[lxc-devel] [lxc/lxc] 8bc2b6: attach: use close_prot_errno_disarm()

Stéphane Graber noreply at github.com
Fri Mar 27 15:02:29 UTC 2020


  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: 8bc2b675f279cf201b7e5d45627c96be0a85c3c0
      https://github.com/lxc/lxc/commit/8bc2b675f279cf201b7e5d45627c96be0a85c3c0
  Author: Christian Brauner <christian.brauner at ubuntu.com>
  Date:   2020-03-27 (Fri, 27 Mar 2020)

  Changed paths:
    M src/lxc/attach.c

  Log Message:
  -----------
  attach: use close_prot_errno_disarm()

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>


  Commit: 0d113b16f0d3ad998f45e0bca188d03c6646f9cb
      https://github.com/lxc/lxc/commit/0d113b16f0d3ad998f45e0bca188d03c6646f9cb
  Author: Christian Brauner <christian.brauner at ubuntu.com>
  Date:   2020-03-27 (Fri, 27 Mar 2020)

  Changed paths:
    M src/lxc/cgroups/cgfsng.c

  Log Message:
  -----------
  cgroups: remove unused variable

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>


  Commit: ba7ca43b0be417275db7865336191681d915e97c
      https://github.com/lxc/lxc/commit/ba7ca43b0be417275db7865336191681d915e97c
  Author: Christian Brauner <christian.brauner at ubuntu.com>
  Date:   2020-03-27 (Fri, 27 Mar 2020)

  Changed paths:
    M src/lxc/cgroups/cgfsng.c

  Log Message:
  -----------
  cgroups: fix unified cgroup attach

There's a fundamental problem with futexes and setid calls and the go runtime.
POSIX requires that when one thread setids all threas must setids and it uses
futexes and signals to synchronize the state across threads. This causes
deadlocks which means we can't use the pretty solution I first implemented.
Instead we need to chown after we create the directory. I might come up with
something smarter later but for now this will do.

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>


  Commit: f7a97743a37a0e577deffbb85c5e2d78f2e421f9
      https://github.com/lxc/lxc/commit/f7a97743a37a0e577deffbb85c5e2d78f2e421f9
  Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
  Date:   2020-03-27 (Fri, 27 Mar 2020)

  Changed paths:
    M src/lxc/commands.c
    M src/lxc/seccomp.c
    M src/lxc/start.c

  Log Message:
  -----------
  fixup i/o handler return values

Particularly important for lxc_cmd_handler() handles client
input and should not be capable of canceling the main loop,
some syscall return values leaked through overlapping with
LXC_MAINLOOP_ERROR, causing unauthorized clients connecting
to the command socket to shutdown the main loop.

In turn, signal_handler() receiving unexpected
`signalfd_siginfo` struct sizes seems like a reason to bail
(since it's a kernel interface).

Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>


  Commit: c0c183b345fd00ea721a3c81e36526dc2b8041e2
      https://github.com/lxc/lxc/commit/c0c183b345fd00ea721a3c81e36526dc2b8041e2
  Author: Stéphane Graber <stgraber at ubuntu.com>
  Date:   2020-03-27 (Fri, 27 Mar 2020)

  Changed paths:
    M src/lxc/attach.c
    M src/lxc/cgroups/cgfsng.c
    M src/lxc/commands.c
    M src/lxc/seccomp.c
    M src/lxc/start.c

  Log Message:
  -----------
  Merge pull request #3331 from brauner/2020-03-27/fixes

tree-wide: fixes


Compare: https://github.com/lxc/lxc/compare/d4a5002bb727...c0c183b345fd


More information about the lxc-devel mailing list