[lxc-devel] [lxc/master] fixes
brauner on Github
lxc-bot at linuxcontainers.org
Thu May 7 13:02:11 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200507/cc3750d9/attachment.bin>
-------------- next part --------------
From 50e3e83d3741e01073e5a84ac26f530824d23087 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 7 May 2020 14:54:31 +0200
Subject: [PATCH 1/3] tree-wide: this is all rather TODO than FIXME
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/attach_options.h | 2 +-
src/lxc/lsm/apparmor.c | 8 ++++----
src/lxc/lxccontainer.h | 2 +-
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/lxc/attach_options.h b/src/lxc/attach_options.h
index ec8bea1f6a..63e62d4ff0 100644
--- a/src/lxc/attach_options.h
+++ b/src/lxc/attach_options.h
@@ -26,7 +26,7 @@ enum {
/* The following are off by default: */
LXC_ATTACH_REMOUNT_PROC_SYS = 0x00010000, /*!< Remount /proc filesystem */
- LXC_ATTACH_LSM_NOW = 0x00020000, /*!< FIXME: unknown */
+ LXC_ATTACH_LSM_NOW = 0x00020000, /*!< TODO: currently unused */
/* Set PR_SET_NO_NEW_PRIVS to block execve() gainable privileges. */
LXC_ATTACH_NO_NEW_PRIVS = 0x00040000, /*!< PR_SET_NO_NEW_PRIVS */
LXC_ATTACH_TERMINAL = 0x00080000, /*!< Allocate new terminal for attached process. */
diff --git a/src/lxc/lsm/apparmor.c b/src/lxc/lsm/apparmor.c
index f251e5e7ec..4fc18eb438 100644
--- a/src/lxc/lsm/apparmor.c
+++ b/src/lxc/lsm/apparmor.c
@@ -122,7 +122,7 @@ static const char AA_PROFILE_BASE[] =
" deny /sys/kernel/debug/{,**} rwklx,\n"
"\n"
" # allow paths to be made slave, shared, private or unbindable\n"
-" # FIXME: This currently doesn't work due to the apparmor parser treating those as allowing all mounts.\n"
+" # TODO: This currently doesn't work due to the apparmor parser treating those as allowing all mounts.\n"
"# mount options=(rw,make-slave) -> **,\n"
"# mount options=(rw,make-rslave) -> **,\n"
"# mount options=(rw,make-shared) -> **,\n"
@@ -343,7 +343,7 @@ static const char AA_PROFILE_NESTING_BASE[] =
" mount /var/lib/lxd/shmounts/ -> /var/lib/lxd/shmounts/,\n"
" mount options=bind /var/lib/lxd/shmounts/** -> /var/lib/lxd/**,\n"
"\n"
-" # FIXME: There doesn't seem to be a way to ask for:\n"
+" # TODO: There doesn't seem to be a way to ask for:\n"
" # mount options=(ro,nosuid,nodev,noexec,remount,bind),\n"
" # as we always get mount to $cdir/proc/sys with those flags denied\n"
" # So allow all mounts until that is straightened out:\n"
@@ -538,7 +538,7 @@ static inline char *apparmor_namespace(const char *ctname, const char *lxcpath)
return full;
}
-/* FIXME: This is currently run only in the context of a constructor (via the
+/* TODO: This is currently run only in the context of a constructor (via the
* initial lsm_init() called due to its __attribute__((constructor)), so we
* do not have ERROR/... macros available, so there are some fprintf(stderr)s
* in there.
@@ -560,7 +560,7 @@ static bool check_apparmor_parser_version()
lxc_pclose(parserpipe);
/* We stay silent for now as this most likely means the shell
* lxc_popen executed failed to find the apparmor_parser binary.
- * See the FIXME comment above for details.
+ * See the TODO comment above for details.
*/
return false;
}
diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h
index 4577de7ff5..a9eaeb76bb 100644
--- a/src/lxc/lxccontainer.h
+++ b/src/lxc/lxccontainer.h
@@ -90,7 +90,7 @@ struct lxc_container {
* \private
* Container configuration.
*
- * \internal FIXME: do we want the whole lxc_handler?
+ * \internal TODO: do we want the whole lxc_handler?
*/
struct lxc_conf *lxc_conf;
From c89e6d5843aadc6614846f740616d061ae0f1b17 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 7 May 2020 14:56:26 +0200
Subject: [PATCH 2/3] yum: remove unused module
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
config/yum/lxc-patch.py | 1 -
1 file changed, 1 deletion(-)
diff --git a/config/yum/lxc-patch.py b/config/yum/lxc-patch.py
index d639e8425b..fd48298d6c 100644
--- a/config/yum/lxc-patch.py
+++ b/config/yum/lxc-patch.py
@@ -24,7 +24,6 @@
import os
from fnmatch import fnmatch
from yum.plugins import TYPE_INTERACTIVE
-from yum.plugins import PluginYumExit
requires_api_version = '2.0'
plugin_type = (TYPE_INTERACTIVE,)
From a201349b342bf2cc649f5e5b3e3af69fa9fdd284 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 7 May 2020 15:01:30 +0200
Subject: [PATCH 3/3] tools/lxc-ls: shutup lgtm
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/tools/lxc_ls.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/lxc/tools/lxc_ls.c b/src/lxc/tools/lxc_ls.c
index 4be8564d19..05d4bcecc8 100644
--- a/src/lxc/tools/lxc_ls.c
+++ b/src/lxc/tools/lxc_ls.c
@@ -1166,6 +1166,9 @@ static int ls_recv_str(int fd, char **buf)
if (ret != sizeof(slen))
return -1;
+ if (slen == SIZE_MAX)
+ return -1;
+
if (slen > 0) {
*buf = malloc(sizeof(char) * (slen + 1));
if (!*buf)
More information about the lxc-devel
mailing list