Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
lukaCoding
nvidia-container-runtime
提交
a86bd334
N
nvidia-container-runtime
项目概览
lukaCoding
/
nvidia-container-runtime
与 Fork 源项目一致
从无法访问的项目Fork
通知
4
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
N
nvidia-container-runtime
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
a86bd334
编写于
3月 02, 2018
作者:
J
Jonathan Calmels
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Rename some utility functions
上级
9398d41d
变更
17
隐藏空白更改
内联
并排
Showing
17 changed file
with
108 addition
and
94 deletion
+108
-94
src/cli/common.c
src/cli/common.c
+1
-1
src/cli/configure.c
src/cli/configure.c
+13
-13
src/cli/dsl.c
src/cli/dsl.c
+1
-1
src/cli/list.c
src/cli/list.c
+1
-1
src/cli/main.c
src/cli/main.c
+3
-3
src/driver.c
src/driver.c
+1
-1
src/elftool.c
src/elftool.c
+2
-2
src/error_generic.c
src/error_generic.c
+1
-1
src/ldcache.c
src/ldcache.c
+2
-2
src/nvc.c
src/nvc.c
+4
-4
src/nvc_container.c
src/nvc_container.c
+7
-7
src/nvc_info.c
src/nvc_info.c
+11
-11
src/nvc_ldcache.c
src/nvc_ldcache.c
+3
-3
src/nvc_mount.c
src/nvc_mount.c
+10
-10
src/options.c
src/options.c
+1
-1
src/utils.c
src/utils.c
+34
-22
src/utils.h
src/utils.h
+13
-11
未找到文件。
src/cli/common.c
浏览文件 @
a86bd334
...
...
@@ -18,7 +18,7 @@ select_devices(struct error *err, char *devs, const struct nvc_device *selected[
while
((
gpu
=
strsep
(
&
devs
,
","
))
!=
NULL
)
{
if
(
*
gpu
==
'\0'
)
continue
;
if
(
!
strcasecmp
(
gpu
,
"all"
))
{
if
(
str_case_equal
(
gpu
,
"all"
))
{
for
(
i
=
0
;
i
<
size
;
++
i
)
selected
[
i
]
=
&
available
[
i
];
break
;
...
...
src/cli/configure.c
浏览文件 @
a86bd334
...
...
@@ -56,11 +56,11 @@ configure_parser(int key, char *arg, struct argp_state *state)
switch
(
key
)
{
case
'p'
:
if
(
str
to
pid
(
&
err
,
arg
,
&
ctx
->
pid
)
<
0
)
if
(
str
_to_
pid
(
&
err
,
arg
,
&
ctx
->
pid
)
<
0
)
goto
fatal
;
break
;
case
'd'
:
if
(
strjoin
(
&
err
,
&
ctx
->
devices
,
arg
,
","
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
devices
,
arg
,
","
)
<
0
)
goto
fatal
;
break
;
case
'r'
:
...
...
@@ -74,41 +74,41 @@ configure_parser(int key, char *arg, struct argp_state *state)
ctx
->
ldconfig
=
arg
;
break
;
case
'c'
:
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"compute"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"compute"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
'u'
:
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"utility"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"utility"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
'v'
:
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"video"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"video"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
'g'
:
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"graphics"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"graphics"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
'D'
:
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"display"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"display"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
0x80
:
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"compat32"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"compat32"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
0x81
:
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"no-cgroups"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"no-cgroups"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
0x82
:
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"no-devbind"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"no-devbind"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
ARGP_KEY_ARG
:
if
(
state
->
arg_num
>
0
)
argp_usage
(
state
);
if
(
arg
[
0
]
!=
'/'
||
!
strcmp
(
arg
,
"/"
))
{
if
(
arg
[
0
]
!=
'/'
||
str_equal
(
arg
,
"/"
))
{
error_setx
(
&
err
,
"invalid rootfs directory"
);
goto
fatal
;
}
...
...
@@ -116,11 +116,11 @@ configure_parser(int key, char *arg, struct argp_state *state)
break
;
case
ARGP_KEY_SUCCESS
:
if
(
ctx
->
pid
>
0
)
{
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"supervised"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"supervised"
,
" "
)
<
0
)
goto
fatal
;
}
else
{
ctx
->
pid
=
getppid
();
if
(
strjoin
(
&
err
,
&
ctx
->
container_flags
,
"standalone"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
container_flags
,
"standalone"
,
" "
)
<
0
)
goto
fatal
;
}
break
;
...
...
src/cli/dsl.c
浏览文件 @
a86bd334
...
...
@@ -103,7 +103,7 @@ evaluate_rule(char *buf, char *expr, void *ctx, const struct dsl_rule rules[], s
/* Lookup the rule and evaluate it. */
for
(
i
=
0
;
i
<
size
;
++
i
)
{
if
(
!
strcasecmp
(
expr
,
rules
[
i
].
name
))
{
if
(
str_case_equal
(
expr
,
rules
[
i
].
name
))
{
if
((
ret
=
rules
[
i
].
func
(
ctx
,
op
->
cmp
,
val
))
==
false
)
{
/* Save the expression formatted for error reporting. */
if
(
snprintf
(
buf
,
EXPR_MAX
,
"%s %s %s"
,
expr
,
op
->
str
,
val
)
>=
EXPR_MAX
)
...
...
src/cli/list.c
浏览文件 @
a86bd334
...
...
@@ -36,7 +36,7 @@ list_parser(int key, char *arg, struct argp_state *state)
switch
(
key
)
{
case
'd'
:
if
(
strjoin
(
&
err
,
&
ctx
->
devices
,
arg
,
","
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
devices
,
arg
,
","
)
<
0
)
goto
fatal
;
break
;
case
'l'
:
...
...
src/cli/main.c
浏览文件 @
a86bd334
...
...
@@ -66,7 +66,7 @@ static const struct command *
lookup_command
(
struct
argp_state
*
state
)
{
for
(
size_t
i
=
0
;
i
<
nitems
(
commands
);
++
i
)
{
if
(
!
strcmp
(
state
->
argv
[
0
],
commands
[
i
].
name
))
{
if
(
str_equal
(
state
->
argv
[
0
],
commands
[
i
].
name
))
{
state
->
argv
[
0
]
=
alloca
(
strlen
(
state
->
name
)
+
strlen
(
commands
[
i
].
name
)
+
2
);
sprintf
(
state
->
argv
[
0
],
"%s %s"
,
state
->
name
,
commands
[
i
].
name
);
argp_parse
(
commands
[
i
].
argp
,
state
->
argc
,
state
->
argv
,
0
,
NULL
,
state
->
input
);
...
...
@@ -89,12 +89,12 @@ parser(int key, char *arg, struct argp_state *state)
break
;
case
'k'
:
ctx
->
load_kmods
=
true
;
if
(
strjoin
(
&
err
,
&
ctx
->
init_flags
,
"load-kmods"
,
" "
)
<
0
)
if
(
str
_
join
(
&
err
,
&
ctx
->
init_flags
,
"load-kmods"
,
" "
)
<
0
)
goto
fatal
;
break
;
case
'u'
:
if
(
arg
!=
NULL
)
{
if
(
str
to
ugid
(
&
err
,
arg
,
&
ctx
->
uid
,
&
ctx
->
gid
)
<
0
)
if
(
str
_to_
ugid
(
&
err
,
arg
,
&
ctx
->
uid
,
&
ctx
->
gid
)
<
0
)
goto
fatal
;
}
else
{
ctx
->
uid
=
geteuid
();
...
...
src/driver.c
浏览文件 @
a86bd334
...
...
@@ -145,7 +145,7 @@ setup_rpc_service(struct driver *ctx, const char *root, uid_t uid, gid_t gid, pi
if
(
getppid
()
!=
ppid
)
kill
(
getpid
(),
SIGTERM
);
if
(
strcmp
(
root
,
"/"
))
{
if
(
!
str_equal
(
root
,
"/"
))
{
if
(
chroot
(
root
)
<
0
||
chdir
(
"/"
)
<
0
)
{
error_set
(
ctx
->
err
,
"change root failed"
);
goto
fail
;
...
...
src/elftool.c
浏览文件 @
a86bd334
...
...
@@ -91,7 +91,7 @@ lookup_section(struct elftool *ctx, GElf_Shdr *shdr, Elf_Scn **scn, Elf64_Word t
goto
fail
;
if
(
shdr
->
sh_type
==
type
&&
name
==
NULL
)
return
(
0
);
else
if
(
shdr
->
sh_type
==
type
&&
!
strcmp
(
shname
,
name
))
else
if
(
shdr
->
sh_type
==
type
&&
str_equal
(
shname
,
name
))
return
(
0
);
}
error_setx
(
ctx
->
err
,
"elf section 0x%x missing: %s"
,
type
,
ctx
->
path
);
...
...
@@ -122,7 +122,7 @@ elftool_has_dependency(struct elftool *ctx, const char *lib)
if
(
dyn
.
d_tag
==
DT_NEEDED
)
{
if
((
dep
=
elf_strptr
(
ctx
->
elf
,
shdr
.
sh_link
,
dyn
.
d_un
.
d_ptr
))
==
NULL
)
goto
fail
;
if
(
!
strpcmp
(
dep
,
lib
))
if
(
str_has_prefix
(
dep
,
lib
))
return
(
true
);
}
}
...
...
src/error_generic.c
浏览文件 @
a86bd334
...
...
@@ -45,7 +45,7 @@ error_vset(struct error *err, int errcode, const char *errmsg, const char *fmt,
goto
fail
;
}
err
->
msg
[
strcspn
(
err
->
msg
,
"
\n
"
)]
=
'\0'
;
strlower
(
strrchr
(
err
->
msg
,
':'
));
str
_
lower
(
strrchr
(
err
->
msg
,
':'
));
rv
=
0
;
fail:
...
...
src/ldcache.c
浏览文件 @
a86bd334
...
...
@@ -126,11 +126,11 @@ ldcache_resolve(struct ldcache *ctx, uint32_t arch, const char *root, const char
continue
;
for
(
size_t
j
=
0
;
j
<
size
;
++
j
)
{
if
(
strpcmp
(
key
,
libs
[
j
]))
if
(
!
str_has_prefix
(
key
,
libs
[
j
]))
continue
;
if
(
path_resolve
(
ctx
->
err
,
path
,
root
,
value
)
<
0
)
return
(
-
1
);
if
(
paths
[
j
]
!=
NULL
&&
!
strcmp
(
paths
[
j
],
path
))
if
(
paths
[
j
]
!=
NULL
&&
str_equal
(
paths
[
j
],
path
))
continue
;
if
((
override
=
select
(
ctx
->
err
,
select_ctx
,
root
,
paths
[
j
],
path
))
<
0
)
return
(
-
1
);
...
...
src/nvc.c
浏览文件 @
a86bd334
...
...
@@ -113,7 +113,7 @@ init_within_userns(struct error *err)
if
(
file_read_line
(
err
,
PROC_UID_MAP_PATH
(
PROC_SELF
),
buf
,
sizeof
(
buf
))
<
0
)
return
((
err
->
code
==
ENOENT
)
?
false
:
-
1
);
/* User namespace unsupported. */
if
(
strempty
(
buf
))
if
(
str
_
empty
(
buf
))
return
(
true
);
/* User namespace uninitialized. */
if
(
sscanf
(
buf
,
"%"
PRIu32
" %"
PRIu32
" %"
PRIu32
,
&
start
,
&
pstart
,
&
len
)
<
3
)
{
error_setx
(
err
,
"invalid map file: %s"
,
PROC_UID_MAP_PATH
(
PROC_SELF
));
...
...
@@ -124,7 +124,7 @@ init_within_userns(struct error *err)
if
(
file_read_line
(
err
,
PROC_GID_MAP_PATH
(
PROC_SELF
),
buf
,
sizeof
(
buf
))
<
0
)
return
((
err
->
code
==
ENOENT
)
?
false
:
-
1
);
if
(
strempty
(
buf
))
if
(
str
_
empty
(
buf
))
return
(
true
);
if
(
sscanf
(
buf
,
"%"
PRIu32
" %"
PRIu32
" %"
PRIu32
,
&
start
,
&
pstart
,
&
len
)
<
3
)
{
error_setx
(
err
,
"invalid map file: %s"
,
PROC_GID_MAP_PATH
(
PROC_SELF
));
...
...
@@ -135,7 +135,7 @@ init_within_userns(struct error *err)
if
(
file_read_line
(
err
,
PROC_SETGROUPS_PATH
(
PROC_SELF
),
buf
,
sizeof
(
buf
))
<
0
)
return
((
err
->
code
==
ENOENT
)
?
false
:
-
1
);
if
(
!
strpcmp
(
buf
,
"deny"
))
if
(
str_has_prefix
(
buf
,
"deny"
))
return
(
true
);
return
(
false
);
...
...
@@ -263,7 +263,7 @@ nvc_init(struct nvc_context *ctx, const struct nvc_config *cfg, const char *opts
return
(
0
);
if
(
cfg
==
NULL
)
cfg
=
&
(
struct
nvc_config
){
NULL
,
NULL
,
(
uid_t
)
-
1
,
(
gid_t
)
-
1
};
if
(
validate_args
(
ctx
,
!
str
empty
(
cfg
->
ldcache
)
&&
!
str
empty
(
cfg
->
root
))
<
0
)
if
(
validate_args
(
ctx
,
!
str
_empty
(
cfg
->
ldcache
)
&&
!
str_
empty
(
cfg
->
root
))
<
0
)
return
(
-
1
);
if
(
opts
==
NULL
)
opts
=
default_library_opts
;
...
...
src/nvc_container.c
浏览文件 @
a86bd334
...
...
@@ -68,11 +68,11 @@ cgroup_mount(char *line, char *prefix, const char *subsys)
return
(
NULL
);
if
(
*
root
==
'\0'
||
*
mount
==
'\0'
||
*
fstype
==
'\0'
||
*
substr
==
'\0'
)
return
(
NULL
);
if
(
strcmp
(
fstype
,
"cgroup"
))
if
(
!
str_equal
(
fstype
,
"cgroup"
))
return
(
NULL
);
if
(
strstr
(
substr
,
subsys
)
==
NULL
)
return
(
NULL
);
if
(
strlen
(
root
)
>=
PATH_MAX
||
!
strpcmp
(
root
,
"/.."
))
if
(
strlen
(
root
)
>=
PATH_MAX
||
str_has_prefix
(
root
,
"/.."
))
return
(
NULL
);
strcpy
(
prefix
,
root
);
...
...
@@ -94,9 +94,9 @@ cgroup_root(char *line, char *prefix, const char *subsys)
return
(
NULL
);
if
(
strstr
(
substr
,
subsys
)
==
NULL
)
return
(
NULL
);
if
(
strlen
(
root
)
>=
PATH_MAX
||
!
strpcmp
(
root
,
"/.."
))
if
(
strlen
(
root
)
>=
PATH_MAX
||
str_has_prefix
(
root
,
"/.."
))
return
(
NULL
);
if
(
strcmp
(
prefix
,
"/"
)
&&
!
strpcmp
(
root
,
prefix
))
if
(
!
str_equal
(
prefix
,
"/"
)
&&
str_has_prefix
(
root
,
prefix
))
root
+=
strlen
(
prefix
);
return
(
root
);
...
...
@@ -260,7 +260,7 @@ copy_config(struct error *err, struct nvc_container *cnt, const struct nvc_conta
goto
fail
;
if
((
ret
=
file_exists
(
err
,
path
))
<
0
)
goto
fail
;
if
(
ret
&&
strcmp
(
path
,
tmp
))
if
(
ret
&&
!
str_equal
(
path
,
tmp
))
libs32_dir
=
USR_LIB32_ALT_DIR
;
}
}
...
...
@@ -301,8 +301,8 @@ nvc_container_new(struct nvc_context *ctx, const struct nvc_container_config *cf
if
(
validate_context
(
ctx
)
<
0
)
return
(
NULL
);
if
(
validate_args
(
ctx
,
cfg
!=
NULL
&&
cfg
->
pid
>
0
&&
cfg
->
rootfs
!=
NULL
&&
!
strempty
(
cfg
->
rootfs
)
&&
cfg
->
rootfs
[
0
]
==
'/'
&&
!
str
empty
(
cfg
->
bins_dir
)
&&
!
strempty
(
cfg
->
libs_dir
)
&&
!
strempty
(
cfg
->
libs32_dir
)
&&
!
str
empty
(
cfg
->
ldconfig
))
<
0
)
if
(
validate_args
(
ctx
,
cfg
!=
NULL
&&
cfg
->
pid
>
0
&&
cfg
->
rootfs
!=
NULL
&&
!
str
_
empty
(
cfg
->
rootfs
)
&&
cfg
->
rootfs
[
0
]
==
'/'
&&
!
str
_empty
(
cfg
->
bins_dir
)
&&
!
str_empty
(
cfg
->
libs_dir
)
&&
!
str_empty
(
cfg
->
libs32_dir
)
&&
!
str_
empty
(
cfg
->
ldconfig
))
<
0
)
return
(
NULL
);
if
(
opts
==
NULL
)
opts
=
default_container_opts
;
...
...
src/nvc_info.c
浏览文件 @
a86bd334
...
...
@@ -126,15 +126,15 @@ select_libraries(struct error *err, void *ptr, const char *root, const char *ori
return
(
-
1
);
lib
=
basename
(
alt_path
);
if
(
!
strpcmp
(
lib
,
"libnvidia-tls.so"
))
{
if
(
str_has_prefix
(
lib
,
"libnvidia-tls.so"
))
{
/* Only choose the TLS library using the new ABI (kernel 2.3.99). */
if
((
rv
=
elftool_has_abi
(
&
et
,
(
uint32_t
[
3
]){
0x02
,
0x03
,
0x63
}))
!=
true
)
goto
done
;
}
/* Check the driver version. */
if
((
rv
=
!
strrcmp
(
lib
,
info
->
nvrm_version
))
==
false
)
if
((
rv
=
str_has_suffix
(
lib
,
info
->
nvrm_version
))
==
false
)
goto
done
;
if
(
strmatch
(
lib
,
graphics_libs_compat
,
nitems
(
graphics_libs_compat
)))
{
if
(
str
_array_
match
(
lib
,
graphics_libs_compat
,
nitems
(
graphics_libs_compat
)))
{
/* Only choose OpenGL/EGL libraries issued by NVIDIA. */
if
((
rv
=
elftool_has_dependency
(
&
et
,
"libnvidia-glcore.so"
))
!=
false
)
goto
done
;
...
...
@@ -394,9 +394,9 @@ lookup_ipcs(struct error *err, struct nvc_driver_info *info, const char *root, i
bool
match_binary_flags
(
const
char
*
bin
,
int32_t
flags
)
{
if
((
flags
&
OPT_UTILITY_BINS
)
&&
strmatch
(
bin
,
utility_bins
,
nitems
(
utility_bins
)))
if
((
flags
&
OPT_UTILITY_BINS
)
&&
str
_array_
match
(
bin
,
utility_bins
,
nitems
(
utility_bins
)))
return
(
true
);
if
((
flags
&
OPT_COMPUTE_BINS
)
&&
strmatch
(
bin
,
compute_bins
,
nitems
(
compute_bins
)))
if
((
flags
&
OPT_COMPUTE_BINS
)
&&
str
_array_
match
(
bin
,
compute_bins
,
nitems
(
compute_bins
)))
return
(
true
);
return
(
false
);
}
...
...
@@ -404,15 +404,15 @@ match_binary_flags(const char *bin, int32_t flags)
bool
match_library_flags
(
const
char
*
lib
,
int32_t
flags
)
{
if
((
flags
&
OPT_UTILITY_LIBS
)
&&
strmatch
(
lib
,
utility_libs
,
nitems
(
utility_libs
)))
if
((
flags
&
OPT_UTILITY_LIBS
)
&&
str
_array_
match
(
lib
,
utility_libs
,
nitems
(
utility_libs
)))
return
(
true
);
if
((
flags
&
OPT_COMPUTE_LIBS
)
&&
strmatch
(
lib
,
compute_libs
,
nitems
(
compute_libs
)))
if
((
flags
&
OPT_COMPUTE_LIBS
)
&&
str
_array_
match
(
lib
,
compute_libs
,
nitems
(
compute_libs
)))
return
(
true
);
if
((
flags
&
OPT_VIDEO_LIBS
)
&&
strmatch
(
lib
,
video_libs
,
nitems
(
video_libs
)))
if
((
flags
&
OPT_VIDEO_LIBS
)
&&
str
_array_
match
(
lib
,
video_libs
,
nitems
(
video_libs
)))
return
(
true
);
if
((
flags
&
OPT_GRAPHICS_LIBS
)
&&
(
strmatch
(
lib
,
graphics_libs
,
nitems
(
graphics_libs
))
||
strmatch
(
lib
,
graphics_libs_glvnd
,
nitems
(
graphics_libs_glvnd
))
||
strmatch
(
lib
,
graphics_libs_compat
,
nitems
(
graphics_libs_compat
))))
if
((
flags
&
OPT_GRAPHICS_LIBS
)
&&
(
str
_array_
match
(
lib
,
graphics_libs
,
nitems
(
graphics_libs
))
||
str
_array_
match
(
lib
,
graphics_libs_glvnd
,
nitems
(
graphics_libs_glvnd
))
||
str
_array_
match
(
lib
,
graphics_libs_compat
,
nitems
(
graphics_libs_compat
))))
return
(
true
);
return
(
false
);
}
...
...
src/nvc_ldcache.c
浏览文件 @
a86bd334
...
...
@@ -43,7 +43,7 @@ secure_mode(void)
char
*
s
;
s
=
secure_getenv
(
"NVC_INSECURE_MODE"
);
return
(
s
==
NULL
||
!
strcmp
(
s
,
"0"
)
||
!
strcasecmp
(
s
,
"false"
)
||
!
strcasecmp
(
s
,
"no"
));
return
(
s
==
NULL
||
str_equal
(
s
,
"0"
)
||
str_case_equal
(
s
,
"false"
)
||
str_case_equal
(
s
,
"no"
));
}
static
pid_t
...
...
@@ -133,7 +133,7 @@ change_rootfs(struct error *err, const char *rootfs, bool mount_proc, bool *drop
* restricted from setting supplementary groups.
*/
file_read_line
(
NULL
,
PROC_SETGROUPS_PATH
(
PROC_SELF
),
buf
,
sizeof
(
buf
));
*
drop_groups
=
strpcmp
(
buf
,
"deny"
);
*
drop_groups
=
!
str_has_prefix
(
buf
,
"deny"
);
/* Hide sensitive mountpoints. */
for
(
size_t
i
=
mount_proc
;
i
<
nitems
(
mounts
);
++
i
)
{
...
...
@@ -335,7 +335,7 @@ nvc_ldcache_update(struct nvc_context *ctx, const struct nvc_container *cnt)
if
(
child
==
0
)
{
prctl
(
PR_SET_NAME
,
(
unsigned
long
)
"nvc:[ldconfig]"
,
0
,
0
,
0
);
if
(
nsenter
(
&
ctx
->
err
,
cnt
->
mnt_ns
,
CLONE_NEWNS
)
<
0
)
if
(
ns
_
enter
(
&
ctx
->
err
,
cnt
->
mnt_ns
,
CLONE_NEWNS
)
<
0
)
goto
fail
;
if
(
ajust_capabilities
(
&
ctx
->
err
,
cnt
->
uid
,
host_ldconfig
)
<
0
)
goto
fail
;
...
...
src/nvc_mount.c
浏览文件 @
a86bd334
...
...
@@ -328,7 +328,7 @@ mount_procfs_gpu(struct error *err, const char *root, const struct nvc_container
static
void
unmount
(
const
char
*
path
)
{
if
(
path
==
NULL
||
strempty
(
path
))
if
(
path
==
NULL
||
str
_
empty
(
path
))
return
;
umount2
(
path
,
MNT_DETACH
);
file_remove
(
NULL
,
path
);
...
...
@@ -388,11 +388,11 @@ symlink_libraries(struct error *err, const struct nvc_container *cnt, const char
for
(
size_t
i
=
0
;
i
<
size
;
++
i
)
{
lib
=
basename
(
paths
[
i
]);
if
(
!
strpcmp
(
lib
,
"libcuda.so"
))
{
if
(
str_has_prefix
(
lib
,
"libcuda.so"
))
{
/* XXX Many applications wrongly assume that libcuda.so exists (e.g. with dlopen). */
if
(
symlink_library
(
err
,
paths
[
i
],
lib
,
"libcuda.so"
,
cnt
->
uid
,
cnt
->
gid
)
<
0
)
return
(
-
1
);
}
else
if
(
!
strpcmp
(
lib
,
"libGLX_nvidia.so"
))
{
}
else
if
(
str_has_prefix
(
lib
,
"libGLX_nvidia.so"
))
{
/* XXX GLVND requires this symlink for indirect GLX support. */
if
(
symlink_library
(
err
,
paths
[
i
],
lib
,
"libGLX_indirect.so.0"
,
cnt
->
uid
,
cnt
->
gid
)
<
0
)
return
(
-
1
);
...
...
@@ -413,7 +413,7 @@ nvc_driver_mount(struct nvc_context *ctx, const struct nvc_container *cnt, const
if
(
validate_args
(
ctx
,
cnt
!=
NULL
&&
info
!=
NULL
)
<
0
)
return
(
-
1
);
if
(
nsenter
(
&
ctx
->
err
,
cnt
->
mnt_ns
,
CLONE_NEWNS
)
<
0
)
if
(
ns
_
enter
(
&
ctx
->
err
,
cnt
->
mnt_ns
,
CLONE_NEWNS
)
<
0
)
return
(
-
1
);
nmnt
=
2
+
info
->
nbins
+
info
->
nlibs
+
info
->
nlibs32
+
info
->
nipcs
+
info
->
ndevs
;
...
...
@@ -453,7 +453,7 @@ nvc_driver_mount(struct nvc_context *ctx, const struct nvc_container *cnt, const
/* IPC mounts */
for
(
size_t
i
=
0
;
i
<
info
->
nipcs
;
++
i
)
{
/* XXX Only utility libraries require persistenced IPC, everything else is compute only. */
if
(
!
strrcmp
(
NV_PERSISTENCED_SOCKET
,
info
->
ipcs
[
i
]))
{
if
(
str_has_suffix
(
NV_PERSISTENCED_SOCKET
,
info
->
ipcs
[
i
]))
{
if
(
!
(
cnt
->
flags
&
OPT_UTILITY_LIBS
))
continue
;
}
else
if
(
!
(
cnt
->
flags
&
OPT_COMPUTE_LIBS
))
...
...
@@ -484,9 +484,9 @@ nvc_driver_mount(struct nvc_context *ctx, const struct nvc_container *cnt, const
if
(
rv
<
0
)
{
for
(
size_t
i
=
0
;
mnt
!=
NULL
&&
i
<
nmnt
;
++
i
)
unmount
(
mnt
[
i
]);
assert_func
(
ns
enter
at
(
NULL
,
ctx
->
mnt_ns
,
CLONE_NEWNS
));
assert_func
(
ns
_enter_
at
(
NULL
,
ctx
->
mnt_ns
,
CLONE_NEWNS
));
}
else
{
rv
=
ns
enter
at
(
&
ctx
->
err
,
ctx
->
mnt_ns
,
CLONE_NEWNS
);
rv
=
ns
_enter_
at
(
&
ctx
->
err
,
ctx
->
mnt_ns
,
CLONE_NEWNS
);
}
array_free
((
char
**
)
mnt
,
nmnt
);
...
...
@@ -505,7 +505,7 @@ nvc_device_mount(struct nvc_context *ctx, const struct nvc_container *cnt, const
if
(
validate_args
(
ctx
,
cnt
!=
NULL
&&
dev
!=
NULL
)
<
0
)
return
(
-
1
);
if
(
nsenter
(
&
ctx
->
err
,
cnt
->
mnt_ns
,
CLONE_NEWNS
)
<
0
)
if
(
ns
_
enter
(
&
ctx
->
err
,
cnt
->
mnt_ns
,
CLONE_NEWNS
)
<
0
)
return
(
-
1
);
if
(
!
(
cnt
->
flags
&
OPT_NO_DEVBIND
))
{
...
...
@@ -528,9 +528,9 @@ nvc_device_mount(struct nvc_context *ctx, const struct nvc_container *cnt, const
if
(
rv
<
0
)
{
unmount
(
proc_mnt
);
unmount
(
dev_mnt
);
assert_func
(
ns
enter
at
(
NULL
,
ctx
->
mnt_ns
,
CLONE_NEWNS
));
assert_func
(
ns
_enter_
at
(
NULL
,
ctx
->
mnt_ns
,
CLONE_NEWNS
));
}
else
{
rv
=
ns
enter
at
(
&
ctx
->
err
,
ctx
->
mnt_ns
,
CLONE_NEWNS
);
rv
=
ns
_enter_
at
(
&
ctx
->
err
,
ctx
->
mnt_ns
,
CLONE_NEWNS
);
}
free
(
proc_mnt
);
...
...
src/options.c
浏览文件 @
a86bd334
...
...
@@ -30,7 +30,7 @@ options_parse(struct error *err, const char *str, const struct option *opts, siz
if
(
*
opt
==
'\0'
)
continue
;
for
(
i
=
0
;
i
<
nopts
;
++
i
)
{
if
(
!
strcmp
(
opt
,
opts
[
i
].
name
))
{
if
(
str_equal
(
opt
,
opts
[
i
].
name
))
{
flags
|=
opts
[
i
].
value
;
break
;
}
...
...
src/utils.c
浏览文件 @
a86bd334
...
...
@@ -131,46 +131,58 @@ log_pipe_output(struct error *err, int fd[2])
}
void
strlower
(
char
*
str
)
str
_
lower
(
char
*
str
)
{
for
(
char
*
p
=
str
;
*
p
!=
'\0'
;
++
p
)
*
p
=
(
char
)
tolower
(
*
p
);
}
int
str
pcmp
(
const
char
*
s1
,
const
char
*
s2
)
bool
str
_equal
(
const
char
*
s1
,
const
char
*
s2
)
{
return
(
strncmp
(
s1
,
s2
,
strlen
(
s2
)
));
return
(
!
strcmp
(
s1
,
s2
));
}
int
strrcmp
(
const
char
*
s1
,
const
char
*
s2
)
bool
str_case_equal
(
const
char
*
s1
,
const
char
*
s2
)
{
return
(
!
strcasecmp
(
s1
,
s2
));
}
bool
str_has_prefix
(
const
char
*
str
,
const
char
*
prefix
)
{
return
(
!
strncmp
(
str
,
prefix
,
strlen
(
prefix
)));
}
bool
str_has_suffix
(
const
char
*
str
,
const
char
*
suffix
)
{
size_t
l
1
,
l2
;
size_t
l
en
,
slen
;
l
1
=
strlen
(
s1
);
l2
=
strlen
(
s2
);
return
((
l
1
>=
l2
)
?
strcmp
(
s1
+
l1
-
l2
,
s2
)
:
-
1
);
l
en
=
strlen
(
str
);
slen
=
strlen
(
suffix
);
return
((
l
en
>=
slen
)
?
str_equal
(
str
+
len
-
slen
,
suffix
)
:
false
);
}
bool
strempty
(
const
char
*
str
)
str
_
empty
(
const
char
*
str
)
{
return
(
str
!=
NULL
&&
*
str
==
'\0'
);
}
bool
strmatch
(
const
char
*
str
,
const
char
*
const
arr
[],
size_t
size
)
str
_array_
match
(
const
char
*
str
,
const
char
*
const
arr
[],
size_t
size
)
{
for
(
size_t
i
=
0
;
i
<
size
;
++
i
)
{
if
(
!
strpcmp
(
str
,
arr
[
i
]))
if
(
str_has_prefix
(
str
,
arr
[
i
]))
return
(
true
);
}
return
(
false
);
}
int
strjoin
(
struct
error
*
err
,
char
**
s1
,
const
char
*
s2
,
const
char
*
sep
)
str
_
join
(
struct
error
*
err
,
char
**
s1
,
const
char
*
s2
,
const
char
*
sep
)
{
size_t
size
=
1
;
char
*
buf
;
...
...
@@ -192,7 +204,7 @@ strjoin(struct error *err, char **s1, const char *s2, const char *sep)
}
int
str
to
pid
(
struct
error
*
err
,
const
char
*
str
,
pid_t
*
pid
)
str
_to_
pid
(
struct
error
*
err
,
const
char
*
str
,
pid_t
*
pid
)
{
char
*
ptr
;
intmax_t
n
;
...
...
@@ -215,7 +227,7 @@ strtopid(struct error *err, const char *str, pid_t *pid)
}
int
str
to
ugid
(
struct
error
*
err
,
char
*
str
,
uid_t
*
uid
,
gid_t
*
gid
)
str
_to_
ugid
(
struct
error
*
err
,
char
*
str
,
uid_t
*
uid
,
gid_t
*
gid
)
{
char
*
ptr
;
uintmax_t
n
;
...
...
@@ -284,7 +296,7 @@ strtougid(struct error *err, char *str, uid_t *uid, gid_t *gid)
}
int
ns
enter
at
(
struct
error
*
err
,
int
fd
,
int
nstype
)
ns
_enter_
at
(
struct
error
*
err
,
int
fd
,
int
nstype
)
{
if
(
setns
(
fd
,
nstype
)
<
0
)
{
error_set
(
err
,
"namespace association failed"
);
...
...
@@ -294,7 +306,7 @@ nsenterat(struct error *err, int fd, int nstype)
}
int
nsenter
(
struct
error
*
err
,
const
char
*
path
,
int
nstype
)
ns
_
enter
(
struct
error
*
err
,
const
char
*
path
,
int
nstype
)
{
int
fd
;
int
rv
=
-
1
;
...
...
@@ -651,7 +663,7 @@ file_read_text(struct error *err, const char *path, char **txt)
*
txt
=
NULL
;
while
((
n
=
fread
(
buf
,
1
,
sizeof
(
buf
),
fs
))
>
0
)
{
buf
[
n
]
=
'\0'
;
if
(
strjoin
(
err
,
txt
,
buf
,
""
)
<
0
)
if
(
str
_
join
(
err
,
txt
,
buf
,
""
)
<
0
)
goto
fail
;
}
if
(
feof
(
fs
))
...
...
@@ -696,7 +708,7 @@ path_append(struct error *err, char *buf, const char *path)
char
*
end
;
int
n
;
if
(
strempty
(
path
))
if
(
str
_
empty
(
path
))
return
(
0
);
len
=
strlen
(
buf
);
...
...
@@ -763,9 +775,9 @@ do_path_resolve(struct error *err, bool full, char *buf, const char *root, const
goto
fail
;
while
((
file
=
strsep
(
&
ptr
,
"/"
))
!=
NULL
)
{
if
(
*
file
==
'\0'
||
!
strcmp
(
file
,
"."
))
if
(
*
file
==
'\0'
||
str_equal
(
file
,
"."
))
continue
;
else
if
(
!
strcmp
(
file
,
".."
))
{
else
if
(
str_equal
(
file
,
".."
))
{
/*
* Remove the last component from the resolved path. If we are not below
* non-existent components, restore the previous file descriptor as well.
...
...
src/utils.h
浏览文件 @
a86bd334
...
...
@@ -43,17 +43,19 @@ int log_pipe_output(struct error *, int[2]);
#define log_warnf(fmt, ...) log_write('W', __FILE__, __LINE__, fmt, __VA_ARGS__)
#define log_errf(fmt, ...) log_write('E', __FILE__, __LINE__, fmt, __VA_ARGS__)
void
strlower
(
char
*
);
int
strpcmp
(
const
char
*
,
const
char
*
);
int
strrcmp
(
const
char
*
,
const
char
*
);
bool
strempty
(
const
char
*
);
bool
strmatch
(
const
char
*
,
const
char
*
const
[],
size_t
);
int
strtopid
(
struct
error
*
,
const
char
*
,
pid_t
*
);
int
strtougid
(
struct
error
*
,
char
*
,
uid_t
*
,
gid_t
*
);
int
strjoin
(
struct
error
*
,
char
**
,
const
char
*
,
const
char
*
);
int
nsenterat
(
struct
error
*
,
int
,
int
);
int
nsenter
(
struct
error
*
,
const
char
*
,
int
);
void
str_lower
(
char
*
);
bool
str_equal
(
const
char
*
,
const
char
*
);
bool
str_case_equal
(
const
char
*
,
const
char
*
);
bool
str_has_prefix
(
const
char
*
,
const
char
*
);
bool
str_has_suffix
(
const
char
*
,
const
char
*
);
bool
str_empty
(
const
char
*
);
bool
str_array_match
(
const
char
*
,
const
char
*
const
[],
size_t
);
int
str_to_pid
(
struct
error
*
,
const
char
*
,
pid_t
*
);
int
str_to_ugid
(
struct
error
*
,
char
*
,
uid_t
*
,
gid_t
*
);
int
str_join
(
struct
error
*
,
char
**
,
const
char
*
,
const
char
*
);
int
ns_enter_at
(
struct
error
*
,
int
,
int
);
int
ns_enter
(
struct
error
*
,
const
char
*
,
int
);
char
**
array_new
(
struct
error
*
,
size_t
);
void
array_free
(
char
*
[],
size_t
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录