69267b7a87
OBS-URL: https://build.opensuse.org/request/show/423993 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/lxcfs?expand=0&rev=6
79 lines
2.1 KiB
Diff
79 lines
2.1 KiB
Diff
From e254948fb93869c1a771cf5778161e703a422918 Mon Sep 17 00:00:00 2001
|
|
From: Christian Brauner <cbrauner@suse.de>
|
|
Date: Fri, 26 Aug 2016 16:26:27 +0200
|
|
Subject: [PATCH 20/24] bindings: make rmdir behave more consistently
|
|
|
|
We should be able to safely return -EPERM for:
|
|
|
|
if (!pick_controller_from_path())
|
|
/* Someone's trying to delete "/cgroup". */
|
|
|
|
if (!find_cgroup_in_path())
|
|
/* Someone's trying to delete a controller e.g. "/blkio". */
|
|
|
|
if (!get_cgdir_and_path()) {
|
|
/* Someone's trying to delete a cgroup on the same level as the
|
|
* "/lxc" cgroup e.g. rmdir "/cgroup/blkio/lxc" or
|
|
* rmdir "/cgroup/blkio/init.slice".
|
|
*/
|
|
}
|
|
|
|
All other interesting cases are caught further down.
|
|
|
|
Signed-off-by: Christian Brauner <cbrauner@suse.de>
|
|
---
|
|
bindings.c | 18 +++++++++++-------
|
|
1 file changed, 11 insertions(+), 7 deletions(-)
|
|
|
|
diff --git a/bindings.c b/bindings.c
|
|
index aaba840..4413a7d 100644
|
|
--- a/bindings.c
|
|
+++ b/bindings.c
|
|
@@ -1507,7 +1507,7 @@ static char *pick_controller_from_path(struct fuse_context *fc, const char *path
|
|
char *contr, *slash;
|
|
|
|
if (strlen(path) < 9) {
|
|
- errno = EINVAL;
|
|
+ errno = EACCES;
|
|
return NULL;
|
|
}
|
|
if (*(path + 7) != '/') {
|
|
@@ -1542,7 +1542,7 @@ static const char *find_cgroup_in_path(const char *path)
|
|
const char *p1;
|
|
|
|
if (strlen(path) < 9) {
|
|
- errno = EINVAL;
|
|
+ errno = EACCES;
|
|
return NULL;
|
|
}
|
|
p1 = strstr(path + 8, "/");
|
|
@@ -2910,16 +2910,20 @@ int cg_rmdir(const char *path)
|
|
return -EIO;
|
|
|
|
controller = pick_controller_from_path(fc, path);
|
|
- if (!controller)
|
|
- return -errno;
|
|
+ if (!controller) /* Someone's trying to delete "/cgroup". */
|
|
+ return -EPERM;
|
|
|
|
cgroup = find_cgroup_in_path(path);
|
|
- if (!cgroup)
|
|
- return -errno;
|
|
+ if (!cgroup) /* Someone's trying to delete a controller e.g. "/blkio". */
|
|
+ return -EPERM;
|
|
|
|
get_cgdir_and_path(cgroup, &cgdir, &last);
|
|
if (!last) {
|
|
- ret = -EINVAL;
|
|
+ /* Someone's trying to delete a cgroup on the same level as the
|
|
+ * "/lxc" cgroup e.g. rmdir "/cgroup/blkio/lxc" or
|
|
+ * rmdir "/cgroup/blkio/init.slice".
|
|
+ */
|
|
+ ret = -EPERM;
|
|
goto out;
|
|
}
|
|
|
|
--
|
|
2.9.3
|
|
|