From: Daniel P. Berrange Date: Wed, 2 Oct 2013 10:16:14 +0000 (+0100) Subject: Avoid reporting an error if veth device is already deleted X-Git-Tag: CVE-2013-4401~167 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=10caf94ddc568d36561d89ca28fe0c58154a50f9;p=thirdparty%2Flibvirt.git Avoid reporting an error if veth device is already deleted The kernel automatically destroys veth devices when cleaning up the container network namespace. During normal shutdown, it is thus likely that the attempt to run 'ip link del vethN' will fail. If it fails, check if the device exists, and avoid reporting an error if it has gone. This switches to use the virCommand APIs instead of virRun too. Signed-off-by: Daniel P. Berrange --- diff --git a/po/POTFILES.in b/po/POTFILES.in index 2a0605b87f..15afdecf00 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -171,6 +171,7 @@ src/util/virnetdevbridge.c src/util/virnetdevmacvlan.c src/util/virnetdevopenvswitch.c src/util/virnetdevtap.c +src/util/virnetdevveth.c src/util/virnetdevvportprofile.c src/util/virnetlink.c src/util/virnodesuspend.c diff --git a/src/util/virnetdevveth.c b/src/util/virnetdevveth.c index 039767fa29..c0d32c4954 100644 --- a/src/util/virnetdevveth.c +++ b/src/util/virnetdevveth.c @@ -161,9 +161,20 @@ cleanup: */ int virNetDevVethDelete(const char *veth) { - const char *argv[] = {"ip", "link", "del", veth, NULL}; + virCommandPtr cmd = virCommandNewArgList("ip", "link", "del", veth, NULL); + int status; - VIR_DEBUG("veth: %s", veth); + if (virCommandRun(cmd, &status) < 0) + return -1; - return virRun(argv, NULL); + if (status != 0) { + if (!virNetDevExists(veth)) { + VIR_DEBUG("Device %s already deleted (by kernel namespace cleanup)", veth); + return 0; + } + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Failed to delete veth device %s"), veth); + return -1; + } + return 0; }