start: cleanup file descriptor inheritance

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: cleanup file descriptor inheritance
85c279bb · Christian Brauner · a42abcce · 85c279bb · 85c279bb · 85c279bb
Unverified Commit 85c279bb authored May 13, 2020 by Christian Brauner
Show whitespace changes
Inline Side-by-side

Showing with 15 additions and 10 deletions

lxccontainer.c src/lxc/lxccontainer.c +2 -10

start.c src/lxc/start.c +4 -0

start.h src/lxc/start.h +9 -0

No files found.
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -865,7 +865,6 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
 		NULL,
 	};
 	char **init_cmd = NULL;
-	int keepfds[3] = {-EBADF, -EBADF, -EBADF};
 	/* container does exist */
 	if (!c)
@@ -996,10 +995,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
 			_exit(EXIT_FAILURE);
 		}
-		keepfds[0] = handler->conf->maincmd_fd;
+		ret = inherit_fds(handler, true);
-		keepfds[1] = handler->state_socket_pair[0];
-		keepfds[2] = handler->state_socket_pair[1];
-		ret = lxc_check_inherited(conf, true, keepfds, ARRAY_SIZE(keepfds));
 		if (ret < 0)
 			_exit(EXIT_FAILURE);
@@ -1084,13 +1080,9 @@ reboot:
 			ret = 1;
 			goto on_error;
 		}
-	} else {
-		keepfds[1] = handler->state_socket_pair[0];
-		keepfds[2] = handler->state_socket_pair[1];
 	}
-	keepfds[0] = handler->conf->maincmd_fd;
+	ret = inherit_fds(handler, c->daemonize);
-	ret = lxc_check_inherited(conf, c->daemonize, keepfds, ARRAY_SIZE(keepfds));
 	if (ret < 0) {
 		lxc_put_handler(handler);
 		ret = 1;

--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -627,6 +627,7 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
 				     const char *name, struct lxc_conf *conf,
 				     const char *lxcpath, bool daemonize)
 {
+	int nr_keep_fds = 0;
 	int ret;
 	struct lxc_handler *handler;
@@ -680,6 +681,8 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
 		TRACE("Created anonymous pair {%d,%d} of unix sockets",
 		      handler->state_socket_pair[0],
 		      handler->state_socket_pair[1]);
+		handler->keep_fds[nr_keep_fds++] = handler->state_socket_pair[0];
+		handler->keep_fds[nr_keep_fds++] = handler->state_socket_pair[1];
 	}
 	if (handler->conf->reboot == REBOOT_NONE) {
@@ -688,6 +691,7 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
 			ERROR("Failed to set up command socket");
 			goto on_error;
 		}
+		handler->keep_fds[nr_keep_fds++] = handler->conf->maincmd_fd;
 	}
 	TRACE("Unix domain socket %d for command server is ready",

--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -10,6 +10,7 @@
 #include <sys/un.h>
 #include "conf.h"
+#include "macro.h"
 #include "namespace.h"
 #include "state.h"
@@ -122,6 +123,9 @@ struct lxc_handler {
 	int exit_status;
 	struct cgroup_ops *cgroup_ops;
+	/* Internal fds that always need to stay open. */
+	int keep_fds[3];
 };
 struct execute_args {
@@ -160,6 +164,11 @@ extern void lxc_end(struct lxc_handler *handler);
 */
 extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
 			       int *fds_to_ignore, size_t len_fds);
+static inline int inherit_fds(struct lxc_handler *handler, bool closeall)
+{
+	return lxc_check_inherited(handler->conf, closeall, handler->keep_fds,
+				   ARRAY_SIZE(handler->keep_fds));
+}
 extern int __lxc_start(struct lxc_handler *, struct lxc_operations *, void *,
 		       const char *, bool, int *);