From 356e71c6166fe294a2e2c28e4184d674944773e7 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Mon, 2 Dec 2019 00:50:06 +0100
Subject: [PATCH] cgroups/devices: use dedicated enums

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/cgroups/cgroup2_devices.c | 3 ++-
 src/lxc/conf.h                    | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/lxc/cgroups/cgroup2_devices.c b/src/lxc/cgroups/cgroup2_devices.c
index 72511ba71..aa6eff884 100644
--- a/src/lxc/cgroups/cgroup2_devices.c
+++ b/src/lxc/cgroups/cgroup2_devices.c
@@ -447,7 +447,8 @@ int bpf_list_add_device(struct lxc_conf *conf, struct device_item *device)
 	lxc_list_for_each(it, &conf->devices) {
 		struct device_item *cur = it->elem;
 
-		if (cur->global_rule != -1 && device->global_rule != -1) {
+		if (cur->global_rule > LXC_BPF_DEVICE_CGROUP_LOCAL_RULE &&
+		    device->global_rule > LXC_BPF_DEVICE_CGROUP_LOCAL_RULE) {
 			TRACE("Switched from %s to %s",
 			      cur->global_rule == LXC_BPF_DEVICE_CGROUP_WHITELIST
 				  ? "whitelist"
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index cfd745616..eb5023acd 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -231,9 +231,9 @@ struct lxc_state_client {
 };
 
 enum {
+	LXC_BPF_DEVICE_CGROUP_LOCAL_RULE = -1,
 	LXC_BPF_DEVICE_CGROUP_WHITELIST  =  0,
 	LXC_BPF_DEVICE_CGROUP_BLACKLIST  =  1,
-	LXC_BPF_DEVICE_CGROUP_LOCAL_RULE = -1,
 };
 
 struct device_item {
-- 
2.47.2