makedepend -Y -Ykafel/include -- -- $(SRCS_C) $(SRCS_CXX) $(SRCS_PB_CXX)
indent:
- clang-format -style="{BasedOnStyle: webkit, IndentWidth: 8, UseTab: Always, IndentCaseLabels: false}" -i -sort-includes *.c *.h $(SRCS_CXX)
+ clang-format -style="{BasedOnStyle: webkit, IndentWidth: 8, UseTab: Always, IndentCaseLabels: false, ColumnLimit: 100}" -i -sort-includes *.c *.h $(SRCS_CXX)
# DO NOT DELETE THIS LINE -- make depend depends on it.
return CapsInitNsKeepCaps(cap_data);
}
- /* Set all requested caps in the inheritable set if these are present in the permitted set */
+ /* Set all requested caps in the inheritable set if these are present in the permitted set
+ */
dbgmsg[0] = '\0';
TAILQ_FOREACH(p, &nsjconf->caps, pointers)
{
continue;
}
utilSSnPrintf(dbgmsg, sizeof(dbgmsg), " %s", capNames[i].name);
- if (prctl(PR_CAPBSET_DROP, (unsigned long)capNames[i].val, 0UL, 0UL, 0UL) == -1) {
+ if (prctl(PR_CAPBSET_DROP, (unsigned long)capNames[i].val, 0UL, 0UL, 0UL)
+ == -1) {
PLOG_W("prctl(PR_CAPBSET_DROP, %s)", capNames[i].name);
return false;
}
dbgmsg[0] = '\0';
TAILQ_FOREACH(p, &nsjconf->caps, pointers)
{
- if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, (unsigned long)p->val, 0UL, 0UL) == -1) {
+ if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, (unsigned long)p->val, 0UL, 0UL)
+ == -1) {
PLOG_W("prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, %s)",
capsValToStr(p->val));
} else {
snprintf(mem_max_str, sizeof(mem_max_str), "%zu", nsjconf->cgroup_mem_max);
snprintf(fname, sizeof(fname), "%s/memory.limit_in_bytes", mem_cgroup_path);
LOG_D("Setting '%s' to '%s'", fname, mem_max_str);
- if (utilWriteBufToFile(fname, mem_max_str, strlen(mem_max_str), O_WRONLY) == false) {
+ if (utilWriteBufToFile(fname, mem_max_str, strlen(mem_max_str), O_WRONLY)
+ == false) {
LOG_E("Could not update memory cgroup max limit");
return false;
}
snprintf(pids_max_str, sizeof(pids_max_str), "%zu", nsjconf->cgroup_pids_max);
snprintf(fname, sizeof(fname), "%s/pids.max", pids_cgroup_path);
LOG_D("Setting '%s' to '%s'", fname, pids_max_str);
- if (utilWriteBufToFile(fname, pids_max_str, strlen(pids_max_str), O_WRONLY) == false) {
+ if (utilWriteBufToFile(fname, pids_max_str, strlen(pids_max_str), O_WRONLY)
+ == false) {
LOG_E("Could not update pids cgroup max limit");
return false;
}
cgroupFinishFromParentPids(nsjconf, pid);
}
-bool cgroupInitNs(void)
-{
- return true;
-}
+bool cgroupInitNs(void) { return true; }
};
// clang-format on
-static const char* logYesNo(bool yes)
-{
- return (yes ? "true" : "false");
-}
+static const char* logYesNo(bool yes) { return (yes ? "true" : "false"); }
static void cmdlineOptUsage(struct custom_option* option)
{
// Find replacement flag.
for (size_t j = 0; j < ARRAYSIZE(custom_opts); j++) {
if (custom_opts[j].opt.val == deprecated_opts[i].opt.val) {
- LOG_HELP_BOLD("\tDEPRECATED: Use %s instead.",
- custom_opts[j].opt.name);
+ LOG_HELP_BOLD(
+ "\tDEPRECATED: Use %s instead.", custom_opts[j].opt.name);
break;
}
}
(unsigned long)p->inside_id, (unsigned long)p->outside_id, p->count,
p->is_newidmap ? "true" : "false");
if (p->outside_id == 0 && nsjconf->clone_newuser) {
- LOG_W("Process will be UID/EUID=0 in the global user namespace, and will have user root-level access to files");
+ LOG_W("Process will be UID/EUID=0 in the global user namespace, "
+ "and will have user "
+ "root-level access to files");
}
}
TAILQ_FOREACH(p, &nsjconf->gids, pointers)
(unsigned long)p->inside_id, (unsigned long)p->outside_id, p->count,
p->is_newidmap ? "true" : "false");
if (p->outside_id == 0 && nsjconf->clone_newuser) {
- LOG_W("Process will be GID/EGID=0 in the global user namespace, and will have group root-level access to files");
+ LOG_W("Process will be GID/EGID=0 in the global user namespace, "
+ "and will have group "
+ "root-level access to files");
}
}
}
return cur.rlim_max;
}
if (utilIsANumber(optarg) == false) {
- LOG_F("RLIMIT %d needs a numeric or 'max'/'hard'/'def'/'soft'/'inf' value ('%s' provided)",
+ LOG_F("RLIMIT %d needs a numeric or 'max'/'hard'/'def'/'soft'/'inf' value ('%s' "
+ "provided)",
res, optarg);
}
__rlim64_t val = strtoull(optarg, NULL, 0) * mul;
int opt_index = 0;
for (;;) {
int c = getopt_long(argc, argv,
- "x:H:D:C:c:p:i:u:g:l:L:t:M:NdvqQeh?E:R:B:T:P:I:U:G:", opts,
- &opt_index);
+ "x:H:D:C:c:p:i:u:g:l:L:t:M:NdvqQeh?E:R:B:T:P:I:U:G:", opts, &opt_index);
if (c == -1) {
break;
}
char* cnt = cmdlineSplitStrByColon(o_id);
size_t count = (cnt == NULL || strlen(cnt) == 0)
? 1U
- : (size_t)strtoull(cnt,
- NULL,
- 0);
+ : (size_t)strtoull(cnt, NULL, 0);
if (userParseId(nsjconf, i_id, o_id, count, false /* is_gid */,
false /* is_newidmap */)
== false) {
char* cnt = cmdlineSplitStrByColon(o_id);
size_t count = (cnt == NULL || strlen(cnt) == 0)
? 1U
- : (size_t)strtoull(cnt,
- NULL,
- 0);
+ : (size_t)strtoull(cnt, NULL, 0);
if (userParseId(nsjconf, i_id, o_id, count, true /* is_gid */,
false /* is_newidmap */)
== false) {
char* cnt = cmdlineSplitStrByColon(o_id);
size_t count = (cnt == NULL || strlen(cnt) == 0)
? 1U
- : (size_t)strtoull(cnt,
- NULL,
- 0);
+ : (size_t)strtoull(cnt, NULL, 0);
if (userParseId(nsjconf, i_id, o_id, count, false /* is_gid */,
true /* is_newidmap */)
== false) {
char* cnt = cmdlineSplitStrByColon(o_id);
size_t count = (cnt == NULL || strlen(cnt) == 0)
? 1U
- : (size_t)strtoull(cnt,
- NULL,
- 0);
+ : (size_t)strtoull(cnt, NULL, 0);
if (userParseId(nsjconf, i_id, o_id, count, true /* is_gid */,
true /* is_newidmap */)
== false) {
/* is_symlink= */ false)) {
return false;
}
- };
- break;
+ }; break;
case 'B': {
const char* dst = cmdlineSplitStrByColon(optarg);
dst = dst ? dst : optarg;
if (!mountAddMountPtTail(nsjconf, /* src= */ optarg, dst, /* fs_type= */ "",
- /* options= */ "", MS_BIND | MS_REC | MS_PRIVATE, /* isDir= */ NS_DIR_MAYBE,
+ /* options= */ "", MS_BIND | MS_REC | MS_PRIVATE,
+ /* isDir= */ NS_DIR_MAYBE,
/* mandatory= */ true, NULL, NULL, NULL, 0,
/* is_symlink= */
false)) {
return false;
}
- };
- break;
+ }; break;
case 'T': {
- if (!mountAddMountPtTail(nsjconf, /* src= */ NULL, optarg, "tmpfs", /* options= */ "",
+ if (!mountAddMountPtTail(nsjconf, /* src= */ NULL, optarg, "tmpfs",
+ /* options= */ "",
/* flags= */ 0, /* isDir= */ true, /* mandatory= */ true, NULL,
- NULL, NULL, 0, /* is_symlink= */ false)) {
+ NULL, NULL, 0,
+ /* is_symlink= */ false)) {
return false;
}
- };
- break;
+ }; break;
case 'M':
switch (optarg[0]) {
case 'l':
if (nsjconf->mount_proc) {
if (!mountAddMountPtTail(nsjconf, /* src= */ NULL, nsjconf->proc_path, "proc", "",
nsjconf->is_proc_rw ? 0 : MS_RDONLY, /* isDir= */ true,
- /* mandatory= */ true,
- NULL, NULL, NULL, 0, /* is_symlink= */ false)) {
+ /* mandatory= */ true, NULL, NULL, NULL, 0, /* is_symlink= */ false)) {
return false;
}
}
if (nsjconf->chroot) {
- if (!mountAddMountPtHead(nsjconf, nsjconf->chroot, "/", /* fs_type= */ "", /* options= */ "",
- nsjconf->is_root_rw ? (MS_BIND | MS_REC | MS_PRIVATE) : (MS_BIND | MS_REC | MS_PRIVATE | MS_RDONLY),
+ if (!mountAddMountPtHead(nsjconf, nsjconf->chroot, "/", /* fs_type= */ "",
+ /* options= */ "",
+ nsjconf->is_root_rw ? (MS_BIND | MS_REC | MS_PRIVATE)
+ : (MS_BIND | MS_REC | MS_PRIVATE | MS_RDONLY),
/* isDir= */ true, /* mandatory= */ true, NULL, NULL, NULL, 0,
/* is_symlink= */ false)) {
return false;
} else {
if (!mountAddMountPtHead(nsjconf, /* src= */ NULL, "/", "tmpfs", /* options= */ "",
nsjconf->is_root_rw ? 0 : MS_RDONLY, /* isDir= */ true,
- /* mandatory= */ true,
- NULL, NULL, NULL, 0, /* is_symlink= */ false)) {
+ /* mandatory= */ true, NULL, NULL, NULL, 0, /* is_symlink= */ false)) {
return false;
}
}
(*dfunc) ();
}
-#define defer void (^_STRMERGE(__defer_f_, __COUNTER__))(void) __attribute__((cleanup(__clang_cleanup_func))) __attribute__((unused)) = ^
+#define defer \
+ void (^_STRMERGE(__defer_f_, __COUNTER__))(void) \
+ __attribute__((cleanup(__clang_cleanup_func))) __attribute__((unused)) \
+ = ^
#else
#define __block
-#define _DEFER(a, count) \
- auto void _STRMERGE(__defer_f_, count)(void* _defer_arg __attribute__((unused))); \
- int _STRMERGE(__defer_var_, count) __attribute__((cleanup(_STRMERGE(__defer_f_, count)))) __attribute__((unused)); \
+#define _DEFER(a, count) \
+ auto void _STRMERGE(__defer_f_, count)(void* _defer_arg __attribute__((unused))); \
+ int _STRMERGE(__defer_var_, count) __attribute__((cleanup(_STRMERGE(__defer_f_, count)))) \
+ __attribute__((unused)); \
void _STRMERGE(__defer_f_, count)(void* _defer_arg __attribute__((unused)))
#define defer _DEFER(a, __COUNTER__)
#endif
#endif
-#define NS_VALSTR_STRUCT(x) \
- { \
- x, #x \
+#define NS_VALSTR_STRUCT(x) \
+ { \
+ x, #x \
}
struct pids_t {
#define DUP_IF_SET(njc, val) (njc.has_##val() ? njc.val().c_str() : NULL)
-static __rlim64_t configRLimit(int res, const nsjail::RLimit& rl, const uint64_t val, unsigned long mul = 1UL)
+static __rlim64_t configRLimit(
+ int res, const nsjail::RLimit& rl, const uint64_t val, unsigned long mul = 1UL)
{
if (rl == nsjail::RLimit::VALUE) {
return (val * mul);
abort();
}
-static bool configParseInternal(struct nsjconf_t* nsjconf,
- const nsjail::NsJailConfig& njc)
+static bool configParseInternal(struct nsjconf_t* nsjconf, const nsjail::NsJailConfig& njc)
{
switch (njc.mode()) {
case nsjail::Mode::LISTEN:
nsjconf->keep_env = njc.keep_env();
for (ssize_t i = 0; i < njc.envar_size(); i++) {
- struct charptr_t* p = reinterpret_cast<charptr_t*>(utilMalloc(sizeof(struct charptr_t)));
+ struct charptr_t* p
+ = reinterpret_cast<charptr_t*>(utilMalloc(sizeof(struct charptr_t)));
p->val = njc.envar(i).c_str();
TAILQ_INSERT_TAIL(&nsjconf->envs, p, pointers);
}
nsjconf->keep_caps = njc.keep_caps();
for (ssize_t i = 0; i < njc.cap_size(); i++) {
- struct ints_t* f = reinterpret_cast<struct ints_t*>(utilMalloc(sizeof(struct ints_t)));
+ struct ints_t* f
+ = reinterpret_cast<struct ints_t*>(utilMalloc(sizeof(struct ints_t)));
f->val = capsNameToVal(njc.cap(i).c_str());
if (f->val == -1) {
return false;
nsjconf->skip_setsid = njc.skip_setsid();
for (ssize_t i = 0; i < njc.pass_fd_size(); i++) {
- struct ints_t* f = reinterpret_cast<struct ints_t*>(utilMalloc(sizeof(struct ints_t)));
+ struct ints_t* f
+ = reinterpret_cast<struct ints_t*>(utilMalloc(sizeof(struct ints_t)));
f->val = njc.pass_fd(i);
TAILQ_INSERT_HEAD(&nsjconf->open_fds, f, pointers);
}
nsjconf->disable_no_new_privs = njc.disable_no_new_privs();
- nsjconf->rl_as = configRLimit(RLIMIT_AS, njc.rlimit_as_type(), njc.rlimit_as(), 1024UL * 1024UL);
- nsjconf->rl_core = configRLimit(RLIMIT_CORE, njc.rlimit_core_type(), njc.rlimit_core(), 1024UL * 1024UL);
+ nsjconf->rl_as
+ = configRLimit(RLIMIT_AS, njc.rlimit_as_type(), njc.rlimit_as(), 1024UL * 1024UL);
+ nsjconf->rl_core
+ = configRLimit(RLIMIT_CORE, njc.rlimit_core_type(), njc.rlimit_core(), 1024UL * 1024UL);
nsjconf->rl_cpu = configRLimit(RLIMIT_CPU, njc.rlimit_cpu_type(), njc.rlimit_cpu());
- nsjconf->rl_fsize = configRLimit(RLIMIT_FSIZE, njc.rlimit_fsize_type(), njc.rlimit_fsize(), 1024UL * 1024UL);
- nsjconf->rl_nofile = configRLimit(RLIMIT_NOFILE, njc.rlimit_nofile_type(), njc.rlimit_nofile());
+ nsjconf->rl_fsize = configRLimit(
+ RLIMIT_FSIZE, njc.rlimit_fsize_type(), njc.rlimit_fsize(), 1024UL * 1024UL);
+ nsjconf->rl_nofile
+ = configRLimit(RLIMIT_NOFILE, njc.rlimit_nofile_type(), njc.rlimit_nofile());
nsjconf->rl_nproc = configRLimit(RLIMIT_NPROC, njc.rlimit_nproc_type(), njc.rlimit_nproc());
- nsjconf->rl_stack = configRLimit(RLIMIT_STACK, njc.rlimit_stack_type(), njc.rlimit_stack(), 1024UL * 1024UL);
+ nsjconf->rl_stack = configRLimit(
+ RLIMIT_STACK, njc.rlimit_stack_type(), njc.rlimit_stack(), 1024UL * 1024UL);
if (njc.persona_addr_compat_layout()) {
nsjconf->personality |= ADDR_COMPAT_LAYOUT;
nsjconf->clone_newcgroup = njc.clone_newcgroup();
for (ssize_t i = 0; i < njc.uidmap_size(); i++) {
- if (userParseId(nsjconf, DUP_IF_SET(njc.uidmap(i), inside_id), DUP_IF_SET(njc.uidmap(i), outside_id),
- njc.uidmap(i).count(), false /* is_gid */,
- njc.uidmap(i).use_newidmap())
+ if (userParseId(nsjconf, DUP_IF_SET(njc.uidmap(i), inside_id),
+ DUP_IF_SET(njc.uidmap(i), outside_id), njc.uidmap(i).count(),
+ false /* is_gid */, njc.uidmap(i).use_newidmap())
== false) {
return false;
}
}
for (ssize_t i = 0; i < njc.gidmap_size(); i++) {
- if (userParseId(nsjconf, DUP_IF_SET(njc.gidmap(i), inside_id), DUP_IF_SET(njc.gidmap(i), outside_id),
- njc.gidmap(i).count(), true /* is_gid */,
- njc.gidmap(i).use_newidmap())
+ if (userParseId(nsjconf, DUP_IF_SET(njc.gidmap(i), inside_id),
+ DUP_IF_SET(njc.gidmap(i), outside_id), njc.gidmap(i).count(),
+ true /* is_gid */, njc.gidmap(i).use_newidmap())
== false) {
return false;
}
nsjconf->mount_proc = njc.mount_proc();
for (ssize_t i = 0; i < njc.mount_size(); i++) {
const char* src = (njc.mount(i).has_src()) ? njc.mount(i).src().c_str() : NULL;
- const char* src_env = (njc.mount(i).has_prefix_src_env()) ? njc.mount(i).prefix_src_env().c_str() : NULL;
+ const char* src_env = (njc.mount(i).has_prefix_src_env())
+ ? njc.mount(i).prefix_src_env().c_str()
+ : NULL;
const char* dst = (njc.mount(i).has_dst()) ? njc.mount(i).dst().c_str() : NULL;
- const char* dst_env = (njc.mount(i).has_prefix_dst_env()) ? njc.mount(i).prefix_dst_env().c_str() : NULL;
- const char* fstype = (njc.mount(i).has_fstype()) ? njc.mount(i).fstype().c_str() : NULL;
- const char* options = (njc.mount(i).has_options()) ? njc.mount(i).options().c_str() : NULL;
+ const char* dst_env = (njc.mount(i).has_prefix_dst_env())
+ ? njc.mount(i).prefix_dst_env().c_str()
+ : NULL;
+ const char* fstype
+ = (njc.mount(i).has_fstype()) ? njc.mount(i).fstype().c_str() : NULL;
+ const char* options
+ = (njc.mount(i).has_options()) ? njc.mount(i).options().c_str() : NULL;
uintptr_t flags = (njc.mount(i).rw() == false) ? MS_RDONLY : 0;
flags |= njc.mount(i).is_bind() ? (MS_BIND | MS_REC | MS_PRIVATE) : 0;
src_content_len = njc.mount(i).src_content().size();
}
- if (mountAddMountPtTail(nsjconf, src, dst, fstype, options, flags, isDir,
- mandatory, src_env, dst_env, src_content,
- src_content_len, njc.mount(i).is_symlink())
+ if (mountAddMountPtTail(nsjconf, src, dst, fstype, options, flags, isDir, mandatory,
+ src_env, dst_env, src_content, src_content_len, njc.mount(i).is_symlink())
== false) {
LOG_E("Couldn't add mountpoint for src:'%s' dst:'%s'", src, dst);
return false;
}
if (njc.has_seccomp_policy_file()) {
- if ((nsjconf->kafel_file = fopen(njc.seccomp_policy_file().c_str(), "rb")) == NULL) {
+ if ((nsjconf->kafel_file = fopen(njc.seccomp_policy_file().c_str(), "rb"))
+ == NULL) {
PLOG_W("Couldn't open file with seccomp policy '%s'",
njc.seccomp_policy_file().c_str());
return false;
for (ssize_t i = 0; i < njc.seccomp_string().size(); i++) {
kafel_string += njc.seccomp_string(i);
}
- nsjconf->kafel_string = njc.seccomp_string().size() > 0
- ? utilStrDup(kafel_string.c_str())
- : NULL;
+ nsjconf->kafel_string
+ = njc.seccomp_string().size() > 0 ? utilStrDup(kafel_string.c_str()) : NULL;
nsjconf->cgroup_mem_max = njc.cgroup_mem_max();
nsjconf->cgroup_mem_mount = njc.cgroup_mem_mount().c_str();
return true;
}
-static void LogHandler(google::protobuf::LogLevel level, const char* filename, int line, const std::string& message)
+static void LogHandler(
+ google::protobuf::LogLevel level, const char* filename, int line, const std::string& message)
{
LOG_W("config.cc: '%s'", message.c_str());
}
#include "util.h"
#include "uts.h"
-static bool containUserNs(struct nsjconf_t* nsjconf)
-{
- return userInitNsFromChild(nsjconf);
-}
+static bool containUserNs(struct nsjconf_t* nsjconf) { return userInitNsFromChild(nsjconf); }
-static bool containInitPidNs(struct nsjconf_t* nsjconf)
-{
- return pidInitNs(nsjconf);
-}
+static bool containInitPidNs(struct nsjconf_t* nsjconf) { return pidInitNs(nsjconf); }
-static bool containInitNetNs(struct nsjconf_t* nsjconf)
-{
- return netInitNsFromChild(nsjconf);
-}
+static bool containInitNetNs(struct nsjconf_t* nsjconf) { return netInitNsFromChild(nsjconf); }
-static bool containInitUtsNs(struct nsjconf_t* nsjconf)
-{
- return utsInitNs(nsjconf);
-}
+static bool containInitUtsNs(struct nsjconf_t* nsjconf) { return utsInitNs(nsjconf); }
-static bool containInitCgroupNs(void)
-{
- return cgroupInitNs();
-}
+static bool containInitCgroupNs(void) { return cgroupInitNs(); }
static bool containDropPrivs(struct nsjconf_t* nsjconf)
{
return true;
}
-static bool containInitMountNs(struct nsjconf_t* nsjconf)
-{
- return mountInitNs(nsjconf);
-}
+static bool containInitMountNs(struct nsjconf_t* nsjconf) { return mountInitNs(nsjconf); }
-static bool containCPU(struct nsjconf_t* nsjconf)
-{
- return cpuInit(nsjconf);
-}
+static bool containCPU(struct nsjconf_t* nsjconf) { return cpuInit(nsjconf); }
static bool containSetLimits(struct nsjconf_t* nsjconf)
{
static void cpuSetRandomCpu(cpu_set_t* mask, size_t mask_size, size_t cpu_num)
{
if ((size_t)CPU_COUNT_S(mask_size, mask) >= cpu_num) {
- LOG_F("Number of CPUs in the mask '%d' is bigger than number of available CPUs '%zu'",
+ LOG_F(
+ "Number of CPUs in the mask '%d' is bigger than number of available CPUs '%zu'",
CPU_COUNT(mask), cpu_num);
}
if (nsjconf->logfile == NULL) {
log_fd = fcntl(log_fd, F_DUPFD_CLOEXEC, 0);
} else {
- if (TEMP_FAILURE_RETRY(log_fd = open(nsjconf->logfile, O_CREAT | O_RDWR | O_APPEND, 0640)) == -1) {
+ if (TEMP_FAILURE_RETRY(
+ log_fd = open(nsjconf->logfile, O_CREAT | O_RDWR | O_APPEND, 0640))
+ == -1) {
log_fd = STDERR_FILENO;
PLOG_E("Couldn't open logfile open('%s')", nsjconf->logfile);
return false;
}
}
-void logStop(int sig)
-{
- LOG_I("Server stops due to fatal signal (%d) caught. Exiting", sig);
-}
+void logStop(int sig) { LOG_I("Server stops due to fatal signal (%d) caught. Exiting", sig); }
for (size_t i = 0; i < ARRAYSIZE(mountFlags); i++) {
if (flags & mountFlags[i].flag) {
- utilSSnPrintf(mountFlagsStr, sizeof(mountFlagsStr), "%s|",
- mountFlags[i].name);
+ utilSSnPrintf(
+ mountFlagsStr, sizeof(mountFlagsStr), "%s|", mountFlags[i].name);
}
}
if (mpt->src_content) {
static uint64_t df_counter = 0;
- snprintf(srcpath, sizeof(srcpath), "%s/dynamic_file.%" PRIu64, tmpdir,
- ++df_counter);
- int fd = TEMP_FAILURE_RETRY(open(srcpath, O_CREAT | O_EXCL | O_CLOEXEC | O_WRONLY, 0644));
+ snprintf(
+ srcpath, sizeof(srcpath), "%s/dynamic_file.%" PRIu64, tmpdir, ++df_counter);
+ int fd = TEMP_FAILURE_RETRY(
+ open(srcpath, O_CREAT | O_EXCL | O_CLOEXEC | O_WRONLY, 0644));
if (fd < 0) {
PLOG_W("open(srcpath, O_CREAT|O_EXCL|O_CLOEXEC|O_WRONLY, 0644) failed");
return false;
if (mount(srcpath, dst, mpt->fs_type, flags, mpt->options) == -1) {
if (errno == EACCES) {
PLOG_W("mount('%s') src:'%s' dst:'%s' failed. "
- "Try fixing this problem by applying 'chmod o+x' to the '%s' directory and "
+ "Try fixing this problem by applying 'chmod o+x' to the '%s' "
+ "directory and "
"its ancestors",
mountDescribeMountPt(mpt), srcpath, dst, srcpath);
} else {
*/
if (nsjconf->clone_newns == false) {
if (nsjconf->chroot == NULL) {
- PLOG_E("--chroot was not specified, and it's required when not using CLONE_NEWNS");
+ PLOG_E("--chroot was not specified, and it's required when not using "
+ "CLONE_NEWNS");
return false;
}
if (chroot(nsjconf->chroot) == -1) {
return false;
}
/*
- * This requires some explanation: It's actually possible to pivot_root('/', '/'). After this
- * operation has been completed, the old root is mounted over the new root, and it's OK to
- * simply umount('/') now, and to have new_root as '/'. This allows us not care about
- * providing any special directory for old_root, which is sometimes not easy, given that e.g.
- * /tmp might not always be present inside new_root
+ * This requires some explanation: It's actually possible to pivot_root('/', '/'). After
+ * this operation has been completed, the old root is mounted over the new root, and it's OK
+ * to simply umount('/') now, and to have new_root as '/'. This allows us not care about
+ * providing any special directory for old_root, which is sometimes not easy, given that
+ * e.g. /tmp might not always be present inside new_root
*/
if (syscall(__NR_pivot_root, destdir, destdir) == -1) {
PLOG_E("pivot_root('%s', '%s')", destdir, destdir);
}
static bool mountAddMountPt(struct nsjconf_t* nsjconf, bool head, const char* src, const char* dst,
- const char* fstype, const char* options, uintptr_t flags, isDir_t isDir,
- bool mandatory, const char* src_env, const char* dst_env,
- const char* src_content, size_t src_content_len, bool is_symlink)
+ const char* fstype, const char* options, uintptr_t flags, isDir_t isDir, bool mandatory,
+ const char* src_env, const char* dst_env, const char* src_content, size_t src_content_len,
+ bool is_symlink)
{
struct mounts_t* p = utilCalloc(sizeof(struct mounts_t));
}
bool mountAddMountPtHead(struct nsjconf_t* nsjconf, const char* src, const char* dst,
- const char* fstype, const char* options, uintptr_t flags, isDir_t isDir,
- bool mandatory, const char* src_env, const char* dst_env,
- const char* src_content, size_t src_content_len, bool is_symlink)
+ const char* fstype, const char* options, uintptr_t flags, isDir_t isDir, bool mandatory,
+ const char* src_env, const char* dst_env, const char* src_content, size_t src_content_len,
+ bool is_symlink)
{
return mountAddMountPt(nsjconf, /* head= */ true, src, dst, fstype, options, flags, isDir,
- mandatory, src_env, dst_env, src_content, src_content_len,
- is_symlink);
+ mandatory, src_env, dst_env, src_content, src_content_len, is_symlink);
}
bool mountAddMountPtTail(struct nsjconf_t* nsjconf, const char* src, const char* dst,
- const char* fstype, const char* options, uintptr_t flags, isDir_t isDir,
- bool mandatory, const char* src_env, const char* dst_env,
- const char* src_content, size_t src_content_len, bool is_symlink)
+ const char* fstype, const char* options, uintptr_t flags, isDir_t isDir, bool mandatory,
+ const char* src_env, const char* dst_env, const char* src_content, size_t src_content_len,
+ bool is_symlink)
{
return mountAddMountPt(nsjconf, /* head= */ false, src, dst, fstype, options, flags, isDir,
- mandatory, src_env, dst_env, src_content, src_content_len,
- is_symlink);
+ mandatory, src_env, dst_env, src_content, src_content_len, is_symlink);
}
const char* mountDescribeMountPt(struct mounts_t* mpt)
const char* mountFlagsToStr(uintptr_t flags);
bool mountInitNs(struct nsjconf_t* nsjconf);
bool mountAddMountPtHead(struct nsjconf_t* nsjconf, const char* src, const char* dst,
- const char* fstype, const char* options, uintptr_t flags, isDir_t isDir,
- bool mandatory, const char* src_env, const char* dst_env,
- const char* src_content, size_t src_content_len, bool is_symlink);
+ const char* fstype, const char* options, uintptr_t flags, isDir_t isDir, bool mandatory,
+ const char* src_env, const char* dst_env, const char* src_content, size_t src_content_len,
+ bool is_symlink);
bool mountAddMountPtTail(struct nsjconf_t* nsjconf, const char* src, const char* dst,
- const char* fstype, const char* options, uintptr_t flags, isDir_t isDir,
- bool mandatory, const char* src_env, const char* dst_env,
- const char* src_content, size_t src_content_len, bool is_symlink);
+ const char* fstype, const char* options, uintptr_t flags, isDir_t isDir, bool mandatory,
+ const char* src_env, const char* dst_env, const char* src_content, size_t src_content_len,
+ bool is_symlink);
const char* mountDescribeMountPt(struct mounts_t* mpt);
#endif /* NS_MOUNT_H */
return true;
}
- LOG_D("Putting iface:'%s' into namespace of PID:%d (with /sbin/ip)", nsjconf->iface_vs,
- pid);
+ LOG_D(
+ "Putting iface:'%s' into namespace of PID:%d (with /sbin/ip)", nsjconf->iface_vs, pid);
char pid_str[256];
snprintf(pid_str, sizeof(pid_str), "%d", pid);
- const char* argv[] = {
- "/sbin/ip", "link", "add", "link", (char*)nsjconf->iface_vs, "name", IFACE_NAME,
- "netns", pid_str, "type", "macvlan", "mode", "bridge", NULL
- };
+ const char* argv[] = { "/sbin/ip", "link", "add", "link", (char*)nsjconf->iface_vs, "name",
+ IFACE_NAME, "netns", pid_str, "type", "macvlan", "mode", "bridge", NULL };
if (subprocSystem(argv, environ) != 0) {
LOG_E("Couldn't create MACVTAP interface for '%s'", nsjconf->iface_vs);
return false;
int netGetRecvSocket(const char* bindhost, int port)
{
if (port < 1 || port > 65535) {
- LOG_F("TCP port %d out of bounds (0 <= port <= 65535), specify one with --port <port>",
+ LOG_F("TCP port %d out of bounds (0 <= port <= 65535), specify one with --port "
+ "<port>",
port);
}
struct in6_addr in6a;
if (inet_pton(AF_INET6, bindaddr, &in6a) != 1) {
- PLOG_E("Couldn't convert '%s' (orig:'%s') into AF_INET6 address", bindaddr,
- bindhost);
+ PLOG_E(
+ "Couldn't convert '%s' (orig:'%s') into AF_INET6 address", bindaddr, bindhost);
return -1;
}
LOG_D("Creating a dummy 'init' process");
/*
- * If -Me is used then we need to create permanent init inside PID ns, otherwise only the first
- * clone/fork will work, and the rest will fail with ENOMEM (see 'man pid_namespaces' for
- * details on this behavior)
+ * If -Me is used then we need to create permanent init inside PID ns, otherwise only the
+ * first clone/fork will work, and the rest will fail with ENOMEM (see 'man pid_namespaces'
+ * for details on this behavior)
*/
pid_t pid = subprocClone(CLONE_FS);
if (pid == -1) {
return true;
}
-bool sandboxApply(struct nsjconf_t* nsjconf)
-{
- return sandboxPrepareAndCommit(nsjconf);
-}
+bool sandboxApply(struct nsjconf_t* nsjconf) { return sandboxPrepareAndCommit(nsjconf); }
for (size_t i = 0; i < ARRAYSIZE(cloneFlags); i++) {
if (flags & cloneFlags[i].flag) {
- utilSSnPrintf(cloneFlagName, sizeof(cloneFlagName), "%s|",
- cloneFlags[i].name);
+ utilSSnPrintf(
+ cloneFlagName, sizeof(cloneFlagName), "%s|", cloneFlags[i].name);
}
}
knownFlagMask |= cloneFlags[i].flag;
}
if (flags & ~(knownFlagMask)) {
- utilSSnPrintf(cloneFlagName, sizeof(cloneFlagName), "%#tx|",
- flags & ~(knownFlagMask));
+ utilSSnPrintf(
+ cloneFlagName, sizeof(cloneFlagName), "%#tx|", flags & ~(knownFlagMask));
}
utilSSnPrintf(cloneFlagName, sizeof(cloneFlagName), "%s", utilSigName(flags & CSIGNAL));
return cloneFlagName;
clearenv();
}
struct charptr_t* p;
- TAILQ_FOREACH(p, &nsjconf->envs, pointers)
- {
- putenv((char*)p->val);
- }
+ TAILQ_FOREACH(p, &nsjconf->envs, pointers) { putenv((char*)p->val); }
char cs_addr[64];
netConnToText(fd_in, true /* remote */, cs_addr, sizeof(cs_addr), NULL);
struct pids_t* p = utilMalloc(sizeof(struct pids_t));
p->pid = pid;
p->start = time(NULL);
- netConnToText(sock, true /* remote */, p->remote_txt, sizeof(p->remote_txt),
- &p->remote_addr);
+ netConnToText(
+ sock, true /* remote */, p->remote_txt, sizeof(p->remote_txt), &p->remote_addr);
char fname[PATH_MAX];
snprintf(fname, sizeof(fname), "/proc/%d/syscall", (int)pid);
{
int cnt = 0;
struct pids_t* p;
- TAILQ_FOREACH(p, &nsjconf->pids, pointers)
- {
- cnt++;
- }
+ TAILQ_FOREACH(p, &nsjconf->pids, pointers) { cnt++; }
return cnt;
}
uintptr_t arg1, arg2, arg3, arg4, arg5, arg6, sp, pc;
ptrdiff_t sc;
- int ret = sscanf(buf, "%td %tx %tx %tx %tx %tx %tx %tx %tx", &sc, &arg1, &arg2, &arg3, &arg4,
- &arg5, &arg6, &sp, &pc);
+ int ret = sscanf(buf, "%td %tx %tx %tx %tx %tx %tx %tx %tx", &sc, &arg1, &arg2, &arg3,
+ &arg4, &arg5, &arg6, &sp, &pc);
if (ret == 9) {
- LOG_W("PID: %d, Syscall number: %td, Arguments: %#tx, %#tx, %#tx, %#tx, %#tx, %#tx, "
- "SP: %#tx, PC: %#tx, si_syscall: %d, si_errno: %#x",
- (int)si->si_pid, sc, arg1, arg2, arg3, arg4, arg5, arg6, sp, pc,
- si->si_syscall, si->si_errno);
+ LOG_W(
+ "PID: %d, Syscall number: %td, Arguments: %#tx, %#tx, %#tx, %#tx, %#tx, %#tx, "
+ "SP: %#tx, PC: %#tx, si_syscall: %d, si_errno: %#x",
+ (int)si->si_pid, sc, arg1, arg2, arg3, arg4, arg5, arg6, sp, pc, si->si_syscall,
+ si->si_errno);
} else if (ret == 3) {
LOG_W("PID: %d, Syscall number: %d, Seccomp reason: %d, SP: %#tx, PC: %#tx",
(int)si->si_pid, si->si_syscall, si->si_errno, arg1, arg2);
}
}
if (WIFSIGNALED(status)) {
- LOG_I("PID: %d (%s) terminated with signal: %s (%d), (PIDs left: %d)",
+ LOG_I(
+ "PID: %d (%s) terminated with signal: %s (%d), (PIDs left: %d)",
si.si_pid, remote_txt, utilSigName(WTERMSIG(status)),
WTERMSIG(status), subprocCount(nsjconf) - 1);
subprocRemove(nsjconf, si.si_pid);
void subprocKillAll(struct nsjconf_t* nsjconf)
{
struct pids_t* p;
- TAILQ_FOREACH(p, &nsjconf->pids, pointers)
- {
- kill(p->pid, SIGKILL);
- }
+ TAILQ_FOREACH(p, &nsjconf->pids, pointers) { kill(p->pid, SIGKILL); }
}
static bool subprocInitParent(struct nsjconf_t* nsjconf, pid_t pid, int pipefd)
LOG_E("Couldn't initialize user namespaces for pid %d", pid);
return false;
}
- if (utilWriteToFd(pipefd, &subprocDoneChar, sizeof(subprocDoneChar)) != sizeof(subprocDoneChar)) {
+ if (utilWriteToFd(pipefd, &subprocDoneChar, sizeof(subprocDoneChar))
+ != sizeof(subprocDoneChar)) {
LOG_E("Couldn't signal the new process via a socketpair");
return false;
}
if (setjmp(env) == 0) {
LOG_D("Cloning process with flags:%s", subprocCloneFlagsToStr(flags));
/*
- * Avoid the problem of the stack growing up/down under different CPU architectures, by using
- * middle of the static stack buffer (which is temporary, and used only inside of subprocCloneFunc
+ * Avoid the problem of the stack growing up/down under different CPU architectures,
+ * by using middle of the static stack buffer (which is temporary, and used only
+ * inside of subprocCloneFunc
*/
void* stack = &subprocCloneStack[sizeof(subprocCloneStack) / 2];
/* Parent */
close(child_fd);
if (pid == -1) {
PLOG_E("clone(flags=%s) failed. You probably need root privileges if your system "
- "doesn't support CLONE_NEWUSER. Alternatively, you might want to recompile your "
+ "doesn't support CLONE_NEWUSER. Alternatively, you might want to recompile "
+ "your "
"kernel with support for namespaces or check the setting of the "
"kernel.unprivileged_userns_clone sysctl",
subprocCloneFlagsToStr(flags));
{
LOG_D("setresgid(%d)", gid);
#if defined(__NR_setresgid32)
- if (syscall(__NR_setresgid32, (uintptr_t)gid, (uintptr_t)gid, (uintptr_t)gid) == -1 && errno != ENOSYS) {
+ if (syscall(__NR_setresgid32, (uintptr_t)gid, (uintptr_t)gid, (uintptr_t)gid) == -1
+ && errno != ENOSYS) {
PLOG_W("setresgid32(%d)", (int)gid);
return false;
}
-#endif
+#endif /* defined(__NR_setresgid32) */
if (syscall(__NR_setresgid, (uintptr_t)gid, (uintptr_t)gid, (uintptr_t)gid) == -1) {
PLOG_W("setresgid(%d)", gid);
return false;
{
LOG_D("setresuid(%d)", uid);
#if defined(__NR_setresuid32)
- if (syscall(__NR_setresuid32, (uintptr_t)uid, (uintptr_t)uid, (uintptr_t)uid) == -1 && errno != ENOSYS) {
+ if (syscall(__NR_setresuid32, (uintptr_t)uid, (uintptr_t)uid, (uintptr_t)uid) == -1
+ && errno != ENOSYS) {
PLOG_W("setresuid32(%d)", (int)uid);
return false;
}
-#endif
+#endif /* defined(__NR_setresuid32) */
if (syscall(__NR_setresuid, (uintptr_t)uid, (uintptr_t)uid, (uintptr_t)uid) == -1) {
PLOG_W("setresuid(%d)", uid);
return false;
static bool userSetGroups(pid_t pid)
{
/*
- * No need to write 'deny' to /proc/pid/setgroups if our euid==0, as writing to uid_map/gid_map
- * will succeed anyway
+ * No need to write 'deny' to /proc/pid/setgroups if our euid==0, as writing to
+ * uid_map/gid_map will succeed anyway
*/
if (geteuid() == 0) {
return true;
}
/*
- * Make sure all capabilities are retained after the subsequent setuid/setgid, as they will be
- * needed for privileged operations: mounts, uts change etc.
+ * Make sure all capabilities are retained after the subsequent setuid/setgid, as they will
+ * be needed for privileged operations: mounts, uts change etc.
*/
- if (prctl(PR_SET_SECUREBITS, SECBIT_KEEP_CAPS | SECBIT_NO_SETUID_FIXUP, 0UL, 0UL, 0UL) == -1) {
+ if (prctl(PR_SET_SECUREBITS, SECBIT_KEEP_CAPS | SECBIT_NO_SETUID_FIXUP, 0UL, 0UL, 0UL)
+ == -1) {
PLOG_E("prctl(PR_SET_SECUREBITS, SECBIT_KEEP_CAPS | SECBIT_NO_SETUID_FIXUP)");
return false;
}
projects / platform / upstream / nsjail.git / commitdiff