[lxc-devel] [PATCH 2/3] Factor out capability parsing logic

Sat May 3 18:57:45 UTC 2014

Currently, setup_caps and dropcaps_except both use the same parsing
logic for parsing capabilities (try to identify by name, but allow
numerical specification). Since this is a common routine, separate it
out to improve maintainability and reuseability.

Signed-off-by: Christian Seiler <christian at iwakd.de>
---
 src/lxc/conf.c |   88 ++++++++++++++++++++++----------------------------------
 1 file changed, 35 insertions(+), 53 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index d765f0d..716fcad 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2160,42 +2160,49 @@ static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list
 	return ret;
 }
 
+static int parse_cap(const char *cap)
+{
+	char *ptr = NULL;
+	int i, capid = -1;
+
+	for (i = 0; i < sizeof(caps_opt)/sizeof(caps_opt[0]); i++) {
+
+		if (strcmp(cap, caps_opt[i].name))
+			continue;
+
+		capid = caps_opt[i].value;
+		break;
+	}
+
+	if (capid < 0) {
+		/* try to see if it's numeric, so the user may specify
+		 * capabilities  that the running kernel knows about but
+		 * we don't */
+		errno = 0;
+		capid = strtol(cap, &ptr, 10);
+		if (!ptr || *ptr != '\0' || errno != 0)
+			/* not a valid number */
+			capid = -1;
+		else if (capid > lxc_caps_last_cap())
+			/* we have a number but it's not a valid
+			 * capability */
+			capid = -1;
+	}
+
+	return capid;
+}
+
 static int setup_caps(struct lxc_list *caps)
 {
 	struct lxc_list *iterator;
 	char *drop_entry;
-	char *ptr;
-	int i, capid;
+	int capid;
 
 	lxc_list_for_each(iterator, caps) {
 
 		drop_entry = iterator->elem;
 
-		capid = -1;
-
-		for (i = 0; i < sizeof(caps_opt)/sizeof(caps_opt[0]); i++) {
-
-			if (strcmp(drop_entry, caps_opt[i].name))
-				continue;
-
-			capid = caps_opt[i].value;
-			break;
-		}
-
-		if (capid < 0) {
-			/* try to see if it's numeric, so the user may specify
-			* capabilities  that the running kernel knows about but
-			* we don't */
-			errno = 0;
-			capid = strtol(drop_entry, &ptr, 10);
-			if (!ptr || *ptr != '\0' || errno != 0)
-				/* not a valid number */
-				capid = -1;
-			else if (capid > lxc_caps_last_cap())
-				/* we have a number but it's not a valid
-				* capability */
-				capid = -1;
-		}
+		capid = parse_cap(drop_entry);
 
 	        if (capid < 0) {
 			ERROR("unknown capability %s", drop_entry);
@@ -2220,7 +2227,6 @@ static int dropcaps_except(struct lxc_list *caps)
 {
 	struct lxc_list *iterator;
 	char *keep_entry;
-	char *ptr;
 	int i, capid;
 	int numcaps = lxc_caps_last_cap() + 1;
 	INFO("found %d capabilities", numcaps);
@@ -2236,31 +2242,7 @@ static int dropcaps_except(struct lxc_list *caps)
 
 		keep_entry = iterator->elem;
 
-		capid = -1;
-
-		for (i = 0; i < sizeof(caps_opt)/sizeof(caps_opt[0]); i++) {
-
-			if (strcmp(keep_entry, caps_opt[i].name))
-				continue;
-
-			capid = caps_opt[i].value;
-			break;
-		}
-
-		if (capid < 0) {
-			/* try to see if it's numeric, so the user may specify
-			* capabilities  that the running kernel knows about but
-			* we don't */
-			capid = strtol(keep_entry, &ptr, 10);
-			if (!ptr || *ptr != '\0' ||
-			capid == INT_MIN || capid == INT_MAX)
-				/* not a valid number */
-				capid = -1;
-			else if (capid > lxc_caps_last_cap())
-				/* we have a number but it's not a valid
-				* capability */
-				capid = -1;
-		}
+		capid = parse_cap(keep_entry);
 
 	        if (capid < 0) {
 			ERROR("unknown capability %s", keep_entry);
-- 
1.7.10.4

