mir/lxc
2
0
Fork 0
mirror of git://github.com/lxc/lxc synced 2025-09-01 17:09:30 +00:00
Code Issues Releases Wiki Activity

conf: merge devpts setup and move before pivot root

Browse Source 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner
2021-07-29 15:52:52 +02:00
parent d413c48628
commit e428dfdfc4
1 changed files with 42 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
src/lxc/conf.c
View File

@@ -1663,9 +1663,9 @@ static int lxc_recv_devpts_from_child(struct lxc_handler *handler)
return 0; return 0;
} }
static int lxc_prepare_devpts_child(struct lxc_handler *handler) static int lxc_setup_devpts_child(struct lxc_handler *handler)
{ {
__do_close int fd_fs = -EBADF, fd_fsmnt = -EBADF; __do_close int devpts_fd = -EBADF, fd_fs = -EBADF;
struct lxc_conf *conf = handler->conf; struct lxc_conf *conf = handler->conf;
struct lxc_rootfs *rootfs = &conf->rootfs; struct lxc_rootfs *rootfs = &conf->rootfs;
int ret; int ret;
@@ -1685,9 +1685,7 @@ static int lxc_prepare_devpts_child(struct lxc_handler *handler)
if (ret < 0 && errno != EEXIST) if (ret < 0 && errno != EEXIST)
return log_error_errno(-1, errno, "Failed to create \"/dev/pts\" directory"); return log_error_errno(-1, errno, "Failed to create \"/dev/pts\" directory");
if (!can_use_mount_api()) if (can_use_mount_api()) {
return 0;
fd_fs = fs_prepare("devpts", -EBADF, "", 0, 0); fd_fs = fs_prepare("devpts", -EBADF, "", 0, 0);
if (fd_fs < 0) if (fd_fs < 0)
return syserror("Failed to prepare filesystem context for devpts"); return syserror("Failed to prepare filesystem context for devpts");
@@ -1720,35 +1718,21 @@ static int lxc_prepare_devpts_child(struct lxc_handler *handler)
if (ret < 0) if (ret < 0)
return syserror("Failed to finalize filesystem context %d", fd_fs); return syserror("Failed to finalize filesystem context %d", fd_fs);
fd_fsmnt = fsmount(fd_fs, FSMOUNT_CLOEXEC, MOUNT_ATTR_NOSUID | MOUNT_ATTR_NOEXEC); devpts_fd = fsmount(fd_fs, FSMOUNT_CLOEXEC, MOUNT_ATTR_NOSUID | MOUNT_ATTR_NOEXEC);
if (fd_fsmnt < 0) if (devpts_fd < 0)
return syserror("Failed to create new mount for filesystem context %d", fd_fs); return syserror("Failed to create new mount for filesystem context %d", fd_fs);
TRACE("Created detached devpts mount %d", fd_fsmnt); TRACE("Created detached devpts mount %d", devpts_fd);
ret = move_mount(fd_fsmnt, "", rootfs->dfd_dev, "pts", MOVE_MOUNT_F_EMPTY_PATH); ret = move_mount(devpts_fd, "", rootfs->dfd_dev, "pts", MOVE_MOUNT_F_EMPTY_PATH);
if (ret) if (ret)
return syserror("Failed to attach devpts mount %d to %d/pts", conf->devpts_fd, rootfs->dfd_dev); return syserror("Failed to attach devpts mount %d to %d/pts", conf->devpts_fd, rootfs->dfd_dev);
DEBUG("Attached detached devpts mount %d to %d/pts", fd_fsmnt, rootfs->dfd_dev); DEBUG("Attached detached devpts mount %d to %d/pts", devpts_fd, rootfs->dfd_dev);
handler->conf->devpts_fd = move_fd(fd_fsmnt); } else {
return 0;
}
static int lxc_finalize_devpts_child(struct lxc_handler *handler)
{
int ret;
char **opts; char **opts;
char devpts_mntopts[256]; char devpts_mntopts[256];
char *mntopt_sets[5]; char *mntopt_sets[5];
char default_devpts_mntopts[256] = "gid=5,newinstance,ptmxmode=0666,mode=0620"; char default_devpts_mntopts[256] = "gid=5,newinstance,ptmxmode=0666,mode=0620";
struct lxc_conf *conf = handler->conf;
struct lxc_rootfs *rootfs = &conf->rootfs;
if (conf->pty_max <= 0)
return log_debug(0, "No new devpts instance will be mounted since no pts devices are requested");
if (!can_use_mount_api()) {
__do_close int devpts_fd = -EBADF;
/* /*
* Fallback codepath in case the new mount API can't be used to * Fallback codepath in case the new mount API can't be used to
@@ -1760,8 +1744,6 @@ static int lxc_finalize_devpts_child(struct lxc_handler *handler)
if (ret < 0) if (ret < 0)
return -1; return -1;
(void)umount2("/dev/pts", MNT_DETACH);
/* Create mountpoint for devpts instance. */ /* Create mountpoint for devpts instance. */
ret = mkdirat(rootfs->dfd_dev, "pts", 0755); ret = mkdirat(rootfs->dfd_dev, "pts", 0755);
if (ret < 0 && errno != EEXIST) if (ret < 0 && errno != EEXIST)
@@ -1797,9 +1779,9 @@ static int lxc_finalize_devpts_child(struct lxc_handler *handler)
TRACE("Failed to create detached devpts mount"); TRACE("Failed to create detached devpts mount");
} }
handler->conf->devpts_fd = move_fd(devpts_fd);
DEBUG("Mounted new devpts instance with options \"%s\"", *opts); DEBUG("Mounted new devpts instance with options \"%s\"", *opts);
} }
handler->conf->devpts_fd = move_fd(devpts_fd);
/* Remove any pre-existing /dev/ptmx file. */ /* Remove any pre-existing /dev/ptmx file. */
ret = unlinkat(rootfs->dfd_dev, "ptmx", 0); ret = unlinkat(rootfs->dfd_dev, "ptmx", 0);
@@ -4237,7 +4219,7 @@ int lxc_setup(struct lxc_handler *handler)
if (ret < 0) if (ret < 0)
return log_error(-1, "Failed to mount transient procfs instance for LSMs"); return log_error(-1, "Failed to mount transient procfs instance for LSMs");
ret = lxc_prepare_devpts_child(handler); ret = lxc_setup_devpts_child(handler);
if (ret < 0) if (ret < 0)
return log_error(-1, "Failed to prepare new devpts instance"); return log_error(-1, "Failed to prepare new devpts instance");
@@ -4258,10 +4240,6 @@ int lxc_setup(struct lxc_handler *handler)
if (lxc_conf->autodev > 0) if (lxc_conf->autodev > 0)
(void)lxc_setup_boot_id(); (void)lxc_setup_boot_id();
ret = lxc_finalize_devpts_child(handler);
if (ret < 0)
return log_error(-1, "Failed to setup new devpts instance");
ret = lxc_create_ttys(handler); ret = lxc_create_ttys(handler);
if (ret < 0) if (ret < 0)
return -1; return -1;