From 8c83840772e6239435e1897ebdf4bf9fc5fd68cc Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 20 Nov 2018 20:14:59 +0100 Subject: [PATCH] cgroup: add comment explaining why we ignore EINVAL at two places These are just copies from further down. --- src/core/cgroup.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/core/cgroup.c b/src/core/cgroup.c index 01ce8902478..da677b8f222 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c @@ -431,6 +431,8 @@ static int whitelist_device(BPFProgram *prog, const char *path, const char *node major(st.st_rdev), minor(st.st_rdev), acc); + /* Changing the devices list of a populated cgroup might result in EINVAL, hence ignore EINVAL here. */ + r = cg_set_attribute("devices", path, "devices.allow", buf); if (r < 0) return log_full_errno(IN_SET(r, -ENOENT, -EROFS, -EINVAL, -EACCES) ? LOG_DEBUG : LOG_WARNING, @@ -517,6 +519,9 @@ static int whitelist_major(BPFProgram *prog, const char *path, const char *name, maj, acc); + /* Changing the devices list of a populated cgroup might result in EINVAL, hence ignore EINVAL + * here. */ + r = cg_set_attribute("devices", path, "devices.allow", buf); if (r < 0) log_full_errno(IN_SET(r, -ENOENT, -EROFS, -EINVAL, -EACCES) ? LOG_DEBUG : LOG_WARNING, @@ -1052,8 +1057,7 @@ static void cgroup_context_apply( if (r < 0) log_unit_warning_errno(u, r, "Failed to initialize device control bpf program: %m"); } else { - /* Changing the devices list of a populated cgroup - * might result in EINVAL, hence ignore EINVAL + /* Changing the devices list of a populated cgroup might result in EINVAL, hence ignore EINVAL * here. */ if (c->device_allow || c->device_policy != CGROUP_AUTO)