Commit 2663c683 authored by Derek Foreman's avatar Derek Foreman Committed by Pekka Paalanen

launcher-util: Force all weston_launcher_open()s to use O_CLOEXEC

Really, there's pretty much no time we'd ever want O_CLOEXEC unset,
as it will likely result in leaking fds to processes that aren't
interested in them or shouldn't have them.

This also removes the (now unused) code from weston_logind_open() that
could drop O_CLOEXEC.
Signed-off-by: default avatarDerek Foreman <derekf@osg.samsung.com>
Reviewed-by: Daniel Stone's avatarDaniel Stone <daniels@collabora.com>
Reviewed-by: Pekka Paalanen's avatarPekka Paalanen <pekka.paalanen@collabora.co.uk>
parent 8f5acc2f
......@@ -114,11 +114,17 @@ weston_launcher_open(struct weston_launcher *launcher,
struct weston_launcher_open *message;
struct stat s;
/* We really don't want to be leaking fds to child processes so
* we force this flag here. If someone comes up with a legitimate
* reason to not CLOEXEC they'll need to unset the flag manually.
*/
flags |= O_CLOEXEC;
if (launcher->logind)
return weston_logind_open(launcher->logind, path, flags);
if (launcher->fd == -1) {
fd = open(path, flags | O_CLOEXEC);
fd = open(path, flags);
if (fd == -1)
return -1;
......
......@@ -186,8 +186,8 @@ weston_logind_open(struct weston_logind *wl, const char *path,
* directly. Instead, logind passes us an fd with sane default modes.
* For DRM and evdev this means O_RDWR | O_CLOEXEC. If we want
* something else, we need to change it afterwards. We currently
* only support dropping FD_CLOEXEC and setting O_NONBLOCK. Changing
* access-modes is not possible so accept whatever logind passes us. */
* only support setting O_NONBLOCK. Changing access-modes is not
* possible so accept whatever logind passes us. */
fl = fcntl(fd, F_GETFL);
if (fl < 0) {
......@@ -203,22 +203,6 @@ weston_logind_open(struct weston_logind *wl, const char *path,
r = -errno;
goto err_close;
}
fl = fcntl(fd, F_GETFD);
if (fl < 0) {
r = -errno;
goto err_close;
}
if (!(flags & O_CLOEXEC))
fl &= ~FD_CLOEXEC;
r = fcntl(fd, F_SETFD, fl);
if (r < 0) {
r = -errno;
goto err_close;
}
return fd;
err_close:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment