From patchwork Tue Jul 16 21:59:52 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yann Droneaud X-Patchwork-Id: 2828328 Return-Path: X-Original-To: patchwork-linux-rdma@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 1E9ABC0AB2 for ; Tue, 16 Jul 2013 22:02:02 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 153D520196 for ; Tue, 16 Jul 2013 22:02:01 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 120B420155 for ; Tue, 16 Jul 2013 22:02:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933545Ab3GPWB7 (ORCPT ); Tue, 16 Jul 2013 18:01:59 -0400 Received: from smtp1-g21.free.fr ([212.27.42.1]:36925 "EHLO smtp1-g21.free.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933201Ab3GPWB6 (ORCPT ); Tue, 16 Jul 2013 18:01:58 -0400 Received: from localhost.localdomain (unknown [IPv6:2a01:e35:2e9f:6ac0:cd91:c425:aa91:8c1a]) by smtp1-g21.free.fr (Postfix) with ESMTP id 288739400CB; Wed, 17 Jul 2013 00:01:48 +0200 (CEST) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by localhost.localdomain (8.14.7/8.14.5) with ESMTP id r6GM0VYv001112; Wed, 17 Jul 2013 00:00:31 +0200 Received: (from ydroneaud@localhost) by localhost.localdomain (8.14.7/8.14.7/Submit) id r6GM0UlZ001111; Wed, 17 Jul 2013 00:00:30 +0200 From: Yann Droneaud To: Sean Hefty , linux-rdma@vger.kernel.org Cc: Yann Droneaud Subject: [PATCH librdmacm 8/8] Open files with "close on exec" flag Date: Tue, 16 Jul 2013 23:59:52 +0200 Message-Id: <432090a25b96bd650c66f1f330a50b0ae818395f.1374011243.git.ydroneaud@opteya.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: References: Sender: linux-rdma-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-rdma@vger.kernel.org X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP File opened by librdmacm are not supposed to be inherited across exec*(), most of the files are of no use for another program, and others cannot be used without the associated memory mapping. This patch changes fopen() open() and socket() to always set close on exec flag. This patch also add checks to configure to guess if fopen() supports "e" flag. If O_CLOEXEC and SOCK_CLOEXEC are supported, fopen() should support "e". If not supported, its discarded according to POSIX. Many operating systems have support for fopen("e"). You might find more information about close on exec in the following articles: - "Excuse me son, but your code is leaking !!!" by Dan Walsh http://danwalsh.livejournal.com/53603.html - "Secure File Descriptor Handling" by Ulrich Drepper http://udrepper.livejournal.com/20407.html Note: this patch won't set close on exec flag on file descriptors created by the kernel for completion channel and such. This is addressed by another kernel patch. Signed-off-by: Yann Droneaud --- configure.ac | 24 ++++++++++++++++++++++++ src/acm.c | 4 ++-- src/cma.c | 2 +- 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 807470f..31b1a0e 100644 --- a/configure.ac +++ b/configure.ac @@ -78,6 +78,30 @@ AC_CHECK_HEADER(infiniband/acm.h, AC_DEFINE(DEFINE_ACM_MSG, 1, [adding ACM message definition]), [#include ]), []) +dnl Checks close on exec support +AC_CHECK_HEADERS([fcntl.h sys/socket.h]) + +AC_CHECK_DECLS([O_CLOEXEC],,[AC_DEFINE([O_CLOEXEC],[0], [Defined to 0 if not provided])], +[[ +#ifdef HAVE_FCNTL_H +# include +#endif +]]) +AC_CHECK_DECLS([SOCK_CLOEXEC],,[AC_DEFINE([SOCK_CLOEXEC],[0],[Defined to 0 if not provided])], +[[ +#ifdef HAVE_SYS_SOCKET_H +# include +#endif +]]) + +AC_CACHE_CHECK(for close on exec modifier for fopen(), ac_cv_feature_stream_cloexec_flag, + [if test $ac_cv_have_decl_O_CLOEXEC = yes ; then + if test $ac_cv_have_decl_SOCK_CLOEXEC = yes ; then + ac_cv_feature_stream_cloexec_flag="e" + fi + fi]) +AC_DEFINE_UNQUOTED([STREAM_CLOEXEC], "$ac_cv_feature_stream_cloexec_flag", [fopen() modifier for setting close on exec flag]) + AC_CACHE_CHECK(whether ld accepts --version-script, ac_cv_version_script, if test -n "`$LD --help < /dev/null 2>/dev/null | grep version-script`"; then ac_cv_version_script=yes diff --git a/src/acm.c b/src/acm.c index c9ca5b5..6e8e173 100644 --- a/src/acm.c +++ b/src/acm.c @@ -80,7 +80,7 @@ static int ucma_set_server_port(void) { FILE *f; - if ((f = fopen("/var/run/ibacm.port", "r"))) { + if ((f = fopen("/var/run/ibacm.port", "r" STREAM_CLOEXEC))) { fscanf(f, "%hu", (unsigned short *) &server_port); fclose(f); } @@ -100,7 +100,7 @@ void ucma_ib_init(void) if (!ucma_set_server_port()) goto out; - sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + sock = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, IPPROTO_TCP); if (sock < 0) goto out; diff --git a/src/cma.c b/src/cma.c index 2fb9913..baebecd 100644 --- a/src/cma.c +++ b/src/cma.c @@ -328,7 +328,7 @@ struct rdma_event_channel *rdma_create_event_channel(void) if (!channel) return NULL; - channel->fd = open("/dev/infiniband/rdma_cm", O_RDWR); + channel->fd = open("/dev/infiniband/rdma_cm", O_RDWR | O_CLOEXEC); if (channel->fd < 0) { fprintf(stderr, PFX "Fatal: unable to open /dev/infiniband/rdma_cm\n"); goto err;