Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/0048-tools-libxs-Fix-CLOEXEC-handling-in-get_socket.patch
diff options
context:
space:
mode:
Diffstat (limited to '0048-tools-libxs-Fix-CLOEXEC-handling-in-get_socket.patch')
-rw-r--r--0048-tools-libxs-Fix-CLOEXEC-handling-in-get_socket.patch60
1 files changed, 60 insertions, 0 deletions
diff --git a/0048-tools-libxs-Fix-CLOEXEC-handling-in-get_socket.patch b/0048-tools-libxs-Fix-CLOEXEC-handling-in-get_socket.patch
new file mode 100644
index 0000000..e01a6b4
--- /dev/null
+++ b/0048-tools-libxs-Fix-CLOEXEC-handling-in-get_socket.patch
@@ -0,0 +1,60 @@
+From d689bb4d2cd3ccdb0067b0ca953cccbc5ab375ae Mon Sep 17 00:00:00 2001
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Date: Thu, 4 Jul 2024 14:13:18 +0200
+Subject: [PATCH 48/56] tools/libxs: Fix CLOEXEC handling in get_socket()
+
+get_socket() opens a socket, then uses fcntl() to set CLOEXEC. This is racy
+with exec().
+
+Open the socket with SOCK_CLOEXEC. Use the same compatibility strategy as
+O_CLOEXEC on ancient versions of Linux.
+
+Reported-by: Frediano Ziglio <frediano.ziglio@cloud.com>
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Juergen Gross <jgross@suse.com>
+Acked-by: Anthony PERARD <anthony.perard@vates.tech>
+master commit: 1957dd6aff931877fc22699d8f2d4be8728014ba
+master date: 2024-07-02 10:51:11 +0100
+---
+ tools/libs/store/xs.c | 14 ++++++++------
+ 1 file changed, 8 insertions(+), 6 deletions(-)
+
+diff --git a/tools/libs/store/xs.c b/tools/libs/store/xs.c
+index 037e79d98b..11a766c508 100644
+--- a/tools/libs/store/xs.c
++++ b/tools/libs/store/xs.c
+@@ -44,6 +44,10 @@
+ #define O_CLOEXEC 0
+ #endif
+
++#ifndef SOCK_CLOEXEC
++#define SOCK_CLOEXEC 0
++#endif
++
+ struct xs_stored_msg {
+ XEN_TAILQ_ENTRY(struct xs_stored_msg) list;
+ struct xsd_sockmsg hdr;
+@@ -207,16 +211,14 @@ int xs_fileno(struct xs_handle *h)
+ static int get_socket(const char *connect_to)
+ {
+ struct sockaddr_un addr;
+- int sock, saved_errno, flags;
++ int sock, saved_errno;
+
+- sock = socket(PF_UNIX, SOCK_STREAM, 0);
++ sock = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
+ if (sock < 0)
+ return -1;
+
+- if ((flags = fcntl(sock, F_GETFD)) < 0)
+- goto error;
+- flags |= FD_CLOEXEC;
+- if (fcntl(sock, F_SETFD, flags) < 0)
++ /* Compat for non-SOCK_CLOEXEC environments. Racy. */
++ if (!SOCK_CLOEXEC && !set_cloexec(sock))
+ goto error;
+
+ addr.sun_family = AF_UNIX;
+--
+2.45.2
+