14369324968

Committed 09 Apr 2025 10:36PM UTC coverage: 71.955% (+0.04%) from 71.913%

Build # 14369324968

Build Type

push

github

Committed by

YHNdnzj

Commit Message

nspawn: replace prefix_roota() with chase()

Coverage Stats

5 of 7 new or added lines in 1 file covered. (71.43%)

1145 existing lines in 32 files now uncovered.

297058 of 412839 relevant lines covered (71.95%)

663845.19 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

83.69

/src/basic/pidfd-util.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <sys/ioctl.h>
#include <threads.h>
#include <unistd.h>

#include "errno-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "macro.h"
#include "memory-util.h"
#include "missing_fs.h"
#include "missing_magic.h"
#include "mountpoint-util.h"
#include "parse-util.h"
#include "path-util.h"
#include "pidfd-util.h"
#include "process-util.h"
#include "stat-util.h"
#include "string-util.h"

static int have_pidfs = -1;

static int pidfd_check_pidfs(int pid_fd) {

        /* NB: the passed fd *must* be acquired via pidfd_open(), i.e. must be a true pidfd! */

        if (have_pidfs >= 0)
                return have_pidfs;

        return (have_pidfs = fd_is_fs_type(pid_fd, PID_FS_MAGIC));
}

int pidfd_get_namespace(int fd, unsigned long ns_type_cmd) {
        static bool cached_supported = true;

        /* Obtain the namespace fd from pidfd directly through ioctl(PIDFD_GET_*_NAMESPACE).
         *
         * Returns -EOPNOTSUPP if ioctl on pidfds are not supported, -ENOPKG if the requested namespace
         * is disabled in kernel. (The errno used are different from what kernel returns via ioctl(),
         * see below) */

        assert(fd >= 0);

        /* If we know ahead of time that pidfs is unavailable, shortcut things. But otherwise we don't
         * call pidfd_check_pidfs() here, which is kinda extraneous and our own cache is required
         * anyways (pidfs is introduced in kernel 6.9 while ioctl support there is added in 6.11). */
        if (have_pidfs == 0 || !cached_supported)
                return -EOPNOTSUPP;

        int nsfd = ioctl(fd, ns_type_cmd);
        if (nsfd < 0) {
                /* Kernel returns EOPNOTSUPP if the ns type in question is disabled. Hence we need to look
                 * at precise errno instead of generic ERRNO_IS_(IOCTL_)NOT_SUPPORTED. */
                if (IN_SET(errno, ENOTTY, EINVAL)) {
                        cached_supported = false;
                        return -EOPNOTSUPP;
                }
                if (errno == EOPNOTSUPP) /* Translate to something more recognizable */
                        return -ENOPKG;

                return -errno;
        }

        return nsfd;
}

static int pidfd_get_info(int fd, struct pidfd_info *info) {
        static bool cached_supported = true;

        assert(fd >= 0);
        assert(info);

        if (have_pidfs == 0 || !cached_supported)
                return -EOPNOTSUPP;

        if (ioctl(fd, PIDFD_GET_INFO, info) < 0) {
                if (ERRNO_IS_IOCTL_NOT_SUPPORTED(errno)) {
                        cached_supported = false;
                        return -EOPNOTSUPP;
                }

                return -errno;
        }

        return 0;
}

static int pidfd_get_pid_fdinfo(int fd, pid_t *ret) {
        char path[STRLEN("/proc/self/fdinfo/") + DECIMAL_STR_MAX(int)];
        _cleanup_free_ char *fdinfo = NULL;
        int r;

        assert(fd >= 0);

        xsprintf(path, "/proc/self/fdinfo/%i", fd);

        r = read_full_virtual_file(path, &fdinfo, NULL);
        if (r == -ENOENT)
                return proc_fd_enoent_errno();
        if (r < 0)
                return r;

        char *p = find_line_startswith(fdinfo, "Pid:");
        if (!p)
                return -ENOTTY; /* not a pidfd? */

        p = skip_leading_chars(p, /* bad = */ NULL);
        p[strcspn(p, WHITESPACE)] = 0;

        if (streq(p, "0"))
                return -EREMOTE; /* PID is in foreign PID namespace? */
        if (streq(p, "-1"))
                return -ESRCH;   /* refers to reaped process? */

        return parse_pid(p, ret);
}

static int pidfd_get_pid_ioctl(int fd, pid_t *ret) {
        struct pidfd_info info = { .mask = PIDFD_INFO_PID };
        int r;

        assert(fd >= 0);

        r = pidfd_get_info(fd, &info);
        if (r < 0)
                return r;

        assert(FLAGS_SET(info.mask, PIDFD_INFO_PID));

        if (ret)
                *ret = info.pid;
        return 0;
}

int pidfd_get_pid(int fd, pid_t *ret) {
        int r;

        /* Converts a pidfd into a pid. We try ioctl(PIDFD_GET_INFO) (kernel 6.13+) first,
         * /proc/self/fdinfo/ as fallback. Well known errors:
         *
         *    -EBADF   → fd invalid
         *    -ESRCH   → fd valid, but process is already reaped
         *
         * pidfd_get_pid_fdinfo() might additionally fail for other reasons:
         *
         *    -ENOSYS  → /proc/ not mounted
         *    -ENOTTY  → fd valid, but not a pidfd
         *    -EREMOTE → fd valid, but pid is in another namespace we cannot translate to the local one
         *               (when using PIDFD_GET_INFO this is indistinguishable from -ESRCH)
         */

        assert(fd >= 0);

        r = pidfd_get_pid_ioctl(fd, ret);
        if (r != -EOPNOTSUPP)
                return r;

        return pidfd_get_pid_fdinfo(fd, ret);
}

int pidfd_verify_pid(int pidfd, pid_t pid) {
        pid_t current_pid;
        int r;

        assert(pidfd >= 0);
        assert(pid > 0);

        r = pidfd_get_pid(pidfd, &current_pid);
        if (r < 0)
                return r;

        return current_pid != pid ? -ESRCH : 0;
}

int pidfd_get_ppid(int fd, pid_t *ret) {
        struct pidfd_info info = { .mask = PIDFD_INFO_PID };
        int r;

        assert(fd >= 0);

        r = pidfd_get_info(fd, &info);
        if (r < 0)
                return r;

        assert(FLAGS_SET(info.mask, PIDFD_INFO_PID));

        if (info.ppid == 0) /* See comments in pid_get_ppid() */
                return -EADDRNOTAVAIL;

        if (ret)
                *ret = info.ppid;
        return 0;
}

int pidfd_get_uid(int fd, uid_t *ret) {
        struct pidfd_info info = { .mask = PIDFD_INFO_CREDS };
        int r;

        assert(fd >= 0);

        r = pidfd_get_info(fd, &info);
        if (r < 0)
                return r;

        assert(FLAGS_SET(info.mask, PIDFD_INFO_CREDS));

        if (ret)
                *ret = info.ruid;
        return 0;
}

int pidfd_get_cgroupid(int fd, uint64_t *ret) {
        struct pidfd_info info = { .mask = PIDFD_INFO_CGROUPID };
        int r;

        assert(fd >= 0);

        r = pidfd_get_info(fd, &info);
        if (r < 0)
                return r;

        assert(FLAGS_SET(info.mask, PIDFD_INFO_CGROUPID));

        if (ret)
                *ret = info.cgroupid;
        return 0;
}

int pidfd_get_inode_id(int fd, uint64_t *ret) {
        static bool file_handle_supported = true;
        int r;

        assert(fd >= 0);

        r = pidfd_check_pidfs(fd);
        if (r < 0)
                return r;
        if (r == 0)
                return -EOPNOTSUPP;

        if (file_handle_supported) {
                union {
                        struct file_handle file_handle;
                        uint8_t space[offsetof(struct file_handle, f_handle) + sizeof(uint64_t)];
                } fh = {
                        .file_handle.handle_bytes = sizeof(uint64_t),
                        .file_handle.handle_type = FILEID_KERNFS,
                };
                int mnt_id;

                r = RET_NERRNO(name_to_handle_at(fd, "", &fh.file_handle, &mnt_id, AT_EMPTY_PATH));
                if (r >= 0) {
                        if (ret)
                                *ret = *(uint64_t*) fh.file_handle.f_handle;
                        return 0;
                }
                assert(r != -EOVERFLOW);
                if (is_name_to_handle_at_fatal_error(r))
                        return r;

                file_handle_supported = false;
        }

#if SIZEOF_INO_T == 8
        struct stat st;
        if (fstat(fd, &st) < 0)
                return -errno;

        if (ret)
                *ret = (uint64_t) st.st_ino;
        return 0;

#elif SIZEOF_INO_T == 4
        /* On 32-bit systems (where sizeof(ino_t) == 4), the inode id returned by fstat() cannot be used to
         * reliably identify the process, nor can we communicate the origin of the id with the clients.
         * Hence let's just refuse to acquire pidfdid through fstat() here. All clients shall also insist on
         * the 64-bit id from name_to_handle_at(). */
        return -EOPNOTSUPP;
#else
#  error Unsupported ino_t size
#endif
}

int pidfd_get_inode_id_self_cached(uint64_t *ret) {
        static thread_local uint64_t cached = 0;
        static thread_local pid_t initialized = 0; /* < 0: cached error; == 0: invalid; > 0: valid and pid that was current */
        int r;

        assert(ret);

        if (initialized == getpid_cached()) {
                *ret = cached;
                return 0;
        }
        if (initialized < 0)
                return initialized;

        _cleanup_close_ int fd = pidfd_open(getpid_cached(), 0);
        if (fd < 0)
                return -errno;

        r = pidfd_get_inode_id(fd, &cached);
        if (ERRNO_IS_NEG_NOT_SUPPORTED(r))
                return (initialized = -EOPNOTSUPP);
        if (r < 0)
                return r;

        *ret = cached;
        initialized = getpid_cached();
        return 0;
}

1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3	#include <sys/ioctl.h>
4	#include <threads.h>
5	#include <unistd.h>
6
7	#include "errno-util.h"
8	#include "fd-util.h"
9	#include "fileio.h"
10	#include "macro.h"
11	#include "memory-util.h"
12	#include "missing_fs.h"
13	#include "missing_magic.h"
14	#include "mountpoint-util.h"
15	#include "parse-util.h"
16	#include "path-util.h"
17	#include "pidfd-util.h"
18	#include "process-util.h"
19	#include "stat-util.h"
20	#include "string-util.h"
21
22	static int have_pidfs = -1;
23
24	static int pidfd_check_pidfs(int pid_fd) {	39,231✔
25
26	/* NB: the passed fd must be acquired via pidfd_open(), i.e. must be a true pidfd! */
27
28	if (have_pidfs >= 0)	39,231✔
29	return have_pidfs;
30
31	return (have_pidfs = fd_is_fs_type(pid_fd, PID_FS_MAGIC));	18,429✔
32	}
33
34	int pidfd_get_namespace(int fd, unsigned long ns_type_cmd) {	8,130✔
35	static bool cached_supported = true;	8,130✔
36
37	/* Obtain the namespace fd from pidfd directly through ioctl(PIDFD_GET_*_NAMESPACE).
38	*
39	* Returns -EOPNOTSUPP if ioctl on pidfds are not supported, -ENOPKG if the requested namespace
40	* is disabled in kernel. (The errno used are different from what kernel returns via ioctl(),
41	* see below) */
42
43	assert(fd >= 0);	8,130✔
44
45	/* If we know ahead of time that pidfs is unavailable, shortcut things. But otherwise we don't
46	* call pidfd_check_pidfs() here, which is kinda extraneous and our own cache is required
47	* anyways (pidfs is introduced in kernel 6.9 while ioctl support there is added in 6.11). */
48	if (have_pidfs == 0 \|\| !cached_supported)	8,130✔
49	return -EOPNOTSUPP;
50
51	int nsfd = ioctl(fd, ns_type_cmd);	6,985✔
52	if (nsfd < 0) {	6,985✔
53	/* Kernel returns EOPNOTSUPP if the ns type in question is disabled. Hence we need to look
54	* at precise errno instead of generic ERRNO_IS_(IOCTL_)NOT_SUPPORTED. */
55	if (IN_SET(errno, ENOTTY, EINVAL)) {	795✔
56	cached_supported = false;	795✔
57	return -EOPNOTSUPP;	795✔
58	}
59	if (errno == EOPNOTSUPP) /* Translate to something more recognizable */	×
60	return -ENOPKG;
61
62	return -errno;	×
63	}
64
65	return nsfd;
66	}
67
68	static int pidfd_get_info(int fd, struct pidfd_info *info) {	50,035✔
69	static bool cached_supported = true;	50,035✔
70
71	assert(fd >= 0);	50,035✔
72	assert(info);	50,035✔
73
74	if (have_pidfs == 0 \|\| !cached_supported)	50,035✔
75	return -EOPNOTSUPP;
76
77	if (ioctl(fd, PIDFD_GET_INFO, info) < 0) {	33,037✔
78	if (ERRNO_IS_IOCTL_NOT_SUPPORTED(errno)) {	1,436✔
79	cached_supported = false;	961✔
80	return -EOPNOTSUPP;	961✔
81	}
82
83	return -errno;	475✔
84	}
85
86	return 0;
87	}
88
89	static int pidfd_get_pid_fdinfo(int fd, pid_t *ret) {	16,596✔
90	char path[STRLEN("/proc/self/fdinfo/") + DECIMAL_STR_MAX(int)];	16,596✔
91	_cleanup_free_ char *fdinfo = NULL;	16,596✔
92	int r;	16,596✔
93
94	assert(fd >= 0);	16,596✔
95
96	xsprintf(path, "/proc/self/fdinfo/%i", fd);	16,596✔
97
98	r = read_full_virtual_file(path, &fdinfo, NULL);	16,596✔
99	if (r == -ENOENT)	16,596✔
100	return proc_fd_enoent_errno();	×
101	if (r < 0)	16,596✔
102	return r;
103
104	char *p = find_line_startswith(fdinfo, "Pid:");	16,596✔
105	if (!p)	16,596✔
106	return -ENOTTY; /* not a pidfd? */
107
108	p = skip_leading_chars(p, /* bad = */ NULL);	16,596✔
109	p[strcspn(p, WHITESPACE)] = 0;	16,596✔
110
111	if (streq(p, "0"))	16,596✔
112	return -EREMOTE; /* PID is in foreign PID namespace? */
113	if (streq(p, "-1"))	16,596✔
114	return -ESRCH; /* refers to reaped process? */
115
116	return parse_pid(p, ret);	15,278✔
117	}
118
119	static int pidfd_get_pid_ioctl(int fd, pid_t *ret) {	47,736✔
120	struct pidfd_info info = { .mask = PIDFD_INFO_PID };	47,736✔
121	int r;	47,736✔
122
123	assert(fd >= 0);	47,736✔
124
125	r = pidfd_get_info(fd, &info);	47,736✔
126	if (r < 0)	47,736✔
127	return r;	47,736✔
128
129	assert(FLAGS_SET(info.mask, PIDFD_INFO_PID));	30,665✔
130
131	if (ret)	30,665✔
132	*ret = info.pid;	30,665✔
133	return 0;
134	}
135
136	int pidfd_get_pid(int fd, pid_t *ret) {	47,736✔
137	int r;	47,736✔
138
139	/* Converts a pidfd into a pid. We try ioctl(PIDFD_GET_INFO) (kernel 6.13+) first,
140	* /proc/self/fdinfo/ as fallback. Well known errors:
141	*
142	* -EBADF → fd invalid
143	* -ESRCH → fd valid, but process is already reaped
144	*
145	* pidfd_get_pid_fdinfo() might additionally fail for other reasons:
146	*
147	* -ENOSYS → /proc/ not mounted
148	* -ENOTTY → fd valid, but not a pidfd
149	* -EREMOTE → fd valid, but pid is in another namespace we cannot translate to the local one
150	* (when using PIDFD_GET_INFO this is indistinguishable from -ESRCH)
151	*/
152
153	assert(fd >= 0);	47,736✔
154
155	r = pidfd_get_pid_ioctl(fd, ret);	47,736✔
156	if (r != -EOPNOTSUPP)	47,736✔
157	return r;
158
159	return pidfd_get_pid_fdinfo(fd, ret);	16,596✔
160	}
161
162	int pidfd_verify_pid(int pidfd, pid_t pid) {	31,469✔
163	pid_t current_pid;	31,469✔
164	int r;	31,469✔
165
166	assert(pidfd >= 0);	31,469✔
167	assert(pid > 0);	31,469✔
168
169	r = pidfd_get_pid(pidfd, &current_pid);	31,469✔
170	if (r < 0)	31,469✔
171	return r;	31,469✔
172
173	return current_pid != pid ? -ESRCH : 0;	29,676✔
174	}
175
176	int pidfd_get_ppid(int fd, pid_t *ret) {	2,254✔
177	struct pidfd_info info = { .mask = PIDFD_INFO_PID };	2,254✔
178	int r;	2,254✔
179
180	assert(fd >= 0);	2,254✔
181
182	r = pidfd_get_info(fd, &info);	2,254✔
183	if (r < 0)	2,254✔
184	return r;	2,254✔
185
186	assert(FLAGS_SET(info.mask, PIDFD_INFO_PID));	900✔
187
188	if (info.ppid == 0) /* See comments in pid_get_ppid() */	900✔
189	return -EADDRNOTAVAIL;
190
191	if (ret)	900✔
192	*ret = info.ppid;	900✔
193	return 0;
194	}
195
196	int pidfd_get_uid(int fd, uid_t *ret) {	45✔
197	struct pidfd_info info = { .mask = PIDFD_INFO_CREDS };	45✔
198	int r;	45✔
199
200	assert(fd >= 0);	45✔
201
202	r = pidfd_get_info(fd, &info);	45✔
203	if (r < 0)	45✔
204	return r;	45✔
205
206	assert(FLAGS_SET(info.mask, PIDFD_INFO_CREDS));	36✔
207
208	if (ret)	36✔
209	*ret = info.ruid;	36✔
210	return 0;
211	}
212
213	int pidfd_get_cgroupid(int fd, uint64_t *ret) {	×
214	struct pidfd_info info = { .mask = PIDFD_INFO_CGROUPID };	×
215	int r;	×
216
217	assert(fd >= 0);	×
218
219	r = pidfd_get_info(fd, &info);	×
220	if (r < 0)	×
221	return r;	×
222
223	assert(FLAGS_SET(info.mask, PIDFD_INFO_CGROUPID));	×
224
225	if (ret)	×
226	*ret = info.cgroupid;	×
227	return 0;
228	}
229
230	int pidfd_get_inode_id(int fd, uint64_t *ret) {	39,231✔
231	static bool file_handle_supported = true;	39,231✔
232	int r;	39,231✔
233
234	assert(fd >= 0);	39,231✔
235
236	r = pidfd_check_pidfs(fd);	39,231✔
237	if (r < 0)	39,231✔
238	return r;	39,231✔
239	if (r == 0)	39,231✔
240	return -EOPNOTSUPP;
241
242	if (file_handle_supported) {	33,459✔
243	union {	33,459✔
244	struct file_handle file_handle;
245	uint8_t space[offsetof(struct file_handle, f_handle) + sizeof(uint64_t)];
246	} fh = {	33,459✔
247	.file_handle.handle_bytes = sizeof(uint64_t),
248	.file_handle.handle_type = FILEID_KERNFS,
249	};
250	int mnt_id;	33,459✔
251
252	r = RET_NERRNO(name_to_handle_at(fd, "", &fh.file_handle, &mnt_id, AT_EMPTY_PATH));	33,459✔
UNCOV 253	if (r >= 0) {	×
254	if (ret)	33,459✔
255	ret = (uint64_t*) fh.file_handle.f_handle;	33,459✔
256	return 0;	33,459✔
257	}
UNCOV 258	assert(r != -EOVERFLOW);	×
UNCOV 259	if (is_name_to_handle_at_fatal_error(r))	×
260	return r;
261
UNCOV 262	file_handle_supported = false;	×
263	}
264
265	#if SIZEOF_INO_T == 8
UNCOV 266	struct stat st;	×
UNCOV 267	if (fstat(fd, &st) < 0)	×
268	return -errno;	×
269
UNCOV 270	if (ret)	×
UNCOV 271	*ret = (uint64_t) st.st_ino;	×
272	return 0;
273
274	#elif SIZEOF_INO_T == 4
275	/* On 32-bit systems (where sizeof(ino_t) == 4), the inode id returned by fstat() cannot be used to
276	* reliably identify the process, nor can we communicate the origin of the id with the clients.
277	* Hence let's just refuse to acquire pidfdid through fstat() here. All clients shall also insist on
278	* the 64-bit id from name_to_handle_at(). */
279	return -EOPNOTSUPP;
280	#else
281	# error Unsupported ino_t size
282	#endif
283	}
284
285	int pidfd_get_inode_id_self_cached(uint64_t *ret) {	38,502✔
286	static thread_local uint64_t cached = 0;	38,502✔
287	static thread_local pid_t initialized = 0; /* < 0: cached error; == 0: invalid; > 0: valid and pid that was current */	38,502✔
288	int r;	38,502✔
289
290	assert(ret);	38,502✔
291
292	if (initialized == getpid_cached()) {	38,502✔
293	*ret = cached;	4,057✔
294	return 0;	4,057✔
295	}
296	if (initialized < 0)	34,445✔
297	return initialized;
298
299	_cleanup_close_ int fd = pidfd_open(getpid_cached(), 0);	72,495✔
300	if (fd < 0)	33,993✔
301	return -errno;	×
302
303	r = pidfd_get_inode_id(fd, &cached);	33,993✔
304	if (ERRNO_IS_NEG_NOT_SUPPORTED(r))	33,993✔
305	return (initialized = -EOPNOTSUPP);	3,503✔
306	if (r < 0)	30,490✔
307	return r;
308
309	*ret = cached;	30,490✔
310	initialized = getpid_cached();	30,490✔
311	return 0;	30,490✔
312	}

systemd / systemd / 14369324968

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous