Merge pull request #3581 from brauner/2020-11-16/fixes

conf: improve mountinfo and config parsing

Merge pull request #3581 from brauner/2020-11-16/fixes
59c6b066 · Stéphane Graber · GitHub · c875dc63 · a39fc34b · 59c6b066
Unverified Commit 59c6b066 authored Nov 16, 2020 by Stéphane Graber Committed by GitHub Nov 16, 2020
Show whitespace changes
Inline Side-by-side

Showing with 40 additions and 32 deletions

conf.c src/lxc/conf.c +3 -7

file_utils.c src/lxc/file_utils.c +5 -2

file_utils.h src/lxc/file_utils.h +5 -1

parse.c src/lxc/parse.c +27 -22

No files found.
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2980,9 +2980,9 @@ void turn_into_dependent_mounts(void)
 	__do_free char *line = NULL;
 	__do_fclose FILE *f = NULL;
 	__do_close int memfd = -EBADF, mntinfo_fd = -EBADF;
-	int ret;
-	ssize_t copied;
 	size_t len = 0;
+	ssize_t copied;
+	int ret;
 	mntinfo_fd = open("/proc/self/mountinfo", O_RDONLY | O_CLOEXEC);
 	if (mntinfo_fd < 0) {
@@ -3006,12 +3006,8 @@ void turn_into_dependent_mounts(void)
 		}
 	}
-again:
+	copied = fd_to_fd(mntinfo_fd, memfd);
-	copied = lxc_sendfile_nointr(memfd, mntinfo_fd, NULL, LXC_SENDFILE_MAX);
 	if (copied < 0) {
-		if (errno == EINTR)
-			goto again;
 		SYSERROR("Failed to copy \"/proc/self/mountinfo\"");
 		return;
 	}

--- a/src/lxc/file_utils.c
+++ b/src/lxc/file_utils.c
@@ -382,8 +382,10 @@ ssize_t lxc_sendfile_nointr(int out_fd, int in_fd, off_t *offset, size_t count)
 	return ret;
 }
-int fd_to_fd(int from, int to)
+ssize_t __fd_to_fd(int from, int to)
 {
+	ssize_t total_bytes = 0;
 	for (;;) {
 		uint8_t buf[PATH_MAX];
 		uint8_t *p = buf;
@@ -407,9 +409,10 @@ int fd_to_fd(int from, int to)
 			bytes_to_write -= bytes_written;
 			p += bytes_written;
 		} while (bytes_to_write > 0);
+		total_bytes += bytes_to_write;
 	}
-	return 0;
+	return total_bytes;
 }
 int fd_to_buf(int fd, char **buf, size_t *length)

--- a/src/lxc/file_utils.h
+++ b/src/lxc/file_utils.h
@@ -68,7 +68,11 @@ __hidden extern FILE *fopen_cloexec(const char *path, const char *mode);
 __hidden extern ssize_t lxc_sendfile_nointr(int out_fd, int in_fd, off_t *offset, size_t count);
 __hidden extern char *file_to_buf(const char *path, size_t *length);
 __hidden extern int fd_to_buf(int fd, char **buf, size_t *length);
-__hidden extern int fd_to_fd(int from, int to);
+__hidden extern ssize_t __fd_to_fd(int from, int to);
+static inline int fd_to_fd(int from, int to)
+{
+	return __fd_to_fd(from, to) >= 0;
+}
 __hidden extern int lxc_open_dirfd(const char *dir);
 __hidden extern FILE *fdopen_cached(int fd, const char *mode, void **caller_freed_buffer);
 __hidden extern FILE *fopen_cached(const char *path, const char *mode, void **caller_freed_buffer);

--- a/src/lxc/parse.c
+++ b/src/lxc/parse.c
@@ -5,6 +5,7 @@
 #endif
 #include <dirent.h>
 #include <errno.h>
+#include <limits.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -50,11 +51,12 @@ int lxc_strmunmap(void *addr, size_t length)
 int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback, void *data)
 {
-	int saved_errno;
+	__do_close int fd = -EBADF, memfd = -EBADF;
-	ssize_t ret = -1, bytes_sent;
+	ssize_t ret = -1;
-	char *line;
-	int fd = -1, memfd = -1;
 	char *buf = NULL;
+	struct stat st = {};
+	ssize_t bytes;
+	char *line;
 	memfd = memfd_create(".lxc_config_file", MFD_CLOEXEC);
 	if (memfd < 0) {
@@ -65,8 +67,7 @@ int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback, void *da
 			goto on_error;
 		}
-		TRACE("Failed to create in-memory file. Falling back to "
+		TRACE("Failed to create in-memory file. Falling back to temporary file");
-		      "temporary file");
 		memfd = lxc_make_tmpfile(template, true);
 		if (memfd < 0) {
 			SYSERROR("Failed to create temporary file \"%s\"", template);
@@ -80,10 +81,21 @@ int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback, void *da
 		goto on_error;
 	}
-	/* sendfile() handles up to 2GB. No config file should be that big. */
+	ret = fstat(fd, &st);
-	bytes_sent = lxc_sendfile_nointr(memfd, fd, NULL, LXC_SENDFILE_MAX);
+	if (ret) {
-	if (bytes_sent < 0) {
+		SYSERROR("Failed to stat file \"%s\"", file);
-		SYSERROR("Failed to sendfile \"%s\"", file);
+		goto on_error;
+	}
+	if (st.st_size > INT_MAX) {
+		SYSERROR("Excessively large config file \"%s\"", file);
+		goto on_error;
+	}
+	bytes = __fd_to_fd(fd, memfd);
+	if (bytes < 0) {
+		SYSERROR("Failed to copy config file \"%s\"", file);
 		goto on_error;
 	}
@@ -92,7 +104,7 @@ int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback, void *da
 		SYSERROR("Failed to append zero byte");
 		goto on_error;
 	}
-	bytes_sent++;
+	bytes++;
 	ret = lseek(memfd, 0, SEEK_SET);
 	if (ret < 0) {
@@ -101,8 +113,7 @@ int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback, void *da
 	}
 	ret = -1;
-	buf = mmap(NULL, bytes_sent, PROT_READ | PROT_WRITE,
+	buf = mmap(NULL, bytes, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_POPULATE, memfd, 0);
-		   MAP_SHARED | MAP_POPULATE, memfd, 0);
 	if (buf == MAP_FAILED) {
 		buf = NULL;
 		SYSERROR("Failed to mmap");
@@ -117,24 +128,18 @@ int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback, void *da
 			 * error.
 			 */
 			if (ret < 0)
-				ERROR("Failed to parse config file \"%s\" at "
+				ERROR("Failed to parse config file \"%s\" at line \"%s\"",
-				      "line \"%s\"", file, line);
+				      file, line);
 			break;
 		}
 	}
 on_error:
-	saved_errno = errno;
+	if (buf && munmap(buf, bytes)) {
-	if (fd >= 0)
-		close(fd);
-	if (memfd >= 0)
-		close(memfd);
-	if (buf && munmap(buf, bytes_sent)) {
 		SYSERROR("Failed to unmap");
 		if (ret == 0)
 			ret = -1;
 	}
-	errno = saved_errno;
 	return ret;
 }