[lxc-devel] [lxc/master] seccomp: don't close the mainloop, simply remove the handler
brauner on Github
lxc-bot at linuxcontainers.org
Thu Aug 6 12:15:35 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200806/2f506945/attachment.bin>
-------------- next part --------------
From eb551cefedb4d6c21aae30ac7ba1b03f8e127fc9 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 6 Aug 2020 14:14:10 +0200
Subject: [PATCH] seccomp: don't close the mainloop, simply remove the handler
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/seccomp.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 011e574875..ad1f51922b 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1374,8 +1374,11 @@ int seccomp_notify_handler(int fd, uint32_t events, void *data,
char *cookie = conf->seccomp.notifier.cookie;
uint64_t req_id;
- if (events & EPOLLHUP)
- return log_trace(LXC_MAINLOOP_CLOSE, "Syscall supervisee already exited");
+ if (events & EPOLLHUP) {
+ lxc_mainloop_del_handler(descr, fd);
+ close(fd);
+ return log_trace(0, "Removing seccomp notifier fd %d", fd);
+ }
memset(req, 0, sizeof(*req));
ret = seccomp_notify_receive(fd, req);
More information about the lxc-devel
mailing list