From: Yann Droneaud <ydroneaud@opteya.com>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: Yann Droneaud <ydroneaud@opteya.com>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCHv7 6/6] file: remove macro get_unused_fd()
Date: Sun, 1 Jun 2014 16:00:48 +0200 [thread overview]
Message-ID: <f5c8d0d7f243a67f1ecd1978dd45d57b1b81d07a.1401630396.git.ydroneaud@opteya.com> (raw)
In-Reply-To: <cover.1401630396.git.ydroneaud@opteya.com>
In-Reply-To: <cover.1401630396.git.ydroneaud@opteya.com>
Macro get_unused_fd() allocates a file descriptor without enabling
close-on-exec: it calls function get_unused_fd_flags() without
O_CLOEXEC flag.
This can be seen as an unsafe default: in most case close-on-exec
should be enabled to not leak file descriptor across exec().
This patch removes get_unused_fd() instead of updating it to use
O_CLOEXEC so that out of tree modules won't be affect by a runtime
behavor change which might introduce other kind of bug. It's better
to catch the change at build time, making it easier to fix.
Removing the macro will also promote use of get_unused_fd_flags()
(or anon_inode_getfd()) with flags provided by userspace. Or, if
flags cannot be given by userspace, with flags set to O_CLOEXEC set
by default.
Link: http://lkml.kernel.org/r/cover.1401630396.git.ydroneaud@opteya.com
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Yann Droneaud <ydroneaud@opteya.com>
---
include/linux/file.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/include/linux/file.h b/include/linux/file.h
index 4d69123377a2..f87d30882a24 100644
--- a/include/linux/file.h
+++ b/include/linux/file.h
@@ -66,7 +66,6 @@ extern void set_close_on_exec(unsigned int fd, int flag);
extern bool get_close_on_exec(unsigned int fd);
extern void put_filp(struct file *);
extern int get_unused_fd_flags(unsigned flags);
-#define get_unused_fd() get_unused_fd_flags(0)
extern void put_unused_fd(unsigned int fd);
extern void fd_install(unsigned int fd, struct file *file);
--
1.9.3
prev parent reply other threads:[~2014-06-01 18:59 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-01 13:58 [PATCHv7 0/6] Getting rid of get_unused_fd() / enable close-on-exec Yann Droneaud
2014-06-01 13:58 ` [PATCHv7 1/6] ia64: use get_unused_fd_flags(0) instead of get_unused_fd() Yann Droneaud
2014-06-01 13:58 ` [PATCHv7 2/6] ppc/cell: " Yann Droneaud
2014-06-01 13:58 ` [PATCHv7 3/6] binfmt_misc: " Yann Droneaud
2014-06-01 13:58 ` [PATCHv7 4/6] file: " Yann Droneaud
2014-06-01 13:58 ` [PATCHv7 5/6] fanotify: enable close-on-exec on events' fd when requested in fanotify_init() Yann Droneaud
2014-06-01 14:00 ` Yann Droneaud [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f5c8d0d7f243a67f1ecd1978dd45d57b1b81d07a.1401630396.git.ydroneaud@opteya.com \
--to=ydroneaud@opteya.com \
--cc=akpm@linux-foundation.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).