[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen staging-4.18] tools/libxs: Fix CLOEXEC handling in get_socket()

commit d689bb4d2cd3ccdb0067b0ca953cccbc5ab375ae
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Thu Jul 4 14:13:18 2024 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Thu Jul 4 14:13:18 2024 +0200

    tools/libxs: Fix CLOEXEC handling in get_socket()
    
    get_socket() opens a socket, then uses fcntl() to set CLOEXEC.  This is racy
    with exec().
    
    Open the socket with SOCK_CLOEXEC.  Use the same compatibility strategy as
    O_CLOEXEC on ancient versions of Linux.
    
    Reported-by: Frediano Ziglio <frediano.ziglio@xxxxxxxxx>
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Juergen Gross <jgross@xxxxxxxx>
    Acked-by: Anthony PERARD <anthony.perard@xxxxxxxxxx>
    master commit: 1957dd6aff931877fc22699d8f2d4be8728014ba
    master date: 2024-07-02 10:51:11 +0100
---
 tools/libs/store/xs.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/tools/libs/store/xs.c b/tools/libs/store/xs.c
index 037e79d98b..11a766c508 100644
--- a/tools/libs/store/xs.c
+++ b/tools/libs/store/xs.c
@@ -44,6 +44,10 @@
 #define O_CLOEXEC 0
 #endif
 
+#ifndef SOCK_CLOEXEC
+#define SOCK_CLOEXEC 0
+#endif
+
 struct xs_stored_msg {
        XEN_TAILQ_ENTRY(struct xs_stored_msg) list;
        struct xsd_sockmsg hdr;
@@ -207,16 +211,14 @@ int xs_fileno(struct xs_handle *h)
 static int get_socket(const char *connect_to)
 {
        struct sockaddr_un addr;
-       int sock, saved_errno, flags;
+       int sock, saved_errno;
 
-       sock = socket(PF_UNIX, SOCK_STREAM, 0);
+       sock = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
        if (sock < 0)
                return -1;
 
-       if ((flags = fcntl(sock, F_GETFD)) < 0)
-               goto error;
-       flags |= FD_CLOEXEC;
-       if (fcntl(sock, F_SETFD, flags) < 0)
+       /* Compat for non-SOCK_CLOEXEC environments.  Racy. */
+       if (!SOCK_CLOEXEC && !set_cloexec(sock))
                goto error;
 
        addr.sun_family = AF_UNIX;
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.18

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.