From nobody Thu Sep 19 00:59:20 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1537522217256409.7531621338858;
 Fri, 21 Sep 2018 02:30:17 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
 [10.5.11.23])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id AF6B9308124B;
	Fri, 21 Sep 2018 09:30:14 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 7452F7FFD0;
	Fri, 21 Sep 2018 09:30:14 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4AB9B4A465;
	Fri, 21 Sep 2018 09:30:13 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com
	[10.5.11.25])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w8L9UAkr022873 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 21 Sep 2018 05:30:10 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id BDBC52010D97; Fri, 21 Sep 2018 09:30:10 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.192])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 1403D2010D95;
	Fri, 21 Sep 2018 09:30:09 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 21 Sep 2018 11:29:57 +0200
Message-Id: 
 <40ad2b4a842a867c610194127571c3546fdb7a63.1537520636.git.mprivozn@redhat.com>
In-Reply-To: <cover.1537520636.git.mprivozn@redhat.com>
References: <cover.1537520636.git.mprivozn@redhat.com>
In-Reply-To: <cover.1537520636.git.mprivozn@redhat.com>
References: <cover.1537520636.git.mprivozn@redhat.com>
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.25
X-loop: libvir-list@redhat.com
Cc: bwalk@linux.ibm.com
Subject: [libvirt] [PATCH 2/4] virNetSocket: Be more safe with fork() around
	virNetSocketDupFD()
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]);
 Fri, 21 Sep 2018 09:30:16 +0000 (UTC)
X-ZohoMail: RDMRC_0  RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

If there was a caller which would dup the client FD without
CLOEXEC flag and later decided to change the flag it wouldn't be
safe to do because fork() might have had occurred meantime.
Switch to the other pattern - always dup FD with the flag set and
let callers clear the flag if they need to do so.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/libxl/libxl_migration.c |  4 ++--
 src/qemu/qemu_migration.c   |  2 +-
 src/rpc/virnetclient.c      | 10 +++++++++-
 src/rpc/virnetsocket.c      |  7 ++-----
 src/rpc/virnetsocket.h      |  2 +-
 5 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/src/libxl/libxl_migration.c b/src/libxl/libxl_migration.c
index fc7ccb53d0..5eb8eb1203 100644
--- a/src/libxl/libxl_migration.c
+++ b/src/libxl/libxl_migration.c
@@ -310,7 +310,7 @@ libxlMigrateDstReceive(virNetSocketPtr sock,
     }
     VIR_DEBUG("Accepted migration connection."
               "  Spawning thread to process migration data");
-    recvfd =3D virNetSocketDupFD(client_sock, true);
+    recvfd =3D virNetSocketDupFD(client_sock);
     virObjectUnref(client_sock);
=20
     /*
@@ -1254,7 +1254,7 @@ libxlDomainMigrationSrcPerform(libxlDriverPrivatePtr =
driver,
         goto cleanup;
     }
=20
-    sockfd =3D virNetSocketDupFD(sock, true);
+    sockfd =3D virNetSocketDupFD(sock);
     virObjectUnref(sock);
=20
     if (virDomainLockProcessPause(driver->lockManager, vm, &priv->lockStat=
e) < 0)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 825a9d399b..129be0a11a 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -3303,7 +3303,7 @@ qemuMigrationSrcConnect(virQEMUDriverPtr driver,
     if (virNetSocketNewConnectTCP(host, port,
                                   AF_UNSPEC,
                                   &sock) =3D=3D 0) {
-        spec->dest.fd.qemu =3D virNetSocketDupFD(sock, true);
+        spec->dest.fd.qemu =3D virNetSocketDupFD(sock);
         virObjectUnref(sock);
     }
     if (qemuSecurityClearSocketLabel(driver->securityManager, vm->def) < 0=
 ||
diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
index b4d8fb2187..40ed3fde6d 100644
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@@ -715,8 +715,16 @@ int virNetClientGetFD(virNetClientPtr client)
 int virNetClientDupFD(virNetClientPtr client, bool cloexec)
 {
     int fd;
+
     virObjectLock(client);
-    fd =3D virNetSocketDupFD(client->sock, cloexec);
+
+    fd =3D virNetSocketDupFD(client->sock);
+    if (!cloexec && fd >=3D 0 && virSetInherit(fd, true)) {
+        virReportSystemError(errno, "%s",
+                             _("Cannot disable close-on-exec flag"));
+        VIR_FORCE_CLOSE(fd);
+    }
+
     virObjectUnlock(client);
     return fd;
 }
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 55de3b2aad..27ffa23bcd 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -1372,14 +1372,11 @@ int virNetSocketGetFD(virNetSocketPtr sock)
 }
=20
=20
-int virNetSocketDupFD(virNetSocketPtr sock, bool cloexec)
+int virNetSocketDupFD(virNetSocketPtr sock)
 {
     int fd;
=20
-    if (cloexec)
-        fd =3D fcntl(sock->fd, F_DUPFD_CLOEXEC, 0);
-    else
-        fd =3D dup(sock->fd);
+    fd =3D fcntl(sock->fd, F_DUPFD_CLOEXEC, 0);
     if (fd < 0) {
         virReportSystemError(errno, "%s",
                              _("Unable to copy socket file handle"));
diff --git a/src/rpc/virnetsocket.h b/src/rpc/virnetsocket.h
index de795af917..e6bac27566 100644
--- a/src/rpc/virnetsocket.h
+++ b/src/rpc/virnetsocket.h
@@ -124,7 +124,7 @@ virNetSocketPtr virNetSocketNewPostExecRestart(virJSONV=
aluePtr object);
 virJSONValuePtr virNetSocketPreExecRestart(virNetSocketPtr sock);
=20
 int virNetSocketGetFD(virNetSocketPtr sock);
-int virNetSocketDupFD(virNetSocketPtr sock, bool cloexec);
+int virNetSocketDupFD(virNetSocketPtr sock);
=20
 bool virNetSocketIsLocal(virNetSocketPtr sock);
=20
--=20
2.16.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list