cgroup: move path checking logic to dbus-cgroup.c

author Yu Watanabe <watanabe.yu+github@gmail.com>

Tue, 19 Dec 2017 06:34:04 +0000 (15:34 +0900)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Sat, 23 Dec 2017 10:32:29 +0000 (19:32 +0900)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Tue, 19 Dec 2017 06:34:04 +0000 (15:34 +0900)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Sat, 23 Dec 2017 10:32:29 +0000 (19:32 +0900)
diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c

index abca4e1..70dca6c 100644 (file)
--- a/src/core/dbus-cgroup.c
+++ b/src/core/dbus-cgroup.c
@@ -630,6 +630,9 @@ int bus_cgroup_set_property(
  
                  while ((r = sd_bus_message_read(message, "(st)", &path, &u64)) > 0) {
  
+                        if (!path_startswith(path, "/dev"))
+                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path %s specified in %s= is not a device file in /dev", name, path);
+
                          if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
                                  CGroupIODeviceLimit *a = NULL, *b;
  
@@ -714,6 +717,9 @@ int bus_cgroup_set_property(
  
                  while ((r = sd_bus_message_read(message, "(st)", &path, &weight)) > 0) {
  
+                        if (!path_startswith(path, "/dev"))
+                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path %s specified in %s= is not a device file in /dev", name, path);
+
                          if (!CGROUP_WEIGHT_IS_OK(weight) || weight == CGROUP_WEIGHT_INVALID)
                                  return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "IODeviceWeight= value out of range");
  
@@ -855,6 +861,9 @@ int bus_cgroup_set_property(
  
                  while ((r = sd_bus_message_read(message, "(st)", &path, &u64)) > 0) {
  
+                        if (!path_startswith(path, "/dev"))
+                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path %s specified in %s= is not a device file in /dev", name, path);
+
                          if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
                                  CGroupBlockIODeviceBandwidth *a = NULL, *b;
  
@@ -951,6 +960,9 @@ int bus_cgroup_set_property(
  
                  while ((r = sd_bus_message_read(message, "(st)", &path, &weight)) > 0) {
  
+                        if (!path_startswith(path, "/dev"))
+                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path %s specified in %s= is not a device file in /dev", name, path);
+
                          if (!CGROUP_BLKIO_WEIGHT_IS_OK(weight) || weight == CGROUP_BLKIO_WEIGHT_INVALID)
                                  return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "BlockIODeviceWeight= out of range");
  
@@ -1170,10 +1182,8 @@ int bus_cgroup_set_property(
  
                  while ((r = sd_bus_message_read(message, "(ss)", &path, &rwm)) > 0) {
  
-                        if ((!path_startswith(path, "/dev/") &&
-                             !path_startswith(path, "/run/systemd/inaccessible/") &&
-                             !startswith(path, "block-") &&
-                             !startswith(path, "char-")) ||
+                        if ((!is_deviceallow_pattern(path) &&
+                             !path_startswith(path, "/run/systemd/inaccessible/")) ||
                              strpbrk(path, WHITESPACE))
                              return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "DeviceAllow= requires device node");
  
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c

index b406bdd..6940f35 100644 (file)
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -480,23 +480,15 @@ static int bus_append_cgroup_property(sd_bus_message *m, const char *field, cons
                  if (isempty(eq))
                          r = sd_bus_message_append(m, "(sv)", field, "a(ss)", 0);
                  else {
-                        const char *path, *rwm, *e;
+                        const char *path = eq, *rwm = NULL, *e;
  
                          e = strchr(eq, ' ');
                          if (e) {
                                  path = strndupa(eq, e - eq);
                                  rwm = e+1;
-                        } else {
-                                path = eq;
-                                rwm = "";
-                        }
-
-                        if (!is_deviceallow_pattern(path)) {
-                                log_error("%s is not a device file in /dev.", path);
-                                return -EINVAL;
                          }
  
-                        r = sd_bus_message_append(m, "(sv)", field, "a(ss)", 1, path, rwm);
+                        r = sd_bus_message_append(m, "(sv)", field, "a(ss)", 1, path, strempty(rwm));
                  }
  
                  if (r < 0)
@@ -514,18 +506,13 @@ static int bus_append_cgroup_property(sd_bus_message *m, const char *field, cons
                          uint64_t bytes;
  
                          e = strchr(eq, ' ');
-                        if (e) {
-                                path = strndupa(eq, e - eq);
-                                bandwidth = e+1;
-                        } else {
+                        if (!e) {
                                  log_error("Failed to parse %s value %s.", field, eq);
                                  return -EINVAL;
                          }
  
-                        if (!path_startswith(path, "/dev")) {
-                                log_error("%s is not a device file in /dev.", path);
-                                return -EINVAL;
-                        }
+                        path = strndupa(eq, e - eq);
+                        bandwidth = e+1;
  
                          if (streq(bandwidth, "infinity")) {
                                  bytes = CGROUP_LIMIT_MAX;
@@ -553,18 +540,13 @@ static int bus_append_cgroup_property(sd_bus_message *m, const char *field, cons
                          uint64_t u;
  
                          e = strchr(eq, ' ');
-                        if (e) {
-                                path = strndupa(eq, e - eq);
-                                weight = e+1;
-                        } else {
+                        if (!e) {
                                  log_error("Failed to parse %s value %s.", field, eq);
                                  return -EINVAL;
                          }
  
-                        if (!path_startswith(path, "/dev")) {
-                                log_error("%s is not a device file in /dev.", path);
-                                return -EINVAL;
-                        }
+                        path = strndupa(eq, e - eq);
+                        weight = e+1;
  
                          r = safe_atou64(weight, &u);
                          if (r < 0)
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Tue, 19 Dec 2017 06:34:04 +0000 (15:34 +0900)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Sat, 23 Dec 2017 10:32:29 +0000 (19:32 +0900)
src/core/dbus-cgroup.c		patch \| blob \| history
src/shared/bus-unit-util.c		patch \| blob \| history