Merge pull request #3568 from brauner/2020-10-28/fixes

src/lxc/attach.c

@@ -779,7 +779,10 @@ static int attach_child_main(struct attach_clone_payload *payload)
 
 		/* Change into our new LSM profile. */
 		on_exec = options->attach_flags & LXC_ATTACH_LSM_EXEC ? true : false;
-		lsm_label = options->lsm_label ? options->lsm_label : init_ctx->lsm_label;
+		if (options->attach_flags & LXC_ATTACH_LSM_LABEL)
+			lsm_label = options->lsm_label;
+		if (!lsm_label)
+			lsm_label = init_ctx->lsm_label;
 		ret = init_ctx->lsm_ops->process_label_set_at(init_ctx->lsm_ops, lsm_fd,
 							      lsm_label, on_exec);
 		close(lsm_fd);

src/lxc/attach_options.h

@@ -30,6 +30,7 @@ enum {
 	/* Set PR_SET_NO_NEW_PRIVS to block execve() gainable privileges. */
 	LXC_ATTACH_NO_NEW_PRIVS		 = 0x00040000, /*!< PR_SET_NO_NEW_PRIVS */
 	LXC_ATTACH_TERMINAL              = 0x00080000, /*!< Allocate new terminal for attached process. */
+	LXC_ATTACH_LSM_LABEL             = 0x00100000, /*!< Set custom LSM label specified in @lsm_label. */
 
 	/* We have 16 bits for things that are on by default and 16 bits that
 	 * are off by default, that should be sufficient to keep binary

src/lxc/commands.c

@@ -487,9 +487,12 @@ static int lxc_cmd_get_devpts_fd_callback(int fd, struct lxc_cmd_req *req,
 	};
 	int ret;
 
-	if (!handler->conf || handler->conf->devpts_fd < 0)
+	if (!handler->conf || handler->conf->devpts_fd < 0) {
 		rsp.ret = -EBADF;
-	ret = lxc_abstract_unix_send_fds(fd, &handler->conf->devpts_fd, 1, &rsp, sizeof(rsp));
+		ret = lxc_abstract_unix_send_fds(fd, NULL, 0, &rsp, sizeof(rsp));
+	} else {
+		ret = lxc_abstract_unix_send_fds(fd, &handler->conf->devpts_fd, 1, &rsp, sizeof(rsp));
+	}
 	if (ret < 0)
 		return log_error(LXC_CMD_REAP_CLIENT_FD, "Failed to send devpts fd");
 

src/lxc/conf.c

@@ -1207,7 +1207,9 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs)
 		if (ret < 0) {
 			const char *mntpt = rootfs->path ? rootfs->mount : NULL;
 			if (errno == ENOSYS) {
-				snprintf(path, sizeof(path), "%s/dev/%s", mntpt, device->name);
+				ret = snprintf(path, sizeof(path), "%s/dev/%s", mntpt, device->name);
+				if (ret < 0 || ret >= sizeof(path))
+					return log_error(-1, "Failed to create device path for %s", device->name);
 				ret = safe_mount(hostpath, path, 0, MS_BIND, NULL, rootfs->path ? rootfs->mount : NULL);
 			}
 		}

src/lxc/utils.c

@@ -1097,7 +1097,9 @@ int __safe_mount_beneath_at(int beneath_fd, const char *src, const char *dst, co
 	target_fd = openat2(beneath_fd, dst, &how, sizeof(how));
 	if (target_fd < 0)
 		return -errno;
-	snprintf(tgt_buf, sizeof(tgt_buf), "/proc/self/fd/%d", target_fd);
+	ret = snprintf(tgt_buf, sizeof(tgt_buf), "/proc/self/fd/%d", target_fd);
+	if (ret < 0 || ret >= sizeof(tgt_buf))
+		return -EIO;
 
 	if (!is_empty_string(src_buf))
 		ret = mount(src_buf, tgt_buf, fstype, flags, data);
@@ -1113,7 +1115,7 @@ int safe_mount_beneath(const char *beneath, const char *src, const char *dst, co
 	__do_close int beneath_fd = -EBADF;
 	const char *path = beneath ? beneath : "/";
 
-	beneath_fd = openat(-1, beneath, O_RDONLY | O_CLOEXEC | O_DIRECTORY | O_PATH);
+	beneath_fd = openat(-1, path, O_RDONLY | O_CLOEXEC | O_DIRECTORY | O_PATH);
 	if (beneath_fd < 0)
 		return log_error_errno(-errno, errno, "Failed to open %s", path);