Re: [libvirt] [PATCH 3/4] lxc_container: Turn lxcAttachNS into calling virProcessSetNamespaces
On 08/26/2015 09:06 PM, Michal Privoznik wrote:
Now that virProcessSetNamespaces() does accept FD list in the
correct format, we can simply turn lxcAttachNS into calling
virProcessSetNamespaces().
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/lxc/lxc_container.c | 22 +++-------------------
1 file changed, 3 insertions(+), 19 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index feb8fad..eb7cad6 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -2184,25 +2184,9 @@ static int lxcContainerDropCapabilities(virDomainDefPtr def
ATTRIBUTE_UNUSED,
*/
static int lxcAttachNS(int *ns_fd)
{
- size_t i;
- if (ns_fd)
- for (i = 0; i < VIR_LXC_DOMAIN_NAMESPACE_LAST; i++) {
- if (ns_fd[i] < 0)
- continue;
- VIR_DEBUG("Setting into namespace\n");
- /* We get EINVAL if new NS is same as the current
- * NS, or if the fd namespace doesn't match the
- * type passed to setns()'s second param. Since we
- * pass 0, we know the EINVAL is harmless
- */
- if (setns(ns_fd[i], 0) < 0 &&
- errno != EINVAL) {
- virReportSystemError(errno, _("failed to set namespace
'%s'"),
- virLXCDomainNamespaceTypeToString(i));
- return -1;
- }
- VIR_FORCE_CLOSE(ns_fd[i]);
- }
+ if (ns_fd &&
+ virProcessSetNamespaces(VIR_LXC_DOMAIN_NAMESPACE_LAST, ns_fd) < 0)
Coverity wasn't very happy with this one - I got:
(1) Event suspicious_sizeof: Passing argument "ns_fd" of type "int
*"
and argument "VIR_LXC_DOMAIN_NAMESPACE_LAST" to function
"virProcessSetNamespaces" is suspicious because a multiple of "sizeof
(int)" /*4*/ is expected.
Changing 'arg1' to virProcessSetNamespaces from size_t to unsigned int
cleared the error - whether that's "right" or not, I'm not sure. I do
note the only other caller virDomainLxcEnterNamespace passes an
'unsigned int' which is why I tried that first.
John
+ return -1;
return 0;
}