return ret_errno(EINVAL);
}
-int lxc_fill_elevated_privileges(char *flaglist, int *flags)
+int lxc_fill_elevated_privileges(char *flaglist, unsigned int *flags)
{
+ unsigned int flags_tmp = 0;
char *token;
- int i, aflag;
struct {
const char *token;
int flag;
};
if (!flaglist) {
- /* For the sake of backward compatibility, drop all privileges
- * if none is specified.
+ /*
+ * For the sake of backward compatibility, keep all privileges
+ * if no specific privileges are specified.
*/
- for (i = 0; all_privs[i].token; i++)
- *flags |= all_privs[i].flag;
+ for (unsigned int i = 0; all_privs[i].token; i++)
+ flags_tmp |= all_privs[i].flag;
+ *flags = flags_tmp;
return 0;
}
lxc_iterate_parts(token, flaglist, "|") {
- aflag = -1;
+ bool valid_token = false;
- for (i = 0; all_privs[i].token; i++)
- if (strequal(all_privs[i].token, token))
- aflag = all_privs[i].flag;
+ for (unsigned int i = 0; all_privs[i].token; i++) {
+ if (!strequal(all_privs[i].token, token))
+ continue;
- if (aflag < 0)
- return ret_errno(EINVAL);
+ valid_token = true;
+ flags_tmp |= all_privs[i].flag;
+ }
- *flags |= aflag;
+ if (!valid_token)
+ return syserror_set(-EINVAL, "Invalid elevated privilege \"%s\" requested", token);
}
+ *flags = flags_tmp;
return 0;
}
*/
__hidden extern int lxc_config_parse_arch(const char *arch, signed long *persona);
-__hidden extern int lxc_fill_elevated_privileges(char *flaglist, int *flags);
+__hidden extern int lxc_fill_elevated_privileges(char *flaglist, unsigned int *flags);
__hidden extern int lxc_clear_config_item(struct lxc_conf *c, const char *key);
static bool stdfd_is_pty(void);
static int lxc_attach_create_log_file(const char *log_file);
-static int elevated_privileges;
+static unsigned int elevated_privileges;
static signed long new_personality = -1;
static int namespace_flags = -1;
static int remount_sys_proc;
projects / thirdparty / lxc.git / commitdiff
