Permalink
Browse files

syscall: for ForkExec on Linux, always use 32-bit setgroups system call

Fixes #17092.

Change-Id: If203d802a919e00594ddc1282782fc59a083fd63
Reviewed-on: https://go-review.googlesource.com/31458
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
  • Loading branch information...
rsc committed Oct 19, 2016
1 parent f2f8d58 commit 6c295a9a71924478a344e7b447ff3b44b1e94511
@@ -214,7 +214,7 @@ func forkAndExecInChild(argv0 *byte, argv, envv []*byte, chroot, dir *byte, attr
// and disabled setgroups, because otherwise unprivileged user namespace
// will fail with any non-empty SysProcAttr.Credential.
if !(sys.GidMappings != nil && !sys.GidMappingsEnableSetgroups && ngroups == 0) {
- _, _, err1 = RawSyscall(SYS_SETGROUPS, ngroups, groups, 0)
+ _, _, err1 = RawSyscall(_SYS_setgroups, ngroups, groups, 0)
if err1 != 0 {
goto childerror
}
@@ -10,8 +10,9 @@ package syscall
import "unsafe"
const (
- _SYS_dup = SYS_DUP2
- _SYS_getdents = SYS_GETDENTS64
+ _SYS_dup = SYS_DUP2
+ _SYS_getdents = SYS_GETDENTS64
+ _SYS_setgroups = SYS_SETGROUPS32
)
func setTimespec(sec, nsec int64) Timespec {
@@ -5,8 +5,9 @@
package syscall
const (
- _SYS_dup = SYS_DUP2
- _SYS_getdents = SYS_GETDENTS64
+ _SYS_dup = SYS_DUP2
+ _SYS_getdents = SYS_GETDENTS64
+ _SYS_setgroups = SYS_SETGROUPS
)
//sys Dup2(oldfd int, newfd int) (err error)
@@ -7,8 +7,9 @@ package syscall
import "unsafe"
const (
- _SYS_dup = SYS_DUP2
- _SYS_getdents = SYS_GETDENTS64
+ _SYS_dup = SYS_DUP2
+ _SYS_getdents = SYS_GETDENTS64
+ _SYS_setgroups = SYS_SETGROUPS32
)
func setTimespec(sec, nsec int64) Timespec {
@@ -5,8 +5,9 @@
package syscall
const (
- _SYS_dup = SYS_DUP3
- _SYS_getdents = SYS_GETDENTS64
+ _SYS_dup = SYS_DUP3
+ _SYS_getdents = SYS_GETDENTS64
+ _SYS_setgroups = SYS_SETGROUPS
)
//sys Fchown(fd int, uid int, gid int) (err error)
@@ -15,7 +15,8 @@ const (
// to support older kernels, we have to use getdents for mips64.
// Also note that struct dirent is different for these two.
// Lookup linux_dirent{,64} in kernel source code for details.
- _SYS_getdents = SYS_GETDENTS
+ _SYS_getdents = SYS_GETDENTS
+ _SYS_setgroups = SYS_SETGROUPS
)
//sys Dup2(oldfd int, newfd int) (err error)
@@ -8,8 +8,9 @@
package syscall
const (
- _SYS_dup = SYS_DUP2
- _SYS_getdents = SYS_GETDENTS64
+ _SYS_dup = SYS_DUP2
+ _SYS_getdents = SYS_GETDENTS64
+ _SYS_setgroups = SYS_SETGROUPS
)
//sys Dup2(oldfd int, newfd int) (err error)
@@ -7,8 +7,9 @@ package syscall
import "unsafe"
const (
- _SYS_dup = SYS_DUP2
- _SYS_getdents = SYS_GETDENTS64
+ _SYS_dup = SYS_DUP2
+ _SYS_getdents = SYS_GETDENTS64
+ _SYS_setgroups = SYS_SETGROUPS
)
//sys Dup2(oldfd int, newfd int) (err error)

0 comments on commit 6c295a9

Please sign in to comment.