git.proxmox.com Git - pve-container.git/commit

author	Fabian Ebner <f.ebner@proxmox.com>
	Tue, 5 May 2020 08:27:15 +0000 (10:27 +0200)
committer	Fabian Grünbichler <f.gruenbichler@proxmox.com>
	Tue, 5 May 2020 09:20:56 +0000 (11:20 +0200)
commit	87c3654715ef36f698e8e2dde086a91258e813ac
tree	0ab2e5fdc351d2ae34d29a6315537bf85a2efb59	tree
parent	113c506f46dde07e569a67a82cd2dcfd58845b61	commit \| diff

create_vm: avoid premature write_config caused by update_pct_config

by moving the write_config calls from vmconfig_*_pending to their
call sites. The single other call site for update_pct_config in
update_vm is also adapted.

The update_pct_config call lead to a write_config call and so the
configuration file was created before it was intended to be created.

When the CFS is updated in between the write_config call and the
PVE::Cluster::check_vmid_unused call in create_and_lock_config,
the container file would already exist and so creation would
fail after writing out a basically empty config.

Even worse, a race was possible for two containers created with the
same ID at the same time:
Assuming the initial PVE::Cluster::check_vmid_unused check in the
parameter verification passes for both create_vm calls, the later one
would potentially overwrite the earlier configuration file with its
update_pct_config call.

Additionally, the file read for $old_config was always the one written
by update_pct_config. Meaning that for a create_vm call with force=1,
already existing old volumes were not removed.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>

src/PVE/API2/LXC/Config.pm		diff \| blob \| blame \| history
src/PVE/LXC.pm		diff \| blob \| blame \| history
src/PVE/LXC/Config.pm		diff \| blob \| blame \| history
src/lxc-pve-poststop-hook		diff \| blob \| blame \| history