[lxc-devel] [lxc/master] fix userns helper error handling

[tych0 on Github]

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 540 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180209/5b5db767/attachment.bin>
-------------- next part --------------
From ee1b16bcbd6d570bbfde9d7cefd960cddedbbf6e Mon Sep 17 00:00:00 2001
From: Tycho Andersen <tycho at tycho.ws>
Date: Fri, 9 Feb 2018 13:26:31 +0000
Subject: [PATCH] fix userns helper error handling

In both of these cases if there is actually an error, we won't close the
pipe and the api call will hang. Instead, let's be sure to close the pipe
before waiting, so that it doesn't hang.

Signed-off-by: Tycho Andersen <tycho at tycho.ws>
---
 src/lxc/conf.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 1035c6fef..7d2efa209 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -4003,14 +4003,14 @@ int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data,
 	}
 
 on_error:
-	/* Wait for child to finish. */
-	if (pid > 0)
-		status = wait_for_pid(pid);
-
 	if (p[0] != -1)
 		close(p[0]);
 	close(p[1]);
 
+	/* Wait for child to finish. */
+	if (pid > 0)
+		status = wait_for_pid(pid);
+
 	if (status < 0)
 		ret = -1;
 
@@ -4178,6 +4178,10 @@ int userns_exec_full(struct lxc_conf *conf, int (*fn)(void *), void *data,
 	}
 
 on_error:
+	if (p[0] != -1)
+		close(p[0]);
+	close(p[1]);
+
 	/* Wait for child to finish. */
 	if (pid > 0)
 		ret = wait_for_pid(pid);
@@ -4189,10 +4193,6 @@ int userns_exec_full(struct lxc_conf *conf, int (*fn)(void *), void *data,
 	if (host_gid_map && (host_gid_map != container_root_gid))
 		free(host_gid_map);
 
-	if (p[0] != -1)
-		close(p[0]);
-	close(p[1]);
-
 	return ret;
 }