From patchwork Sat Sep 15 15:16:21 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 29392 Received: (qmail 86935 invoked by alias); 15 Sep 2018 15:16:39 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 86922 invoked by uid 89); 15 Sep 2018 15:16:39 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-25.7 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.2 spammy=_exit X-HELO: mail-qt0-f174.google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:subject:date:message-id:in-reply-to:references; bh=k6eL6Rv/0zIIl2zSPg7G/W/YtsKUxDPXQWlAD1rAeX0=; b=BxlDvGuifnSZbCWK5r4JTO+pGSgH3vAnJw4cRSi7I6zmfBOatkW95yo7JWS6dLOiyB wyc8Fx2HYUC43OFgm6sz3cGvHXzfrDPw9PzLI/XxKC/e+NJy+GkLV8DWD3XeyiZVkmX+ F5f8BzDfmO2hHKVmyGRZ5rdklq2NjdO21W2Zg= Return-Path: From: Adhemerval Zanella To: libc-alpha@sourceware.org Subject: [PATCH 2/3] posix: Use posix_spawn on popen Date: Sat, 15 Sep 2018 12:16:21 -0300 Message-Id: <20180915151622.17789-2-adhemerval.zanella@linaro.org> In-Reply-To: <20180915151622.17789-1-adhemerval.zanella@linaro.org> References: <20180915151622.17789-1-adhemerval.zanella@linaro.org> This patch uses posix_spawn on popen instead of fork and execl. On Linux this has the advantage of much lower memory consumption (usually 32 Kb minimum for the mmap stack area). Checked on x86_64-linux-gnu and i686-linux-gnu. * libio/iopopen.c (_IO_new_proc_open): use posix_spawn instead of fork and execl. --- ChangeLog | 3 ++ libio/iopopen.c | 97 +++++++++++++++++++++++++++++-------------------- 2 files changed, 61 insertions(+), 39 deletions(-) diff --git a/libio/iopopen.c b/libio/iopopen.c index 2eff45b4c8..3cce2e5596 100644 --- a/libio/iopopen.c +++ b/libio/iopopen.c @@ -34,7 +34,8 @@ #include #include #include -#include +#include +#include struct _IO_proc_file { @@ -63,9 +64,8 @@ FILE * _IO_new_proc_open (FILE *fp, const char *command, const char *mode) { int read_or_write; - int parent_end, child_end; int pipe_fds[2]; - pid_t child_pid; + int op; int do_read = 0; int do_write = 0; @@ -108,59 +108,78 @@ _IO_new_proc_open (FILE *fp, const char *command, const char *mode) if (do_read) { - parent_end = pipe_fds[0]; - child_end = pipe_fds[1]; + op = 0; read_or_write = _IO_NO_WRITES; } else { - parent_end = pipe_fds[1]; - child_end = pipe_fds[0]; + op = 1; read_or_write = _IO_NO_READS; } - ((_IO_proc_file *) fp)->pid = child_pid = __fork (); - if (child_pid == 0) - { - int child_std_end = do_read ? 1 : 0; - struct _IO_proc_file *p; - - if (child_end != child_std_end) - __dup2 (child_end, child_std_end); - else - /* The descriptor is already the one we will use. But it must - not be marked close-on-exec. Undo the effects. */ - __fcntl (child_end, F_SETFD, 0); - /* POSIX.2: "popen() shall ensure that any streams from previous - popen() calls that remain open in the parent process are closed - in the new child process." */ - for (p = proc_file_chain; p; p = p->next) - { - int fd = _IO_fileno ((FILE *) p); + { + posix_spawn_file_actions_t fa; + /* posix_spawn_file_actions_init does not fail. */ + __posix_spawn_file_actions_init (&fa); - /* If any stream from previous popen() calls has fileno - child_std_end, it has been already closed by the dup2 syscall - above. */ - if (fd != child_std_end) - __close_nocancel (fd); - } + /* The descriptor is already in the one the child will use. In this case + it must be moved to another one, otherwise there is no safe way to + remove the close-on-exec flag in the child without creating a FD leak + race in the parent. */ + if (pipe_fds[1 - op] == 1 - op) + { + int tmp = __fcntl (1 - op, F_DUPFD_CLOEXEC, 0); + if (tmp < 0) + goto spawn_failure; + __close_nocancel (pipe_fds[1 - op]); + pipe_fds[1 - op] = tmp; + } - execl ("/bin/sh", "sh", "-c", command, (char *) 0); - _exit (127); - } - __close_nocancel (child_end); - if (child_pid < 0) + if (__posix_spawn_file_actions_adddup2 (&fa, pipe_fds[1 - op], 1 - op) + != 0) + goto spawn_failure; + + /* POSIX.2: "popen() shall ensure that any streams from previous popen() + calls that remain open in the parent process are closed in the new + child process." */ + for (struct _IO_proc_file *p = proc_file_chain; p; p = p->next) + { + int fd = _IO_fileno ((FILE *) p); + + /* If any stream from previous popen() calls has fileno + child_send, it has been already closed by the dup2 syscall + above. */ + if (fd != 1 - op + && __posix_spawn_file_actions_addclose (&fa, fd) != 0) + goto spawn_failure; + } + + if (__posix_spawn (&((_IO_proc_file *) fp)->pid, _PATH_BSHELL, &fa, 0, + (char *const[]){ (char*) "sh", (char*) "-c", + (char *) command, NULL }, __environ) != 0) + { + spawn_failure: + __posix_spawn_file_actions_destroy (&fa); + __close_nocancel (pipe_fds[1 - op]); + __set_errno (ENOMEM); + return NULL; + } + + __posix_spawn_file_actions_destroy (&fa); + } + __close_nocancel (pipe_fds[1 - op]); + if (((_IO_proc_file *) fp)->pid < 0) { - __close_nocancel (parent_end); + __close_nocancel (pipe_fds[op]); return NULL; } if (!do_cloexec) /* Undo the effects of the pipe2 call which set the close-on-exec flag. */ - __fcntl (parent_end, F_SETFD, 0); + __fcntl (pipe_fds[op], F_SETFD, 0); - _IO_fileno (fp) = parent_end; + _IO_fileno (fp) = pipe_fds[op]; /* Link into proc_file_chain. */ #ifdef _IO_MTSAFE_IO