]> git.proxmox.com Git - lxc.git/blobdiff - debian/patches/extra/0006-lsm-fixup-lsm_process_label_set_at-return-values.patch
projects / lxc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
bump version to 3.0.2+pve1-1
[lxc.git] / debian / patches / extra / 0006-lsm-fixup-lsm_process_label_set_at-return-values.patch
diff --git a/debian/patches/extra/0006-lsm-fixup-lsm_process_label_set_at-return-values.patch b/debian/patches/extra/0006-lsm-fixup-lsm_process_label_set_at-return-values.patch
deleted file mode 100644 (file)
index 162dfdb..0000000
--- a/debian/patches/extra/0006-lsm-fixup-lsm_process_label_set_at-return-values.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Wolfgang Bumiller <w.bumiller@proxmox.com>
-Date: Thu, 12 Jul 2018 15:16:40 +0200
-Subject: [PATCH] lsm: fixup lsm_process_label_set_at return values
-
-Always return -1 on error (some code paths returned -1, some
-returned negative error codes), don't assume 'errno' is set
-afterwards, as the function already prints errors and not
-all code paths will have a usable errno value.
-
-Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
-(cherry picked from commit c68d5b0dd63ea8226698ae3ff8a5336a60c171c3)
----
- src/lxc/lsm/apparmor.c |  2 +-
- src/lxc/lsm/lsm.c      | 12 ++++++++----
- 2 files changed, 9 insertions(+), 5 deletions(-)
-
-diff --git a/src/lxc/lsm/apparmor.c b/src/lxc/lsm/apparmor.c
-index 1507917c..95b61943 100644
---- a/src/lxc/lsm/apparmor.c
-+++ b/src/lxc/lsm/apparmor.c
-@@ -241,7 +241,7 @@ static int apparmor_process_label_set(const char *inlabel, struct lxc_conf *conf
-       ret = lsm_process_label_set_at(label_fd, label, on_exec);
-       close(label_fd);
-       if (ret < 0) {
--              SYSERROR("Failed to change apparmor profile to %s", label);
-+              ERROR("Failed to change apparmor profile to %s", label);
-               return -1;
-       }
-diff --git a/src/lxc/lsm/lsm.c b/src/lxc/lsm/lsm.c
-index f4500ae2..8d7de2db 100644
---- a/src/lxc/lsm/lsm.c
-+++ b/src/lxc/lsm/lsm.c
-@@ -142,18 +142,20 @@ int lsm_process_label_set_at(int label_fd, const char *label, bool on_exec)
-               if (on_exec) {
-                       ERROR("Changing AppArmor profile on exec not supported");
--                      return -EINVAL;
-+                      return -1;
-               }
-               len = strlen(label) + strlen("changeprofile ") + 1;
-               command = malloc(len);
-               if (!command)
--                      return -1;
-+                      goto on_error;
-               ret = snprintf(command, len, "changeprofile %s", label);
-               if (ret < 0 || (size_t)ret >= len) {
-+                      int saved_errno = errno;
-                       free(command);
--                      return -1;
-+                      errno = saved_errno;
-+                      goto on_error;
-               }
-               ret = lxc_write_nointr(label_fd, command, len - 1);
-@@ -161,9 +163,11 @@ int lsm_process_label_set_at(int label_fd, const char *label, bool on_exec)
-       } else if (strcmp(name, "SELinux") == 0) {
-               ret = lxc_write_nointr(label_fd, label, strlen(label));
-       } else {
--              ret = -EINVAL;
-+              errno = EINVAL;
-+              ret = -1;
-       }
-       if (ret < 0) {
-+on_error:
-               SYSERROR("Failed to set %s label \"%s\"", name, label);
-               return -1;
-       }
--- 
-2.11.0
-
latest lxc for pve (jessie)