From: Mike Yuan <me@yhndnzj.com>
Date: Wed, 27 Nov 2024 23:22:33 +0000 (+0100)
Subject: namespace-util: introduce pidref_in_same_namespace()
X-Git-Tag: v258-rc1~1704^2~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=92b8e5e72fd71acb5d57d326e74ef8c265b9bba1;p=thirdparty%2Fsystemd.git

namespace-util: introduce pidref_in_same_namespace()
---

diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c
index 4a1625ac0c1..74876100697 100644
--- a/src/basic/namespace-util.c
+++ b/src/basic/namespace-util.c
@@ -310,6 +310,35 @@ int namespace_is_init(NamespaceType type) {
         return st.st_ino == namespace_info[type].root_inode;
 }
 
+int pidref_in_same_namespace(PidRef *pid1, PidRef *pid2, NamespaceType type) {
+        _cleanup_close_ int ns1 = -EBADF, ns2 = -EBADF;
+
+        /* Accepts NULL to indicate our own process */
+
+        assert(!pid1 || pidref_is_set(pid1));
+        assert(!pid2 || pidref_is_set(pid2));
+        assert(type >= 0 && type < _NAMESPACE_TYPE_MAX);
+
+        if (pidref_equal(pid1, pid2))
+                return true;
+
+        if (!pid1)
+                ns1 = namespace_open_by_type(type);
+        else
+                ns1 = pidref_namespace_open_by_type(pid1, type);
+        if (ns1 < 0)
+                return ns1;
+
+        if (!pid2)
+                ns2 = namespace_open_by_type(type);
+        else
+                ns2 = pidref_namespace_open_by_type(pid2, type);
+        if (ns2 < 0)
+                return ns2;
+
+        return fd_inode_same(ns1, ns2);
+}
+
 int namespace_get_leader(pid_t pid, NamespaceType type, pid_t *ret) {
         int r;
 
@@ -506,30 +535,6 @@ int netns_acquire(void) {
         return TAKE_FD(netns_fd);
 }
 
-int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type) {
-        const char *ns_path;
-        struct stat ns_st1, ns_st2;
-
-        if (pid1 == 0)
-                pid1 = getpid_cached();
-
-        if (pid2 == 0)
-                pid2 = getpid_cached();
-
-        if (pid1 == pid2)
-                return 1;
-
-        ns_path = pid_namespace_path(pid1, type);
-        if (stat(ns_path, &ns_st1) < 0)
-                return -errno;
-
-        ns_path = pid_namespace_path(pid2, type);
-        if (stat(ns_path, &ns_st2) < 0)
-                return -errno;
-
-        return stat_inode_same(&ns_st1, &ns_st2);
-}
-
 int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_range) {
         _cleanup_free_ char *buffer = NULL;
         const char *range, *shift;
diff --git a/src/basic/namespace-util.h b/src/basic/namespace-util.h
index 1b466ea2194..319efec4ac8 100644
--- a/src/basic/namespace-util.h
+++ b/src/basic/namespace-util.h
@@ -53,6 +53,15 @@ int is_our_namespace(int fd, NamespaceType type);
 
 int namespace_is_init(NamespaceType type);
 
+int pidref_in_same_namespace(PidRef *pid1, PidRef *pid2, NamespaceType type);
+static inline int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type) {
+        assert(pid1 >= 0);
+        assert(pid2 >= 0);
+        return pidref_in_same_namespace(pid1 == 0 ? NULL : &PIDREF_MAKE_FROM_PID(pid1),
+                                        pid2 == 0 ? NULL : &PIDREF_MAKE_FROM_PID(pid2),
+                                        type);
+}
+
 int namespace_get_leader(pid_t pid, NamespaceType type, pid_t *ret);
 
 int detach_mount_namespace(void);
@@ -79,8 +88,6 @@ int userns_acquire(const char *uid_map, const char *gid_map);
 
 int netns_acquire(void);
 
-int in_same_namespace(pid_t pid1, pid_t pid2, NamespaceType type);
-
 int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_range);
 
 int is_idmapping_supported(const char *path);
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 6970a6a8988..c9f6a276e5f 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -1761,7 +1761,7 @@ static int acquire_pid_mount_tree_fd(const Context *context, int *ret_fd) {
         return 0;
 }
 
-static int process_kernel(int argc, char* argv[]) {
+static int process_kernel(int argc, char *argv[]) {
         _cleanup_(iovw_free_freep) struct iovec_wrapper *iovw = NULL;
         _cleanup_(context_done) Context context = CONTEXT_NULL;
         int r;
@@ -1799,7 +1799,7 @@ static int process_kernel(int argc, char* argv[]) {
                  context.meta[META_ARGV_UID], context.meta[META_ARGV_SIGNAL],
                  signal_to_string(context.signo));
 
-        r = in_same_namespace(getpid_cached(), context.pidref.pid, NAMESPACE_PID);
+        r = pidref_in_same_namespace(/* pid1 = */ NULL, &context.pidref, NAMESPACE_PID);
         if (r < 0)
                 log_debug_errno(r, "Failed to check pidns of crashing process, ignoring: %m");
         if (r == 0) {
diff --git a/src/machine/machined-core.c b/src/machine/machined-core.c
index 8bb91fec610..90fd91f134c 100644
--- a/src/machine/machined-core.c
+++ b/src/machine/machined-core.c
@@ -183,7 +183,7 @@ void manager_enqueue_gc(Manager *m) {
         (void) sd_event_source_set_description(m->deferred_gc_event_source, "deferred-gc");
 }
 
-int machine_get_addresses(Machine* machine, struct local_address **ret_addresses) {
+int machine_get_addresses(Machine *machine, struct local_address **ret_addresses) {
         assert(machine);
         assert(ret_addresses);
 
@@ -207,7 +207,7 @@ int machine_get_addresses(Machine* machine, struct local_address **ret_addresses
                 pid_t child;
                 int r;
 
-                r = in_same_namespace(/* pid1 = */ 0, machine->leader.pid, NAMESPACE_NET);
+                r = pidref_in_same_namespace(/* pid1 = */ NULL, &machine->leader, NAMESPACE_NET);
                 if (r < 0)
                         return log_debug_errno(r, "Failed to check if container has private network: %m");
                 if (r > 0)