From: Daniel P. Berrange <berrange@redhat.com>
Date: Tue, 13 Aug 2013 13:58:45 +0000 (+0100)
Subject: Ensure that /dev exists in the container root filesystem
X-Git-Tag: CVE-2013-5651~17
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c13a2c282b21b129ac7a519bb8c85dcba014469b;p=thirdparty%2Flibvirt.git

Ensure that /dev exists in the container root filesystem

If booting a container with a root FS that isn't the host's
root, we must ensure that the /dev mount point exists.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---

diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 0ab4026439..8abaea0f32 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -868,7 +868,7 @@ static int lxcContainerMountProcFuse(virDomainDefPtr def ATTRIBUTE_UNUSED,
 static int lxcContainerMountFSDev(virDomainDefPtr def,
                                   const char *stateDir)
 {
-    int ret;
+    int ret = -1;
     char *path = NULL;
 
     VIR_DEBUG("Mount /dev/ stateDir=%s", stateDir);
@@ -877,14 +877,24 @@ static int lxcContainerMountFSDev(virDomainDefPtr def,
                            stateDir, def->name)) < 0)
         return ret;
 
-    VIR_DEBUG("Tring to move %s to /dev", path);
+    if (virFileMakePath("/dev") < 0) {
+        virReportSystemError(errno, "%s",
+                             _("Cannot create /dev"));
+        goto cleanup;
+    }
+
+    VIR_DEBUG("Trying to move %s to /dev", path);
 
-    if ((ret = mount(path, "/dev", NULL, MS_MOVE, NULL)) < 0) {
+    if (mount(path, "/dev", NULL, MS_MOVE, NULL) < 0) {
         virReportSystemError(errno,
                              _("Failed to mount %s on /dev"),
                              path);
+        goto cleanup;
     }
 
+    ret = 0;
+
+cleanup:
     VIR_FREE(path);
     return ret;
 }