From: Yu Watanabe Date: Thu, 10 Aug 2023 05:36:14 +0000 (+0900) Subject: mount-util: drop unused remount_and_move_sub_mounts() X-Git-Tag: v255-rc1~664^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2b60ce545c2e150e4b64dc722153f4d2b0f5e564;p=thirdparty%2Fsystemd.git mount-util: drop unused remount_and_move_sub_mounts() --- diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c index f0bf8214306..20f93b7c893 100644 --- a/src/shared/mount-util.c +++ b/src/shared/mount-util.c @@ -1235,7 +1235,6 @@ static void sub_mount_drop(SubMount *s, size_t n) { static int get_sub_mounts( const char *prefix, - bool clone_tree, SubMount **ret_mounts, size_t *ret_n_mounts) { _cleanup_(mnt_free_tablep) struct libmnt_table *table = NULL; @@ -1287,10 +1286,7 @@ static int get_sub_mounts( continue; } - if (clone_tree) - mount_fd = open_tree(AT_FDCWD, path, OPEN_TREE_CLONE | OPEN_TREE_CLOEXEC | AT_RECURSIVE); - else - mount_fd = open(path, O_CLOEXEC|O_PATH); + mount_fd = open(path, O_CLOEXEC|O_PATH); if (mount_fd < 0) { if (errno == ENOENT) /* The path may be hidden by another over-mount or already unmounted. */ continue; @@ -1319,66 +1315,6 @@ static int get_sub_mounts( return 0; } -static int move_sub_mounts(SubMount *mounts, size_t n) { - assert(mounts || n == 0); - - for (size_t i = 0; i < n; i++) { - if (!mounts[i].path || mounts[i].mount_fd < 0) - continue; - - (void) mkdir_p_label(mounts[i].path, 0755); - - if (move_mount(mounts[i].mount_fd, "", AT_FDCWD, mounts[i].path, MOVE_MOUNT_F_EMPTY_PATH) < 0) - return log_debug_errno(errno, "Failed to move mount_fd to '%s': %m", mounts[i].path); - } - - return 0; -} - -int remount_and_move_sub_mounts( - const char *what, - const char *where, - const char *type, - unsigned long flags, - const char *options) { - - SubMount *mounts = NULL; - size_t n = 0; - int r; - - CLEANUP_ARRAY(mounts, n, sub_mount_array_free); - - assert(where); - - /* This is useful when creating a new network namespace. Unlike procfs, we need to remount sysfs, - * otherwise properties of the network interfaces in the main network namespace are still accessible - * through the old sysfs, e.g. /sys/class/net/eth0. All sub-mounts previously mounted on the sysfs - * are moved onto the new sysfs mount. */ - - r = path_is_mount_point(where, NULL, 0); - if (r < 0) - return log_debug_errno(r, "Failed to determine if '%s' is a mountpoint: %m", where); - if (r == 0) - /* Shortcut. Simply mount the requested filesystem. */ - return mount_nofollow_verbose(LOG_DEBUG, what, where, type, flags, options); - - /* Get the list of sub-mounts and duplicate them. */ - r = get_sub_mounts(where, /* clone_tree= */ true, &mounts, &n); - if (r < 0) - return r; - - /* Then, remount the mount and its sub-mounts. */ - (void) umount_recursive(where, 0); - - /* Remount the target filesystem. */ - r = mount_nofollow_verbose(LOG_DEBUG, what, where, type, flags, options); - if (r < 0) - return r; - - /* Finally, move the all sub-mounts on the new target mount point. */ - return move_sub_mounts(mounts, n); -} - int bind_mount_submounts( const char *source, const char *target) { @@ -1395,7 +1331,7 @@ int bind_mount_submounts( CLEANUP_ARRAY(mounts, n, sub_mount_array_free); - r = get_sub_mounts(source, /* clone_tree= */ false, &mounts, &n); + r = get_sub_mounts(source, &mounts, &n); if (r < 0) return r; @@ -1430,10 +1366,6 @@ int bind_mount_submounts( return ret; } -int remount_sysfs(const char *where) { - return remount_and_move_sub_mounts("sysfs", where, "sysfs", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL); -} - int make_mount_point_inode_from_stat(const struct stat *st, const char *dest, mode_t mode) { assert(st); assert(dest); diff --git a/src/shared/mount-util.h b/src/shared/mount-util.h index 7ee6750044b..fb496e156b2 100644 --- a/src/shared/mount-util.h +++ b/src/shared/mount-util.h @@ -124,14 +124,6 @@ int make_userns(uid_t uid_shift, uid_t uid_range, uid_t owner, RemountIdmapping int remount_idmap_fd(const char *p, int userns_fd); int remount_idmap(const char *p, uid_t uid_shift, uid_t uid_range, uid_t owner, RemountIdmapping idmapping); -int remount_and_move_sub_mounts( - const char *what, - const char *where, - const char *type, - unsigned long flags, - const char *options); -int remount_sysfs(const char *where); - int bind_mount_submounts( const char *source, const char *target); diff --git a/src/test/test-mount-util.c b/src/test/test-mount-util.c index 0898e68cb5d..1cfc1f3ae55 100644 --- a/src/test/test-mount-util.c +++ b/src/test/test-mount-util.c @@ -25,136 +25,6 @@ #include "tests.h" #include "tmpfile-util.h" -TEST(remount_and_move_sub_mounts) { - int r; - - if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) - return (void) log_tests_skipped("not running privileged"); - - r = safe_fork("(remount-and-move-sub-mounts)", - FORK_RESET_SIGNALS | - FORK_CLOSE_ALL_FDS | - FORK_DEATHSIG | - FORK_WAIT | - FORK_REOPEN_LOG | - FORK_LOG | - FORK_NEW_MOUNTNS | - FORK_MOUNTNS_SLAVE, - NULL); - assert_se(r >= 0); - if (r == 0) { - _cleanup_free_ char *d = NULL, *fn = NULL; - - assert_se(mkdtemp_malloc(NULL, &d) >= 0); - - assert_se(mount_nofollow_verbose(LOG_DEBUG, "tmpfs", d, "tmpfs", MS_NOSUID|MS_NODEV, NULL) >= 0); - - assert_se(fn = path_join(d, "memo")); - assert_se(write_string_file(fn, d, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_AVOID_NEWLINE) >= 0); - assert_se(access(fn, F_OK) >= 0); - - /* Create fs tree */ - FOREACH_STRING(p, "sub1", "sub1/hoge", "sub1/foo", "sub2", "sub2/aaa", "sub2/bbb") { - _cleanup_free_ char *where = NULL, *filename = NULL; - - assert_se(where = path_join(d, p)); - assert_se(mkdir_p(where, 0755) >= 0); - assert_se(mount_nofollow_verbose(LOG_DEBUG, "tmpfs", where, "tmpfs", MS_NOSUID|MS_NODEV, NULL) >= 0); - - assert_se(filename = path_join(where, "memo")); - assert_se(write_string_file(filename, where, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_AVOID_NEWLINE) >= 0); - assert_se(access(filename, F_OK) >= 0); - } - - /* Hide sub1. */ - FOREACH_STRING(p, "sub1", "sub1/hogehoge", "sub1/foofoo") { - _cleanup_free_ char *where = NULL, *filename = NULL; - - assert_se(where = path_join(d, p)); - assert_se(mkdir_p(where, 0755) >= 0); - assert_se(mount_nofollow_verbose(LOG_DEBUG, "tmpfs", where, "tmpfs", MS_NOSUID|MS_NODEV, NULL) >= 0); - - assert_se(filename = path_join(where, "memo")); - assert_se(write_string_file(filename, where, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_AVOID_NEWLINE) >= 0); - assert_se(access(filename, F_OK) >= 0); - } - - /* Remount the main fs. */ - r = remount_and_move_sub_mounts("tmpfs", d, "tmpfs", MS_NOSUID|MS_NODEV, NULL); - if (r == -EINVAL || (r < 0 && ERRNO_IS_NOT_SUPPORTED(r))) { - log_tests_skipped_errno(r, "The kernel seems too old: %m"); - _exit(EXIT_SUCCESS); - } - - /* Check the file in the main fs does not exist. */ - assert_se(access(fn, F_OK) < 0 && errno == ENOENT); - - /* Check the files in sub-mounts are kept. */ - FOREACH_STRING(p, "sub1", "sub1/hogehoge", "sub1/foofoo", "sub2", "sub2/aaa", "sub2/bbb") { - _cleanup_free_ char *where = NULL, *filename = NULL, *content = NULL; - - assert_se(where = path_join(d, p)); - assert_se(filename = path_join(where, "memo")); - assert_se(read_full_file(filename, &content, NULL) >= 0); - assert_se(streq(content, where)); - } - - /* umount sub1, and check if the previously hidden sub-mounts are dropped. */ - FOREACH_STRING(p, "sub1/hoge", "sub1/foo") { - _cleanup_free_ char *where = NULL; - - assert_se(where = path_join(d, p)); - assert_se(access(where, F_OK) < 0 && errno == ENOENT); - } - - _exit(EXIT_SUCCESS); - } -} - -TEST(remount_sysfs) { - int r; - - if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) - return (void) log_tests_skipped("not running privileged"); - - if (path_is_fs_type("/sys", SYSFS_MAGIC) <= 0) - return (void) log_tests_skipped("sysfs is not mounted on /sys"); - - if (access("/sys/class/net/dummy-test-mnt", F_OK) < 0) - return (void) log_tests_skipped_errno(errno, "The network interface dummy-test-mnt does not exit"); - - r = safe_fork("(remount-sysfs)", - FORK_RESET_SIGNALS | - FORK_CLOSE_ALL_FDS | - FORK_DEATHSIG | - FORK_WAIT | - FORK_REOPEN_LOG | - FORK_LOG | - FORK_NEW_MOUNTNS | - FORK_MOUNTNS_SLAVE, - NULL); - assert_se(r >= 0); - if (r == 0) { - assert_se(unshare(CLONE_NEWNET) >= 0); - - /* Even unshare()ed, the interfaces in the main namespace can be accessed through sysfs. */ - assert_se(access("/sys/class/net/lo", F_OK) >= 0); - assert_se(access("/sys/class/net/dummy-test-mnt", F_OK) >= 0); - - r = remount_sysfs("/sys"); - if (r == -EINVAL || (r < 0 && ERRNO_IS_NOT_SUPPORTED(r))) { - log_tests_skipped_errno(r, "The kernel seems too old: %m"); - _exit(EXIT_SUCCESS); - } - - /* After remounting sysfs, the interfaces in the main namespace cannot be accessed. */ - assert_se(access("/sys/class/net/lo", F_OK) >= 0); - assert_se(access("/sys/class/net/dummy-test-mnt", F_OK) < 0 && errno == ENOENT); - - _exit(EXIT_SUCCESS); - } -} - TEST(mount_option_mangle) { char *opts = NULL; unsigned long f; @@ -636,17 +506,4 @@ TEST(bind_mount_submounts) { assert_se(umount_recursive(b, 0) >= 0); } -static int intro(void) { - /* Create a dummy network interface for testing remount_sysfs(). */ - (void) system("ip link add dummy-test-mnt type dummy"); - - return 0; -} - -static int outro(void) { - (void) system("ip link del dummy-test-mnt"); - - return 0; -} - -DEFINE_TEST_MAIN_FULL(LOG_DEBUG, intro, outro); +DEFINE_TEST_MAIN(LOG_DEBUG);