[lxc-devel] [lxc/master] start: ensure all file descriptors are closed during exec

Tue Apr 7 08:37:14 UTC 2020

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 428 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200407/0170aac9/attachment.bin>
-------------- next part --------------
From d31031628f75c324e430feafaff876bcc5b5b8db Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 7 Apr 2020 10:36:23 +0200
Subject: [PATCH] start: ensure all file descriptors are closed during exec

Closes https://github.com/checkpoint-restore/criu/issues/1011.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/af_unix.c |  2 +-
 src/lxc/start.c   | 11 +++++------
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c
index e17208888a..bf626a109e 100644
--- a/src/lxc/af_unix.c
+++ b/src/lxc/af_unix.c
@@ -189,7 +189,7 @@ static int lxc_abstract_unix_recv_fds_iov(int fd, int *recvfds, int num_recvfds,
 	msg.msg_iovlen = iovlen;
 
 	do {
-		ret = recvmsg(fd, &msg, 0);
+		ret = recvmsg(fd, &msg, MSG_CMSG_CLOEXEC);
 	} while (ret < 0 && errno == EINTR);
 	if (ret < 0 || ret == 0)
 		return ret;
diff --git a/src/lxc/start.c b/src/lxc/start.c
index a25bd0409b..5138fde841 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1039,14 +1039,13 @@ static int do_start(void *data)
 	struct lxc_handler *handler = data;
 	__lxc_unused __do_close int data_sock0 = handler->data_sock[0],
 					   data_sock1 = handler->data_sock[1];
-	__do_close int status_fd = -EBADF;
+	__do_close int devnull_fd = -EBADF, status_fd = -EBADF;
 	int ret;
 	uid_t new_uid;
 	gid_t new_gid;
 	struct lxc_list *iterator;
 	uid_t nsuid = 0;
 	gid_t nsgid = 0;
-	int devnull_fd = -1;
 
 	lxc_sync_fini_parent(handler);
 
@@ -1401,20 +1400,20 @@ static int do_start(void *data)
 		}
 	}
 
-	/* After this call, we are in error because this ops should not return
+	/*
+	 * After this call, we are in error because this ops should not return
 	 * as it execs.
 	 */
 	handler->ops->start(handler, handler->data);
 
 out_warn_father:
-	/* We want the parent to know something went wrong, so we return a
+	/*
+	 * We want the parent to know something went wrong, so we return a
 	 * special error code.
 	 */
 	lxc_sync_wake_parent(handler, LXC_SYNC_ERROR);
 
 out_error:
-	close_prot_errno_disarm(devnull_fd);
-
 	return -1;
 }
 
