From nobody Mon Nov 25 10:01:24 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1718986648; cv=none; d=zohomail.com; s=zohoarc; b=J5jORZLzZZQfVBS46UZ8IRN27dSg+4ZFkGLBej0zt/oB1E/XsYpZlh72m5qzVRMgb4LrDwk8B/zBis7yD71xNMSgeDQvyTXDdtwBBEfmBSf7o5vf7EQiIDTRXSKdbZxy7l1RKwCMiPw4vLDA5OrbcIhiEWC9CrCe05Uw1fwNOng= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1718986648; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=ZhNWuzpiBITLcC1Y0U8SCKMSOyBGsap/FB26vtaMnqg=; b=LUom0WCZGtISrBYF3nLdJPobrtz1eqJfishjsi0bpQklAIxuVwtuLe6v60qFuLNume0Nomt999dAXtRChexnpV1DQ32V4hdOjT8Pv3R57Sru+KujCg1KTzMMSG9yu9ZSn2xChyU5ylJfPZhTk9slfvy3iRV6MJHGNBVLlxmUbwk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1718986648456190.95835120838444; Fri, 21 Jun 2024 09:17:28 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.745393.1152511 (Exim 4.92) (envelope-from ) id 1sKgwf-0004hY-U7; Fri, 21 Jun 2024 16:17:01 +0000 Received: by outflank-mailman (output) from mailman id 745393.1152511; Fri, 21 Jun 2024 16:17:01 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1sKgwf-0004hR-RL; Fri, 21 Jun 2024 16:17:01 +0000 Received: by outflank-mailman (input) for mailman id 745393; Fri, 21 Jun 2024 16:17:01 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1sKgwf-0004hL-6a for xen-devel@lists.xenproject.org; Fri, 21 Jun 2024 16:17:01 +0000 Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [2a00:1450:4864:20::630]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id af81ea30-2fe9-11ef-b4bb-af5377834399; Fri, 21 Jun 2024 18:16:59 +0200 (CEST) Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-a6f51660223so122609166b.0 for ; Fri, 21 Jun 2024 09:16:59 -0700 (PDT) Received: from andrewcoop.eng.citrite.net ([160.101.139.1]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-57d303da3d6sm1120207a12.13.2024.06.21.09.16.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jun 2024 09:16:57 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: af81ea30-2fe9-11ef-b4bb-af5377834399 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.com; s=google; t=1718986618; x=1719591418; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=ZhNWuzpiBITLcC1Y0U8SCKMSOyBGsap/FB26vtaMnqg=; b=Fe7EN1uGQIxoMn2F8Ag/l4bp+xtRwxWx/PLfuUSJ4jqKujgDu37aBDrd7dC6djtLZb 2S2r0o58ptPTqUf9jtmVQ+PrptnWhSiU3IMUUAO7qgUqLzy/H4TUpVnHH9geuYVozoFO O0e1rPaVHxxWOWnDLUTDQkWZU9u+3z54DgyTw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718986618; x=1719591418; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZhNWuzpiBITLcC1Y0U8SCKMSOyBGsap/FB26vtaMnqg=; b=WXCzGjwGz9Gwr1Y2k1CgBstnMgDfVYQWajXVj7aBOq9FM9xvGLxLde5daZ2u6Pzz+U niXy4tivOuAO0AyUeeI+eAbm8xDmJAVdBIgIac7tDdw5yBXZZS5iWY5Y5S5KWcFr7NQD +paywc5uLGnhCEWnHo1JoI8/k26yBW8OXBxofoibvpXDQcC8nEvDA+WaYTbfOCMfdjLV 0EGdTazYi7Zt41w5ea+4eKWSDXRYyR4yqRQ0s2ROMlP7pJfdMNXsWVeOB5RYLA2rbaQC 8o9CTAqRyzBHklCbFGAxM6+fhbNpVelwUnQ7dppehI31bLJ4iO+nSknFybSMo0lxqstt Ynqg== X-Gm-Message-State: AOJu0Yx6iLQEA2c3qlBGutv0hDjBfMWKSGfmBkO7/tYZeTMLKLQgeduK EfPhAD11oFi0/75uc6pSnUobAXK5oTBZMOFJ/3esMd2U7DgXW8wG3dIZboKQNbbQOJ7KChzGaKj Ic48= X-Google-Smtp-Source: AGHT+IEYuZvg7pzZXOdLUnH/tGa2L6NR/gZmRQem6PqCCkbR8asQ8R/U4LrZfx0g6M7LdVAIONo62A== X-Received: by 2002:a50:8ad8:0:b0:57c:5d4a:4122 with SMTP id 4fb4d7f45d1cf-57d07e0d432mr5709478a12.9.1718986618242; Fri, 21 Jun 2024 09:16:58 -0700 (PDT) From: Andrew Cooper To: Xen-devel Cc: Andrew Cooper , Demi Marie Obenour , Anthony PERARD , Juergen Gross , =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= , Oleksii Kurochko Subject: [PATCH for-4.19 v2] tools/xl: Open xldevd.log with O_CLOEXEC Date: Fri, 21 Jun 2024 17:16:56 +0100 Message-Id: <20240621161656.63576-1-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1718986650620100001 `xl devd` has been observed leaking /var/log/xldevd.log into children. Note this is specifically safe; dup2() leaves O_CLOEXEC disabled on newfd, = so after setting up stdout/stderr, it's only the logfile fd which will close on exec(). Link: https://github.com/QubesOS/qubes-issues/issues/8292 Reported-by: Demi Marie Obenour Signed-off-by: Andrew Cooper Acked-by: Anthony PERARD Reviewed-by: Demi Marie Obenour Reviewed-by: Marek Marczykowski-G=C3=B3recki --- CC: Anthony PERARD CC: Juergen Gross CC: Demi Marie Obenour CC: Marek Marczykowski-G=C3=B3recki CC: Oleksii Kurochko Also entirely speculative based on the QubesOS ticket. v2: * Extend the commit message to explain why stdout/stderr aren't closed by this change For 4.19. This bugfix was posted earlier, but fell between the cracks. --- tools/xl/xl_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/xl/xl_utils.c b/tools/xl/xl_utils.c index 17489d182954..060186db3a59 100644 --- a/tools/xl/xl_utils.c +++ b/tools/xl/xl_utils.c @@ -270,7 +270,7 @@ int do_daemonize(const char *name, const char *pidfile) exit(-1); } =20 - CHK_SYSCALL(logfile =3D open(fullname, O_WRONLY|O_CREAT|O_APPEND, 0644= )); + CHK_SYSCALL(logfile =3D open(fullname, O_WRONLY | O_CREAT | O_APPEND |= O_CLOEXEC, 0644)); free(fullname); assert(logfile >=3D 3); =20 --=20 2.39.2