMTPSA id x64sm5789182wmg.17.2019.05.21.06.04.41 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Tue, 21 May 2019 06:04:42 -0700 (PDT) Date: Tue, 21 May 2019 15:04:39 +0200 From: Christian Brauner To: Florian Weimer Subject: Re: [PATCH 1/2] open: add close_range() Message-ID: <20190521130438.q3u4wvve7p6md6cm@brauner.io> References: <20190521113448.20654-1-christian@brauner.io> <87tvdoau12.fsf@oldenburg2.str.redhat.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <87tvdoau12.fsf@oldenburg2.str.redhat.com> User-Agent: NeoMutt/20180716 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190521_060444_725486_6439545E X-CRM114-Status: GOOD ( 17.42 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-ia64@vger.kernel.org, linux-sh@vger.kernel.org, linux-kernel@vger.kernel.org, dhowells@redhat.com, linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org, shuah@kernel.org, linux-arch@vger.kernel.org, linux-s390@vger.kernel.org, miklos@szeredi.hu, x86@kernel.org, torvalds@linux-foundation.org, linux-mips@vger.kernel.org, linux-xtensa@linux-xtensa.org, tkjos@android.com, arnd@arndb.de, jannh@google.com, linux-m68k@lists.linux-m68k.org, viro@zeniv.linux.org.uk, tglx@linutronix.de, ldv@altlinux.org, linux-arm-kernel@lists.infradead.org, linux-parisc@vger.kernel.org, linux-api@vger.kernel.org, oleg@redhat.com, linux-alpha@vger.kernel.org, linux-fsdevel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org T24gVHVlLCBNYXkgMjEsIDIwMTkgYXQgMDI6MDk6MjlQTSArMDIwMCwgRmxvcmlhbiBXZWltZXIg d3JvdGU6Cj4gKiBDaHJpc3RpYW4gQnJhdW5lcjoKPiAKPiA+ICsvKioKPiA+ICsgKiBfX2Nsb3Nl X3JhbmdlKCkgLSBDbG9zZSBhbGwgZmlsZSBkZXNjcmlwdG9ycyBpbiBhIGdpdmVuIHJhbmdlLgo+ ID4gKyAqCj4gPiArICogQGZkOiAgICAgc3RhcnRpbmcgZmlsZSBkZXNjcmlwdG9yIHRvIGNsb3Nl Cj4gPiArICogQG1heF9mZDogbGFzdCBmaWxlIGRlc2NyaXB0b3IgdG8gY2xvc2UKPiA+ICsgKgo+ ID4gKyAqIFRoaXMgY2xvc2VzIGEgcmFuZ2Ugb2YgZmlsZSBkZXNjcmlwdG9ycy4gQWxsIGZpbGUg ZGVzY3JpcHRvcnMKPiA+ICsgKiBmcm9tIEBmZCB1cCB0byBhbmQgaW5jbHVkaW5nIEBtYXhfZmQg YXJlIGNsb3NlZC4KPiA+ICsgKi8KPiA+ICtpbnQgX19jbG9zZV9yYW5nZShzdHJ1Y3QgZmlsZXNf c3RydWN0ICpmaWxlcywgdW5zaWduZWQgZmQsIHVuc2lnbmVkIG1heF9mZCkKPiA+ICt7Cj4gPiAr CXVuc2lnbmVkIGludCBjdXJfbWF4Owo+ID4gKwo+ID4gKwlpZiAoZmQgPiBtYXhfZmQpCj4gPiAr CQlyZXR1cm4gLUVJTlZBTDsKPiA+ICsKPiA+ICsJcmN1X3JlYWRfbG9jaygpOwo+ID4gKwljdXJf bWF4ID0gZmlsZXNfZmR0YWJsZShmaWxlcyktPm1heF9mZHM7Cj4gPiArCXJjdV9yZWFkX3VubG9j aygpOwo+ID4gKwo+ID4gKwkvKiBjYXAgdG8gbGFzdCB2YWxpZCBpbmRleCBpbnRvIGZkdGFibGUg Ki8KPiA+ICsJaWYgKG1heF9mZCA+PSBjdXJfbWF4KQo+ID4gKwkJbWF4X2ZkID0gY3VyX21heCAt IDE7Cj4gPiArCj4gPiArCXdoaWxlIChmZCA8PSBtYXhfZmQpCj4gPiArCQlfX2Nsb3NlX2ZkKGZp bGVzLCBmZCsrKTsKPiA+ICsKPiA+ICsJcmV0dXJuIDA7Cj4gPiArfQo+IAo+IFRoaXMgc2VlbXMg cmF0aGVyIGRyYXN0aWMuICBIb3cgbG9uZyBkb2VzIHRoaXMgYmxvY2sgaW4ga2VybmVsIG1vZGU/ Cj4gTWF5YmUgaXQncyBva2F5IGFzIGxvbmcgYXMgdGhlIG1heGltdW0gcG9zc2libGUgdmFsdWUg Zm9yIGN1cl9tYXggc3RheXMKPiBhcm91bmQgNCBtaWxsaW9uIG9yIHNvLgoKVGhhdCdzIHByb2Jh Ymx5IHZhbGlkIGNvbmNlcm4gd2hlbiB5b3UgcmVhY2ggdmVyeSBoaWdoIG51bWJlcnMgdGhvdWdo IEkKd29uZGVyIGhvdyByZWxldmFudCB0aGlzIGlzIGluIHByYWN0aWNlLgpBbHNvLCB5b3Ugd291 bGQgb25seSBiZSBibG9ja2luZyB5b3Vyc2VsZiBJIGltYWdpbmUsIGkuZS4geW91IGNhbid0IERP Uwphbm90aGVyIHRhc2sgd2l0aCB0aGlzIHVubGVzcyB5b3VyIG11bHRpLXRocmVhZGVkLgoKPiAK PiBTb2xhcmlzIGhhcyBhbiBmZHdhbGsgZnVuY3Rpb246Cj4gCj4gICA8aHR0cHM6Ly9kb2NzLm9y YWNsZS5jb20vY2QvRTg4MzUzXzAxL2h0bWwvRTM3ODQzL2Nsb3NlZnJvbS0zYy5odG1sPgo+IAo+ IFNvIGEgZGlmZmVyZW50IHdheSB0byBpbXBsZW1lbnQgdGhpcyB3b3VsZCBleHBvc2UgYSBuZXh0 ZmQgc3lzdGVtIGNhbGwKCk1laC4gSWYgbmV4dGZkKCkgdGhlbiBJIHdvdWxkIGxpa2UgaXQgdG8g YmUgYWJsZSB0bzoKLSBnZXQgdGhlIG5leHRmZChmZCkgPj0gZmQKLSBnZXQgaGlnaGVzdCBvcGVu IGZkIGUuZy4gbmV4dGZkKC0xKQoKQnV0IHRoZW4gSSB3b25kZXIgaWYgbmV4dGZkKCkgbmVlZHMg dG8gYmUgYSBzeXNjYWxsIGFuZCBpc24ndCBqdXN0CmVpdGhlcjoKZmNudGwoZmQsIEZfR0VUX05F WFQpPwpvcgpwcmN0bChQUl9HRVRfTkVYVCk/CgpUZWNobmljYWxseSwgb25lIGNvdWxkIGFsc28g ZG86CgpmZF9yYW5nZSh1bnNpZ25lZCBmZCwgdW5zaWdlbmQgZW5kX2ZkLCB1bnNpZ25lZCBmbGFn cyk7CgpmZF9yYW5nZSgzLCA1MCwgRkRfUkFOR0VfQ0xPU0UpOwoKLyogcmV0dXJuIGhpZ2hlc3Qg ZmQgd2l0aGluIHRoZSByYW5nZSBbMywgNTBdICovCmZkX3JhbmdlKDMsIDUwLCBGRF9SQU5HRV9O RVhUKTsKCi8qIHJldHVybiBoaWdoZXN0IGZkICovCmZkX3JhbmdlKDMsIFVJTlRfTUFYLCBGRF9S QU5HRV9ORVhUKTsKClRoaXMgc3lzY2FsbCBjb3VsZCBhbHNvIHJlYXNvbmFibHkgYmUgZXh0ZW5k ZWQuCgo+IHRvIHVzZXJzcGFjZSwgc28gdGhhdCB3ZSBjYW4gdXNlIHRoYXQgdG8gaW1wbGVtZW50 IGJvdGggZmR3YWxrIGFuZAo+IGNsb3NlZnJvbS4gIEJ1dCBtYXliZSBmZHdhbGsgaXMganVzdCB0 b28gb2JzY3VyZSwgZ2l2ZW4gdGhlIGV4aXN0ZW5jZSBvZgo+IC9wcm9jLgoKWWVhaCB3ZSBwcm9i YWJseSBkb24ndCBuZWVkIGZkd2Fsay4KCj4gCj4gSSdsbCBoYXBwaWx5IGltcGxlbWVudCBjbG9z ZWZyb20gb24gdG9wIG9mIGNsb3NlX3JhbmdlIGluIGdsaWJjIChwbHVzCj4gZmFsbGJhY2sgZm9y IG9sZGVyIGtlcm5lbHMgYmFzZWQgb24gL3Byb2PigJR3aXRoIGFuIGFib3J0IGluIGNhc2UgdGhh dAo+IGRvZXNuJ3Qgd29yayBiZWNhdXNlIHRoZSBSTElNSVRfTk9GSUxFIGhhY2sgaXMgdW5yZWxp YWJsZQo+IHVuZm9ydHVuYXRlbHkpLgo+IAo+IFRoYW5rcywKPiBGbG9yaWFuCgpfX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwpsaW51eC1hcm0ta2VybmVsIG1h aWxpbmcgbGlzdApsaW51eC1hcm0ta2VybmVsQGxpc3RzLmluZnJhZGVhZC5vcmcKaHR0cDovL2xp c3RzLmluZnJhZGVhZC5vcmcvbWFpbG1hbi9saXN0aW5mby9saW51eC1hcm0ta2VybmVsCg== From mboxrd@z Thu Jan 1 00:00:00 1970 From: Christian Brauner Subject: Re: [PATCH 1/2] open: add close_range() Date: Tue, 21 May 2019 15:04:39 +0200 Message-ID: <20190521130438.q3u4wvve7p6md6cm@brauner.io> References: <20190521113448.20654-1-christian@brauner.io> <87tvdoau12.fsf@oldenburg2.str.redhat.com> Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Return-path: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=UoeHu3yoNUcPPl9PKQVlxSlKB7SL3/RQXELHWxMzhXU=; b=XJSG1EyPYqVFv06qjxl82rQK6DnXz+zzZ5SuDKstpUJiXRNS8tQ5JU13/0R23pzYo8 CBflOikG7l96+4gPyOlywhufFiPRmoYNDl41896XQ/0MJatuwnRejMHB6TDC98rsUSsk 2AmSYFgAwYwyiIa3Uw0OG4PN7UgonE+wdbkLG/dhBH8kdQoOGpBbAw+wyKcjrVvNwBmM VMKMZI30ibz9pqFsG/Cn36t1s2Pm2QH0dtNNkeKYHL7aO5r+71RV9j9Ohu/+y3mncQUm NMgjzNYEt1ik5sf8wphXNVOj5VnbG86Jclu6wpcMm3hVcqUXQ13o2yCTql/kibMeVk3R 6GZQ== Content-Disposition: inline In-Reply-To: <87tvdoau12.fsf@oldenburg2.str.redhat.com> Sender: linux-kernel-owner@vger.kernel.org List-ID: Content-Type: text/plain; charset="windows-1252" To: Florian Weimer Cc: viro@zeniv.linux.org.uk, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org, jannh@google.com, oleg@redhat.com, tglx@linutronix.de, torvalds@linux-foundation.org, arnd@arndb.de, shuah@kernel.org, dhowells@redhat.com, tkjos@android.com, ldv@altlinux.org, miklos@szeredi.hu, linux-alpha@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-xtensa@linux-xtensa.org, linux-arch@vger.kernel.org, linux-kselftest@vger.kernel.org, x86@kernel.org On Tue, May 21, 2019 at 02:09:29PM +0200, Florian Weimer wrote: > * Christian Brauner: >=20 > > +/** > > + * __close_range() - Close all file descriptors in a given range. > > + * > > + * @fd: starting file descriptor to close > > + * @max_fd: last file descriptor to close > > + * > > + * This closes a range of file descriptors. All file descriptors > > + * from @fd up to and including @max_fd are closed. > > + */ > > +int __close_range(struct files_struct *files, unsigned fd, unsigned ma= x_fd) > > +{ > > + unsigned int cur_max; > > + > > + if (fd > max_fd) > > + return -EINVAL; > > + > > + rcu_read_lock(); > > + cur_max =3D files_fdtable(files)->max_fds; > > + rcu_read_unlock(); > > + > > + /* cap to last valid index into fdtable */ > > + if (max_fd >=3D cur_max) > > + max_fd =3D cur_max - 1; > > + > > + while (fd <=3D max_fd) > > + __close_fd(files, fd++); > > + > > + return 0; > > +} >=20 > This seems rather drastic. How long does this block in kernel mode? > Maybe it's okay as long as the maximum possible value for cur_max stays > around 4 million or so. That's probably valid concern when you reach very high numbers though I wonder how relevant this is in practice. Also, you would only be blocking yourself I imagine, i.e. you can't DOS another task with this unless your multi-threaded. >=20 > Solaris has an fdwalk function: >=20 > >=20 > So a different way to implement this would expose a nextfd system call Meh. If nextfd() then I would like it to be able to: - get the nextfd(fd) >=3D fd - get highest open fd e.g. nextfd(-1) But then I wonder if nextfd() needs to be a syscall and isn't just either: fcntl(fd, F_GET_NEXT)? or prctl(PR_GET_NEXT)? Technically, one could also do: fd_range(unsigned fd, unsigend end_fd, unsigned flags); fd_range(3, 50, FD_RANGE_CLOSE); /* return highest fd within the range [3, 50] */ fd_range(3, 50, FD_RANGE_NEXT); /* return highest fd */ fd_range(3, UINT_MAX, FD_RANGE_NEXT); This syscall could also reasonably be extended. > to userspace, so that we can use that to implement both fdwalk and > closefrom. But maybe fdwalk is just too obscure, given the existence of > /proc. Yeah we probably don't need fdwalk. >=20 > I'll happily implement closefrom on top of close_range in glibc (plus > fallback for older kernels based on /proc=E2=80=94with an abort in case t= hat > doesn't work because the RLIMIT_NOFILE hack is unreliable > unfortunately). >=20 > Thanks, > Florian