api: create/update vm: clamp cpu unit value

While the clamping already happens before setting the actual
cpu.weight lxc config key, it can be done here too, to avoid writing
new out-of-range values into the config.

Can't use a validator enforcing this, because existing out-of-range
values should not become errors on parsing the config.

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index 589f96f6090d3503390c3c29810770a6831d269a..79aecaa2b2b1910274e4f13b59fa13da397ce413 100644 (file)
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -221,6 +221,9 @@ __PACKAGE__->register_method({
        my $restore = extract_param($param, 'restore');
        my $unique = extract_param($param, 'unique');
 
+       $param->{cpuunits} = PVE::CGroup::clamp_cpu_shares($param->{cpuunits})
+           if defined($param->{cpuunits}); # clamp value depending on cgroup version
+
        # used to skip firewall config restore if user lacks permission
        my $skip_fw_config_restore = 0;
 

diff --git a/src/PVE/API2/LXC/Config.pm b/src/PVE/API2/LXC/Config.pm
index 1fec0486944c8886cda59f9d580c3f5ef370e4fc..e6c09801d67fa3b2052abca000d6c6ecfe53e274 100644 (file)
--- a/src/PVE/API2/LXC/Config.pm
+++ b/src/PVE/API2/LXC/Config.pm
@@ -10,6 +10,7 @@ use PVE::INotify;
 use PVE::Cluster qw(cfs_read_file);
 use PVE::AccessControl;
 use PVE::Firewall;
+use PVE::GuestHelpers;
 use PVE::Storage;
 use PVE::RESTHandler;
 use PVE::RPCEnvironment;
@@ -144,6 +145,9 @@ __PACKAGE__->register_method({
        my $revert_str = extract_param($param, 'revert');
        my @revert = PVE::Tools::split_list($revert_str);
 
+       $param->{cpuunits} = PVE::CGroup::clamp_cpu_shares($param->{cpuunits})
+           if defined($param->{cpuunits}); # clamp value depending on cgroup version
+
        my $code = sub {
 
            my $conf = PVE::LXC::Config->load_config($vmid);