diff options
author | Roland Dreier <roland@purestorage.com> | 2013-07-08 14:15:45 -0400 |
---|---|---|
committer | Roland Dreier <roland@purestorage.com> | 2013-07-08 14:15:45 -0400 |
commit | da183c7af8444cb2c1beedaa498a9359f19ff665 (patch) | |
tree | a7e7450e8c200fa5ad5a8d92a4da94d8c5292cef | |
parent | 80b15043e3450e730d30b71c099ab00d75a551ce (diff) |
IB/uverbs: Use get_unused_fd_flags(O_CLOEXEC) instead of get_unused_fd()
The macro get_unused_fd() is used to allocate a file descriptor with
default flags. Those default flags (0) can be "unsafe": O_CLOEXEC must
be used by default to not leak file descriptor across exec().
Replace calls to get_unused_fd() in uverbs with calls to
get_unused_fd_flags(O_CLOEXEC). Inheriting uverbs fds across exec()
cannot be used to do anything useful.
Based on a patch/suggestion from Yann Droneaud <ydroneaud@opteya.com>.
Signed-off-by: Roland Dreier <roland@purestorage.com>
-rw-r--r-- | drivers/infiniband/core/uverbs_cmd.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c index a7d00f6b3bc1..b3c07b0c9f26 100644 --- a/drivers/infiniband/core/uverbs_cmd.c +++ b/drivers/infiniband/core/uverbs_cmd.c | |||
@@ -334,7 +334,7 @@ ssize_t ib_uverbs_get_context(struct ib_uverbs_file *file, | |||
334 | 334 | ||
335 | resp.num_comp_vectors = file->device->num_comp_vectors; | 335 | resp.num_comp_vectors = file->device->num_comp_vectors; |
336 | 336 | ||
337 | ret = get_unused_fd(); | 337 | ret = get_unused_fd_flags(O_CLOEXEC); |
338 | if (ret < 0) | 338 | if (ret < 0) |
339 | goto err_free; | 339 | goto err_free; |
340 | resp.async_fd = ret; | 340 | resp.async_fd = ret; |
@@ -1184,7 +1184,7 @@ ssize_t ib_uverbs_create_comp_channel(struct ib_uverbs_file *file, | |||
1184 | if (copy_from_user(&cmd, buf, sizeof cmd)) | 1184 | if (copy_from_user(&cmd, buf, sizeof cmd)) |
1185 | return -EFAULT; | 1185 | return -EFAULT; |
1186 | 1186 | ||
1187 | ret = get_unused_fd(); | 1187 | ret = get_unused_fd_flags(O_CLOEXEC); |
1188 | if (ret < 0) | 1188 | if (ret < 0) |
1189 | return ret; | 1189 | return ret; |
1190 | resp.fd = ret; | 1190 | resp.fd = ret; |