[lxc-devel] [lxc/master] fixes

brauner on Github lxc-bot at linuxcontainers.org
Wed Mar 11 01:37:51 UTC 2020 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200310/ad47beb4/attachment.bin>
-------------- next part --------------
From a783a4140c263caa41fb67d23efac17d9dc6bee7 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 11 Mar 2020 01:56:44 +0100
Subject: [PATCH 1/2] start: cleanup file descriptor closing

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/start.c | 67 ++++++++++++++-----------------------------------
 1 file changed, 19 insertions(+), 48 deletions(-)

diff --git a/src/lxc/start.c b/src/lxc/start.c
index dad4ff9843..b8edcdf369 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -471,8 +471,7 @@ static int lxc_serve_state_socket_pair(const char *name,
 		return 0;
 
 	/* Close read end of the socket pair. */
-	close(handler->state_socket_pair[0]);
-	handler->state_socket_pair[0] = -1;
+	close_prot_errno_disarm(handler->state_socket_pair[0]);
 
 again:
 	ret = lxc_abstract_unix_send_credential(handler->state_socket_pair[1],
@@ -582,8 +581,7 @@ int lxc_poll(const char *name, struct lxc_handler *handler)
 	TRACE("Mainloop is ready");
 
 	ret = lxc_mainloop(&descr, -1);
-	close(descr.epfd);
-	descr.epfd = -EBADF;
+	close_prot_errno_disarm(descr.epfd);
 	if (ret < 0 || !handler->init_died)
 		goto out_mainloop_console;
 
@@ -601,9 +599,8 @@ int lxc_poll(const char *name, struct lxc_handler *handler)
 	TRACE("Closed mainloop");
 
 out_sigfd:
-	close(handler->sigfd);
 	TRACE("Closed signal file descriptor %d", handler->sigfd);
-	handler->sigfd = -EBADF;
+	close_prot_errno_disarm(handler->sigfd);
 
 	return ret;
 }
@@ -612,6 +609,8 @@ void lxc_zero_handler(struct lxc_handler *handler)
 {
 	memset(handler, 0, sizeof(struct lxc_handler));
 
+	handler->state = STOPPED;
+
 	handler->pinfd = -EBADF;
 
 	handler->pidfd = -EBADF;
@@ -633,33 +632,16 @@ void lxc_zero_handler(struct lxc_handler *handler)
 
 void lxc_free_handler(struct lxc_handler *handler)
 {
-	if (handler->pinfd >= 0)
-		close_prot_errno_disarm(handler->pinfd);
-
-	if (handler->pidfd >= 0)
-		close_prot_errno_disarm(handler->pidfd);
-
-	if (handler->sigfd >= 0)
-		close_prot_errno_disarm(handler->sigfd);
-
+	close_prot_errno_disarm(handler->pinfd);
+	close_prot_errno_disarm(handler->pidfd);
+	close_prot_errno_disarm(handler->sigfd);
 	lxc_put_nsfds(handler);
-
 	if (handler->conf && handler->conf->reboot == REBOOT_NONE)
-		if (handler->conf->maincmd_fd >= 0)
-			close_prot_errno_disarm(handler->conf->maincmd_fd);
-
-	if (handler->monitor_status_fd >= 0)
-		close_prot_errno_disarm(handler->monitor_status_fd);
-
-	if (handler->state_socket_pair[0] >= 0)
-		close_prot_errno_disarm(handler->state_socket_pair[0]);
-
-	if (handler->state_socket_pair[1] >= 0)
-		close_prot_errno_disarm(handler->state_socket_pair[1]);
-
-	if (handler->cgroup_ops)
-		cgroup_exit(handler->cgroup_ops);
-
+		close_prot_errno_disarm(handler->conf->maincmd_fd);
+	close_prot_errno_disarm(handler->monitor_status_fd);
+	close_prot_errno_disarm(handler->state_socket_pair[0]);
+	close_prot_errno_disarm(handler->state_socket_pair[1]);
+	cgroup_exit(handler->cgroup_ops);
 	handler->conf = NULL;
 	free_disarm(handler);
 }
@@ -1114,8 +1096,7 @@ static int do_start(void *data)
 	}
 
 	/* Don't leak the pinfd to the container. */
-	if (handler->pinfd >= 0)
-		close(handler->pinfd);
+	close_prot_errno_disarm(handler->pinfd);
 
 	ret = lxc_sync_wait_parent(handler, LXC_SYNC_STARTUP);
 	if (ret < 0)
@@ -1324,7 +1305,7 @@ static int do_start(void *data)
 		goto out_warn_father;
 	}
 
-	close(handler->sigfd);
+	close_prot_errno_disarm(handler->sigfd);
 
 	if (handler->conf->console.slave < 0 && handler->daemonize) {
 		if (devnull_fd < 0) {
@@ -1340,10 +1321,7 @@ static int do_start(void *data)
 		}
 	}
 
-	if (devnull_fd >= 0) {
-		close(devnull_fd);
-		devnull_fd = -1;
-	}
+	close_prot_errno_disarm(devnull_fd);
 
 	setsid();
 
@@ -1446,8 +1424,7 @@ static int do_start(void *data)
 	lxc_sync_wake_parent(handler, LXC_SYNC_ERROR);
 
 out_error:
-	if (devnull_fd >= 0)
-		close(devnull_fd);
+	close_prot_errno_disarm(devnull_fd);
 
 	return -1;
 }
@@ -1910,10 +1887,7 @@ static int lxc_spawn(struct lxc_handler *handler)
 
 out_sync_fini:
 	lxc_sync_fini(handler);
-	if (handler->pinfd >= 0) {
-		close(handler->pinfd);
-		handler->pinfd = -1;
-	}
+	close_prot_errno_disarm(handler->pinfd);
 
 	return -1;
 }
@@ -2030,10 +2004,7 @@ int __lxc_start(const char *name, struct lxc_handler *handler,
 	if (ret < 0)
 		ERROR("Failed to move physical network devices back to parent network namespace");
 
-	if (handler->pinfd >= 0) {
-		close(handler->pinfd);
-		handler->pinfd = -1;
-	}
+	close_prot_errno_disarm(handler->pinfd);
 
 	lxc_monitor_send_exit_code(name, status, handler->lxcpath);
 	lxc_error_set_and_log(handler->pid, status);

From 0fb40573e59579e049cb11c5dbb0b726d824af0c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 11 Mar 2020 02:35:51 +0100
Subject: [PATCH 2/2] af_unix: fix return value

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/af_unix.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c
index e70e0c9e22..04aef44ade 100644
--- a/src/lxc/af_unix.c
+++ b/src/lxc/af_unix.c
@@ -191,9 +191,8 @@ static int lxc_abstract_unix_recv_fds_iov(int fd, int *recvfds, int num_recvfds,
 	do {
 		ret = recvmsg(fd, &msg, 0);
 	} while (ret < 0 && errno == EINTR);
-	if (!ret)
-		return 0;
-
+	if (ret < 0 || ret == 0)
+		return ret;
 
 	/*
 	 * If SO_PASSCRED is set we will always get a ucred message.

More information about the lxc-devel mailing list