From: Mike Yuan <me@yhndnzj.com>
Date: Tue, 30 Jul 2024 15:42:33 +0000 (+0200)
Subject: cgroup-setup: use fchownat() + AT_EMPTY_PATH where appropriate
X-Git-Tag: v257-rc1~753^2~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8b7191aee4f4edf00c3e2a9c112b70ae7b63fedf;p=thirdparty%2Fsystemd.git

cgroup-setup: use fchownat() + AT_EMPTY_PATH where appropriate

This already existed long before our kernel baseline.
While at it, switch to RET_GATHER().
---

diff --git a/src/shared/cgroup-setup.c b/src/shared/cgroup-setup.c
index 016da01eb3d..b1cb47900c6 100644
--- a/src/shared/cgroup-setup.c
+++ b/src/shared/cgroup-setup.c
@@ -539,20 +539,16 @@ static int access_callback(
                 const struct statx *sx,
                 void *userdata) {
 
-        struct access_callback_data *d = ASSERT_PTR(userdata);
-
         if (!IN_SET(event, RECURSE_DIR_ENTER, RECURSE_DIR_ENTRY))
                 return RECURSE_DIR_CONTINUE;
 
-        assert(inode_fd >= 0);
+        struct access_callback_data *d = ASSERT_PTR(userdata);
 
-        /* fchown() doesn't support O_PATH fds, hence we use the /proc/self/fd/ trick */
-        if (chown(FORMAT_PROC_FD_PATH(inode_fd), d->uid, d->gid) < 0) {
-                log_debug_errno(errno, "Failed to change ownership of '%s', ignoring: %m", ASSERT_PTR(path));
+        assert(path);
+        assert(inode_fd >= 0);
 
-                if (d->error == 0) /* Return last error to caller */
-                        d->error = errno;
-        }
+        if (fchownat(inode_fd, "", d->uid, d->gid, AT_EMPTY_PATH) < 0)
+                RET_GATHER(d->error, log_debug_errno(errno, "Failed to change ownership of '%s', ignoring: %m", path));
 
         return RECURSE_DIR_CONTINUE;
 }
@@ -600,7 +596,8 @@ int cg_set_access_recursive(
         if (r < 0)
                 return r;
 
-        return -d.error;
+        assert(d.error <= 0);
+        return d.error;
 }
 
 int cg_migrate(