dasharo/systemd
0
0
Fork 0
mirror of https://github.com/Dasharo/systemd.git synced 2026-03-06 15:02:31 -08:00
Code Issues Packages Projects Releases Wiki Activity

core: add cgroup_add_or_update_device_allow()

Browse Source
This commit is contained in:
Luca Boccassi
2023-10-03 01:06:35 +01:00
parent 665c6e46e3
commit c3166b25e2
3 changed files with 21 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/core/cgroup.c
View File

@@ -731,6 +731,23 @@ int cgroup_context_add_device_allow(CGroupContext *c, const char *dev, const cha
return 0;
}
int cgroup_context_add_or_update_device_allow(CGroupContext *c, const char *dev, const char *mode) {
assert(c);
assert(dev);
assert(isempty(mode) || in_charset(mode, "rwm"));
LIST_FOREACH(device_allow, b, c->device_allow)
if (path_equal(b->path, dev)) {
b->r = isempty(mode) || strchr(mode, 'r');
b->w = isempty(mode) || strchr(mode, 'w');
b->m = isempty(mode) || strchr(mode, 'm');
return 0;
}
return cgroup_context_add_device_allow(c, dev, mode);
}
int cgroup_context_add_bpf_foreign_program(CGroupContext *c, uint32_t attach_type, const char *bpffs_path) {
CGroupBPFForeignProgram *p;
_cleanup_free_ char *d = NULL;

1
src/core/cgroup.h
View File

@@ -279,6 +279,7 @@ static inline bool cgroup_context_want_memory_pressure(const CGroupContext *c) {
}
int cgroup_context_add_device_allow(CGroupContext *c, const char *dev, const char *mode);
int cgroup_context_add_or_update_device_allow(CGroupContext *c, const char *dev, const char *mode);
int cgroup_context_add_bpf_foreign_program(CGroupContext *c, uint32_t attach_type, const char *path);
void unit_modify_nft_set(Unit *u, bool add);

28
src/core/dbus-cgroup.c
View File

@@ -1820,31 +1820,9 @@ int bus_cgroup_set_property(
return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "DeviceAllow= requires combination of rwm flags");
if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
CGroupDeviceAllow *a = NULL;
LIST_FOREACH(device_allow, b, c->device_allow)
if (path_equal(b->path, path)) {
a = b;
break;
}
if (!a) {
a = new0(CGroupDeviceAllow, 1);
if (!a)
return -ENOMEM;
a->path = strdup(path);
if (!a->path) {
free(a);
return -ENOMEM;
}
LIST_PREPEND(device_allow, c->device_allow, a);
}
a->r = strchr(rwm, 'r');
a->w = strchr(rwm, 'w');
a->m = strchr(rwm, 'm');
r = cgroup_context_add_or_update_device_allow(c, path, rwm);
if (r < 0)
return r;
}
n++;