add closefrom() call
Joerg Sonnenberger
joerg at britannica.bec.de
Fri Jul 6 12:38:18 UTC 2007
On Fri, Jul 06, 2007 at 12:50:17PM +0100, Robert Watson wrote:
> Solaris side-steps this issue by simply auditing the individual close()
> system calls. My preference would be that we implement this in user space
> also, which would likewise generate a series of audit events, one for each
> system call. The procfs optimization they use (I wonder -- is it really an
> optimization?) won't work for us, however. Do you think that there's a
> strong motivation to provide a closefrom(2) system call, rather than a
> closefrom(3) library call? This would let us neatly avoid the question
> you've posed :-).
I can think of at least one possible scenario where it makes a
difference: multi-threaded applications with concurrent open/closefrom
calls. I would expect the kernel version to ensure that all open files
start from the given file descriptor.
Joerg
More information about the freebsd-hackers
mailing list