[lxc-devel] [lxc/master] network: fix key ordering independence

brauner on Github lxc-bot at linuxcontainers.org
Mon May 11 20:18:40 UTC 2020


A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200511/40f90e32/attachment.bin>
-------------- next part --------------
From 598b35b421a898f7b8c0b94fad32ff74595c53f3 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 11 May 2020 09:16:33 +0200
Subject: [PATCH 1/2] tools/lxc-ls: shut up lgtm more

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/tools/lxc_ls.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/lxc/tools/lxc_ls.c b/src/lxc/tools/lxc_ls.c
index 05d4bcecc8..0abcd7a633 100644
--- a/src/lxc/tools/lxc_ls.c
+++ b/src/lxc/tools/lxc_ls.c
@@ -1180,6 +1180,11 @@ static int ls_recv_str(int fd, char **buf)
 			return -1;
 		}
 
+		if (slen == SIZE_MAX) {
+			free(*buf);
+			return -1;
+		}
+
 		(*buf)[slen] = '\0';
 	}
 

From 756cadb6ab07a6043960bf0db6c39742fb10f118 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 11 May 2020 22:16:59 +0200
Subject: [PATCH 2/2] confile: fix order independence of network keys

We need to make sure we don't overwrite values when they have already been set.

Closes: #3405.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/confile.c       | 12 ++++++++----
 src/lxc/confile_utils.c | 12 ++++++++++++
 src/lxc/confile_utils.h |  1 +
 3 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 3d7d9be50a..13ebdd059a 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -306,14 +306,18 @@ static int set_config_net_type(const char *key, const char *value,
 		netdev->type = LXC_NET_VETH;
 		lxc_list_init(&netdev->priv.veth_attr.ipv4_routes);
 		lxc_list_init(&netdev->priv.veth_attr.ipv6_routes);
-		lxc_veth_mode_to_flag(&netdev->priv.veth_attr.mode, "bridge");
+		if (!lxc_veth_flag_to_mode(netdev->priv.veth_attr.mode))
+			lxc_veth_mode_to_flag(&netdev->priv.veth_attr.mode, "bridge");
 	} else if (strcmp(value, "macvlan") == 0) {
 		netdev->type = LXC_NET_MACVLAN;
-		lxc_macvlan_mode_to_flag(&netdev->priv.macvlan_attr.mode, "private");
+		if (!lxc_macvlan_flag_to_mode(netdev->priv.veth_attr.mode))
+			lxc_macvlan_mode_to_flag(&netdev->priv.macvlan_attr.mode, "private");
 	} else if (strcmp(value, "ipvlan") == 0) {
 		netdev->type = LXC_NET_IPVLAN;
-		lxc_ipvlan_mode_to_flag(&netdev->priv.ipvlan_attr.mode, "l3");
-		lxc_ipvlan_isolation_to_flag(&netdev->priv.ipvlan_attr.isolation, "bridge");
+		if (!lxc_ipvlan_flag_to_mode(netdev->priv.ipvlan_attr.mode))
+			lxc_ipvlan_mode_to_flag(&netdev->priv.ipvlan_attr.mode, "l3");
+		if (!lxc_ipvlan_flag_to_isolation(netdev->priv.ipvlan_attr.isolation))
+			lxc_ipvlan_isolation_to_flag(&netdev->priv.ipvlan_attr.isolation, "bridge");
 	} else if (strcmp(value, "vlan") == 0) {
 		netdev->type = LXC_NET_VLAN;
 	} else if (strcmp(value, "phys") == 0) {
diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c
index ff4ae76884..05dadf9ec6 100644
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -506,6 +506,18 @@ int lxc_veth_mode_to_flag(int *mode, const char *value)
 	return ret_set_errno(-1, EINVAL);
 }
 
+char *lxc_veth_flag_to_mode(int mode)
+{
+	for (size_t i = 0; i < sizeof(veth_mode) / sizeof(veth_mode[0]); i++) {
+		if (veth_mode[i].mode != mode)
+			continue;
+
+		return veth_mode[i].name;
+	}
+
+	return NULL;
+}
+
 static struct lxc_macvlan_mode {
 	char *name;
 	int mode;
diff --git a/src/lxc/confile_utils.h b/src/lxc/confile_utils.h
index 1568ccec5d..7c59deae5a 100644
--- a/src/lxc/confile_utils.h
+++ b/src/lxc/confile_utils.h
@@ -41,6 +41,7 @@ extern void lxc_log_configured_netdevs(const struct lxc_conf *conf);
 extern bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx);
 extern void lxc_free_networks(struct lxc_list *networks);
 extern int lxc_veth_mode_to_flag(int *mode, const char *value);
+extern char *lxc_veth_flag_to_mode(int mode);
 extern int lxc_macvlan_mode_to_flag(int *mode, const char *value);
 extern char *lxc_macvlan_flag_to_mode(int mode);
 extern int lxc_ipvlan_mode_to_flag(int *mode, const char *value);


More information about the lxc-devel mailing list