From owner-svn-src-all@FreeBSD.ORG Mon Jun 15 21:23:21 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A2B0A1065A1E; Mon, 15 Jun 2009 21:23:21 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 78B9E8FC1B; Mon, 15 Jun 2009 21:23:21 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id 1A50B46B29; Mon, 15 Jun 2009 17:23:21 -0400 (EDT) Date: Mon, 15 Jun 2009 22:23:20 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Kostik Belousov In-Reply-To: <20090615210218.GS23592@deviant.kiev.zoral.com.ua> Message-ID: References: <200906152038.n5FKctaR001026@svn.freebsd.org> <20090615210218.GS23592@deviant.kiev.zoral.com.ua> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, John Baldwin Subject: Re: svn commit: r194262 - in head: include lib/libc/sys sys/compat/freebsd32 sys/kern tools/regression/file/closefrom X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jun 2009 21:23:24 -0000 On Tue, 16 Jun 2009, Kostik Belousov wrote: >> Note that this implementation of closefrom(2) does not make any effort to >> resolve userland races with open(2) in other threads. As such, it is not >> multithread safe. > ... >> + FILEDESC_SLOCK(fdp); >> + for (fd = uap->lowfd; fd < fdp->fd_nfiles; fd++) { >> + if (fdp->fd_ofiles[fd] != NULL) { >> + FILEDESC_SUNLOCK(fdp); >> + (void)kern_close(td, fd); >> + FILEDESC_SLOCK(fdp); >> + } >> + } >> + FILEDESC_SUNLOCK(fdp); > > Just curious why this was not implemented in userspace ? Audit + fd_nfiles, > perhaps ? > > I am sorry, but somebody would ask this question anyway, so why not me ? Actually close(2) from userspace has better audit properties, since you get per-fd close information as part of the trail (at least, today). The Solaris closefrom(3) uses procfs to decide what file descriptors are open in order to avoid additional syscalls, as I recall, and we'd need some similar optimization to make closefrom(3) in userspace make any sense. Apart from the audit properties, the current approach seems fairly reasonable, though, and has the best performance properties (which is actually useful, since we currently do a lot of closing of unopened file descriptors on execve(2)). Robert N M Watson Computer Laboratory University of Cambridge