lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <47732095346849909afa68e98cb91d51@SN2PR03MB061.namprd03.prod.outlook.com>
Date:	Thu, 10 Jan 2013 20:20:41 +0000
From:	KY Srinivasan <kys@...rosoft.com>
To:	Tomas Hozza <thozza@...hat.com>,
	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
CC:	"jasowang@...hat.com" <jasowang@...hat.com>,
	Haiyang Zhang <haiyangz@...rosoft.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Hashir Abdi <habdi@...rosoft.com>
Subject: RE: [PATCH 2/2] tools: hv: Use CLOEXEC when opening kvp_pool files



> -----Original Message-----
> From: Tomas Hozza [mailto:thozza@...hat.com]
> Sent: Tuesday, January 08, 2013 6:27 AM
> To: gregkh@...uxfoundation.org
> Cc: KY Srinivasan; jasowang@...hat.com; Haiyang Zhang; linux-
> kernel@...r.kernel.org; Hashir Abdi; Tomas Hozza
> Subject: [PATCH 2/2] tools: hv: Use CLOEXEC when opening kvp_pool files
> 
> Use CLOEXEC flag when opening kvp_pool_x files to prevent file
> descriptor leakage. Not using it was causing a problem when
> SELinux was enabled.
> 
> Signed-off-by: Tomas Hozza <thozza@...hat.com>
Acked-by: K. Y. Srinivasan <kys@...rosoft.com

> ---
>  tools/hv/hv_kvp_daemon.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
> index 6b56b75..31f839cc 100644
> --- a/tools/hv/hv_kvp_daemon.c
> +++ b/tools/hv/hv_kvp_daemon.c
> @@ -151,7 +151,7 @@ static void kvp_update_file(int pool)
>  	 */
>  	kvp_acquire_lock(pool);
> 
> -	filep = fopen(kvp_file_info[pool].fname, "w");
> +	filep = fopen(kvp_file_info[pool].fname, "we");
>  	if (!filep) {
>  		kvp_release_lock(pool);
>  		syslog(LOG_ERR, "Failed to open file, pool: %d", pool);
> @@ -182,7 +182,7 @@ static void kvp_update_mem_state(int pool)
> 
>  	kvp_acquire_lock(pool);
> 
> -	filep = fopen(kvp_file_info[pool].fname, "r");
> +	filep = fopen(kvp_file_info[pool].fname, "re");
>  	if (!filep) {
>  		kvp_release_lock(pool);
>  		syslog(LOG_ERR, "Failed to open file, pool: %d", pool);
> @@ -246,13 +246,13 @@ static int kvp_file_init(void)
>  		records_read = 0;
>  		num_blocks = 1;
>  		sprintf(fname, "/var/opt/hyperv/.kvp_pool_%d", i);
> -		fd = open(fname, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR |
> S_IROTH);
> +		fd = open(fname, O_RDWR | O_CREAT | O_CLOEXEC, S_IRUSR |
> S_IWUSR | S_IROTH);
> 
>  		if (fd == -1)
>  			return 1;
> 
> 
> -		filep = fopen(fname, "r");
> +		filep = fopen(fname, "re");
>  		if (!filep)
>  			return 1;
> 
> --
> 1.7.11.7
> 
> 


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ