diff options
Diffstat (limited to '0044-tools-xl-Open-xldevd.log-with-O_CLOEXEC.patch')
-rw-r--r-- | 0044-tools-xl-Open-xldevd.log-with-O_CLOEXEC.patch | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/0044-tools-xl-Open-xldevd.log-with-O_CLOEXEC.patch b/0044-tools-xl-Open-xldevd.log-with-O_CLOEXEC.patch deleted file mode 100644 index 39dc3eb..0000000 --- a/0044-tools-xl-Open-xldevd.log-with-O_CLOEXEC.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 2b3bf02c4f5e44d7d7bd3636530c9ebc837dea87 Mon Sep 17 00:00:00 2001 -From: Andrew Cooper <andrew.cooper3@citrix.com> -Date: Thu, 4 Jul 2024 14:11:36 +0200 -Subject: [PATCH 44/56] tools/xl: Open xldevd.log with O_CLOEXEC -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -`xl devd` has been observed leaking /var/log/xldevd.log into children. - -Note this is specifically safe; dup2() leaves O_CLOEXEC disabled on newfd, so -after setting up stdout/stderr, it's only the logfile fd which will close on -exec(). - -Link: https://github.com/QubesOS/qubes-issues/issues/8292 -Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com> -Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> -Reviewed-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> -Reviewed-by: Demi Marie Obenour <demi@invisiblethingslab.com> -Acked-by: Anthony PERARD <anthony.perard@vates.tech> -master commit: ba52b3b624e4a1a976908552364eba924ca45430 -master date: 2024-06-24 16:22:59 +0100 ---- - tools/xl/xl_utils.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/tools/xl/xl_utils.c b/tools/xl/xl_utils.c -index 17489d1829..b0d23b2cdb 100644 ---- a/tools/xl/xl_utils.c -+++ b/tools/xl/xl_utils.c -@@ -27,6 +27,10 @@ - #include "xl.h" - #include "xl_utils.h" - -+#ifndef O_CLOEXEC -+#define O_CLOEXEC 0 -+#endif -+ - void dolog(const char *file, int line, const char *func, const char *fmt, ...) - { - va_list ap; -@@ -270,7 +274,7 @@ int do_daemonize(const char *name, const char *pidfile) - exit(-1); - } - -- CHK_SYSCALL(logfile = open(fullname, O_WRONLY|O_CREAT|O_APPEND, 0644)); -+ CHK_SYSCALL(logfile = open(fullname, O_WRONLY | O_CREAT | O_APPEND | O_CLOEXEC, 0644)); - free(fullname); - assert(logfile >= 3); - --- -2.45.2 - |