nv-tegra-mirror/linux-nvgpu
1
0
Fork 0
mirror of git://nv-tegra.nvidia.com/linux-nvgpu.git synced 2025-12-24 02:22:34 +03:00
Code Issues Packages Projects Releases Wiki Activity

gpu: nvgpu: Mark fds with O_CLOEXEC

Browse Source 
There shouldn't be an usecase that an fd, installed by nvgpu,
must be shared on exec with the new process. This doesn't only
lead to excessive number of fds in the exec process, but also
can lead to potential security issues.

This patch marks the fds with O_CLOEXEC, so that they get
closed on exec.

Bug 3583628

Change-Id: I3499b1429ac512b2c172e9e628d0a7a1417d72e3
Signed-off-by: Martin Radev <mradev@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nvgpu/+/2704350
Reviewed-by: svc-mobile-coverity <svc-mobile-coverity@nvidia.com>
Reviewed-by: svc-mobile-cert <svc-mobile-cert@nvidia.com>
Reviewed-by: Sagar Kamble <skamble@nvidia.com>
Reviewed-by: Konsta Holtta <kholtta@nvidia.com>
Reviewed-by: Alex Waterman <alexw@nvidia.com>
GVS: Gerrit_Virtual_Submit
This commit is contained in:
Martin Radev
2022-04-28 14:21:45 +03:00
committed by mobile promotions
parent c30afdce02
commit 657daaee9e
5 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
drivers/gpu/nvgpu/os/linux/ioctl_tsg.c
View File

@@ -380,7 +380,7 @@ static int gk20a_tsg_event_id_enable(struct nvgpu_tsg *tsg,
goto free_ref;
}
err = get_unused_fd_flags(O_RDWR);
err = get_unused_fd_flags(O_RDWR | O_CLOEXEC);
if (err < 0)
goto free_ref;
local_fd = err;