From: Alex Williamson <alex.williamson@redhat.com>
Date: Thu, 22 Aug 2013 16:33:41 +0000 (-0600)
Subject: vfio: Add O_CLOEXEC flag to vfio device fd
X-Git-Tag: v3.12-rc1~86^2~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5d042fbdbb2df46c9185942a0c6fe280906ba70c;p=thirdparty%2Fkernel%2Flinux.git

vfio: Add O_CLOEXEC flag to vfio device fd

Add the default O_CLOEXEC flag for device file descriptors.  This is
generally considered a safer option as it allows the user a race free
option to decide whether file descriptors are inherited across exec,
with the default avoiding file descriptor leaks.

Reported-by: Yann Droneaud <ydroneaud@opteya.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
---

diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c
index 75c16cc5921a2..1eab4ace06718 100644
--- a/drivers/vfio/vfio.c
+++ b/drivers/vfio/vfio.c
@@ -1109,7 +1109,7 @@ static int vfio_group_get_device_fd(struct vfio_group *group, char *buf)
 		 * We can't use anon_inode_getfd() because we need to modify
 		 * the f_mode flags directly to allow more than just ioctls
 		 */
-		ret = get_unused_fd_flags(0);
+		ret = get_unused_fd_flags(O_CLOEXEC);
 		if (ret < 0) {
 			device->ops->release(device->device_data);
 			break;