From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1NAAxn-0004vr-0b
	for qemu-devel@nongnu.org; Mon, 16 Nov 2009 18:26:27 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1NAAxi-0004vF-68
	for qemu-devel@nongnu.org; Mon, 16 Nov 2009 18:26:26 -0500
Received: from [199.232.76.173] (port=36945 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1NAAxi-0004vC-1d
	for qemu-devel@nongnu.org; Mon, 16 Nov 2009 18:26:22 -0500
Received: from mail-yx0-f188.google.com ([209.85.210.188]:51058)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anthony@codemonkey.ws>) id 1NAAxh-0002u7-OK
	for qemu-devel@nongnu.org; Mon, 16 Nov 2009 18:26:21 -0500
Received: by yxe26 with SMTP id 26so5090773yxe.4
	for <qemu-devel@nongnu.org>; Mon, 16 Nov 2009 15:26:21 -0800 (PST)
Message-ID: <4B01DF9B.6010407@codemonkey.ws>
Date: Mon, 16 Nov 2009 17:26:19 -0600
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH] Don't leak file descriptors
References: <1258125436-23759-1-git-send-email-kwolf@redhat.com>
In-Reply-To: <1258125436-23759-1-git-send-email-kwolf@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Kevin Wolf <kwolf@redhat.com>
Cc: qemu-devel@nongnu.org

Kevin Wolf wrote:
> We're leaking file descriptors to child processes. Set FD_CLOEXEC on file
> descriptors that don't need to be passed to children to stop this misbehaviour.
>
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
>   

    pid = fork();
    if (pid == 0) {
        int open_max = sysconf(_SC_OPEN_MAX), i;

        for (i = 0; i < open_max; i++) {
            if (i != STDIN_FILENO &&
                i != STDOUT_FILENO &&
                i != STDERR_FILENO &&
                i != fd) {
                close(i);
            }

Handles this in a less invasive way.  I think the only problem we have 
today is that we use popen() for exec: migration.  The solution to that 
though should be to convert popen to a proper fork/exec() with a pipe.

I'd prefer to introduce a single fork/exec helper that behaved properly 
instead of having to deal with cloexec everywhere.

Regards,

Anthony Liguori