From nobody Thu Sep 19 01:05:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1537522233198651.9914556931211; Fri, 21 Sep 2018 02:30:33 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 340D4309B6C4; Fri, 21 Sep 2018 09:30:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0786A806BC; Fri, 21 Sep 2018 09:30:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B2702181A12F; Fri, 21 Sep 2018 09:30:29 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w8L9UBdX022878 for ; Fri, 21 Sep 2018 05:30:11 -0400 Received: by smtp.corp.redhat.com (Postfix) id BD3C52010D7D; Fri, 21 Sep 2018 09:30:11 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id 16CC62010D95; Fri, 21 Sep 2018 09:30:10 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Fri, 21 Sep 2018 11:29:58 +0200 Message-Id: <2293db84dc47d411373bed6f58106ac37796b5c9.1537520636.git.mprivozn@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.84 on 10.5.11.25 X-loop: libvir-list@redhat.com Cc: bwalk@linux.ibm.com Subject: [libvirt] [PATCH 3/4] virLockManagerLockDaemonAcquire: Duplicate client FD with CLOEXEC flag X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Fri, 21 Sep 2018 09:30:31 +0000 (UTC) X-ZohoMail: RDMRC_0 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" There is one caller (virSecurityManagerMetadataLock) which duplicates the connection FD and wants to have the flag set. However, trying to set the flag after dup() is not safe as another thread might fork() meanwhile. Therefore, switch to duplicating with the flag set and only let callers refine this later. Signed-off-by: Michal Privoznik --- src/locking/domain_lock.c | 18 ++++++++++++++++++ src/locking/lock_driver_lockd.c | 2 +- src/rpc/virnetclient.c | 9 +-------- src/rpc/virnetclient.h | 2 +- 4 files changed, 21 insertions(+), 10 deletions(-) diff --git a/src/locking/domain_lock.c b/src/locking/domain_lock.c index 705b132457..db20fa86a3 100644 --- a/src/locking/domain_lock.c +++ b/src/locking/domain_lock.c @@ -188,6 +188,24 @@ int virDomainLockProcessStart(virLockManagerPluginPtr = plugin, ret =3D virLockManagerAcquire(lock, NULL, flags, dom->def->onLockFailure, fd); =20 + if (ret >=3D 0 && fd && *fd >=3D 0 && virSetInherit(*fd, true) < 0) { + int saved_errno =3D errno; + virErrorPtr origerr; + + virErrorPreserveLast(&origerr); + + if (virLockManagerRelease(lock, NULL, 0) < 0) + VIR_WARN("Unable to release acquired resourced in cleanup path= "); + + virErrorRestore(&origerr); + errno =3D saved_errno; + + virReportSystemError(errno, "%s", + _("Cannot disable close-on-exec flag")); + + ret =3D -1; + } + virLockManagerFree(lock); =20 return ret; diff --git a/src/locking/lock_driver_lockd.c b/src/locking/lock_driver_lock= d.c index 0c672b05b1..9b1943daa6 100644 --- a/src/locking/lock_driver_lockd.c +++ b/src/locking/lock_driver_lockd.c @@ -796,7 +796,7 @@ static int virLockManagerLockDaemonAcquire(virLockManag= erPtr lock, goto cleanup; =20 if (fd && - (*fd =3D virNetClientDupFD(client, false)) < 0) + (*fd =3D virNetClientDupFD(client)) < 0) goto cleanup; =20 if (!(flags & VIR_LOCK_MANAGER_ACQUIRE_REGISTER_ONLY)) { diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c index 40ed3fde6d..6b0ddbeaad 100644 --- a/src/rpc/virnetclient.c +++ b/src/rpc/virnetclient.c @@ -712,19 +712,12 @@ int virNetClientGetFD(virNetClientPtr client) } =20 =20 -int virNetClientDupFD(virNetClientPtr client, bool cloexec) +int virNetClientDupFD(virNetClientPtr client) { int fd; =20 virObjectLock(client); - fd =3D virNetSocketDupFD(client->sock); - if (!cloexec && fd >=3D 0 && virSetInherit(fd, true)) { - virReportSystemError(errno, "%s", - _("Cannot disable close-on-exec flag")); - VIR_FORCE_CLOSE(fd); - } - virObjectUnlock(client); return fd; } diff --git a/src/rpc/virnetclient.h b/src/rpc/virnetclient.h index 9cf32091f5..3702f7fe5a 100644 --- a/src/rpc/virnetclient.h +++ b/src/rpc/virnetclient.h @@ -95,7 +95,7 @@ void virNetClientSetCloseCallback(virNetClientPtr client, virFreeCallback ff); =20 int virNetClientGetFD(virNetClientPtr client); -int virNetClientDupFD(virNetClientPtr client, bool cloexec); +int virNetClientDupFD(virNetClientPtr client); =20 bool virNetClientHasPassFD(virNetClientPtr client); =20 --=20 2.16.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list