From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202510 header.b=n2tPDD25; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id 554905A026F for ; Wed, 22 Oct 2025 03:01:18 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202510; t=1761094876; bh=3JJdIZDcl/pKo6MyA+zvFPPMwMafksAaPY2gfplMhM0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=n2tPDD253peL+owgGVnq6boHJmew7EIQMSleABxQHd1MvBgArDL3g2f55ogLwwHol SdfiPsPUGWEJmQtBxImxq23kdYiiWdmiLilfmJ+NNOWXHW2pD+BR5ht6Il2msDyc9R trh+fO4b0P7PWZJ2StPzF3/OUZQJaje7mfCLRG8g6PP3sdtT4TszngeFfmwb0bYC5J UKVTjsOdu5s5XSFNhc7SHjX7n2JubBnQGk0Uvy4df6LNbzFVQDTSpfWCq3p1Yt7QMh lG3Wk7cX7HlM4NWWCy6ckQtdNMMOu0DZC8QtvGT2+fdH7m4S4s6hNnKUKm3q0oGFC9 Y9CHnD22Tdz9g== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4crrT81Xbrz4wCm; Wed, 22 Oct 2025 12:01:16 +1100 (AEDT) Date: Wed, 22 Oct 2025 11:51:06 +1100 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH v6 2/4] util: Introduce read_file() and read_file_integer() function Message-ID: References: <20251017062838.21041-1-yuhuang@redhat.com> <20251017062838.21041-3-yuhuang@redhat.com> <20251019120712.6f232804@elisabeth> <20251021235059.0c5244e8@elisabeth> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="v58XX4qeMnhSD9Ve" Content-Disposition: inline In-Reply-To: <20251021235059.0c5244e8@elisabeth> Message-ID-Hash: FYMNY3KEHA6I3BJXG4DQK56TOGAPC3WA X-Message-ID-Hash: FYMNY3KEHA6I3BJXG4DQK56TOGAPC3WA X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Yumei Huang , passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --v58XX4qeMnhSD9Ve Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Oct 21, 2025 at 11:50:59PM +0200, Stefano Brivio wrote: > On Tue, 21 Oct 2025 17:32:58 +0800 > Yumei Huang wrote: >=20 > > On Sun, Oct 19, 2025 at 6:07=E2=80=AFPM Stefano Brivio wrote: > > > > > > On Fri, 17 Oct 2025 14:28:36 +0800 > > > Yumei Huang wrote: > > > =20 > > > > Signed-off-by: Yumei Huang > > > > --- > > > > util.c | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++++= ++++ > > > > util.h | 8 ++++++ > > > > 2 files changed, 92 insertions(+) > > > > > > > > diff --git a/util.c b/util.c > > > > index c492f90..5c8c4bc 100644 > > > > --- a/util.c > > > > +++ b/util.c > > > > @@ -579,6 +579,90 @@ int write_file(const char *path, const char *b= uf) > > > > return len =3D=3D 0 ? 0 : -1; > > > > } > > > > > > > > +/** > > > > + * read_file() - Read contents of file into a buffer > > > > + * @path: File to read > > > > + * @buf: Buffer to store file contents > > > > + * @buf_size: Size of buffer > > > > + * > > > > + * Return: number of bytes read on success, -1 on any error, -2 on= truncation > > > > +*/ > > > > +ssize_t read_file(const char *path, char *buf, size_t buf_size) > > > > +{ > > > > + int fd =3D open(path, O_RDONLY | O_CLOEXEC); > > > > + size_t total_read =3D 0; > > > > + ssize_t rc; > > > > + > > > > + if (fd < 0) { > > > > + warn_perror("Could not open %s", path); > > > > + return -1; > > > > + } > > > > + > > > > + while (total_read < buf_size) { > > > > + rc =3D read(fd, buf + total_read, buf_size - total_re= ad); > > > > + > > > > + if (rc < 0) { > > > > + warn_perror("Couldn't read from %s", path); > > > > + close(fd); > > > > + return -1; > > > > + } > > > > + > > > > + if (rc =3D=3D 0) > > > > + break; > > > > + > > > > + total_read +=3D rc; > > > > + } > > > > + > > > > + close(fd); > > > > + > > > > + if (total_read =3D=3D buf_size) { > > > > + warn("File %s truncated, buffer too small", path); > > > > + return -2; > > > > + } > > > > + > > > > + buf[total_read] =3D '\0'; > > > > + > > > > + return total_read; > > > > +} > > > > + > > > > +/** > > > > + * read_file_integer() - Read an integer value from a file > > > > + * @path: File to read > > > > + * @fallback: Default value if file can't be read > > > > + * > > > > + * Return: Integer value, fallback on failure > > > > +*/ > > > > +intmax_t read_file_integer(const char *path, intmax_t fallback) > > > > +{ > > > > + char buf[INTMAX_STRLEN]; > > > > + ssize_t bytes_read; > > > > + intmax_t value; > > > > + char *end; > > > > + > > > > + bytes_read =3D read_file(path, buf, sizeof(buf)); > > > > + > > > > + if (bytes_read < 0) > > > > + return fallback; > > > > + > > > > + if (bytes_read =3D=3D 0) { > > > > + debug("Empty file %s", path); > > > > + return fallback; > > > > + } > > > > + > > > > + errno =3D 0; > > > > + value =3D strtoimax(buf, &end, 10); > > > > + if (*end && *end !=3D '\n') { > > > > + debug("Invalid format in %s", path); > > > > + return fallback; > > > > + } > > > > + if (errno) { > > > > + debug("Invalid value in %s: %s", path, buf); > > > > + return fallback; > > > > + } > > > > + > > > > + return value; > > > > +} > > > > + > > > > #ifdef __ia64__ > > > > /* Needed by do_clone() below: glibc doesn't export the prototype = of __clone2(), > > > > * use the description from clone(2). > > > > diff --git a/util.h b/util.h > > > > index 22eaac5..3f9f296 100644 > > > > --- a/util.h > > > > +++ b/util.h > > > > @@ -222,6 +222,8 @@ void pidfile_write(int fd, pid_t pid); > > > > int __daemon(int pidfile_fd, int devnull_fd); > > > > int fls(unsigned long x); > > > > int write_file(const char *path, const char *buf); > > > > +ssize_t read_file(const char *path, char *buf, size_t buf_size); > > > > +intmax_t read_file_integer(const char *path, intmax_t fallback); > > > > int write_all_buf(int fd, const void *buf, size_t len); > > > > int write_remainder(int fd, const struct iovec *iov, size_t iovcnt= , size_t skip); > > > > int read_all_buf(int fd, void *buf, size_t len); > > > > @@ -250,6 +252,12 @@ static inline const char *af_name(sa_family_t = af) > > > > > > > > #define UINT16_STRLEN (sizeof("65535")) > > > > > > > > +/* Each byte expands to at most 3 decimal digits since 0xff =3D=3D= 255. > > > > + * Plus 2 extra bytes for the sign and null terminator. > > > > + * See https://stackoverflow.com/a/10536254. =20 > > > > > > This is not an acceptable form of attribution according to the > > > CC BY-SA 3.0 terms. See: > > > > > > https://stackoverflow.com/help/licensing > > > https://creativecommons.org/licenses/by-sa/3.0/ > > > > > > and checksum.h in this tree for some examples of how to combine > > > different licensing terms in a single file, in a way that's > > > human-readable but still machine-friendly (for license / compliance > > > scanners such as REUSE). > > > > > > As I commented on a previous version, anyway, I don't think we need > > > this at all. I guess my comment was ignored though. =20 > >=20 > > I guess you meant the comment of suggesting using BUFSIZ in V2? >=20 > Right, but on v4, and that was just Friday for everybody involved... >=20 > > David replied as quote: > >=20 > > "We could use BUFSIZ, but it's massive overkill for > > reading a single integer: 8192 versus ~21 bytes (or ~42 bytes if > > intmax_t were 128-bit)." >=20 > I wanted to reply to that because sure, BUFSIZ is typically 8192 bytes > on glibc and 1024 with musl, but adding 10 or 8192 to the stack pointer > doesn't really make a difference. >=20 > It's not like we allocate that memory anyway, and I don't think any of > that memory (or unused holes on the stack we create) is prefetched. And > regardless of all that... we don't use these functions on any data > path, it's just during configuration. It can be (relatively) slow. Right. Sorry, I didn't follow up yet, but after I wrote that, Stefano convinced me that BUFSIZ is fine. I originally suggested avoiding the arbitrary buffer largely because I thought having an INTMAX_STRLEN constant might be useful for other reasons too, but honestly, not very. --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --v58XX4qeMnhSD9Ve Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmj4KnkACgkQzQJF27ox 2GdGag/+IjQoZEcqLl06786+3RCjAaBVLwuzgR7zgvVVAy046m8WEB4uXSpDdwja o0toHjc4QivF/MscnhTja+yOFBrf5+B/a2bE7upTSHYXnELfsgsWP3N0BXqXD2B5 Ro7Wch1jH17xFL1Wn/YUZ2q645DWZWE7y+dKzMKruIIianUZQv/Vd81vmeN3Td8k RNFY0xdi2HF2P4rShjJrUrxbZmvY3cmQX24MaIQnOv1HXfqAfN71EjlMUgTawGuJ aManAeAolMIBxBwiNa0p7FcLq/1gAJjYqBZKailkD6lmcuhOSeu1LJlDSVJC9Hg0 uQhRHMNT80Ad55JBKAN+qqEugC3H3aQie64L+/jNOAfzuqa8qNocCcYyYd2RpIVy aqhy7ZaxABMZ01r09Ixh9q6fwGpjNgto62vKcEzMRKsM3fQqhpdYTBNrMaHI6t2u vq/TFaveo6kzOaRR0NgAekdBzSaCK1Y3X4o1drauICDvJPe4P/NlPBlfsvy4Sftp cwR2EDUXa+r8X5T7BEHQotclWo3VbFsGpSnEEeHX8mEXjUF7PdLi4aaabEw02nwV QJN5qVvVloJ/0wXSh7kudrR2MmoKIMxuyEOkwWSnRXTHpDeH6l5KiljqAfosRLBa wix3MVkAGmzHCFdPnrGuBmH6IwKwvvM1WPol0PsUmh58c6KMZnE= =/cql -----END PGP SIGNATURE----- --v58XX4qeMnhSD9Ve--