[Devel] [PATCH RH9] cgroup/ve: fix ve_hide_cgroups calling in cgroup_get_tree
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Thu Dec 22 12:33:56 MSK 2022
Please merge, as https://jira.sw.ru/browse/PSBM-139100 is fixed and now
we can have this too.
On 05.03.2022 12:40, Pavel Tikhomirov wrote:
> Variable ret was used uninitialized in case of !ve_hide_cgroups() and
> also reference on cgrp_dfl_root.cgrp was leaked in the oposite case.
>
> Fixes: 360077892030 ("ve/cgroup: hide non-virtualized cgroups in container")
> Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
> ---
> kernel/cgroup/cgroup.c | 9 ++++-----
> 1 file changed, 4 insertions(+), 5 deletions(-)
>
> diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
> index be154b5eed77..f0c844087964 100644
> --- a/kernel/cgroup/cgroup.c
> +++ b/kernel/cgroup/cgroup.c
> @@ -2475,15 +2475,14 @@ static int cgroup_get_tree(struct fs_context *fc)
> struct cgroup_fs_context *ctx = cgroup_fc2context(fc);
> int ret;
>
> + if (ve_hide_cgroups(ctx->root))
> + return -EPERM;
> +
> cgrp_dfl_visible = true;
> cgroup_get_live(&cgrp_dfl_root.cgrp);
> ctx->root = &cgrp_dfl_root;
>
> - if (ve_hide_cgroups(ctx->root))
> - ret = -EPERM;
> -
> - if (!ret)
> - ret = cgroup_do_get_tree(fc);
> + ret = cgroup_do_get_tree(fc);
> if (!ret)
> apply_cgroup_root_flags(ctx->flags);
> return ret;
--
Best regards, Tikhomirov Pavel
Software Developer, Virtuozzo.
More information about the Devel
mailing list