From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>
Cc: passt-dev@passt.top
Subject: Re: [PATCH 1/3] treewide: Add SOCK_CLOEXEC to accept() calls that are missing it
Date: Wed, 20 May 2026 11:04:58 +1000 [thread overview]
Message-ID: <ag0IuhseVLshYtuH@zatzit> (raw)
In-Reply-To: <20260520023701.42418996@elisabeth>
[-- Attachment #1: Type: text/plain, Size: 1863 bytes --]
On Wed, May 20, 2026 at 02:37:02AM +0200, Stefano Brivio wrote:
> On Mon, 18 May 2026 12:28:57 +1000
> David Gibson <david@gibson.dropbear.id.au> wrote:
>
> > On Sat, May 16, 2026 at 05:46:11PM +0200, Stefano Brivio wrote:
> > > On Wed, 13 May 2026 14:14:21 +1000
> > > David Gibson <david@gibson.dropbear.id.au> wrote:
> > >
> > > > Generally we try to set the O_CLOEXEC flag on every fd we create. This
> > > > seems to be generally accepted security best practice these days, and we
> > > > never fork(), so certainly have no need to pass fds to children.
> > >
> > > But we do clone() with CLONE_FILES (even though when we clone() to call
> > > execvp() later, we don't set CLONE_FILES), so, even though I don't see
> > > a reason to skip O_CLOEXEC for c->fd_tap, this conclusion shouldn't be
> > > automatic from the fact we don't fork().
> >
> > So, I did think about that when wrote it, but went for the short
> > version rather than saying clone() with CLONE_FILES doesn't count.
> >
> > Now, I realised that we've both fallen for the trap again, forgetting
> > that this has nothing to do with fork() or clone() and is, as it says
> > right there in the name, about exec().
>
> No, wait, I didn't fall for it, not this time. :) That's why I was
> mentioning that when we call clone() and execvp() later (which would be
Uh...? I'm pretty sure the only execve(2) in the entire program is
where we spawn passt.avx2. That's essentially the very first thing we
do, long before this point.
> the only path that matters), we don't set CLONE_FILES anyway.
CLONE_FILES is irrelevant, it's lost during execve(2).
--
David Gibson (he or they) | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you, not the other way
| around.
http://www.ozlabs.org/~dgibson
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2026-05-20 1:05 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-13 4:14 [PATCH 0/3] More caution with NONBLOCK flag on Unix sockets David Gibson
2026-05-13 4:14 ` [PATCH 1/3] treewide: Add SOCK_CLOEXEC to accept() calls that are missing it David Gibson
2026-05-16 15:46 ` Stefano Brivio
2026-05-18 2:28 ` David Gibson
2026-05-20 0:37 ` Stefano Brivio
2026-05-20 1:04 ` David Gibson [this message]
2026-05-20 11:36 ` Stefano Brivio
2026-05-20 12:52 ` David Gibson
2026-05-20 14:22 ` Stefano Brivio
2026-05-13 4:14 ` [PATCH 2/3] conf, tap, repair: Uniformly use non-blocking accept() on Unix sockets David Gibson
2026-05-13 5:51 ` David Gibson
2026-05-16 15:46 ` Stefano Brivio
2026-05-18 2:40 ` David Gibson
2026-05-13 4:14 ` [PATCH 3/3] conf, repair, tap: More caution about blocking flag " David Gibson
2026-05-16 15:46 ` Stefano Brivio
2026-05-18 2:50 ` David Gibson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ag0IuhseVLshYtuH@zatzit \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).