[lxc-devel] [PATCH 2/3] Factor out capability parsing logic
Serge Hallyn
serge.hallyn at ubuntu.com
Mon May 5 19:19:22 UTC 2014
Quoting Christian Seiler (christian at iwakd.de):
> Currently, setup_caps and dropcaps_except both use the same parsing
> logic for parsing capabilities (try to identify by name, but allow
> numerical specification). Since this is a common routine, separate it
> out to improve maintainability and reuseability.
>
> Signed-off-by: Christian Seiler <christian at iwakd.de>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> ---
> src/lxc/conf.c | 88 ++++++++++++++++++++++----------------------------------
> 1 file changed, 35 insertions(+), 53 deletions(-)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index d765f0d..716fcad 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -2160,42 +2160,49 @@ static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list
> return ret;
> }
>
> +static int parse_cap(const char *cap)
> +{
> + char *ptr = NULL;
> + int i, capid = -1;
> +
> + for (i = 0; i < sizeof(caps_opt)/sizeof(caps_opt[0]); i++) {
> +
> + if (strcmp(cap, caps_opt[i].name))
> + continue;
> +
> + capid = caps_opt[i].value;
> + break;
> + }
> +
> + if (capid < 0) {
> + /* try to see if it's numeric, so the user may specify
> + * capabilities that the running kernel knows about but
> + * we don't */
> + errno = 0;
> + capid = strtol(cap, &ptr, 10);
> + if (!ptr || *ptr != '\0' || errno != 0)
> + /* not a valid number */
> + capid = -1;
> + else if (capid > lxc_caps_last_cap())
> + /* we have a number but it's not a valid
> + * capability */
> + capid = -1;
> + }
> +
> + return capid;
> +}
> +
> static int setup_caps(struct lxc_list *caps)
> {
> struct lxc_list *iterator;
> char *drop_entry;
> - char *ptr;
> - int i, capid;
> + int capid;
>
> lxc_list_for_each(iterator, caps) {
>
> drop_entry = iterator->elem;
>
> - capid = -1;
> -
> - for (i = 0; i < sizeof(caps_opt)/sizeof(caps_opt[0]); i++) {
> -
> - if (strcmp(drop_entry, caps_opt[i].name))
> - continue;
> -
> - capid = caps_opt[i].value;
> - break;
> - }
> -
> - if (capid < 0) {
> - /* try to see if it's numeric, so the user may specify
> - * capabilities that the running kernel knows about but
> - * we don't */
> - errno = 0;
> - capid = strtol(drop_entry, &ptr, 10);
> - if (!ptr || *ptr != '\0' || errno != 0)
> - /* not a valid number */
> - capid = -1;
> - else if (capid > lxc_caps_last_cap())
> - /* we have a number but it's not a valid
> - * capability */
> - capid = -1;
> - }
> + capid = parse_cap(drop_entry);
>
> if (capid < 0) {
> ERROR("unknown capability %s", drop_entry);
> @@ -2220,7 +2227,6 @@ static int dropcaps_except(struct lxc_list *caps)
> {
> struct lxc_list *iterator;
> char *keep_entry;
> - char *ptr;
> int i, capid;
> int numcaps = lxc_caps_last_cap() + 1;
> INFO("found %d capabilities", numcaps);
> @@ -2236,31 +2242,7 @@ static int dropcaps_except(struct lxc_list *caps)
>
> keep_entry = iterator->elem;
>
> - capid = -1;
> -
> - for (i = 0; i < sizeof(caps_opt)/sizeof(caps_opt[0]); i++) {
> -
> - if (strcmp(keep_entry, caps_opt[i].name))
> - continue;
> -
> - capid = caps_opt[i].value;
> - break;
> - }
> -
> - if (capid < 0) {
> - /* try to see if it's numeric, so the user may specify
> - * capabilities that the running kernel knows about but
> - * we don't */
> - capid = strtol(keep_entry, &ptr, 10);
> - if (!ptr || *ptr != '\0' ||
> - capid == INT_MIN || capid == INT_MAX)
> - /* not a valid number */
> - capid = -1;
> - else if (capid > lxc_caps_last_cap())
> - /* we have a number but it's not a valid
> - * capability */
> - capid = -1;
> - }
> + capid = parse_cap(keep_entry);
>
> if (capid < 0) {
> ERROR("unknown capability %s", keep_entry);
> --
> 1.7.10.4
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list