View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001960 | 1003.1(2024)/Issue8 | System Interfaces | public | 2025-11-20 17:17 | 2025-11-20 17:17 |
| Reporter | steffen | Assigned To | |||
| Priority | high | Severity | Editorial | Type | Enhancement Request |
| Status | New | Resolution | Open | ||
| Name | steffen | ||||
| Organization | |||||
| User Reference | |||||
| Section | fcntl | ||||
| Page Number | 246 | ||||
| Line Number | 8633 | ||||
| Interp Status | |||||
| Final Accepted Text | |||||
| Summary | 0001960: fcntl(): add F_DUPFD_CLOFORKEXEC flag | ||||
| Description | The peculiarity with the approach documented on page 909, APPLICATION USAGE of fcntl(), lines 31036 to 31041, regarding
is that the file descriptor is in an intermediate state until three system calls have successfully been performed: the dup as such, the fetching of the flags, plus the setting of the adjusted flags. For a generic library function wrapper which states "we do return the duplicated descriptor in fork+exec state" this thus requires special actions to take care for a.k.a. avoid signal caused jumps, and/or fd accounting (list of created fds, and their state, a.k.a. "partially constructed", for example). As another remark, in today's world of CPU side-channel attack mitigations, system calls have become much more expensive. (Data point: compilation of the Linux kernel 6.1 series on the author's box is forty (40) percent slower with/out mitigations.) Given that we talk about adding "just another bit" to the flags of a file descriptor, and that dup3(2) and open(2) both allow setting both flags in one go, not being able to F_DUPFD with both flags set seems needlessly expensive, and even unnatural. | ||||
| Desired Action | Add a F_DUPFD_CLOFORKEXEC flag, the implementation of which appears trivial. On page 246, fcntl.h header, add, after line 8633, F_DUPFD_CLOFORKEXEC Duplicate file descriptor with the close-on-fork flag FD_CLOFORK and the close-on-exec flag FD_CLOEXEC set. On page 835, system interfaces, dup/dup2/dup3, RATIONALE, lines 28573 ff., change The safe counterpart for avoiding the same race with dup( ) is the use of the F_DUPFD_CLOFORK or F_DUPFD_CLOEXEC action of the fcntl( ) function. to The safe counterpart for avoiding the same race with dup( ) is the use of the F_DUPFD_CLOFORK, F_DUPFD_CLOEXEC or F_DUPFD_CLOFORKEXEC action of the fcntl( ) function. On page 901, system interfaces, fcntl, add after line 30684 F_DUPFD_CLOFORKEXEC Like F_DUPFD, but the FD_CLOFORK flag and the FD_CLOEXEC flag associated with the new file descriptor shall be set. On page 906, ditto, after line 30901, add F_DUPFD_CLOFORKEXEC a new file descriptor and on page 907 adjust the error conditions of EINVAL and EMFILE to include the new flag accordingly. On page 909, APPLICATION USAGE, remove the two sentences starting at line 31036 and ending at line 31041, In order to set both FD_CLOEXEC [.] because FD_CLOFORK has not yet been set.) | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-11-20 17:17 | steffen | New Issue |
