[v2,23/36] ns: Make write_id_map() use CR_PROC_FD_OFF

Submitted by Kirill Tkhai on Feb. 3, 2017, 4:15 p.m.

Details

Message ID 148613850127.3612.2958747330679470804.stgit@localhost.localdomain
State New
Series "Nested user namespaces support"
Headers show

Commit Message

Kirill Tkhai Feb. 3, 2017, 4:15 p.m.
Currently, it's used by criu from CRIU_NS only.
So, in fact open_proc_rw() leads to opening of
a fd in CRIU_NS /proc (open_pid_proc() just
opens "/proc" dir, when PROC_FD_OFF is not set).

Make write_id_map() use CR_PROC_FD_OFF, which
exists, and does not confuse a user.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 criu/namespaces.c |   13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

Patch hide | download patch | download mbox

diff --git a/criu/namespaces.c b/criu/namespaces.c
index 7a8a79cac..538074ab9 100644
--- a/criu/namespaces.c
+++ b/criu/namespaces.c
@@ -1295,6 +1295,16 @@  static int write_id_map(pid_t pid, UidGidExtent **extents, int n, char *id_map)
 	int off = 0, i;
 	int fd;
 
+	fd = get_service_fd(CR_PROC_FD_OFF);
+	if (fd < 0)
+		return -1;
+	snprintf(buf, PAGE_SIZE, "%d/%s", pid, id_map);
+	fd = openat(fd, buf, O_WRONLY);
+	if (fd < 0) {
+		pr_perror("Can't open %s\n", buf);
+		return -1;
+	}
+
 	/*
 	 *  We can perform only a single write (that may contain multiple
 	 *  newline-delimited records) to a uid_map and a gid_map files.
@@ -1305,9 +1315,6 @@  static int write_id_map(pid_t pid, UidGidExtent **extents, int n, char *id_map)
 					extents[i]->lower_first,
 					extents[i]->count);
 
-	fd = open_proc_rw(pid, "%s", id_map);
-	if (fd < 0)
-		return -1;
 	if (write(fd, buf, off) != off) {
 		pr_perror("Unable to write into %s", id_map);
 		close(fd);