Question: solaris2.4 multi-thread programming guide 5-secure and insecure interface letter?

 

Sender: McCartney (coolcat), email zone: Unix

Mailing site: BBS shuimu Tsinghua station (Sun May 17 16:32:40 1998)
 
5. Secure and insecure Interfaces
 
This chapter defines the multi-thread security level of functions and libraries.
Thread Security
Multi-threaded interface Security Level
Asynchronous security functions
Multi-thread security level of the database
 
5.1 thread security
 
Thread security is designed to avoid data competition-the correctness of Data settings depends on data modification by multiple threads.
.
If you do not need to share data, assign a private copy to each thread. If the data must be in total
To ensure the uniqueness of the operation.
If a thread is logically correct when several threads are executed simultaneously, it is called thread security.
. In an actual level, it is convenient to divide the security level into three layers.
· Insecure
· Thread security-non-parallel
· Thread security-multi-thread security
An insecure process can be used to apply a mutex lock before an operation.
Serialization (that is, eliminating concurrency ). Example 5-1 first shows a simplified fputs () Non-thread security
.
The next step is to use a single mutex lock to protect the serialized version of the operation. In fact, more
Strong synchronization. If two threads call fputs () to print different files, one of them does not need
Wait for another one -- they can operate at the same time.
The last version is the multi-threaded Security edition. It adds a lock to each file, allowing two threads to simultaneously
Point to different files. So, the MT-SAFE (that is, multi-thread security) function is thread-safe, does not make
The running performance is bad.
 
Code example 5-1 thread security level
/* Not thread-safe */
Fputs (const char * s, file * stream ){
Char * P;
For (P = s; * P; P ++)
Putc (INT) * P, stream );
}
/* Serializable */
Fputs (const char * s, file * stream ){
Static mutex_t mut;
Char * P;
Mutex_lock (& M );
For (P = s; * P; P ++)
Putc (INT) * P, stream );
Mutex_unlock (& M );
}
/* MT-SAFE */
Mutex_t M [nfile];
Fputs (const char * s, file * stream ){
Static mutex_t mut;
Char * P;
Mutex_lock (& M [fileno (Stream)]);
For (P = s; * P; P ++)
Putc (INT) * P, stream );
Mutex_unlock (& M [fileno (Stream)]);
}
 
5.2 multi-threaded interface Security Level
 
Man page (3): library functions use the following classification to describe how many threads an interface supports.
(These categories are explained in more detail in intro (3) man page ).
Safe can be called by multi-threaded applications
For more information about safe with exceptions, see the Notes section.
The unsafe interface is only used when the application ensures that only one thread is executed at a time.
Secure calling
MT-safe is fully designed for multithreading, which is safe and supports concurrency.
For the exception of MT-safe with exceptions, see the Notes section.
Async-safe can be safely called by a signal controller. One thread is executing
When the async-safe function is interrupted by signals, no deadlock will occur.
For the safe interface, see the table "MT safety levels: Library interfaces .",
It comes from man pages (3 ). If the interface in the third part is not in the table, it may be
Secure (excluding source compatible Library source compatibility library ). Only after checking man page
OK.
All the functions described in "man pages (2): system calls" except vfork (2) are
MT-safe.
Some functions are intentionally not safe for the following reasons.
For single-threaded applications, the MT-safe back reduces performance to some extent.
The function itself has an insecure interface. For example, a function returns a buffer pointing to the stack.
Pointer. You can use these functions to "re-enter" The peering functions ??? (Original:
Reentrant counterparts ). Enter the name of the function and add the suffix "_ r" to the original function.
-------------------------------------
Note: Unless you query the man pages, you cannot determine a document that does not end with "_ r ".
Whether the function is MT-safe. Non-MT-safe functions must be protected by the synchronization mechanism, or are restricted
In the initial thread.
------------------------------------
 
* Non-secure interface replacement (reentrant) Function
 
For most non-secure interfaces, a MT-safe version exists. New MT-safe letter
Generally, the number is added with the suffix "_ r" to the old unsecure function. The Solaris system provides the following "_ r" functions.
 
Table 5-1 substitution function
Asctime_r (3C) ctermid_r (3 S) ctime_r (3C)
Fgetgrent_r (3C) fgetpwent_r (3C) fgetspent_r (3C)
Gamma_r (3 m) getgrgid_r (3C) getgrnam_r (3C)
Getlogin_r (3C) getpwnam_r (3C) getpwuid_r (3C)
Getgrent_r (3C) gethostbyaddr_r (3N) gethostbyname_r (3N)
Gethostent_r (3N) getnetbyaddr_r (3N) getnetbyname_r (3N)
Getnetent_r (3N) getprotobyname_r (3N) getprotobynumber_r (3N)
Getprotoent_r (3N) getpwent_r (3C) getrpcbyname_r (3N)
Getrpcbynumber_r (3N) getrpcent_r (3N) getservbyname_r (3N)
Getservbyport_r (3N) getservent_r (3N) getspent_r (3C)
Getspnam_r (3C) gmtime_r (3C) lgamma_r (3 m)
Localtime _ (3C) r nis_sperror_r (3N) rand_r (3C)
Readdir_r (3C) strtok_r (3C) tmpnam_r (3C)
Ttyname_r (3C)
 
5.3 asynchronous security functions
 
The function that can be safely called by the signal controller is called async-safe. POSIX standard definition and
The asynchronous security functions (IEEE Std 1003.1-1990.3.3.1.3 (3) (f), page 55) are described in detail ). Division
In addition to POSIX asynchronous security functions, the following three functions are also asynchronous security.
· Sema_post (3 T)
· Thr_sigsetmask (3 T)
· Thr_kill (3 T)
 
5.4 multi-thread security level of the database
 
All functions that may be called by threads of multithreaded programs should be MT-safe.
This means that the process can correctly execute two operations at the same time. Therefore, every multi-threaded Program
All interfaces used should be MT-safe.
Not all databases are MT-safe. The commonly used MT-safe Library is detailed in table 5-2.
Other libraries will eventually be rewritten to MT-safe.
Table 5-2 Some MT-safe Libraries
------------------------------------
Database description
------------------------------------
LIB/libc getxxbyyy interface (for example, gethostbyname (3N) is MT-safe
LIB/libdl_stubs (supports static switch compiling)
LIB/libintl
LIB/libm is MT-safe only when it is compiled for the shared library, but it is connected to the document library
Not MT-safe
LIB/libmalloc
LIB/libmapmalloc
LIB/libnsl includes TLI interfaces, XDR, RPC Clients and service providers, netdir and
Netselect. Getxxbyyy is insecure, but there is a thread-safe version.
Getxxbyyy_r
LIB/libresolv supports error codes that vary with threads.
LIB/libsocket
LIB/libw
LIB/nametoaddr
LIB/nametoaddr
LIB/nsswitch
Libx11
Libc (not part of the Solaris system; purchased separately)
------------------------------------

* Uneasy Database
 
If the function in the library is not MT-safe, it is safe only when a thread is called.
 
--
※Source: · bbs.net.tsinghua.edu.cn · [from: sys11.cic. Tsing]