[lxc-devel] [lxc/master] clone_into_cgroup: fixes

brauner on Github lxc-bot at linuxcontainers.org
Mon Jun 29 13:02:22 UTC 2020 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200629/7d20c83c/attachment.bin>
-------------- next part --------------
From 84b66ced1d73e2df2ef3bec37aef82a0ff00e32a Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 29 Jun 2020 14:51:02 +0200
Subject: [PATCH 1/2] start: initialize cgroup_fd

Fixes: Coverity 1465045.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/start.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lxc/start.c b/src/lxc/start.c
index 244de39dd1..f014a8ffce 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1695,7 +1695,7 @@ static int lxc_spawn(struct lxc_handler *handler)
 			goto out_delete_net;
 		}
 	} else {
-		int cgroup_fd;
+		int cgroup_fd = -EBADF;
 
 		struct lxc_clone_args clone_args = {
 			.flags = handler->clone_flags,

From 0aff04e066c73c18fa027811acff57fa5241daa7 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 29 Jun 2020 14:52:54 +0200
Subject: [PATCH 2/2] start: use __aligned_u64

Closes: Coverity 1465044.
Closes: Coverity 1465046.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/start.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/lxc/start.h b/src/lxc/start.h
index 6852f6e22d..ba66b05535 100644
--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -3,6 +3,8 @@
 #ifndef __LXC_START_H
 #define __LXC_START_H
 
+#include <linux/sched.h>
+#include <sched.h>
 #include <signal.h>
 #include <stdbool.h>
 #include <sys/param.h>
@@ -37,7 +39,7 @@ struct lxc_handler {
 		unsigned int ns_clone_flags;
 		unsigned int ns_on_clone_flags;
 		unsigned int ns_unshare_flags;
-		unsigned int clone_flags;
+		__aligned_u64 clone_flags;
 	};
 
 	/* File descriptor to pin the rootfs for privileged containers. */

More information about the lxc-devel mailing list