More c++ isms
This commit is contained in:
parent
a42203a6dd
commit
c365eb1766
35
caps.cc
35
caps.cc
@ -36,10 +36,10 @@
|
||||
|
||||
namespace caps {
|
||||
|
||||
static struct {
|
||||
struct {
|
||||
const int val;
|
||||
const char* const name;
|
||||
} const capNames[] = {
|
||||
} static const capNames[] = {
|
||||
NS_VALSTR_STRUCT(CAP_CHOWN),
|
||||
NS_VALSTR_STRUCT(CAP_DAC_OVERRIDE),
|
||||
NS_VALSTR_STRUCT(CAP_DAC_READ_SEARCH),
|
||||
@ -171,10 +171,10 @@ static bool initNsKeepCaps(cap_user_data_t cap_data) {
|
||||
|
||||
/* Copy all permitted caps to the inheritable set */
|
||||
dbgmsg[0] = '\0';
|
||||
for (size_t i = 0; i < ARR_SZ(capNames); i++) {
|
||||
if (getPermitted(cap_data, capNames[i].val)) {
|
||||
util::sSnPrintf(dbgmsg, sizeof(dbgmsg), " %s", capNames[i].name);
|
||||
setInheritable(cap_data, capNames[i].val);
|
||||
for (const auto& i : capNames) {
|
||||
if (getPermitted(cap_data, i.val)) {
|
||||
util::sSnPrintf(dbgmsg, sizeof(dbgmsg), " %s", i.name);
|
||||
setInheritable(cap_data, i.val);
|
||||
}
|
||||
}
|
||||
LOG_D("Adding the following capabilities to the inheritable set:%s", dbgmsg);
|
||||
@ -185,15 +185,15 @@ static bool initNsKeepCaps(cap_user_data_t cap_data) {
|
||||
|
||||
/* Make sure the inheritable set is preserved across execve via the ambient set */
|
||||
dbgmsg[0] = '\0';
|
||||
for (size_t i = 0; i < ARR_SZ(capNames); i++) {
|
||||
if (!getPermitted(cap_data, capNames[i].val)) {
|
||||
for (const auto& i : capNames) {
|
||||
if (!getPermitted(cap_data, i.val)) {
|
||||
continue;
|
||||
}
|
||||
if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, (unsigned long)capNames[i].val, 0UL,
|
||||
0UL) == -1) {
|
||||
PLOG_W("prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, %s)", capNames[i].name);
|
||||
if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, (unsigned long)i.val, 0UL, 0UL) ==
|
||||
-1) {
|
||||
PLOG_W("prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, %s)", i.name);
|
||||
} else {
|
||||
util::sSnPrintf(dbgmsg, sizeof(dbgmsg), " %s", capNames[i].name);
|
||||
util::sSnPrintf(dbgmsg, sizeof(dbgmsg), " %s", i.name);
|
||||
}
|
||||
}
|
||||
LOG_D("Added the following capabilities to the ambient set:%s", dbgmsg);
|
||||
@ -247,14 +247,13 @@ bool initNs(nsjconf_t* nsjconf) {
|
||||
*/
|
||||
dbgmsg.clear();
|
||||
if (getEffective(cap_data, CAP_SETPCAP)) {
|
||||
for (size_t i = 0; i < ARR_SZ(capNames); i++) {
|
||||
if (getInheritable(cap_data, capNames[i].val)) {
|
||||
for (const auto& i : capNames) {
|
||||
if (getInheritable(cap_data, i.val)) {
|
||||
continue;
|
||||
}
|
||||
dbgmsg.append(" ").append(capNames[i].name);
|
||||
if (prctl(PR_CAPBSET_DROP, (unsigned long)capNames[i].val, 0UL, 0UL, 0UL) ==
|
||||
-1) {
|
||||
PLOG_W("prctl(PR_CAPBSET_DROP, %s)", capNames[i].name);
|
||||
dbgmsg.append(" ").append(i.name);
|
||||
if (prctl(PR_CAPBSET_DROP, (unsigned long)i.val, 0UL, 0UL, 0UL) == -1) {
|
||||
PLOG_W("prctl(PR_CAPBSET_DROP, %s)", i.name);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
22
mnt.cc
22
mnt.cc
@ -57,10 +57,10 @@ namespace mnt {
|
||||
static const std::string flagsToStr(uintptr_t flags) {
|
||||
std::string res;
|
||||
|
||||
static struct {
|
||||
struct {
|
||||
const uintptr_t flag;
|
||||
const char* const name;
|
||||
} const mountFlags[] = {
|
||||
} static const mountFlags[] = {
|
||||
NS_VALSTR_STRUCT(MS_RDONLY),
|
||||
NS_VALSTR_STRUCT(MS_NOSUID),
|
||||
NS_VALSTR_STRUCT(MS_NODEV),
|
||||
@ -88,12 +88,12 @@ static const std::string flagsToStr(uintptr_t flags) {
|
||||
};
|
||||
|
||||
uintptr_t knownFlagMask = 0U;
|
||||
for (size_t i = 0; i < ARR_SZ(mountFlags); i++) {
|
||||
if (flags & mountFlags[i].flag) {
|
||||
res.append(mountFlags[i].name);
|
||||
for (const auto& i : mountFlags) {
|
||||
if (flags & i.flag) {
|
||||
res.append(i.name);
|
||||
res.append("|");
|
||||
}
|
||||
knownFlagMask |= mountFlags[i].flag;
|
||||
knownFlagMask |= i.flag;
|
||||
}
|
||||
|
||||
if (((flags & ~(knownFlagMask)) == 0) && !res.empty()) {
|
||||
@ -239,10 +239,10 @@ static bool remountRO(const mount_t& mpt) {
|
||||
return false;
|
||||
}
|
||||
|
||||
static struct {
|
||||
struct {
|
||||
const unsigned long mount_flag;
|
||||
const unsigned long vfs_flag;
|
||||
} const mountPairs[] = {
|
||||
} static const mountPairs[] = {
|
||||
{MS_RDONLY, ST_RDONLY},
|
||||
{MS_NOSUID, ST_NOSUID},
|
||||
{MS_NODEV, ST_NODEV},
|
||||
@ -255,9 +255,9 @@ static bool remountRO(const mount_t& mpt) {
|
||||
};
|
||||
|
||||
unsigned long new_flags = MS_REMOUNT | MS_RDONLY | MS_BIND;
|
||||
for (size_t i = 0; i < ARR_SZ(mountPairs); i++) {
|
||||
if (vfs.f_flag & mountPairs[i].vfs_flag) {
|
||||
new_flags |= mountPairs[i].mount_flag;
|
||||
for (const auto& i : mountPairs) {
|
||||
if (vfs.f_flag & i.vfs_flag) {
|
||||
new_flags |= i.mount_flag;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -77,8 +77,8 @@ static bool nsjailSetSigHandler(int sig) {
|
||||
}
|
||||
|
||||
static bool nsjailSetSigHandlers(void) {
|
||||
for (size_t i = 0; i < ARR_SZ(nssigs); i++) {
|
||||
if (!nsjailSetSigHandler(nssigs[i])) {
|
||||
for (const auto& i : nssigs) {
|
||||
if (!nsjailSetSigHandler(i)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
12
subproc.cc
12
subproc.cc
@ -62,10 +62,10 @@ namespace subproc {
|
||||
static const std::string cloneFlagsToStr(uintptr_t flags) {
|
||||
std::string res;
|
||||
|
||||
static struct {
|
||||
struct {
|
||||
const uintptr_t flag;
|
||||
const char* const name;
|
||||
} const cloneFlags[] = {
|
||||
} static const cloneFlags[] = {
|
||||
NS_VALSTR_STRUCT(CLONE_VM),
|
||||
NS_VALSTR_STRUCT(CLONE_FS),
|
||||
NS_VALSTR_STRUCT(CLONE_FILES),
|
||||
@ -92,11 +92,11 @@ static const std::string cloneFlagsToStr(uintptr_t flags) {
|
||||
};
|
||||
|
||||
uintptr_t knownFlagMask = CSIGNAL;
|
||||
for (const auto& f : cloneFlags) {
|
||||
if (flags & f.flag) {
|
||||
res.append(f.name).append("|");
|
||||
for (const auto& i : cloneFlags) {
|
||||
if (flags & i.flag) {
|
||||
res.append(i.name).append("|");
|
||||
}
|
||||
knownFlagMask |= f.flag;
|
||||
knownFlagMask |= i.flag;
|
||||
}
|
||||
|
||||
if (flags & ~(knownFlagMask)) {
|
||||
|
14
util.cc
14
util.cc
@ -195,7 +195,9 @@ static void rndInitThread(void) {
|
||||
#endif /* defined(__NR_getrandom) */
|
||||
int fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
|
||||
if (fd == -1) {
|
||||
PLOG_D("Couldn't open /dev/urandom for reading. Using gettimeofday fall-back");
|
||||
PLOG_D(
|
||||
"Couldn't open /dev/urandom for reading. Using gettimeofday "
|
||||
"fall-back");
|
||||
struct timeval tv;
|
||||
gettimeofday(&tv, NULL);
|
||||
rndX = tv.tv_usec + ((uint64_t)tv.tv_sec << 32);
|
||||
@ -217,10 +219,10 @@ uint64_t rnd64(void) {
|
||||
const std::string sigName(int signo) {
|
||||
std::string res;
|
||||
|
||||
static struct {
|
||||
struct {
|
||||
const int signo;
|
||||
const char* const name;
|
||||
} const sigNames[] = {
|
||||
} static const sigNames[] = {
|
||||
NS_VALSTR_STRUCT(SIGINT),
|
||||
NS_VALSTR_STRUCT(SIGILL),
|
||||
NS_VALSTR_STRUCT(SIGABRT),
|
||||
@ -252,9 +254,9 @@ const std::string sigName(int signo) {
|
||||
NS_VALSTR_STRUCT(SIGWINCH),
|
||||
};
|
||||
|
||||
for (size_t i = 0; i < ARR_SZ(sigNames); i++) {
|
||||
if (signo == sigNames[i].signo) {
|
||||
res.append(sigNames[i].name);
|
||||
for (const auto& i : sigNames) {
|
||||
if (signo == i.signo) {
|
||||
res.append(i.name);
|
||||
return res;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user