From: Filip Schauer <f.schauer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH container v2 2/2] fix invalid device passthrough being added to config
Date: Mon, 15 Apr 2024 15:17:02 +0200 [thread overview]
Message-ID: <20240415131702.94922-3-f.schauer@proxmox.com> (raw)
In-Reply-To: <20240415131702.94922-1-f.schauer@proxmox.com>
Fix a bug that allows a device passthrough entry to be added to the
config despite the device path not pointing to a device. Previously,
adding an invalid device passthrough entry would throw an error, but the
entry would still be added to the config. This is fixed by moving the
respective checks from update_lxc_config to update_pct_config, which is
run before the entry is written to the config file.
Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
---
src/PVE/LXC.pm | 18 ++++--------------
src/PVE/LXC/Config.pm | 11 ++++++++++-
2 files changed, 14 insertions(+), 15 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 9681d74..933b7f7 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -4,7 +4,7 @@ use strict;
use warnings;
use Cwd qw();
-use Errno qw(ELOOP ENOENT ENOTDIR EROFS ECONNREFUSED EEXIST);
+use Errno qw(ELOOP ENOTDIR EROFS ECONNREFUSED EEXIST);
use Fcntl qw(O_RDONLY O_WRONLY O_NOFOLLOW O_DIRECTORY :mode);
use File::Path;
use File::Spec;
@@ -643,20 +643,10 @@ sub update_lxc_config {
PVE::LXC::Config->foreach_passthrough_device($conf, sub {
my ($key, $device) = @_;
- die "Path is not defined for passthrough device $key"
- unless (defined($device->{path}));
-
- my $absolute_path = $device->{path};
- my ($mode, $rdev) = (stat($absolute_path))[2, 6];
-
- die "Device $absolute_path does not exist\n" if $! == ENOENT;
-
- die "Error accessing device $absolute_path\n"
- if (!defined($mode) || !defined($rdev));
-
- die "$absolute_path is not a device\n"
- if (!S_ISBLK($mode) && !S_ISCHR($mode));
+ die "Path is not defined for passthrough device $key\n"
+ if !defined($device->{path});
+ my ($mode, $rdev) = PVE::Tools::get_device_stat($device->{path});
my $major = PVE::Tools::dev_t_major($rdev);
my $minor = PVE::Tools::dev_t_minor($rdev);
my $device_type_char = S_ISBLK($mode) ? 'b' : 'c';
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 5ac1446..fba20a1 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -3,7 +3,8 @@ package PVE::LXC::Config;
use strict;
use warnings;
-use Fcntl qw(O_RDONLY);
+use Errno qw(ENOENT);
+use Fcntl qw(O_RDONLY :mode);
use PVE::AbstractConfig;
use PVE::Cluster qw(cfs_register_file);
@@ -1193,6 +1194,14 @@ sub update_pct_config {
die "$opt: MTU size '$mtu' is bigger than bridge MTU '$bridge_mtu'\n"
if ($mtu > $bridge_mtu);
}
+ } elsif ($opt =~ m/^dev(\d+)$/) {
+ my $device = $class->parse_device($value);
+
+ die "Path is not defined for passthrough device $opt"
+ if !defined($device->{path});
+
+ # Validate device
+ PVE::Tools::get_device_stat($device->{path});
}
$conf->{pending}->{$opt} = $value;
$class->remove_from_pending_delete($conf, $opt);
--
2.39.2
prev parent reply other threads:[~2024-04-15 13:17 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-15 13:17 [pve-devel] [PATCH common/container v2 0/2] " Filip Schauer
2024-04-15 13:17 ` [pve-devel] [PATCH common v2 1/2] add get_device_stat helper subroutine Filip Schauer
2024-04-15 13:54 ` Fiona Ebner
2024-04-16 9:28 ` Filip Schauer
2024-04-15 13:17 ` Filip Schauer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240415131702.94922-3-f.schauer@proxmox.com \
--to=f.schauer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.