]> git.ipfire.org Git - thirdparty/lxc.git/commitdiff
projects / thirdparty / lxc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 68a9e3e)
cgroups/devices: handle NULL
authorChristian Brauner <christian.brauner@ubuntu.com>
Sun, 1 Dec 2019 17:25:00 +0000 (18:25 +0100)
committerChristian Brauner <christian.brauner@ubuntu.com>
Sun, 1 Dec 2019 18:08:43 +0000 (19:08 +0100)
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
src/lxc/cgroups/cgroup2_devices.c patch | blob | blame | history

diff --git a/src/lxc/cgroups/cgroup2_devices.c b/src/lxc/cgroups/cgroup2_devices.c
index 52c1860f51e8c90e3c8e94f72c4ebdc454f5fb5d..826f757dfca24a6fb3e3cb111d24f2eb08c439ee 100644 (file)
--- a/src/lxc/cgroups/cgroup2_devices.c
+++ b/src/lxc/cgroups/cgroup2_devices.c
@@ -51,6 +51,9 @@ static int bpf_program_add_instructions(struct bpf_program *prog,
 
 void bpf_program_free(struct bpf_program *prog)
 {
+       if (!prog)
+               return;
+
        (void)bpf_program_cgroup_detach(prog);
 
        if (prog->kernel_fd >= 0)
@@ -176,6 +179,9 @@ struct bpf_program *bpf_program_new(uint32_t prog_type)
 
 int bpf_program_init(struct bpf_program *prog)
 {
+       if (!prog)
+               return minus_one_set_errno(EINVAL);
+
        const struct bpf_insn pre_insn[] = {
            /* load device type to r2 */
            BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1, offsetof(struct bpf_cgroup_dev_ctx, access_type)),
@@ -206,6 +212,9 @@ int bpf_program_append_device(struct bpf_program *prog, struct device_item *devi
        int access_mask;
        int device_type;
 
+       if (!prog || !device)
+               return minus_one_set_errno(EINVAL);
+
        /* This is a global rule so no need to append anything. */
        if (device->global_rule >= 0) {
                prog->blacklist = device->global_rule;
@@ -287,6 +296,9 @@ int bpf_program_finalize(struct bpf_program *prog)
            BPF_EXIT_INSN(),
        };
 
+       if (!prog)
+               return minus_one_set_errno(EINVAL);
+
        TRACE("Implementing %s bpf device cgroup program",
              prog->blacklist ? "blacklist" : "whitelist");
        return bpf_program_add_instructions(prog, ins, ARRAY_SIZE(ins));
@@ -327,6 +339,9 @@ int bpf_program_cgroup_attach(struct bpf_program *prog, int type,
        union bpf_attr attr;
        int ret;
 
+       if (!prog)
+               return minus_one_set_errno(EINVAL);
+
        if (flags & ~(BPF_F_ALLOW_OVERRIDE, BPF_F_ALLOW_MULTI))
                return error_log_errno(EINVAL, "Invalid flags for bpf program");
 
Mirror of https://github.com/lxc/lxc.git