From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202602 header.b=i0tl/pNc;
	dkim-atps=neutral
Received: from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])
	by passt.top (Postfix) with ESMTPS id 04C025A0262
	for <passt-dev@passt.top>; Wed, 20 May 2026 03:05:18 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202602; t=1779239114;
	bh=0vsS3kxnBnWaNfFPGCG7dHb+RfxT17fxEBOBvBQYHBQ=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=i0tl/pNc3amNj5zvDjEDNcPIoL0WhL2URosiQcRLRJYSbN3fY4KAUe4v+Zg+p5CCH
	 hTLrotm1fuEGgHlq9NwCUG6lgYG4+uqtq9mgjU9i9uyFO1DVp02ofKMJD/qMSv8s3o
	 ixYRxFlOs21o3pRK42totfMAU++CC5DlmKNhbmzTNDAbUsM1bhkzxhED6qONTYvDR2
	 Lxy10x487NmHT0bivm8s1vJblZL5N8Fdsu0RmugSQx5u/5PmbwUYYokjN+7N1ELTBo
	 gVBPpIjo6BoH4W56EdUZgUeDqeo0Z33UWlpz1pOO7V8I3qot0WDeUO9ZWk/kgfbgRo
	 YnSulbEQlQ16g==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4gKtcp2Hfsz58lm; Wed, 20 May 2026 11:05:14 +1000 (AEST)
Date: Wed, 20 May 2026 11:04:58 +1000
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>
Subject: Re: [PATCH 1/3] treewide: Add SOCK_CLOEXEC to accept() calls that
 are missing it
Message-ID: <ag0IuhseVLshYtuH@zatzit>
References: <20260513041423.2446716-1-david@gibson.dropbear.id.au>
 <20260513041423.2446716-2-david@gibson.dropbear.id.au>
 <20260516174610.3ee899b5@elisabeth>
 <agp5aeCaKeVq8MsH@zatzit>
 <20260520023701.42418996@elisabeth>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="X+/XPZK2mmx9iyMV"
Content-Disposition: inline
In-Reply-To: <20260520023701.42418996@elisabeth>
Message-ID-Hash: DQL7UPAHMT74ILWDXPHXXG7OVZPKPSPS
X-Message-ID-Hash: DQL7UPAHMT74ILWDXPHXXG7OVZPKPSPS
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/ag0IuhseVLshYtuH@zatzit/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/DQL7UPAHMT74ILWDXPHXXG7OVZPKPSPS/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


--X+/XPZK2mmx9iyMV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, May 20, 2026 at 02:37:02AM +0200, Stefano Brivio wrote:
> On Mon, 18 May 2026 12:28:57 +1000
> David Gibson <david@gibson.dropbear.id.au> wrote:
>=20
> > On Sat, May 16, 2026 at 05:46:11PM +0200, Stefano Brivio wrote:
> > > On Wed, 13 May 2026 14:14:21 +1000
> > > David Gibson <david@gibson.dropbear.id.au> wrote:
> > >  =20
> > > > Generally we try to set the O_CLOEXEC flag on every fd we create.  =
This
> > > > seems to be generally accepted security best practice these days, a=
nd we
> > > > never fork(), so certainly have no need to pass fds to children. =
=20
> > >=20
> > > But we do clone() with CLONE_FILES (even though when we clone() to ca=
ll
> > > execvp() later, we don't set CLONE_FILES), so, even though I don't see
> > > a reason to skip O_CLOEXEC for c->fd_tap, this conclusion shouldn't be
> > > automatic from the fact we don't fork(). =20
> >=20
> > So, I did think about that when  wrote it, but went for the short
> > version rather than saying clone() with CLONE_FILES doesn't count.
> >=20
> > Now, I realised that we've both fallen for the trap again, forgetting
> > that this has nothing to do with fork() or clone() and is, as it says
> > right there in the name, about exec().
>=20
> No, wait, I didn't fall for it, not this time. :) That's why I was
> mentioning that when we call clone() and execvp() later (which would be

Uh...?  I'm pretty sure the only execve(2) in the entire program is
where we spawn passt.avx2.  That's essentially the very first thing we
do, long before this point.

> the only path that matters), we don't set CLONE_FILES anyway.

CLONE_FILES is irrelevant, it's lost during execve(2).

--=20
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson

--X+/XPZK2mmx9iyMV
Content-Type: application/pgp-signature; name=signature.asc

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmoNCK0ACgkQzQJF27ox
2GevSBAAoFEV4/rk54YTeBEwFerMnw1nF2XZ0BX4JpCbkYNheEIyYaeNK4rHJfZJ
qey7+YysVKEbxeEiYhUnsH5FDF2712vRTPGrKIXKIUfSU7h3KN0YONFx/6v4eNWw
BwVXh3G5Bj9j6NzPVfamdY9MC65e/FzR6NqSwXXj6J8bwfBgyk/AuJXG4D2Hm18r
AhliILNseEroR80E6qoyDfZJIaDH0t62bDHDCYYb3I4dsp7hCQ3nXEz3AO9duCMf
OwxmAu6421r5N45qiWNY5utfvd1c55Rld9+MfJTtCQclnv6D7xdVNPqVVM1piXFk
6gOh1oiZqG3LuuESPUUlP2phEDa5R6KhxO9c9EWlMUMD5KaySOqfPjMqIpNsOq4B
7vSTx58RtayxOw4m2nOGq7f4V5Ja7uBZNsTyOXnwo9lc/h6NC9kXp30o4uxVJpDw
3ygtK2U1wYLn5DBTRqJ2ehJZcsl01zr+6cOKfS9VrU2Fy59Plf9in/HgN4+YU0y2
lAROgG3Z49UWO/txO/srDPwtzsb0m4y0JeT1ajH0+7SfBVFnXZ7jPW2sjIrLmnXY
kc3dFh7aSrK2LVGvNQRh01Sp/CnCICxGOKiEMSfvhG/IVtg+uMyFEE1RSP3qHNWa
pYfT0hXAiOOGnyGdriza7w5M7AWZNQkC4InML2Ka6/xw/NLqr4w=
=U+/I
-----END PGP SIGNATURE-----

--X+/XPZK2mmx9iyMV--