return st.st_ino == namespace_info[type].root_inode;
}
+int pidref_in_same_namespace(PidRef *pid1, PidRef *pid2, NamespaceType type) {
+ _cleanup_close_ int ns1 = -EBADF, ns2 = -EBADF;
+
+ /* Accepts NULL to indicate our own process */
+
+ assert(!pid1 || pidref_is_set(pid1));
+ assert(!pid2 || pidref_is_set(pid2));
+ assert(type >= 0 && type < _NAMESPACE_TYPE_MAX);
+
+ if (pidref_equal(pid1, pid2))
+ return true;
+
+ if (!pid1)
+ ns1 = namespace_open_by_type(type);
+ else
+ ns1 = pidref_namespace_open_by_type(pid1, type);
+ if (ns1 < 0)
+ return ns1;
+
+ if (!pid2)
+ ns2 = namespace_open_by_type(type);
+ else
+ ns2 = pidref_namespace_open_by_type(pid2, type);
+ if (ns2 < 0)
+ return ns2;
+
+ return fd_inode_same(ns1, ns2);
+}
+
int namespace_get_leader(pid_t pid, NamespaceType type, pid_t *ret) {
int r;
return TAKE_FD(netns_fd);
}
-int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type) {
- const char *ns_path;
- struct stat ns_st1, ns_st2;
-
- if (pid1 == 0)
- pid1 = getpid_cached();
-
- if (pid2 == 0)
- pid2 = getpid_cached();
-
- if (pid1 == pid2)
- return 1;
-
- ns_path = pid_namespace_path(pid1, type);
- if (stat(ns_path, &ns_st1) < 0)
- return -errno;
-
- ns_path = pid_namespace_path(pid2, type);
- if (stat(ns_path, &ns_st2) < 0)
- return -errno;
-
- return stat_inode_same(&ns_st1, &ns_st2);
-}
-
int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_range) {
_cleanup_free_ char *buffer = NULL;
const char *range, *shift;
int namespace_is_init(NamespaceType type);
+int pidref_in_same_namespace(PidRef *pid1, PidRef *pid2, NamespaceType type);
+static inline int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type) {
+ assert(pid1 >= 0);
+ assert(pid2 >= 0);
+ return pidref_in_same_namespace(pid1 == 0 ? NULL : &PIDREF_MAKE_FROM_PID(pid1),
+ pid2 == 0 ? NULL : &PIDREF_MAKE_FROM_PID(pid2),
+ type);
+}
+
int namespace_get_leader(pid_t pid, NamespaceType type, pid_t *ret);
int detach_mount_namespace(void);
int netns_acquire(void);
-int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type);
-
int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_range);
int is_idmapping_supported(const char *path);
return 0;
}
-static int process_kernel(int argc, char* argv[]) {
+static int process_kernel(int argc, char *argv[]) {
_cleanup_(iovw_free_freep) struct iovec_wrapper *iovw = NULL;
_cleanup_(context_done) Context context = CONTEXT_NULL;
int r;
context.meta[META_ARGV_UID], context.meta[META_ARGV_SIGNAL],
signal_to_string(context.signo));
- r = in_same_namespace(getpid_cached(), context.pidref.pid, NAMESPACE_PID);
+ r = pidref_in_same_namespace(/* pid1 = */ NULL, &context.pidref, NAMESPACE_PID);
if (r < 0)
log_debug_errno(r, "Failed to check pidns of crashing process, ignoring: %m");
if (r == 0) {
(void) sd_event_source_set_description(m->deferred_gc_event_source, "deferred-gc");
}
-int machine_get_addresses(Machine* machine, struct local_address **ret_addresses) {
+int machine_get_addresses(Machine *machine, struct local_address **ret_addresses) {
assert(machine);
assert(ret_addresses);
pid_t child;
int r;
- r = in_same_namespace(/* pid1 = */ 0, machine->leader.pid, NAMESPACE_NET);
+ r = pidref_in_same_namespace(/* pid1 = */ NULL, &machine->leader, NAMESPACE_NET);
if (r < 0)
return log_debug_errno(r, "Failed to check if container has private network: %m");
if (r > 0)
projects / thirdparty / systemd.git / commitdiff
