Protection against doing bad stuff to the root group

Add protection such that the virCgroupRemove and
virCgroupKill* do not do anything to the root cgroup.

Killing all PIDs in the root cgroup does not end well.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
index 86dc5fe5e959a858b6902d57b851ea47e598c456..87325c03943eafd6e5d9ad810c47050f0baf80fc 100644 (file)
--- a/src/util/vircgroup.c
+++ b/src/util/vircgroup.c
@@ -548,8 +548,13 @@ int virCgroupPathOfController(virCgroupPtr group,
     if (controller == -1) {
         size_t i;
         for (i = 0; i < VIR_CGROUP_CONTROLLER_LAST; i++) {
+            /* Reject any controller with a placement
+             * of '/' to avoid doing bad stuff to the root
+             * cgroup
+             */
             if (group->controllers[i].mountPoint &&
-                group->controllers[i].placement) {
+                group->controllers[i].placement &&
+                STRNEQ(group->controllers[i].placement, "/")) {
                 controller = i;
                 break;
             }
@@ -1004,6 +1009,11 @@ int virCgroupRemove(virCgroupPtr group)
         if (!group->controllers[i].mountPoint)
             continue;
 
+        /* Don't delete the root group, if we accidentally
+           ended up in it for some reason */
+        if (STREQ(group->controllers[i].placement, "/"))
+            continue;
+
         if (virCgroupPathOfController(group,
                                       i,
                                       NULL,