1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
From d689bb4d2cd3ccdb0067b0ca953cccbc5ab375ae Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Thu, 4 Jul 2024 14:13:18 +0200
Subject: [PATCH 48/56] tools/libxs: Fix CLOEXEC handling in get_socket()
get_socket() opens a socket, then uses fcntl() to set CLOEXEC. This is racy
with exec().
Open the socket with SOCK_CLOEXEC. Use the same compatibility strategy as
O_CLOEXEC on ancient versions of Linux.
Reported-by: Frediano Ziglio <frediano.ziglio@cloud.com>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Acked-by: Anthony PERARD <anthony.perard@vates.tech>
master commit: 1957dd6aff931877fc22699d8f2d4be8728014ba
master date: 2024-07-02 10:51:11 +0100
---
tools/libs/store/xs.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/tools/libs/store/xs.c b/tools/libs/store/xs.c
index 037e79d98b..11a766c508 100644
--- a/tools/libs/store/xs.c
+++ b/tools/libs/store/xs.c
@@ -44,6 +44,10 @@
#define O_CLOEXEC 0
#endif
+#ifndef SOCK_CLOEXEC
+#define SOCK_CLOEXEC 0
+#endif
+
struct xs_stored_msg {
XEN_TAILQ_ENTRY(struct xs_stored_msg) list;
struct xsd_sockmsg hdr;
@@ -207,16 +211,14 @@ int xs_fileno(struct xs_handle *h)
static int get_socket(const char *connect_to)
{
struct sockaddr_un addr;
- int sock, saved_errno, flags;
+ int sock, saved_errno;
- sock = socket(PF_UNIX, SOCK_STREAM, 0);
+ sock = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (sock < 0)
return -1;
- if ((flags = fcntl(sock, F_GETFD)) < 0)
- goto error;
- flags |= FD_CLOEXEC;
- if (fcntl(sock, F_SETFD, flags) < 0)
+ /* Compat for non-SOCK_CLOEXEC environments. Racy. */
+ if (!SOCK_CLOEXEC && !set_cloexec(sock))
goto error;
addr.sun_family = AF_UNIX;
--
2.45.2
|