From: Roy Marples <roy@marples.name>
Date: Sat, 18 Jul 2020 11:40:30 +0000 (+0100)
Subject: privsep: shutdown read end of the write only sockets
X-Git-Tag: v9.2.0~41
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=426565eaa7a423e1332e52fa6dd97a19e6ac0c3d;p=thirdparty%2Fdhcpcd.git

privsep: shutdown read end of the write only sockets

Clearly shows our intent and hopefully is an optimisation
within the kernel.
---

diff --git a/src/privsep-root.c b/src/privsep-root.c
index f1b40745..8c642e70 100644
--- a/src/privsep-root.c
+++ b/src/privsep-root.c
@@ -635,7 +635,7 @@ ps_root_startcb(void *arg)
 	ctx->ps_root_pid = getpid();
 	ctx->options |= DHCPCD_PRIVSEPROOT;
 
-	/* Open network sockets for sending.
+	/* Open network sockets for sending only.
 	 * This is a small bit wasteful for non sandboxed OS's
 	 * but makes life very easy for unicasting DHCPv6 in non master
 	 * mode as we no longer care about address selection. */
@@ -645,6 +645,8 @@ ps_root_startcb(void *arg)
 		    SOCK_RAW | SOCK_CXNB, IPPROTO_UDP);
 		if (ctx->udp_wfd == -1)
 			logerr("%s: dhcp_openraw", __func__);
+		else if (shutdown(ctx->udp_wfd, SHUT_RD) == -1)
+			logerr("%s: shutdown dhcp", __func__);
 	}
 #endif
 #ifdef INET6
@@ -652,6 +654,8 @@ ps_root_startcb(void *arg)
 		ctx->nd_fd = ipv6nd_open(false);
 		if (ctx->nd_fd == -1)
 			logerr("%s: ipv6nd_open", __func__);
+		else if (shutdown(ctx->nd_fd, SHUT_RD) == -1)
+			logerr("%s: shutdown nd", __func__);
 	}
 #endif
 #ifdef DHCP6
@@ -659,6 +663,8 @@ ps_root_startcb(void *arg)
 		ctx->dhcp6_wfd = dhcp6_openraw();
 		if (ctx->dhcp6_wfd == -1)
 			logerr("%s: dhcp6_openraw", __func__);
+		else if (shutdown(ctx->dhcp6_wfd, SHUT_RD) == -1)
+			logerr("%s: shutdown dhcp6", __func__);
 	}
 #endif