On Thu, May 06, 2021 at 11:47:47AM -0700, James Bottomley wrote: > On Thu, 2021-05-06 at 10:33 -0700, Kees Cook wrote: > > On Thu, May 06, 2021 at 08:26:41AM -0700, James Bottomley wrote: > > > What's happening with O_CLOEXEC in this code? I don't see that > > mentioned in the cover letter either. Why is it disallowed? That > > seems a strange limitation for something trying to avoid leaking > > secrets into other processes. > > I actually thought we forced it, so I'll let Mike address this. I > think allowing it is great, so the secret memory isn't inherited by > children, but I can see use cases where a process would want its child > to inherit the secrets. We do not enforce O_CLOEXEC, but if the user explicitly requested O_CLOEXEC it would be passed to get_unused_fd_flags(). -- Sincerely yours, Mike.
