aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDr. David Alan Gilbert <dgilbert@redhat.com>2020-06-29 12:54:18 +0100
committerDr. David Alan Gilbert <dgilbert@redhat.com>2020-07-03 16:23:05 +0100
commitb1288dfafbdfb64e86bf9cfa22fa0b399e44e198 (patch)
tree2982b4428733070f62392f9afe795116a78ba995
parent6651620b92bc08cde07cb500e9a43dba7bd9b2b7 (diff)
virtiofsd: Terminate capability list
capng_updatev is a varargs function that needs a -1 to terminate it, but it was missing. In practice what seems to have been happening is that it's added the capabilities we asked for, then runs into junk on the stack, so if we're unlucky it might be adding some more, but in reality it's failing - but after adding the capabilities we asked for. Fixes: a59feb483b8 ("virtiofsd: only retain file system capabilities") Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Message-Id: <20200629115420.98443-2-dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
-rw-r--r--tools/virtiofsd/passthrough_ll.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 2ce7c96085..e373e3b36e 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -2598,7 +2598,9 @@ static void setup_capabilities(void)
CAP_SETGID,
CAP_SETUID,
CAP_MKNOD,
- CAP_SETFCAP);
+ CAP_SETFCAP,
+ -1);
+
capng_apply(CAPNG_SELECT_BOTH);
cap.saved = capng_save_state();