[lxc-devel] [lxd/master] cgo: fixes
brauner on Github
lxc-bot at linuxcontainers.org
Sun Mar 15 15:07:38 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200315/53e37d34/attachment-0001.bin>
-------------- next part --------------
From 81ca13881a08f86a3b9af6d3f9dcf7a2fdebe0c8 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sun, 15 Mar 2020 16:04:26 +0100
Subject: [PATCH 1/2] memory_utils: align lxc + lxd
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
lxd/include/memory_utils.h | 69 ++++++++++++++------------------
lxd/main_checkfeature.go | 8 ++--
lxd/main_forkfile.go | 2 +-
lxd/main_forkmount.go | 2 +-
lxd/main_forksyscall.go | 14 +++----
lxd/main_forkuevent.go | 4 +-
lxd/main_nsexec.go | 10 ++---
lxd/storage/drivers/utils_cgo.go | 8 ++--
shared/idmap/shift_linux.go | 2 +-
9 files changed, 54 insertions(+), 65 deletions(-)
diff --git a/lxd/include/memory_utils.h b/lxd/include/memory_utils.h
index c1dafb441a..8f2d9fd3c4 100644
--- a/lxd/include/memory_utils.h
+++ b/lxd/include/memory_utils.h
@@ -1,22 +1,5 @@
-/* liblxcapi
- *
- * Copyright © 2019 Christian Brauner <christian.brauner at ubuntu.com>.
- * Copyright © 2019 Canonical Ltd.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
-
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
-
- * You should have received a copy of the GNU Lesser General Public License
- * along with this library; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- */
+// SPDX-License-Identifier: LGPL-2.1+
+/* Copyright © 2019 Christian Brauner <christian.brauner at ubuntu.com>. */
#ifndef __LXC_MEMORY_UTILS_H
#define __LXC_MEMORY_UTILS_H
@@ -30,22 +13,14 @@
#include "macro.h"
-static inline void __auto_free__(void *p)
-{
- free(*(void **)p);
-}
+#define define_cleanup_function(type, cleaner) \
+ static inline void cleaner##_function(type *ptr) \
+ { \
+ if (*ptr) \
+ cleaner(*ptr); \
+ }
-static inline void __auto_fclose__(FILE **f)
-{
- if (*f)
- fclose(*f);
-}
-
-static inline void __auto_closedir__(DIR **d)
-{
- if (*d)
- closedir(*d);
-}
+#define call_cleaner(cleaner) __attribute__((__cleanup__(cleaner##_function)))
#define close_prot_errno_disarm(fd) \
if (fd >= 0) { \
@@ -55,14 +30,28 @@ static inline void __auto_closedir__(DIR **d)
fd = -EBADF; \
}
-static inline void __auto_close__(int *fd)
+static inline void close_prot_errno_disarm_function(int *fd)
{
- close_prot_errno_disarm(*fd);
+ close_prot_errno_disarm(*fd);
}
+#define __do_close call_cleaner(close_prot_errno_disarm)
+
+define_cleanup_function(FILE *, fclose);
+#define __do_fclose call_cleaner(fclose)
+
+define_cleanup_function(DIR *, closedir);
+#define __do_closedir call_cleaner(closedir)
-#define __do_close_prot_errno __attribute__((__cleanup__(__auto_close__)))
-#define __do_free __attribute__((__cleanup__(__auto_free__)))
-#define __do_fclose __attribute__((__cleanup__(__auto_fclose__)))
-#define __do_closedir __attribute__((__cleanup__(__auto_closedir__)))
+#define free_disarm(ptr) \
+ ({ \
+ free(ptr); \
+ move_ptr(ptr); \
+ })
+
+static inline void free_disarm_function(void *ptr)
+{
+ free_disarm(*(void **)ptr);
+}
+#define __do_free call_cleaner(free_disarm)
#endif /* __LXC_MEMORY_UTILS_H */
diff --git a/lxd/main_checkfeature.go b/lxd/main_checkfeature.go
index ac167bdbbc..2a63708d52 100644
--- a/lxd/main_checkfeature.go
+++ b/lxd/main_checkfeature.go
@@ -42,7 +42,7 @@ extern int wait_for_pid(pid_t pid);
static int netns_set_nsid(int fd)
{
- __do_close_prot_errno int sockfd = -EBADF;
+ __do_close int sockfd = -EBADF;
int ret;
char buf[NLMSG_ALIGN(sizeof(struct nlmsghdr)) +
NLMSG_ALIGN(sizeof(struct rtgenmsg)) +
@@ -79,7 +79,7 @@ static int netns_set_nsid(int fd)
void is_netnsid_aware(int *hostnetns_fd, int *newnetns_fd)
{
- __do_close_prot_errno int sock_fd = -EBADF;
+ __do_close int sock_fd = -EBADF;
int netnsid, ret;
*hostnetns_fd = open("/proc/self/ns/net", O_RDONLY | O_CLOEXEC);
@@ -172,7 +172,7 @@ static int filecmp(pid_t pid1, pid_t pid2, int fd1, int fd2)
__noreturn static void __do_user_notification_continue(void)
{
- __do_close_prot_errno int listener = -EBADF;
+ __do_close int listener = -EBADF;
pid_t pid;
int ret;
struct seccomp_notif req = {};
@@ -293,7 +293,7 @@ static void is_seccomp_notify_aware(void)
void checkfeature(void)
{
- __do_close_prot_errno int hostnetns_fd = -EBADF, newnetns_fd = -EBADF;
+ __do_close int hostnetns_fd = -EBADF, newnetns_fd = -EBADF;
is_netnsid_aware(&hostnetns_fd, &newnetns_fd);
is_uevent_aware();
diff --git a/lxd/main_forkfile.go b/lxd/main_forkfile.go
index 28d547ac88..24b3f32743 100644
--- a/lxd/main_forkfile.go
+++ b/lxd/main_forkfile.go
@@ -59,7 +59,7 @@ int copy(int target, int source, bool append)
}
int manip_file_in_ns(char *rootfs, int pid, char *host, char *container, bool is_put, char *type, uid_t uid, gid_t gid, mode_t mode, uid_t defaultUid, gid_t defaultGid, mode_t defaultMode, bool append) {
- __do_close_prot_errno int host_fd = -1, container_fd = -1;
+ __do_close int host_fd = -1, container_fd = -1;
int ret = -1;
int container_open_flags;
struct stat st;
diff --git a/lxd/main_forkmount.go b/lxd/main_forkmount.go
index a7929dd2da..8a293acc7c 100644
--- a/lxd/main_forkmount.go
+++ b/lxd/main_forkmount.go
@@ -78,7 +78,7 @@ void ensure_dir(char *dest) {
void ensure_file(char *dest)
{
- __do_close_prot_errno int fd = -EBADF;
+ __do_close int fd = -EBADF;
struct stat sb;
if (stat(dest, &sb) == 0) {
diff --git a/lxd/main_forksyscall.go b/lxd/main_forksyscall.go
index 8682406912..feb68a39e9 100644
--- a/lxd/main_forksyscall.go
+++ b/lxd/main_forksyscall.go
@@ -60,7 +60,7 @@ static bool chdirchroot_in_mntns(int cwd_fd, int root_fd)
static bool acquire_basic_creds(pid_t pid)
{
- __do_close_prot_errno int cwd_fd = -EBADF, mnt_fd = -EBADF, root_fd = -EBADF;
+ __do_close int cwd_fd = -EBADF, mnt_fd = -EBADF, root_fd = -EBADF;
char buf[256];
snprintf(buf, sizeof(buf), "/proc/%d/ns/mnt", pid);
@@ -139,7 +139,7 @@ static bool acquire_final_creds(pid_t pid, uid_t uid, gid_t gid, uid_t fsuid, gi
// <PID> <root-uid> <root-gid> <path> <mode> <dev>
static void mknod_emulate(void)
{
- __do_close_prot_errno int target_dir_fd = -EBADF;
+ __do_close int target_dir_fd = -EBADF;
char *target = NULL, *target_dir = NULL;
int ret;
char path[PATH_MAX];
@@ -209,7 +209,7 @@ const char *ns_names[] = { "user", "pid", "uts", "ipc", "net", "cgroup", NULL };
static bool setnsat(int ns_fd, const char *ns)
{
- __do_close_prot_errno int fd = -EBADF;
+ __do_close int fd = -EBADF;
fd = openat(ns_fd, ns, O_RDONLY | O_CLOEXEC);
if (fd < 0)
@@ -220,7 +220,7 @@ static bool setnsat(int ns_fd, const char *ns)
static bool change_creds(int ns_fd, cap_t caps, uid_t nsuid, gid_t nsgid, uid_t nsfsuid, gid_t nsfsgid)
{
- __do_close_prot_errno int fd = -EBADF;
+ __do_close int fd = -EBADF;
if (prctl(PR_SET_KEEPCAPS, 1))
return false;
@@ -248,7 +248,7 @@ static bool change_creds(int ns_fd, cap_t caps, uid_t nsuid, gid_t nsgid, uid_t
static void setxattr_emulate(void)
{
- __do_close_prot_errno int ns_fd = -EBADF, target_fd = -EBADF;
+ __do_close int ns_fd = -EBADF, target_fd = -EBADF;
int flags = 0;
char *name, *target;
char path[PATH_MAX];
@@ -341,7 +341,7 @@ static bool is_dir(const char *path)
static int make_tmpfile(char *template, bool dir)
{
- __do_close_prot_errno int fd = -EBADF;
+ __do_close int fd = -EBADF;
if (dir) {
if (!mkdtemp(template))
@@ -380,7 +380,7 @@ static int preserve_ns(const int pid, const char *ns)
static void mount_emulate(void)
{
- __do_close_prot_errno int mnt_fd = -EBADF;
+ __do_close int mnt_fd = -EBADF;
char *source = NULL, *shiftfs = NULL, *target = NULL, *fstype = NULL;
bool use_fuse;
uid_t uid = -1, fsuid = -1;
diff --git a/lxd/main_forkuevent.go b/lxd/main_forkuevent.go
index 1b78125cfa..a25c533808 100644
--- a/lxd/main_forkuevent.go
+++ b/lxd/main_forkuevent.go
@@ -82,7 +82,7 @@ static void *nlmsg_reserve_unaligned(struct nlmsg *nlmsg, size_t len)
int can_inject_uevent(const char *uevent, size_t len)
{
- __do_close_prot_errno int sock_fd = -EBADF;
+ __do_close int sock_fd = -EBADF;
__do_free struct nlmsg *nlmsg = NULL;
int ret;
char *umsg = NULL;
@@ -115,7 +115,7 @@ int can_inject_uevent(const char *uevent, size_t len)
static int inject_uevent(const char *uevent, size_t len)
{
- __do_close_prot_errno int sock_fd = -EBADF;
+ __do_close int sock_fd = -EBADF;
__do_free struct nlmsg *nlmsg = NULL;
int ret;
char *umsg = NULL;
diff --git a/lxd/main_nsexec.go b/lxd/main_nsexec.go
index 79ce48570e..2e8fa92fca 100644
--- a/lxd/main_nsexec.go
+++ b/lxd/main_nsexec.go
@@ -101,7 +101,7 @@ void error(char *msg)
}
int dosetns(int pid, char *nstype) {
- __do_close_prot_errno int ns_fd = -EBADF;
+ __do_close int ns_fd = -EBADF;
char buf[PATH_MAX];
sprintf(buf, "/proc/%d/ns/%s", pid, nstype);
@@ -120,7 +120,7 @@ int dosetns(int pid, char *nstype) {
}
int dosetns_file(char *file, char *nstype) {
- __do_close_prot_errno int ns_fd = -EBADF;
+ __do_close int ns_fd = -EBADF;
ns_fd = open(file, O_RDONLY);
if (ns_fd < 0) {
@@ -167,7 +167,7 @@ static int preserve_ns(const int pid, const char *ns)
// in the same namespace returns -EINVAL, -1 if an error occurred.
static int in_same_namespace(pid_t pid1, pid_t pid2, const char *ns)
{
- __do_close_prot_errno int ns_fd1 = -1, ns_fd2 = -1;
+ __do_close int ns_fd1 = -1, ns_fd2 = -1;
int ret = -1;
struct stat ns_st1, ns_st2;
@@ -202,7 +202,7 @@ static int in_same_namespace(pid_t pid1, pid_t pid2, const char *ns)
}
void attach_userns(int pid) {
- __do_close_prot_errno int userns_fd = -EBADF;
+ __do_close int userns_fd = -EBADF;
int ret;
userns_fd = in_same_namespace(getpid(), pid, "user");
@@ -251,7 +251,7 @@ again:
static char *file_to_buf(char *path, ssize_t *length)
{
- __do_close_prot_errno int fd = -EBADF;
+ __do_close int fd = -EBADF;
__do_free char *copy = NULL;
char buf[PATH_MAX];
diff --git a/lxd/storage/drivers/utils_cgo.go b/lxd/storage/drivers/utils_cgo.go
index c6f9928134..dd571aed7a 100644
--- a/lxd/storage/drivers/utils_cgo.go
+++ b/lxd/storage/drivers/utils_cgo.go
@@ -53,7 +53,7 @@ static int find_associated_loop_device(const char *loop_file,
return -1;
while ((dp = readdir(dir))) {
- __do_close_prot_errno int loop_path_fd = -EBADF;
+ __do_close int loop_path_fd = -EBADF;
int ret;
size_t totlen;
struct stat fstatbuf;
@@ -120,7 +120,7 @@ static int get_unused_loop_dev_legacy(char *loop_name)
return -1;
while ((dp = readdir(dir))) {
- __do_close_prot_errno int dfd = -EBADF, fd = -EBADF;
+ __do_close int dfd = -EBADF, fd = -EBADF;
int ret;
if (!dp)
@@ -154,7 +154,7 @@ static int get_unused_loop_dev_legacy(char *loop_name)
static int get_unused_loop_dev(char *name_loop)
{
- __do_close_prot_errno int fd_ctl = -1;
+ __do_close int fd_ctl = -1;
int loop_nr, ret;
fd_ctl = open("/dev/loop-control", O_RDWR | O_CLOEXEC);
@@ -174,7 +174,7 @@ static int get_unused_loop_dev(char *name_loop)
static int prepare_loop_dev(const char *source, char *loop_dev, int flags)
{
- __do_close_prot_errno int fd_img = -1, fd_loop = -1;
+ __do_close int fd_img = -1, fd_loop = -1;
int ret;
struct loop_info64 lo64;
diff --git a/shared/idmap/shift_linux.go b/shared/idmap/shift_linux.go
index 5069a509e8..a83660e807 100644
--- a/shared/idmap/shift_linux.go
+++ b/shared/idmap/shift_linux.go
@@ -95,7 +95,7 @@ int set_dummy_fs_ns_caps(const char *path)
int shiftowner(char *basepath, char *path, int uid, int gid)
{
- __do_close_prot_errno int fd = -EBADF;
+ __do_close int fd = -EBADF;
int ret;
char fdpath[PATH_MAX], realpath[PATH_MAX];
struct stat sb;
From 93e4bf63b58e61016d0130ebcad38be4becaa1f0 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sun, 15 Mar 2020 16:06:45 +0100
Subject: [PATCH 2/2] tree-wide: consistently initialize raw fds to -EBADF
instead of -1 in cgo
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
lxd/main_forkfile.go | 2 +-
lxd/main_nsexec.go | 2 +-
lxd/storage/drivers/utils_cgo.go | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/lxd/main_forkfile.go b/lxd/main_forkfile.go
index 24b3f32743..1b27e0ca34 100644
--- a/lxd/main_forkfile.go
+++ b/lxd/main_forkfile.go
@@ -59,7 +59,7 @@ int copy(int target, int source, bool append)
}
int manip_file_in_ns(char *rootfs, int pid, char *host, char *container, bool is_put, char *type, uid_t uid, gid_t gid, mode_t mode, uid_t defaultUid, gid_t defaultGid, mode_t defaultMode, bool append) {
- __do_close int host_fd = -1, container_fd = -1;
+ __do_close int host_fd = -EBADF, container_fd = -EBADF;
int ret = -1;
int container_open_flags;
struct stat st;
diff --git a/lxd/main_nsexec.go b/lxd/main_nsexec.go
index 2e8fa92fca..9efc3af825 100644
--- a/lxd/main_nsexec.go
+++ b/lxd/main_nsexec.go
@@ -167,7 +167,7 @@ static int preserve_ns(const int pid, const char *ns)
// in the same namespace returns -EINVAL, -1 if an error occurred.
static int in_same_namespace(pid_t pid1, pid_t pid2, const char *ns)
{
- __do_close int ns_fd1 = -1, ns_fd2 = -1;
+ __do_close int ns_fd1 = -EBADF, ns_fd2 = -EBADF;
int ret = -1;
struct stat ns_st1, ns_st2;
diff --git a/lxd/storage/drivers/utils_cgo.go b/lxd/storage/drivers/utils_cgo.go
index dd571aed7a..8c3bd7ce86 100644
--- a/lxd/storage/drivers/utils_cgo.go
+++ b/lxd/storage/drivers/utils_cgo.go
@@ -154,7 +154,7 @@ static int get_unused_loop_dev_legacy(char *loop_name)
static int get_unused_loop_dev(char *name_loop)
{
- __do_close int fd_ctl = -1;
+ __do_close int fd_ctl = -EBADF;
int loop_nr, ret;
fd_ctl = open("/dev/loop-control", O_RDWR | O_CLOEXEC);
@@ -174,7 +174,7 @@ static int get_unused_loop_dev(char *name_loop)
static int prepare_loop_dev(const char *source, char *loop_dev, int flags)
{
- __do_close int fd_img = -1, fd_loop = -1;
+ __do_close int fd_img = -EBADF, fd_loop = -EBADF;
int ret;
struct loop_info64 lo64;
More information about the lxc-devel
mailing list