all lists on lists.proxmox.com
 help / color / mirror / Atom feed
* [pbs-devel] [PATCH proxmox-backup] add missing O_CLOEXEC flags to `openat` calls
@ 2024-11-29 15:39 Dominik Csapak
  2024-12-02 13:44 ` Fabian Grünbichler
  2024-12-03 15:49 ` [pbs-devel] applied: " Thomas Lamprecht
  0 siblings, 2 replies; 3+ messages in thread
From: Dominik Csapak @ 2024-11-29 15:39 UTC (permalink / raw)
  To: pbs-devel

since we don't want to have lingering file descriptors on reload, which
does a fork/exec.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
 pbs-client/src/pxar/dir_stack.rs     | 2 +-
 pbs-datastore/src/backup_info.rs     | 2 +-
 pbs-datastore/src/snapshot_reader.rs | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/pbs-client/src/pxar/dir_stack.rs b/pbs-client/src/pxar/dir_stack.rs
index 616d7545b..6fe55f170 100644
--- a/pbs-client/src/pxar/dir_stack.rs
+++ b/pbs-client/src/pxar/dir_stack.rs
@@ -57,7 +57,7 @@ impl PxarDir {
         let dir = Dir::openat(
             parent,
             self.file_name.as_os_str(),
-            OFlag::O_DIRECTORY,
+            OFlag::O_DIRECTORY | OFlag::O_CLOEXEC,
             Mode::empty(),
         )?;
 
diff --git a/pbs-datastore/src/backup_info.rs b/pbs-datastore/src/backup_info.rs
index be262773b..1ca279aca 100644
--- a/pbs-datastore/src/backup_info.rs
+++ b/pbs-datastore/src/backup_info.rs
@@ -143,7 +143,7 @@ impl BackupGroup {
                 match openat(
                     l2_fd,
                     &manifest_path,
-                    OFlag::O_RDONLY,
+                    OFlag::O_RDONLY | OFlag::O_CLOEXEC,
                     nix::sys::stat::Mode::empty(),
                 ) {
                     Ok(rawfd) => {
diff --git a/pbs-datastore/src/snapshot_reader.rs b/pbs-datastore/src/snapshot_reader.rs
index 95e59a421..dea51cbef 100644
--- a/pbs-datastore/src/snapshot_reader.rs
+++ b/pbs-datastore/src/snapshot_reader.rs
@@ -102,7 +102,7 @@ impl SnapshotReader {
         let raw_fd = nix::fcntl::openat(
             self.locked_dir.as_raw_fd(),
             Path::new(filename),
-            nix::fcntl::OFlag::O_RDONLY,
+            nix::fcntl::OFlag::O_RDONLY | nix::fcntl::OFlag::O_CLOEXEC,
             nix::sys::stat::Mode::empty(),
         )?;
         let file = unsafe { File::from_raw_fd(raw_fd) };
-- 
2.39.5



_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [pbs-devel] [PATCH proxmox-backup] add missing O_CLOEXEC flags to `openat` calls
  2024-11-29 15:39 [pbs-devel] [PATCH proxmox-backup] add missing O_CLOEXEC flags to `openat` calls Dominik Csapak
@ 2024-12-02 13:44 ` Fabian Grünbichler
  2024-12-03 15:49 ` [pbs-devel] applied: " Thomas Lamprecht
  1 sibling, 0 replies; 3+ messages in thread
From: Fabian Grünbichler @ 2024-12-02 13:44 UTC (permalink / raw)
  To: Proxmox Backup Server development discussion

Reviewed-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

I wonder whether we want to have a helper/wrapper for this that ensures
we always set O_CLOEXEC? else it's quite easy for a new call to slip
through that is missing it.. OTOH, it would probably still be possible
to miss not using such a wrapper as well..

On November 29, 2024 4:39 pm, Dominik Csapak wrote:
> since we don't want to have lingering file descriptors on reload, which
> does a fork/exec.
> 
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
>  pbs-client/src/pxar/dir_stack.rs     | 2 +-
>  pbs-datastore/src/backup_info.rs     | 2 +-
>  pbs-datastore/src/snapshot_reader.rs | 2 +-
>  3 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/pbs-client/src/pxar/dir_stack.rs b/pbs-client/src/pxar/dir_stack.rs
> index 616d7545b..6fe55f170 100644
> --- a/pbs-client/src/pxar/dir_stack.rs
> +++ b/pbs-client/src/pxar/dir_stack.rs
> @@ -57,7 +57,7 @@ impl PxarDir {
>          let dir = Dir::openat(
>              parent,
>              self.file_name.as_os_str(),
> -            OFlag::O_DIRECTORY,
> +            OFlag::O_DIRECTORY | OFlag::O_CLOEXEC,
>              Mode::empty(),
>          )?;
>  
> diff --git a/pbs-datastore/src/backup_info.rs b/pbs-datastore/src/backup_info.rs
> index be262773b..1ca279aca 100644
> --- a/pbs-datastore/src/backup_info.rs
> +++ b/pbs-datastore/src/backup_info.rs
> @@ -143,7 +143,7 @@ impl BackupGroup {
>                  match openat(
>                      l2_fd,
>                      &manifest_path,
> -                    OFlag::O_RDONLY,
> +                    OFlag::O_RDONLY | OFlag::O_CLOEXEC,
>                      nix::sys::stat::Mode::empty(),
>                  ) {
>                      Ok(rawfd) => {
> diff --git a/pbs-datastore/src/snapshot_reader.rs b/pbs-datastore/src/snapshot_reader.rs
> index 95e59a421..dea51cbef 100644
> --- a/pbs-datastore/src/snapshot_reader.rs
> +++ b/pbs-datastore/src/snapshot_reader.rs
> @@ -102,7 +102,7 @@ impl SnapshotReader {
>          let raw_fd = nix::fcntl::openat(
>              self.locked_dir.as_raw_fd(),
>              Path::new(filename),
> -            nix::fcntl::OFlag::O_RDONLY,
> +            nix::fcntl::OFlag::O_RDONLY | nix::fcntl::OFlag::O_CLOEXEC,
>              nix::sys::stat::Mode::empty(),
>          )?;
>          let file = unsafe { File::from_raw_fd(raw_fd) };
> -- 
> 2.39.5
> 
> 
> 
> _______________________________________________
> pbs-devel mailing list
> pbs-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
> 
> 
> 


_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [pbs-devel] applied: [PATCH proxmox-backup] add missing O_CLOEXEC flags to `openat` calls
  2024-11-29 15:39 [pbs-devel] [PATCH proxmox-backup] add missing O_CLOEXEC flags to `openat` calls Dominik Csapak
  2024-12-02 13:44 ` Fabian Grünbichler
@ 2024-12-03 15:49 ` Thomas Lamprecht
  1 sibling, 0 replies; 3+ messages in thread
From: Thomas Lamprecht @ 2024-12-03 15:49 UTC (permalink / raw)
  To: Proxmox Backup Server development discussion, Dominik Csapak

Am 29.11.24 um 16:39 schrieb Dominik Csapak:
> since we don't want to have lingering file descriptors on reload, which
> does a fork/exec.
> 
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
>  pbs-client/src/pxar/dir_stack.rs     | 2 +-
>  pbs-datastore/src/backup_info.rs     | 2 +-
>  pbs-datastore/src/snapshot_reader.rs | 2 +-
>  3 files changed, 3 insertions(+), 3 deletions(-)
> 
>

applied, with Fabian's R-b and the commit message a bit expanded, thanks!


_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-12-03 15:49 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-11-29 15:39 [pbs-devel] [PATCH proxmox-backup] add missing O_CLOEXEC flags to `openat` calls Dominik Csapak
2024-12-02 13:44 ` Fabian Grünbichler
2024-12-03 15:49 ` [pbs-devel] applied: " Thomas Lamprecht

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal