[lxc-devel] [lxc/master] fixes
brauner on Github
lxc-bot at linuxcontainers.org
Wed Mar 11 01:37:51 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200310/ad47beb4/attachment.bin>
-------------- next part --------------
From a783a4140c263caa41fb67d23efac17d9dc6bee7 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 11 Mar 2020 01:56:44 +0100
Subject: [PATCH 1/2] start: cleanup file descriptor closing
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/start.c | 67 ++++++++++++++-----------------------------------
1 file changed, 19 insertions(+), 48 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index dad4ff9843..b8edcdf369 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -471,8 +471,7 @@ static int lxc_serve_state_socket_pair(const char *name,
return 0;
/* Close read end of the socket pair. */
- close(handler->state_socket_pair[0]);
- handler->state_socket_pair[0] = -1;
+ close_prot_errno_disarm(handler->state_socket_pair[0]);
again:
ret = lxc_abstract_unix_send_credential(handler->state_socket_pair[1],
@@ -582,8 +581,7 @@ int lxc_poll(const char *name, struct lxc_handler *handler)
TRACE("Mainloop is ready");
ret = lxc_mainloop(&descr, -1);
- close(descr.epfd);
- descr.epfd = -EBADF;
+ close_prot_errno_disarm(descr.epfd);
if (ret < 0 || !handler->init_died)
goto out_mainloop_console;
@@ -601,9 +599,8 @@ int lxc_poll(const char *name, struct lxc_handler *handler)
TRACE("Closed mainloop");
out_sigfd:
- close(handler->sigfd);
TRACE("Closed signal file descriptor %d", handler->sigfd);
- handler->sigfd = -EBADF;
+ close_prot_errno_disarm(handler->sigfd);
return ret;
}
@@ -612,6 +609,8 @@ void lxc_zero_handler(struct lxc_handler *handler)
{
memset(handler, 0, sizeof(struct lxc_handler));
+ handler->state = STOPPED;
+
handler->pinfd = -EBADF;
handler->pidfd = -EBADF;
@@ -633,33 +632,16 @@ void lxc_zero_handler(struct lxc_handler *handler)
void lxc_free_handler(struct lxc_handler *handler)
{
- if (handler->pinfd >= 0)
- close_prot_errno_disarm(handler->pinfd);
-
- if (handler->pidfd >= 0)
- close_prot_errno_disarm(handler->pidfd);
-
- if (handler->sigfd >= 0)
- close_prot_errno_disarm(handler->sigfd);
-
+ close_prot_errno_disarm(handler->pinfd);
+ close_prot_errno_disarm(handler->pidfd);
+ close_prot_errno_disarm(handler->sigfd);
lxc_put_nsfds(handler);
-
if (handler->conf && handler->conf->reboot == REBOOT_NONE)
- if (handler->conf->maincmd_fd >= 0)
- close_prot_errno_disarm(handler->conf->maincmd_fd);
-
- if (handler->monitor_status_fd >= 0)
- close_prot_errno_disarm(handler->monitor_status_fd);
-
- if (handler->state_socket_pair[0] >= 0)
- close_prot_errno_disarm(handler->state_socket_pair[0]);
-
- if (handler->state_socket_pair[1] >= 0)
- close_prot_errno_disarm(handler->state_socket_pair[1]);
-
- if (handler->cgroup_ops)
- cgroup_exit(handler->cgroup_ops);
-
+ close_prot_errno_disarm(handler->conf->maincmd_fd);
+ close_prot_errno_disarm(handler->monitor_status_fd);
+ close_prot_errno_disarm(handler->state_socket_pair[0]);
+ close_prot_errno_disarm(handler->state_socket_pair[1]);
+ cgroup_exit(handler->cgroup_ops);
handler->conf = NULL;
free_disarm(handler);
}
@@ -1114,8 +1096,7 @@ static int do_start(void *data)
}
/* Don't leak the pinfd to the container. */
- if (handler->pinfd >= 0)
- close(handler->pinfd);
+ close_prot_errno_disarm(handler->pinfd);
ret = lxc_sync_wait_parent(handler, LXC_SYNC_STARTUP);
if (ret < 0)
@@ -1324,7 +1305,7 @@ static int do_start(void *data)
goto out_warn_father;
}
- close(handler->sigfd);
+ close_prot_errno_disarm(handler->sigfd);
if (handler->conf->console.slave < 0 && handler->daemonize) {
if (devnull_fd < 0) {
@@ -1340,10 +1321,7 @@ static int do_start(void *data)
}
}
- if (devnull_fd >= 0) {
- close(devnull_fd);
- devnull_fd = -1;
- }
+ close_prot_errno_disarm(devnull_fd);
setsid();
@@ -1446,8 +1424,7 @@ static int do_start(void *data)
lxc_sync_wake_parent(handler, LXC_SYNC_ERROR);
out_error:
- if (devnull_fd >= 0)
- close(devnull_fd);
+ close_prot_errno_disarm(devnull_fd);
return -1;
}
@@ -1910,10 +1887,7 @@ static int lxc_spawn(struct lxc_handler *handler)
out_sync_fini:
lxc_sync_fini(handler);
- if (handler->pinfd >= 0) {
- close(handler->pinfd);
- handler->pinfd = -1;
- }
+ close_prot_errno_disarm(handler->pinfd);
return -1;
}
@@ -2030,10 +2004,7 @@ int __lxc_start(const char *name, struct lxc_handler *handler,
if (ret < 0)
ERROR("Failed to move physical network devices back to parent network namespace");
- if (handler->pinfd >= 0) {
- close(handler->pinfd);
- handler->pinfd = -1;
- }
+ close_prot_errno_disarm(handler->pinfd);
lxc_monitor_send_exit_code(name, status, handler->lxcpath);
lxc_error_set_and_log(handler->pid, status);
From 0fb40573e59579e049cb11c5dbb0b726d824af0c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 11 Mar 2020 02:35:51 +0100
Subject: [PATCH 2/2] af_unix: fix return value
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/af_unix.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c
index e70e0c9e22..04aef44ade 100644
--- a/src/lxc/af_unix.c
+++ b/src/lxc/af_unix.c
@@ -191,9 +191,8 @@ static int lxc_abstract_unix_recv_fds_iov(int fd, int *recvfds, int num_recvfds,
do {
ret = recvmsg(fd, &msg, 0);
} while (ret < 0 && errno == EINTR);
- if (!ret)
- return 0;
-
+ if (ret < 0 || ret == 0)
+ return ret;
/*
* If SO_PASSCRED is set we will always get a ucred message.
More information about the lxc-devel
mailing list