The LXC code missed the 'usb' component out of the path /dev/bus/usb/$BUSNUM/$DEVNUM, so it failed to actually setup cgroups for the device. This was in fact lucky because the call to virLXCSetupHostUsbDeviceCgroup was also mistakenly passing '&priv->cgroup' instead of just 'priv->cgroup'. So once the path is fixed, libvirtd would then crash trying to access the bogus virCgroupPtr pointer. This would have been a security issue, were it not for the bogus path preventing the pointer reference being reached. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> --- src/lxc/lxc_driver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index 687046e..cd48be8 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -3903,7 +3903,7 @@ lxcDomainAttachDeviceHostdevSubsysUSBLive(virLXCDriverPtr driver, (unsigned long long)priv->initpid) < 0) goto cleanup; - if (virAsprintf(&dstdir, "%s/dev/bus/%03d", + if (virAsprintf(&dstdir, "%s/dev/bus/usb/%03d", vroot, def->source.subsys.u.usb.bus) < 0) goto cleanup; @@ -3968,7 +3968,7 @@ lxcDomainAttachDeviceHostdevSubsysUSBLive(virLXCDriverPtr driver, if (virUSBDeviceFileIterate(usb, virLXCSetupHostUsbDeviceCgroup, - &priv->cgroup) < 0) + priv->cgroup) < 0) goto cleanup; ret = 0; -- 1.8.5.3 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list