mirror of
https://github.com/systemd/systemd
synced 2024-10-04 15:21:01 +00:00
Merge pull request #33074 from keszybz/bpf-fd-handling
Small cleanups in bpf code
This commit is contained in:
commit
707890d4ff
|
@ -212,9 +212,6 @@ int fd_cloexec_many(const int fds[], size_t n_fds, bool cloexec) {
|
|||
continue;
|
||||
|
||||
RET_GATHER(r, fd_cloexec(*fd, cloexec));
|
||||
|
||||
if (r >= 0)
|
||||
r = 1; /* report if we did anything */
|
||||
}
|
||||
|
||||
return r;
|
||||
|
@ -756,8 +753,7 @@ int rearrange_stdio(int original_input_fd, int original_output_fd, int original_
|
|||
}
|
||||
|
||||
/* Let's assemble fd[] with the fds to install in place of stdin/stdout/stderr */
|
||||
for (int i = 0; i < 3; i++) {
|
||||
|
||||
for (int i = 0; i < 3; i++)
|
||||
if (fd[i] < 0)
|
||||
fd[i] = null_fd; /* A negative parameter means: connect this one to /dev/null */
|
||||
else if (fd[i] != i && fd[i] < 3) {
|
||||
|
@ -770,20 +766,16 @@ int rearrange_stdio(int original_input_fd, int original_output_fd, int original_
|
|||
|
||||
fd[i] = copy_fd[i];
|
||||
}
|
||||
}
|
||||
|
||||
/* At this point we now have the fds to use in fd[], and they are all above the stdio range, so that
|
||||
* we have freedom to move them around. If the fds already were at the right places then the specific
|
||||
* fds are -EBADF. Let's now move them to the right places. This is the point of no return. */
|
||||
for (int i = 0; i < 3; i++) {
|
||||
|
||||
for (int i = 0; i < 3; i++)
|
||||
if (fd[i] == i) {
|
||||
|
||||
/* fd is already in place, but let's make sure O_CLOEXEC is off */
|
||||
r = fd_cloexec(i, false);
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
|
||||
} else {
|
||||
assert(fd[i] > 2);
|
||||
|
||||
|
@ -792,7 +784,6 @@ int rearrange_stdio(int original_input_fd, int original_output_fd, int original_
|
|||
goto finish;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
r = 0;
|
||||
|
||||
|
|
|
@ -421,14 +421,13 @@ static int bpf_firewall_prepare_access_maps(
|
|||
|
||||
_cleanup_close_ int ipv4_map_fd = -EBADF, ipv6_map_fd = -EBADF;
|
||||
size_t n_ipv4 = 0, n_ipv6 = 0;
|
||||
Unit *p;
|
||||
int r;
|
||||
|
||||
assert(ret_ipv4_map_fd);
|
||||
assert(ret_ipv6_map_fd);
|
||||
assert(ret_has_any);
|
||||
|
||||
for (p = u; p; p = UNIT_GET_SLICE(p)) {
|
||||
for (Unit *p = u; p; p = UNIT_GET_SLICE(p)) {
|
||||
CGroupContext *cc;
|
||||
Set *prefixes;
|
||||
bool *reduced;
|
||||
|
@ -459,7 +458,7 @@ static int bpf_firewall_prepare_access_maps(
|
|||
}
|
||||
|
||||
if (n_ipv4 > 0) {
|
||||
char *name = strjoina("4_", u->id);
|
||||
const char *name = strjoina("4_", u->id);
|
||||
ipv4_map_fd = bpf_map_new(
|
||||
name,
|
||||
BPF_MAP_TYPE_LPM_TRIE,
|
||||
|
@ -472,7 +471,7 @@ static int bpf_firewall_prepare_access_maps(
|
|||
}
|
||||
|
||||
if (n_ipv6 > 0) {
|
||||
char *name = strjoina("6_", u->id);
|
||||
const char *name = strjoina("6_", u->id);
|
||||
ipv6_map_fd = bpf_map_new(
|
||||
name,
|
||||
BPF_MAP_TYPE_LPM_TRIE,
|
||||
|
@ -484,7 +483,7 @@ static int bpf_firewall_prepare_access_maps(
|
|||
return ipv6_map_fd;
|
||||
}
|
||||
|
||||
for (p = u; p; p = UNIT_GET_SLICE(p)) {
|
||||
for (Unit *p = u; p; p = UNIT_GET_SLICE(p)) {
|
||||
CGroupContext *cc;
|
||||
|
||||
cc = unit_get_cgroup_context(p);
|
||||
|
@ -511,7 +510,7 @@ static int bpf_firewall_prepare_accounting_maps(Unit *u, bool enabled, CGroupRun
|
|||
|
||||
if (enabled) {
|
||||
if (crt->ip_accounting_ingress_map_fd < 0) {
|
||||
char *name = strjoina("I_", u->id);
|
||||
const char *name = strjoina("I_", u->id);
|
||||
r = bpf_map_new(name, BPF_MAP_TYPE_ARRAY, sizeof(int), sizeof(uint64_t), 2, 0);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -520,7 +519,7 @@ static int bpf_firewall_prepare_accounting_maps(Unit *u, bool enabled, CGroupRun
|
|||
}
|
||||
|
||||
if (crt->ip_accounting_egress_map_fd < 0) {
|
||||
char *name = strjoina("E_", u->id);
|
||||
const char *name = strjoina("E_", u->id);
|
||||
r = bpf_map_new(name, BPF_MAP_TYPE_ARRAY, sizeof(int), sizeof(uint64_t), 2, 0);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
|
Loading…
Reference in a new issue