[3/6] notifier: set notifier fds as cloexec

Message ID	20220527044700.3666830-4-dominique.martinet@atmark-techno.com
State	Accepted
Headers	show Return-Path: <swupdate+bncBCWIVBV7SUGRBVNPYGKAMGQERA2PGHA@googlegroups.com> Sender: swupdate@googlegroups.com Received-SPF: pass (google.com: domain of dominique.martinet@atmark-techno.com designates 35.74.137.57 as permitted sender) client-ip=35.74.137.57; From: Dominique Martinet <dominique.martinet@atmark-techno.com> To: swupdate@googlegroups.com, sbabic@denx.de Cc: Dominique Martinet <dominique.martinet@atmark-techno.com> Subject: [swupdate] [PATCH 3/6] notifier: set notifier fds as cloexec Date: Fri, 27 May 2022 13:46:57 +0900 Message-Id: <20220527044700.3666830-4-dominique.martinet@atmark-techno.com> In-Reply-To: <20220527044700.3666830-1-dominique.martinet@atmark-techno.com> References: <20220527044700.3666830-1-dominique.martinet@atmark-techno.com> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com
Series	Avoid leaking fd to child processes: use CLOEXEC \| expand [0/6] Avoid leaking fd to child processes: use CLOEXEC [1/6] install_from_file: open with CLOEXEC [2/6] network_thread: set listener/ctrl children as CLOEXEC [3/6] notifier: set notifier fds as cloexec [4/6] progress_thread: set progress bar connection fd as CLOEXEC [5/6] prepare_ipc: set client fd as CLOEXEC [6/6] spawn_process: use CLOEXEC for child communication fd

Message ID

20220527044700.3666830-4-dominique.martinet@atmark-techno.com

State

Accepted

Headers

Sender: swupdate@googlegroups.com
Received-SPF: pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender) client-ip=35.74.137.57;
From: Dominique Martinet <dominique.martinet@atmark-techno.com>
To: swupdate@googlegroups.com,
	sbabic@denx.de
Cc: Dominique Martinet <dominique.martinet@atmark-techno.com>
Subject: [swupdate] [PATCH 3/6] notifier: set notifier fds as cloexec
Date: Fri, 27 May 2022 13:46:57 +0900
Message-Id: <20220527044700.3666830-4-dominique.martinet@atmark-techno.com>
In-Reply-To: <20220527044700.3666830-1-dominique.martinet@atmark-techno.com>
References: <20220527044700.3666830-1-dominique.martinet@atmark-techno.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
 contact swupdate+owners@googlegroups.com

Series

Avoid leaking fd to child processes: use CLOEXEC | expand

Comments

Stefano Babic June 5, 2022, 2:14 p.m. UTC | #1

On 27.05.22 06:46, Dominique Martinet wrote:
> Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
> ---
>   core/notifier.c | 10 ++++++++++
>   1 file changed, 10 insertions(+)
> 
> diff --git a/core/notifier.c b/core/notifier.c
> index 77cab0150a50..87acb01f62b0 100644
> --- a/core/notifier.c
> +++ b/core/notifier.c
> @@ -10,6 +10,7 @@
>   #include <string.h>
>   #include <unistd.h>
>   #include <errno.h>
> +#include <fcntl.h>
>   #include <sys/select.h>
>   #include <sys/socket.h>
>   #include <sys/un.h>
> @@ -430,6 +431,10 @@ static void *notifier_thread (void __attribute__ ((__unused__)) *data)
>   		exit(2);
>   	}
>   
> +	if (fcntl(serverfd, F_SETFD, FD_CLOEXEC) < 0) {
> +		fprintf(stderr, "Could not set %d as cloexec: %s", serverfd, strerror(errno));
> +	}
> +
>   #if defined(__FreeBSD__)
>   	setup_socket_cleanup(&notify_server);
>   #endif
> @@ -509,10 +514,15 @@ void notify_init(void)
>   		setup_socket_cleanup(&notify_client);
>   #endif
>   		notifyfd = socket(AF_UNIX, SOCK_DGRAM, 0);
> +
>   		if (notifyfd < 0) {
>   			printf("Error creating notifier socket for pid %d", pid);
>   			return;
>   		}
> +
> +		if (fcntl(notifyfd, F_SETFD, FD_CLOEXEC) < 0)
> +			WARN("Could not set %d as cloexec: %s", notifyfd, strerror(errno));
> +
>   		if (bind(notifyfd, (const struct sockaddr *) &notify_client,
>   			sizeof(struct sockaddr_un)) < 0) {
>   				/* Trace cannot work here, use printf */


Reviewed-by: Stefano Babic <sbabic@denx.de>

Best regards,
Stefano Babic

diff --git a/core/notifier.c b/core/notifier.c
index 77cab0150a50..87acb01f62b0 100644
--- a/core/notifier.c
+++ b/core/notifier.c
@@ -10,6 +10,7 @@ 
 #include <string.h>
 #include <unistd.h>
 #include <errno.h>
+#include <fcntl.h>
 #include <sys/select.h>
 #include <sys/socket.h>
 #include <sys/un.h>
@@ -430,6 +431,10 @@  static void *notifier_thread (void __attribute__ ((__unused__)) *data)
 		exit(2);
 	}
 
+	if (fcntl(serverfd, F_SETFD, FD_CLOEXEC) < 0) {
+		fprintf(stderr, "Could not set %d as cloexec: %s", serverfd, strerror(errno));
+	}
+
 #if defined(__FreeBSD__)
 	setup_socket_cleanup(&notify_server);
 #endif
@@ -509,10 +514,15 @@  void notify_init(void)
 		setup_socket_cleanup(&notify_client);
 #endif
 		notifyfd = socket(AF_UNIX, SOCK_DGRAM, 0);
+
 		if (notifyfd < 0) {
 			printf("Error creating notifier socket for pid %d", pid);
 			return;
 		}
+
+		if (fcntl(notifyfd, F_SETFD, FD_CLOEXEC) < 0)
+			WARN("Could not set %d as cloexec: %s", notifyfd, strerror(errno));
+
 		if (bind(notifyfd, (const struct sockaddr *) &notify_client,
 			sizeof(struct sockaddr_un)) < 0) {
 				/* Trace cannot work here, use printf */

[3/6] notifier: set notifier fds as cloexec

Commit Message

Comments

Patch