From: Lennart Poettering Date: Mon, 13 Mar 2023 14:14:11 +0000 (+0100) Subject: core: rename "mount_flags" → "mount_propagation_flag" internally where appropriate X-Git-Tag: v254-rc1~1040 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=874cdcbcf5eb233a45b56b4e09e19defc4be9a0e;p=thirdparty%2Fsystemd.git core: rename "mount_flags" → "mount_propagation_flag" internally where appropriate ExecContext has a field that controls the mount propagation flag of the mounts in the resulting namespace. This is exposed as "MountFlags=" which is super confusing, as it suggests one could control more than propagation, and that it was actually a flags field. It's an enum though only, and nothing else. We might want to rename this externally one day, but given the compat kludges this requires and the fact this is somewhat nichey it might not be worth it. But internally let's rename it, as it makes things much easier to grok, in particular as part of the codebase already exposed the concept as mount_propagation_flag. No actual code flow changes, just some renaming. --- diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index 8c3fa7b2869..d5ef796e522 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -1264,7 +1264,7 @@ const sd_bus_vtable bus_exec_vtable[] = { SD_BUS_PROPERTY("ExecPaths", "as", NULL, offsetof(ExecContext, exec_paths), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("NoExecPaths", "as", NULL, offsetof(ExecContext, no_exec_paths), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("ExecSearchPath", "as", NULL, offsetof(ExecContext, exec_search_path), SD_BUS_VTABLE_PROPERTY_CONST), - SD_BUS_PROPERTY("MountFlags", "t", bus_property_get_ulong, offsetof(ExecContext, mount_flags), SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("MountFlags", "t", bus_property_get_ulong, offsetof(ExecContext, mount_propagation_flag), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("PrivateTmp", "b", bus_property_get_bool, offsetof(ExecContext, private_tmp), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("PrivateDevices", "b", bus_property_get_bool, offsetof(ExecContext, private_devices), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("ProtectClock", "b", bus_property_get_bool, offsetof(ExecContext, protect_clock), SD_BUS_VTABLE_PROPERTY_CONST), @@ -1673,7 +1673,7 @@ static BUS_DEFINE_SET_TRANSIENT_PARSE_PTR(personality, unsigned long, parse_pers static BUS_DEFINE_SET_TRANSIENT_TO_STRING_ALLOC(secure_bits, "i", int32_t, int, "%" PRIi32, secure_bits_to_string_alloc_with_check); static BUS_DEFINE_SET_TRANSIENT_TO_STRING_ALLOC(capability, "t", uint64_t, uint64_t, "%" PRIu64, capability_set_to_string); static BUS_DEFINE_SET_TRANSIENT_TO_STRING_ALLOC(namespace_flag, "t", uint64_t, unsigned long, "%" PRIu64, namespace_flags_to_string); -static BUS_DEFINE_SET_TRANSIENT_TO_STRING(mount_flags, "t", uint64_t, unsigned long, "%" PRIu64, mount_propagation_flag_to_string_with_check); +static BUS_DEFINE_SET_TRANSIENT_TO_STRING(mount_propagation_flag, "t", uint64_t, unsigned long, "%" PRIu64, mount_propagation_flag_to_string_with_check); int bus_exec_context_set_transient_property( Unit *u, @@ -2113,7 +2113,7 @@ int bus_exec_context_set_transient_property( } if (streq(name, "MountFlags")) - return bus_set_transient_mount_flags(u, name, &c->mount_flags, message, flags, error); + return bus_set_transient_mount_propagation_flag(u, name, &c->mount_propagation_flag, message, flags, error); if (streq(name, "NetworkNamespacePath")) return bus_set_transient_path(u, name, &c->network_namespace_path, message, flags, error); diff --git a/src/core/execute.c b/src/core/execute.c index 857b0b0070b..6346ad79f67 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -2114,7 +2114,7 @@ bool exec_needs_mount_namespace( if (!strv_isempty(context->extension_directories)) return true; - if (!IN_SET(context->mount_flags, 0, MS_SHARED)) + if (!IN_SET(context->mount_propagation_flag, 0, MS_SHARED)) return true; if (context->private_tmp && runtime && (runtime->tmp_dir || runtime->var_tmp_dir)) @@ -3671,7 +3671,7 @@ static int apply_mount_namespace( else ns_info = (NamespaceInfo) {}; - if (context->mount_flags == MS_SHARED) + if (context->mount_propagation_flag == MS_SHARED) log_unit_debug(u, "shared mount propagation hidden by other fs namespacing unit settings: ignoring"); if (exec_context_has_credentials(context) && @@ -3726,7 +3726,7 @@ static int apply_mount_namespace( var_tmp_dir, creds_path, context->log_namespace, - context->mount_flags, + context->mount_propagation_flag, context->root_hash, context->root_hash_size, context->root_hash_path, context->root_hash_sig, context->root_hash_sig_size, context->root_hash_sig_path, context->root_verity, diff --git a/src/core/execute.h b/src/core/execute.h index 0cfbd3b1d2b..1d264782fce 100644 --- a/src/core/execute.h +++ b/src/core/execute.h @@ -267,7 +267,7 @@ struct ExecContext { char **read_write_paths, **read_only_paths, **inaccessible_paths, **exec_paths, **no_exec_paths; char **exec_search_path; - unsigned long mount_flags; + unsigned long mount_propagation_flag; BindMount *bind_mounts; size_t n_bind_mounts; TemporaryFileSystem *temporary_filesystems; diff --git a/src/core/load-fragment-gperf.gperf.in b/src/core/load-fragment-gperf.gperf.in index d78d6eca91a..9a3ec7faf69 100644 --- a/src/core/load-fragment-gperf.gperf.in +++ b/src/core/load-fragment-gperf.gperf.in @@ -130,7 +130,7 @@ {{type}}.PrivateIPC, config_parse_bool, 0, offsetof({{type}}, exec_context.private_ipc) {{type}}.ProtectSystem, config_parse_protect_system, 0, offsetof({{type}}, exec_context.protect_system) {{type}}.ProtectHome, config_parse_protect_home, 0, offsetof({{type}}, exec_context.protect_home) -{{type}}.MountFlags, config_parse_exec_mount_flags, 0, offsetof({{type}}, exec_context.mount_flags) +{{type}}.MountFlags, config_parse_exec_mount_propagation_flag, 0, offsetof({{type}}, exec_context.mount_propagation_flag) {{type}}.MountAPIVFS, config_parse_exec_mount_apivfs, 0, offsetof({{type}}, exec_context) {{type}}.Personality, config_parse_personality, 0, offsetof({{type}}, exec_context.personality) {{type}}.RuntimeDirectoryPreserve, config_parse_runtime_preserve_mode, 0, offsetof({{type}}, exec_context.runtime_directory_preserve_mode) diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c index 776d0f1a321..fa2f15c2f4e 100644 --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@ -152,7 +152,7 @@ DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight, cg_blkio_weight_parse, uint DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Invalid weight"); DEFINE_CONFIG_PARSE_PTR(config_parse_cg_cpu_weight, cg_cpu_weight_parse, uint64_t, "Invalid CPU weight"); static DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares_internal, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares"); -DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flag_from_string, unsigned long, "Failed to parse mount flag"); +DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_propagation_flag, mount_propagation_flag_from_string, unsigned long, "Failed to parse mount propagation flag"); DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy, mpol, int, -1, "Invalid NUMA policy type"); DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format, status_unit_format, StatusUnitFormat, "Failed to parse status unit format"); DEFINE_CONFIG_PARSE_ENUM_FULL(config_parse_socket_timestamping, socket_timestamping_from_string_harder, SocketTimestamping, "Failed to parse timestamping precision"); @@ -6214,8 +6214,10 @@ void unit_dump_config_items(FILE *f) { { config_parse_nsec, "NANOSECONDS" }, { config_parse_namespace_path_strv, "PATH [...]" }, { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" }, - { config_parse_unit_requires_mounts_for, "PATH [...]" }, - { config_parse_exec_mount_flags, "MOUNTFLAG [...]" }, + { config_parse_unit_requires_mounts_for, + "PATH [...]" }, + { config_parse_exec_mount_propagation_flag, + "MOUNTFLAG [...]" }, { config_parse_unit_string_printf, "STRING" }, { config_parse_trigger_unit, "UNIT" }, { config_parse_timer, "TIMER" }, diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h index 7fd82e34cc9..91dc9174584 100644 --- a/src/core/load-fragment.h +++ b/src/core/load-fragment.h @@ -55,7 +55,7 @@ CONFIG_PARSER_PROTOTYPE(config_parse_root_image_options); CONFIG_PARSER_PROTOTYPE(config_parse_exec_root_hash); CONFIG_PARSER_PROTOTYPE(config_parse_exec_root_hash_sig); CONFIG_PARSER_PROTOTYPE(config_parse_capability_set); -CONFIG_PARSER_PROTOTYPE(config_parse_exec_mount_flags); +CONFIG_PARSER_PROTOTYPE(config_parse_exec_mount_propagation_flag); CONFIG_PARSER_PROTOTYPE(config_parse_timer); CONFIG_PARSER_PROTOTYPE(config_parse_trigger_unit); CONFIG_PARSER_PROTOTYPE(config_parse_path_spec); diff --git a/src/core/namespace.c b/src/core/namespace.c index 8a8ff5ac7df..90c0f844204 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -2030,7 +2030,7 @@ int setup_namespace( const char* var_tmp_dir, const char *creds_path, const char *log_namespace, - unsigned long mount_flags, + unsigned long mount_propagation_flag, const void *root_hash, size_t root_hash_size, const char *root_hash_path, @@ -2076,8 +2076,8 @@ int setup_namespace( if (!isempty(propagate_dir) && !isempty(incoming_dir)) setup_propagate = true; - if (mount_flags == 0) - mount_flags = MS_SHARED; + if (mount_propagation_flag == 0) + mount_propagation_flag = MS_SHARED; if (root_image) { /* Make the whole image read-only if we can determine that we only access it in a read-only fashion. */ @@ -2523,10 +2523,9 @@ int setup_namespace( goto finish; } - /* Remount / as the desired mode. Note that this will not - * reestablish propagation from our side to the host, since - * what's disconnected is disconnected. */ - if (mount(NULL, "/", NULL, mount_flags | MS_REC, NULL) < 0) { + /* Remount / as the desired mode. Note that this will not reestablish propagation from our side to + * the host, since what's disconnected is disconnected. */ + if (mount(NULL, "/", NULL, mount_propagation_flag | MS_REC, NULL) < 0) { r = log_debug_errno(errno, "Failed to remount '/' with desired mount flags: %m"); goto finish; } diff --git a/src/core/namespace.h b/src/core/namespace.h index 52ab6c4f2fb..1cd4fdd9213 100644 --- a/src/core/namespace.h +++ b/src/core/namespace.h @@ -121,7 +121,7 @@ int setup_namespace( const char *var_tmp_dir, const char *creds_path, const char *log_namespace, - unsigned long mount_flags, + unsigned long mount_propagation_flag, const void *root_hash, size_t root_hash_size, const char *root_hash_path,