On 2/2/24 07:55, Alice Ryhl wrote:
From: Wedson Almeida Filho <wedsonaf@xxxxxxxxx> Allow for the creation of a file descriptor in two steps: first, we reserve a slot for it, then we commit or drop the reservation. The first step may fail (e.g., the current process ran out of available slots), but commit and drop never fail (and are mutually exclusive). This is needed by Rust Binder when fds are sent from one process to another. It has to be a two-step process to properly handle the case where multiple fds are sent: The operation must fail or succeed atomically, which we achieve by first reserving the fds we need, and only installing the files once we have reserved enough fds to send the files. Fd reservations assume that the value of `current` does not change between the call to get_unused_fd_flags and the call to fd_install (or put_unused_fd). By not implementing the Send trait, this abstraction ensures that the `FileDescriptorReservation` cannot be moved into a different process. Signed-off-by: Wedson Almeida Filho <wedsonaf@xxxxxxxxx> Co-developed-by: Alice Ryhl <aliceryhl@xxxxxxxxxx> Reviewed-by: Benno Lossin <benno.lossin@xxxxxxxxx> Signed-off-by: Alice Ryhl <aliceryhl@xxxxxxxxxx> --- [...]
Reviewed-by: Martin Rodriguez Reboredo <yakoyoku@xxxxxxxxx>
