[lxc-devel] [lxc/master] confile: don't accidently alter lxc.cgroup.dir

Tue Dec 15 10:59:31 UTC 2020

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 380 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20201215/5915224c/attachment-0001.bin>
-------------- next part --------------
From 667fcc0e3ca733c62fc0f68606b437225b3287d5 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 15 Dec 2020 11:54:34 +0100
Subject: [PATCH 1/2] confile: cleanup set_config_hooks()

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/confile.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index a5cb64e506..b52bd11b44 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1214,7 +1214,7 @@ static int set_config_hooks(const char *key, const char *value,
 	else if (strcmp(key + 9, "destroy") == 0)
 		return add_hook(lxc_conf, LXCHOOK_DESTROY, move_ptr(copy));
 
-	return -1;
+	return ret_errno(EINVAL);
 }
 
 static int set_config_hooks_version(const char *key, const char *value,

From c583072d67e3079f9dc4b4b78c141190cd30a6cc Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 15 Dec 2020 11:56:50 +0100
Subject: [PATCH 2/2] confile: don't accidently alter lxc.cgroup.dir

Cc: stable-4.0
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/confile.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index b52bd11b44..bcf50ad3c4 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1759,6 +1759,9 @@ static int set_config_cgroup2_controller(const char *key, const char *value,
 static int set_config_cgroup_dir(const char *key, const char *value,
 				 struct lxc_conf *lxc_conf, void *data)
 {
+	if (strcmp(key, "lxc.cgroup.dir") != 0)
+		return ret_errno(EINVAL);
+
 	if (lxc_config_value_empty(value))
 		return clr_config_cgroup_dir(key, lxc_conf, NULL);
 
@@ -3688,6 +3691,9 @@ static int get_config_cgroup_dir(const char *key, char *retv, int inlen,
 	int len;
 	int fulllen = 0;
 
+	if (strcmp(key, "lxc.cgroup.dir") != 0)
+		return ret_errno(EINVAL);
+
 	if (!retv)
 		inlen = 0;
 	else
@@ -4607,6 +4613,9 @@ static inline int clr_config_cgroup2_controller(const char *key,
 static int clr_config_cgroup_dir(const char *key, struct lxc_conf *lxc_conf,
 				 void *data)
 {
+	if (strcmp(key, "lxc.cgroup.dir") != 0)
+		return ret_errno(EINVAL);
+
 	if (lxc_conf->cgroup_meta.dir)
 		free_disarm(lxc_conf->cgroup_meta.dir);
 
