Fix path substitution to enable setting sysctls on vlan interfaces

This commit changes the order of substituting sysctl path to first handle . to / change, before substituting the interface name. This is needed as vlan interfaces have a . in the name, which should not be changed. Signed-off-by: mmirecki <[email protected]>
containernetworking · Nov 9, 2022 · 198ab12 · 198ab12
1 parent ac86731
commit 198ab12
Showing 1 changed file with 14 additions and 1 deletion.
diff --git a/plugins/meta/tuning/tuning.go b/plugins/meta/tuning/tuning.go
@@ -316,6 +316,10 @@ func cmdAdd(args *skel.CmdArgs) error {
  return err
  }
 
+ if err = validateArgs(args); err != nil {
+ return err
+ }
+
  // Parse previous result.
  if tuningConf.RawPrevResult == nil {
  return fmt.Errorf("Required prevResult missing")
@@ -330,12 +334,14 @@ func cmdAdd(args *skel.CmdArgs) error {
 
  err = ns.WithNetNSPath(args.Netns, func(_ ns.NetNS) error {
  for key, value := range tuningConf.SysCtl {
+ key = strings.Replace(key, ".", string(os.PathSeparator), -1)
+
  // If the key contains `IFNAME` - substitute it with args.IfName
  // to allow setting sysctls on a particular interface, on which
  // other operations (like mac/mtu setting) are performed
  key = strings.Replace(key, "IFNAME", args.IfName, 1)
 
- fileName := filepath.Join("/proc/sys", strings.Replace(key, ".", "/", -1))
+ fileName := filepath.Join("/proc/sys", key)
 
  // Refuse to modify sysctl parameters that don't belong
  // to the network subsystem.
@@ -570,3 +576,10 @@ func validateSysctlConflictingKeys(data []byte) error {
  sysctlCheck := sysctlCheck{}
  return json.Unmarshal(data, &sysctlCheck)
 }
+
+func validateArgs(args *skel.CmdArgs) error {
+ if strings.Contains(args.Args, string(os.PathSeparator)) {
+ return errors.New(fmt.Sprintf("Interface name contains an invalid character %s", string(os.PathSeparator)))
+ }
+ return nil
+}