[lxc-devel] [lxc/master] cgroups/devices: use dedicated enums

[brauner on Github]

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20191201/704bd2a4/attachment.bin>
-------------- next part --------------
From 356e71c6166fe294a2e2c28e4184d674944773e7 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 2 Dec 2019 00:50:06 +0100
Subject: [PATCH] cgroups/devices: use dedicated enums

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/cgroups/cgroup2_devices.c | 3 ++-
 src/lxc/conf.h                    | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/lxc/cgroups/cgroup2_devices.c b/src/lxc/cgroups/cgroup2_devices.c
index 72511ba711..aa6eff884c 100644
--- a/src/lxc/cgroups/cgroup2_devices.c
+++ b/src/lxc/cgroups/cgroup2_devices.c
@@ -447,7 +447,8 @@ int bpf_list_add_device(struct lxc_conf *conf, struct device_item *device)
 	lxc_list_for_each(it, &conf->devices) {
 		struct device_item *cur = it->elem;
 
-		if (cur->global_rule != -1 && device->global_rule != -1) {
+		if (cur->global_rule > LXC_BPF_DEVICE_CGROUP_LOCAL_RULE &&
+		    device->global_rule > LXC_BPF_DEVICE_CGROUP_LOCAL_RULE) {
 			TRACE("Switched from %s to %s",
 			      cur->global_rule == LXC_BPF_DEVICE_CGROUP_WHITELIST
 				  ? "whitelist"
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index cfd7456160..eb5023acd0 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -231,9 +231,9 @@ struct lxc_state_client {
 };
 
 enum {
+	LXC_BPF_DEVICE_CGROUP_LOCAL_RULE = -1,
 	LXC_BPF_DEVICE_CGROUP_WHITELIST  =  0,
 	LXC_BPF_DEVICE_CGROUP_BLACKLIST  =  1,
-	LXC_BPF_DEVICE_CGROUP_LOCAL_RULE = -1,
 };
 
 struct device_item {