qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-25 09:37:56 -07:00
Code Releases Activity

[release-branch.go1.23] syscall: on exec failure, close pidfd

Browse Source 
For #69284
Fixes #69402

Change-Id: I6350209302778ba5e44fa03d0b9e680d2b4ec192
Reviewed-on: https://go-review.googlesource.com/c/go/+/611495
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: roger peppe <rogpeppe@gmail.com>
Reviewed-by: Tim King <taking@google.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
(cherry picked from commit 8926ca9c5e)
Reviewed-on: https://go-review.googlesource.com/c/go/+/613616
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
This commit is contained in:
Ian Lance Taylor 2024-09-06 12:19:01 -07:00 committed by Gopher Robot
parent a74951c5af
commit c8c6f9abfb
7 changed files with 92 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
src/os/pidfd_linux_test.go
View File

@ -9,6 +9,7 @@ import (
"internal/syscall/unix" "internal/syscall/unix"
"internal/testenv" "internal/testenv"
"os" "os"
"os/exec"
"syscall" "syscall"
"testing" "testing"
) )
@ -89,3 +90,62 @@ func TestStartProcessWithPidfd(t *testing.T) {
t.Errorf("SendSignal: got %v, want %v", err, syscall.ESRCH) t.Errorf("SendSignal: got %v, want %v", err, syscall.ESRCH)
} }
} }
// Issue #69284
func TestPidfdLeak(t *testing.T) {
testenv.MustHaveExec(t)
exe, err := os.Executable()
if err != nil {
t.Fatal(err)
}
// Find the next 10 descriptors.
// We need to get more than one descriptor in practice;
// the pidfd winds up not being the next descriptor.
const count = 10
want := make([]int, count)
for i := range count {
var err error
want[i], err = syscall.Open(exe, syscall.O_RDONLY, 0)
if err != nil {
t.Fatal(err)
}
}
// Close the descriptors.
for _, d := range want {
syscall.Close(d)
}
// Start a process 10 times.
for range 10 {
// For testing purposes this has to be an absolute path.
// Otherwise we will fail finding the executable
// and won't start a process at all.
cmd := exec.Command("/noSuchExecutable")
cmd.Run()
}
// Open the next 10 descriptors again.
got := make([]int, count)
for i := range count {
var err error
got[i], err = syscall.Open(exe, syscall.O_RDONLY, 0)
if err != nil {
t.Fatal(err)
}
}
// Close the descriptors
for _, d := range got {
syscall.Close(d)
}
t.Logf("got %v", got)
t.Logf("want %v", want)
// Allow some slack for runtime epoll descriptors and the like.
if got[count-1] > want[count-1]+5 {
t.Errorf("got descriptor %d, want %d", got[count-1], want[count-1])
}
}

5
src/syscall/exec_bsd.go
View File

@ -293,3 +293,8 @@ childerror:
RawSyscall(SYS_EXIT, 253, 0, 0) RawSyscall(SYS_EXIT, 253, 0, 0)
} }
} }
// forkAndExecFailureCleanup cleans up after an exec failure.
func forkAndExecFailureCleanup(attr *ProcAttr, sys *SysProcAttr) {
// Nothing to do.
}

5
src/syscall/exec_freebsd.go
View File

@ -317,3 +317,8 @@ childerror:
RawSyscall(SYS_EXIT, 253, 0, 0) RawSyscall(SYS_EXIT, 253, 0, 0)
} }
} }
// forkAndExecFailureCleanup cleans up after an exec failure.
func forkAndExecFailureCleanup(attr *ProcAttr, sys *SysProcAttr) {
// Nothing to do.
}

5
src/syscall/exec_libc.go
View File

@ -314,6 +314,11 @@ childerror:
} }
} }
// forkAndExecFailureCleanup cleans up after an exec failure.
func forkAndExecFailureCleanup(attr *ProcAttr, sys *SysProcAttr) {
// Nothing to do.
}
func ioctlPtr(fd, req uintptr, arg unsafe.Pointer) (err Errno) { func ioctlPtr(fd, req uintptr, arg unsafe.Pointer) (err Errno) {
return ioctl(fd, req, uintptr(arg)) return ioctl(fd, req, uintptr(arg))
} }

5
src/syscall/exec_libc2.go
View File

@ -289,3 +289,8 @@ childerror:
rawSyscall(abi.FuncPCABI0(libc_exit_trampoline), 253, 0, 0) rawSyscall(abi.FuncPCABI0(libc_exit_trampoline), 253, 0, 0)
} }
} }
// forkAndExecFailureCleanup cleans up after an exec failure.
func forkAndExecFailureCleanup(attr *ProcAttr, sys *SysProcAttr) {
// Nothing to do.
}

8
src/syscall/exec_linux.go
View File

@ -735,3 +735,11 @@ func writeUidGidMappings(pid int, sys *SysProcAttr) error {
return nil return nil
} }
// forkAndExecFailureCleanup cleans up after an exec failure.
func forkAndExecFailureCleanup(attr *ProcAttr, sys *SysProcAttr) {
if sys.PidFD != nil && *sys.PidFD != -1 {
Close(*sys.PidFD)
*sys.PidFD = -1
}
}

4
src/syscall/exec_unix.go
View File

@ -237,6 +237,10 @@ func forkExec(argv0 string, argv []string, attr *ProcAttr) (pid int, err error)
for err1 == EINTR { for err1 == EINTR {
_, err1 = Wait4(pid, &wstatus, 0, nil) _, err1 = Wait4(pid, &wstatus, 0, nil)
} }
// OS-specific cleanup on failure.
forkAndExecFailureCleanup(attr, sys)
return 0, err return 0, err
} }