[PATCHv2] libdm: mark control fd as close-on-exec

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCHv2] libdm: mark control fd as close-on-exec
@ 2015-07-15  7:34 Mathias Krause
  2015-08-19 13:42 ` Mathias Krause
  0 siblings, 1 reply; 3+ messages in thread
From: Mathias Krause @ 2015-07-15  7:34 UTC (permalink / raw)
  To: lvm-devel

The control fd should be marked as close-on-exec to avoid file
descriptor leaks in forking applications executing other programs.

Signed-off-by: Mathias Krause <mathias.krause@secunet.com>

---
v2: fix return value mix-up (should be 1 on success)
---
 libdm/ioctl/libdm-iface.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/libdm/ioctl/libdm-iface.c b/libdm/ioctl/libdm-iface.c
index e3b33b805e93..0f9e98a4a061 100644
--- a/libdm/ioctl/libdm-iface.c
+++ b/libdm/ioctl/libdm-iface.c
@@ -385,11 +385,24 @@ static void _close_control_fd(void)
 #ifdef DM_IOCTLS
 static int _open_and_assign_control_fd(const char *control)
 {
+#ifdef O_CLOEXEC
+	/*
+	 * O_CLOEXEC is supported since v2.6.23, so this may fail on old
+	 * kernels. Nonetheless favour it to a two staged approach as it's
+	 * atomic.
+	 */
+	if ((_control_fd = open(control, O_RDWR | O_CLOEXEC)) >= 0)
+		return 1;
+#endif
+
 	if ((_control_fd = open(control, O_RDWR)) < 0) {
 		log_sys_error("open", control);
 		return 0;
 	}
 
+	if (fcntl(_control_fd, F_SETFD, FD_CLOEXEC))
+		log_sys_error("fcntl", "setting FD_CLOEXEC");
+
 	return 1;
 }
 #endif
-- 
2.1.4



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [PATCHv2] libdm: mark control fd as close-on-exec
  2015-07-15  7:34 [PATCHv2] libdm: mark control fd as close-on-exec Mathias Krause
@ 2015-08-19 13:42 ` Mathias Krause
  2015-08-27 12:02   ` Zdenek Kabelac
  0 siblings, 1 reply; 3+ messages in thread
From: Mathias Krause @ 2015-08-19 13:42 UTC (permalink / raw)
  To: lvm-devel

On 15.07.2015 09:34, Mathias Krause wrote:
> The control fd should be marked as close-on-exec to avoid file
> descriptor leaks in forking applications executing other programs.
> 
> Signed-off-by: Mathias Krause <mathias.krause@secunet.com>
> 
> ---
> v2: fix return value mix-up (should be 1 on success)
> ---
>  libdm/ioctl/libdm-iface.c | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/libdm/ioctl/libdm-iface.c b/libdm/ioctl/libdm-iface.c
> index e3b33b805e93..0f9e98a4a061 100644
> --- a/libdm/ioctl/libdm-iface.c
> +++ b/libdm/ioctl/libdm-iface.c
> @@ -385,11 +385,24 @@ static void _close_control_fd(void)
>  #ifdef DM_IOCTLS
>  static int _open_and_assign_control_fd(const char *control)
>  {
> +#ifdef O_CLOEXEC
> +	/*
> +	 * O_CLOEXEC is supported since v2.6.23, so this may fail on old
> +	 * kernels. Nonetheless favour it to a two staged approach as it's
> +	 * atomic.
> +	 */
> +	if ((_control_fd = open(control, O_RDWR | O_CLOEXEC)) >= 0)
> +		return 1;
> +#endif
> +
>  	if ((_control_fd = open(control, O_RDWR)) < 0) {
>  		log_sys_error("open", control);
>  		return 0;
>  	}
>  
> +	if (fcntl(_control_fd, F_SETFD, FD_CLOEXEC))
> +		log_sys_error("fcntl", "setting FD_CLOEXEC");
> +
>  	return 1;
>  }
>  #endif

Ping? Any objections to the patch?

Regards,
Mathias



^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCHv2] libdm: mark control fd as close-on-exec
  2015-08-19 13:42 ` Mathias Krause
@ 2015-08-27 12:02   ` Zdenek Kabelac
  0 siblings, 0 replies; 3+ messages in thread
From: Zdenek Kabelac @ 2015-08-27 12:02 UTC (permalink / raw)
  To: lvm-devel

Dne 19.8.2015 v 15:42 Mathias Krause napsal(a):
> On 15.07.2015 09:34, Mathias Krause wrote:
>> The control fd should be marked as close-on-exec to avoid file
>> descriptor leaks in forking applications executing other programs.
>>
>> Signed-off-by: Mathias Krause <mathias.krause@secunet.com>
>>
>> ---
>> v2: fix return value mix-up (should be 1 on success)
>> ---
>>   libdm/ioctl/libdm-iface.c | 13 +++++++++++++
>>   1 file changed, 13 insertions(+)
>>
>> diff --git a/libdm/ioctl/libdm-iface.c b/libdm/ioctl/libdm-iface.c
>> index e3b33b805e93..0f9e98a4a061 100644
>> --- a/libdm/ioctl/libdm-iface.c
>> +++ b/libdm/ioctl/libdm-iface.c
>> @@ -385,11 +385,24 @@ static void _close_control_fd(void)
>>   #ifdef DM_IOCTLS
>>   static int _open_and_assign_control_fd(const char *control)
>>   {
>> +#ifdef O_CLOEXEC
>> +	/*
>> +	 * O_CLOEXEC is supported since v2.6.23, so this may fail on old
>> +	 * kernels. Nonetheless favour it to a two staged approach as it's
>> +	 * atomic.
>> +	 */
>> +	if ((_control_fd = open(control, O_RDWR | O_CLOEXEC)) >= 0)
>> +		return 1;
>> +#endif
>> +
>>   	if ((_control_fd = open(control, O_RDWR)) < 0) {
>>   		log_sys_error("open", control);
>>   		return 0;
>>   	}
>>
>> +	if (fcntl(_control_fd, F_SETFD, FD_CLOEXEC))
>> +		log_sys_error("fcntl", "setting FD_CLOEXEC");
>> +
>>   	return 1;
>>   }
>>   #endif
>
> Ping? Any objections to the patch?
>


Hi

_control_fd  is then 'set' in forked code - means 'forked' libdm user might 
live with impression it has opened control handler.

So you would also need to ensure _control_fd is zeroed.

Zdenek




^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2015-08-27 12:02 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-07-15  7:34 [PATCHv2] libdm: mark control fd as close-on-exec Mathias Krause
2015-08-19 13:42 ` Mathias Krause
2015-08-27 12:02   ` Zdenek Kabelac

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.