On 08/26/2015 09:06 PM, Michal Privoznik wrote:
> Now that virProcessSetNamespaces() does accept FD list in the
> correct format, we can simply turn lxcAttachNS into calling
> virProcessSetNamespaces().
>
> Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
> ---
> src/lxc/lxc_container.c | 22 +++-------------------
> 1 file changed, 3 insertions(+), 19 deletions(-)
>
> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
> index feb8fad..eb7cad6 100644
> --- a/src/lxc/lxc_container.c
> +++ b/src/lxc/lxc_container.c
> @@ -2184,25 +2184,9 @@ static int lxcContainerDropCapabilities(virDomainDefPtr def ATTRIBUTE_UNUSED,
> */
> static int lxcAttachNS(int *ns_fd)
> {
> - size_t i;
> - if (ns_fd)
> - for (i = 0; i < VIR_LXC_DOMAIN_NAMESPACE_LAST; i++) {
> - if (ns_fd[i] < 0)
> - continue;
> - VIR_DEBUG("Setting into namespace\n");
> - /* We get EINVAL if new NS is same as the current
> - * NS, or if the fd namespace doesn't match the
> - * type passed to setns()'s second param. Since we
> - * pass 0, we know the EINVAL is harmless
> - */
> - if (setns(ns_fd[i], 0) < 0 &&
> - errno != EINVAL) {
> - virReportSystemError(errno, _("failed to set namespace '%s'"),
> - virLXCDomainNamespaceTypeToString(i));
> - return -1;
> - }
> - VIR_FORCE_CLOSE(ns_fd[i]);
> - }
> + if (ns_fd &&
> + virProcessSetNamespaces(VIR_LXC_DOMAIN_NAMESPACE_LAST, ns_fd) < 0)
Coverity wasn't very happy with this one - I got:
(1) Event suspicious_sizeof: Passing argument "ns_fd" of type "int *"
and argument "VIR_LXC_DOMAIN_NAMESPACE_LAST" to function
"virProcessSetNamespaces" is suspicious because a multiple of "sizeof
(int)" /*4*/ is expected.
Changing 'arg1' to virProcessSetNamespaces from size_t to unsigned int
cleared the error - whether that's "right" or not, I'm not sure. I do
note the only other caller virDomainLxcEnterNamespace passes an
'unsigned int' which is why I tried that first.
John
> + return -1;
> return 0;
> }
>
>
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list