diff options
Diffstat (limited to 'gdb/nat/linux-namespaces.c')
-rw-r--r-- | gdb/nat/linux-namespaces.c | 1050 |
1 files changed, 1050 insertions, 0 deletions
diff --git a/gdb/nat/linux-namespaces.c b/gdb/nat/linux-namespaces.c new file mode 100644 index 0000000..f710c03 --- /dev/null +++ b/gdb/nat/linux-namespaces.c @@ -0,0 +1,1050 @@ +/* Linux namespaces(7) support. + + Copyright (C) 2015 Free Software Foundation, Inc. + + This file is part of GDB. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. */ + +#include "common-defs.h" +#include "nat/linux-namespaces.h" +#include "filestuff.h" +#include <fcntl.h> +#include <sys/syscall.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/socket.h> +#include <sys/wait.h> +#include <signal.h> +#include <sched.h> + +/* See nat/linux-namespaces.h. */ +int debug_linux_namespaces; + +/* Handle systems without setns. */ + +#ifndef HAVE_SETNS +static int +setns (int fd, int nstype) +{ +#ifdef __NR_setns + return syscall (__NR_setns, fd, nstype); +#else + errno = ENOSYS; + return -1; +#endif +} +#endif + +/* A Linux namespace. */ + +struct linux_ns +{ + /* Filename of this namespace's entries in /proc/PID/ns. */ + const char *filename; + + /* Nonzero if this object has been initialized. */ + int initialized; + + /* Nonzero if this namespace is supported on this system. */ + int supported; + + /* ID of the namespace the calling process is in, used to + see if other processes share the namespace. The code in + this file assumes that the calling process never changes + namespace. */ + ino_t id; +}; + +/* Return the absolute filename of process PID's /proc/PID/ns + entry for namespace NS. The returned value persists until + this function is next called. */ + +static const char * +linux_ns_filename (struct linux_ns *ns, int pid) +{ + static char filename[PATH_MAX]; + + gdb_assert (pid > 0); + xsnprintf (filename, sizeof (filename), "/proc/%d/ns/%s", pid, + ns->filename); + + return filename; +} + +/* Return a representation of the caller's TYPE namespace, or + NULL if TYPE namespaces are not supported on this system. */ + +static struct linux_ns * +linux_ns_get_namespace (enum linux_ns_type type) +{ + static struct linux_ns namespaces[NUM_LINUX_NS_TYPES] = + { + { "ipc" }, + { "mnt" }, + { "net" }, + { "pid" }, + { "user" }, + { "uts" }, + }; + struct linux_ns *ns; + + gdb_assert (type >= 0 && type < NUM_LINUX_NS_TYPES); + ns = &namespaces[type]; + + if (!ns->initialized) + { + struct stat sb; + + if (stat (linux_ns_filename (ns, getpid ()), &sb) == 0) + { + ns->id = sb.st_ino; + + ns->supported = 1; + } + + ns->initialized = 1; + } + + return ns->supported ? ns : NULL; +} + +/* See nat/linux-namespaces.h. */ + +int +linux_ns_same (pid_t pid, enum linux_ns_type type) +{ + struct linux_ns *ns = linux_ns_get_namespace (type); + const char *filename; + struct stat sb; + + /* If the kernel does not support TYPE namespaces then there's + effectively only one TYPE namespace that all processes on + the system share. */ + if (ns == NULL) + return 1; + + /* Stat PID's TYPE namespace entry to get the namespace ID. This + might fail if the process died, or if we don't have the right + permissions (though we should be attached by this time so this + seems unlikely). In any event, we can't make any decisions and + must throw. */ + filename = linux_ns_filename (ns, pid); + if (stat (filename, &sb) != 0) + perror_with_name (filename); + + return sb.st_ino == ns->id; +} + +/* We need to use setns(2) to handle filesystem access in mount + namespaces other than our own, but this isn't permitted for + multithreaded processes. GDB is multithreaded when compiled + with Guile support, and may become multithreaded if compiled + with Python support. We deal with this by spawning a single- + threaded helper process to access mount namespaces other than + our own. + + The helper process is started the first time a call to setns + is required. The main process (GDB or gdbserver) communicates + with the helper via sockets, passing file descriptors where + necessary using SCM_RIGHTS. Once started the helper process + runs until the main process terminates; when this happens the + helper will receive socket errors, notice that its parent died, + and exit accordingly (see mnsh_maybe_mourn_peer). + + The protocol is that the main process sends a request in a + single message, and the helper replies to every message it + receives with a single-message response. If the helper + receives a message it does not understand it will reply with + a MNSH_MSG_ERROR message. The main process checks all + responses it receives with gdb_assert, so if the main process + receives something unexpected (which includes MNSH_MSG_ERROR) + the main process will call internal_error. + + For avoidance of doubt, if the helper process receives a + message it doesn't handle it will reply with MNSH_MSG_ERROR. + If the main process receives MNSH_MSG_ERROR at any time then + it will call internal_error. If internal_error causes the + main process to exit, the helper will notice this and also + exit. The helper will not exit until the main process + terminates, so if the user continues through internal_error + the helper will still be there awaiting requests from the + main process. + + Messages in both directions have the following payload: + + - TYPE (enum mnsh_msg_type, always sent) - the message type. + - INT1 and + - INT2 (int, always sent, though not always used) - two + values whose meaning is message-type-dependent. + See enum mnsh_msg_type documentation below. + - FD (int, optional, sent using SCM_RIGHTS) - an open file + descriptor. + - BUF (unstructured data, optional) - some data with message- + type-dependent meaning. + + Note that the helper process is the child of a call to fork, + so all code in the helper must be async-signal-safe. */ + +/* Mount namespace helper message types. */ + +enum mnsh_msg_type + { + /* A communication error occurred. Receipt of this message + by either end will cause an assertion failure in the main + process. */ + MNSH_MSG_ERROR, + + /* Requests, sent from the main process to the helper. */ + + /* A request that the helper call setns. Arguments should + be passed in FD and INT1. Helper should respond with a + MNSH_RET_INT. */ + MNSH_REQ_SETNS, + + /* A request that the helper call open. Arguments should + be passed in BUF, INT1 and INT2. The filename (in BUF) + should include a terminating NUL character. The helper + should respond with a MNSH_RET_FD. */ + MNSH_REQ_OPEN, + + /* A request that the helper call unlink. The single + argument (the filename) should be passed in BUF, and + should include a terminating NUL character. The helper + should respond with a MNSH_RET_INT. */ + MNSH_REQ_UNLINK, + + /* A request that the helper call readlink. The single + argument (the filename) should be passed in BUF, and + should include a terminating NUL character. The helper + should respond with a MNSH_RET_INTSTR. */ + MNSH_REQ_READLINK, + + /* Responses, sent to the main process from the helper. */ + + /* Return an integer in INT1 and errno in INT2. */ + MNSH_RET_INT, + + /* Return a file descriptor in FD if one was opened or an + integer in INT1 otherwise. Return errno in INT2. */ + MNSH_RET_FD, + + /* Return an integer in INT1, errno in INT2, and optionally + some data in BUF. */ + MNSH_RET_INTSTR, + }; + +/* Print a string representation of a message using debug_printf. + This function is not async-signal-safe so should never be + called from the helper. */ + +static void +mnsh_debug_print_message (enum mnsh_msg_type type, + int fd, int int1, int int2, + const void *buf, int bufsiz) +{ + gdb_byte *c = (gdb_byte *) buf; + gdb_byte *cl = c + bufsiz; + + switch (type) + { + case MNSH_MSG_ERROR: + debug_printf ("ERROR"); + break; + + case MNSH_REQ_SETNS: + debug_printf ("SETNS"); + break; + + case MNSH_REQ_OPEN: + debug_printf ("OPEN"); + break; + + case MNSH_REQ_UNLINK: + debug_printf ("UNLINK"); + break; + + case MNSH_REQ_READLINK: + debug_printf ("READLINK"); + break; + + case MNSH_RET_INT: + debug_printf ("INT"); + break; + + case MNSH_RET_FD: + debug_printf ("FD"); + break; + + case MNSH_RET_INTSTR: + debug_printf ("INTSTR"); + break; + + default: + debug_printf ("unknown-packet-%d", type); + } + + debug_printf (" %d %d %d \"", fd, int1, int2); + + for (; c < cl; c++) + debug_printf (*c >= ' ' && *c <= '~' ? "%c" : "\\%o", *c); + + debug_printf ("\""); +} + +/* Forward declaration. */ + +static void mnsh_maybe_mourn_peer (void); + +/* Send a message. The argument SOCK is the file descriptor of the + sending socket, the other arguments are the payload to send. + Return the number of bytes sent on success. Return -1 on failure + and set errno appropriately. This function is called by both the + main process and the helper so must be async-signal-safe. */ + +static ssize_t +mnsh_send_message (int sock, enum mnsh_msg_type type, + int fd, int int1, int int2, + const void *buf, int bufsiz) +{ + struct msghdr msg; + struct iovec iov[4]; + char fdbuf[CMSG_SPACE (sizeof (fd))]; + ssize_t size; + + /* Build the basic TYPE, INT1, INT2 message. */ + memset (&msg, 0, sizeof (msg)); + msg.msg_iov = iov; + + iov[0].iov_base = &type; + iov[0].iov_len = sizeof (type); + iov[1].iov_base = &int1; + iov[1].iov_len = sizeof (int1); + iov[2].iov_base = &int2; + iov[2].iov_len = sizeof (int2); + + msg.msg_iovlen = 3; + + /* Append BUF if supplied. */ + if (buf != NULL && bufsiz > 0) + { + iov[3].iov_base = alloca (bufsiz); + memcpy (iov[3].iov_base, buf, bufsiz); + iov[3].iov_len = bufsiz; + + msg.msg_iovlen ++; + } + + /* Attach FD if supplied. */ + if (fd >= 0) + { + struct cmsghdr *cmsg; + + msg.msg_control = fdbuf; + msg.msg_controllen = sizeof (fdbuf); + + cmsg = CMSG_FIRSTHDR (&msg); + cmsg->cmsg_level = SOL_SOCKET; + cmsg->cmsg_type = SCM_RIGHTS; + cmsg->cmsg_len = CMSG_LEN (sizeof (int)); + + memcpy (CMSG_DATA (cmsg), &fd, sizeof (int)); + + msg.msg_controllen = cmsg->cmsg_len; + } + + /* Send the message. */ + size = sendmsg (sock, &msg, 0); + + if (size < 0) + mnsh_maybe_mourn_peer (); + + if (debug_linux_namespaces) + { + debug_printf ("mnsh: send: "); + mnsh_debug_print_message (type, fd, int1, int2, buf, bufsiz); + debug_printf (" -> %ld\n", size); + } + + return size; +} + +/* Receive a message. The argument SOCK is the file descriptor of + the receiving socket, the other arguments point to storage for + the received payload. Returns the number of bytes stored into + BUF on success, which may be zero in the event no BUF was sent. + Return -1 on failure and set errno appropriately. This function + is called from both the main process and the helper and must be + async-signal-safe. */ + +static ssize_t +mnsh_recv_message (int sock, enum mnsh_msg_type *type, + int *fd, int *int1, int *int2, + void *buf, int bufsiz) +{ + struct msghdr msg; + struct iovec iov[4]; + char fdbuf[CMSG_SPACE (sizeof (*fd))]; + struct cmsghdr *cmsg; + ssize_t size, fixed_size; + int i; + + /* Build the message to receive data into. */ + memset (&msg, 0, sizeof (msg)); + msg.msg_iov = iov; + + iov[0].iov_base = type; + iov[0].iov_len = sizeof (*type); + iov[1].iov_base = int1; + iov[1].iov_len = sizeof (*int1); + iov[2].iov_base = int2; + iov[2].iov_len = sizeof (*int2); + iov[3].iov_base = buf; + iov[3].iov_len = bufsiz; + + msg.msg_iovlen = 4; + + for (fixed_size = i = 0; i < msg.msg_iovlen - 1; i++) + fixed_size += iov[i].iov_len; + + msg.msg_control = fdbuf; + msg.msg_controllen = sizeof (fdbuf); + + /* Receive the message. */ + size = recvmsg (sock, &msg, MSG_CMSG_CLOEXEC); + if (size < 0) + { + if (debug_linux_namespaces) + debug_printf ("namespace-helper: recv failed (%ld)\n", size); + + mnsh_maybe_mourn_peer (); + + return size; + } + + /* Check for truncation. */ + if (size < fixed_size || (msg.msg_flags & (MSG_TRUNC | MSG_CTRUNC))) + { + if (debug_linux_namespaces) + debug_printf ("namespace-helper: recv truncated (%ld 0x%x)\n", + size, msg.msg_flags); + + mnsh_maybe_mourn_peer (); + + errno = EBADMSG; + return -1; + } + + /* Unpack the file descriptor if supplied. */ + cmsg = CMSG_FIRSTHDR (&msg); + if (cmsg != NULL + && cmsg->cmsg_len == CMSG_LEN (sizeof (int)) + && cmsg->cmsg_level == SOL_SOCKET + && cmsg->cmsg_type == SCM_RIGHTS) + memcpy (fd, CMSG_DATA (cmsg), sizeof (int)); + else + *fd = -1; + + if (debug_linux_namespaces) + { + debug_printf ("mnsh: recv: "); + mnsh_debug_print_message (*type, *fd, *int1, *int2, buf, + size - fixed_size); + debug_printf ("\n"); + } + + /* Return the number of bytes of data in BUF. */ + return size - fixed_size; +} + +/* Shortcuts for returning results from the helper. */ + +#define mnsh_return_int(sock, result, error) \ + mnsh_send_message (sock, MNSH_RET_INT, -1, result, error, NULL, 0) + +#define mnsh_return_fd(sock, fd, error) \ + mnsh_send_message (sock, MNSH_RET_FD, \ + (fd) < 0 ? -1 : (fd), \ + (fd) < 0 ? (fd) : 0, \ + error, NULL, 0) + +#define mnsh_return_intstr(sock, result, buf, bufsiz, error) \ + mnsh_send_message (sock, MNSH_RET_INTSTR, -1, result, error, \ + buf, bufsiz) + +/* Handle a MNSH_REQ_SETNS message. Must be async-signal-safe. */ + +static ssize_t +mnsh_handle_setns (int sock, int fd, int nstype) +{ + int result = setns (fd, nstype); + + return mnsh_return_int (sock, result, errno); +} + +/* Handle a MNSH_REQ_OPEN message. Must be async-signal-safe. */ + +static ssize_t +mnsh_handle_open (int sock, const char *filename, + int flags, mode_t mode) +{ + int fd = gdb_open_cloexec (filename, flags, mode); + ssize_t result = mnsh_return_fd (sock, fd, errno); + + if (fd >= 0) + close (fd); + + return result; +} + +/* Handle a MNSH_REQ_UNLINK message. Must be async-signal-safe. */ + +static ssize_t +mnsh_handle_unlink (int sock, const char *filename) +{ + int result = unlink (filename); + + return mnsh_return_int (sock, result, errno); +} + +/* Handle a MNSH_REQ_READLINK message. Must be async-signal-safe. */ + +static ssize_t +mnsh_handle_readlink (int sock, const char *filename) +{ + char buf[PATH_MAX]; + int len = readlink (filename, buf, sizeof (buf)); + + return mnsh_return_intstr (sock, len, + buf, len < 0 ? 0 : len, + errno); +} + +/* The helper process. Never returns. Must be async-signal-safe. */ + +static void mnsh_main (int sock) ATTRIBUTE_NORETURN; + +static void +mnsh_main (int sock) +{ + while (1) + { + enum mnsh_msg_type type; + int fd, int1, int2; + char buf[PATH_MAX]; + ssize_t size, response = -1; + + size = mnsh_recv_message (sock, &type, + &fd, &int1, &int2, + buf, sizeof (buf)); + + if (size >= 0 && size < sizeof (buf)) + { + switch (type) + { + case MNSH_REQ_SETNS: + if (fd > 0) + response = mnsh_handle_setns (sock, fd, int1); + break; + + case MNSH_REQ_OPEN: + if (size > 0 && buf[size - 1] == '\0') + response = mnsh_handle_open (sock, buf, int1, int2); + break; + + case MNSH_REQ_UNLINK: + if (size > 0 && buf[size - 1] == '\0') + response = mnsh_handle_unlink (sock, buf); + break; + + case MNSH_REQ_READLINK: + if (size > 0 && buf[size - 1] == '\0') + response = mnsh_handle_readlink (sock, buf); + break; + + default: + break; /* Handled below. */ + } + } + + /* Close any file descriptors we were passed. */ + if (fd >= 0) + close (fd); + + /* Can't handle this message, bounce it back. */ + if (response < 0) + { + if (size < 0) + size = 0; + + mnsh_send_message (sock, MNSH_MSG_ERROR, + -1, int1, int2, buf, size); + } + } +} + +/* The mount namespace helper process. */ + +struct linux_mnsh +{ + /* PID of helper. */ + pid_t pid; + + /* Socket for communication. */ + int sock; + + /* ID of the mount namespace the helper is currently in. */ + ino_t nsid; +}; + +/* In the helper process this is set to the PID of the process that + created the helper (i.e. GDB or gdbserver). In the main process + this is set to zero. Used by mnsh_maybe_mourn_peer. */ +static int mnsh_creator_pid = 0; + +/* Return an object representing the mount namespace helper process. + If no mount namespace helper process has been started then start + one. Return NULL if no mount namespace helper process could be + started. */ + +static struct linux_mnsh * +linux_mntns_get_helper (void) +{ + static struct linux_mnsh *helper = NULL; + + if (helper == NULL) + { + static struct linux_mnsh h; + struct linux_ns *ns; + pid_t helper_creator = getpid (); + int sv[2]; + + ns = linux_ns_get_namespace (LINUX_NS_MNT); + if (ns == NULL) + return NULL; + + if (gdb_socketpair_cloexec (AF_UNIX, SOCK_STREAM, 0, sv) < 0) + return NULL; + + h.pid = fork (); + if (h.pid < 0) + { + int saved_errno = errno; + + close (sv[0]); + close (sv[1]); + + errno = saved_errno; + return NULL; + } + + if (h.pid == 0) + { + /* Child process. */ + close (sv[0]); + + mnsh_creator_pid = helper_creator; + + /* Debug printing isn't async-signal-safe. */ + debug_linux_namespaces = 0; + + mnsh_main (sv[1]); + } + + /* Parent process. */ + close (sv[1]); + + helper = &h; + helper->sock = sv[0]; + helper->nsid = ns->id; + + if (debug_linux_namespaces) + debug_printf ("Started mount namespace helper process %d\n", + helper->pid); + } + + return helper; +} + +/* Check whether the other process died and act accordingly. Called + whenever a socket error occurs, from both the main process and the + helper. Must be async-signal-safe when called from the helper. */ + +static void +mnsh_maybe_mourn_peer (void) +{ + if (mnsh_creator_pid != 0) + { + /* We're in the helper. Check if our current parent is the + process that started us. If it isn't, then our original + parent died and we've been reparented. Exit immediately + if that's the case. */ + if (getppid () != mnsh_creator_pid) + _exit (0); + } + else + { + /* We're in the main process. */ + + struct linux_mnsh *helper = linux_mntns_get_helper (); + int status; + pid_t pid; + + if (helper->pid < 0) + { + /* We already mourned it. */ + return; + } + + pid = waitpid (helper->pid, &status, WNOHANG); + if (pid == 0) + { + /* The helper is still alive. */ + return; + } + else if (pid == -1) + { + if (errno == ECHILD) + warning (_("mount namespace helper vanished?")); + else + internal_warning (__FILE__, __LINE__, + _("unhandled error %d"), errno); + } + else if (pid == helper->pid) + { + if (WIFEXITED (status)) + warning (_("mount namespace helper exited with status %d"), + WEXITSTATUS (status)); + else if (WIFSIGNALED (status)) + warning (_("mount namespace helper killed by signal %d"), + WTERMSIG (status)); + else + internal_warning (__FILE__, __LINE__, + _("unhandled status %d"), status); + } + else + internal_warning (__FILE__, __LINE__, + _("unknown pid %d"), pid); + + /* Something unrecoverable happened. */ + helper->pid = -1; + } +} + +/* Shortcuts for sending messages to the helper. */ + +#define mnsh_send_setns(helper, fd, nstype) \ + mnsh_send_message (helper->sock, MNSH_REQ_SETNS, fd, nstype, 0, \ + NULL, 0) + +#define mnsh_send_open(helper, filename, flags, mode) \ + mnsh_send_message (helper->sock, MNSH_REQ_OPEN, -1, flags, mode, \ + filename, strlen (filename) + 1) + +#define mnsh_send_unlink(helper, filename) \ + mnsh_send_message (helper->sock, MNSH_REQ_UNLINK, -1, 0, 0, \ + filename, strlen (filename) + 1) + +#define mnsh_send_readlink(helper, filename) \ + mnsh_send_message (helper->sock, MNSH_REQ_READLINK, -1, 0, 0, \ + filename, strlen (filename) + 1) + +/* Receive a message from the helper. Issue an assertion failure if + the message isn't a correctly-formatted MNSH_RET_INT. Set RESULT + and ERROR and return 0 on success. Set errno and return -1 on + failure. */ + +static int +mnsh_recv_int (struct linux_mnsh *helper, int *result, int *error) +{ + enum mnsh_msg_type type; + char buf[PATH_MAX]; + ssize_t size; + int fd; + + size = mnsh_recv_message (helper->sock, &type, &fd, + result, error, + buf, sizeof (buf)); + if (size < 0) + return -1; + + gdb_assert (type == MNSH_RET_INT); + gdb_assert (fd == -1); + gdb_assert (size == 0); + + return 0; +} + +/* Receive a message from the helper. Issue an assertion failure if + the message isn't a correctly-formatted MNSH_RET_FD. Set FD and + ERROR and return 0 on success. Set errno and return -1 on + failure. */ + +static int +mnsh_recv_fd (struct linux_mnsh *helper, int *fd, int *error) +{ + enum mnsh_msg_type type; + char buf[PATH_MAX]; + ssize_t size; + int result; + + size = mnsh_recv_message (helper->sock, &type, fd, + &result, error, + buf, sizeof (buf)); + if (size < 0) + return -1; + + gdb_assert (type == MNSH_RET_FD); + gdb_assert (size == 0); + + if (*fd < 0) + { + gdb_assert (result < 0); + *fd = result; + } + + return 0; +} + +/* Receive a message from the helper. Issue an assertion failure if + the message isn't a correctly-formatted MNSH_RET_INTSTR. Set + RESULT and ERROR and optionally store data in BUF, then return + the number of bytes stored in BUF on success (this may be zero). + Set errno and return -1 on error. */ + +static ssize_t +mnsh_recv_intstr (struct linux_mnsh *helper, + int *result, int *error, + void *buf, int bufsiz) +{ + enum mnsh_msg_type type; + ssize_t size; + int fd; + + size = mnsh_recv_message (helper->sock, &type, &fd, + result, error, + buf, bufsiz); + + if (size < 0) + return -1; + + gdb_assert (type == MNSH_RET_INTSTR); + gdb_assert (fd == -1); + + return size; +} + +/* Return values for linux_mntns_access_fs. */ + +enum mnsh_fs_code + { + /* Something went wrong, errno is set. */ + MNSH_FS_ERROR = -1, + + /* The main process is in the correct mount namespace. + The caller should access the filesystem directly. */ + MNSH_FS_DIRECT, + + /* The helper is in the correct mount namespace. + The caller should access the filesystem via the helper. */ + MNSH_FS_HELPER + }; + +/* Return a value indicating how the caller should access the + mount namespace of process PID. */ + +static enum mnsh_fs_code +linux_mntns_access_fs (pid_t pid) +{ + struct cleanup *old_chain; + struct linux_ns *ns; + struct stat sb; + struct linux_mnsh *helper; + ssize_t size; + int fd, saved_errno; + + if (pid == getpid ()) + return MNSH_FS_DIRECT; + + ns = linux_ns_get_namespace (LINUX_NS_MNT); + if (ns == NULL) + return MNSH_FS_DIRECT; + + old_chain = make_cleanup (null_cleanup, NULL); + + fd = gdb_open_cloexec (linux_ns_filename (ns, pid), O_RDONLY, 0); + if (fd < 0) + goto error; + + old_chain = make_cleanup_close (fd); + + if (fstat (fd, &sb) != 0) + goto error; + + if (sb.st_ino == ns->id) + { + do_cleanups (old_chain); + + return MNSH_FS_DIRECT; + } + + helper = linux_mntns_get_helper (); + if (helper == NULL) + goto error; + + if (sb.st_ino != helper->nsid) + { + int result, error; + + size = mnsh_send_setns (helper, fd, 0); + if (size < 0) + goto error; + + if (mnsh_recv_int (helper, &result, &error) != 0) + goto error; + + if (result != 0) + { + /* ENOSYS indicates that an entire function is unsupported + (it's not appropriate for our versions of open/unlink/ + readlink to sometimes return with ENOSYS depending on how + they're called) so we convert ENOSYS to ENOTSUP if setns + fails. */ + if (error == ENOSYS) + error = ENOTSUP; + + errno = error; + goto error; + } + + helper->nsid = sb.st_ino; + } + + do_cleanups (old_chain); + + return MNSH_FS_HELPER; + +error: + saved_errno = errno; + + do_cleanups (old_chain); + + errno = saved_errno; + return MNSH_FS_ERROR; +} + +/* See nat/linux-namespaces.h. */ + +int +linux_mntns_open_cloexec (pid_t pid, const char *filename, + int flags, mode_t mode) +{ + enum mnsh_fs_code access = linux_mntns_access_fs (pid); + struct linux_mnsh *helper; + int fd, error; + ssize_t size; + + if (access == MNSH_FS_ERROR) + return -1; + + if (access == MNSH_FS_DIRECT) + return gdb_open_cloexec (filename, flags, mode); + + gdb_assert (access == MNSH_FS_HELPER); + + helper = linux_mntns_get_helper (); + + size = mnsh_send_open (helper, filename, flags, mode); + if (size < 0) + return -1; + + if (mnsh_recv_fd (helper, &fd, &error) != 0) + return -1; + + if (fd < 0) + errno = error; + + return fd; +} + +/* See nat/linux-namespaces.h. */ + +int +linux_mntns_unlink (pid_t pid, const char *filename) +{ + enum mnsh_fs_code access = linux_mntns_access_fs (pid); + struct linux_mnsh *helper; + int ret, error; + ssize_t size; + + if (access == MNSH_FS_ERROR) + return -1; + + if (access == MNSH_FS_DIRECT) + return unlink (filename); + + gdb_assert (access == MNSH_FS_HELPER); + + helper = linux_mntns_get_helper (); + + size = mnsh_send_unlink (helper, filename); + if (size < 0) + return -1; + + if (mnsh_recv_int (helper, &ret, &error) != 0) + return -1; + + if (ret != 0) + errno = error; + + return ret; +} + +/* See nat/linux-namespaces.h. */ + +ssize_t +linux_mntns_readlink (pid_t pid, const char *filename, + char *buf, size_t bufsiz) +{ + enum mnsh_fs_code access = linux_mntns_access_fs (pid); + struct linux_mnsh *helper; + int ret, error; + ssize_t size; + + if (access == MNSH_FS_ERROR) + return -1; + + if (access == MNSH_FS_DIRECT) + return readlink (filename, buf, bufsiz); + + gdb_assert (access == MNSH_FS_HELPER); + + helper = linux_mntns_get_helper (); + + size = mnsh_send_readlink (helper, filename); + if (size < 0) + return -1; + + size = mnsh_recv_intstr (helper, &ret, &error, buf, bufsiz); + + if (size < 0) + { + ret = -1; + errno = error; + } + else + gdb_assert (size == ret); + + return ret; +} |