[Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes
@ 2013-01-08 21:26 Luiz Capitulino
  2013-01-08 21:26 ` [Qemu-devel] [PATCH 1/2] qemu-ga: ga_open_pidfile(): use qemu_open() Luiz Capitulino
                   ` (3 more replies)
  0 siblings, 4 replies; 7+ messages in thread
From: Luiz Capitulino @ 2013-01-08 21:26 UTC (permalink / raw)
  To: qemu-devel; +Cc: mdroth

Please, check individual patches for details.

Luiz Capitulino (2):
  qemu-ga: ga_open_pidfile(): use qemu_open()
  qemu-ga: add ga_open_logfile()

 qga/main.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

-- 
1.8.0

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [Qemu-devel] [PATCH 1/2] qemu-ga: ga_open_pidfile(): use qemu_open()
  2013-01-08 21:26 [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes Luiz Capitulino
@ 2013-01-08 21:26 ` Luiz Capitulino
  2013-01-08 23:06   ` Eric Blake
  2013-01-08 21:26 ` [Qemu-devel] [PATCH 2/2] qemu-ga: add ga_open_logfile() Luiz Capitulino
                   ` (2 subsequent siblings)
  3 siblings, 1 reply; 7+ messages in thread
From: Luiz Capitulino @ 2013-01-08 21:26 UTC (permalink / raw)
  To: qemu-devel; +Cc: mdroth

This ensures that O_CLOEXEC is passed to open(), this way the
pid file fd is not leaked to executed processes.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
---
 qga/main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qga/main.c b/qga/main.c
index ba5fa1c..e4245cc 100644
--- a/qga/main.c
+++ b/qga/main.c
@@ -242,7 +242,7 @@ static bool ga_open_pidfile(const char *pidfile)
     int pidfd;
     char pidstr[32];
 
-    pidfd = open(pidfile, O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR);
+    pidfd = qemu_open(pidfile, O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR);
     if (pidfd == -1 || lockf(pidfd, F_TLOCK, 0)) {
         g_critical("Cannot lock pid file, %s", strerror(errno));
         if (pidfd != -1) {
-- 
1.8.0

^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH 1/2] qemu-ga: ga_open_pidfile(): use qemu_open()
  2013-01-08 21:26 ` [Qemu-devel] [PATCH 1/2] qemu-ga: ga_open_pidfile(): use qemu_open() Luiz Capitulino
@ 2013-01-08 23:06   ` Eric Blake
  0 siblings, 0 replies; 7+ messages in thread
From: Eric Blake @ 2013-01-08 23:06 UTC (permalink / raw)
  To: Luiz Capitulino; +Cc: qemu-devel, mdroth

[-- Attachment #1: Type: text/plain, Size: 1001 bytes --]

On 01/08/2013 02:26 PM, Luiz Capitulino wrote:
> This ensures that O_CLOEXEC is passed to open(), this way the
> pid file fd is not leaked to executed processes.
> 
> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
> ---
>  qga/main.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Reviewed-by: Eric Blake <eblake@redhat.com>

> 
> diff --git a/qga/main.c b/qga/main.c
> index ba5fa1c..e4245cc 100644
> --- a/qga/main.c
> +++ b/qga/main.c
> @@ -242,7 +242,7 @@ static bool ga_open_pidfile(const char *pidfile)
>      int pidfd;
>      char pidstr[32];
>  
> -    pidfd = open(pidfile, O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR);
> +    pidfd = qemu_open(pidfile, O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR);
>      if (pidfd == -1 || lockf(pidfd, F_TLOCK, 0)) {
>          g_critical("Cannot lock pid file, %s", strerror(errno));
>          if (pidfd != -1) {
> 

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 619 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [Qemu-devel] [PATCH 2/2] qemu-ga: add ga_open_logfile()
  2013-01-08 21:26 [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes Luiz Capitulino
  2013-01-08 21:26 ` [Qemu-devel] [PATCH 1/2] qemu-ga: ga_open_pidfile(): use qemu_open() Luiz Capitulino
@ 2013-01-08 21:26 ` Luiz Capitulino
  2013-01-08 23:09   ` Eric Blake
  2013-01-09  4:13 ` [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes Amos Kong
  2013-01-10 21:24 ` mdroth
  3 siblings, 1 reply; 7+ messages in thread
From: Luiz Capitulino @ 2013-01-08 21:26 UTC (permalink / raw)
  To: qemu-devel; +Cc: mdroth

This function sets O_CLOEXEC on the log file fd so that it isn't
leaked to executed processes.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
---
 qga/main.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/qga/main.c b/qga/main.c
index e4245cc..15be74f 100644
--- a/qga/main.c
+++ b/qga/main.c
@@ -236,6 +236,19 @@ void ga_set_response_delimited(GAState *s)
     s->delimit_response = true;
 }
 
+static FILE *ga_open_logfile(const char *logfile)
+{
+    FILE *f;
+
+    f = fopen(logfile, "a");
+    if (!f) {
+        return NULL;
+    }
+
+    qemu_set_cloexec(fileno(f));
+    return f;
+}
+
 #ifndef _WIN32
 static bool ga_open_pidfile(const char *pidfile)
 {
@@ -377,7 +390,7 @@ void ga_unset_frozen(GAState *s)
      * in a frozen state at start up, do it now
      */
     if (s->deferred_options.log_filepath) {
-        s->log_file = fopen(s->deferred_options.log_filepath, "a");
+        s->log_file = ga_open_logfile(s->deferred_options.log_filepath);
         if (!s->log_file) {
             s->log_file = stderr;
         }
@@ -838,7 +851,7 @@ int main(int argc, char **argv)
             become_daemon(pid_filepath);
         }
         if (log_filepath) {
-            FILE *log_file = fopen(log_filepath, "a");
+            FILE *log_file = ga_open_logfile(log_filepath);
             if (!log_file) {
                 g_critical("unable to open specified log file: %s",
                            strerror(errno));
-- 
1.8.0

^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH 2/2] qemu-ga: add ga_open_logfile()
  2013-01-08 21:26 ` [Qemu-devel] [PATCH 2/2] qemu-ga: add ga_open_logfile() Luiz Capitulino
@ 2013-01-08 23:09   ` Eric Blake
  0 siblings, 0 replies; 7+ messages in thread
From: Eric Blake @ 2013-01-08 23:09 UTC (permalink / raw)
  To: Luiz Capitulino; +Cc: qemu-devel, mdroth

[-- Attachment #1: Type: text/plain, Size: 468 bytes --]

On 01/08/2013 02:26 PM, Luiz Capitulino wrote:
> This function sets O_CLOEXEC on the log file fd so that it isn't
> leaked to executed processes.
> 
> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
> ---
>  qga/main.c | 17 +++++++++++++++--
>  1 file changed, 15 insertions(+), 2 deletions(-)

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 619 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes
  2013-01-08 21:26 [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes Luiz Capitulino
  2013-01-08 21:26 ` [Qemu-devel] [PATCH 1/2] qemu-ga: ga_open_pidfile(): use qemu_open() Luiz Capitulino
  2013-01-08 21:26 ` [Qemu-devel] [PATCH 2/2] qemu-ga: add ga_open_logfile() Luiz Capitulino
@ 2013-01-09  4:13 ` Amos Kong
  2013-01-10 21:24 ` mdroth
  3 siblings, 0 replies; 7+ messages in thread
From: Amos Kong @ 2013-01-09  4:13 UTC (permalink / raw)
  To: Luiz Capitulino; +Cc: qemu-devel, mdroth

On Tue, Jan 08, 2013 at 07:26:24PM -0200, Luiz Capitulino wrote:
> Please, check individual patches for details.
> 
> Luiz Capitulino (2):
>   qemu-ga: ga_open_pidfile(): use qemu_open()
>   qemu-ga: add ga_open_logfile()
 
Acked-by: Amos Kong <akong@redhat.com>
Tested-by: Amos Kong <akong@redhat.com>

>  qga/main.c | 19 ++++++++++++++++---
>  1 file changed, 16 insertions(+), 3 deletions(-)
> 
> -- 
> 1.8.0

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes
  2013-01-08 21:26 [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes Luiz Capitulino
                   ` (2 preceding siblings ...)
  2013-01-09  4:13 ` [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes Amos Kong
@ 2013-01-10 21:24 ` mdroth
  3 siblings, 0 replies; 7+ messages in thread
From: mdroth @ 2013-01-10 21:24 UTC (permalink / raw)
  To: Luiz Capitulino; +Cc: qemu-devel

On Tue, Jan 08, 2013 at 07:26:24PM -0200, Luiz Capitulino wrote:
> Please, check individual patches for details.
> 
> Luiz Capitulino (2):
>   qemu-ga: ga_open_pidfile(): use qemu_open()
>   qemu-ga: add ga_open_logfile()

Thanks, applied to qga branch.

> 
>  qga/main.c | 19 ++++++++++++++++---
>  1 file changed, 16 insertions(+), 3 deletions(-)
> 
> -- 
> 1.8.0
> 

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2013-01-10 21:25 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-01-08 21:26 [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes Luiz Capitulino
2013-01-08 21:26 ` [Qemu-devel] [PATCH 1/2] qemu-ga: ga_open_pidfile(): use qemu_open() Luiz Capitulino
2013-01-08 23:06   ` Eric Blake
2013-01-08 21:26 ` [Qemu-devel] [PATCH 2/2] qemu-ga: add ga_open_logfile() Luiz Capitulino
2013-01-08 23:09   ` Eric Blake
2013-01-09  4:13 ` [Qemu-devel] [PATCH 0/2] qemu-ga: don't leak fds to exec()ed processes Amos Kong
2013-01-10 21:24 ` mdroth

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).