meta-security/recipes-core/systemd/systemd/mount-setup.c-fix-handling-of-symlink-Smack-labellin-v228.patch

   1 From fd84be63d15fc94c1f396979c67e070c6cd7451b Mon Sep 17 00:00:00 2001
   2 From: Patrick Ohly <patrick.ohly@intel.com>
   3 Date: Mon, 21 Dec 2015 14:56:00 +0100
   4 Subject: [PATCH] mount-setup.c: fix handling of symlink Smack labelling in
   5  cgroup setup
   6
   7 The code introduced in f8c1a81c51 (= systemd 227) failed for me with:
   8   Failed to copy smack label from net_cls to /sys/fs/cgroup/net_cls: No such file or directory
   9
  10 There is no need for a symlink in this case because source and target
  11 are identical. The symlink() call is allowed to fail when the target
  12 already exists. When that happens, copying the Smack label must be
  13 skipped.
  14
  15 But the code also failed when there is a symlink, like "cpu ->
  16 cpu,cpuacct", because mac_smack_copy() got called with
  17 src="cpu,cpuacct" which fails to find the entry because the current
  18 directory is not inside /sys/fs/cgroup. The absolute path to the existing
  19 entry must be used instead.
  20
  21 Upstream-Status: Accepted [https://github.com/systemd/systemd/pull/2205]
  22
  23 Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
  24 ---
  25  src/core/mount-setup.c | 15 ++++++++++-----
  26  1 file changed, 10 insertions(+), 5 deletions(-)
  27
  28 diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
  29 index 2b8d590..d73b319 100644
  30 --- a/src/core/mount-setup.c
  31 +++ b/src/core/mount-setup.c
  32 @@ -304,13 +304,18 @@ int mount_cgroup_controllers(char ***join_controllers) {
  33                                          return log_oom();
  34
  35                                  r = symlink(options, t);
  36 -                                if (r < 0 && errno != EEXIST)
  37 -                                        return log_error_errno(errno, "Failed to create symlink %s: %m", t);
  38 +                                if (r >= 0) {
  39  #ifdef SMACK_RUN_LABEL
  40 -                                r = mac_smack_copy(t, options);
  41 -                                if (r < 0 && r != -EOPNOTSUPP)
  42 -                                        return log_error_errno(r, "Failed to copy smack label from %s to %s: %m", options, t);
  43 +                                        _cleanup_free_ char *src;
  44 +                                        src = strappend("/sys/fs/cgroup/", options);
  45 +                                        if (!src)
  46 +                                                return log_oom();
  47 +                                        r = mac_smack_copy(t, src);
  48 +                                        if (r < 0 && r != -EOPNOTSUPP)
  49 +                                                return log_error_errno(r, "Failed to copy smack label from %s to %s: %m", src, t);
  50  #endif
  51 +                                } else if (errno != EEXIST)
  52 +                                        return log_error_errno(errno, "Failed to create symlink %s: %m", t);
  53                          }
  54                  }
  55          }
  56 --
  57 2.1.4
  58