| 
									
										
										
										
											2005-09-06 15:17:57 -07:00
										 |  |  | #ifndef _ASM_GENERIC_FCNTL_H
 | 
					
						
							|  |  |  | #define _ASM_GENERIC_FCNTL_H
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:18:00 -07:00
										 |  |  | #include <linux/types.h>
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2009-12-17 21:24:25 -05:00
										 |  |  | /*
 | 
					
						
							|  |  |  |  * FMODE_EXEC is 0x20 | 
					
						
							| 
									
										
										
										
											2010-02-08 12:31:29 -05:00
										 |  |  |  * FMODE_NONOTIFY is 0x1000000 | 
					
						
							| 
									
										
										
										
											2009-12-17 21:24:25 -05:00
										 |  |  |  * These cannot be used by userspace O_* until internal and external open | 
					
						
							|  |  |  |  * flags are split. | 
					
						
							|  |  |  |  * -Eric Paris | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2010-08-10 18:01:29 -07:00
										 |  |  | /*
 | 
					
						
							|  |  |  |  * When introducing new O_* bits, please check its uniqueness in fcntl_init(). | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:58 -07:00
										 |  |  | #define O_ACCMODE	00000003
 | 
					
						
							|  |  |  | #define O_RDONLY	00000000
 | 
					
						
							|  |  |  | #define O_WRONLY	00000001
 | 
					
						
							|  |  |  | #define O_RDWR		00000002
 | 
					
						
							|  |  |  | #ifndef O_CREAT
 | 
					
						
							|  |  |  | #define O_CREAT		00000100	/* not fcntl */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_EXCL
 | 
					
						
							|  |  |  | #define O_EXCL		00000200	/* not fcntl */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_NOCTTY
 | 
					
						
							|  |  |  | #define O_NOCTTY	00000400	/* not fcntl */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_TRUNC
 | 
					
						
							|  |  |  | #define O_TRUNC		00001000	/* not fcntl */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_APPEND
 | 
					
						
							|  |  |  | #define O_APPEND	00002000
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_NONBLOCK
 | 
					
						
							|  |  |  | #define O_NONBLOCK	00004000
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							| 
									
										
										
										
											2009-10-27 11:05:28 +01:00
										 |  |  | #ifndef O_DSYNC
 | 
					
						
							|  |  |  | #define O_DSYNC		00010000	/* used to be O_SYNC, see below */
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:58 -07:00
										 |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef FASYNC
 | 
					
						
							|  |  |  | #define FASYNC		00020000	/* fcntl, for BSD compatibility */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_DIRECT
 | 
					
						
							|  |  |  | #define O_DIRECT	00040000	/* direct disk access hint */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_LARGEFILE
 | 
					
						
							|  |  |  | #define O_LARGEFILE	00100000
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_DIRECTORY
 | 
					
						
							|  |  |  | #define O_DIRECTORY	00200000	/* must be a directory */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_NOFOLLOW
 | 
					
						
							|  |  |  | #define O_NOFOLLOW	00400000	/* don't follow links */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef O_NOATIME
 | 
					
						
							|  |  |  | #define O_NOATIME	01000000
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							| 
									
										
											  
											
												Introduce O_CLOEXEC
The problem is as follows: in multi-threaded code (or more correctly: all
code using clone() with CLONE_FILES) we have a race when exec'ing.
   thread #1                       thread #2
   fd=open()
                                   fork + exec
  fcntl(fd,F_SETFD,FD_CLOEXEC)
In some applications this can happen frequently.  Take a web browser.  One
thread opens a file and another thread starts, say, an external PDF viewer.
 The result can even be a security issue if that open file descriptor
refers to a sensitive file and the external program can somehow be tricked
into using that descriptor.
Just adding O_CLOEXEC support to open() doesn't solve the whole set of
problems.  There are other ways to create file descriptors (socket,
epoll_create, Unix domain socket transfer, etc).  These can and should be
addressed separately though.  open() is such an easy case that it makes not
much sense putting the fix off.
The test program:
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <unistd.h>
#ifndef O_CLOEXEC
# define O_CLOEXEC 02000000
#endif
int
main (int argc, char *argv[])
{
  int fd;
  if (argc > 1)
    {
      fd = atol (argv[1]);
      printf ("child: fd = %d\n", fd);
      if (fcntl (fd, F_GETFD) == 0 || errno != EBADF)
        {
          puts ("file descriptor valid in child");
          return 1;
        }
      return 0;
    }
  fd = open ("/proc/self/exe", O_RDONLY | O_CLOEXEC);
  printf ("in parent: new fd = %d\n", fd);
  char buf[20];
  snprintf (buf, sizeof (buf), "%d", fd);
  execl ("/proc/self/exe", argv[0], buf, NULL);
  puts ("execl failed");
  return 1;
}
[kyle@parisc-linux.org: parisc fix]
Signed-off-by: Ulrich Drepper <drepper@redhat.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
Cc: Davide Libenzi <davidel@xmailserver.org>
Cc: Michael Kerrisk <mtk-manpages@gmx.net>
Cc: Chris Zankel <chris@zankel.net>
Signed-off-by: Kyle McMartin <kyle@parisc-linux.org>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
											
										 
											2007-07-15 23:40:32 -07:00
										 |  |  | #ifndef O_CLOEXEC
 | 
					
						
							|  |  |  | #define O_CLOEXEC	02000000	/* set close_on_exec */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							| 
									
										
										
										
											2009-10-27 11:05:28 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | /*
 | 
					
						
							| 
									
										
										
										
											2009-12-17 14:24:20 +01:00
										 |  |  |  * Before Linux 2.6.33 only O_DSYNC semantics were implemented, but using | 
					
						
							| 
									
										
										
										
											2009-10-27 11:05:28 +01:00
										 |  |  |  * the O_SYNC flag.  We continue to use the existing numerical value | 
					
						
							|  |  |  |  * for O_DSYNC semantics now, but using the correct symbolic name for it. | 
					
						
							|  |  |  |  * This new value is used to request true Posix O_SYNC semantics.  It is | 
					
						
							|  |  |  |  * defined in this strange way to make sure applications compiled against | 
					
						
							|  |  |  |  * new headers get at least O_DSYNC semantics on older kernels. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * This has the nice side-effect that we can simply test for O_DSYNC | 
					
						
							|  |  |  |  * wherever we do not care if O_DSYNC or O_SYNC is used. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * Note: __O_SYNC must never be used directly. | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | #ifndef O_SYNC
 | 
					
						
							|  |  |  | #define __O_SYNC	04000000
 | 
					
						
							|  |  |  | #define O_SYNC		(__O_SYNC|O_DSYNC)
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
											  
											
												New kind of open files - "location only".
New flag for open(2) - O_PATH.  Semantics:
	* pathname is resolved, but the file itself is _NOT_ opened
as far as filesystem is concerned.
	* almost all operations on the resulting descriptors shall
fail with -EBADF.  Exceptions are:
	1) operations on descriptors themselves (i.e.
		close(), dup(), dup2(), dup3(), fcntl(fd, F_DUPFD),
		fcntl(fd, F_DUPFD_CLOEXEC, ...), fcntl(fd, F_GETFD),
		fcntl(fd, F_SETFD, ...))
	2) fcntl(fd, F_GETFL), for a common non-destructive way to
		check if descriptor is open
	3) "dfd" arguments of ...at(2) syscalls, i.e. the starting
		points of pathname resolution
	* closing such descriptor does *NOT* affect dnotify or
posix locks.
	* permissions are checked as usual along the way to file;
no permission checks are applied to the file itself.  Of course,
giving such thing to syscall will result in permission checks (at
the moment it means checking that starting point of ....at() is
a directory and caller has exec permissions on it).
fget() and fget_light() return NULL on such descriptors; use of
fget_raw() and fget_raw_light() is needed to get them.  That protects
existing code from dealing with those things.
There are two things still missing (they come in the next commits):
one is handling of symlinks (right now we refuse to open them that
way; see the next commit for semantics related to those) and another
is descriptor passing via SCM_RIGHTS datagrams.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
											
										 
											2011-03-13 03:51:11 -04:00
										 |  |  | #ifndef O_PATH
 | 
					
						
							|  |  |  | #define O_PATH		010000000
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2013-07-13 13:26:37 +04:00
										 |  |  | #ifndef __O_TMPFILE
 | 
					
						
							|  |  |  | #define __O_TMPFILE	020000000
 | 
					
						
							| 
									
										
										
										
											2013-06-07 01:20:27 -04:00
										 |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2013-07-13 13:26:37 +04:00
										 |  |  | /* a horrid kludge trying to make sure that this will fail on old kernels */ | 
					
						
							| 
									
										
										
										
											2013-07-20 03:11:32 +04:00
										 |  |  | #define O_TMPFILE (__O_TMPFILE | O_DIRECTORY)
 | 
					
						
							|  |  |  | #define O_TMPFILE_MASK (__O_TMPFILE | O_DIRECTORY | O_CREAT)      
 | 
					
						
							| 
									
										
										
										
											2013-07-13 13:26:37 +04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:58 -07:00
										 |  |  | #ifndef O_NDELAY
 | 
					
						
							|  |  |  | #define O_NDELAY	O_NONBLOCK
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:57 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | #define F_DUPFD		0	/* dup */
 | 
					
						
							|  |  |  | #define F_GETFD		1	/* get close_on_exec */
 | 
					
						
							|  |  |  | #define F_SETFD		2	/* set/clear close_on_exec */
 | 
					
						
							|  |  |  | #define F_GETFL		3	/* get file->f_flags */
 | 
					
						
							|  |  |  | #define F_SETFL		4	/* set file->f_flags */
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:59 -07:00
										 |  |  | #ifndef F_GETLK
 | 
					
						
							|  |  |  | #define F_GETLK		5
 | 
					
						
							|  |  |  | #define F_SETLK		6
 | 
					
						
							|  |  |  | #define F_SETLKW	7
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef F_SETOWN
 | 
					
						
							|  |  |  | #define F_SETOWN	8	/* for sockets. */
 | 
					
						
							|  |  |  | #define F_GETOWN	9	/* for sockets. */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #ifndef F_SETSIG
 | 
					
						
							|  |  |  | #define F_SETSIG	10	/* for sockets. */
 | 
					
						
							|  |  |  | #define F_GETSIG	11	/* for sockets. */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							| 
									
										
										
										
											2009-11-11 14:26:27 -08:00
										 |  |  | 
 | 
					
						
							|  |  |  | #ifndef CONFIG_64BIT
 | 
					
						
							|  |  |  | #ifndef F_GETLK64
 | 
					
						
							|  |  |  | #define F_GETLK64	12	/*  using 'struct flock64' */
 | 
					
						
							|  |  |  | #define F_SETLK64	13
 | 
					
						
							|  |  |  | #define F_SETLKW64	14
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2009-09-23 15:57:03 -07:00
										 |  |  | #ifndef F_SETOWN_EX
 | 
					
						
							| 
									
										
										
										
											2009-11-11 14:26:27 -08:00
										 |  |  | #define F_SETOWN_EX	15
 | 
					
						
							|  |  |  | #define F_GETOWN_EX	16
 | 
					
						
							| 
									
										
										
										
											2009-09-23 15:57:03 -07:00
										 |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2012-07-30 14:43:00 -07:00
										 |  |  | #ifndef F_GETOWNER_UIDS
 | 
					
						
							|  |  |  | #define F_GETOWNER_UIDS	17
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2009-09-23 15:57:03 -07:00
										 |  |  | #define F_OWNER_TID	0
 | 
					
						
							|  |  |  | #define F_OWNER_PID	1
 | 
					
						
							| 
									
										
										
										
											2009-11-17 14:06:24 -08:00
										 |  |  | #define F_OWNER_PGRP	2
 | 
					
						
							| 
									
										
										
										
											2009-09-23 15:57:03 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | struct f_owner_ex { | 
					
						
							|  |  |  | 	int	type; | 
					
						
							| 
									
										
										
										
											2010-10-06 15:03:47 -07:00
										 |  |  | 	__kernel_pid_t	pid; | 
					
						
							| 
									
										
										
										
											2009-09-23 15:57:03 -07:00
										 |  |  | }; | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:57 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | /* for F_[GET|SET]FL */ | 
					
						
							|  |  |  | #define FD_CLOEXEC	1	/* actually anything with low bit set goes */
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:59 -07:00
										 |  |  | /* for posix fcntl() and lockf() */ | 
					
						
							|  |  |  | #ifndef F_RDLCK
 | 
					
						
							|  |  |  | #define F_RDLCK		0
 | 
					
						
							|  |  |  | #define F_WRLCK		1
 | 
					
						
							|  |  |  | #define F_UNLCK		2
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | /* for old implementation of bsd flock () */ | 
					
						
							|  |  |  | #ifndef F_EXLCK
 | 
					
						
							|  |  |  | #define F_EXLCK		4	/* or 3 */
 | 
					
						
							|  |  |  | #define F_SHLCK		8	/* or 4 */
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:57 -07:00
										 |  |  | /* operations for bsd flock(), also used by the kernel implementation */ | 
					
						
							|  |  |  | #define LOCK_SH		1	/* shared lock */
 | 
					
						
							|  |  |  | #define LOCK_EX		2	/* exclusive lock */
 | 
					
						
							|  |  |  | #define LOCK_NB		4	/* or'd with one of the above to prevent
 | 
					
						
							|  |  |  | 				   blocking */ | 
					
						
							|  |  |  | #define LOCK_UN		8	/* remove lock */
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #define LOCK_MAND	32	/* This is a mandatory flock ... */
 | 
					
						
							|  |  |  | #define LOCK_READ	64	/* which allows concurrent read operations */
 | 
					
						
							|  |  |  | #define LOCK_WRITE	128	/* which allows concurrent write operations */
 | 
					
						
							|  |  |  | #define LOCK_RW		192	/* which allows concurrent read & write ops */
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #define F_LINUX_SPECIFIC_BASE	1024
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:18:00 -07:00
										 |  |  | #ifndef HAVE_ARCH_STRUCT_FLOCK
 | 
					
						
							|  |  |  | #ifndef __ARCH_FLOCK_PAD
 | 
					
						
							|  |  |  | #define __ARCH_FLOCK_PAD
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | struct flock { | 
					
						
							|  |  |  | 	short	l_type; | 
					
						
							|  |  |  | 	short	l_whence; | 
					
						
							| 
									
										
											  
											
												make exported headers use strict posix types
A number of standard posix types are used in exported headers, which
is not allowed if __STRICT_KERNEL_NAMES is defined. In order to
get rid of the non-__STRICT_KERNEL_NAMES part and to make sane headers
the default, we have to change them all to safe types.
There are also still some leftovers in reiserfs_fs.h, elfcore.h
and coda.h, but these files have not compiled in user space for
a long time.
This leaves out the various integer types ({u_,u,}int{8,16,32,64}_t),
which we take care of separately.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Cc: David Airlie <airlied@linux.ie>
Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Cc: netdev@vger.kernel.org
Cc: linux-ppp@vger.kernel.org
Cc: Jaroslav Kysela <perex@perex.cz>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
											
										 
											2009-02-26 00:51:39 +01:00
										 |  |  | 	__kernel_off_t	l_start; | 
					
						
							|  |  |  | 	__kernel_off_t	l_len; | 
					
						
							|  |  |  | 	__kernel_pid_t	l_pid; | 
					
						
							| 
									
										
										
										
											2005-09-06 15:18:00 -07:00
										 |  |  | 	__ARCH_FLOCK_PAD | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:18:01 -07:00
										 |  |  | #ifndef CONFIG_64BIT
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #ifndef HAVE_ARCH_STRUCT_FLOCK64
 | 
					
						
							|  |  |  | #ifndef __ARCH_FLOCK64_PAD
 | 
					
						
							|  |  |  | #define __ARCH_FLOCK64_PAD
 | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | struct flock64 { | 
					
						
							|  |  |  | 	short  l_type; | 
					
						
							|  |  |  | 	short  l_whence; | 
					
						
							| 
									
										
											  
											
												make exported headers use strict posix types
A number of standard posix types are used in exported headers, which
is not allowed if __STRICT_KERNEL_NAMES is defined. In order to
get rid of the non-__STRICT_KERNEL_NAMES part and to make sane headers
the default, we have to change them all to safe types.
There are also still some leftovers in reiserfs_fs.h, elfcore.h
and coda.h, but these files have not compiled in user space for
a long time.
This leaves out the various integer types ({u_,u,}int{8,16,32,64}_t),
which we take care of separately.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Cc: David Airlie <airlied@linux.ie>
Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Cc: netdev@vger.kernel.org
Cc: linux-ppp@vger.kernel.org
Cc: Jaroslav Kysela <perex@perex.cz>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
											
										 
											2009-02-26 00:51:39 +01:00
										 |  |  | 	__kernel_loff_t l_start; | 
					
						
							|  |  |  | 	__kernel_loff_t l_len; | 
					
						
							|  |  |  | 	__kernel_pid_t  l_pid; | 
					
						
							| 
									
										
										
										
											2005-09-06 15:18:01 -07:00
										 |  |  | 	__ARCH_FLOCK64_PAD | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | #endif
 | 
					
						
							|  |  |  | #endif /* !CONFIG_64BIT */
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-09-06 15:17:57 -07:00
										 |  |  | #endif /* _ASM_GENERIC_FCNTL_H */
 |