[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH XEN v6 29/32] tools/libs/call: Use O_CLOEXEC when opening /dev/xen/privcmd on Linux

We stick with using FD_CLOEXEC on the legacy /proc/xen/privcmd
fallback device since it was present in older kernel where O_CLOEXEC
may not be assured.

Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
---
v6: New
---
 tools/libs/call/linux.c | 57 ++++++++++++++++++++++++++++++++-----------------
 1 file changed, 37 insertions(+), 20 deletions(-)

diff --git a/tools/libs/call/linux.c b/tools/libs/call/linux.c
index 3641e41..1485424 100644
--- a/tools/libs/call/linux.c
+++ b/tools/libs/call/linux.c
@@ -26,39 +26,56 @@
 
 #include "private.h"
 
-int osdep_xencall_open(xencall_handle *xcall)
+static int set_cloexec(int fd)
 {
-    int flags, saved_errno;
-    int fd = open("/dev/xen/privcmd", O_RDWR); /* prefer this newer interface 
*/
+    int flags;
 
-    if ( fd == -1 && ( errno == ENOENT || errno == ENXIO || errno == ENODEV ))
+    if ( (flags = fcntl(fd, F_GETFD)) < 0 )
     {
-        /* Fallback to /proc/xen/privcmd */
-        fd = open("/proc/xen/privcmd", O_RDWR);
+        PERROR("Could not get file handle flags");
+        return -1;
     }
 
-    if ( fd == -1 )
+    flags |= FD_CLOEXEC;
+
+    if ( fcntl(fd, F_SETFD, flags) < 0 )
     {
-        PERROR("Could not obtain handle on privileged command interface");
+        PERROR("Could not set file handle flags");
         return -1;
     }
 
-    /* Although we return the file handle as the 'xc handle' the API
-       does not specify / guarentee that this integer is in fact
-       a file handle. Thus we must take responsiblity to ensure
-       it doesn't propagate (ie leak) outside the process */
-    if ( (flags = fcntl(fd, F_GETFD)) < 0 )
+    return 0;
+}
+
+int osdep_xencall_open(xencall_handle *xcall)
+{
+    int saved_errno;
+    int fd;
+
+    /*
+     * This file descriptor is opaque to the caller, thus we must take
+     * responsibility to ensure it doesn't propagate (ie leak) outside
+     * the process, by using CLOEXEC.
+     */
+
+    /*
+     * Prefer the newer interface. This was added in 3.14 which certainly had
+     * O_CLOEXEC.
+     */
+    fd = open("/dev/xen/privcmd", O_RDWR|O_CLOEXEC);
+
+    if ( fd == -1 && ( errno == ENOENT || errno == ENXIO || errno == ENODEV ))
     {
-        PERROR("Could not get file handle flags");
-        goto error;
+        /* Fallback to /proc/xen/privcmd */
+        fd = open("/proc/xen/privcmd", O_RDWR);
+        if ( fd > -1 && set_cloexec(fd) < 0 )
+            goto error;
     }
 
-    flags |= FD_CLOEXEC;
-
-    if ( fcntl(fd, F_SETFD, flags) < 0 )
+    if ( fd == -1 )
     {
-        PERROR("Could not set file handle flags");
-        goto error;
+        PERROR("Could not obtain handle on privileged command interface");
+        return -1;
     }
 
     xcall->fd = fd;
-- 
2.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.