libcamera: Open files with O_CLOEXEC

Files opened internally in libcamera without the O_CLOEXEC file will remain open upon a call to one of the exec(3) functions. As exec() doesn't destroy local or global objects, this can lead to various side effects. Avoid this by opening file descriptors with O_CLOEXEC for all internal files. Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> Reviewed-by: Umang Jain <umang.jain@ideasonboard.com> Reviewed-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
2023-03-26 12:49:32 +03:00 · 2023-03-26 12:49:32 +03:00 · 436b38fd89
commit 436b38fd89
parent 4cd9cb4a90
4 changed files with 7 additions and 4 deletions
--- a/src/ipa/vimc/vimc.cpp
+++ b/src/ipa/vimc/vimc.cpp
@ -168,7 +168,7 @@ void IPAVimc::initTrace()
 	if (ret)
 		return;

-	ret = ::open(ipa::vimc::VimcIPAFIFOPath.c_str(), O_WRONLY);
+	ret = ::open(ipa::vimc::VimcIPAFIFOPath.c_str(), O_WRONLY | O_CLOEXEC);
 	if (ret < 0) {
 		ret = errno;
 		LOG(IPAVimc, Error) << "Failed to open vimc IPA test FIFO: "
--- a/src/libcamera/base/file.cpp
+++ b/src/libcamera/base/file.cpp
@ -163,6 +163,9 @@ bool File::exists() const
 * attempt to create the file with initial permissions set to 0666 (modified by
 * the process' umask).
 *
+ * The file is opened with the O_CLOEXEC flag, and will be closed automatically
+ * when a new binary is executed with one of the exec(3) functions.
+ *
 * The error() status is updated.
 *
 * \return True on success, false otherwise
@ -178,7 +181,7 @@ bool File::open(File::OpenMode mode)
 	if (mode & OpenModeFlag::WriteOnly)
 		flags |= O_CREAT;

-	fd_ = UniqueFD(::open(name_.c_str(), flags, 0666));
+	fd_ = UniqueFD(::open(name_.c_str(), flags | O_CLOEXEC, 0666));
 	if (!fd_.isValid()) {
 		error_ = -errno;
 		return false;
--- a/src/libcamera/media_device.cpp
+++ b/src/libcamera/media_device.cpp
@ -477,7 +477,7 @@ int MediaDevice::open()
 		return -EBUSY;
 	}

-	fd_ = UniqueFD(::open(deviceNode_.c_str(), O_RDWR));
+	fd_ = UniqueFD(::open(deviceNode_.c_str(), O_RDWR | O_CLOEXEC));
 	if (!fd_.isValid()) {
 		int ret = -errno;
 		LOG(MediaDevice, Error)
--- a/src/libcamera/pipeline/raspberrypi/dma_heaps.cpp
+++ b/src/libcamera/pipeline/raspberrypi/dma_heaps.cpp
@ -37,7 +37,7 @@ namespace RPi {
 DmaHeap::DmaHeap()
 {
 	for (const char *name : heapNames) {
-		int ret = ::open(name, O_RDWR, 0);
+		int ret = ::open(name, O_RDWR | O_CLOEXEC, 0);
 		if (ret < 0) {
 			ret = errno;
 			LOG(RPI, Debug) << "Failed to open " << name << ": "