From: Mike Yuan Date: Thu, 28 Nov 2024 14:17:34 +0000 (+0100) Subject: namespace-util: correct assertion in namespace_is_init() X-Git-Tag: v258-rc1~1704^2~10 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2f7cd6c70a746b07913f9d9c2d8bc9c62146b54c;p=thirdparty%2Fsystemd.git namespace-util: correct assertion in namespace_is_init() Follow-up for 18ead2b03d9df251ab682539648a556ace239dc7 --- diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c index 945916495a1..3fca1fb27b1 100644 --- a/src/basic/namespace-util.c +++ b/src/basic/namespace-util.c @@ -236,6 +236,28 @@ int is_our_namespace(int fd, NamespaceType type) { return fd_inode_same(fd, our_ns); } +int namespace_is_init(NamespaceType type) { + int r; + + assert(type >= 0); + assert(type < _NAMESPACE_TYPE_MAX); + + if (namespace_info[type].root_inode == 0) + return -EBADR; /* Cannot answer this question */ + + const char *p = pid_namespace_path(0, type); + + struct stat st; + r = RET_NERRNO(stat(p, &st)); + if (r == -ENOENT) + /* If the /proc/ns/ API is not around in /proc/ then ns is off in the kernel and we are in the init ns */ + return proc_mounted() == 0 ? -ENOSYS : true; + if (r < 0) + return r; + + return st.st_ino == namespace_info[type].root_inode; +} + int detach_mount_namespace(void) { /* Detaches the mount namespace, disabling propagation from our namespace to the host. Sets * propagation first to MS_SLAVE for all mounts (disabling propagation), and then back to MS_SHARED @@ -482,28 +504,6 @@ int namespace_open_by_type(NamespaceType type) { return fd; } -int namespace_is_init(NamespaceType type) { - int r; - - assert(type >= 0); - assert(type <= _NAMESPACE_TYPE_MAX); - - if (namespace_info[type].root_inode == 0) - return -EBADR; /* Cannot answer this question */ - - const char *p = pid_namespace_path(0, type); - - struct stat st; - r = RET_NERRNO(stat(p, &st)); - if (r == -ENOENT) - /* If the /proc/ns/ API is not around in /proc/ then ns is off in the kernel and we are in the init ns */ - return proc_mounted() == 0 ? -ENOSYS : true; - if (r < 0) - return r; - - return st.st_ino == namespace_info[type].root_inode; -} - int is_idmapping_supported(const char *path) { _cleanup_close_ int mount_fd = -EBADF, userns_fd = -EBADF, dir_fd = -EBADF; _cleanup_free_ char *uid_map = NULL, *gid_map = NULL; diff --git a/src/basic/namespace-util.h b/src/basic/namespace-util.h index 2a3e99b936a..7b6f5f92d54 100644 --- a/src/basic/namespace-util.h +++ b/src/basic/namespace-util.h @@ -49,6 +49,8 @@ int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int int fd_is_namespace(int fd, NamespaceType type); int is_our_namespace(int fd, NamespaceType type); +int namespace_is_init(NamespaceType type); + int detach_mount_namespace(void); int detach_mount_namespace_harder(uid_t target_uid, gid_t target_gid); int detach_mount_namespace_userns(int userns_fd); @@ -79,6 +81,4 @@ int parse_userns_uid_range(const char *s, uid_t *ret_uid_shift, uid_t *ret_uid_r int namespace_open_by_type(NamespaceType type); -int namespace_is_init(NamespaceType type); - int is_idmapping_supported(const char *path); diff --git a/src/basic/virt.c b/src/basic/virt.c index 88a406ef227..1ba8d36dba9 100644 --- a/src/basic/virt.c +++ b/src/basic/virt.c @@ -16,6 +16,7 @@ #include "fileio.h" #include "macro.h" #include "missing_threads.h" +#include "namespace-util.h" #include "process-util.h" #include "stat-util.h" #include "string-table.h"