The LXC code missed the 'usb' component out of the path
/dev/bus/usb/$BUSNUM/$DEVNUM, so it failed to actually
setup cgroups for the device. This was in fact lucky
because the call to virLXCSetupHostUsbDeviceCgroup
was also mistakenly passing '&priv->cgroup' instead of
just 'priv->cgroup'. So once the path is fixed, libvirtd
would then crash trying to access the bogus virCgroupPtr
pointer. This would have been a security issue, were it
not for the bogus path preventing the pointer reference
being reached.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/lxc/lxc_driver.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 687046e..cd48be8 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -3903,7 +3903,7 @@ lxcDomainAttachDeviceHostdevSubsysUSBLive(virLXCDriverPtr driver,
(unsigned long long)priv->initpid) < 0)
goto cleanup;
- if (virAsprintf(&dstdir, "%s/dev/bus/%03d",
+ if (virAsprintf(&dstdir, "%s/dev/bus/usb/%03d",
vroot,
def->source.subsys.u.usb.bus) < 0)
goto cleanup;
@@ -3968,7 +3968,7 @@ lxcDomainAttachDeviceHostdevSubsysUSBLive(virLXCDriverPtr driver,
if (virUSBDeviceFileIterate(usb,
virLXCSetupHostUsbDeviceCgroup,
- &priv->cgroup) < 0)
+ priv->cgroup) < 0)
goto cleanup;
ret = 0;
--
1.8.5.3