diff options
author | Simon McVittie <smcv@collabora.com> | 2021-06-21 16:55:52 +0100 |
---|---|---|
committer | Simon McVittie <smcv@collabora.com> | 2021-06-23 19:01:57 +0100 |
commit | 7f38ab6cf1752700bea6cf1b2f056f74ee4960ae (patch) | |
tree | efef402282790cefd384a9385d2b4567d591abcb /bubblewrap.c | |
parent | 42a49e6e0595076f3841ace23e05c6289f0a4fb7 (diff) | |
download | bubblewrap-7f38ab6cf1752700bea6cf1b2f056f74ee4960ae.tar.gz |
bind_mount: Return an error code, and provide a way to display it
This gives us better diagnostic messages on failure, particularly for
BIND_MOUNT_ERROR_FIND_DEST_MOUNT where we previously said "Invalid
argument".
Signed-off-by: Simon McVittie <smcv@collabora.com>
Diffstat (limited to 'bubblewrap.c')
-rw-r--r-- | bubblewrap.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/bubblewrap.c b/bubblewrap.c index 8532152..6225330 100644 --- a/bubblewrap.c +++ b/bubblewrap.c @@ -942,6 +942,8 @@ privileged_op (int privileged_op_socket, const char *arg1, const char *arg2) { + bind_mount_result bind_result; + if (privileged_op_socket != -1) { uint32_t buffer[2048]; /* 8k, but is int32 to guarantee nice alignment */ @@ -1006,15 +1008,23 @@ privileged_op (int privileged_op_socket, break; case PRIV_SEP_OP_REMOUNT_RO_NO_RECURSIVE: - if (bind_mount (proc_fd, NULL, arg2, BIND_READONLY) != 0) - die_with_error ("Can't remount readonly on %s", arg2); + bind_result = bind_mount (proc_fd, NULL, arg2, BIND_READONLY); + + if (bind_result != BIND_MOUNT_SUCCESS) + die_with_bind_result (bind_result, errno, + "Can't remount readonly on %s", arg2); + break; case PRIV_SEP_OP_BIND_MOUNT: /* We always bind directories recursively, otherwise this would let us access files that are otherwise covered on the host */ - if (bind_mount (proc_fd, arg1, arg2, BIND_RECURSIVE | flags) != 0) - die_with_error ("Can't bind mount %s on %s", arg1, arg2); + bind_result = bind_mount (proc_fd, arg1, arg2, BIND_RECURSIVE | flags); + + if (bind_result != BIND_MOUNT_SUCCESS) + die_with_bind_result (bind_result, errno, + "Can't bind mount %s on %s", arg1, arg2); + break; case PRIV_SEP_OP_PROC_MOUNT: |