[libvirt] [PATCH 0/2] vircgroupv2devices: Avoid double close on map FD
*** BLURB HERE *** Michal Prívozník (2): vircgroupv2devices: Unexport virCgroupV2DevicesAttachProg() vircgroupv2devices: Avoid double close on map FD src/libvirt_private.syms | 1 - src/util/vircgroupv2devices.c | 29 +++++------------------------ src/util/vircgroupv2devices.h | 5 ----- 3 files changed, 5 insertions(+), 30 deletions(-) -- 2.24.1
This function is not called outside of the source file where it's defined. There's no need to export it. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/libvirt_private.syms | 1 - src/util/vircgroupv2devices.c | 14 +------------- src/util/vircgroupv2devices.h | 5 ----- 3 files changed, 1 insertion(+), 19 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 74e3479842..9185e49fda 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1734,7 +1734,6 @@ virCgroupV1Register; virCgroupV2Register; # util/vircgroupv2devices.h -virCgroupV2DevicesAttachProg; virCgroupV2DevicesAvailable; virCgroupV2DevicesCreateProg; virCgroupV2DevicesDetectProg; diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c index dcf8925b18..7ea3c70efb 100644 --- a/src/util/vircgroupv2devices.c +++ b/src/util/vircgroupv2devices.c @@ -274,7 +274,7 @@ virCgroupV2DevicesLoadProg(int mapfd) } -int +static int virCgroupV2DevicesAttachProg(virCgroupPtr group, int mapfd, size_t max) @@ -591,18 +591,6 @@ virCgroupV2DevicesAvailable(virCgroupPtr group G_GNUC_UNUSED) } -int -virCgroupV2DevicesAttachProg(virCgroupPtr group G_GNUC_UNUSED, - int mapfd G_GNUC_UNUSED, - size_t max G_GNUC_UNUSED) -{ - virReportSystemError(ENOSYS, "%s", - _("cgroups v2 BPF devices not supported " - "with this kernel")); - return -1; -} - - int virCgroupV2DevicesDetectProg(virCgroupPtr group G_GNUC_UNUSED) { diff --git a/src/util/vircgroupv2devices.h b/src/util/vircgroupv2devices.h index 7b6cececc1..9d91256120 100644 --- a/src/util/vircgroupv2devices.h +++ b/src/util/vircgroupv2devices.h @@ -28,11 +28,6 @@ bool virCgroupV2DevicesAvailable(virCgroupPtr group) G_GNUC_NO_INLINE; -int -virCgroupV2DevicesAttachProg(virCgroupPtr group, - int mapfd, - size_t max); - int virCgroupV2DevicesDetectProg(virCgroupPtr group); -- 2.24.1
When allowing/denying a device in devices CGroupV2 we have to write a BPF program for it. The program we put there is merely static and all it does it looks up a device in a hash table (also known as map in BPF terminology). A map is referenced via an FD which can be acquired via virBPFCreateMap() and like any other FD it should be closed when no longer needed. However, we close it twice: the first time in virCgroupV2DevicesAttachProg() which closes it unconditionally, and the second time in either virCgroupV2DevicesCreateProg() or virCgroupV2DevicesPrepareProg(). Remove the second close. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/util/vircgroupv2devices.c | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c index 7ea3c70efb..402ce3f86f 100644 --- a/src/util/vircgroupv2devices.c +++ b/src/util/vircgroupv2devices.c @@ -494,7 +494,7 @@ virCgroupV2DevicesReallocMap(int mapfd, int virCgroupV2DevicesCreateProg(virCgroupPtr group) { - VIR_AUTOCLOSE mapfd = -1; + int mapfd = -1; if (group->unified.devices.progfd > 0 && group->unified.devices.mapfd > 0) return 0; @@ -503,13 +503,8 @@ virCgroupV2DevicesCreateProg(virCgroupPtr group) if (mapfd < 0) return -1; - if (virCgroupV2DevicesAttachProg(group, mapfd, - VIR_CGROUP_V2_INITIAL_BPF_MAP_SIZE) < 0) { - return -1; - } - - mapfd = -1; - return 0; + return virCgroupV2DevicesAttachProg(group, mapfd, + VIR_CGROUP_V2_INITIAL_BPF_MAP_SIZE); } @@ -530,10 +525,8 @@ virCgroupV2DevicesPrepareProg(virCgroupPtr group) if (newmapfd < 0) return -1; - if (virCgroupV2DevicesAttachProg(group, newmapfd, max) < 0) { - VIR_FORCE_CLOSE(newmapfd); + if (virCgroupV2DevicesAttachProg(group, newmapfd, max) < 0) return -1; - } } return 0; -- 2.24.1
participants (2)
-
Michal Privoznik -
Pavel Hrdina