patacongo commented on a change in pull request #3170: URL: https://github.com/apache/incubator-nuttx/pull/3170#discussion_r601580396
########## File path: libs/libc/unistd/lib_getoptvars.c ########## @@ -0,0 +1,166 @@ +/**************************************************************************** + * libs/libc/unistd/lib_getoptvars.c + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include <nuttx/config.h> + +#include <unistd.h> +#include <pthread.h> + +#include "unistd.h" +#include "libc.h" + +/**************************************************************************** + * Pre-processor Definitions + ****************************************************************************/ + +#define INVALID_KEY CONFIG_TLS_NELEM +#define VALID_KEY(key) ((key) >= 0 && key < CONFIG_TLS_NELEM) + +/* Configuration. Currently no thread-specific data destructors. */ + +#undef HAVE_DESTRUCTOR +#define HAVE_CLEANUP 1 +#define HAVE_TLSVARS 1 + +/* Check if we have some way to avoid a memory leak */ + +#if defined(CONFIG_DISABLE_PTHREAD) || !defined(CONFIG_PTHREAD_CLEANUP) +# undef HAVE_CLEANUP +#endif + +/* Don't use TLS if we cannot avoid the memory leak or if TLS is disabled */ + +#if (!defined(HAVE_DESTRUCTOR) && !defined(HAVE_CLEANUP)) || \ + CONFIG_TLS_NELEM == 0 +# undef HAVE_TLSVARS +#endif + +/**************************************************************************** + * Private Data + ****************************************************************************/ + +#ifdef HAVE_TLSVARS +static pthread_key_t g_getopt_key = (pthread_key_t)INVALID_KEY; +static pthread_mutex_t g_getopt_mutex = PTHREAD_MUTEX_INITIALIZER; + +#else +/* Fallback to avoid memory leak when there is no destructor and no cleanup + * or when there is no TLS. + */ + +FAR struct getopt_s g_getopt_vars = +{ + NULL, + 0, + 1, + '?' +}; +#endif + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +#ifdef HAVE_TLSVARS +void _getopt_destructor(FAR void *getoptvars) +{ + lib_free(getoptvars); +} +#endif + +/**************************************************************************** + * Public Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: getoptvars + * + * Description: + * Returns a pointer to to the thread-specific getopt() data. + * + ****************************************************************************/ + +FAR struct getopt_s *getoptvars(void) +{ +#ifdef HAVE_TLSVARS + FAR struct getopt_s *go; + int ret; + + ret = pthread_mutex_lock(&g_getopt_mutex); + DEBUGASSERT(ret == OK); + UNUSED(ret); + + /* Check if a key has been assigned */ + + if (!VALID_KEY(g_getopt_key)) + { + ret = pthread_key_create(&g_getopt_key, _getopt_destructor); + DEBUGASSERT(ret == OK); + UNUSED(ret); + } + + /* Get the structure of getopt() variables using the key. */ + + go = (FAR struct getopt_s *)pthread_getspecific(g_getopt_key); + if (go == NULL) + { + /* The instance has not yet been created. Allocate getopt() + * it now. + */ + + go = (FAR struct getopt_s *)lib_malloc(sizeof(struct getopt_s)); Review comment: Implementing the destructors the correct, secure way is complex. Basically, pthread_exit() has to exit in user space, not in the kernel. Then that user space logic can perform the pthread_cleanup_pop() and the call the data destructors. Then it can call into the kernel to finish the pthread_exit() That means also moving the pthread startup function to user space (since it calls pthread_exit()). Those user-space addresses are not known in by the kernel in PROTECTED and KERNEL build modes and have to be passed to the OS through extensions to the kernel interface. That is the source of the complexity of doing things the correct way instead of the easy way. I am not sure if I am feeling ambitious enough to do that now. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
