我尝试使用open()设置O_CLOEXEC标志,但没有成功。
考虑以下微观测试:
#include <stdio.h>
#include <fcntl.h>
int main() {
int fd = open("test.c", O_RDONLY | O_CLOEXEC);
int ret = fcntl(fd, F_GETFL);
if(ret & O_CLOEXEC) {
printf("OK!n");
} else {
printf("FAIL!n");
}
printf("fd = %dn", fd);
printf("ret = %x, O_CLOEXEC = %xn", ret, O_CLOEXEC);
return 0;
}
当在内核版本为2.6的linux上运行时,测试成功并打印出"OK!",但在3.8或3.9内核上失败。
怎么了?谢谢
决定将O_CLOEXEC标志暴露给fcntl(fd, F_GETFL)是安全泄漏。此提交在内核3.6-rc7:中进行了更改
commit c6f3d81115989e274c42a852222b80d2e14ced6f
Author: Al Viro <viro@zeniv.linux.org.uk>
Date: Sun Aug 26 11:01:04 2012 -0400
don't leak O_CLOEXEC into ->f_flags
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
换句话说,您不应该首先依赖于O_CLOEXEC是可见的。
fcntl调用参数F_GETFD,标志为FD_CLOEXEC,O_CLOEXEC支持出现在2.6中。23。阅读手册:
File descriptor flags
The following commands manipulate the flags associated with a file descriptor.
Currently, only one such flag is defined: FD_CLOEXEC, the close-on-exec flag.
If the FD_CLOEXEC bit is 0, the file descriptor will remain open across an
execve(2), otherwise it will be closed.
F_GETFD (void)
Read the file descriptor flags; arg is ignored.
F_SETFD (int)
Set the file descriptor flags to the value specified by arg.
你做错了。你应该这样做:
int ret = fcntl(fd, F_GETFD);
if (ret & FD_CLOEXEC) {
...
}