return dirfd;
}
-int safe_mount_beneath(const char *beneath, const char *src, const char *dst, const char *fstype,
- unsigned int flags, const void *data)
+int __safe_mount_beneath_at(int beneath_fd, const char *src, const char *dst, const char *fstype,
+ unsigned int flags, const void *data)
{
- __do_close int beneath_fd = -EBADF, source_fd = -EBADF, target_fd = -EBADF;
- const char *path = beneath ? beneath : "/";
+ __do_close int source_fd = -EBADF, target_fd = -EBADF;
struct lxc_open_how how = {
.flags = O_RDONLY | O_CLOEXEC | O_PATH,
.resolve = RESOLVE_NO_XDEV | RESOLVE_NO_SYMLINKS | RESOLVE_NO_MAGICLINKS | RESOLVE_BENEATH,
int ret;
char src_buf[LXC_PROC_PID_FD_LEN], tgt_buf[LXC_PROC_PID_FD_LEN];
- beneath_fd = openat(-1, beneath, O_RDONLY | O_CLOEXEC | O_DIRECTORY | O_PATH);
if (beneath_fd < 0)
- return log_error_errno(-errno, errno, "Failed to open %s", path);
+ return -EINVAL;
if ((flags & MS_BIND) && src && src[0] != '/') {
source_fd = openat2(beneath_fd, src, &how, sizeof(how));
return ret;
}
+int safe_mount_beneath(const char *beneath, const char *src, const char *dst, const char *fstype,
+ unsigned int flags, const void *data)
+{
+ __do_close int beneath_fd = -EBADF;
+ const char *path = beneath ? beneath : "/";
+
+ beneath_fd = openat(-1, beneath, O_RDONLY | O_CLOEXEC | O_DIRECTORY | O_PATH);
+ if (beneath_fd < 0)
+ return log_error_errno(-errno, errno, "Failed to open %s", path);
+
+ return __safe_mount_beneath_at(beneath_fd, src, dst, fstype, flags, data);
+}
+
+int safe_mount_beneath_at(int beneath_fd, const char *src, const char *dst, const char *fstype,
+ unsigned int flags, const void *data)
+{
+ return __safe_mount_beneath_at(beneath_fd, src, dst, fstype, flags, data);
+}
+
/*
* Safely mount a path into a container, ensuring that the mount target
* is under the container's @rootfs. (If @rootfs is NULL, then the container
__hidden extern bool multiply_overflow(int64_t base, uint64_t mult, int64_t *res);
-extern int safe_mount_beneath(const char *beneath, const char *src, const char *dst,
- const char *fstype, unsigned int flags, const void *data);
+__hidden extern int safe_mount_beneath(const char *beneath, const char *src, const char *dst,
+ const char *fstype, unsigned int flags, const void *data);
+__hidden extern int safe_mount_beneath_at(int beneat_fd, const char *src, const char *dst,
+ const char *fstype, unsigned int flags, const void *data);
#endif /* __LXC_UTILS_H */