summaryrefslogtreecommitdiff
path: root/udev
diff options
context:
space:
mode:
authorAlan Jenkins <alan-jenkins@tuffmail.co.uk>2009-04-06 10:18:41 +0100
committerKay Sievers <kay.sievers@vrfy.org>2009-04-06 07:23:35 -0700
commit4b09a2fc4383f191d96a8d6134b95a4b84aef931 (patch)
treed1e4d4d29a4e147b296de120aa3ec5ddccd59517 /udev
parent52761bb0a99cb80ccb19c9edf23963fdad67060d (diff)
avoid leaking netlink socket fd to external programs
The netlink socket is now used by udev event processes. We should take care not to pass it to the programs they execute. This is the same way the inotify fd was handled. Signed-off-by: Alan Jenkins <alan-jenkins@tuffmail.co.uk>
Diffstat (limited to 'udev')
-rw-r--r--udev/lib/libudev-monitor.c3
-rw-r--r--udev/lib/libudev-private.h1
-rw-r--r--udev/lib/libudev-util.c12
-rw-r--r--udev/udev-watch.c13
4 files changed, 19 insertions, 10 deletions
diff --git a/udev/lib/libudev-monitor.c b/udev/lib/libudev-monitor.c
index d006596e07..a8b1a4e2e5 100644
--- a/udev/lib/libudev-monitor.c
+++ b/udev/lib/libudev-monitor.c
@@ -92,6 +92,8 @@ struct udev_monitor *udev_monitor_new_from_socket(struct udev *udev, const char
free(udev_monitor);
return NULL;
}
+ util_set_fd_cloexec(udev_monitor->sock);
+
dbg(udev, "monitor %p created with '%s'\n", udev_monitor, socket_path);
return udev_monitor;
}
@@ -125,6 +127,7 @@ struct udev_monitor *udev_monitor_new_from_netlink(struct udev *udev, const char
free(udev_monitor);
return NULL;
}
+ util_set_fd_cloexec(udev_monitor->sock);
udev_monitor->snl.nl_family = AF_NETLINK;
udev_monitor->snl.nl_groups = group;
diff --git a/udev/lib/libudev-private.h b/udev/lib/libudev-private.h
index c7b74a4218..1e47d51080 100644
--- a/udev/lib/libudev-private.h
+++ b/udev/lib/libudev-private.h
@@ -172,4 +172,5 @@ extern size_t util_strlcat(char *dst, const char *src, size_t size);
extern int udev_util_replace_whitespace(const char *str, char *to, size_t len);
extern int udev_util_replace_chars(char *str, const char *white);
extern int udev_util_encode_string(const char *str, char *str_enc, size_t len);
+extern void util_set_fd_cloexec(int fd);
#endif
diff --git a/udev/lib/libudev-util.c b/udev/lib/libudev-util.c
index 867a41d211..b628fdd44c 100644
--- a/udev/lib/libudev-util.c
+++ b/udev/lib/libudev-util.c
@@ -448,3 +448,15 @@ int udev_util_encode_string(const char *str, char *str_enc, size_t len)
err:
return -1;
}
+
+void util_set_fd_cloexec(int fd)
+{
+ int flags;
+
+ flags = fcntl(fd, F_GETFD);
+ if (flags < 0)
+ flags = FD_CLOEXEC;
+ else
+ flags |= FD_CLOEXEC;
+ fcntl(fd, F_SETFD, flags);
+}
diff --git a/udev/udev-watch.c b/udev/udev-watch.c
index e2c096af0f..d333476346 100644
--- a/udev/udev-watch.c
+++ b/udev/udev-watch.c
@@ -41,16 +41,9 @@ int inotify_fd = -1;
void udev_watch_init(struct udev *udev)
{
inotify_fd = inotify_init();
- if (inotify_fd >= 0) {
- int flags;
-
- flags = fcntl(inotify_fd, F_GETFD);
- if (flags < 0)
- flags = FD_CLOEXEC;
- else
- flags |= FD_CLOEXEC;
- fcntl(inotify_fd, F_SETFD, flags);
- } else if (errno == ENOSYS)
+ if (inotify_fd >= 0)
+ util_set_fd_cloexec(inotify_fd);
+ else if (errno == ENOSYS)
info(udev, "unable to use inotify, udevd will not monitor rule files changes\n");
else
err(udev, "inotify_init failed: %m\n");