From b81689a103a39a115ea94cf4f95efb5a41397231 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sun, 5 Aug 2018 14:04:03 +0200 Subject: [PATCH] tree-wide: pass unsigned long to prctl() Signed-off-by: Christian Brauner --- src/lxc/attach.c | 6 ++++-- src/lxc/caps.c | 10 ++++++---- src/lxc/conf.c | 6 ++++-- src/lxc/initutils.c | 4 +++- src/lxc/macro.h | 2 ++ src/lxc/start.c | 6 ++++-- src/lxc/storage/nbd.c | 3 ++- src/lxc/utils.c | 3 ++- 8 files changed, 27 insertions(+), 13 deletions(-) diff --git a/src/lxc/attach.c b/src/lxc/attach.c index 6fa53ebb4..f992b4f99 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c @@ -318,7 +318,8 @@ static int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx) if (ctx->capability_mask & (1LL << cap)) continue; - if (prctl(PR_CAPBSET_DROP, cap, 0, 0, 0)) { + if (prctl(PR_CAPBSET_DROP, prctl_arg(cap), prctl_arg(0), + prctl_arg(0), prctl_arg(0))) { SYSERROR("Failed to drop capability %d", cap); return -1; } @@ -898,7 +899,8 @@ static int attach_child_main(struct attach_clone_payload *payload) if ((init_ctx->container && init_ctx->container->lxc_conf && init_ctx->container->lxc_conf->no_new_privs) || (options->attach_flags & LXC_ATTACH_NO_NEW_PRIVS)) { - ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ret = prctl(PR_SET_NO_NEW_PRIVS, prctl_arg(1), prctl_arg(0), + prctl_arg(0), prctl_arg(0)); if (ret < 0) goto on_error; diff --git a/src/lxc/caps.c b/src/lxc/caps.c index 1444b4c7e..bec3b32c6 100644 --- a/src/lxc/caps.c +++ b/src/lxc/caps.c @@ -198,7 +198,8 @@ int lxc_ambient_caps_up(void) } for (cap = 0; cap <= last_cap; cap++) { - ret = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0); + ret = prctl(PR_CAP_AMBIENT, prctl_arg(PR_CAP_AMBIENT_RAISE), + prctl_arg(cap), prctl_arg(0), prctl_arg(0)); if (ret < 0) { SYSWARN("Failed to raise ambient capability %d", cap); goto out; @@ -230,7 +231,8 @@ int lxc_ambient_caps_down(void) if (!getuid()) return 0; - ret = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0); + ret = prctl(PR_CAP_AMBIENT, prctl_arg(PR_CAP_AMBIENT_CLEAR_ALL), + prctl_arg(0), prctl_arg(0), prctl_arg(0)); if (ret < 0) { SYSERROR("Failed to clear ambient capability set"); return -1; @@ -276,7 +278,7 @@ int lxc_caps_init(void) INFO("Command is run as setuid root (uid: %d)", uid); - ret = prctl(PR_SET_KEEPCAPS, 1); + ret = prctl(PR_SET_KEEPCAPS, prctl_arg(1)); if (ret < 0) { SYSERROR("Failed to set PR_SET_KEEPCAPS"); return -1; @@ -341,7 +343,7 @@ static int _real_caps_last_cap(void) /* Try to get it manually by trying to get the status of each * capability individually from the kernel. */ - while (prctl(PR_CAPBSET_READ, cap) >= 0) + while (prctl(PR_CAPBSET_READ, prctl_arg(cap)) >= 0) cap++; result = cap - 1; diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 3cbebfb6a..90d2a23f0 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -2544,7 +2544,8 @@ static int setup_caps(struct lxc_list *caps) return -1; } - ret = prctl(PR_CAPBSET_DROP, capid, 0, 0, 0); + ret = prctl(PR_CAPBSET_DROP, prctl_arg(capid), prctl_arg(0), + prctl_arg(0), prctl_arg(0)); if (ret < 0) { SYSERROR("Failed to remove %s capability", drop_entry); return -1; @@ -2593,7 +2594,8 @@ static int dropcaps_except(struct lxc_list *caps) if (caplist[i]) continue; - ret = prctl(PR_CAPBSET_DROP, i, 0, 0, 0); + ret = prctl(PR_CAPBSET_DROP, prctl_arg(i), prctl_arg(0), + prctl_arg(0), prctl_arg(0)); if (ret < 0) { SYSERROR("Failed to remove capability %d", i); return -1; diff --git a/src/lxc/initutils.c b/src/lxc/initutils.c index 6ab39a7da..cadd82757 100644 --- a/src/lxc/initutils.c +++ b/src/lxc/initutils.c @@ -26,6 +26,7 @@ #include "initutils.h" #include "log.h" +#include "macro.h" #ifndef HAVE_STRLCPY #include "include/strlcpy.h" @@ -361,7 +362,8 @@ int setproctitle(char *title) .exe_fd = -1, }; - ret = prctl(PR_SET_MM, PR_SET_MM_MAP, (long) &prctl_map, sizeof(prctl_map), 0); + ret = prctl(PR_SET_MM, prctl_arg(PR_SET_MM_MAP), prctl_arg(&prctl_map), + prctl_arg(sizeof(prctl_map)), prctl_arg(0)); if (ret == 0) (void)strlcpy((char*)arg_start, title, len); else diff --git a/src/lxc/macro.h b/src/lxc/macro.h index d2333bf94..733cb3322 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -136,4 +136,6 @@ extern int __build_bug_on_failed; (__iterator = __it); \ __iterator = __it = strtok_r(NULL, __separators, &__p)) +#define prctl_arg(x) ((unsigned long)x) + #endif /* __LXC_MACRO_H */ diff --git a/src/lxc/start.c b/src/lxc/start.c index 92d3c64c6..3616527eb 100644 --- a/src/lxc/start.c +++ b/src/lxc/start.c @@ -1152,7 +1152,8 @@ static int do_start(void *data) if (ret < 0 && (handler->am_root || errno != EPERM)) goto out_warn_father; - ret = prctl(PR_SET_DUMPABLE, 1, 0, 0, 0); + ret = prctl(PR_SET_DUMPABLE, prctl_arg(1), prctl_arg(0), + prctl_arg(0), prctl_arg(0)); if (ret < 0) goto out_warn_father; @@ -1255,7 +1256,8 @@ static int do_start(void *data) * before we aren't allowed anymore. */ if (handler->conf->no_new_privs) { - ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ret = prctl(PR_SET_NO_NEW_PRIVS, prctl_arg(1), prctl_arg(0), + prctl_arg(0), prctl_arg(0)); if (ret < 0) { SYSERROR("Could not set PR_SET_NO_NEW_PRIVS to block " "execve() gainable privileges"); diff --git a/src/lxc/storage/nbd.c b/src/lxc/storage/nbd.c index 9f92ecc9b..771bd9e3e 100644 --- a/src/lxc/storage/nbd.c +++ b/src/lxc/storage/nbd.c @@ -209,7 +209,8 @@ static int do_attach_nbd(void *d) exit(1); } - if (prctl(PR_SET_PDEATHSIG, SIGHUP, 0, 0, 0) < 0) + if (prctl(PR_SET_PDEATHSIG, prctl_arg(SIGHUP), prctl_arg(0), + prctl_arg(0), prctl_arg(0)) < 0) SYSERROR("Error setting parent death signal for nbd watcher"); pid = fork(); diff --git a/src/lxc/utils.c b/src/lxc/utils.c index c4e8df02d..b4d3459ba 100644 --- a/src/lxc/utils.c +++ b/src/lxc/utils.c @@ -2680,7 +2680,8 @@ int lxc_set_death_signal(int signal) int ret; pid_t ppid; - ret = prctl(PR_SET_PDEATHSIG, signal, 0, 0, 0); + ret = prctl(PR_SET_PDEATHSIG, prctl_arg(signal), prctl_arg(0), + prctl_arg(0), prctl_arg(0)); /* Check whether we have been orphaned. */ ppid = (pid_t)syscall(SYS_getppid); -- 2.39.5