From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Wed, 1 Oct 2014 22:21:56 +0000 (+0100)
Subject: fds etc.: Support non-forking persistent children
X-Git-Tag: base.ipv6-polypath-fixes.v1~18
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=commitdiff_plain;h=32654a316b5925914f5e5f481971d47f9728edab;hp=32654a316b5925914f5e5f481971d47f9728edab

fds etc.: Support non-forking persistent children

Polypath is are going to want to spawn a persistent child process,
which will not exec.  This child ought not to hold onto the various
important fds.

Otherwise, if the main secnet process dies but the child does not (for
some reason), the network interfaces, udp sockets, etc., set up by the
old secnet will remain owned by the child.

Introduce a new PHASE for this purpose (currently never entered).
Provide a convenient common hook function for closing a single fd.

Add phase hooks to:
 * Close udp sockets (in the udp and polypath comm modules);
 * Close the pipes to userv-ipif (slip netlink module);
 * Close the tun device (tun netlink module);
 * Zero out data transport keys, to improve forward secrecy in case
   the subprocess leaks somehow.  (Sadly we can't conveniently find
   the asymmmetric crypto session key negotiation state to wipe it.)

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---