On Thu, Mar 14, 2019 at 10:43:11AM -0500, Eric Blake wrote: > On 3/14/19 10:34 AM, Daniel P. Berrangé wrote: > > On Wed, Mar 13, 2019 at 09:55:16PM -0700, Richard Henderson wrote: > >> Avoids leaking the /dev/urandom fd into any child processes. > >> > >> Cc: Daniel P. Berrangé <berra...@redhat.com> > >> Signed-off-by: Richard Henderson <richard.hender...@linaro.org> > >> --- > >> crypto/random-platform.c | 4 ++-- > >> 1 file changed, 2 insertions(+), 2 deletions(-) > >> > >> diff --git a/crypto/random-platform.c b/crypto/random-platform.c > >> index 0866f216dc..8bfce99a65 100644 > >> --- a/crypto/random-platform.c > >> +++ b/crypto/random-platform.c > >> @@ -42,9 +42,9 @@ int qcrypto_random_init(Error **errp) > >> #else > >> /* TBD perhaps also add support for BSD getentropy / Linux > >> * getrandom syscalls directly */ > >> - fd = open("/dev/urandom", O_RDONLY); > >> + fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC); > >> if (fd == -1 && errno == ENOENT) { > >> - fd = open("/dev/random", O_RDONLY); > >> + fd = open("/dev/random", O_RDONLY | O_CLOEXEC); > >> } > >> > >> if (fd < 0) { > > > > Reviewed-by: Daniel P. Berrangé <berra...@redhat.com> > > Are we at the point where we can declare open(O_CLOEXEC) > mandatory-supported on all systems we compile on, or do we need to use > qemu_open() to get the semantics we need (with proper fallback to > non-atomic fcntl() on older platforms)?
It has been available on Linux for all our targetted distros. I can see it in man pages for FreeBSD, NetBSD & OpenBSD too, and for macOS 10.6 (~2009). I think windows is the main one which lacks it, but this #ifdef of the code isn't built on Windows. IOW, I think we're safe. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|