Skip to content

L
lxc
Switch branch/tag
  1. 15 Aug, 2017 14 commits
  3. 11 May, 2017 1 commit
  5. 09 May, 2017 4 commits
  7. 26 Apr, 2017 2 commits
  9. 17 Apr, 2017 1 commit
  11. 10 Apr, 2017 2 commits
  13. 04 Apr, 2017 4 commits
    • Merge pull request #1386 from brauner/2017-01-16/fix_CVE-2016-10124_stable-1.0 · 3196b9ac
      Stéphane Graber authored 
      stable-1.0: backport fixes for CVE-2016-10124
    • lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals · 6aae6d02
      Thomas Jarosch authored 
      Prevent an endless loop while executing lxc-attach in the background:

The kernel might fire SIGTTOU while an ioctl() in tcsetattr()
is executed. When the ioctl() is resumed and retries,
the signal handler interrupts it again.

We can't configure the TTY to stop sending
the signals in the first place since that
is a modification/write to the TTY already.

Still we clear the TOSTOP flag to prevent further signals.

Command to reproduce the hang:
----------------------------
cat > lxc_hang.sh << EOF
/usr/bin/timeout 5s /usr/bin/lxc-attach -n SOMECONTAINER -- /bin/true
EOF
sh lxc_hang.sh    # hangs
----------------------------
Signed-off-by: 's avatarThomas Jarosch <thomas.jarosch@intra2net.com>
    • CVE-2016-10124: make lxc-attach use a pty · 99e98d9a
      Christian Brauner authored 
      Previous versions of lxc-attach simply attached to the specified namespaces of
a container and ran a shell or the specified command without first allocating a
pseudo terminal. This made them vulnerable to input faking via a TIOCSTI ioctl
call after switching between userspace execution contexts with different
privilege levels. Newer versions of lxc-attach will try to allocate a pseudo
terminal master/slave pair on the host and attach any standard file descriptors
which refer to a terminal to the slave side of the pseudo terminal before
executing a shell or command. Note, that if none of the standard file
descriptors refer to a  terminal lxc-attach will not try to allocate a pseudo
terminal. Instead it will simply attach to the containers namespaces and run a
shell or the specified command.

(This is a backport of a series of patches fixing CVE-2016-10124.)
Signed-off-by: 's avatarChristian Brauner <christian.brauner@ubuntu.com>
    • CVE-2016-10124: backport new console backend · d6704216
      Christian Brauner authored 
      - Make escape sequence to exit tty optional since we want to reuse
  lxc_console_cb_tty_stdin() in lxc_attach.c.
- Export the following functions since they can be reused in other modules:
  - lxc_console_cb_tty_stdin()
  - lxc_console_cb_tty_master()
  - lxc_setup_tios(int fd, struct termios *oldtios);
  - lxc_console_winsz(int srcfd, int dstfd);
  - lxc_console_cb_sigwinch_fd(int fd, uint32_t events, void *cbdata, struct lxc_epoll_descr *descr);
  - lxc_tty_state *lxc_console_sigwinch_init(int srcfd, int dstfd);
  - lxc_console_sigwinch_fini(struct lxc_tty_state *ts);
- rewrite lxc_console_set_stdfds()
  - Make lxc_console_set_stdfds useable by other callers that do not have
    access to lxc_handler.
- Use ssh settings for ptys.
- Remove all asserts from console.{c,h}.
- Adapt start.c to changes.
Signed-off-by: 's avatarChristian Brauner <christian.brauner@ubuntu.com>
  15. 22 Mar, 2017 3 commits
  17. 20 Mar, 2017 9 commits