Skip to content

L
lxc
Unverified Commit 635e7bac by Christian Brauner
Options

tree-wide: make use of new_mount_api() where it makes sense

Signed-off-by: 's avatarChristian Brauner <christian.brauner@ubuntu.com>
parent 87545854
Showing with 54 additions and 52 deletions
src/lxc/cgroups/cgfsng.c
...@@ -1785,8 +1785,26 @@ static int __cg_mount_direct(int type, struct hierarchy *h, ...@@ -1785,8 +1785,26 @@ static int __cg_mount_direct(int type, struct hierarchy *h,
fstype = "cgroup"; fstype = "cgroup";
} }
fd_fs = fs_prepare(fstype, -EBADF, "", 0, 0); if (new_mount_api()) {
if (fd_fs < 0) { fd_fs = fs_prepare(fstype, -EBADF, "", 0, 0);
if (fd_fs < 0)
return log_error_errno(-errno, errno, "Failed to prepare filesystem context for %s", fstype);
if (!is_unified_hierarchy(h)) {
for (const char **it = (const char **)h->controllers; it && *it; it++) {
if (strncmp(*it, "name=", STRLITERALLEN("name=")) == 0)
ret = fs_set_property(fd_fs, "name", *it + STRLITERALLEN("name="));
else
ret = fs_set_property(fd_fs, *it, "");
if (ret < 0)
return log_error_errno(-errno, errno, "Failed to add %s controller to cgroup filesystem context %d(dev)", *it, fd_fs);
}
}
ret = fs_attach(fd_fs, dfd_mnt_cgroupfs, hierarchy_mnt,
PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_BENEATH,
flags);
} else {
__do_free char *controllers = NULL, *target = NULL; __do_free char *controllers = NULL, *target = NULL;
unsigned int old_flags = 0; unsigned int old_flags = 0;
const char *rootfs_mnt; const char *rootfs_mnt;
...@@ -1804,21 +1822,6 @@ static int __cg_mount_direct(int type, struct hierarchy *h, ...@@ -1804,21 +1822,6 @@ static int __cg_mount_direct(int type, struct hierarchy *h,
target = must_make_path(rootfs_mnt, DEFAULT_CGROUP_MOUNTPOINT, hierarchy_mnt, NULL); target = must_make_path(rootfs_mnt, DEFAULT_CGROUP_MOUNTPOINT, hierarchy_mnt, NULL);
ret = safe_mount(NULL, target, fstype, old_flags, controllers, rootfs_mnt); ret = safe_mount(NULL, target, fstype, old_flags, controllers, rootfs_mnt);
} else {
if (!is_unified_hierarchy(h)) {
for (const char **it = (const char **)h->controllers; it && *it; it++) {
if (strncmp(*it, "name=", STRLITERALLEN("name=")) == 0)
ret = fs_set_property(fd_fs, "name", *it + STRLITERALLEN("name="));
else
ret = fs_set_property(fd_fs, *it, "");
if (ret < 0)
return log_error_errno(-errno, errno, "Failed to add %s controller to cgroup filesystem context %d(dev)", *it, fd_fs);
}
}
ret = fs_attach(fd_fs, dfd_mnt_cgroupfs, hierarchy_mnt,
PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_BENEATH,
flags);
} }
if (ret < 0) if (ret < 0)
return log_error_errno(ret, errno, "Failed to mount %s filesystem onto %d(%s)", return log_error_errno(ret, errno, "Failed to mount %s filesystem onto %d(%s)",
...@@ -1928,13 +1931,11 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops, ...@@ -1928,13 +1931,11 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops,
* relying on RESOLVE_BENEATH so we need to skip the leading "/" in the * relying on RESOLVE_BENEATH so we need to skip the leading "/" in the
* DEFAULT_CGROUP_MOUNTPOINT define. * DEFAULT_CGROUP_MOUNTPOINT define.
*/ */
fd_fs = fs_prepare("tmpfs", -EBADF, "", 0, 0); if (new_mount_api()) {
if (fd_fs < 0) { fd_fs = fs_prepare("tmpfs", -EBADF, "", 0, 0);
cgroup_root = must_make_path(rootfs_mnt, DEFAULT_CGROUP_MOUNTPOINT, NULL); if (fd_fs < 0)
ret = safe_mount(NULL, cgroup_root, "tmpfs", return log_error_errno(-errno, errno, "Failed to create new filesystem context for tmpfs");
MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME,
"size=10240k,mode=755", rootfs_mnt);
} else {
ret = fs_set_property(fd_fs, "mode", "0755"); ret = fs_set_property(fd_fs, "mode", "0755");
if (ret < 0) if (ret < 0)
return log_error_errno(-errno, errno, "Failed to mount tmpfs onto %d(dev)", fd_fs); return log_error_errno(-errno, errno, "Failed to mount tmpfs onto %d(dev)", fd_fs);
...@@ -1947,6 +1948,11 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops, ...@@ -1947,6 +1948,11 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops,
PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_BENEATH_XDEV, PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_BENEATH_XDEV,
MOUNT_ATTR_NOSUID | MOUNT_ATTR_NODEV | MOUNT_ATTR_NOSUID | MOUNT_ATTR_NODEV |
MOUNT_ATTR_NOEXEC | MOUNT_ATTR_RELATIME); MOUNT_ATTR_NOEXEC | MOUNT_ATTR_RELATIME);
} else {
cgroup_root = must_make_path(rootfs_mnt, DEFAULT_CGROUP_MOUNTPOINT, NULL);
ret = safe_mount(NULL, cgroup_root, "tmpfs",
MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME,
"size=10240k,mode=755", rootfs_mnt);
} }
if (ret < 0) if (ret < 0)
return log_error_errno(false, errno, "Failed to mount tmpfs on %s", return log_error_errno(false, errno, "Failed to mount tmpfs on %s",
......
src/lxc/conf.c
...@@ -1077,20 +1077,11 @@ static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs, ...@@ -1077,20 +1077,11 @@ static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs,
goto reset_umask; goto reset_umask;
} }
fd_fs = fs_prepare("tmpfs", -EBADF, "", 0, 0); if (new_mount_api()) {
if (fd_fs < 0) { fd_fs = fs_prepare("tmpfs", -EBADF, "", 0, 0);
__do_free char *fallback_path = NULL; if (fd_fs < 0)
return log_error_errno(-errno, errno, "Failed to prepare filesystem context for tmpfs");
sprintf(mount_options, "size=%zu,mode=755", tmpfs_size);
DEBUG("Using mount options: %s", mount_options);
if (path) {
fallback_path = must_make_path(path, "/dev", NULL);
ret = safe_mount("none", fallback_path, "tmpfs", 0, mount_options, path);
} else {
ret = safe_mount("none", "dev", "tmpfs", 0, mount_options, NULL);
}
} else {
sprintf(mount_options, "%zu", tmpfs_size); sprintf(mount_options, "%zu", tmpfs_size);
ret = fs_set_property(fd_fs, "mode", "0755"); ret = fs_set_property(fd_fs, "mode", "0755");
...@@ -1102,6 +1093,18 @@ static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs, ...@@ -1102,6 +1093,18 @@ static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs,
return log_error_errno(-errno, errno, "Failed to mount tmpfs onto %d(dev)", fd_fs); return log_error_errno(-errno, errno, "Failed to mount tmpfs onto %d(dev)", fd_fs);
ret = fs_attach(fd_fs, rootfs->dfd_mnt, "dev", PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_BENEATH, 0); ret = fs_attach(fd_fs, rootfs->dfd_mnt, "dev", PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_BENEATH, 0);
} else {
__do_free char *fallback_path = NULL;
sprintf(mount_options, "size=%zu,mode=755", tmpfs_size);
DEBUG("Using mount options: %s", mount_options);
if (path) {
fallback_path = must_make_path(path, "/dev", NULL);
ret = safe_mount("none", fallback_path, "tmpfs", 0, mount_options, path);
} else {
ret = safe_mount("none", "dev", "tmpfs", 0, mount_options, NULL);
}
} }
if (ret < 0) { if (ret < 0) {
SYSERROR("Failed to mount tmpfs on \"%s\"", path); SYSERROR("Failed to mount tmpfs on \"%s\"", path);
...@@ -1217,23 +1220,16 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs) ...@@ -1217,23 +1220,16 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs)
if (ret < 0 || (size_t)ret >= sizeof(device_path)) if (ret < 0 || (size_t)ret >= sizeof(device_path))
return ret_errno(EIO); return ret_errno(EIO);
ret = fd_bind_mount(rootfs->dfd_host, device_path, if (new_mount_api()) {
PROTECT_OPATH_FILE, ret = fd_bind_mount(rootfs->dfd_host, device_path,
PROTECT_LOOKUP_BENEATH_XDEV, PROTECT_OPATH_FILE,
rootfs->dfd_dev, device->name, PROTECT_LOOKUP_BENEATH_XDEV,
PROTECT_OPATH_FILE, rootfs->dfd_dev, device->name,
PROTECT_LOOKUP_BENEATH, 0, false); PROTECT_OPATH_FILE,
if (ret < 0) { PROTECT_LOOKUP_BENEATH, 0, false);
} else {
char path[PATH_MAX]; char path[PATH_MAX];
if (errno != ENOSYS)
return log_error_errno(-errno, errno,
"Failed to mount %d(%s) to %d(%s)",
rootfs->dfd_host,
device_path,
rootfs->dfd_dev,
device->name);
ret = snprintf(device_path, sizeof(device_path), "/dev/%s", device->name); ret = snprintf(device_path, sizeof(device_path), "/dev/%s", device->name);
if (ret < 0 || (size_t)ret >= sizeof(device_path)) if (ret < 0 || (size_t)ret >= sizeof(device_path))
return ret_errno(EIO); return ret_errno(EIO);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment