On Fri, Oct 25, 2024 at 02:08:11PM +0200, Stefano Brivio wrote: > In pcap_init(), we open the packet capture file with O_CLOEXEC only > when possible. > > In logfile_init() and pidfile_open(), the fact that we pass a third > 'mode' argument to open() seems to confuse the android-cloexec-open > checker in LLVM versions from 16 to 19 (at least). > > The checker is suggesting to add O_CLOEXEC to 'mode', and not in > 'flags', where we already have it. > > Signed-off-by: Stefano Brivio > --- > log.c | 4 ++++ > pcap.c | 1 + > util.c | 4 ++++ > 3 files changed, 9 insertions(+) > > diff --git a/log.c b/log.c > index 6932885..154466f 100644 > --- a/log.c > +++ b/log.c > @@ -416,7 +416,11 @@ void logfile_init(const char *name, const char *path, size_t size) > if (readlink("/proc/self/exe", exe, PATH_MAX - 1) < 0) > die_perror("Failed to read own /proc/self/exe link"); > > + /* We use O_CLOEXEC here, but clang-tidy as of LLVM 16 to 19 looks for > + * it in the 'mode' argument if we have one, so... > + */ > log_file = open(path, O_CREAT | O_TRUNC | O_APPEND | O_RDWR | O_CLOEXEC, > + /* NOLINTNEXTLINE(android-cloexec-open) */ > S_IRUSR | S_IWUSR); > if (log_file == -1) > die_perror("Couldn't open log file %s", path); > diff --git a/pcap.c b/pcap.c > index 6ee6cdf..6753cfb 100644 > --- a/pcap.c > +++ b/pcap.c > @@ -167,6 +167,7 @@ void pcap_init(struct ctx *c) > return; > > flags |= c->foreground ? O_CLOEXEC : 0; > + /* NOLINTNEXTLINE(android-cloexec-open): ...only where possible */ Hmm... why do we need the conditional on c->foreground? It's close-on-exec(), not close-on-fork() or close-on-daemonize(). > pcap_fd = open(c->pcap, flags, S_IRUSR | S_IWUSR); > if (pcap_fd == -1) { > perror("open"); > diff --git a/util.c b/util.c > index 9cb705e..75aee81 100644 > --- a/util.c > +++ b/util.c > @@ -419,7 +419,11 @@ int pidfile_open(const char *path) > if (!*path) > return -1; > > + /* We use O_CLOEXEC here, but clang-tidy as of LLVM 16 to 19 looks for > + * it in the 'mode' argument if we have one > + */ > if ((fd = open(path, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, > + /* NOLINTNEXTLINE(android-cloexec-open) */ > S_IRUSR | S_IWUSR)) < 0) { > perror("PID file open"); > exit(EXIT_FAILURE); -- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson