-
Notifications
You must be signed in to change notification settings - Fork 18.4k
syscall: exec_linux: switch to F_DUPFD_CLOEXEC in clobber-prevention logic #61754
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
This PR (HEAD: b026d47) has been imported to Gerrit for code review.
Please visit Gerrit at https://go-review.googlesource.com/c/go/+/515799.
Important tips:
- Don't comment on this PR. All discussion takes place in Gerrit.
- You need a Gmail or other Google account to register for Gerrit.
- To change your code in response to feedback:
- Push a new commit to the branch used by your GitHub PR.
- A new "patch set" will then appear in Gerrit.
- Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
- Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
- Multiple commits in the PR will be squashed by GerritBot.
- The title and description of the GitHub PR are used to construct the final commit message.
- Edit these as needed via the GitHub web interface (not via Gerrit or git).
- You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
- See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.
b026d47 to
bb99daf
Compare
This PR (HEAD: bb99daf) has been imported to Gerrit for code review.
Please visit Gerrit at https://go-review.googlesource.com/c/go/+/515799.
Important tips:
- Don't comment on this PR. All discussion takes place in Gerrit.
- You need a Gmail or other Google account to register for Gerrit.
- To change your code in response to feedback:
- Push a new commit to the branch used by your GitHub PR.
- A new "patch set" will then appear in Gerrit.
- Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
- Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
- Multiple commits in the PR will be squashed by GerritBot.
- The title and description of the GitHub PR are used to construct the final commit message.
- Edit these as needed via the GitHub web interface (not via Gerrit or git).
- You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
- See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.
Message from Aleksa Sarai:
Patch Set 3:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Ian Lance Taylor:
Patch Set 3:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Aleksa Sarai:
Patch Set 3:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Ian Lance Taylor:
Patch Set 3:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
bce10eb to
2f84f5d
Compare
This PR (HEAD: 2f84f5d) has been imported to Gerrit for code review.
Please visit Gerrit at https://go-review.googlesource.com/c/go/+/515799.
Important tips:
- Don't comment on this PR. All discussion takes place in Gerrit.
- You need a Gmail or other Google account to register for Gerrit.
- To change your code in response to feedback:
- Push a new commit to the branch used by your GitHub PR.
- A new "patch set" will then appear in Gerrit.
- Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
- Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
- Multiple commits in the PR will be squashed by GerritBot.
- The title and description of the GitHub PR are used to construct the final commit message.
- Edit these as needed via the GitHub web interface (not via Gerrit or git).
- You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
- See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.
Message from Aleksa Sarai:
Patch Set 4:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Ian Lance Taylor:
Patch Set 4: Run-TryBot+1
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Gopher Robot:
Patch Set 4:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Gopher Robot:
Patch Set 4:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Gopher Robot:
Patch Set 4: TryBot-Result-1
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Aleksa Sarai:
Patch Set 4:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
2f84f5d to
959cbfe
Compare
This PR (HEAD: 959cbfe) has been imported to Gerrit for code review.
Please visit Gerrit at https://go-review.googlesource.com/c/go/+/515799.
Important tips:
- Don't comment on this PR. All discussion takes place in Gerrit.
- You need a Gmail or other Google account to register for Gerrit.
- To change your code in response to feedback:
- Push a new commit to the branch used by your GitHub PR.
- A new "patch set" will then appear in Gerrit.
- Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
- Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
- Multiple commits in the PR will be squashed by GerritBot.
- The title and description of the GitHub PR are used to construct the final commit message.
- Edit these as needed via the GitHub web interface (not via Gerrit or git).
- You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
- See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.
Message from Aleksa Sarai:
Patch Set 5:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
...logic The existing clobber-prevention logic can end up clobbering random file descriptors, which can cause issues on Linux if a user wants to execute a /proc/self/fd/$n handle that isn't included in attr.Files. Similar logic already exists for the BSDs and Solaris. In addition, the F_DUPFD_CLOEXEC makes the clobber-prevention logic much simpler to follow. Closes golang#61751
959cbfe to
db4bc63
Compare
This PR (HEAD: db4bc63) has been imported to Gerrit for code review.
Please visit Gerrit at https://go-review.googlesource.com/c/go/+/515799.
Important tips:
- Don't comment on this PR. All discussion takes place in Gerrit.
- You need a Gmail or other Google account to register for Gerrit.
- To change your code in response to feedback:
- Push a new commit to the branch used by your GitHub PR.
- A new "patch set" will then appear in Gerrit.
- Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
- Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
- Multiple commits in the PR will be squashed by GerritBot.
- The title and description of the GitHub PR are used to construct the final commit message.
- Edit these as needed via the GitHub web interface (not via Gerrit or git).
- You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
- See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.
Message from Ian Lance Taylor:
Patch Set 6: Run-TryBot+1
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Gopher Robot:
Patch Set 6:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Gopher Robot:
Patch Set 6: TryBot-Result+1
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Aleksa Sarai:
Patch Set 6:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Message from Ian Lance Taylor:
Patch Set 6:
(1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/515799.
After addressing review feedback, remember to publish your drafts!
Uh oh!
There was an error while loading. Please reload this page.
The existing clobber-prevention logic can end up clobbering random file
descriptors, which can cause issues on Linux if a user wants to execute
a /proc/self/fd/$n handle that isn't included in attr.Files. Similar
logic already exists for the BSDs and Solaris.
In addition, the F_DUPFD_CLOEXEC makes the clobber-prevention logic much
simpler to follow.
Closes #61751