From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=A0Qp+v/k;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by passt.top (Postfix) with ESMTPS id 88C5D5A0265
	for <passt-dev@passt.top>; Wed, 20 May 2026 13:36:54 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1779277013;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=7RYtWWGcWdjqzmd5few7BAfKUyLzO2c7fftxYOPj9FY=;
	b=A0Qp+v/kteKko1rSjS/Nz8cOqA3uEGft+swiZ9/H5dAyWcgJ3vxw1alYvJSkMgvfMqfx1Q
	jraiGpleRK3aFxq4TekNrES5rl4Mx7WXlWWOxTi1msDHxy1ScRMB1OBxKM0G58JbLsvHa3
	OYvffAbb8lDmUO2+Ia5zqLylRK3vauc=
Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com
 [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-634-2QfmkulUPQqhRNE3Am6qUw-1; Wed, 20 May 2026 07:36:52 -0400
X-MC-Unique: 2QfmkulUPQqhRNE3Am6qUw-1
X-Mimecast-MFC-AGG-ID: 2QfmkulUPQqhRNE3Am6qUw_1779277011
Received: by mail-wr1-f71.google.com with SMTP id ffacd0b85a97d-45e80183514so2795810f8f.3
        for <passt-dev@passt.top>; Wed, 20 May 2026 04:36:52 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779277010; x=1779881810;
        h=date:content-transfer-encoding:mime-version:organization:references
         :in-reply-to:message-id:subject:cc:to:from:x-gm-gg
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=7RYtWWGcWdjqzmd5few7BAfKUyLzO2c7fftxYOPj9FY=;
        b=sr33tkwly/84N9Mo02pC6LoDmDRVzruziNC/rROxgUTzOiuv+1xucJeMRo9Yc8qL5/
         NLwhdcRX3jtgp2vdWDjjYf5RQOG2iKng5KG0sWIiCcT6j97NssjrT54n+EP8DfwjWdfe
         cJHrX1nM809OcNuEBCMrShZX4WPqrNHmdVZbFcgyZz4IG4EmqMzY/b4ycrSN/Wy4rRIa
         A6VEAgOoKatTdttLyZj9mRu+fXU8dCW0XmHGP9UBixmwqkzGcqBUc/E1W9TUbYGcxYRL
         sK00z8J2lIoYr4nCv1gWo4irreOmfTaLzyuzblchIkZuGaGsD7QmNuh2dHa3r0nnD7/l
         MlGQ==
X-Gm-Message-State: AOJu0YxfKUDkdH4E/pIXY+02xYvtHiA5DAPF+hJodExuFin6cblsvwlW
	2xtOgTzAlyoiGpkD//bait4VCjpGZNbyEKplpFkkBSX4deBJY1kceJ3kI+WBBB4Rt0JV4npUxpK
	DDQS2wEQo/tIlvcwdZ7CthltMojYAKHubiZD/xtuKsVGUZ++ZibtYqdbytIJ6Wg==
X-Gm-Gg: Acq92OEHIjf3yXJDkpFj4GJHHYvnC0jK2an6Rxr9jMyxrAMMzPnEGc1gBdqBaQWjFXt
	+X31QYJthBuCbLFLjEea+rfJ3I6/CQ4MlSn6z4J5dbZQFVZJJinaedxGt6/ucr6spkhl8xjVfIV
	0+z2KcDVdoAWtg8277C6VwnHJ5nvc8zLYJnkOdMRkEs0M4zbkxiqgJODFeQ/xSiH8kiUO3yFZ18
	m4HtLyI9WbS2ywi2xXBWVHckWBZY8zaiToiLc4upnf8ACOf94qMwkNUkKW3VXg8gqFY6EgaSl1H
	TGn9I444pQysY/NjuZWSt4gSHqTNFwAMYmDMgPn9UoB6A8msmkC+G3DQHSuq4m6v27zHCsFSZzz
	9uMxzeeKdS2vSXz+u8wHPjTj7LPT7a9a3qboD6YQhohBj/0I1cw==
X-Received: by 2002:a05:6000:40db:b0:45e:9ea3:ce9a with SMTP id ffacd0b85a97d-45e9ea3cf19mr215179f8f.8.1779277010513;
        Wed, 20 May 2026 04:36:50 -0700 (PDT)
X-Received: by 2002:a05:6000:40db:b0:45e:9ea3:ce9a with SMTP id ffacd0b85a97d-45e9ea3cf19mr215121f8f.8.1779277009913;
        Wed, 20 May 2026 04:36:49 -0700 (PDT)
Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [176.103.220.4])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-45d9e767ee0sm49978118f8f.1.2026.05.20.04.36.49
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 20 May 2026 04:36:49 -0700 (PDT)
From: Stefano Brivio <sbrivio@redhat.com>
To: David Gibson <david@gibson.dropbear.id.au>
Subject: Re: [PATCH 1/3] treewide: Add SOCK_CLOEXEC to accept() calls that
 are missing it
Message-ID: <20260520133647.29f92058@elisabeth>
In-Reply-To: <ag0IuhseVLshYtuH@zatzit>
References: <20260513041423.2446716-1-david@gibson.dropbear.id.au>
	<20260513041423.2446716-2-david@gibson.dropbear.id.au>
	<20260516174610.3ee899b5@elisabeth>
	<agp5aeCaKeVq8MsH@zatzit>
	<20260520023701.42418996@elisabeth>
	<ag0IuhseVLshYtuH@zatzit>
Organization: Red Hat
X-Mailer: Claws Mail 4.2.0 (GTK 3.24.49; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Date: Wed, 20 May 2026 13:36:48 +0200 (CEST)
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: PW_ET75PFMzUD3yuqpFUATtMVntXQD_WRaPT49oDkD4_1779277011
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID-Hash: AIMTVE6OZZSZ6DHEEPPI53KFDEHXNPI4
X-Message-ID-Hash: AIMTVE6OZZSZ6DHEEPPI53KFDEHXNPI4
X-MailFrom: sbrivio@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20260520133647.29f92058@elisabeth/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/AIMTVE6OZZSZ6DHEEPPI53KFDEHXNPI4/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On Wed, 20 May 2026 11:04:58 +1000
David Gibson <david@gibson.dropbear.id.au> wrote:

> On Wed, May 20, 2026 at 02:37:02AM +0200, Stefano Brivio wrote:
> > On Mon, 18 May 2026 12:28:57 +1000
> > David Gibson <david@gibson.dropbear.id.au> wrote:
> >   
> > > On Sat, May 16, 2026 at 05:46:11PM +0200, Stefano Brivio wrote:  
> > > > On Wed, 13 May 2026 14:14:21 +1000
> > > > David Gibson <david@gibson.dropbear.id.au> wrote:
> > > >     
> > > > > Generally we try to set the O_CLOEXEC flag on every fd we create.  This
> > > > > seems to be generally accepted security best practice these days, and we
> > > > > never fork(), so certainly have no need to pass fds to children.    
> > > > 
> > > > But we do clone() with CLONE_FILES (even though when we clone() to call
> > > > execvp() later, we don't set CLONE_FILES), so, even though I don't see
> > > > a reason to skip O_CLOEXEC for c->fd_tap, this conclusion shouldn't be
> > > > automatic from the fact we don't fork().    
> > > 
> > > So, I did think about that when  wrote it, but went for the short
> > > version rather than saying clone() with CLONE_FILES doesn't count.
> > > 
> > > Now, I realised that we've both fallen for the trap again, forgetting
> > > that this has nothing to do with fork() or clone() and is, as it says
> > > right there in the name, about exec().  
> > 
> > No, wait, I didn't fall for it, not this time. :) That's why I was
> > mentioning that when we call clone() and execvp() later (which would be  
> 
> Uh...?  I'm pretty sure the only execve(2) in the entire program is
> where we spawn passt.avx2.  That's essentially the very first thing we
> do, long before this point.

Well, grep would beg to differ, as we don't call execve() at all, but:

$ grep execv *.c | grep -v qrap
arch.c:		execv(new_path, argv);
pasta.c:	execvp(a->exe, a->argv);

O_CLOEXEC (or lack thereof) also matters on execvp().

> > the only path that matters), we don't set CLONE_FILES anyway.  
> 
> CLONE_FILES is irrelevant, it's lost during execve(2).

Yes, but if you first clone(), which we actually do before calling
pasta_spawn_cmd(), and then execvp(), CLONE_FILES on clone() *would*
matter, because the cloned process would inherit the open files, and
the process started by execvp() would then get those files as well.

But as I was mentioning in that path we don't use CLONE_FILES anyway,
so that's not relevant.

-- 
Stefano