[libvirt] [PATCH 12/13] Protection against doing bad stuff to the root group
Daniel P. Berrange
berrange at redhat.com
Tue Jul 23 15:21:17 UTC 2013
From: "Daniel P. Berrange" <berrange at redhat.com>
Add protection such that the virCgroupRemove and
virCgroupKill* do not do anything to the root cgroup.
Killing all PIDs in the root cgroup does not end well.
Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
---
src/util/vircgroup.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
index 6f9d25a..2141154 100644
--- a/src/util/vircgroup.c
+++ b/src/util/vircgroup.c
@@ -546,8 +546,13 @@ int virCgroupPathOfController(virCgroupPtr group,
if (controller == -1) {
size_t i;
for (i = 0; i < VIR_CGROUP_CONTROLLER_LAST; i++) {
+ /* Reject any controller with a placement
+ * of '/' to avoid doing bad stuff to the root
+ * cgroup
+ */
if (group->controllers[i].mountPoint &&
- group->controllers[i].placement) {
+ group->controllers[i].placement &&
+ STRNEQ(group->controllers[i].placement, "/")) {
controller = i;
break;
}
@@ -1002,6 +1007,11 @@ int virCgroupRemove(virCgroupPtr group)
if (!group->controllers[i].mountPoint)
continue;
+ /* Don't delete the root group, if we accidentally
+ ended up in it for some reason */
+ if (STREQ(group->controllers[i].placement, "/"))
+ continue;
+
if (virCgroupPathOfController(group,
i,
NULL,
--
1.8.1.4
More information about the libvir-list
mailing list