mirror of
https://gitlab.freedesktop.org/wayland/weston
synced 2024-09-16 08:36:33 +00:00
launcher-util: Force all weston_launcher_open()s to use O_CLOEXEC
Really, there's pretty much no time we'd ever want O_CLOEXEC unset, as it will likely result in leaking fds to processes that aren't interested in them or shouldn't have them. This also removes the (now unused) code from weston_logind_open() that could drop O_CLOEXEC. Signed-off-by: Derek Foreman <derekf@osg.samsung.com> Reviewed-by: Daniel Stone <daniels@collabora.com> Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
This commit is contained in:
parent
8f5acc2f3a
commit
2663c68330
|
@ -114,11 +114,17 @@ weston_launcher_open(struct weston_launcher *launcher,
|
||||||
struct weston_launcher_open *message;
|
struct weston_launcher_open *message;
|
||||||
struct stat s;
|
struct stat s;
|
||||||
|
|
||||||
|
/* We really don't want to be leaking fds to child processes so
|
||||||
|
* we force this flag here. If someone comes up with a legitimate
|
||||||
|
* reason to not CLOEXEC they'll need to unset the flag manually.
|
||||||
|
*/
|
||||||
|
flags |= O_CLOEXEC;
|
||||||
|
|
||||||
if (launcher->logind)
|
if (launcher->logind)
|
||||||
return weston_logind_open(launcher->logind, path, flags);
|
return weston_logind_open(launcher->logind, path, flags);
|
||||||
|
|
||||||
if (launcher->fd == -1) {
|
if (launcher->fd == -1) {
|
||||||
fd = open(path, flags | O_CLOEXEC);
|
fd = open(path, flags);
|
||||||
if (fd == -1)
|
if (fd == -1)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
|
|
@ -186,8 +186,8 @@ weston_logind_open(struct weston_logind *wl, const char *path,
|
||||||
* directly. Instead, logind passes us an fd with sane default modes.
|
* directly. Instead, logind passes us an fd with sane default modes.
|
||||||
* For DRM and evdev this means O_RDWR | O_CLOEXEC. If we want
|
* For DRM and evdev this means O_RDWR | O_CLOEXEC. If we want
|
||||||
* something else, we need to change it afterwards. We currently
|
* something else, we need to change it afterwards. We currently
|
||||||
* only support dropping FD_CLOEXEC and setting O_NONBLOCK. Changing
|
* only support setting O_NONBLOCK. Changing access-modes is not
|
||||||
* access-modes is not possible so accept whatever logind passes us. */
|
* possible so accept whatever logind passes us. */
|
||||||
|
|
||||||
fl = fcntl(fd, F_GETFL);
|
fl = fcntl(fd, F_GETFL);
|
||||||
if (fl < 0) {
|
if (fl < 0) {
|
||||||
|
@ -203,22 +203,6 @@ weston_logind_open(struct weston_logind *wl, const char *path,
|
||||||
r = -errno;
|
r = -errno;
|
||||||
goto err_close;
|
goto err_close;
|
||||||
}
|
}
|
||||||
|
|
||||||
fl = fcntl(fd, F_GETFD);
|
|
||||||
if (fl < 0) {
|
|
||||||
r = -errno;
|
|
||||||
goto err_close;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!(flags & O_CLOEXEC))
|
|
||||||
fl &= ~FD_CLOEXEC;
|
|
||||||
|
|
||||||
r = fcntl(fd, F_SETFD, fl);
|
|
||||||
if (r < 0) {
|
|
||||||
r = -errno;
|
|
||||||
goto err_close;
|
|
||||||
}
|
|
||||||
|
|
||||||
return fd;
|
return fd;
|
||||||
|
|
||||||
err_close:
|
err_close:
|
||||||
|
|
Loading…
Reference in a new issue