[lxc-devel] [lxd/master] lxd: Don't leak netlink fds
stgraber on Github
lxc-bot at linuxcontainers.org
Wed Mar 20 05:52:10 UTC 2019
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 354 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190319/de9fc20b/attachment.bin>
-------------- next part --------------
From 66bd0ebfe6d46e0ef8e1d77c15722cd9309876ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Tue, 19 Mar 2019 22:51:23 -0700
Subject: [PATCH] lxd: Don't leak netlink fds
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/devices.go | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lxd/devices.go b/lxd/devices.go
index 6f906daded..26a3ab4416 100644
--- a/lxd/devices.go
+++ b/lxd/devices.go
@@ -568,10 +568,9 @@ func deviceNetlinkListener() (chan []string, chan []string, chan usbDevice, erro
UEVENT_BUFFER_SIZE := 2048
fd, err := syscall.Socket(
- syscall.AF_NETLINK, syscall.SOCK_RAW,
+ syscall.AF_NETLINK, syscall.SOCK_RAW|syscall.SOCK_CLOEXEC,
NETLINK_KOBJECT_UEVENT,
)
-
if err != nil {
return nil, nil, nil, err
}
More information about the lxc-devel
mailing list