[libvirt] CVE-2013-6456 Re: [PATCHv2 0/7] lxc: honor mount namespaces
Eric Blake
eblake at redhat.com
Tue Dec 24 13:29:11 UTC 2013
On 12/24/2013 12:08 AM, Reco wrote:
> A relevant part of strace is (3933 is a parent, 4038 is a child from the
> fork, syscall_308 is setns):
>
> 3933 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|
> CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f90ed0aa9d0) = 4038
> 3933 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> 3933 syscall_308(0x16, 0, 0, 0xf5c, 0xf5d, …) = -1 (errno 22)
Whoops - why is the parent trying to call the same thing...
> 3933 exit_group(125) = ?
> 4038 syscall_308(0x16, 0, 0, 0, 0, …) = -1 (errno 22)
...as the child? Oh, I see. [I _did_ say I hadn't tested patches 6 and
7 as much as the first five.] Please squash in this typo fix to 6/7,
and that should clean up the problem (but I do appreciate you testing it):
diff --git i/src/util/virprocess.c w/src/util/virprocess.c
index c99b75a..e069483 100644
--- i/src/util/virprocess.c
+++ w/src/util/virprocess.c
@@ -879,7 +879,7 @@ virProcessRunInMountNamespace(pid_t pid,
goto cleanup;
}
- if ((cpid = virFork() < 0))
+ if ((cpid = virFork()) < 0)
goto cleanup;
if (cpid == 0) {
/* child */
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 604 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20131224/0026bdbd/attachment-0001.sig>
More information about the libvir-list
mailing list