@@ -169,6 +169,8 @@ pub(crate) fn open_tree_from_pidns(
169169 // We're in the child. At this point we know we don't have multiple threads, so we
170170 // can safely `setns`.
171171
172+ drop ( sock_parent) ;
173+
172174 // Open up the namespace of the target process as a file descriptor, and enter it.
173175 let pidlink = fs:: File :: open ( format ! ( "/proc/{}/ns/mnt" , pid. as_raw_nonzero( ) ) ) ?;
174176 rustix:: thread:: move_into_link_name_space (
@@ -210,6 +212,7 @@ pub(crate) fn open_tree_from_pidns(
210212 n => {
211213 // We're in the parent; create a pid (checking that n > 0).
212214 let pid = rustix:: process:: Pid :: from_raw ( n) . unwrap ( ) ;
215+ drop ( sock_child) ;
213216 // Receive the mount file descriptor from the child
214217 let mut cmsg_space = vec ! [ 0 ; rustix:: cmsg_space!( ScmRights ( 1 ) ) ] ;
215218 let mut cmsg_buffer = rustix:: net:: RecvAncillaryBuffer :: new ( & mut cmsg_space) ;
@@ -224,7 +227,7 @@ pub(crate) fn open_tree_from_pidns(
224227 )
225228 . context ( "recvmsg" ) ?
226229 . bytes ;
227- assert_eq ! ( nread, DUMMY_DATA . len( ) ) ;
230+ anyhow :: ensure !( nread == DUMMY_DATA . len( ) ) ;
228231 assert_eq ! ( buf, DUMMY_DATA ) ;
229232 // And extract the file descriptor
230233 let r = cmsg_buffer
@@ -236,8 +239,14 @@ pub(crate) fn open_tree_from_pidns(
236239 . flatten ( )
237240 . next ( )
238241 . ok_or_else ( || anyhow:: anyhow!( "Did not receive a file descriptor" ) ) ?;
239- rustix:: process:: waitpid ( Some ( pid) , WaitOptions :: empty ( ) ) ?;
240- Ok ( r)
242+ // SAFETY: Since we're not setting WNOHANG, this will always return Some().
243+ let st =
244+ rustix:: process:: waitpid ( Some ( pid) , WaitOptions :: empty ( ) ) ?. expect ( "Wait status" ) ;
245+ if let Some ( 0 ) = st. exit_status ( ) {
246+ Ok ( r)
247+ } else {
248+ anyhow:: bail!( "forked helper failed: {st:?}" ) ;
249+ }
241250 }
242251 }
243252}
0 commit comments