[lxc-devel] [lxcfs/master] fixes

Fri Jun 5 16:20:56 UTC 2020

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 365 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200605/eac6be38/attachment.bin>
-------------- next part --------------
From ea725aba233d3cabb0e778dc0bff99f23dcadf97 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Fri, 5 Jun 2020 14:53:54 +0200
Subject: [PATCH 1/3] proc_fuse: move get_reaper_busy() down

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/proc_fuse.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/proc_fuse.c b/src/proc_fuse.c
index e185b98..ac58df2 100644
--- a/src/proc_fuse.c
+++ b/src/proc_fuse.c
@@ -662,10 +662,9 @@ static int proc_uptime_read(char *buf, size_t size, off_t offset,
 {
 	struct fuse_context *fc = fuse_get_context();
 	struct file_info *d = INTTYPE_TO_PTR(fi->fh);
-	double busytime = get_reaper_busy(fc->pid);
 	char *cache = d->buf;
 	ssize_t total_len = 0;
-	double idletime, reaperage;
+	double busytime, idletime, reaperage;
 
 #if RELOADTEST
 	iwashere();
@@ -693,6 +692,7 @@ static int proc_uptime_read(char *buf, size_t size, off_t offset,
 	 * get_reaper_busy() function.
 	 */
 	idletime = reaperage;
+	busytime = get_reaper_busy(fc->pid);
 	if (reaperage >= busytime)
 		idletime = reaperage - busytime;
 

From d77180028e0cbed67a3e45ea69e6ca3888357586 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Fri, 5 Jun 2020 15:42:41 +0200
Subject: [PATCH 2/3] proc_fuse: cleanup proc_uptime_read() a little

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/proc_fuse.c | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/src/proc_fuse.c b/src/proc_fuse.c
index ac58df2..44bed24 100644
--- a/src/proc_fuse.c
+++ b/src/proc_fuse.c
@@ -663,7 +663,7 @@ static int proc_uptime_read(char *buf, size_t size, off_t offset,
 	struct fuse_context *fc = fuse_get_context();
 	struct file_info *d = INTTYPE_TO_PTR(fi->fh);
 	char *cache = d->buf;
-	ssize_t total_len = 0;
+	ssize_t total_len = 0, ret = 0;
 	double busytime, idletime, reaperage;
 
 #if RELOADTEST
@@ -673,12 +673,12 @@ static int proc_uptime_read(char *buf, size_t size, off_t offset,
 	if (offset) {
 		int left;
 
-		if (!d->cached)
-			return 0;
-
 		if (offset > d->size)
 			return -EINVAL;
 
+		if (!d->cached)
+			return 0;
+
 		left = d->size - offset;
 		total_len = left > size ? size : left;
 		memcpy(buf, cache + offset, total_len);
@@ -696,16 +696,15 @@ static int proc_uptime_read(char *buf, size_t size, off_t offset,
 	if (reaperage >= busytime)
 		idletime = reaperage - busytime;
 
-	total_len = snprintf(d->buf, d->buflen, "%.2lf %.2lf\n", reaperage, idletime);
-	if (total_len < 0 || total_len >= d->buflen)
+	ret = snprintf(d->buf, d->buflen, "%.2lf %.2lf\n", reaperage, idletime);
+	if (ret < 0 || ret >= d->buflen)
 		return read_file_fuse("/proc/uptime", buf, size, d);
+	total_len = ret;
 
-	d->size = (int)total_len;
 	d->cached = 1;
-
+	d->size = total_len;
 	if (total_len > size)
 		total_len = size;
-
 	memcpy(buf, d->buf, total_len);
 
 	return total_len;

From 802b0d2039b566feeadf50c16088185e7dc52128 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Fri, 5 Jun 2020 17:03:32 +0200
Subject: [PATCH 3/3] utils: don't leak fds in in_same_namespace()

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/utils.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/utils.c b/src/utils.c
index ef44e3a..5f1b72e 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -124,10 +124,13 @@ static int in_same_namespace(pid_t pid1, pid_t pid2, const char *ns)
 
 bool is_shared_pidns(pid_t pid)
 {
+	__do_close int fd = -EBADF;
+
 	if (pid != 1)
 		return false;
 
-	if (in_same_namespace(pid, getpid(), "pid") == -EINVAL)
+	fd = in_same_namespace(pid, getpid(), "pid");
+	if (fd == EINVAL)
 		return true;
 
 	return false;
