diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-01-11 18:59:42 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-01-11 18:59:42 +0900 |
commit | b355ed490b4e9618807e2a7fd77acaaad3184639 (patch) | |
tree | 1d2471e4aa26aa6b8616c907e30a88eb94cd7095 | |
parent | 28189812b3be1864c36cf13292520c059a91a7da (diff) | |
download | poe-b355ed490b4e9618807e2a7fd77acaaad3184639.tar.gz |
improve readability
-rw-r--r-- | sandbox/playground.c | 14 | ||||
-rw-r--r-- | sandbox/sandbox.c | 84 | ||||
-rw-r--r-- | sandbox/sandbox.h | 8 | ||||
-rw-r--r-- | sandbox/systemd.c | 2 |
4 files changed, 48 insertions, 60 deletions
diff --git a/sandbox/playground.c b/sandbox/playground.c index 5e7f167..edc9cdf 100644 --- a/sandbox/playground.c +++ b/sandbox/playground.c @@ -22,24 +22,22 @@ poe_init_playground(const char *base, const char *env) { struct stat s; if (stat(POE_TEMPORARY_BASE, &s) == -1) { - if (mkdir(POE_TEMPORARY_BASE, 0755) == -1) ERROR("failed to create temporary base"); + NONNEGATIVE(mkdir(POE_TEMPORARY_BASE, 0755)); } workdir = strdup(POE_WORKDIR_TEMPLATE); if (!workdir || !mkdtemp(workdir)) ERROR("failed to create workdir"); - if (chmod(workdir, 0755) == -1) ERROR("failed to chmod workdir"); + NONNEGATIVE(chmod(workdir, 0755)); upperdir = strdup(POE_UPPERDIR_TEMPLATE); if (!upperdir || !mkdtemp(upperdir)) ERROR("failed to create upperdir"); - if (chmod(upperdir, 0755) == -1) ERROR("failed to chmod upperdir"); + NONNEGATIVE(chmod(upperdir, 0755)); mergeddir = strdup(POE_MERGEDDIR_TEMPLATE); if (!mergeddir || !mkdtemp(mergeddir)) ERROR("failed to create mergeddir"); - if (chmod(mergeddir, 0755) == -1) ERROR("failed to chmod mergeddir"); + NONNEGATIVE(chmod(mergeddir, 0755)); char *opts = NULL; - if (asprintf(&opts, "lowerdir=%s:%s,upperdir=%s,workdir=%s", env, base, upperdir, workdir) == -1) - ERROR("asprintf() failed"); - if (mount(NULL, mergeddir, "overlay", MS_NOSUID, opts) == -1) - ERROR("mount overlay failed"); + NONNEGATIVE(asprintf(&opts, "lowerdir=%s:%s,upperdir=%s,workdir=%s", env, base, upperdir, workdir)); + NONNEGATIVE(mount(NULL, mergeddir, "overlay", MS_NOSUID, opts)); return mergeddir; } diff --git a/sandbox/sandbox.c b/sandbox/sandbox.c index 5b2365b..827e7e3 100644 --- a/sandbox/sandbox.c +++ b/sandbox/sandbox.c @@ -42,25 +42,25 @@ child(const char *root, int cmdl, char *cmd[], const char *prog) assert(pid == 1); // die when parent dies - if (prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0) == -1) ERROR("prctl(PR_SET_PDEATHSIG, SIGKILL) failed"); + NONNEGATIVE(prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0)); - if (sethostname(POE_HOSTNAME, strlen(POE_HOSTNAME)) == -1) ERROR("sethostname() failed"); - if (mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL) == -1) ERROR("mount / failed"); - if (mount(root, root, "bind", MS_BIND | MS_REC, NULL) == -1) ERROR("bind root failed"); - if (chroot(root) == -1) ERROR("chroot() failed"); - // if (mount(NULL, "/proc", "proc", MS_NOSUID | MS_NOEXEC | MS_NODEV, NULL) == -1) ERROR("mount /proc failed"); - // if (mount(NULL, "/dev", "devtmpfs", MS_NOSUID | MS_NOEXEC, NULL) == -1) ERROR("mount /dev failed"); - // if (mount(NULL, "/dev/shm", "tmpfs", MS_NOSUID | MS_NODEV, NULL) == -1) ERROR("mount /dev/shm failed"); + NONNEGATIVE(sethostname(POE_HOSTNAME, strlen(POE_HOSTNAME))); + NONNEGATIVE(mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL)); + NONNEGATIVE(mount(root, root, "bind", MS_BIND | MS_REC, NULL)); + NONNEGATIVE(chroot(root)); + // NONNEGATIVE(mount(NULL, "/proc", "proc", MS_NOSUID | MS_NOEXEC | MS_NODEV, NULL)); + // NONNEGATIVE(mount(NULL, "/dev", "devtmpfs", MS_NOSUID | MS_NOEXEC, NULL)); + // NONNEGATIVE(mount(NULL, "/dev/shm", "tmpfs", MS_NOSUID | MS_NODEV, NULL)); struct passwd *pw = getpwnam(POE_USERNAME); if (!pw) ERROR("getpwnam() failed"); - if (mount(NULL, pw->pw_dir, "tmpfs", MS_NOSUID | MS_NODEV, NULL) == -1) ERROR("mount home failed"); - if (chdir("/tmp") == -1) ERROR("chdir(/tmp) failed"); - if (setsid() == -1) ERROR("setsid() failed"); - if (initgroups(POE_USERNAME, pw->pw_gid) == -1) ERROR("initgroups() failed"); - if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) ERROR("setresgid() failed"); - if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) ERROR("setresuid() failed"); + NONNEGATIVE(mount(NULL, pw->pw_dir, "tmpfs", MS_NOSUID | MS_NODEV, NULL)); + NONNEGATIVE(chdir("/tmp")); + NONNEGATIVE(setsid()); + NONNEGATIVE(initgroups(POE_USERNAME, pw->pw_gid)); + NONNEGATIVE(setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid)); + NONNEGATIVE(setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)); char *env[] = { "PATH=/opt/bin:/usr/bin", @@ -69,8 +69,7 @@ child(const char *root, int cmdl, char *cmd[], const char *prog) NULL, NULL }; - - if (asprintf(env + 3, "HOME=%s", pw->pw_dir) == -1) ERROR("asprintf() failed"); + NONNEGATIVE(asprintf(env + 3, "HOME=%s", pw->pw_dir)); for (int i = 0; i < cmdl; i++) { if (!strcmp(cmd[i], "PROGRAM")) { @@ -79,12 +78,12 @@ child(const char *root, int cmdl, char *cmd[], const char *prog) } // wait parent - if (kill(pid, SIGSTOP) == -1) ERROR("kill(self, SIGSTOP) failed"); + NONNEGATIVE(kill(pid, SIGSTOP)); - if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1) ERROR("ptctl(PR_SET_NO_NEW_PRIVS, 1) failed"); + NONNEGATIVE(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)); poe_init_seccomp(SCMP_ACT_TRACE(0)); - if (execvpe(cmd[0], cmd, env) == -1) ERROR("execvpe() failed"); + NONNEGATIVE(execvpe(cmd[0], cmd, env)); } static inline long @@ -141,7 +140,7 @@ sigchld_handler(sd_event_source *es, const struct signalfd_siginfo *si, void *vm while (true) { int status; pid_t spid = waitpid(-mpid, &status, WNOHANG | __WALL); - if (spid == -1) ERROR("waitpid() failed"); + NONNEGATIVE(spid); if (!spid) break; if (WIFEXITED(status) && spid == mpid) { @@ -203,12 +202,12 @@ stdout_handler(sd_event_source *es, int fd, uint32_t revents, void *vorig_fd) if (errno == EAGAIN) { return 0; } else { - ERROR("read() failed"); + NONNEGATIVE(n); } } else { - if (write(STDOUT_FILENO, &orig_fd, sizeof(orig_fd)) < 0) ERROR("write() failed"); - if (write(STDOUT_FILENO, &n, sizeof(n)) < 0) ERROR("write() failed"); - if (write(STDOUT_FILENO, buf, (size_t)n) < 0) ERROR("write() failed"); + NONNEGATIVE(write(STDOUT_FILENO, &orig_fd, sizeof(orig_fd))); + NONNEGATIVE(write(STDOUT_FILENO, &n, sizeof(n))); + NONNEGATIVE(write(STDOUT_FILENO, buf, (size_t)n)); } return 0; @@ -221,7 +220,6 @@ main(int argc, char *argv[]) ERROR("usage: %s baseroot envroot program cmdl..", program_invocation_short_name); } - int rc; const char *root = poe_init_playground(argv[1], argv[2]); const char *prog = copy_program(root, argv[3]); @@ -231,14 +229,14 @@ main(int argc, char *argv[]) sigprocmask(SIG_BLOCK, &mask, &omask); int stdout_fd[2], stderr_fd[2]; - if (pipe(stdout_fd) == -1) ERROR("pipe() failed"); - if (pipe(stderr_fd) == -1) ERROR("pipe() failed"); + NONNEGATIVE(pipe(stdout_fd)); + NONNEGATIVE(pipe(stderr_fd)); // TODO: CLONE_NEWUSER pid_t pid = (pid_t)syscall(SYS_clone, SIGCHLD | CLONE_NEWIPC | CLONE_NEWNS | CLONE_NEWPID | CLONE_NEWUTS | CLONE_NEWNET, 0); - if (pid == -1) { - ERROR("clone() failed"); - } else if (pid == 0) { + NONNEGATIVE(pid); + + if (pid == 0) { dup2(stdout_fd[1], STDOUT_FILENO); close(stdout_fd[0]); close(stdout_fd[1]); @@ -250,30 +248,22 @@ main(int argc, char *argv[]) child(root, argc - 4, argv + 4, prog); } else { sd_event *event = NULL; - - rc = sd_event_default(&event); - if (rc < 0) ERROR("sd_event_default() failed"); - rc = sd_event_add_signal(event, NULL, SIGCHLD, sigchld_handler, &pid); - if (rc < 0) ERROR("sd_event_add_signal() failed"); uint64_t now; - rc = sd_event_now(event, CLOCK_MONOTONIC, &now); - if (rc < 0) ERROR("sd_event_now() failed"); - rc = sd_event_add_time(event, NULL, CLOCK_MONOTONIC, now + POE_TIME_LIMIT, 0, timer_handler, &pid); - if (rc < 0) ERROR("sd_event_add_time() failed"); int stdout_fileno = STDOUT_FILENO; - rc = sd_event_add_io(event, NULL, stdout_fd[0], EPOLLIN, stdout_handler, &stdout_fileno); - if (rc < 0) ERROR("sd_event_add_io() failed"); int stderr_fileno = STDERR_FILENO; - rc = sd_event_add_io(event, NULL, stderr_fd[0], EPOLLIN, stdout_handler, &stderr_fileno); - if (rc < 0) ERROR("sd_event_add_io() failed"); - rc = ptrace(PTRACE_SEIZE, pid, NULL, PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACESECCOMP | PTRACE_O_TRACEVFORK); - if (rc < 0) ERROR("ptrace(PTRACE_SEIZE, ) failed"); + NONNEGATIVE(sd_event_default(&event)); + NONNEGATIVE(sd_event_add_signal(event, NULL, SIGCHLD, sigchld_handler, &pid)); + NONNEGATIVE(sd_event_now(event, CLOCK_MONOTONIC, &now)); + NONNEGATIVE(sd_event_add_time(event, NULL, CLOCK_MONOTONIC, now + POE_TIME_LIMIT, 0, timer_handler, &pid)); + NONNEGATIVE(sd_event_add_io(event, NULL, stdout_fd[0], EPOLLIN, stdout_handler, &stdout_fileno)); + NONNEGATIVE(sd_event_add_io(event, NULL, stderr_fd[0], EPOLLIN, stdout_handler, &stderr_fileno)); + + NONNEGATIVE(ptrace(PTRACE_SEIZE, pid, NULL, PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACESECCOMP | PTRACE_O_TRACEVFORK)); poe_init_systemd(pid); - rc = sd_event_loop(event); - if (rc < 0) ERROR("sd_event_loop() failed"); + NONNEGATIVE(sd_event_loop(event)); } ERROR("unreachable"); diff --git a/sandbox/sandbox.h b/sandbox/sandbox.h index 23262aa..25749e4 100644 --- a/sandbox/sandbox.h +++ b/sandbox/sandbox.h @@ -31,20 +31,20 @@ #include <systemd/sd-daemon.h> #include <systemd/sd-event.h> -#define DEBUG true -#define POE_USERNAME "nobody" -#define POE_HOSTNAME "poe-sandbox" - #define POE_LOWERDIR "/" #define POE_TEMPORARY_BASE "/tmp/poe" #define POE_UPPERDIR_TEMPLATE POE_TEMPORARY_BASE "/upperXXXXXX" #define POE_WORKDIR_TEMPLATE POE_TEMPORARY_BASE "/workXXXXXX" #define POE_MERGEDDIR_TEMPLATE POE_TEMPORARY_BASE "/mergedXXXXXX" +#define POE_USERNAME "nobody" +#define POE_HOSTNAME "poe-sandbox" #define POE_MEMORY_LIMIT (1024ULL * 1024ULL * 128ULL) #define POE_TASKS_LIMIT 32ULL #define POE_TIME_LIMIT (2ULL * 1000ULL * 1000ULL) // us +#define NONNEGATIVE(s) if ((s) < 0) ERROR("CRITICAL: %s:%d %s", __FILE__, __LINE__, #s) + enum poe_exit_reason { POE_SUCCESS, POE_SIGNALED, diff --git a/sandbox/systemd.c b/sandbox/systemd.c index bdeaa77..e32b66a 100644 --- a/sandbox/systemd.c +++ b/sandbox/systemd.c @@ -10,7 +10,7 @@ static sd_bus *connection = NULL; void poe_init_systemd(pid_t pid) { - if (asprintf(&unit, "poe-sandbox-%d.scope", pid) == -1) ERROR("asprintf() failed"); + NONNEGATIVE(asprintf(&unit, "poe-sandbox-%d.scope", pid)); #define test(val) if((val) == -1) ERROR("sd_bus function failed") test(sd_bus_open_system(&connection)); |