| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Jan 2013 20:20:41 +0000
From: KY Srinivasan <kys@...rosoft.com>
To: Tomas Hozza <thozza@...hat.com>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
CC: "jasowang@...hat.com" <jasowang@...hat.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Hashir Abdi <habdi@...rosoft.com>
Subject: RE: [PATCH 2/2] tools: hv: Use CLOEXEC when opening kvp_pool files
> -----Original Message-----
> From: Tomas Hozza [mailto:thozza@...hat.com]
> Sent: Tuesday, January 08, 2013 6:27 AM
> To: gregkh@...uxfoundation.org
> Cc: KY Srinivasan; jasowang@...hat.com; Haiyang Zhang; linux-
> kernel@...r.kernel.org; Hashir Abdi; Tomas Hozza
> Subject: [PATCH 2/2] tools: hv: Use CLOEXEC when opening kvp_pool files
>
> Use CLOEXEC flag when opening kvp_pool_x files to prevent file
> descriptor leakage. Not using it was causing a problem when
> SELinux was enabled.
>
> Signed-off-by: Tomas Hozza <thozza@...hat.com>
Acked-by: K. Y. Srinivasan <kys@...rosoft.com
> ---
> tools/hv/hv_kvp_daemon.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
> index 6b56b75..31f839cc 100644
> --- a/tools/hv/hv_kvp_daemon.c
> +++ b/tools/hv/hv_kvp_daemon.c
> @@ -151,7 +151,7 @@ static void kvp_update_file(int pool)
> */
> kvp_acquire_lock(pool);
>
> - filep = fopen(kvp_file_info[pool].fname, "w");
> + filep = fopen(kvp_file_info[pool].fname, "we");
> if (!filep) {
> kvp_release_lock(pool);
> syslog(LOG_ERR, "Failed to open file, pool: %d", pool);
> @@ -182,7 +182,7 @@ static void kvp_update_mem_state(int pool)
>
> kvp_acquire_lock(pool);
>
> - filep = fopen(kvp_file_info[pool].fname, "r");
> + filep = fopen(kvp_file_info[pool].fname, "re");
> if (!filep) {
> kvp_release_lock(pool);
> syslog(LOG_ERR, "Failed to open file, pool: %d", pool);
> @@ -246,13 +246,13 @@ static int kvp_file_init(void)
> records_read = 0;
> num_blocks = 1;
> sprintf(fname, "/var/opt/hyperv/.kvp_pool_%d", i);
> - fd = open(fname, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR |
> S_IROTH);
> + fd = open(fname, O_RDWR | O_CREAT | O_CLOEXEC, S_IRUSR |
> S_IWUSR | S_IROTH);
>
> if (fd == -1)
> return 1;
>
>
> - filep = fopen(fname, "r");
> + filep = fopen(fname, "re");
> if (!filep)
> return 1;
>
> --
> 1.7.11.7
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists