linux/include/asm-parisc
Ulrich Drepper f23513e8d9 Introduce O_CLOEXEC
The problem is as follows: in multi-threaded code (or more correctly: all
code using clone() with CLONE_FILES) we have a race when exec'ing.

   thread #1                       thread #2

   fd=open()

                                   fork + exec

  fcntl(fd,F_SETFD,FD_CLOEXEC)

In some applications this can happen frequently.  Take a web browser.  One
thread opens a file and another thread starts, say, an external PDF viewer.
 The result can even be a security issue if that open file descriptor
refers to a sensitive file and the external program can somehow be tricked
into using that descriptor.

Just adding O_CLOEXEC support to open() doesn't solve the whole set of
problems.  There are other ways to create file descriptors (socket,
epoll_create, Unix domain socket transfer, etc).  These can and should be
addressed separately though.  open() is such an easy case that it makes not
much sense putting the fix off.

The test program:

#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <unistd.h>

#ifndef O_CLOEXEC
# define O_CLOEXEC 02000000
#endif

int
main (int argc, char *argv[])
{
  int fd;
  if (argc > 1)
    {
      fd = atol (argv[1]);
      printf ("child: fd = %d\n", fd);
      if (fcntl (fd, F_GETFD) == 0 || errno != EBADF)
        {
          puts ("file descriptor valid in child");
          return 1;
        }
      return 0;
    }

  fd = open ("/proc/self/exe", O_RDONLY | O_CLOEXEC);
  printf ("in parent: new fd = %d\n", fd);
  char buf[20];
  snprintf (buf, sizeof (buf), "%d", fd);
  execl ("/proc/self/exe", argv[0], buf, NULL);
  puts ("execl failed");
  return 1;
}

[kyle@parisc-linux.org: parisc fix]
Signed-off-by: Ulrich Drepper <drepper@redhat.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
Cc: Davide Libenzi <davidel@xmailserver.org>
Cc: Michael Kerrisk <mtk-manpages@gmx.net>
Cc: Chris Zankel <chris@zankel.net>
Signed-off-by: Kyle McMartin <kyle@parisc-linux.org>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-16 09:05:45 -07:00
..
a.out.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
agp.h [PARISC] Add support for Quicksilver AGPGART 2006-10-04 06:50:16 -06:00
asmregs.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
assembly.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
atomic.h atomic.h: atomic_add_unless as inline. Remove system.h atomic.h circular dependency 2007-05-08 11:15:20 -07:00
auxvec.h [PATCH] auxiliary vector cleanups 2005-09-07 16:57:21 -07:00
bitops.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
bug.h [PARISC] add ASM_EXCEPTIONTABLE_ENTRY() macro 2007-02-17 01:16:26 -05:00
bugs.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
byteorder.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
cache.h [PARISC] Clean up the cache and tlb headers 2007-02-17 00:41:30 -05:00
cacheflush.h [PARISC] Add prototypes for flush_user_dcache_range and flush_user_icache_range 2007-02-17 00:43:51 -05:00
checksum.h [NET]: PARISC checksum annotations and cleanups. 2006-12-02 21:23:10 -08:00
compat_rt_sigframe.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
compat_signal.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
compat_ucontext.h [PARISC] Arch-specific compat signals 2006-01-22 20:57:42 -05:00
compat.h wrap access to thread_info 2007-05-09 12:30:56 -07:00
cputime.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
current.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
delay.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
device.h Driver core: add dev_archdata to struct device 2006-12-01 14:52:01 -08:00
div64.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
dma-mapping.h [PARISC] Fix ccio_request_resource when CONFIG_IOMMU_CCIO is not defined 2006-12-08 00:33:59 -05:00
dma.h Fix misc .c/.h comment typos 2006-11-30 05:24:39 +01:00
eisa_bus.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
eisa_eeprom.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
elf.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
emergency-restart.h [PATCH] Add emergency_restart() 2005-07-26 14:35:41 -07:00
errno.h [PARISC] Add ECANCELED to errno.h 2005-10-21 22:53:43 -04:00
fcntl.h Introduce O_CLOEXEC 2007-07-16 09:05:45 -07:00
fixmap.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
floppy.h [PATCH] irq-flags: PARISC: Use the new IRQF_ constants 2006-07-02 13:58:47 -07:00
futex.h [PATCH] mm: pagefault_{disable,enable}() 2006-12-07 08:39:21 -08:00
grfioctl.h [PARISC] Use kzalloc and other janitor-style cleanups 2006-01-22 20:26:31 -05:00
hardirq.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
hardware.h [PARISC] fix section mismatches in arch/parisc/kernel 2007-05-27 13:36:27 -04:00
hw_irq.h [PATCH] genirq: add ->retrigger() irq op to consolidate hw_irq_resend() 2006-06-29 10:26:23 -07:00
ide.h [PATCH] remove some more check_region stuff 2005-10-30 17:37:18 -08:00
io.h Merge master.kernel.org:/pub/scm/linux/kernel/git/kyle/parisc-2.6 2007-02-26 12:48:06 -08:00
ioctl.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ioctls.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipcbuf.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
irq_regs.h Build fixes for struct pt_regs removal 2006-10-06 20:47:23 -06:00
irq.h [PARISC] Allow nested interrupts 2006-10-04 06:48:57 -06:00
Kbuild Add empty Kbuild files for 'make headers_install' in remaining arches. 2006-06-18 12:58:53 +01:00
kdebug.h move die notifier handling to common code 2007-05-08 11:15:04 -07:00
kmap_types.h Don't include linux/config.h from anywhere else in include/ 2006-04-26 12:56:16 +01:00
led.h [PARISC] Convert soft power switch driver to kthread 2007-02-17 01:03:43 -05:00
linkage.h [PARISC] fix trivial spelling nit in asm/linkage.h 2007-05-30 02:14:36 -04:00
local.h local_t: parisc cleanup 2007-05-08 11:15:20 -07:00
machdep.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
mc146818rtc.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
mckinley.h [PARISC] Add asm-parisc/mckinley.h bus header 2006-10-04 06:45:48 -06:00
mman.h [PATCH] Remove final references to deprecated "MAP_ANON" page protection flag 2007-02-11 10:51:17 -08:00
mmu_context.h Detach sched.h from mm.h 2007-05-21 09:18:19 -07:00
mmu.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
mmzone.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
module.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
msgbuf.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
mutex.h [PATCH] mutex subsystem, add default include/asm-*/mutex.h files 2006-01-09 15:59:19 -08:00
namei.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
page.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
param.h [PARISC] Use CONFIG_HZ to determine interval timer rate (aka clock ticks) 2006-10-04 06:47:46 -06:00
parisc-device.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
parport.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
pci.h PCI: remove pci_dac_dma_... APIs 2007-07-11 16:02:11 -07:00
pdc_chassis.h [PARISC] Clarify pdc_stable license terms 2006-03-30 17:48:41 +00:00
pdc.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
pdcpat.h [PARISC] Remove duplicate PDC_PAT_CELL defines 2006-12-08 00:34:47 -05:00
percpu.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
perf.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
pgalloc.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
pgtable.h page table handling cleanup 2007-07-16 09:05:36 -07:00
poll.h Consolidate asm/poll.h 2007-05-11 08:29:34 -07:00
posix_types.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
prefetch.h [PARISC] PA7200 also supports prefetch for read 2006-10-04 06:44:58 -06:00
processor.h [PARISC] fix section mismatches in arch/parisc/kernel 2007-05-27 13:36:27 -04:00
psw.h Don't include linux/config.h from anywhere else in include/ 2006-04-26 12:56:16 +01:00
ptrace.h [PARISC] Take into account nullified insn and lock functions for profiling 2005-10-21 22:42:18 -04:00
real.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
resource.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ropes.h Fix misc .c/.h comment typos 2006-11-30 05:24:39 +01:00
rt_sigframe.h [PARISC] Arch-specific compat signals 2006-01-22 20:57:42 -05:00
rtc.h fix file specification in comments 2006-10-03 23:01:26 +02:00
runway.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
scatterlist.h PCI: scatterlist.h needs types.h 2007-05-02 19:02:34 -07:00
sections.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
segment.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
semaphore-helper.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
semaphore.h [PATCH] Fix incorrent type of flags in <asm/semaphore.h> 2006-11-26 16:30:29 -08:00
sembuf.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
serial.h [PARISC] Clean up asm-parisc/serial.h 2006-10-04 06:47:03 -06:00
setup.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
shmbuf.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
shmparam.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
sigcontext.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
siginfo.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
signal.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
smp.h [PARISC] kill ENTRY_SYS_CPUS 2007-02-17 01:11:41 -05:00
socket.h [NET]: Adding SO_TIMESTAMPNS / SCM_TIMESTAMPNS support 2007-04-25 22:24:21 -07:00
sockios.h [NET]: Introduce SIOCGSTAMPNS ioctl to get timestamps with nanosec resolution 2007-04-25 22:24:04 -07:00
spinlock_types.h [PARISC] "Fix" circular includes 2007-02-17 00:43:10 -05:00
spinlock.h [PARISC] Enable interrupts while spinning 2006-10-04 06:48:17 -06:00
stat.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
statfs.h [PATCH] use __u64 rather than u64 in parisc statfs structs 2007-02-08 18:56:57 -05:00
string.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
superio.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
system.h [PARISC] Fix unwinder on 64-bit kernels 2007-06-21 17:46:21 -04:00
termbits.h lots-of-architectures: enable arbitary speed tty support 2007-07-10 17:51:13 -07:00
termios.h [PATCH] consolidate line discipline number definitions 2007-02-11 10:51:26 -08:00
thread_info.h [PARISC] Add TIF_RESTORE_SIGMASK support 2007-02-17 01:06:04 -05:00
timex.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
tlb.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
tlbflush.h Detach sched.h from mm.h 2007-05-21 09:18:19 -07:00
topology.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
traps.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
types.h [PARISC] convert to use CONFIG_64BIT instead of __LP64__ 2007-02-17 01:17:13 -05:00
uaccess.h [PARISC] add ASM_EXCEPTIONTABLE_ENTRY() macro 2007-02-17 01:16:26 -05:00
ucontext.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
unaligned.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
unistd.h [PARISC] Wire up utimensat/signalfd/timerfd/eventfd syscalls 2007-05-27 15:19:58 -04:00
unwind.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
user.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
xor.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00