[lxc-devel] [lxc/master] network: fix key ordering independence
brauner on Github
lxc-bot at linuxcontainers.org
Mon May 11 20:18:40 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200511/40f90e32/attachment.bin>
-------------- next part --------------
From 598b35b421a898f7b8c0b94fad32ff74595c53f3 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 11 May 2020 09:16:33 +0200
Subject: [PATCH 1/2] tools/lxc-ls: shut up lgtm more
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/tools/lxc_ls.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/lxc/tools/lxc_ls.c b/src/lxc/tools/lxc_ls.c
index 05d4bcecc8..0abcd7a633 100644
--- a/src/lxc/tools/lxc_ls.c
+++ b/src/lxc/tools/lxc_ls.c
@@ -1180,6 +1180,11 @@ static int ls_recv_str(int fd, char **buf)
return -1;
}
+ if (slen == SIZE_MAX) {
+ free(*buf);
+ return -1;
+ }
+
(*buf)[slen] = '\0';
}
From 756cadb6ab07a6043960bf0db6c39742fb10f118 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 11 May 2020 22:16:59 +0200
Subject: [PATCH 2/2] confile: fix order independence of network keys
We need to make sure we don't overwrite values when they have already been set.
Closes: #3405.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/confile.c | 12 ++++++++----
src/lxc/confile_utils.c | 12 ++++++++++++
src/lxc/confile_utils.h | 1 +
3 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 3d7d9be50a..13ebdd059a 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -306,14 +306,18 @@ static int set_config_net_type(const char *key, const char *value,
netdev->type = LXC_NET_VETH;
lxc_list_init(&netdev->priv.veth_attr.ipv4_routes);
lxc_list_init(&netdev->priv.veth_attr.ipv6_routes);
- lxc_veth_mode_to_flag(&netdev->priv.veth_attr.mode, "bridge");
+ if (!lxc_veth_flag_to_mode(netdev->priv.veth_attr.mode))
+ lxc_veth_mode_to_flag(&netdev->priv.veth_attr.mode, "bridge");
} else if (strcmp(value, "macvlan") == 0) {
netdev->type = LXC_NET_MACVLAN;
- lxc_macvlan_mode_to_flag(&netdev->priv.macvlan_attr.mode, "private");
+ if (!lxc_macvlan_flag_to_mode(netdev->priv.veth_attr.mode))
+ lxc_macvlan_mode_to_flag(&netdev->priv.macvlan_attr.mode, "private");
} else if (strcmp(value, "ipvlan") == 0) {
netdev->type = LXC_NET_IPVLAN;
- lxc_ipvlan_mode_to_flag(&netdev->priv.ipvlan_attr.mode, "l3");
- lxc_ipvlan_isolation_to_flag(&netdev->priv.ipvlan_attr.isolation, "bridge");
+ if (!lxc_ipvlan_flag_to_mode(netdev->priv.ipvlan_attr.mode))
+ lxc_ipvlan_mode_to_flag(&netdev->priv.ipvlan_attr.mode, "l3");
+ if (!lxc_ipvlan_flag_to_isolation(netdev->priv.ipvlan_attr.isolation))
+ lxc_ipvlan_isolation_to_flag(&netdev->priv.ipvlan_attr.isolation, "bridge");
} else if (strcmp(value, "vlan") == 0) {
netdev->type = LXC_NET_VLAN;
} else if (strcmp(value, "phys") == 0) {
diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c
index ff4ae76884..05dadf9ec6 100644
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -506,6 +506,18 @@ int lxc_veth_mode_to_flag(int *mode, const char *value)
return ret_set_errno(-1, EINVAL);
}
+char *lxc_veth_flag_to_mode(int mode)
+{
+ for (size_t i = 0; i < sizeof(veth_mode) / sizeof(veth_mode[0]); i++) {
+ if (veth_mode[i].mode != mode)
+ continue;
+
+ return veth_mode[i].name;
+ }
+
+ return NULL;
+}
+
static struct lxc_macvlan_mode {
char *name;
int mode;
diff --git a/src/lxc/confile_utils.h b/src/lxc/confile_utils.h
index 1568ccec5d..7c59deae5a 100644
--- a/src/lxc/confile_utils.h
+++ b/src/lxc/confile_utils.h
@@ -41,6 +41,7 @@ extern void lxc_log_configured_netdevs(const struct lxc_conf *conf);
extern bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx);
extern void lxc_free_networks(struct lxc_list *networks);
extern int lxc_veth_mode_to_flag(int *mode, const char *value);
+extern char *lxc_veth_flag_to_mode(int mode);
extern int lxc_macvlan_mode_to_flag(int *mode, const char *value);
extern char *lxc_macvlan_flag_to_mode(int mode);
extern int lxc_ipvlan_mode_to_flag(int *mode, const char *value);
More information about the lxc-devel
mailing list