lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 9 Oct 2012 22:07:22 +0800
From:	Cong Wang <xiyou.wangcong@...il.com>
To:	"Richard W.M. Jones" <rjones@...hat.com>
Cc:	Jim Meyering <jim@...ering.net>, eblake@...hat.com,
	Al Viro <viro@...iv.linux.org.uk>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: F_DUPFD_CLOEXEC broken in 3.7.0

On Tue, Oct 9, 2012 at 6:05 AM, Richard W.M. Jones <rjones@...hat.com> wrote:
> Let's move this to LKML ...
>
> On Mon, Oct 08, 2012 at 10:53:25PM +0100, Richard W.M. Jones wrote:
>> On Mon, Oct 08, 2012 at 10:50:30PM +0100, Richard W.M. Jones wrote:
>> [.. discussion on gnulib test-cloexec test snipped ..]
>> > I'm suspicious this is a kernel bug:
>> >
>> > creat("test-cloexec.tmp", 0600)         = 3
>> > fcntl(3, F_GETFD)                       = 0
>> > fcntl(3, F_GETFD)                       = 0
>> > fcntl(3, F_SETFD, FD_CLOEXEC)           = 0
>> > fcntl(3, F_GETFD)                       = 0x1 (flags FD_CLOEXEC)
>> > fcntl(3, F_GETFD)                       = 0x1 (flags FD_CLOEXEC)
>> > fcntl(3, F_SETFD, 0)                    = 0
>> > fcntl(3, F_GETFD)                       = 0
>> > fcntl(3, F_DUPFD_CLOEXEC, 0)            = 4
>> > fcntl(4, F_GETFD)                       = 0
>> > write(2, "test-cloexec.c:97: assertion failed\n", 36) = 36
>> >
>> > It seems to me from the description in the man page that
>> > F_DUPFD_CLOEXEC ought to be setting the FD_CLOEXEC flag on file
>> > descriptor 4, so either it's not or else F_GETFD isn't reading the
>> > flag for some reason.
>>
>> Al Viro (CC'd) made some changes in this area recently ..
>
> Attached is a self-contained test program that demonstrates the bug.
>

Seems we passed a wrong flag to f_dupfd()...
Does the following patch help?

diff --git a/fs/fcntl.c b/fs/fcntl.c
index 8f70429..71a600a 100644
--- a/fs/fcntl.c
+++ b/fs/fcntl.c
@@ -258,7 +258,7 @@ static long do_fcntl(int fd, unsigned int cmd,
unsigned long arg,
                err = f_dupfd(arg, filp, 0);
                break;
        case F_DUPFD_CLOEXEC:
-               err = f_dupfd(arg, filp, FD_CLOEXEC);
+               err = f_dupfd(arg, filp, O_CLOEXEC);
                break;
        case F_GETFD:
                err = get_close_on_exec(fd) ? FD_CLOEXEC : 0;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ