ITQC/containernetworking-plugins
24
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity

Check for duplicated sysctl keys

Browse Source 
Signed-off-by: mmirecki <mmirecki@redhat.com>
This commit is contained in:
mmirecki
2022-04-15 15:06:47 +02:00
parent 93604ec20a
commit 7c452c77cd
2 changed files with 77 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
plugins/meta/tuning/tuning.go
View File

@ -304,6 +304,9 @@ func restoreBackup(ifName, containerID, backupPath string) error {
}
func cmdAdd(args *skel.CmdArgs) error {
if err := validateSysctlConflictingKeys(args.StdinData); err != nil {
return err
}
tuningConf, err := parseConf(args.StdinData, args.Args)
if err != nil {
return err
@ -405,6 +408,9 @@ func main() {
}
func cmdCheck(args *skel.CmdArgs) error {
if err := validateSysctlConflictingKeys(args.StdinData); err != nil {
return err
}
tuningConf, err := parseConf(args.StdinData, args.Args)
if err != nil {
return err
@ -542,3 +548,25 @@ func readAllowlist() (bool, []string, error) {
}
return true, allowList, nil
}
type sysctlKey string
type sysctlCheck struct {
SysCtl map[sysctlKey]string `json:"sysctl"`
}
var sysctlDuplicatesMap = map[sysctlKey]interface{}{}
func (d *sysctlKey) UnmarshalText(data []byte) error {
key := sysctlKey(string(data))
if _, exists := sysctlDuplicatesMap[key]; exists {
return errors.New("duplicated sysctl keys are not allowed")
}
sysctlDuplicatesMap[key] = ""
return nil
}
func validateSysctlConflictingKeys(data []byte) error {
sysctlCheck := sysctlCheck{}
return json.Unmarshal(data, &sysctlCheck)
}