RE: [PATCH 2/2] tools: hv: Use CLOEXEC when opening kvp_pool files

KY Srinivasan Thu, 10 Jan 2013 12:26:22 -0800


> -----Original Message-----
> From: Tomas Hozza [mailto:tho...@redhat.com]
> Sent: Tuesday, January 08, 2013 6:27 AM
> To: gre...@linuxfoundation.org
> Cc: KY Srinivasan; jasow...@redhat.com; Haiyang Zhang; linux-
> ker...@vger.kernel.org; Hashir Abdi; Tomas Hozza
> Subject: [PATCH 2/2] tools: hv: Use CLOEXEC when opening kvp_pool files
> 
> Use CLOEXEC flag when opening kvp_pool_x files to prevent file
> descriptor leakage. Not using it was causing a problem when
> SELinux was enabled.
> 
> Signed-off-by: Tomas Hozza <tho...@redhat.com>
Acked-by: K. Y. Srinivasan <k...@microsoft.com


> ---
>  tools/hv/hv_kvp_daemon.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
> index 6b56b75..31f839cc 100644
> --- a/tools/hv/hv_kvp_daemon.c
> +++ b/tools/hv/hv_kvp_daemon.c
> @@ -151,7 +151,7 @@ static void kvp_update_file(int pool)
>        */
>       kvp_acquire_lock(pool);
> 
> -     filep = fopen(kvp_file_info[pool].fname, "w");
> +     filep = fopen(kvp_file_info[pool].fname, "we");
>       if (!filep) {
>               kvp_release_lock(pool);
>               syslog(LOG_ERR, "Failed to open file, pool: %d", pool);
> @@ -182,7 +182,7 @@ static void kvp_update_mem_state(int pool)
> 
>       kvp_acquire_lock(pool);
> 
> -     filep = fopen(kvp_file_info[pool].fname, "r");
> +     filep = fopen(kvp_file_info[pool].fname, "re");
>       if (!filep) {
>               kvp_release_lock(pool);
>               syslog(LOG_ERR, "Failed to open file, pool: %d", pool);
> @@ -246,13 +246,13 @@ static int kvp_file_init(void)
>               records_read = 0;
>               num_blocks = 1;
>               sprintf(fname, "/var/opt/hyperv/.kvp_pool_%d", i);
> -             fd = open(fname, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR |
> S_IROTH);
> +             fd = open(fname, O_RDWR | O_CREAT | O_CLOEXEC, S_IRUSR |
> S_IWUSR | S_IROTH);
> 
>               if (fd == -1)
>                       return 1;
> 
> 
> -             filep = fopen(fname, "r");
> +             filep = fopen(fname, "re");
>               if (!filep)
>                       return 1;
> 
> --
> 1.7.11.7
> 
> 


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

RE: [PATCH 2/2] tools: hv: Use CLOEXEC when opening kvp_pool files

Reply via email to