From 759e9f8b206d002c1dfeedd7ee517968d20ee93c Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Tue, 4 Aug 2020 01:55:40 +0100 Subject: [PATCH] jail: make use of BLOBMSG_CAST_INT64 for OCI rlimits Signed-off-by: Daniel Golle --- jail/jail.c | 92 +++++++++++++++++++++++------------------------------ 1 file changed, 39 insertions(+), 53 deletions(-) diff --git a/jail/jail.c b/jail/jail.c index c72de07..a3d35ad 100644 --- a/jail/jail.c +++ b/jail/jail.c @@ -1531,6 +1531,19 @@ static int parseOCIprocessuser(struct blob_attr *msg) { return 0; } +enum { + OCI_PROCESS_RLIMIT_TYPE, + OCI_PROCESS_RLIMIT_SOFT, + OCI_PROCESS_RLIMIT_HARD, + __OCI_PROCESS_RLIMIT_MAX, +}; + +static const struct blobmsg_policy oci_process_rlimit_policy[] = { + [OCI_PROCESS_RLIMIT_TYPE] = { "type", BLOBMSG_TYPE_STRING }, + [OCI_PROCESS_RLIMIT_SOFT] = { "soft", BLOBMSG_CAST_INT64 }, + [OCI_PROCESS_RLIMIT_HARD] = { "hard", BLOBMSG_CAST_INT64 }, +}; + /* from manpage GETRLIMIT(2) */ static const char* const rlimit_names[RLIM_NLIMITS] = { [RLIMIT_AS] = "AS", @@ -1564,63 +1577,32 @@ static int resolve_rlimit(char *type) { } -static int parseOCIrlimits(struct blob_attr *msg) +static int parseOCIrlimit(struct blob_attr *msg) { - struct blob_attr *cur, *cure; - int rem, reme; + struct blob_attr *tb[__OCI_PROCESS_RLIMIT_MAX]; int limtype = -1; struct rlimit *curlim; - rlim_t soft, hard; - bool sethard = false, setsoft = false; - blobmsg_for_each_attr(cur, msg, rem) { - blobmsg_for_each_attr(cure, cur, reme) { - if (!strcmp(blobmsg_name(cure), "type") && (blobmsg_type(cure) == BLOBMSG_TYPE_STRING)) { - limtype = resolve_rlimit(blobmsg_get_string(cure)); - } else if (!strcmp(blobmsg_name(cure), "soft")) { - switch (blobmsg_type(cure)) { - case BLOBMSG_TYPE_INT32: - soft = blobmsg_get_u32(cure); - break; - case BLOBMSG_TYPE_INT64: - soft = blobmsg_get_u64(cure); - break; - default: - return EINVAL; - } - setsoft = true; - } else if (!strcmp(blobmsg_name(cure), "hard")) { - switch (blobmsg_type(cure)) { - case BLOBMSG_TYPE_INT32: - hard = blobmsg_get_u32(cure); - break; - case BLOBMSG_TYPE_INT64: - hard = blobmsg_get_u64(cure); - break; - default: - return EINVAL; - } - sethard = true; - } else { - return EINVAL; - } - } + blobmsg_parse(oci_process_rlimit_policy, __OCI_PROCESS_RLIMIT_MAX, tb, blobmsg_data(msg), blobmsg_len(msg)); - if (limtype < 0) - return EINVAL; + if (!tb[OCI_PROCESS_RLIMIT_TYPE] || + !tb[OCI_PROCESS_RLIMIT_SOFT] || + !tb[OCI_PROCESS_RLIMIT_HARD]) + return ENODATA; - if (opts.rlimits[limtype]) - return ENOTUNIQ; + limtype = resolve_rlimit(blobmsg_get_string(tb[OCI_PROCESS_RLIMIT_TYPE])); - if (!sethard || !setsoft) - return ENODATA; + if (limtype < 0) + return EINVAL; - curlim = malloc(sizeof(struct rlimit)); - curlim->rlim_cur = soft; - curlim->rlim_max = hard; + if (opts.rlimits[limtype]) + return ENOTUNIQ; - opts.rlimits[limtype] = curlim; - } + curlim = malloc(sizeof(struct rlimit)); + curlim->rlim_cur = blobmsg_cast_u64(tb[OCI_PROCESS_RLIMIT_SOFT]); + curlim->rlim_max = blobmsg_cast_u64(tb[OCI_PROCESS_RLIMIT_HARD]); + + opts.rlimits[limtype] = curlim; return 0; }; @@ -1653,8 +1635,8 @@ static const struct blobmsg_policy oci_process_policy[] = { static int parseOCIprocess(struct blob_attr *msg) { - struct blob_attr *tb[__OCI_PROCESS_MAX]; - int res; + struct blob_attr *tb[__OCI_PROCESS_MAX], *cur; + int rem, res; blobmsg_parse(oci_process_policy, __OCI_PROCESS_MAX, tb, blobmsg_data(msg), blobmsg_len(msg)); @@ -1684,9 +1666,13 @@ static int parseOCIprocess(struct blob_attr *msg) (res = parseOCIcapabilities(&opts.capset, tb[OCI_PROCESS_CAPABILITIES]))) return res; - if (tb[OCI_PROCESS_RLIMITS] && - (res = parseOCIrlimits(tb[OCI_PROCESS_RLIMITS]))) - return res; + if (tb[OCI_PROCESS_RLIMITS]) { + blobmsg_for_each_attr(cur, tb[OCI_PROCESS_RLIMITS], rem) { + res = parseOCIrlimit(cur); + if (res) + return res; + } + } if (tb[OCI_PROCESS_OOMSCOREADJ]) { opts.oom_score_adj = blobmsg_get_u32(tb[OCI_PROCESS_OOMSCOREADJ]); -- 2.30.2