8:24 a.m.
*** BLURB HERE ***
Michal Prívozník (2):
vircgroupv2devices: Unexport virCgroupV2DevicesAttachProg()
vircgroupv2devices: Avoid double close on map FD
src/libvirt_private.syms | 1 -
src/util/vircgroupv2devices.c | 29 +++++------------------------
src/util/vircgroupv2devices.h | 5 -----
3 files changed, 5 insertions(+), 30 deletions(-)
--
2.24.1
8:24 a.m.
New subject: [libvirt] [PATCH 1/2] vircgroupv2devices: Unexport virCgroupV2DevicesAttachProg()
This function is not called outside of the source file where it's
defined. There's no need to export it.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/libvirt_private.syms | 1 -
src/util/vircgroupv2devices.c | 14 +-------------
src/util/vircgroupv2devices.h | 5 -----
3 files changed, 1 insertion(+), 19 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 74e3479842..9185e49fda 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1734,7 +1734,6 @@ virCgroupV1Register;
virCgroupV2Register;
# util/vircgroupv2devices.h
-virCgroupV2DevicesAttachProg;
virCgroupV2DevicesAvailable;
virCgroupV2DevicesCreateProg;
virCgroupV2DevicesDetectProg;
diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c
index dcf8925b18..7ea3c70efb 100644
--- a/src/util/vircgroupv2devices.c
+++ b/src/util/vircgroupv2devices.c
@@ -274,7 +274,7 @@ virCgroupV2DevicesLoadProg(int mapfd)
}
-int
+static int
virCgroupV2DevicesAttachProg(virCgroupPtr group,
int mapfd,
size_t max)
@@ -591,18 +591,6 @@ virCgroupV2DevicesAvailable(virCgroupPtr group G_GNUC_UNUSED)
}
-int
-virCgroupV2DevicesAttachProg(virCgroupPtr group G_GNUC_UNUSED,
- int mapfd G_GNUC_UNUSED,
- size_t max G_GNUC_UNUSED)
-{
- virReportSystemError(ENOSYS, "%s",
- _("cgroups v2 BPF devices not supported "
- "with this kernel"));
- return -1;
-}
-
-
int
virCgroupV2DevicesDetectProg(virCgroupPtr group G_GNUC_UNUSED)
{
diff --git a/src/util/vircgroupv2devices.h b/src/util/vircgroupv2devices.h
index 7b6cececc1..9d91256120 100644
--- a/src/util/vircgroupv2devices.h
+++ b/src/util/vircgroupv2devices.h
@@ -28,11 +28,6 @@ bool
virCgroupV2DevicesAvailable(virCgroupPtr group)
G_GNUC_NO_INLINE;
-int
-virCgroupV2DevicesAttachProg(virCgroupPtr group,
- int mapfd,
- size_t max);
-
int
virCgroupV2DevicesDetectProg(virCgroupPtr group);
--
2.24.1
8:24 a.m.
New subject: [libvirt] [PATCH 2/2] vircgroupv2devices: Avoid double close on map FD
When allowing/denying a device in devices CGroupV2 we have to
write a BPF program for it. The program we put there is merely
static and all it does it looks up a device in a hash table (also
known as map in BPF terminology). A map is referenced via an FD
which can be acquired via virBPFCreateMap() and like any other FD
it should be closed when no longer needed. However, we close it
twice: the first time in virCgroupV2DevicesAttachProg() which
closes it unconditionally, and the second time in either
virCgroupV2DevicesCreateProg() or
virCgroupV2DevicesPrepareProg(). Remove the second close.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/util/vircgroupv2devices.c | 15 ++++-----------
1 file changed, 4 insertions(+), 11 deletions(-)
diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c
index 7ea3c70efb..402ce3f86f 100644
--- a/src/util/vircgroupv2devices.c
+++ b/src/util/vircgroupv2devices.c
@@ -494,7 +494,7 @@ virCgroupV2DevicesReallocMap(int mapfd,
int
virCgroupV2DevicesCreateProg(virCgroupPtr group)
{
- VIR_AUTOCLOSE mapfd = -1;
+ int mapfd = -1;
if (group->unified.devices.progfd > 0 &&
group->unified.devices.mapfd > 0)
return 0;
@@ -503,13 +503,8 @@ virCgroupV2DevicesCreateProg(virCgroupPtr group)
if (mapfd < 0)
return -1;
- if (virCgroupV2DevicesAttachProg(group, mapfd,
- VIR_CGROUP_V2_INITIAL_BPF_MAP_SIZE) < 0) {
- return -1;
- }
-
- mapfd = -1;
- return 0;
+ return virCgroupV2DevicesAttachProg(group, mapfd,
+ VIR_CGROUP_V2_INITIAL_BPF_MAP_SIZE);
}
@@ -530,10 +525,8 @@ virCgroupV2DevicesPrepareProg(virCgroupPtr group)
if (newmapfd < 0)
return -1;
- if (virCgroupV2DevicesAttachProg(group, newmapfd, max) < 0) {
- VIR_FORCE_CLOSE(newmapfd);
+ if (virCgroupV2DevicesAttachProg(group, newmapfd, max) < 0)
return -1;
- }
}
return 0;
--
2.24.1
1782
days inactive
1782
days old
3 comments
2 participants
participants (2)
-
Michal Privoznik -
Pavel Hrdina