bpf: prevent double-close

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/cgroups/cgroup2_devices.c b/src/lxc/cgroups/cgroup2_devices.c
index c22f880496b1d788376f7687c757d05b74c6afdc..37fd4c688ee828507f6971325b43a02274df7b66 100644 (file)
--- a/src/lxc/cgroups/cgroup2_devices.c
+++ b/src/lxc/cgroups/cgroup2_devices.c
@@ -67,10 +67,7 @@ void bpf_program_free(struct bpf_program *prog)
 
        (void)bpf_program_cgroup_detach(prog);
 
-       if (prog->kernel_fd >= 0)
-               close(prog->kernel_fd);
        free(prog->instructions);
-       close_prot_errno_disarm(prog->fd_cgroup);
        free(prog);
 }
 
@@ -437,8 +434,8 @@ int bpf_program_cgroup_detach(struct bpf_program *prog)
                return 0;
 
        /* Ensure that these fds are wiped. */
-       fd_cgroup = prog->fd_cgroup;
-       fd_kernel = prog->kernel_fd;
+       fd_cgroup = move_fd(prog->fd_cgroup);
+       fd_kernel = move_fd(prog->kernel_fd);
 
        if (fd_cgroup < 0 || fd_kernel < 0)
                return 0;