From 198ab129a153dd9077d3f78d2eb3ee7d1ab72b0f Mon Sep 17 00:00:00 2001 From: mmirecki Date: Fri, 4 Nov 2022 14:23:22 +0100 Subject: [PATCH] Fix path substitution to enable setting sysctls on vlan interfaces This commit changes the order of substituting sysctl path to first handle . to / change, before substituting the interface name. This is needed as vlan interfaces have a . in the name, which should not be changed. Signed-off-by: mmirecki --- plugins/meta/tuning/tuning.go | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/plugins/meta/tuning/tuning.go b/plugins/meta/tuning/tuning.go index 719e4ce7..694e75cf 100644 --- a/plugins/meta/tuning/tuning.go +++ b/plugins/meta/tuning/tuning.go @@ -316,6 +316,10 @@ func cmdAdd(args *skel.CmdArgs) error { return err } + if err = validateArgs(args); err != nil { + return err + } + // Parse previous result. if tuningConf.RawPrevResult == nil { return fmt.Errorf("Required prevResult missing") @@ -330,12 +334,14 @@ func cmdAdd(args *skel.CmdArgs) error { err = ns.WithNetNSPath(args.Netns, func(_ ns.NetNS) error { for key, value := range tuningConf.SysCtl { + key = strings.Replace(key, ".", string(os.PathSeparator), -1) + // If the key contains `IFNAME` - substitute it with args.IfName // to allow setting sysctls on a particular interface, on which // other operations (like mac/mtu setting) are performed key = strings.Replace(key, "IFNAME", args.IfName, 1) - fileName := filepath.Join("/proc/sys", strings.Replace(key, ".", "/", -1)) + fileName := filepath.Join("/proc/sys", key) // Refuse to modify sysctl parameters that don't belong // to the network subsystem. @@ -570,3 +576,10 @@ func validateSysctlConflictingKeys(data []byte) error { sysctlCheck := sysctlCheck{} return json.Unmarshal(data, &sysctlCheck) } + +func validateArgs(args *skel.CmdArgs) error { + if strings.Contains(args.Args, string(os.PathSeparator)) { + return errors.New(fmt.Sprintf("Interface name contains an invalid character %s", string(os.PathSeparator))) + } + return nil +}