5
0
mirror of git://git.proxmox.com/git/lxc.git synced 2025-03-16 10:50:38 +03:00

merge upstream bugfixes:

* fix some memory leaks
  * fix temp file creation
  * fix rootfs pinning with NFS
  * drop supplementary groups on attach
  * fix gid=5 mount option on /dev/pts

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
Wolfgang Bumiller 2018-05-02 10:43:05 +02:00
parent 5c8b444abd
commit 99be5c8cba
11 changed files with 456 additions and 0 deletions

View File

@ -0,0 +1,67 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Thu, 12 Apr 2018 11:12:06 +0200
Subject: [PATCH] conf: ret-try devpts mount without gid=5 on error
We should always default to mounting devpts with gid=5 but we should fallback
to mounting without gid=5. This let's us cover use-cases such as container
started with only a single mapping e.g.:
lxc.idmap = u 1000 1000 1
lxc.idmap = g 1000 1000 1
Closes #2257.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
src/lxc/conf.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index fe30800d..a604adbb 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1503,7 +1503,7 @@ static struct id_map *find_mapped_nsid_entry(struct lxc_conf *conf, unsigned id,
static int lxc_setup_devpts(struct lxc_conf *conf)
{
int ret;
- const char *default_devpts_mntopts;
+ const char *default_devpts_mntopts = "gid=5,newinstance,ptmxmode=0666,mode=0620";
char devpts_mntopts[256];
if (conf->pts <= 0) {
@@ -1512,11 +1512,6 @@ static int lxc_setup_devpts(struct lxc_conf *conf)
return 0;
}
- if (!find_mapped_nsid_entry(conf, 5, ID_TYPE_GID))
- default_devpts_mntopts = "newinstance,ptmxmode=0666,mode=0620";
- else
- default_devpts_mntopts = "newinstance,ptmxmode=0666,mode=0620,gid=5";
-
ret = snprintf(devpts_mntopts, sizeof(devpts_mntopts), "%s,max=%d",
default_devpts_mntopts, conf->pts);
if (ret < 0 || (size_t)ret >= sizeof(devpts_mntopts))
@@ -1540,11 +1535,16 @@ static int lxc_setup_devpts(struct lxc_conf *conf)
return -1;
}
- /* Mount new devpts instance. */
+ /* mount new devpts instance */
ret = mount("devpts", "/dev/pts", "devpts", MS_NOSUID | MS_NOEXEC, devpts_mntopts);
if (ret < 0) {
- SYSERROR("Failed to mount new devpts instance");
- return -1;
+ /* try mounting without gid=5 */
+ ret = mount("devpts", "/dev/pts", "devpts",
+ MS_NOSUID | MS_NOEXEC, devpts_mntopts + sizeof("gid=5"));
+ if (ret < 0) {
+ SYSERROR("Failed to mount new devpts instance");
+ return -1;
+ }
}
DEBUG("Mount new devpts instance with options \"%s\"", devpts_mntopts);
--
2.11.0

View File

@ -0,0 +1,25 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: LiFeng <lifeng68@huawei.com>
Date: Tue, 24 Apr 2018 12:53:57 -0400
Subject: [PATCH] Fix the memory leak in cgfsng_attach
Signed-off-by: LiFeng <lifeng68@huawei.com>
---
src/lxc/cgroups/cgfsng.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index b48f997f..689e4fe5 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -2549,6 +2549,7 @@ static bool cgfsng_attach(const char *name, const char *lxcpath, pid_t pid)
continue;
fullpath = build_full_cgpath_from_monitorpath(h, path, "cgroup.procs");
+ free(path);
ret = lxc_write_to_file(fullpath, pidstr, len, false);
if (ret < 0) {
SYSERROR("Failed to attach %d to %s", (int)pid, fullpath);
--
2.11.0

View File

@ -0,0 +1,71 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: LiFeng <lifeng68@huawei.com>
Date: Tue, 24 Apr 2018 15:10:15 -0400
Subject: [PATCH] Fix memory leak in list_active_containers
Signed-off-by: LiFeng <lifeng68@huawei.com>
---
src/lxc/lxccontainer.c | 25 +++++++++++++++++++++----
1 file changed, 21 insertions(+), 4 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 6d41b6cf..6a58d81c 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -4973,32 +4973,49 @@ int list_active_containers(const char *lxcpath, char ***nret,
char *recvpath = lxc_cmd_get_lxcpath(p);
if (!recvpath)
continue;
- if (strncmp(lxcpath, recvpath, lxcpath_len) != 0)
+ if (strncmp(lxcpath, recvpath, lxcpath_len) != 0) {
+ free(recvpath);
continue;
+ }
+ free(recvpath);
p = lxc_cmd_get_name(p);
if (!p)
continue;
}
- if (array_contains(&ct_name, p, ct_name_cnt))
+ if (array_contains(&ct_name, p, ct_name_cnt)) {
+ if (is_hashed)
+ free(p);
continue;
+ }
- if (!add_to_array(&ct_name, p, ct_name_cnt))
+ if (!add_to_array(&ct_name, p, ct_name_cnt)) {
+ if (is_hashed)
+ free(p);
goto free_cret_list;
+ }
ct_name_cnt++;
- if (!cret)
+ if (!cret) {
+ if (is_hashed)
+ free(p);
continue;
+ }
c = lxc_container_new(p, lxcpath);
if (!c) {
INFO("Container %s:%s is running but could not be loaded",
lxcpath, p);
remove_from_array(&ct_name, p, ct_name_cnt--);
+ if (is_hashed)
+ free(p);
continue;
}
+ if (is_hashed)
+ free(p);
+
/*
* If this is an anonymous container, then is_defined *can*
* return false. So we don't do that check. Count on the
--
2.11.0

View File

@ -0,0 +1,58 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jonathan Calmels <jcalmels@nvidia.com>
Date: Mon, 16 Apr 2018 12:30:33 -0700
Subject: [PATCH] pam-cgfs: ignore the system umask when creating the cgroup
hierarchy
Fixes: #2277
Signed-off-by: Jonathan Calmels <jcalmels@nvidia.com>
---
src/lxc/pam/pam_cgfs.c | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/src/lxc/pam/pam_cgfs.c b/src/lxc/pam/pam_cgfs.c
index 3df8daef..5c272b0e 100644
--- a/src/lxc/pam/pam_cgfs.c
+++ b/src/lxc/pam/pam_cgfs.c
@@ -223,6 +223,20 @@ static bool cgv2_prune_empty_cgroups(const char *user);
static bool cgv2_remove(const char *cgroup);
static bool is_cgv2(char *line);
+static int do_mkdir(const char *path, mode_t mode)
+{
+ int saved_errno;
+ mode_t mask;
+ int r;
+
+ mask = umask(0);
+ r = mkdir(path, mode);
+ saved_errno = errno;
+ umask(mask);
+ errno = saved_errno;
+ return (r);
+}
+
/* Create directory and (if necessary) its parents. */
static bool mkdir_parent(const char *root, char *path)
{
@@ -252,7 +266,7 @@ static bool mkdir_parent(const char *root, char *path)
if (file_exists(path))
goto next;
- if (mkdir(path, 0755) < 0) {
+ if (do_mkdir(path, 0755) < 0) {
pam_cgfs_debug("Failed to create %s: %s.\n", path, strerror(errno));
return false;
}
@@ -1963,7 +1977,7 @@ static bool cgv1_handle_cpuset_hierarchy(struct cgv1_hierarchy *h,
cgpath = must_make_path(h->mountpoint, h->base_cgroup, cgroup, NULL);
if (slash)
*slash = '/';
- if (mkdir(cgpath, 0755) < 0 && errno != EEXIST) {
+ if (do_mkdir(cgpath, 0755) < 0 && errno != EEXIST) {
pam_cgfs_debug("Failed to create '%s'", cgpath);
free(cgpath);
return false;
--
2.11.0

View File

@ -0,0 +1,36 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Mon, 9 Apr 2018 18:01:38 +0200
Subject: [PATCH] attach: always drop supplementary groups
Closes #1704.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
src/lxc/attach.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 9a8a836d..3b715272 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -870,12 +870,12 @@ static int attach_child_main(struct attach_clone_payload *payload)
ret = lxc_switch_uid_gid(new_uid, new_gid);
if (ret < 0)
goto on_error;
-
- ret = lxc_setgroups(0, NULL);
- if (ret < 0)
- goto on_error;
}
+ ret = lxc_setgroups(0, NULL);
+ if (ret < 0)
+ goto on_error;
+
if ((init_ctx->container && init_ctx->container->lxc_conf &&
init_ctx->container->lxc_conf->no_new_privs) ||
(options->attach_flags & LXC_ATTACH_NO_NEW_PRIVS)) {
--
2.11.0

View File

@ -0,0 +1,32 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: C0deAi <benjamin.bales@assrc.us>
Date: Fri, 6 Apr 2018 12:46:53 -0400
Subject: [PATCH] storage/rsync: free memory on error
Closes #2262.
Signed-off-by: C0deAi <techsupport@mycode.ai>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
src/lxc/storage/rsync.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/lxc/storage/rsync.c b/src/lxc/storage/rsync.c
index c3080a56..83871ae8 100644
--- a/src/lxc/storage/rsync.c
+++ b/src/lxc/storage/rsync.c
@@ -73,8 +73,10 @@ int lxc_rsync_exec(const char *src, const char *dest)
return -1;
ret = snprintf(s, l, "%s", src);
- if (ret < 0 || (size_t)ret >= l)
+ if (ret < 0 || (size_t)ret >= l) {
+ free(s);
return -1;
+ }
s[l - 2] = '/';
s[l - 1] = '\0';
--
2.11.0

View File

@ -0,0 +1,33 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: C0deAi <benjamin.bales@assrc.us>
Date: Fri, 6 Apr 2018 12:56:50 -0400
Subject: [PATCH] tools/utils: free memory on error
Closes #2262.
Signed-off-by: C0deAi <techsupport@mycode.ai>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
src/lxc/tools/tool_utils.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lxc/tools/tool_utils.c b/src/lxc/tools/tool_utils.c
index ca325456..71e5036b 100644
--- a/src/lxc/tools/tool_utils.c
+++ b/src/lxc/tools/tool_utils.c
@@ -794,8 +794,11 @@ int lxc_config_define_add(struct lxc_list *defines, char *arg)
return -1;
dent->elem = parse_line(arg);
- if (!dent->elem)
+ if (!dent->elem) {
+ free(dent);
return -1;
+ }
+
lxc_list_add_tail(defines, dent);
return 0;
}
--
2.11.0

View File

@ -0,0 +1,54 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tycho Andersen <tycho@tycho.ws>
Date: Wed, 4 Apr 2018 17:45:29 -0600
Subject: [PATCH] fix signal sending in lxc.init
The problem here is that these two clauses were ordered backwards: we first
check if the signal came from not the init pid, and if it did, then we give
a notice and return. The comment notes that this is intended to protect
against SIGCHLD, but we don't in fact know if the signal is a SIGCHLD yet,
because that's tested in the next hunk.
The symptom is that if I e.g. send SIGTERM from the outside world to the
container init, it ignores it and gives this notice. If we re-order these
clauses, it forwards non SIGCHLD signals, and ignores SIGCHLD signals from
things that aren't the real container process.
Signed-off-by: Tycho Andersen <tycho@tycho.ws>
---
src/lxc/start.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index ae13aae9..1982270e 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -380,6 +380,12 @@ static int signal_handler(int fd, uint32_t events, void *data,
return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
}
+ if (siginfo.ssi_signo != SIGCHLD) {
+ kill(hdlr->pid, siginfo.ssi_signo);
+ INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid);
+ return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
+ }
+
/* More robustness, protect ourself from a SIGCHLD sent
* by a process different from the container init.
*/
@@ -389,12 +395,6 @@ static int signal_handler(int fd, uint32_t events, void *data,
return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
}
- if (siginfo.ssi_signo != SIGCHLD) {
- kill(hdlr->pid, siginfo.ssi_signo);
- INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid);
- return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
- }
-
if (siginfo.ssi_code == CLD_STOPPED) {
INFO("Container init process was stopped");
return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
--
2.11.0

View File

@ -0,0 +1,35 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Fri, 6 Apr 2018 10:54:02 +0200
Subject: [PATCH] conf: fix temporary file creation
lxc_make_tmpfile() uses mkstemp() internally, and thus expects the
template to contain 'XXXXXX' and be writable.
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
src/lxc/conf.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index a604adbb..c1193675 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2277,9 +2277,12 @@ FILE *make_anonymous_mount_file(struct lxc_list *mount)
fd = memfd_create(".lxc_mount_file", MFD_CLOEXEC);
if (fd < 0) {
+ char template[] = P_tmpdir "/.lxc_mount_file_XXXXXX";
+
if (errno != ENOSYS)
return NULL;
- fd = lxc_make_tmpfile((char *){P_tmpdir "/.lxc_mount_file"}, true);
+
+ fd = lxc_make_tmpfile(template, true);
if (fd < 0) {
SYSERROR("Could not create temporary mount file");
return NULL;
--
2.11.0

View File

@ -0,0 +1,35 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Fri, 6 Apr 2018 10:54:41 +0200
Subject: [PATCH] ringbuf: fix temporary file creation
lxc_make_tmpfile() uses mkstemp() internally, and thus expects the
template to contain 'XXXXXX' and be writable.
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
src/lxc/ringbuf.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/lxc/ringbuf.c b/src/lxc/ringbuf.c
index 1299fe70..7aa2e631 100644
--- a/src/lxc/ringbuf.c
+++ b/src/lxc/ringbuf.c
@@ -52,10 +52,12 @@ int lxc_ringbuf_create(struct lxc_ringbuf *buf, size_t size)
memfd = memfd_create(".lxc_ringbuf", MFD_CLOEXEC);
if (memfd < 0) {
+ char template[] = P_tmpdir "/.lxc_ringbuf_XXXXXX";
+
if (errno != ENOSYS)
goto on_error;
- memfd = lxc_make_tmpfile((char *){P_tmpdir"/.lxc_ringbuf_XXXXXX"}, true);
+ memfd = lxc_make_tmpfile(template, true);
}
if (memfd < 0)
goto on_error;
--
2.11.0

10
debian/patches/series vendored
View File

@ -6,3 +6,13 @@
0006-rename-cgroup-namespace-directory-to-ns.patch
0007-possibility-to-run-lxc-monitord-as-a-regular-daemon.patch
0008-Make-lxc-.service-forking.patch
fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch
fixes/0002-Fix-the-memory-leak-in-cgfsng_attach.patch
fixes/0003-Fix-memory-leak-in-list_active_containers.patch
fixes/0004-pam-cgfs-ignore-the-system-umask-when-creating-the-c.patch
fixes/0005-attach-always-drop-supplementary-groups.patch
fixes/0006-storage-rsync-free-memory-on-error.patch
fixes/0007-tools-utils-free-memory-on-error.patch
fixes/0008-fix-signal-sending-in-lxc.init.patch
fixes/0009-conf-fix-temporary-file-creation.patch
fixes/0010-ringbuf-fix-temporary-file-creation.patch