[PATCH/RFC 2/2] procd: jail: make use of BLOBMSG_CAST_INT64 for OCI rlimits

Daniel Golle daniel at makrotopia.org
Mon Aug 3 21:08:34 EDT 2020


Signed-off-by: Daniel Golle <daniel at makrotopia.org>
---
To illustrate the use of the previous patch of this series.

 jail/jail.c | 76 ++++++++++++++++++++---------------------------------
 1 file changed, 29 insertions(+), 47 deletions(-)

diff --git a/jail/jail.c b/jail/jail.c
index c72de07..9d0113f 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -1531,6 +1531,19 @@ static int parseOCIprocessuser(struct blob_attr *msg) {
 	return 0;
 }
 
+enum {
+	OCI_PROCESS_RLIMIT_TYPE,
+	OCI_PROCESS_RLIMIT_SOFT,
+	OCI_PROCESS_RLIMIT_HARD,
+	__OCI_PROCESS_RLIMIT_MAX,
+};
+
+static const struct blobmsg_policy oci_process_rlimit_policy[] = {
+	[OCI_PROCESS_RLIMIT_TYPE] = { "type", BLOBMSG_TYPE_STRING },
+	[OCI_PROCESS_RLIMIT_SOFT] = { "soft", BLOBMSG_CAST_INT64 },
+	[OCI_PROCESS_RLIMIT_HARD] = { "hard", BLOBMSG_CAST_INT64 },
+};
+
 /* from manpage GETRLIMIT(2) */
 static const char* const rlimit_names[RLIM_NLIMITS] = {
 	[RLIMIT_AS] = "AS",
@@ -1566,61 +1579,30 @@ static int resolve_rlimit(char *type) {
 
 static int parseOCIrlimits(struct blob_attr *msg)
 {
-	struct blob_attr *cur, *cure;
-	int rem, reme;
+	struct blob_attr *tb[__OCI_PROCESS_RLIMIT_MAX];
 	int limtype = -1;
 	struct rlimit *curlim;
-	rlim_t soft, hard;
-	bool sethard = false, setsoft = false;
 
-	blobmsg_for_each_attr(cur, msg, rem) {
-		blobmsg_for_each_attr(cure, cur, reme) {
-			if (!strcmp(blobmsg_name(cure), "type") && (blobmsg_type(cure) == BLOBMSG_TYPE_STRING)) {
-				limtype = resolve_rlimit(blobmsg_get_string(cure));
-			} else if (!strcmp(blobmsg_name(cure), "soft")) {
-				switch (blobmsg_type(cure)) {
-					case BLOBMSG_TYPE_INT32:
-						soft = blobmsg_get_u32(cure);
-						break;
-					case BLOBMSG_TYPE_INT64:
-						soft = blobmsg_get_u64(cure);
-						break;
-					default:
-						return EINVAL;
-				}
-				setsoft = true;
-			} else if (!strcmp(blobmsg_name(cure), "hard")) {
-				switch (blobmsg_type(cure)) {
-					case BLOBMSG_TYPE_INT32:
-						hard = blobmsg_get_u32(cure);
-						break;
-					case BLOBMSG_TYPE_INT64:
-						hard = blobmsg_get_u64(cure);
-						break;
-					default:
-						return EINVAL;
-				}
-				sethard = true;
-			} else {
-				return EINVAL;
-			}
-		}
+	blobmsg_parse(oci_process_rlimit_policy, __OCI_PROCESS_RLIMIT_MAX, tb, blobmsg_data(msg), blobmsg_len(msg));
 
-		if (limtype < 0)
-			return EINVAL;
+	if (!tb[OCI_PROCESS_RLIMIT_TYPE] ||
+	    !tb[OCI_PROCESS_RLIMIT_SOFT] ||
+	    !tb[OCI_PROCESS_RLIMIT_HARD])
+		return ENODATA;
 
-		if (opts.rlimits[limtype])
-			return ENOTUNIQ;
+	limtype = resolve_rlimit(blobmsg_get_string(tb[OCI_PROCESS_RLIMIT_TYPE]));
 
-		if (!sethard || !setsoft)
-			return ENODATA;
+	if (limtype < 0)
+		return EINVAL;
+
+	if (opts.rlimits[limtype])
+		return ENOTUNIQ;
 
-		curlim = malloc(sizeof(struct rlimit));
-		curlim->rlim_cur = soft;
-		curlim->rlim_max = hard;
+	curlim = malloc(sizeof(struct rlimit));
+	curlim->rlim_cur = blobmsg_cast_u64(tb[OCI_PROCESS_RLIMIT_SOFT]);
+	curlim->rlim_max = blobmsg_cast_u64(tb[OCI_PROCESS_RLIMIT_HARD]);
 
-		opts.rlimits[limtype] = curlim;
-	}
+	opts.rlimits[limtype] = curlim;
 
 	return 0;
 };
-- 
2.28.0




More information about the openwrt-devel mailing list