conf: support idmapped lxc.mount.entry entries

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
lxc · May 28, 2021 · bf31054 · bf31054
1 parent 80cb4de
commit bf31054
Show file tree

Hide file tree

Showing 10 changed files with 582 additions and 128 deletions.
diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c
@@ -164,6 +164,16 @@ int lxc_unix_send_fds(int fd, int *sendfds, int num_sendfds, void *data,
 	return lxc_abstract_unix_send_fds(fd, sendfds, num_sendfds, data, size);
 }
 
+int __lxc_abstract_unix_send_two_fds(int fd, int fd_first, int fd_second,
+				     void *data, size_t size)
+{
+	int fd_send[2] = {
+		fd_first,
+		fd_second,
+	};
+	return lxc_abstract_unix_send_fds(fd, fd_send, 2, data, size);
+}
+
 static ssize_t lxc_abstract_unix_recv_fds_iov(int fd,
 					      struct unix_fds *ret_fds,
 					      struct iovec *ret_iov,
@@ -355,13 +365,14 @@ ssize_t lxc_abstract_unix_recv_one_fd(int fd, int *ret_fd, void *ret_data,
 	return ret;
 }
 
-ssize_t lxc_abstract_unix_recv_two_fds(int fd, int *ret_fd)
+ssize_t __lxc_abstract_unix_recv_two_fds(int fd, int *fd_first, int *fd_second,
+					 void *data, size_t size)
 {
 	call_cleaner(put_unix_fds) struct unix_fds *fds = NULL;
 	char buf[1] = {};
 	struct iovec iov = {
-	    .iov_base	= buf,
-	    .iov_len	= sizeof(buf),
+	    .iov_base	= data ?: buf,
+	    .iov_len	= size ?: sizeof(buf),
 	};
 	ssize_t ret;
 
@@ -377,11 +388,11 @@ ssize_t lxc_abstract_unix_recv_two_fds(int fd, int *ret_fd)
 		return ret_errno(ENODATA);
 
 	if (fds->fd_count_ret != fds->fd_count_max) {
-		ret_fd[0] = -EBADF;
-		ret_fd[1] = -EBADF;
+		*fd_first = -EBADF;
+		*fd_second = -EBADF;
 	} else {
-		ret_fd[0] = move_fd(fds->fd[0]);
-		ret_fd[1] = move_fd(fds->fd[1]);
+		*fd_first = move_fd(fds->fd[0]);
+		*fd_second = move_fd(fds->fd[1]);
 	}
 
 	return 0;

diff --git a/src/lxc/af_unix.h b/src/lxc/af_unix.h
@@ -125,7 +125,24 @@ __hidden extern ssize_t lxc_abstract_unix_recv_one_fd(int fd, int *ret_fd,
 						      size_t size_ret_data)
     __access_r(3, 4);
 
-__hidden extern ssize_t lxc_abstract_unix_recv_two_fds(int fd, int *ret_fd);
+__hidden extern int __lxc_abstract_unix_send_two_fds(int fd, int fd_first,
+						     int fd_second, void *data,
+						     size_t size);
+
+static inline int lxc_abstract_unix_send_two_fds(int fd, int fd_first,
+						 int fd_second)
+{
+	return __lxc_abstract_unix_send_two_fds(fd, fd_first, fd_second, NULL, 0);
+}
+
+__hidden extern ssize_t __lxc_abstract_unix_recv_two_fds(int fd, int *fd_first,
+							 int *fd_second,
+							 void *data, size_t size);
+
+static inline ssize_t lxc_abstract_unix_recv_two_fds(int fd, int *fd_first, int *fd_second)
+{
+	return __lxc_abstract_unix_recv_two_fds(fd, fd_first, fd_second, NULL, 0);
+}
 
 __hidden extern int lxc_unix_send_fds(int fd, int *sendfds, int num_sendfds, void *data, size_t size);
 

diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
@@ -2211,16 +2211,13 @@ static int cgroup_attach_move_into_leaf(const struct lxc_conf *conf,
 					int *sk_fd, pid_t pid)
 {
 	__do_close int sk = *sk_fd, target_fd0 = -EBADF, target_fd1 = -EBADF;
-	int target_fds[2];
 	char pidstr[INTTYPE_TO_STRLEN(int64_t) + 1];
 	size_t pidstr_len;
 	ssize_t ret;
 
-	ret = lxc_abstract_unix_recv_two_fds(sk, target_fds);
+	ret = lxc_abstract_unix_recv_two_fds(sk, &target_fd0, &target_fd1);
 	if (ret < 0)
 		return log_error_errno(-1, errno, "Failed to receive target cgroup fd");
-	target_fd0 = target_fds[0];
-	target_fd1 = target_fds[1];
 
 	pidstr_len = sprintf(pidstr, INT64_FMT, (int64_t)pid);