util: Make ns_enter() a void function and report setns() errors
ns_enter() returns an integer... but it's always zero. If we actually fail the function doesn't return. Therefore it makes more sense for this to be a function returning void, and we can remove the cases where we pointlessly checked its return value. In addition ns_enter() is usually called from an ephemeral thread created by NS_CALL(). That means that the exit(EXIT_FAILURE) there usually won't be reported (since NS_CALL() doesn't wait() for the thread). So, use die() instead to print out some information in the unlikely event that our setns() here does fail. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
b15ce5b6ce
commit
6920adda0d
5 changed files with 10 additions and 13 deletions
3
conf.c
3
conf.c
|
@ -101,9 +101,10 @@ static int get_bound_ports_ns(void *arg)
|
||||||
struct get_bound_ports_ns_arg *a = (struct get_bound_ports_ns_arg *)arg;
|
struct get_bound_ports_ns_arg *a = (struct get_bound_ports_ns_arg *)arg;
|
||||||
struct ctx *c = a->c;
|
struct ctx *c = a->c;
|
||||||
|
|
||||||
if (!c->pasta_netns_fd || ns_enter(c))
|
if (!c->pasta_netns_fd)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
ns_enter(c);
|
||||||
get_bound_ports(c, 1, a->proto);
|
get_bound_ports(c, 1, a->proto);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
4
tap.c
4
tap.c
|
@ -1182,9 +1182,9 @@ static int tap_ns_tun(void *arg)
|
||||||
struct ctx *c = (struct ctx *)arg;
|
struct ctx *c = (struct ctx *)arg;
|
||||||
|
|
||||||
memcpy(ifr.ifr_name, c->pasta_ifn, IFNAMSIZ);
|
memcpy(ifr.ifr_name, c->pasta_ifn, IFNAMSIZ);
|
||||||
|
ns_enter(c);
|
||||||
|
|
||||||
if (ns_enter(c) ||
|
if ((tun_ns_fd = open("/dev/net/tun", flags)) < 0 ||
|
||||||
(tun_ns_fd = open("/dev/net/tun", flags)) < 0 ||
|
|
||||||
ioctl(tun_ns_fd, TUNSETIFF, &ifr) ||
|
ioctl(tun_ns_fd, TUNSETIFF, &ifr) ||
|
||||||
!(c->pasta_ifi = if_nametoindex(c->pasta_ifn))) {
|
!(c->pasta_ifi = if_nametoindex(c->pasta_ifn))) {
|
||||||
if (tun_ns_fd != -1)
|
if (tun_ns_fd != -1)
|
||||||
|
|
6
udp.c
6
udp.c
|
@ -473,8 +473,7 @@ static int udp_splice_new_ns(void *arg)
|
||||||
|
|
||||||
a = (struct udp_splice_new_ns_arg *)arg;
|
a = (struct udp_splice_new_ns_arg *)arg;
|
||||||
|
|
||||||
if (ns_enter(a->c))
|
ns_enter(a->c);
|
||||||
return 0;
|
|
||||||
|
|
||||||
a->s = udp_splice_new(a->c, a->v6, a->src, true);
|
a->s = udp_splice_new(a->c, a->v6, a->src, true);
|
||||||
|
|
||||||
|
@ -1064,8 +1063,7 @@ int udp_sock_init_ns(void *arg)
|
||||||
struct ctx *c = (struct ctx *)arg;
|
struct ctx *c = (struct ctx *)arg;
|
||||||
unsigned dst;
|
unsigned dst;
|
||||||
|
|
||||||
if (ns_enter(c))
|
ns_enter(c);
|
||||||
return 0;
|
|
||||||
|
|
||||||
for (dst = 0; dst < NUM_PORTS; dst++) {
|
for (dst = 0; dst < NUM_PORTS; dst++) {
|
||||||
if (!bitmap_isset(c->udp.fwd_out.f.map, dst))
|
if (!bitmap_isset(c->udp.fwd_out.f.map, dst))
|
||||||
|
|
8
util.c
8
util.c
|
@ -378,16 +378,14 @@ void procfs_scan_listen(struct ctx *c, uint8_t proto, int ip_version, int ns,
|
||||||
* ns_enter() - Enter configured user (unless already joined) and network ns
|
* ns_enter() - Enter configured user (unless already joined) and network ns
|
||||||
* @c: Execution context
|
* @c: Execution context
|
||||||
*
|
*
|
||||||
* Return: 0, won't return on failure
|
* Won't return on failure
|
||||||
*
|
*
|
||||||
* #syscalls:pasta setns
|
* #syscalls:pasta setns
|
||||||
*/
|
*/
|
||||||
int ns_enter(const struct ctx *c)
|
void ns_enter(const struct ctx *c)
|
||||||
{
|
{
|
||||||
if (setns(c->pasta_netns_fd, CLONE_NEWNET))
|
if (setns(c->pasta_netns_fd, CLONE_NEWNET))
|
||||||
exit(EXIT_FAILURE);
|
die("setns() failed entering netns: %s", strerror(errno));
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
2
util.h
2
util.h
|
@ -216,7 +216,7 @@ int bitmap_isset(const uint8_t *map, int bit);
|
||||||
char *line_read(char *buf, size_t len, int fd);
|
char *line_read(char *buf, size_t len, int fd);
|
||||||
void procfs_scan_listen(struct ctx *c, uint8_t proto, int ip_version, int ns,
|
void procfs_scan_listen(struct ctx *c, uint8_t proto, int ip_version, int ns,
|
||||||
uint8_t *map, uint8_t *exclude);
|
uint8_t *map, uint8_t *exclude);
|
||||||
int ns_enter(const struct ctx *c);
|
void ns_enter(const struct ctx *c);
|
||||||
bool ns_is_init(void);
|
bool ns_is_init(void);
|
||||||
void write_pidfile(int fd, pid_t pid);
|
void write_pidfile(int fd, pid_t pid);
|
||||||
int __daemon(int pidfile_fd, int devnull_fd);
|
int __daemon(int pidfile_fd, int devnull_fd);
|
||||||
|
|
Loading…
Reference in a new issue