|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] [LIBXC] Set close-on-exec on the privcmd fd in libxc.
# HG changeset patch
# User kfraser@xxxxxxxxxxxxxxxxxxxxx
# Node ID 59adc1f7dfca2e3182289fa2d422ddf1810016e9
# Parent f437295526037a468bbd2659935ab7935262a99e
[LIBXC] Set close-on-exec on the privcmd fd in libxc.
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
tools/libxc/xc_linux.c | 30 ++++++++++++++++++++++++++++++
1 files changed, 30 insertions(+)
diff -r f43729552603 -r 59adc1f7dfca tools/libxc/xc_linux.c
--- a/tools/libxc/xc_linux.c Tue Aug 15 16:21:12 2006 +0100
+++ b/tools/libxc/xc_linux.c Tue Aug 15 16:25:04 2006 +0100
@@ -13,13 +13,43 @@
#include <xen/memory.h>
#include <xen/sys/evtchn.h>
+#include <unistd.h>
+#include <fcntl.h>
int xc_interface_open(void)
{
+ int flags, saved_errno;
int fd = open("/proc/xen/privcmd", O_RDWR);
+
if ( fd == -1 )
+ {
PERROR("Could not obtain handle on privileged command interface");
+ return -1;
+ }
+
+ /* Although we return the file handle as the 'xc handle' the API
+ does not specify / guarentee that this integer is in fact
+ a file handle. Thus we must take responsiblity to ensure
+ it doesn't propagate (ie leak) outside the process */
+ if ( (flags = fcntl(fd, F_GETFD)) < 0 )
+ {
+ PERROR("Could not get file handle flags");
+ goto error;
+ }
+ flags |= FD_CLOEXEC;
+ if ( fcntl(fd, F_SETFD, flags) < 0 )
+ {
+ PERROR("Could not set file handle flags");
+ goto error;
+ }
+
return fd;
+
+ error:
+ saved_errno = errno;
+ close(fd);
+ errno = saved_errno;
+ return -1;
}
int xc_interface_close(int xc_handle)
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |