tools: hv: Use CLOEXEC when opening kvp_pool files
Tomas Hozza [Fri, 18 Jan 2013 14:23:41 +0000 (15:23 +0100)]
Use CLOEXEC flag when opening kvp_pool_x files to prevent file
descriptor leakage. Not using it was causing a problem when
SELinux was enabled.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
Acked-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

tools/hv/hv_kvp_daemon.c

index 3840517..c800ea4 100644 (file)
@@ -151,7 +151,7 @@ static void kvp_update_file(int pool)
         */
        kvp_acquire_lock(pool);
 
-       filep = fopen(kvp_file_info[pool].fname, "w");
+       filep = fopen(kvp_file_info[pool].fname, "we");
        if (!filep) {
                kvp_release_lock(pool);
                syslog(LOG_ERR, "Failed to open file, pool: %d", pool);
@@ -182,7 +182,7 @@ static void kvp_update_mem_state(int pool)
 
        kvp_acquire_lock(pool);
 
-       filep = fopen(kvp_file_info[pool].fname, "r");
+       filep = fopen(kvp_file_info[pool].fname, "re");
        if (!filep) {
                kvp_release_lock(pool);
                syslog(LOG_ERR, "Failed to open file, pool: %d", pool);
@@ -246,13 +246,13 @@ static int kvp_file_init(void)
                records_read = 0;
                num_blocks = 1;
                sprintf(fname, "%s/.kvp_pool_%d", KVP_CONFIG_LOC, i);
-               fd = open(fname, O_RDWR | O_CREAT, 0644 /* rw-r--r-- */);
+               fd = open(fname, O_RDWR | O_CREAT | O_CLOEXEC, 0644 /* rw-r--r-- */);
 
                if (fd == -1)
                        return 1;
 
 
-               filep = fopen(fname, "r");
+               filep = fopen(fname, "re");
                if (!filep)
                        return 1;