From ad13559e8d5dd38862c58711c07b90aae9e805bc Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Dec 2021 21:37:17 +0900
Subject: [PATCH] core/cgroup: propagate errors on detecting supported features

---
 src/core/cgroup.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 396de12c4f0..5c2c9ed54ea 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -3228,26 +3228,36 @@ static int cg_bpf_mask_supported(CGroupMask *ret) {
 
         /* BPF-based firewall */
         r = bpf_firewall_supported();
+        if (r < 0)
+                return r;
         if (r > 0)
                 mask |= CGROUP_MASK_BPF_FIREWALL;
 
         /* BPF-based device access control */
         r = bpf_devices_supported();
+        if (r < 0)
+                return r;
         if (r > 0)
                 mask |= CGROUP_MASK_BPF_DEVICES;
 
         /* BPF pinned prog */
         r = bpf_foreign_supported();
+        if (r < 0)
+                return r;
         if (r > 0)
                 mask |= CGROUP_MASK_BPF_FOREIGN;
 
         /* BPF-based bind{4|6} hooks */
         r = bpf_socket_bind_supported();
+        if (r < 0)
+                return r;
         if (r > 0)
                 mask |= CGROUP_MASK_BPF_SOCKET_BIND;
 
         /* BPF-based cgroup_skb/{egress|ingress} hooks */
         r = restrict_network_interfaces_supported();
+        if (r < 0)
+                return r;
         if (r > 0)
                 mask |= CGROUP_MASK_BPF_RESTRICT_NETWORK_INTERFACES;
 
-- 
2.47.3