Protection against doing bad stuff to the root group

Add protection such that the virCgroupRemove and virCgroupKill* do not do anything to the root cgroup. Killing all PIDs in the root cgroup does not end well. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2025-02-22 03:12:22 +00:00 · 2013-07-23 15:47:03 +01:00 · 2013-07-23 15:47:03 +01:00 · 3068244e85
commit 3068244e85
parent f6c5f9077c
1 changed files with 11 additions and 1 deletions
--- a/src/util/vircgroup.c
+++ b/src/util/vircgroup.c
@ -548,8 +548,13 @@ int virCgroupPathOfController(virCgroupPtr group,
    if (controller == -1) {
        size_t i;
        for (i = 0; i < VIR_CGROUP_CONTROLLER_LAST; i++) {
+            /* Reject any controller with a placement
+             * of '/' to avoid doing bad stuff to the root
+             * cgroup
+             */
            if (group->controllers[i].mountPoint &&
-                group->controllers[i].placement) {
+                group->controllers[i].placement &&
+                STRNEQ(group->controllers[i].placement, "/")) {
                controller = i;
                break;
            }
@ -1004,6 +1009,11 @@ int virCgroupRemove(virCgroupPtr group)
        if (!group->controllers[i].mountPoint)
            continue;

+        /* Don't delete the root group, if we accidentally
+           ended up in it for some reason */
+        if (STREQ(group->controllers[i].placement, "/"))
+            continue;
+
        if (virCgroupPathOfController(group,
                                      i,
                                      NULL,