diff options
| author |  smitsohu <smitsohu@gmail.com> | 2021-10-05 16:21:09 +0200 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2021-10-05 16:45:16 +0200 |
| commit | 84d5469a40bdc65aa5607d11a9060bb710bfd9b9 (patch) | |
| tree | 31abf79ee6e0117ec71e53b210ab094a6441981f /src/firejail/mountinfo.c | |
| parent | Merge pull request #4585 from smitsohu/euid (diff) | |
| download | firejail-84d5469a40bdc65aa5607d11a9060bb710bfd9b9.tar.gz firejail-84d5469a40bdc65aa5607d11a9060bb710bfd9b9.tar.zst firejail-84d5469a40bdc65aa5607d11a9060bb710bfd9b9.zip | |
simplify recursive remounting
Diffstat (limited to 'src/firejail/mountinfo.c')
| -rw-r--r-- | src/firejail/mountinfo.c | 40 |
1 files changed, 12 insertions, 28 deletions
diff --git a/src/firejail/mountinfo.c b/src/firejail/mountinfo.c index 64a94bd84..f1eb9c924 100644 --- a/src/firejail/mountinfo.c +++ b/src/firejail/mountinfo.c | |||
| @@ -151,47 +151,31 @@ MountData *get_last_mount(void) { | |||
| 151 | return &mdata; | 151 | return &mdata; |
| 152 | } | 152 | } |
| 153 | 153 | ||
| 154 | // Extract the mount id from /proc/self/fdinfo and return it. | 154 | // Needs kernel 3.15 or better |
| 155 | int get_mount_id(const char *path) { | 155 | int get_mount_id(int fd) { |
| 156 | EUID_ASSERT(); | 156 | int rv = -1; |
| 157 | assert(path); | ||
| 158 | |||
| 159 | int fd = open(path, O_PATH|O_CLOEXEC); | ||
| 160 | if (fd == -1) | ||
| 161 | return -1; | ||
| 162 | 157 | ||
| 163 | char *fdinfo; | 158 | char *proc; |
| 164 | if (asprintf(&fdinfo, "/proc/self/fdinfo/%d", fd) == -1) | 159 | if (asprintf(&proc, "/proc/self/fdinfo/%d", fd) == -1) |
| 165 | errExit("asprintf"); | 160 | errExit("asprintf"); |
| 166 | EUID_ROOT(); | 161 | EUID_ROOT(); |
| 167 | FILE *fp = fopen(fdinfo, "re"); | 162 | FILE *fp = fopen(proc, "re"); |
| 168 | EUID_USER(); | 163 | EUID_USER(); |
| 169 | free(fdinfo); | ||
| 170 | if (!fp) | 164 | if (!fp) |
| 171 | goto errexit; | 165 | goto errexit; |
| 172 | 166 | ||
| 173 | // read the file | ||
| 174 | char buf[MAX_BUF]; | 167 | char buf[MAX_BUF]; |
| 175 | if (fgets(buf, MAX_BUF, fp) == NULL) | 168 | while (fgets(buf, MAX_BUF, fp)) { |
| 176 | goto errexit; | ||
| 177 | do { | ||
| 178 | if (strncmp(buf, "mnt_id:", 7) == 0) { | 169 | if (strncmp(buf, "mnt_id:", 7) == 0) { |
| 179 | char *ptr = buf + 7; | 170 | if (sscanf(buf + 7, "%d", &rv) != 1) |
| 180 | while (*ptr != '\0' && (*ptr == ' ' || *ptr == '\t')) { | ||
| 181 | ptr++; | ||
| 182 | } | ||
| 183 | if (*ptr == '\0') | ||
| 184 | goto errexit; | 171 | goto errexit; |
| 185 | fclose(fp); | 172 | break; |
| 186 | close(fd); | ||
| 187 | return atoi(ptr); | ||
| 188 | } | 173 | } |
| 189 | } while (fgets(buf, MAX_BUF, fp)); | 174 | } |
| 190 | 175 | ||
| 191 | // fallback, kernels older than 3.15 don't expose the mount id in this place | 176 | free(proc); |
| 192 | fclose(fp); | 177 | fclose(fp); |
| 193 | close(fd); | 178 | return rv; |
| 194 | return -2; | ||
| 195 | 179 | ||
| 196 | errexit: | 180 | errexit: |
| 197 | fprintf(stderr, "Error: cannot read proc file\n"); | 181 | fprintf(stderr, "Error: cannot read proc file\n"); |