tree-wide: s/getpid()/lxc_raw_getpid()/g

src/lxc/Makefile.am

@@ -275,7 +275,7 @@ lxc_create_SOURCES = tools/lxc_create.c tools/arguments.c
 lxc_snapshot_SOURCES = tools/lxc_snapshot.c tools/arguments.c
 lxc_usernsexec_SOURCES = tools/lxc_usernsexec.c tools/arguments.c
 lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c tools/arguments.c
-lxc_user_nic_SOURCES = lxc_user_nic.c network.c network.h tools/arguments.c
+lxc_user_nic_SOURCES = lxc_user_nic.c namespace.c network.c tools/arguments.c
 lxc_monitord_SOURCES = lxc_monitord.c tools/arguments.c
 
 if ENABLE_DEPRECATED
@@ -289,7 +289,7 @@ endif
 if HAVE_STATIC_LIBCAP
 sbin_PROGRAMS += init.lxc.static
 
-init_lxc_static_SOURCES = lxc_init.c error.c log.c initutils.c caps.c parse.c
+init_lxc_static_SOURCES = lxc_init.c error.c log.c initutils.c caps.c parse.c namespace.c
 
 if !HAVE_GETLINE
 if HAVE_FGETLN

src/lxc/af_unix.c

@@ -34,6 +34,7 @@
 #include <sys/un.h>
 
 #include "log.h"
+#include "utils.h"
 
 lxc_log_define(lxc_af_unix, lxc);
 
@@ -217,7 +218,7 @@ int lxc_abstract_unix_send_credential(int fd, void *data, size_t size)
 	struct iovec iov;
 	struct cmsghdr *cmsg;
 	struct ucred cred = {
-	    .pid = getpid(), .uid = getuid(), .gid = getgid(),
+	    .pid = lxc_raw_getpid(), .uid = getuid(), .gid = getgid(),
 	};
 	char cmsgbuf[CMSG_SPACE(sizeof(cred))] = {0};
 	char buf[1] = {0};

src/lxc/attach.c

@@ -1065,7 +1065,7 @@ int lxc_attach(const char *name, const char *lxcpath,
 		}
 	}
 
-	pid = syscall(SYS_getpid);
+	pid = lxc_raw_getpid();
 	for (i = 0; i < LXC_NS_MAX; i++) {
 		int j, saved_errno;
 

src/lxc/cgroups/cgfs.c

@@ -764,7 +764,7 @@ static struct cgroup_process_info *lxc_cgroup_process_info_get_self(struct cgrou
 	struct cgroup_process_info *i;
 	i = lxc_cgroup_process_info_getx("/proc/self/cgroup", meta);
 	if (!i)
-		i = lxc_cgroup_process_info_get(getpid(), meta);
+		i = lxc_cgroup_process_info_get(lxc_raw_getpid(), meta);
 	return i;
 }
 
@@ -2477,7 +2477,7 @@ static bool cgfs_escape(void *hdata)
 		if (!f)
 			goto out;
 
-		written = fprintf(f, "%d\n", getpid());
+		written = fprintf(f, "%d\n", lxc_raw_getpid());
 		fclose(f);
 		if (written < 0) {
 			SYSERROR("writing tasks failed\n");

src/lxc/cgroups/cgmanager.c

@@ -44,6 +44,7 @@
 #include "error.h"
 #include "commands.h"
 #include "list.h"
+#include "namespace.h"
 #include "conf.h"
 #include "utils.h"
 #include "log.h"
@@ -303,7 +304,7 @@ static bool lxc_cgmanager_create(const char *controller, const char *cgroup_path
 static bool cgm_escape(void *hdata)
 {
 	bool ret = true, cgm_needs_disconnect = false;
-	pid_t me = getpid();
+	pid_t me = lxc_raw_getpid();
 	char **slist = subsystems;
 	int i;
 
@@ -359,6 +360,7 @@ static int do_chown_cgroup(const char *controller, const char *cgroup_path,
 		uid_t newuid)
 {
 	int sv[2] = {-1, -1}, optval = 1, ret = -1;
+	pid_t pid_self;
 	char buf[1];
 	struct pollfd fds;
 
@@ -395,7 +397,9 @@ static int do_chown_cgroup(const char *controller, const char *cgroup_path,
 		ERROR("Error getting reply from server over socketpair");
 		goto out;
 	}
-	if (send_creds(sv[0], getpid(), getuid(), getgid())) {
+
+	pid_self = lxc_raw_getpid();
+	if (send_creds(sv[0], pid_self, getuid(), getgid())) {
 		SYSERROR("Error sending pid over SCM_CREDENTIAL");
 		goto out;
 	}
@@ -410,7 +414,7 @@ static int do_chown_cgroup(const char *controller, const char *cgroup_path,
 		ERROR("Error getting reply from server over socketpair");
 		goto out;
 	}
-	if (send_creds(sv[0], getpid(), newuid, 0)) {
+	if (send_creds(sv[0], pid_self, newuid, 0)) {
 		SYSERROR("Error sending pid over SCM_CREDENTIAL");
 		goto out;
 	}
@@ -898,7 +902,7 @@ static void do_cgm_get(const char *name, const char *lxcpath, const char *filena
 		exit(1);
 	}
 	*cglast = '\0';
-	if (!lxc_cgmanager_enter(getpid(), controller, cgroup, abs_cgroup_supported())) {
+	if (!lxc_cgmanager_enter(lxc_raw_getpid(), controller, cgroup, abs_cgroup_supported())) {
 		WARN("Failed to enter container cgroup %s:%s", controller, cgroup);
 		ret = write(outp, &len, sizeof(len));
 		if (ret != sizeof(len))
@@ -1038,7 +1042,7 @@ static void do_cgm_set(const char *name, const char *lxcpath, const char *filena
 		exit(1);
 	}
 	*cglast = '\0';
-	if (!lxc_cgmanager_enter(getpid(), controller, cgroup, abs_cgroup_supported())) {
+	if (!lxc_cgmanager_enter(lxc_raw_getpid(), controller, cgroup, abs_cgroup_supported())) {
 		ERROR("Failed to enter container cgroup %s:%s", controller, cgroup);
 		ret = write(outp, &retval, sizeof(retval));
 		if (ret != sizeof(retval))
@@ -1278,7 +1282,7 @@ static bool verify_final_subsystems(const char *cgroup_use)
 	}
 
 	cgroup_pattern = lxc_global_config_value("lxc.cgroup.pattern");
-	i = snprintf(tmpnam, 50, "lxcprobe-%d", getpid());
+	i = snprintf(tmpnam, 50, "lxcprobe-%d", lxc_raw_getpid());
 	if (i < 0 || i >= 50) {
 		ERROR("Attack - format string modified?");
 		return false;

src/lxc/console.c

@@ -398,7 +398,7 @@ static int lxc_console_peer_proxy_alloc(struct lxc_console *console, int sockfd)
 	console->peerpty.busy = sockfd;
 	lxc_console_mainloop_add_peer(console);
 
-	DEBUG("%d %s peermaster:%d sockfd:%d", getpid(), __FUNCTION__, console->peerpty.master, sockfd);
+	DEBUG("%d %s peermaster:%d sockfd:%d", lxc_raw_getpid(), __FUNCTION__, console->peerpty.master, sockfd);
 	return 0;
 
 err1:

src/lxc/lsm/apparmor.c

@@ -135,7 +135,7 @@ again:
  */
 static bool apparmor_am_unconfined(void)
 {
-	char *p = apparmor_process_label_get(getpid());
+	char *p = apparmor_process_label_get(lxc_raw_getpid());
 	bool ret = false;
 	if (!p || strcmp(p, "unconfined") == 0)
 		ret = true;
@@ -186,7 +186,7 @@ static int apparmor_process_label_set(const char *inlabel, struct lxc_conf *conf
 		return 0;
 	}
 
-	curlabel = apparmor_process_label_get(getpid());
+	curlabel = apparmor_process_label_get(lxc_raw_getpid());
 
 	if (!aa_stacking_supported() && aa_needs_transition(curlabel)) {
 		// we're already confined, and stacking isn't supported

src/lxc/lxc_init.c

@@ -359,8 +359,8 @@ int main(int argc, char *argv[])
 			if (!shutdown) {
 				shutdown = 1;
 				prevent_forking();
-				if (getpid() != 1) {
-					kill_children(getpid());
+				if (lxc_raw_getpid() != 1) {
+					kill_children(lxc_raw_getpid());
 				} else {
 					ret = kill(-1, SIGTERM);
 					if (ret < 0)
@@ -372,8 +372,8 @@ int main(int argc, char *argv[])
 			break;
 		case SIGALRM:
 			prevent_forking();
-			if (getpid() != 1) {
-				kill_children(getpid());
+			if (lxc_raw_getpid() != 1) {
+				kill_children(lxc_raw_getpid());
 			} else {
 				ret = kill(-1, SIGTERM);
 				if (ret < 0)

src/lxc/lxc_monitord.c

@@ -427,7 +427,7 @@ int main(int argc, char *argv[])
 	}
 
 	NOTICE("lxc-monitord with pid %d is now monitoring lxcpath %s.",
-	       getpid(), mon.lxcpath);
+	       lxc_raw_getpid(), mon.lxcpath);
 	for (;;) {
 		ret = lxc_mainloop(&mon.descr, 1000 * 30);
 		if (ret) {

src/lxc/lxc_user_nic.c

@@ -46,6 +46,7 @@
 #include <sys/types.h>
 
 #include "config.h"
+#include "namespace.h"
 #include "network.h"
 #include "utils.h"
 
@@ -814,14 +815,16 @@ static char *lxc_secure_rename_in_ns(int pid, char *oldname, char *newname,
 				     int *container_veth_ifidx)
 {
 	int ret;
+	pid_t pid_self;
 	uid_t ruid, suid, euid;
 	char ifname[IFNAMSIZ];
 	char *string_ret = NULL, *name = NULL;
 	int fd = -1, ifindex = -1, ofd = -1;
 
-	ofd = lxc_preserve_ns(getpid(), "net");
+	pid_self = lxc_raw_getpid();
+	ofd = lxc_preserve_ns(pid_self, "net");
 	if (ofd < 0) {
-		usernic_error("Failed opening network namespace path for %d", getpid());
+		usernic_error("Failed opening network namespace path for %d", pid_self);
 		return NULL;
 	}
 
@@ -993,13 +996,15 @@ struct user_nic_args {
 static bool is_privileged_over_netns(int netns_fd)
 {
 	int ret;
+	pid_t pid_self;
 	uid_t euid, ruid, suid;
 	bool bret = false;
 	int ofd = -1;
 
-	ofd = lxc_preserve_ns(getpid(), "net");
+	pid_self = lxc_raw_getpid();
+	ofd = lxc_preserve_ns(pid_self, "net");
 	if (ofd < 0) {
-		usernic_error("Failed opening network namespace path for %d", getpid());
+		usernic_error("Failed opening network namespace path for %d", pid_self);
 		return false;
 	}
 

src/lxc/lxccontainer.c

@@ -908,7 +908,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
 		/* become session leader */
 		ret = setsid();
 		if (ret < 0)
-			TRACE("Process %d is already process group leader", getpid());
+			TRACE("Process %d is already process group leader", lxc_raw_getpid());
 	} else {
 		if (!am_single_threaded()) {
 			ERROR("Cannot start non-daemonized container when threaded");
@@ -933,7 +933,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
 			return false;
 		}
 
-		if (fprintf(pid_fp, "%d\n", getpid()) < 0) {
+		if (fprintf(pid_fp, "%d\n", lxc_raw_getpid()) < 0) {
 			SYSERROR("Failed to write '%s'", c->pidfile);
 			fclose(pid_fp);
 			pid_fp = NULL;
@@ -4148,7 +4148,7 @@ static bool do_lxcapi_detach_interface(struct lxc_container *c,
 		return false;
 	}
 
-	pid_outside = getpid();
+	pid_outside = lxc_raw_getpid();
 	pid = fork();
 	if (pid < 0) {
 		ERROR("Failed to fork");

src/lxc/network.c

@@ -2285,7 +2285,7 @@ bool lxc_delete_network_unpriv(struct lxc_handler *handler)
 	}
 
 	ret = snprintf(netns_path, sizeof(netns_path), "/proc/%d/fd/%d",
-		       getpid(), handler->netnsfd);
+		       lxc_raw_getpid(), handler->netnsfd);
 	if (ret < 0 || ret >= sizeof(netns_path))
 		return false;
 
@@ -2609,7 +2609,7 @@ int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler)
 
 	TRACE("Moving physical network devices back to parent network namespace");
 
-	oldfd = lxc_preserve_ns(getpid(), "net");
+	oldfd = lxc_preserve_ns(lxc_raw_getpid(), "net");
 	if (oldfd < 0) {
 		SYSERROR("Failed to preserve network namespace");
 		return -1;

src/lxc/start.c

@@ -707,7 +707,7 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
 {
 	int i, rc;
 	struct lxc_list *cur, *next;
-	pid_t self = getpid();
+	pid_t self = lxc_raw_getpid();
 	char *namespaces[LXC_NS_MAX + 1];
 	size_t namespace_count = 0;
 
@@ -1047,7 +1047,7 @@ static int do_start(void *data)
 	}
 
 	if (handler->clone_flags & CLONE_NEWCGROUP) {
-		fd = lxc_preserve_ns(syscall(SYS_getpid), "cgroup");
+		fd = lxc_preserve_ns(lxc_raw_getpid(), "cgroup");
 		if (fd < 0) {
 			ERROR("%s - Failed to preserve cgroup namespace", strerror(errno));
 			close(handler->data_sock[0]);
@@ -1363,7 +1363,7 @@ static int lxc_spawn(struct lxc_handler *handler)
 			INFO("Failed to pin the rootfs for container \"%s\".", handler->name);
 	}
 
-	if (!preserve_ns(saved_ns_fd, preserve_mask, getpid()))
+	if (!preserve_ns(saved_ns_fd, preserve_mask, lxc_raw_getpid()))
 		goto out_delete_net;
 
 	if (attach_ns(handler->conf->inherit_ns_fd) < 0)

src/lxc/utils.c

@@ -1630,7 +1630,7 @@ int lxc_mount_proc_if_needed(const char *rootfs)
 		return -1;
 	}
 
-	mypid = getpid();
+	mypid = lxc_raw_getpid();
 	INFO("I am %d, /proc/self points to \"%s\"", mypid, link);
 
 	if (lxc_safe_int(link, &link_to_pid) < 0)
@@ -2318,17 +2318,6 @@ int lxc_make_tmpfile(char *template, bool rm)
 	return fd;
 }
 
-uint64_t lxc_getpagesize(void)
-{
-	int64_t pgsz;
-
-	pgsz = sysconf(_SC_PAGESIZE);
-	if (pgsz <= 0)
-		pgsz = 1 << 12;
-
-	return pgsz;
-}
-
 int parse_byte_size_string(const char *s, int64_t *converted)
 {
 	int ret, suffix_len;

src/lxc/utils.h

@@ -508,7 +508,17 @@ extern bool has_fs_type(const char *path, fs_type_magic magic_val);
 extern bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
 extern bool lxc_nic_exists(char *nic);
 extern int lxc_make_tmpfile(char *template, bool rm);
-extern uint64_t lxc_getpagesize(void);
+
+static inline uint64_t lxc_getpagesize(void)
+{
+	int64_t pgsz;
+
+	pgsz = sysconf(_SC_PAGESIZE);
+	if (pgsz <= 0)
+		pgsz = 1 << 12;
+
+	return pgsz;
+}
 
 /* If n is not a power of 2 this function will return the next power of 2
  * greater than that number. Note that this function always returns the *next*