Skip to content

Commit 9539627

Browse files
borsbors
committed
Auto merge of #24034 - alexcrichton:cloexec, r=aturon
The commit messages have more details as to what's going on, but this is a breaking change for any libraries which expect file descriptors to be inherited by default. Closes #12148
2 parents e4f9ddb + eadc3bc commit 9539627

File tree

10 files changed

+391
-313
lines changed

10 files changed

+391
-313
lines changed

src/libstd/process.rs

+11-15
Original file line numberDiff line numberDiff line change
@@ -19,13 +19,13 @@ use io::prelude::*;
1919
use ffi::OsStr;
2020
use fmt;
2121
use io::{self, Error, ErrorKind};
22-
use libc;
2322
use path;
2423
use sync::mpsc::{channel, Receiver};
2524
use sys::pipe2::{self, AnonPipe};
2625
use sys::process2::Command as CommandImp;
2726
use sys::process2::Process as ProcessImp;
2827
use sys::process2::ExitStatus as ExitStatusImp;
28+
use sys::process2::Stdio as StdioImp2;
2929
use sys_common::{AsInner, AsInnerMut};
3030
use thread;
3131

@@ -229,13 +229,13 @@ impl Command {
229229

230230
fn spawn_inner(&self, default_io: StdioImp) -> io::Result<Child> {
231231
let (their_stdin, our_stdin) = try!(
232-
setup_io(self.stdin.as_ref().unwrap_or(&default_io), 0, true)
232+
setup_io(self.stdin.as_ref().unwrap_or(&default_io), true)
233233
);
234234
let (their_stdout, our_stdout) = try!(
235-
setup_io(self.stdout.as_ref().unwrap_or(&default_io), 1, false)
235+
setup_io(self.stdout.as_ref().unwrap_or(&default_io), false)
236236
);
237237
let (their_stderr, our_stderr) = try!(
238-
setup_io(self.stderr.as_ref().unwrap_or(&default_io), 2, false)
238+
setup_io(self.stderr.as_ref().unwrap_or(&default_io), false)
239239
);
240240

241241
match ProcessImp::spawn(&self.inner, their_stdin, their_stdout, their_stderr) {
@@ -328,23 +328,19 @@ impl AsInnerMut<CommandImp> for Command {
328328
fn as_inner_mut(&mut self) -> &mut CommandImp { &mut self.inner }
329329
}
330330

331-
fn setup_io(io: &StdioImp, fd: libc::c_int, readable: bool)
332-
-> io::Result<(Option<AnonPipe>, Option<AnonPipe>)>
331+
fn setup_io(io: &StdioImp, readable: bool)
332+
-> io::Result<(StdioImp2, Option<AnonPipe>)>
333333
{
334334
use self::StdioImp::*;
335335
Ok(match *io {
336-
Null => {
337-
(None, None)
338-
}
339-
Inherit => {
340-
(Some(AnonPipe::from_fd(fd)), None)
341-
}
336+
Null => (StdioImp2::None, None),
337+
Inherit => (StdioImp2::Inherit, None),
342338
Piped => {
343-
let (reader, writer) = try!(unsafe { pipe2::anon_pipe() });
339+
let (reader, writer) = try!(pipe2::anon_pipe());
344340
if readable {
345-
(Some(reader), Some(writer))
341+
(StdioImp2::Piped(reader), Some(writer))
346342
} else {
347-
(Some(writer), Some(reader))
343+
(StdioImp2::Piped(writer), Some(reader))
348344
}
349345
}
350346
})

src/libstd/sys/unix/c.rs

+21-23
Original file line numberDiff line numberDiff line change
@@ -26,39 +26,35 @@ use libc;
2626
target_os = "dragonfly",
2727
target_os = "bitrig",
2828
target_os = "openbsd"))]
29-
pub const FIONBIO: libc::c_ulong = 0x8004667e;
30-
#[cfg(any(all(target_os = "linux",
31-
any(target_arch = "x86",
32-
target_arch = "x86_64",
33-
target_arch = "arm",
34-
target_arch = "aarch64")),
35-
target_os = "android"))]
36-
pub const FIONBIO: libc::c_ulong = 0x5421;
37-
#[cfg(all(target_os = "linux",
38-
any(target_arch = "mips",
39-
target_arch = "mipsel",
40-
target_arch = "powerpc")))]
41-
pub const FIONBIO: libc::c_ulong = 0x667e;
42-
43-
#[cfg(any(target_os = "macos",
44-
target_os = "ios",
45-
target_os = "freebsd",
46-
target_os = "dragonfly",
47-
target_os = "bitrig",
48-
target_os = "openbsd"))]
49-
pub const FIOCLEX: libc::c_ulong = 0x20006601;
29+
mod consts {
30+
use libc;
31+
pub const FIONBIO: libc::c_ulong = 0x8004667e;
32+
pub const FIOCLEX: libc::c_ulong = 0x20006601;
33+
pub const FIONCLEX: libc::c_ulong = 0x20006602;
34+
}
5035
#[cfg(any(all(target_os = "linux",
5136
any(target_arch = "x86",
5237
target_arch = "x86_64",
5338
target_arch = "arm",
5439
target_arch = "aarch64")),
5540
target_os = "android"))]
56-
pub const FIOCLEX: libc::c_ulong = 0x5451;
41+
mod consts {
42+
use libc;
43+
pub const FIONBIO: libc::c_ulong = 0x5421;
44+
pub const FIOCLEX: libc::c_ulong = 0x5451;
45+
pub const FIONCLEX: libc::c_ulong = 0x5450;
46+
}
5747
#[cfg(all(target_os = "linux",
5848
any(target_arch = "mips",
5949
target_arch = "mipsel",
6050
target_arch = "powerpc")))]
61-
pub const FIOCLEX: libc::c_ulong = 0x6601;
51+
mod consts {
52+
use libc;
53+
pub const FIONBIO: libc::c_ulong = 0x667e;
54+
pub const FIOCLEX: libc::c_ulong = 0x6601;
55+
pub const FIONCLEX: libc::c_ulong = 0x6600;
56+
}
57+
pub use self::consts::*;
6258

6359
#[cfg(any(target_os = "macos",
6460
target_os = "ios",
@@ -163,6 +159,8 @@ extern {
163159
pub fn utimes(filename: *const libc::c_char,
164160
times: *const libc::timeval) -> libc::c_int;
165161
pub fn gai_strerror(errcode: libc::c_int) -> *const libc::c_char;
162+
pub fn setgroups(ngroups: libc::c_int,
163+
ptr: *const libc::c_void) -> libc::c_int;
166164
}
167165

168166
#[cfg(any(target_os = "macos", target_os = "ios"))]

src/libstd/sys/unix/fd.rs

+14-9
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ use core::prelude::*;
1313
use io;
1414
use libc::{self, c_int, size_t, c_void};
1515
use mem;
16+
use sys::c;
1617
use sys::cvt;
1718
use sys_common::AsInner;
1819

@@ -51,6 +52,13 @@ impl FileDesc {
5152
}));
5253
Ok(ret as usize)
5354
}
55+
56+
pub fn set_cloexec(&self) {
57+
unsafe {
58+
let ret = c::ioctl(self.fd, c::FIOCLEX);
59+
debug_assert_eq!(ret, 0);
60+
}
61+
}
5462
}
5563

5664
impl AsInner<c_int> for FileDesc {
@@ -59,14 +67,11 @@ impl AsInner<c_int> for FileDesc {
5967

6068
impl Drop for FileDesc {
6169
fn drop(&mut self) {
62-
// closing stdio file handles makes no sense, so never do it. Also, note
63-
// that errors are ignored when closing a file descriptor. The reason
64-
// for this is that if an error occurs we don't actually know if the
65-
// file descriptor was closed or not, and if we retried (for something
66-
// like EINTR), we might close another valid file descriptor (opened
67-
// after we closed ours.
68-
if self.fd > libc::STDERR_FILENO {
69-
let _ = unsafe { libc::close(self.fd) };
70-
}
70+
// Note that errors are ignored when closing a file descriptor. The
71+
// reason for this is that if an error occurs we don't actually know if
72+
// the file descriptor was closed or not, and if we retried (for
73+
// something like EINTR), we might close another valid file descriptor
74+
// (opened after we closed ours.
75+
let _ = unsafe { libc::close(self.fd) };
7176
}
7277
}

src/libstd/sys/unix/fs2.rs

+10-2
Original file line numberDiff line numberDiff line change
@@ -205,19 +205,27 @@ impl OpenOptions {
205205

206206
impl File {
207207
pub fn open(path: &Path, opts: &OpenOptions) -> io::Result<File> {
208+
let path = try!(cstr(path));
209+
File::open_c(&path, opts)
210+
}
211+
212+
pub fn open_c(path: &CStr, opts: &OpenOptions) -> io::Result<File> {
208213
let flags = opts.flags | match (opts.read, opts.write) {
209214
(true, true) => libc::O_RDWR,
210215
(false, true) => libc::O_WRONLY,
211216
(true, false) |
212217
(false, false) => libc::O_RDONLY,
213218
};
214-
let path = try!(cstr(path));
215219
let fd = try!(cvt_r(|| unsafe {
216220
libc::open(path.as_ptr(), flags, opts.mode)
217221
}));
218-
Ok(File(FileDesc::new(fd)))
222+
let fd = FileDesc::new(fd);
223+
fd.set_cloexec();
224+
Ok(File(fd))
219225
}
220226

227+
pub fn into_fd(self) -> FileDesc { self.0 }
228+
221229
pub fn file_attr(&self) -> io::Result<FileAttr> {
222230
let mut stat: libc::stat = unsafe { mem::zeroed() };
223231
try!(cvt(unsafe { libc::fstat(self.0.raw(), &mut stat) }));

src/libstd/sys/unix/net.rs

+10-5
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,9 @@ impl Socket {
4747
};
4848
unsafe {
4949
let fd = try!(cvt(libc::socket(fam, ty, 0)));
50-
Ok(Socket(FileDesc::new(fd)))
50+
let fd = FileDesc::new(fd);
51+
fd.set_cloexec();
52+
Ok(Socket(fd))
5153
}
5254
}
5355

@@ -56,13 +58,16 @@ impl Socket {
5658
let fd = try!(cvt_r(|| unsafe {
5759
libc::accept(self.0.raw(), storage, len)
5860
}));
59-
Ok(Socket(FileDesc::new(fd)))
61+
let fd = FileDesc::new(fd);
62+
fd.set_cloexec();
63+
Ok(Socket(fd))
6064
}
6165

6266
pub fn duplicate(&self) -> io::Result<Socket> {
63-
cvt(unsafe { libc::dup(self.0.raw()) }).map(|fd| {
64-
Socket(FileDesc::new(fd))
65-
})
67+
let fd = try!(cvt(unsafe { libc::dup(self.0.raw()) }));
68+
let fd = FileDesc::new(fd);
69+
fd.set_cloexec();
70+
Ok(Socket(fd))
6671
}
6772

6873
pub fn read(&self, buf: &mut [u8]) -> io::Result<usize> {

src/libstd/sys/unix/pipe2.rs

+8-7
Original file line numberDiff line numberDiff line change
@@ -20,19 +20,20 @@ use libc;
2020

2121
pub struct AnonPipe(FileDesc);
2222

23-
pub unsafe fn anon_pipe() -> io::Result<(AnonPipe, AnonPipe)> {
23+
pub fn anon_pipe() -> io::Result<(AnonPipe, AnonPipe)> {
2424
let mut fds = [0; 2];
25-
if libc::pipe(fds.as_mut_ptr()) == 0 {
26-
Ok((AnonPipe::from_fd(fds[0]),
27-
AnonPipe::from_fd(fds[1])))
25+
if unsafe { libc::pipe(fds.as_mut_ptr()) == 0 } {
26+
Ok((AnonPipe::from_fd(fds[0]), AnonPipe::from_fd(fds[1])))
2827
} else {
2928
Err(io::Error::last_os_error())
3029
}
3130
}
3231

3332
impl AnonPipe {
3433
pub fn from_fd(fd: libc::c_int) -> AnonPipe {
35-
AnonPipe(FileDesc::new(fd))
34+
let fd = FileDesc::new(fd);
35+
fd.set_cloexec();
36+
AnonPipe(fd)
3637
}
3738

3839
pub fn read(&self, buf: &mut [u8]) -> io::Result<usize> {
@@ -43,7 +44,7 @@ impl AnonPipe {
4344
self.0.write(buf)
4445
}
4546

46-
pub fn raw(&self) -> libc::c_int {
47-
self.0.raw()
47+
pub fn into_fd(self) -> FileDesc {
48+
self.0
4849
}
4950
}

0 commit comments

Comments
 (0)