pid: move to C++
This commit is contained in:
parent
c4e57bf27e
commit
a07f389a50
10
Makefile
10
Makefile
@ -35,8 +35,8 @@ LDFLAGS += -pie -Wl,-z,noexecstack -lpthread $(shell pkg-config --libs protobuf)
|
|||||||
|
|
||||||
BIN = nsjail
|
BIN = nsjail
|
||||||
LIBS = kafel/libkafel.a
|
LIBS = kafel/libkafel.a
|
||||||
SRCS_C = log.c cgroup.c mount.c pid.c user.c util.c uts.c
|
SRCS_C = log.c cgroup.c mount.c user.c util.c uts.c
|
||||||
SRCS_CXX = caps.cc cmdline.cc config.cc contain.cc cpu.cc net.cc nsjail.cc sandbox.cc subproc.cc
|
SRCS_CXX = caps.cc cmdline.cc config.cc contain.cc cpu.cc net.cc nsjail.cc pid.cc sandbox.cc subproc.cc
|
||||||
SRCS_PROTO = config.proto
|
SRCS_PROTO = config.proto
|
||||||
SRCS_PB_CXX = $(SRCS_PROTO:.proto=.pb.cc)
|
SRCS_PB_CXX = $(SRCS_PROTO:.proto=.pb.cc)
|
||||||
SRCS_PB_H = $(SRCS_PROTO:.proto=.pb.h)
|
SRCS_PB_H = $(SRCS_PROTO:.proto=.pb.h)
|
||||||
@ -100,7 +100,6 @@ indent:
|
|||||||
log.o: log.h nsjail.h
|
log.o: log.h nsjail.h
|
||||||
cgroup.o: cgroup.h nsjail.h log.h util.h
|
cgroup.o: cgroup.h nsjail.h log.h util.h
|
||||||
mount.o: mount.h nsjail.h common.h log.h subproc.h util.h
|
mount.o: mount.h nsjail.h common.h log.h subproc.h util.h
|
||||||
pid.o: pid.h nsjail.h log.h subproc.h
|
|
||||||
user.o: user.h nsjail.h common.h log.h subproc.h util.h
|
user.o: user.h nsjail.h common.h log.h subproc.h util.h
|
||||||
util.o: util.h nsjail.h common.h log.h
|
util.o: util.h nsjail.h common.h log.h
|
||||||
uts.o: uts.h nsjail.h log.h
|
uts.o: uts.h nsjail.h log.h
|
||||||
@ -109,11 +108,12 @@ cmdline.o: cmdline.h nsjail.h common.h log.h mount.h user.h util.h caps.h
|
|||||||
cmdline.o: config.h sandbox.h
|
cmdline.o: config.h sandbox.h
|
||||||
config.o: common.h config.h nsjail.h log.h mount.h user.h util.h caps.h
|
config.o: common.h config.h nsjail.h log.h mount.h user.h util.h caps.h
|
||||||
config.o: cmdline.h
|
config.o: cmdline.h
|
||||||
contain.o: contain.h nsjail.h cgroup.h log.h mount.h pid.h user.h uts.h
|
contain.o: contain.h nsjail.h cgroup.h log.h mount.h user.h uts.h caps.h
|
||||||
contain.o: caps.h cpu.h net.h
|
contain.o: cpu.h net.h pid.h
|
||||||
cpu.o: cpu.h nsjail.h log.h util.h
|
cpu.o: cpu.h nsjail.h log.h util.h
|
||||||
net.o: net.h nsjail.h log.h subproc.h
|
net.o: net.h nsjail.h log.h subproc.h
|
||||||
nsjail.o: nsjail.h cmdline.h common.h log.h net.h subproc.h util.h
|
nsjail.o: nsjail.h cmdline.h common.h log.h net.h subproc.h util.h
|
||||||
|
pid.o: pid.h nsjail.h log.h subproc.h
|
||||||
sandbox.o: sandbox.h nsjail.h kafel/include/kafel.h log.h
|
sandbox.o: sandbox.h nsjail.h kafel/include/kafel.h log.h
|
||||||
subproc.o: subproc.h nsjail.h contain.h net.h sandbox.h cgroup.h common.h
|
subproc.o: subproc.h nsjail.h contain.h net.h sandbox.h cgroup.h common.h
|
||||||
subproc.o: log.h user.h util.h
|
subproc.o: log.h user.h util.h
|
||||||
|
@ -41,7 +41,6 @@ extern "C" {
|
|||||||
#include "cgroup.h"
|
#include "cgroup.h"
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
#include "mount.h"
|
#include "mount.h"
|
||||||
#include "pid.h"
|
|
||||||
#include "user.h"
|
#include "user.h"
|
||||||
#include "uts.h"
|
#include "uts.h"
|
||||||
}
|
}
|
||||||
@ -49,12 +48,13 @@ extern "C" {
|
|||||||
#include "caps.h"
|
#include "caps.h"
|
||||||
#include "cpu.h"
|
#include "cpu.h"
|
||||||
#include "net.h"
|
#include "net.h"
|
||||||
|
#include "pid.h"
|
||||||
|
|
||||||
namespace contain {
|
namespace contain {
|
||||||
|
|
||||||
static bool containUserNs(struct nsjconf_t* nsjconf) { return userInitNsFromChild(nsjconf); }
|
static bool containUserNs(struct nsjconf_t* nsjconf) { return userInitNsFromChild(nsjconf); }
|
||||||
|
|
||||||
static bool containInitPidNs(struct nsjconf_t* nsjconf) { return pidInitNs(nsjconf); }
|
static bool containInitPidNs(struct nsjconf_t* nsjconf) { return pid::initNs(nsjconf); }
|
||||||
|
|
||||||
static bool containInitNetNs(struct nsjconf_t* nsjconf) { return net::initNsFromChild(nsjconf); }
|
static bool containInitNetNs(struct nsjconf_t* nsjconf) { return net::initNsFromChild(nsjconf); }
|
||||||
|
|
||||||
|
@ -28,10 +28,15 @@
|
|||||||
#include <sys/prctl.h>
|
#include <sys/prctl.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
|
||||||
|
extern "C" {
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
|
}
|
||||||
|
|
||||||
#include "subproc.h"
|
#include "subproc.h"
|
||||||
|
|
||||||
bool pidInitNs(struct nsjconf_t* nsjconf) {
|
namespace pid {
|
||||||
|
|
||||||
|
bool initNs(struct nsjconf_t* nsjconf) {
|
||||||
if (nsjconf->mode != MODE_STANDALONE_EXECVE) {
|
if (nsjconf->mode != MODE_STANDALONE_EXECVE) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -66,12 +71,12 @@ bool pidInitNs(struct nsjconf_t* nsjconf) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Act sort-a like a init by reaping zombie processes */
|
/* Act sort-a like a init by reaping zombie processes */
|
||||||
struct sigaction sa = {
|
struct sigaction sa;
|
||||||
.sa_handler = SIG_DFL,
|
sa.sa_handler = SIG_DFL;
|
||||||
.sa_flags = SA_NOCLDWAIT | SA_NOCLDSTOP,
|
sa.sa_flags = SA_NOCLDWAIT | SA_NOCLDSTOP;
|
||||||
.sa_restorer = NULL,
|
sa.sa_restorer = NULL;
|
||||||
};
|
|
||||||
sigemptyset(&sa.sa_mask);
|
sigemptyset(&sa.sa_mask);
|
||||||
|
|
||||||
if (sigaction(SIGCHLD, &sa, NULL) == -1) {
|
if (sigaction(SIGCHLD, &sa, NULL) == -1) {
|
||||||
PLOG_W("Couldn't set sighandler for SIGCHLD");
|
PLOG_W("Couldn't set sighandler for SIGCHLD");
|
||||||
}
|
}
|
||||||
@ -80,3 +85,5 @@ bool pidInitNs(struct nsjconf_t* nsjconf) {
|
|||||||
pause();
|
pause();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
} // namespace pid
|
Loading…
Reference in New Issue
Block a user