On a Tuesday in 2023, Michal Privoznik wrote:
Linux gained new close_range() syscall (in v5.9) that allows closing a range of FDs in a single syscall. Ideally, we would use it to close FDs when spawning a process (e.g. via virCommand module). Glibc has close_range() wrapper over the syscall, which falls back to iterative closing of all FDs inside the range if running under older kernel. We don't wan that as in that case we might
want
just close opened FDs (see Linux version of virCommandMassClose()). And musl doesn't have close_range() at all. Therefore, call syscall directly. Now, mass close of FDs happen in a fork()-ed off child. While it
happens
could detect whether the kernel does support close_range(), it
has no way of passing this info back to the parent and thus each
child would need to query it again and again.
Since this can't change while we are running we can cache the
information - hence virCloseRangeInit().
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
src/libvirt_private.syms | 3 ++
src/util/virfile.c | 89 ++++++++++++++++++++++++++++++++++++++++
src/util/virfile.h | 4 ++
3 files changed, 96 insertions(+)
diff --git a/src/util/virfile.c b/src/util/virfile.c
index fe456596ae..7696910e00 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
+static void
+virCloseRangeOnceInit(void)
+{
+ int fd[2] = { -1, -1};
Uneven spacing.
+
+ if (virPipeQuiet(fd) < 0)
+ return;
+
+ VIR_FORCE_CLOSE(fd[1]);
+ if (virCloseRangeImpl(fd[0], fd[0]) < 0) {
+ VIR_FORCE_CLOSE(fd[0]);
+ return;
+ }
+
+ virCloseRangeSupported = true;
+}
+
+
Reviewed-by: Ján Tomko <jtomko@xxxxxxxxxx> Jano
Attachment:
signature.asc
Description: PGP signature
