Page MenuHomeSolus

Update slirp4netns to 0.4.1

Authored by chax on Sep 6 2019, 11:11 AM.



Update slirp4netns to 0.4.1


  • Support specifying --netns-type
  • Support specifying --userns-path
  • Support seccomp --enable-seccomp
  • Support sandboxing --enable-sandbox
  • libslirp: Fixed Heap overflow: CVE-2019-14378
  • libslirp: Fixed use-after-free
Test Plan

built and installed, tried to setup slirp network

Terminal 1:
user@host$ unshare --user --map-root-user --net --mount
unshared@host$ echo $$ > /tmp/pid 

Terminal 2:
user@host$ slirp4netns --configure --mtu=65520 --disable-host-loopback $(cat /tmp/pid) tap0
Starting slirp
* MTU:             65520

Terminal 1:
unshared@host$ ip a
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: tap0: <BROADCAST,UP,LOWER_UP> mtu 65520 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether c2:28:0c:0e:29:06 brd ff:ff:ff:ff:ff:ff
    inet brd scope global tap0
       valid_lft forever preferred_lft forever
    inet6 fe80::c028:cff:fe0e:2906/64 scope link 
       valid_lft forever preferred_lft forever
unshared@host$ echo "nameserver" > /tmp/resolv.conf
unshared@host$ mount --bind /tmp/resolv.conf /etc/resolv.conf
unshared@host$ curl

Diff Detail

R4785 slirp4netns
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

chax created this revision.Sep 6 2019, 11:11 AM
chax requested review of this revision.Sep 6 2019, 11:11 AM
chax edited the test plan for this revision. (Show Details)Sep 6 2019, 11:14 AM
JoshStrobl requested changes to this revision.Sep 10 2019, 10:16 AM
JoshStrobl added a subscriber: JoshStrobl.

You need to provide a summarized changelog.

This revision now requires changes to proceed.Sep 10 2019, 10:16 AM
chax updated this revision to Diff 17112.Sep 10 2019, 11:36 AM
chax edited the summary of this revision. (Show Details)

Added changelog

JoshStrobl accepted this revision.Sep 10 2019, 4:00 PM

LGTM, thanks!

This revision is now accepted and ready to land.Sep 10 2019, 4:00 PM
This revision was automatically updated to reflect the committed changes.