Remove defer{} calls
This commit is contained in:
parent
f3b70cc314
commit
1dc33c7bcf
2
common.h
2
common.h
@ -31,6 +31,7 @@
|
||||
|
||||
#define ARRAYSIZE(array) (sizeof(array) / sizeof(*array))
|
||||
|
||||
#if 0 /* Works, but needs -fblocks and libBlocksRuntime with clang */
|
||||
/* Go-style defer implementation */
|
||||
#define __STRMERGE(a, b) a##b
|
||||
#define _STRMERGE(a, b) __STRMERGE(a, b)
|
||||
@ -50,6 +51,7 @@ static void __attribute__ ((unused)) __clang_cleanup_func(void (^*dfunc) (void))
|
||||
void _STRMERGE(__defer_f_, count)(void *_defer_arg __attribute__((unused)))
|
||||
#define defer _DEFER(a, __COUNTER__)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
struct pids_t {
|
||||
pid_t pid;
|
||||
|
@ -239,14 +239,12 @@ static bool containMakeFdsCOEProc(struct nsjconf_t *nsjconf)
|
||||
PLOG_D("opendir('/proc/self/fd')");
|
||||
return false;
|
||||
}
|
||||
defer {
|
||||
closedir(dir);
|
||||
};
|
||||
for (;;) {
|
||||
errno = 0;
|
||||
struct dirent *entry = readdir(dir);
|
||||
if (entry == NULL && errno != 0) {
|
||||
PLOG_D("readdir('/proc/self/fd')");
|
||||
closedir(dir);
|
||||
return false;
|
||||
}
|
||||
if (entry == NULL) {
|
||||
@ -266,22 +264,26 @@ static bool containMakeFdsCOEProc(struct nsjconf_t *nsjconf)
|
||||
int flags = TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
|
||||
if (flags == -1) {
|
||||
PLOG_D("fcntl(fd, F_GETFD, 0)");
|
||||
closedir(dir);
|
||||
return false;
|
||||
}
|
||||
if (containPassFd(nsjconf, fd)) {
|
||||
LOG_D("FD=%d will be passed to the child process", fd);
|
||||
if (TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD, flags & ~(FD_CLOEXEC))) == -1) {
|
||||
PLOG_E("Could not clear FD_CLOEXEC for FD=%d", fd);
|
||||
closedir(dir);
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
LOG_D("FD=%d will be closed before execve()", fd);
|
||||
if (TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD, flags | FD_CLOEXEC)) == -1) {
|
||||
PLOG_E("Could not set FD_CLOEXEC for FD=%d", fd);
|
||||
closedir(dir);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
closedir(dir);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
2
mount.c
2
mount.c
@ -89,7 +89,7 @@ static bool mountMount(struct nsjconf_t *nsjconf, struct mounts_t *mpt, const ch
|
||||
if (mountNotIsDir(mpt->src) == true) {
|
||||
int fd = TEMP_FAILURE_RETRY(open(dst, O_CREAT | O_RDONLY, 0644));
|
||||
if (fd >= 0) {
|
||||
TEMP_FAILURE_RETRY(close(fd));
|
||||
close(fd);
|
||||
} else {
|
||||
PLOG_W("open('%s', O_CREAT|O_RDONLY, 0700)", dst);
|
||||
}
|
||||
|
45
net.c
45
net.c
@ -64,37 +64,35 @@ bool netInitNsFromParent(struct nsjconf_t *nsjconf, int pid)
|
||||
LOG_E("Could not allocate socket with nl_socket_alloc()");
|
||||
return false;
|
||||
}
|
||||
defer {
|
||||
nl_socket_free(sk);
|
||||
};
|
||||
|
||||
int err;
|
||||
if ((err = nl_connect(sk, NETLINK_ROUTE)) < 0) {
|
||||
LOG_E("Unable to connect socket: %s", nl_geterror(err));
|
||||
nl_socket_free(sk);
|
||||
return false;
|
||||
}
|
||||
|
||||
struct rtnl_link *rmv = rtnl_link_macvlan_alloc();
|
||||
if (rmv == NULL) {
|
||||
LOG_E("rtnl_link_macvlan_alloc(): %s", nl_geterror(err));
|
||||
nl_socket_free(sk);
|
||||
return false;
|
||||
}
|
||||
defer {
|
||||
rtnl_link_put(rmv);
|
||||
};
|
||||
|
||||
struct nl_cache *link_cache;
|
||||
if ((err = rtnl_link_alloc_cache(sk, AF_UNSPEC, &link_cache)) < 0) {
|
||||
LOG_E("rtnl_link_alloc_cache(): %s", nl_geterror(err));
|
||||
rtnl_link_put(rmv);
|
||||
nl_socket_free(sk);
|
||||
return false;
|
||||
}
|
||||
defer {
|
||||
nl_cache_free(link_cache);
|
||||
};
|
||||
|
||||
int master_index = rtnl_link_name2i(link_cache, nsjconf->iface);
|
||||
if (master_index == 0) {
|
||||
LOG_E("rtnl_link_name2i(): Did not find '%s' interface", nsjconf->iface);
|
||||
nl_cache_free(link_cache);
|
||||
rtnl_link_put(rmv);
|
||||
nl_socket_free(sk);
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -104,9 +102,15 @@ bool netInitNsFromParent(struct nsjconf_t *nsjconf, int pid)
|
||||
|
||||
if ((err = rtnl_link_add(sk, rmv, NLM_F_CREATE)) < 0) {
|
||||
LOG_E("rtnl_link_add(): %s", nl_geterror(err));
|
||||
nl_cache_free(link_cache);
|
||||
rtnl_link_put(rmv);
|
||||
nl_socket_free(sk);
|
||||
return false;
|
||||
}
|
||||
|
||||
nl_cache_free(link_cache);
|
||||
rtnl_link_put(rmv);
|
||||
nl_socket_free(sk);
|
||||
return true;
|
||||
}
|
||||
#else // defined(NSJAIL_NL3_WITH_MACVLAN)
|
||||
@ -250,12 +254,12 @@ int netGetRecvSocket(const char *bindhost, int port)
|
||||
.sin6_scope_id = 0,
|
||||
};
|
||||
if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
|
||||
TEMP_FAILURE_RETRY(close(sockfd));
|
||||
close(sockfd);
|
||||
PLOG_E("bind(host:[%s], port:%d)", bindhost, port);
|
||||
return -1;
|
||||
}
|
||||
if (listen(sockfd, SOMAXCONN) == -1) {
|
||||
TEMP_FAILURE_RETRY(close(sockfd));
|
||||
close(sockfd);
|
||||
PLOG_E("listen(%d)", SOMAXCONN);
|
||||
return -1;
|
||||
}
|
||||
@ -335,9 +339,6 @@ static bool netIfaceUp(const char *ifacename)
|
||||
PLOG_E("socket(AF_INET, SOCK_STREAM, IPPROTO_IP)");
|
||||
return false;
|
||||
}
|
||||
defer {
|
||||
TEMP_FAILURE_RETRY(close(sock));
|
||||
};
|
||||
|
||||
struct ifreq ifr;
|
||||
memset(&ifr, '\0', sizeof(ifr));
|
||||
@ -345,6 +346,7 @@ static bool netIfaceUp(const char *ifacename)
|
||||
|
||||
if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1) {
|
||||
PLOG_E("ioctl(iface='%s', SIOCGIFFLAGS, IFF_UP)", ifacename);
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -352,9 +354,11 @@ static bool netIfaceUp(const char *ifacename)
|
||||
|
||||
if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1) {
|
||||
PLOG_E("ioctl(iface='%s', SIOCSIFFLAGS, IFF_UP)", ifacename);
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
|
||||
close(sock);
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -370,16 +374,15 @@ static bool netConfigureVs(struct nsjconf_t *nsjconf)
|
||||
PLOG_E("socket(AF_INET, SOCK_STREAM, IPPROTO_IP)");
|
||||
return false;
|
||||
}
|
||||
defer {
|
||||
TEMP_FAILURE_RETRY(close(sock));
|
||||
};
|
||||
|
||||
if (inet_pton(AF_INET, nsjconf->iface_vs_ip, &addr) != 1) {
|
||||
PLOG_E("Cannot convert '%s' into an IPv4 address", nsjconf->iface_vs_ip);
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
if (addr.s_addr == INADDR_ANY) {
|
||||
LOG_I("IPv4 address for interface '%s' not set", IFACE_NAME);
|
||||
close(sock);
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -388,30 +391,36 @@ static bool netConfigureVs(struct nsjconf_t *nsjconf)
|
||||
sa->sin_addr = addr;
|
||||
if (ioctl(sock, SIOCSIFADDR, &ifr) == -1) {
|
||||
PLOG_E("ioctl(iface='%s', SIOCSIFADDR, '%s')", IFACE_NAME, nsjconf->iface_vs_ip);
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (inet_pton(AF_INET, nsjconf->iface_vs_nm, &addr) != 1) {
|
||||
PLOG_E("Cannot convert '%s' into a IPv4 netmask", nsjconf->iface_vs_nm);
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
sa->sin_family = AF_INET;
|
||||
sa->sin_addr = addr;
|
||||
if (ioctl(sock, SIOCSIFNETMASK, &ifr) == -1) {
|
||||
PLOG_E("ioctl(iface='%s', SIOCSIFNETMASK, '%s')", IFACE_NAME, nsjconf->iface_vs_nm);
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (netIfaceUp(IFACE_NAME) == false) {
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (inet_pton(AF_INET, nsjconf->iface_vs_gw, &addr) != 1) {
|
||||
PLOG_E("Cannot convert '%s' into a IPv4 GW address", nsjconf->iface_vs_gw);
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
if (addr.s_addr == INADDR_ANY) {
|
||||
LOG_I("Gateway address for '%s' is not set", IFACE_NAME);
|
||||
close(sock);
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -433,9 +442,11 @@ static bool netConfigureVs(struct nsjconf_t *nsjconf)
|
||||
|
||||
if (ioctl(sock, SIOCADDRT, &rt) == -1) {
|
||||
PLOG_E("ioctl(SIOCADDRT, '%s')", nsjconf->iface_vs_gw);
|
||||
close(sock);
|
||||
return false;
|
||||
}
|
||||
|
||||
close(sock);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
4
nsjail.c
4
nsjail.c
@ -115,13 +115,11 @@ static void nsjailListenMode(struct nsjconf_t *nsjconf)
|
||||
if (listenfd == -1) {
|
||||
return;
|
||||
}
|
||||
defer {
|
||||
close(listenfd);
|
||||
};
|
||||
for (;;) {
|
||||
if (nsjailSigFatal > 0) {
|
||||
subprocKillAll(nsjconf);
|
||||
logStop(nsjailSigFatal);
|
||||
close(listenfd);
|
||||
return;
|
||||
}
|
||||
if (nsjailShowProc == true) {
|
||||
|
12
subproc.c
12
subproc.c
@ -127,7 +127,7 @@ static void subprocRemove(struct nsjconf_t *nsjconf, pid_t pid)
|
||||
if (p->pid == pid) {
|
||||
LOG_D("Removing pid '%d' from the queue (IP:'%s', start time:'%u')", p->pid,
|
||||
p->remote_txt, (unsigned int)p->start);
|
||||
TEMP_FAILURE_RETRY(close(p->pid_syscall_fd));
|
||||
close(p->pid_syscall_fd);
|
||||
TAILQ_REMOVE(&nsjconf->pids, p, pointers);
|
||||
free(p);
|
||||
return;
|
||||
@ -328,26 +328,26 @@ void subprocRunChild(struct nsjconf_t *nsjconf, int fd_in, int fd_out, int fd_er
|
||||
|
||||
pid_t pid = syscall(__NR_clone, (uintptr_t) flags, NULL, NULL, NULL, (uintptr_t) 0);
|
||||
if (pid == 0) {
|
||||
TEMP_FAILURE_RETRY(close(parent_fd));
|
||||
close(parent_fd);
|
||||
subprocNewProc(nsjconf, fd_in, fd_out, fd_err, child_fd);
|
||||
}
|
||||
defer {
|
||||
TEMP_FAILURE_RETRY(close(parent_fd));
|
||||
};
|
||||
TEMP_FAILURE_RETRY(close(child_fd));
|
||||
close(child_fd);
|
||||
if (pid == -1) {
|
||||
PLOG_E("clone(flags=%#lx) failed. You probably need root privileges if your system "
|
||||
"doesn't support CLONE_NEWUSER. Alternatively, you might want to recompile your "
|
||||
"kernel with support for namespaces or check the setting of the "
|
||||
"kernel.unprivileged_userns_clone sysctl", flags);
|
||||
close(parent_fd);
|
||||
return;
|
||||
}
|
||||
subprocAdd(nsjconf, pid, fd_in);
|
||||
|
||||
if (subprocInitParent(nsjconf, pid, parent_fd) == false) {
|
||||
close(parent_fd);
|
||||
return;
|
||||
}
|
||||
|
||||
close(parent_fd);
|
||||
char cs_addr[64];
|
||||
netConnToText(fd_in, true /* remote */ , cs_addr, sizeof(cs_addr), NULL);
|
||||
LOG_I("PID: %d about to execute '%s' for %s", pid, nsjconf->argv[0], cs_addr);
|
||||
|
12
util.c
12
util.c
@ -65,10 +65,9 @@ ssize_t utilReadFromFile(const char *fname, void *buf, size_t len)
|
||||
LOG_E("open('%s', O_RDONLY)", fname);
|
||||
return -1;
|
||||
}
|
||||
defer {
|
||||
TEMP_FAILURE_RETRY(close(fd));
|
||||
};
|
||||
return utilReadFromFd(fd, buf, len);
|
||||
ssize_t ret = utilReadFromFd(fd, buf, len);
|
||||
close(fd);
|
||||
return ret;
|
||||
}
|
||||
|
||||
ssize_t utilWriteToFd(int fd, const void *buf, size_t len)
|
||||
@ -97,17 +96,16 @@ bool utilWriteBufToFile(char *filename, const void *buf, size_t len, int open_fl
|
||||
PLOG_E("Couldn't open '%s' for writing", filename);
|
||||
return false;
|
||||
}
|
||||
defer {
|
||||
TEMP_FAILURE_RETRY(close(fd));
|
||||
};
|
||||
|
||||
if (utilWriteToFd(fd, buf, len) == false) {
|
||||
PLOG_E("Couldn't write '%zu' bytes to file '%s' (fd='%d')", len, filename, fd);
|
||||
close(fd);
|
||||
unlink(filename);
|
||||
return false;
|
||||
}
|
||||
|
||||
LOG_D("Written '%zu' bytes to '%s'", len, filename);
|
||||
|
||||
close(fd);
|
||||
return true;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user