blob: 14f0ce9cd9876f0e42a1b78c29a75a102023e7f7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
From 193d42c8312cb8b189745696065b3aa5bbcc6968 Mon Sep 17 00:00:00 2001
From: Joe MacDonald <joe.macdonald@windriver.com>
Date: Tue, 15 Oct 2013 10:07:43 -0400
Subject: [PATCH 1/3] libselinux: make SOCK_CLOEXEC optional
libselinux/src/setrans_client.c checks for the existence of SOCK_CLOEXEC
before using it, however libselinux/src/avc_internal.c does not. Since
SOCK_CLOEXEC suffers the same problem as O_CLOEXEC on some older
platforms, we need to ensure we protect the references it it in the same
way.
Uptream-Status: Inappropriate
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
---
libselinux/src/avc_internal.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/avc_internal.c b/libselinux/src/avc_internal.c
index f735e73..eb0599a 100644
--- a/src/avc_internal.c
+++ b/src/avc_internal.c
@@ -60,7 +60,13 @@ int avc_netlink_open(int blocking)
int len, rc = 0;
struct sockaddr_nl addr;
- fd = socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_SELINUX);
+ fd = socket(PF_NETLINK, SOCK_RAW
+#ifdef SOCK_CLOEXEC
+ | SOCK_CLOEXEC
+#else
+#warning SOCK_CLOEXEC undefined on this platform, this may leak file descriptors
+#endif
+ , NETLINK_SELINUX);
if (fd < 0) {
rc = fd;
goto out;
--
1.7.10.4
|
