From 2e52706598baf3f6efe2233209d85e2ed2f7d1e0 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 9 Feb 2026 14:09:25 +0100 Subject: [PATCH 1/4] linux: do not use errno without failure Closes: https://github.com/containers/crun/issues/1994 Signed-off-by: Giuseppe Scrivano --- src/libcrun/linux.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libcrun/linux.c b/src/libcrun/linux.c index 3b09966292..1c27563994 100644 --- a/src/libcrun/linux.c +++ b/src/libcrun/linux.c @@ -3969,7 +3969,7 @@ expect_success_from_sync_socket (int sync_fd, libcrun_error_t *err) ret = TEMP_FAILURE_RETRY (read (sync_fd, &res, sizeof (res))); if (UNLIKELY (ret != sizeof (res))) - return crun_make_error (err, errno, "read status from sync socket"); + return crun_make_error (err, ret < 0 ? errno : 0, "read status from sync socket"); if (res == 0) return 0; @@ -5171,7 +5171,7 @@ libcrun_run_linux_container (libcrun_container_t *container, container_entrypoin ret = TEMP_FAILURE_RETRY (read (sync_socket_host, &new_pid, sizeof (new_pid))); if (UNLIKELY (ret != sizeof (new_pid))) - return crun_make_error (err, errno, "read pid from sync socket"); + return crun_make_error (err, ret < 0 ? errno : 0, "read pid from sync socket"); /* Cleanup the first process. */ ret = waitpid_ignore_stopped (pid, NULL, 0); From 1649a4d35d7b18d59ce5cf59b343656db48a3117 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 9 Feb 2026 14:12:51 +0100 Subject: [PATCH 2/4] container: do not use bogus errno Closes: https://github.com/containers/crun/issues/1991 Signed-off-by: Giuseppe Scrivano --- src/libcrun/container.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libcrun/container.c b/src/libcrun/container.c index c2f50a9b9e..01a91a9760 100644 --- a/src/libcrun/container.c +++ b/src/libcrun/container.c @@ -3968,7 +3968,7 @@ libcrun_container_exec_with_options (libcrun_context_t *context, const char *id, process = make_runtime_spec_schema_config_schema_process (tree, &ctx, &parser_err); if (UNLIKELY (process == NULL)) { - ret = crun_make_error (err, errno, "cannot parse process file: `%s`", parser_err); + ret = crun_make_error (err, 0, "cannot parse process file: `%s`", parser_err); free (parser_err); if (tree) yajl_tree_free (tree); @@ -4177,7 +4177,7 @@ libcrun_container_update (libcrun_context_t *context, const char *id, const char resources = make_runtime_spec_schema_config_linux_resources (tree, &ctx, &parser_err); if (UNLIKELY (resources == NULL)) { - ret = crun_make_error (err, errno, "cannot parse resources: %s", parser_err); + ret = crun_make_error (err, 0, "cannot parse resources: %s", parser_err); goto cleanup; } From 036132e2818744a756166a1c2b4e884a4330f81e Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 9 Feb 2026 14:22:43 +0100 Subject: [PATCH 3/4] cgroup: do not clobber errno Closes: https://github.com/containers/crun/issues/1988 Signed-off-by: Giuseppe Scrivano --- src/libcrun/cgroup-utils.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libcrun/cgroup-utils.c b/src/libcrun/cgroup-utils.c index 5256b4c714..1653ef49f7 100644 --- a/src/libcrun/cgroup-utils.c +++ b/src/libcrun/cgroup-utils.c @@ -347,7 +347,9 @@ rmdir_all_fd (int dfd) dir = fdopendir (dfd); if (dir == NULL) { + int saved_errno = errno; TEMP_FAILURE_RETRY (close (dfd)); + errno = saved_errno; return -1; } From 4db170c5ed34591fa571b40b473633d2471502f3 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 9 Feb 2026 19:13:41 +0100 Subject: [PATCH 4/4] criu: do not ignore errors with ret != -1 Closes: https://github.com/containers/crun/issues/1990 Signed-off-by: Giuseppe Scrivano --- src/libcrun/criu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libcrun/criu.c b/src/libcrun/criu.c index 9737c00fb0..bebaabaa4b 100644 --- a/src/libcrun/criu.c +++ b/src/libcrun/criu.c @@ -1217,7 +1217,7 @@ libcrun_container_restore_linux_criu (libcrun_container_status_t *status, libcru } out: ret_out = rmdir (root); - if (UNLIKELY (ret == -1)) + if (UNLIKELY (ret < 0)) return ret; if (UNLIKELY (ret_out == -1)) return crun_make_error (err, errno, "error removing restore directory `%s`", root);