From 21e1495c24e5b49df3c46803ee6b4ca9deeef5a4 Mon Sep 17 00:00:00 2001
From: Robert Swiecki <robert@swiecki.net>
Date: Fri, 9 Feb 2018 17:09:58 +0100
Subject: [PATCH] contain: move to C++

---
 Makefile                | 10 +++++-----
 contain.c => contain.cc | 10 ++++++++--
 contain.h               |  8 ++++++--
 subproc.cc              |  7 ++++---
 4 files changed, 23 insertions(+), 12 deletions(-)
 rename contain.c => contain.cc (97%)

diff --git a/Makefile b/Makefile
index e3e905e..3e8f500 100644
--- a/Makefile
+++ b/Makefile
@@ -35,8 +35,8 @@ LDFLAGS += -pie -Wl,-z,noexecstack -lpthread $(shell pkg-config --libs protobuf)
 
 BIN = nsjail
 LIBS = kafel/libkafel.a
-SRCS_C = caps.c contain.c log.c cgroup.c mount.c net.c pid.c sandbox.c user.c util.c uts.c cpu.c
-SRCS_CXX = cmdline.cc config.cc nsjail.cc subproc.cc
+SRCS_C = caps.c log.c cgroup.c mount.c net.c pid.c sandbox.c user.c util.c uts.c cpu.c
+SRCS_CXX = cmdline.cc config.cc contain.cc nsjail.cc subproc.cc
 SRCS_PROTO = config.proto
 SRCS_PB_CXX = $(SRCS_PROTO:.proto=.pb.cc)
 SRCS_PB_H = $(SRCS_PROTO:.proto=.pb.h)
@@ -98,8 +98,6 @@ indent:
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
 caps.o: caps.h nsjail.h common.h log.h util.h
-contain.o: contain.h nsjail.h caps.h cgroup.h cpu.h log.h mount.h net.h pid.h
-contain.o: user.h uts.h
 log.o: log.h nsjail.h
 cgroup.o: cgroup.h nsjail.h log.h util.h
 mount.o: mount.h nsjail.h common.h log.h subproc.h util.h
@@ -114,6 +112,8 @@ cmdline.o: cmdline.h nsjail.h caps.h common.h log.h mount.h sandbox.h user.h
 cmdline.o: util.h config.h
 config.o: common.h caps.h nsjail.h config.h log.h mount.h user.h util.h
 config.o: cmdline.h
+contain.o: contain.h nsjail.h caps.h cgroup.h cpu.h log.h mount.h net.h pid.h
+contain.o: user.h uts.h
 nsjail.o: nsjail.h cmdline.h common.h log.h net.h subproc.h util.h
-subproc.o: subproc.h nsjail.h cgroup.h common.h contain.h log.h net.h
+subproc.o: subproc.h nsjail.h contain.h cgroup.h common.h log.h net.h
 subproc.o: sandbox.h user.h util.h
diff --git a/contain.c b/contain.cc
similarity index 97%
rename from contain.c
rename to contain.cc
index 48a435b..1012a90 100644
--- a/contain.c
+++ b/contain.cc
@@ -37,6 +37,7 @@
 #include <sys/resource.h>
 #include <unistd.h>
 
+extern "C" {
 #include "caps.h"
 #include "cgroup.h"
 #include "cpu.h"
@@ -46,6 +47,9 @@
 #include "pid.h"
 #include "user.h"
 #include "uts.h"
+}
+
+namespace contain {
 
 static bool containUserNs(struct nsjconf_t* nsjconf) { return userInitNsFromChild(nsjconf); }
 
@@ -247,7 +251,7 @@ static bool containMakeFdsCOE(struct nsjconf_t* nsjconf) {
 	return false;
 }
 
-bool containSetupFD(struct nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err) {
+bool setupFD(struct nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err) {
 	if (nsjconf->mode != MODE_LISTEN_TCP) {
 		if (nsjconf->is_silent == false) {
 			return true;
@@ -273,7 +277,7 @@ bool containSetupFD(struct nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err
 	return true;
 }
 
-bool containContain(struct nsjconf_t* nsjconf) {
+bool containProc(struct nsjconf_t* nsjconf) {
 	if (containUserNs(nsjconf) == false) {
 		return false;
 	}
@@ -311,3 +315,5 @@ bool containContain(struct nsjconf_t* nsjconf) {
 	}
 	return true;
 }
+
+}  // namespace contain
diff --git a/contain.h b/contain.h
index 71057e7..98dd77b 100644
--- a/contain.h
+++ b/contain.h
@@ -26,7 +26,11 @@
 
 #include "nsjail.h"
 
-bool containSetupFD(struct nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err);
-bool containContain(struct nsjconf_t* nsjconf);
+namespace contain {
+
+bool setupFD(struct nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err);
+bool containProc(struct nsjconf_t* nsjconf);
+
+}  // namespace contain
 
 #endif /* NS_CONTAIN_H */
diff --git a/subproc.cc b/subproc.cc
index 6ab7e2b..e471ac8 100644
--- a/subproc.cc
+++ b/subproc.cc
@@ -42,10 +42,11 @@
 #include <time.h>
 #include <unistd.h>
 
+#include "contain.h"
+
 extern "C" {
 #include "cgroup.h"
 #include "common.h"
-#include "contain.h"
 #include "log.h"
 #include "net.h"
 #include "sandbox.h"
@@ -135,7 +136,7 @@ static const char kSubprocDoneChar = 'D';
 
 static int subprocNewProc(
     struct nsjconf_t* nsjconf, int fd_in, int fd_out, int fd_err, int pipefd) {
-	if (containSetupFD(nsjconf, fd_in, fd_out, fd_err) == false) {
+	if (contain::setupFD(nsjconf, fd_in, fd_out, fd_err) == false) {
 		_exit(0xff);
 	}
 	if (!resetEnv()) {
@@ -160,7 +161,7 @@ static int subprocNewProc(
 			_exit(0xff);
 		}
 	}
-	if (containContain(nsjconf) == false) {
+	if (contain::containProc(nsjconf) == false) {
 		_exit(0xff);
 	}
 	if (nsjconf->keep_env == false) {