xserver: Branch 'master'

[GitLab Mirror]

 os/connection.c |    1 +
 1 file changed, 1 insertion(+)

New commits:
commit 5568b0f83f388a295f42d49411ced17387043794
Author: Twaik Yont <9674930+twaik at users.noreply.github.com>
Date:   Thu Apr 10 17:55:58 2025 +0300

    os: use close-on-exec for X server socket to prevent fd leaks
    
    In most typical Linux X servers (like Xvfb, Xephyr, or Xwayland), no child process outlives the server, so this issue rarely arises. However, in embedded X servers (based on Xvfb or Kdrive) or in custom Xorg modules, the server might launch a long-running command with regular fork+exec calls. If the X server crashes or exits while that command is still running (for example, it spawns a tombstone generator or any process that hangs or turns to zombie), the file descriptor associated with the abstract socket can remain open in the child process. This leads to the kernel refusing to allow another X server to bind the same socket until the child process terminates (because there is no explicit way to unlink abstract socket, unlike Unix socket). By marking the file descriptor as close-on-exec, we ensure it is automatically closed in child processes, preserving the ability of a new X server process to bind the socket immediately.
    
    Signed-off-by: Twaik Yont <9674930+twaik at users.noreply.github.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1906>

diff --git a/os/connection.c b/os/connection.c
index d0d7c10c5..92b5add2b 100644
--- a/os/connection.c
+++ b/os/connection.c
@@ -274,6 +274,7 @@ CreateWellKnownSockets(void)
         int fd = _XSERVTransGetConnectionNumber(ListenTransConns[i]);
 
         ListenTransFds[i] = fd;
+        _XSERVTransSetOption(ListenTransConns[i], TRANS_CLOSEONEXEC, 0);
         SetNotifyFd(fd, EstablishNewConnections, X_NOTIFY_READ, NULL);
 
         if (!_XSERVTransIsLocal(ListenTransConns[i]))