dgit.raspbian.org Git - xen.git/commit

author	Jason Andryuk <jandryuk@gmail.com>
	Wed, 1 Jun 2022 07:18:49 +0000 (09:18 +0200)
committer	Jan Beulich <jbeulich@suse.com>
	Wed, 1 Jun 2022 07:18:49 +0000 (09:18 +0200)
commit	7fbebfa5406dadd82ba2e650282715dacf771133
tree	0f5f8bc49a6562425a115f7d323542c2accb38c0	tree \| snapshot
parent	108d145df8d5401c7fafc3a7056d2ecce1288794	commit \| diff

libxl: don't leak self pipes

libxl is leaking self pipes to child processes. These can be seen when
running with env var _LIBXL_DEBUG_EXEC_FDS=1:

libxl: debug: libxl_aoutils.c:593:libxl__async_exec_start: forking to execute: /etc/xen/scripts/vif-bridge online
[Detaching after fork from child process 5099]
libxl: execing /etc/xen/scripts/vif-bridge: fd 4 is open to pipe:[46805] with flags 0
libxl: execing /etc/xen/scripts/vif-bridge: fd 13 is open to pipe:[46807] with flags 0
libxl: execing /etc/xen/scripts/vif-bridge: fd 14 is open to pipe:[46807] with flags 0
libxl: execing /etc/xen/scripts/vif-bridge: fd 19 is open to pipe:[48570] with flags 0
libxl: execing /etc/xen/scripts/vif-bridge: fd 20 is open to pipe:[48570] with flags 0

(fd 3 is also open, but the check only starts at 4 for some reason.)

For xl, this is the poller created by libxl_ctx_alloc, the poller
created by do_domain_create -> libxl__ao_create, and the self pipe for
libxl__sigchld_needed. Set CLOEXEC on the FDs so they are not leaked
into children.

Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>

tools/libs/light/libxl_event.c		diff \| blob \| history
tools/libs/light/libxl_fork.c		diff \| blob \| history