diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c index 6f0183d95..830b941df 100644 --- a/src/lxc/af_unix.c +++ b/src/lxc/af_unix.c @@ -31,7 +31,6 @@ #include #include "log.h" -#include "lxclock.h" lxc_log_define(lxc_af_unix, lxc); @@ -44,9 +43,7 @@ int lxc_abstract_unix_open(const char *path, int type, int flags) if (flags & O_TRUNC) unlink(path); - process_lock(); fd = socket(PF_UNIX, type, 0); - process_unlock(); if (fd < 0) return -1; @@ -60,9 +57,7 @@ int lxc_abstract_unix_open(const char *path, int type, int flags) len = strlen(&path[1]) + 1; if (len >= sizeof(addr.sun_path) - 1) { - process_lock(); close(fd); - process_unlock(); errno = ENAMETOOLONG; return -1; } @@ -71,18 +66,14 @@ int lxc_abstract_unix_open(const char *path, int type, int flags) if (bind(fd, (struct sockaddr *)&addr, offsetof(struct sockaddr_un, sun_path) + len)) { int tmp = errno; - process_lock(); close(fd); - process_unlock(); errno = tmp; return -1; } if (type == SOCK_STREAM && listen(fd, 100)) { int tmp = errno; - process_lock(); close(fd); - process_unlock(); errno = tmp; return -1; } @@ -99,9 +90,7 @@ int lxc_abstract_unix_close(int fd) addr.sun_path[0]) unlink(addr.sun_path); - process_lock(); close(fd); - process_unlock(); return 0; } @@ -112,9 +101,7 @@ int lxc_abstract_unix_connect(const char *path) size_t len; struct sockaddr_un addr; - process_lock(); fd = socket(PF_UNIX, SOCK_STREAM, 0); - process_unlock(); if (fd < 0) return -1; @@ -124,9 +111,7 @@ int lxc_abstract_unix_connect(const char *path) len = strlen(&path[1]) + 1; if (len >= sizeof(addr.sun_path) - 1) { - process_lock(); close(fd); - process_unlock(); errno = ENAMETOOLONG; return -1; } @@ -138,9 +123,7 @@ int lxc_abstract_unix_connect(const char *path) /* special case to connect to older containers */ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == 0) return fd; - process_lock(); close(fd); - process_unlock(); errno = tmp; return -1; } diff --git a/src/lxc/attach.c b/src/lxc/attach.c index aea0c337d..674961731 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c @@ -79,9 +79,7 @@ struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid) /* read capabilities */ snprintf(proc_fn, MAXPATHLEN, "/proc/%d/status", pid); - process_lock(); proc_file = fopen(proc_fn, "r"); - process_unlock(); if (!proc_file) { SYSERROR("Could not open %s", proc_fn); goto out_error; @@ -98,9 +96,7 @@ struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid) if (line) free(line); - process_lock(); fclose(proc_file); - process_unlock(); if (!found) { SYSERROR("Could not read capability bounding set from %s", proc_fn); @@ -111,18 +107,14 @@ struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid) /* read personality */ snprintf(proc_fn, MAXPATHLEN, "/proc/%d/personality", pid); - process_lock(); proc_file = fopen(proc_fn, "r"); - process_unlock(); if (!proc_file) { SYSERROR("Could not open %s", proc_fn); goto out_error; } ret = fscanf(proc_file, "%lx", &info->personality); - process_lock(); fclose(proc_file); - process_unlock(); if (ret == EOF || ret == 0) { SYSERROR("Could not read personality from %s", proc_fn); @@ -178,19 +170,15 @@ int lxc_attach_to_ns(pid_t pid, int which) } snprintf(path, MAXPATHLEN, "/proc/%d/ns/%s", pid, ns[i]); - process_lock(); fd[i] = open(path, O_RDONLY | O_CLOEXEC); - process_unlock(); if (fd[i] < 0) { saved_errno = errno; /* close all already opened file descriptors before * we return an error, so we don't leak them */ - process_lock(); for (j = 0; j < i; j++) close(fd[j]); - process_unlock(); errno = saved_errno; SYSERROR("failed to open '%s'", path); @@ -210,9 +198,7 @@ int lxc_attach_to_ns(pid_t pid, int which) return -1; } - process_lock(); close(fd[i]); - process_unlock(); } return 0; @@ -400,18 +386,14 @@ char *lxc_attach_getpwshell(uid_t uid) * getent program, and we need to capture its * output, so we use a pipe for that purpose */ - process_lock(); ret = pipe(pipes); - process_unlock(); if (ret < 0) return NULL; pid = fork(); if (pid < 0) { - process_lock(); close(pipes[0]); close(pipes[1]); - process_unlock(); return NULL; } @@ -423,13 +405,9 @@ char *lxc_attach_getpwshell(uid_t uid) int found = 0; int status; - process_lock(); close(pipes[1]); - process_unlock(); - process_lock(); pipe_f = fdopen(pipes[0], "r"); - process_unlock(); while (getline(&line, &line_bufsz, pipe_f) != -1) { char *token; char *saveptr = NULL; @@ -486,9 +464,7 @@ char *lxc_attach_getpwshell(uid_t uid) } free(line); - process_lock(); fclose(pipe_f); - process_unlock(); again: if (waitpid(pid, &status, 0) < 0) { if (errno == EINTR) @@ -683,9 +659,7 @@ int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun * close socket close socket * run program */ - process_lock(); ret = socketpair(PF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets); - process_unlock(); if (ret < 0) { SYSERROR("could not set up required IPC mechanism for attaching"); free(cwd); @@ -721,9 +695,7 @@ int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun /* inital thread, we close the socket that is for the * subprocesses */ - process_lock(); close(ipc_sockets[1]); - process_unlock(); free(cwd); /* get pid from intermediate process */ @@ -795,9 +767,7 @@ int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun /* now shut down communication with child, we're done */ shutdown(ipc_sockets[0], SHUT_RDWR); - process_lock(); close(ipc_sockets[0]); - process_unlock(); lxc_proc_put_context_info(init_ctx); /* we're done, the child process should now execute whatever @@ -813,9 +783,7 @@ int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun * otherwise the pid we're waiting for may never exit */ shutdown(ipc_sockets[0], SHUT_RDWR); - process_lock(); close(ipc_sockets[0]); - process_unlock(); if (to_cleanup_pid) (void) wait_for_pid(to_cleanup_pid); lxc_proc_put_context_info(init_ctx); diff --git a/src/lxc/bdev.c b/src/lxc/bdev.c index f7a6031ed..b737effce 100644 --- a/src/lxc/bdev.c +++ b/src/lxc/bdev.c @@ -96,15 +96,11 @@ static int blk_getsize(struct bdev *bdev, unsigned long *size) if (strcmp(bdev->type, "loop") == 0) path = bdev->src + 5; - process_lock(); fd = open(path, O_RDONLY); - process_unlock(); if (fd < 0) return -1; ret = ioctl(fd, BLKGETSIZE64, size); - process_lock(); close(fd); - process_unlock(); return ret; } @@ -260,23 +256,17 @@ static int detect_fs(struct bdev *bdev, char *type, int len) if (strcmp(bdev->type, "loop") == 0) srcdev = bdev->src + 5; - process_lock(); ret = pipe(p); - process_unlock(); if (ret < 0) return -1; if ((pid = fork()) < 0) return -1; if (pid > 0) { int status; - process_lock(); close(p[1]); - process_unlock(); memset(type, 0, len); ret = read(p[0], type, len-1); - process_lock(); close(p[0]); - process_unlock(); if (ret < 0) { SYSERROR("error reading from pipe"); wait(&status); @@ -504,9 +494,7 @@ static int zfs_list_entry(const char *path, char *output, size_t inlen) struct lxc_popen_FILE *f; int found=0; - process_lock(); f = lxc_popen("zfs list 2> /dev/null"); - process_unlock(); if (f == NULL) { SYSERROR("popen failed"); return 0; @@ -517,9 +505,7 @@ static int zfs_list_entry(const char *path, char *output, size_t inlen) break; } } - process_lock(); (void) lxc_pclose(f); - process_unlock(); return found; } @@ -778,15 +764,11 @@ static int lvm_detect(const char *path) ERROR("lvm uuid pathname too long"); return 0; } - process_lock(); fout = fopen(devp, "r"); - process_unlock(); if (!fout) return 0; ret = fread(buf, 1, 4, fout); - process_lock(); fclose(fout); - process_unlock(); if (ret != 4 || strncmp(buf, "LVM-", 4) != 0) return 0; return 1; @@ -825,9 +807,7 @@ static int lvm_compare_lv_attr(const char *path, int pos, const char expected) { if (ret < 0 || ret >= len) return -1; - process_lock(); f = lxc_popen(cmd); - process_unlock(); if (f == NULL) { SYSERROR("popen failed"); @@ -836,9 +816,7 @@ static int lvm_compare_lv_attr(const char *path, int pos, const char expected) { ret = fgets(output, 12, f->f) == NULL; - process_lock(); status = lxc_pclose(f); - process_unlock(); if (ret || WEXITSTATUS(status)) // Assume either vg or lvs do not exist, default @@ -1182,17 +1160,13 @@ static bool is_btrfs_fs(const char *path) struct btrfs_ioctl_space_args sargs; // make sure this is a btrfs filesystem - process_lock(); fd = open(path, O_RDONLY); - process_unlock(); if (fd < 0) return false; sargs.space_slots = 0; sargs.total_spaces = 0; ret = ioctl(fd, BTRFS_IOC_SPACE_INFO, &sargs); - process_lock(); close(fd); - process_unlock(); if (ret < 0) return false; @@ -1290,9 +1264,7 @@ static int btrfs_subvolume_create(const char *path) } *p = '\0'; - process_lock(); fd = open(newfull, O_RDONLY); - process_unlock(); if (fd < 0) { ERROR("Error opening %s", newfull); free(newfull); @@ -1306,9 +1278,7 @@ static int btrfs_subvolume_create(const char *path) INFO("btrfs: snapshot create ioctl returned %d", ret); free(newfull); - process_lock(); close(fd); - process_unlock(); return ret; } @@ -1330,14 +1300,12 @@ static int btrfs_snapshot(const char *orig, const char *new) } newname = basename(newfull); newdir = dirname(newfull); - process_lock(); fd = open(orig, O_RDONLY); - fddst = open(newdir, O_RDONLY); - process_unlock(); if (fd < 0) { SYSERROR("Error opening original rootfs %s", orig); goto out; } + fddst = open(newdir, O_RDONLY); if (fddst < 0) { SYSERROR("Error opening new container dir %s", newdir); goto out; @@ -1351,12 +1319,10 @@ static int btrfs_snapshot(const char *orig, const char *new) INFO("btrfs: snapshot create ioctl returned %d", ret); out: - process_lock(); if (fddst != -1) close(fddst); if (fd != -1) close(fd); - process_unlock(); if (newfull) free(newfull); return ret; @@ -1427,9 +1393,7 @@ static int btrfs_destroy(struct bdev *orig) } *p = '\0'; - process_lock(); fd = open(newfull, O_RDONLY); - process_unlock(); if (fd < 0) { ERROR("Error opening %s", newfull); free(newfull); @@ -1443,9 +1407,7 @@ static int btrfs_destroy(struct bdev *orig) INFO("btrfs: snapshot create ioctl returned %d", ret); free(newfull); - process_lock(); close(fd); - process_unlock(); return ret; } @@ -1485,9 +1447,7 @@ static int find_free_loopdev(int *retfd, char *namep) DIR *dir; int fd = -1; - process_lock(); dir = opendir("/dev"); - process_unlock(); if (!dir) { SYSERROR("Error opening /dev"); return -1; @@ -1498,15 +1458,11 @@ static int find_free_loopdev(int *retfd, char *namep) break; if (strncmp(direntp->d_name, "loop", 4) != 0) continue; - process_lock(); fd = openat(dirfd(dir), direntp->d_name, O_RDWR); - process_unlock(); if (fd < 0) continue; if (ioctl(fd, LOOP_GET_STATUS64, &lo) == 0 || errno != ENXIO) { - process_lock(); close(fd); - process_unlock(); fd = -1; continue; } @@ -1514,9 +1470,7 @@ static int find_free_loopdev(int *retfd, char *namep) snprintf(namep, 100, "/dev/%s", direntp->d_name); break; } - process_lock(); closedir(dir); - process_unlock(); if (fd == -1) { ERROR("No loop device found"); return -1; @@ -1539,9 +1493,7 @@ static int loop_mount(struct bdev *bdev) if (find_free_loopdev(&lfd, loname) < 0) return -22; - process_lock(); ffd = open(bdev->src + 5, O_RDWR); - process_unlock(); if (ffd < 0) { SYSERROR("Error opening backing file %s\n", bdev->src); goto out; @@ -1565,14 +1517,12 @@ static int loop_mount(struct bdev *bdev) bdev->lofd = lfd; out: - process_lock(); if (ffd > -1) close(ffd); if (ret < 0) { close(lfd); bdev->lofd = -1; } - process_unlock(); return ret; } @@ -1586,9 +1536,7 @@ static int loop_umount(struct bdev *bdev) return -22; ret = umount(bdev->dest); if (bdev->lofd >= 0) { - process_lock(); close(bdev->lofd); - process_unlock(); bdev->lofd = -1; } return ret; @@ -1598,9 +1546,7 @@ static int do_loop_create(const char *path, unsigned long size, const char *fsty { int fd, ret; // create the new loopback file. - process_lock(); fd = creat(path, S_IRUSR|S_IWUSR); - process_unlock(); if (fd < 0) return -1; if (lseek(fd, size, SEEK_SET) < 0) { @@ -1613,9 +1559,7 @@ static int do_loop_create(const char *path, unsigned long size, const char *fsty close(fd); return -1; } - process_lock(); ret = close(fd); - process_unlock(); if (ret < 0) { SYSERROR("Error closing new loop file"); return -1; diff --git a/src/lxc/caps.c b/src/lxc/caps.c index 9afd6ac9e..e2093c218 100644 --- a/src/lxc/caps.c +++ b/src/lxc/caps.c @@ -31,7 +31,6 @@ #include "config.h" #include "log.h" -#include "lxclock.h" lxc_log_define(lxc_caps, lxc); @@ -192,9 +191,7 @@ static int _real_caps_last_cap(void) /* try to get the maximum capability over the kernel * interface introduced in v3.2 */ - process_lock(); fd = open("/proc/sys/kernel/cap_last_cap", O_RDONLY); - process_unlock(); if (fd >= 0) { char buf[32]; char *ptr; @@ -208,9 +205,7 @@ static int _real_caps_last_cap(void) result = -1; } - process_lock(); close(fd); - process_unlock(); } /* try to get it manually by trying to get the status of diff --git a/src/lxc/cgroup.c b/src/lxc/cgroup.c index f2a686a32..ce6b73961 100644 --- a/src/lxc/cgroup.c +++ b/src/lxc/cgroup.c @@ -45,7 +45,6 @@ #include "conf.h" #include "utils.h" #include "bdev.h" -#include "lxclock.h" #include #include @@ -118,9 +117,7 @@ static bool find_cgroup_subsystems(char ***kernel_subsystems) size_t kernel_subsystems_capacity = 0; int r; - process_lock(); proc_cgroups = fopen_cloexec("/proc/cgroups", "r"); - process_unlock(); if (!proc_cgroups) return false; @@ -160,9 +157,7 @@ static bool find_cgroup_subsystems(char ***kernel_subsystems) bret = true; out: - process_lock(); fclose(proc_cgroups); - process_unlock(); free(line); return bret; } @@ -182,13 +177,11 @@ static bool find_cgroup_hierarchies(struct cgroup_meta_data *meta_data, bool bret = false; size_t hierarchy_capacity = 0; - process_lock(); proc_self_cgroup = fopen_cloexec("/proc/self/cgroup", "r"); /* if for some reason (because of setns() and pid namespace for example), * /proc/self is not valid, we try /proc/1/cgroup... */ if (!proc_self_cgroup) proc_self_cgroup = fopen_cloexec("/proc/1/cgroup", "r"); - process_unlock(); if (!proc_self_cgroup) return false; @@ -267,9 +260,7 @@ static bool find_cgroup_hierarchies(struct cgroup_meta_data *meta_data, bret = true; out: - process_lock(); fclose(proc_self_cgroup); - process_unlock(); free(line); return bret; } @@ -287,13 +278,11 @@ static bool find_hierarchy_mountpts( struct cgroup_meta_data *meta_data, char ** size_t token_capacity = 0; int r; - process_lock(); proc_self_mountinfo = fopen_cloexec("/proc/self/mountinfo", "r"); /* if for some reason (because of setns() and pid namespace for example), * /proc/self is not valid, we try /proc/1/cgroup... */ if (!proc_self_mountinfo) proc_self_mountinfo = fopen_cloexec("/proc/1/mountinfo", "r"); - process_unlock(); if (!proc_self_mountinfo) return false; @@ -398,9 +387,7 @@ static bool find_hierarchy_mountpts( struct cgroup_meta_data *meta_data, char ** bret = true; out: - process_lock(); fclose(proc_self_mountinfo); - process_unlock(); free(tokens); free(line); return bret; @@ -1473,9 +1460,7 @@ struct cgroup_process_info *lxc_cgroup_process_info_getx(const char *proc_pid_cg struct cgroup_process_info **cptr = &result; struct cgroup_process_info *entry = NULL; - process_lock(); proc_pid_cgroup = fopen_cloexec(proc_pid_cgroup_str, "r"); - process_unlock(); if (!proc_pid_cgroup) return NULL; @@ -1545,18 +1530,14 @@ struct cgroup_process_info *lxc_cgroup_process_info_getx(const char *proc_pid_cg entry = NULL; } - process_lock(); fclose(proc_pid_cgroup); - process_unlock(); free(line); return result; out_error: saved_errno = errno; - process_lock(); if (proc_pid_cgroup) fclose(proc_pid_cgroup); - process_unlock(); lxc_cgroup_process_info_free(result); lxc_cgroup_process_info_free(entry); free(line); @@ -1817,9 +1798,7 @@ bool cgroup_devices_has_allow_or_deny(struct lxc_handler *h, char *v, bool for_a return false; } - process_lock(); devices_list = fopen_cloexec(path, "r"); - process_unlock(); if (!devices_list) { free(path); return false; @@ -1839,9 +1818,7 @@ bool cgroup_devices_has_allow_or_deny(struct lxc_handler *h, char *v, bool for_a } out: - process_lock(); fclose(devices_list); - process_unlock(); free(line); free(path); return ret; @@ -1863,9 +1840,7 @@ int cgroup_recursive_task_count(const char *cgroup_path) if (!dent_buf) return -1; - process_lock(); d = opendir(cgroup_path); - process_unlock(); if (!d) { free(dent_buf); return 0; @@ -1884,17 +1859,13 @@ int cgroup_recursive_task_count(const char *cgroup_path) continue; sub_path = lxc_string_join("/", parts, false); if (!sub_path) { - process_lock(); closedir(d); - process_unlock(); free(dent_buf); return -1; } r = stat(sub_path, &st); if (r < 0) { - process_lock(); closedir(d); - process_unlock(); free(dent_buf); free(sub_path); return -1; @@ -1910,9 +1881,7 @@ int cgroup_recursive_task_count(const char *cgroup_path) } free(sub_path); } - process_lock(); closedir(d); - process_unlock(); free(dent_buf); return n; @@ -1925,9 +1894,7 @@ int count_lines(const char *fn) size_t sz = 0; int n = 0; - process_lock(); f = fopen_cloexec(fn, "r"); - process_unlock(); if (!f) return -1; @@ -1935,9 +1902,7 @@ int count_lines(const char *fn) n++; } free(line); - process_lock(); fclose(f); - process_unlock(); return n; } diff --git a/src/lxc/commands.c b/src/lxc/commands.c index de0b3e3bf..19a416f61 100644 --- a/src/lxc/commands.c +++ b/src/lxc/commands.c @@ -46,7 +46,6 @@ #include "mainloop.h" #include "af_unix.h" #include "config.h" -#include "lxclock.h" /* * This file provides the different functions for clients to @@ -749,9 +748,7 @@ static void lxc_cmd_fd_cleanup(int fd, struct lxc_handler *handler, { lxc_console_free(handler->conf, fd); lxc_mainloop_del_handler(descr, fd); - process_lock(); close(fd); - process_unlock(); } static int lxc_cmd_handler(int fd, uint32_t events, void *data, @@ -824,9 +821,7 @@ static int lxc_cmd_accept(int fd, uint32_t events, void *data, { int opt = 1, ret = -1, connection; - process_lock(); connection = accept(fd, NULL, 0); - process_unlock(); if (connection < 0) { SYSERROR("failed to accept connection"); return -1; @@ -853,9 +848,7 @@ out: return ret; out_close: - process_lock(); close(connection); - process_unlock(); goto out; } @@ -884,9 +877,7 @@ int lxc_cmd_init(const char *name, struct lxc_handler *handler, if (fcntl(fd, F_SETFD, FD_CLOEXEC)) { SYSERROR("failed to set sigfd to close-on-exec"); - process_lock(); close(fd); - process_unlock(); return -1; } @@ -903,9 +894,7 @@ int lxc_cmd_mainloop_add(const char *name, ret = lxc_mainloop_add_handler(descr, fd, lxc_cmd_accept, handler); if (ret) { ERROR("failed to add handler for command socket"); - process_lock(); close(fd); - process_unlock(); } return ret; diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 0e5b6f687..68f971660 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -284,9 +284,7 @@ static int run_buffer(char *buffer) char *output; int ret; - process_lock(); f = lxc_popen(buffer); - process_unlock(); if (!f) { SYSERROR("popen failed"); return -1; @@ -295,9 +293,7 @@ static int run_buffer(char *buffer) output = malloc(LXC_LOG_BUFFER_SIZE); if (!output) { ERROR("failed to allocate memory for script output"); - process_lock(); lxc_pclose(f); - process_unlock(); return -1; } @@ -306,9 +302,7 @@ static int run_buffer(char *buffer) free(output); - process_lock(); ret = lxc_pclose(f); - process_unlock(); if (ret == -1) { SYSERROR("Script exited on error"); return -1; @@ -513,9 +507,7 @@ static int setup_lodev(const char *rootfs, int fd, struct loop_info64 *loinfo) int rfd; int ret = -1; - process_lock(); rfd = open(rootfs, O_RDWR); - process_unlock(); if (rfd < 0) { SYSERROR("failed to open '%s'", rootfs); return -1; @@ -537,9 +529,7 @@ static int setup_lodev(const char *rootfs, int fd, struct loop_info64 *loinfo) ret = 0; out: - process_lock(); close(rfd); - process_unlock(); return ret; } @@ -552,9 +542,7 @@ static int mount_rootfs_file(const char *rootfs, const char *target) DIR *dir; char path[MAXPATHLEN]; - process_lock(); dir = opendir("/dev"); - process_unlock(); if (!dir) { SYSERROR("failed to open '/dev'"); return -1; @@ -578,25 +566,19 @@ static int mount_rootfs_file(const char *rootfs, const char *target) if (rc < 0 || rc >= MAXPATHLEN) continue; - process_lock(); fd = open(path, O_RDWR); - process_unlock(); if (fd < 0) continue; if (ioctl(fd, LOOP_GET_STATUS64, &loinfo) == 0) { - process_lock(); close(fd); - process_unlock(); continue; } if (errno != ENXIO) { WARN("unexpected error for ioctl on '%s': %m", direntp->d_name); - process_lock(); close(fd); - process_unlock(); continue; } @@ -605,17 +587,13 @@ static int mount_rootfs_file(const char *rootfs, const char *target) ret = setup_lodev(rootfs, fd, &loinfo); if (!ret) ret = mount_unknow_fs(path, target, 0); - process_lock(); close(fd); - process_unlock(); break; } - process_lock(); if (closedir(dir)) WARN("failed to close directory"); - process_unlock(); return ret; } @@ -661,9 +639,7 @@ int pin_rootfs(const char *rootfs) if (ret >= MAXPATHLEN) return -1; - process_lock(); fd = open(absrootfspin, O_CREAT | O_RDWR, S_IWUSR|S_IRUSR); - process_unlock(); if (fd < 0) return fd; (void)unlink(absrootfspin); @@ -840,17 +816,13 @@ static int setup_tty(const struct lxc_rootfs *rootfs, ERROR("pathname too long for ttys"); return -1; } - process_lock(); ret = creat(lxcpath, 0660); - process_unlock(); if (ret==-1 && errno != EEXIST) { SYSERROR("error creating %s\n", lxcpath); return -1; } - process_lock(); if (ret >= 0) close(ret); - process_unlock(); ret = unlink(path); if (ret && errno != ENOENT) { SYSERROR("error unlinking %s\n", path); @@ -876,16 +848,12 @@ static int setup_tty(const struct lxc_rootfs *rootfs, } else { /* If we populated /dev, then we need to create /dev/ttyN */ if (access(path, F_OK)) { - process_lock(); ret = creat(path, 0660); - process_unlock(); if (ret==-1) { SYSERROR("error creating %s\n", path); /* this isn't fatal, continue */ } else { - process_lock(); close(ret); - process_unlock(); } } if (mount(pty_info->name, path, "none", MS_BIND, 0)) { @@ -1157,9 +1125,7 @@ int mount_check_fs( const char *dir, char *fstype ) return 0; } - process_lock(); f = fopen("/proc/self/mounts", "r"); - process_unlock(); if (!f) return 0; while ((p = fgets(buf, LINELEN, f))) { @@ -1193,9 +1159,7 @@ int mount_check_fs( const char *dir, char *fstype ) } } - process_lock(); fclose(f); - process_unlock(); DEBUG("mount_check_fs returning %d last %s\n", found_fs, fstype); @@ -1455,9 +1419,7 @@ int detect_shared_rootfs(void) int i; char *p2; - process_lock(); f = fopen("/proc/self/mountinfo", "r"); - process_unlock(); if (!f) return 0; while ((p = fgets(buf, LINELEN, f))) { @@ -1473,16 +1435,12 @@ int detect_shared_rootfs(void) // this is '/'. is it shared? p = index(p2+1, ' '); if (p && strstr(p, "shared:")) { - process_lock(); fclose(f); - process_unlock(); return 1; } } } - process_lock(); fclose(f); - process_unlock(); return 0; } @@ -1738,17 +1696,13 @@ static int setup_ttydir_console(const struct lxc_rootfs *rootfs, return -1; } - process_lock(); ret = creat(lxcpath, 0660); - process_unlock(); if (ret==-1 && errno != EEXIST) { SYSERROR("error %d creating %s\n", errno, lxcpath); return -1; } - process_lock(); if (ret >= 0) close(ret); - process_unlock(); if (console->master < 0) { INFO("no console"); @@ -2132,9 +2086,7 @@ static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab, if (!fstab) return 0; - process_lock(); file = setmntent(fstab, "r"); - process_unlock(); if (!file) { SYSERROR("failed to use '%s'", fstab); return -1; @@ -2142,9 +2094,7 @@ static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab, ret = mount_file_entries(rootfs, file, lxc_name); - process_lock(); endmntent(file); - process_unlock(); return ret; } @@ -2156,9 +2106,7 @@ static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list char *mount_entry; int ret; - process_lock(); file = tmpfile(); - process_unlock(); if (!file) { ERROR("tmpfile error: %m"); return -1; @@ -2173,9 +2121,7 @@ static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list ret = mount_file_entries(rootfs, file, lxc_name); - process_lock(); fclose(file); - process_unlock(); return ret; } @@ -2321,18 +2267,14 @@ static int setup_hw_addr(char *hwaddr, const char *ifname) ifr.ifr_name[IFNAMSIZ-1] = '\0'; memcpy((char *) &ifr.ifr_hwaddr, (char *) &sockaddr, sizeof(sockaddr)); - process_lock(); fd = socket(AF_INET, SOCK_DGRAM, 0); - process_unlock(); if (fd < 0) { ERROR("socket failure : %s", strerror(errno)); return -1; } ret = ioctl(fd, SIOCSIFHWADDR, &ifr); - process_lock(); close(fd); - process_unlock(); if (ret) ERROR("ioctl failure : %s", strerror(errno)); @@ -3112,9 +3054,7 @@ static int write_id_mapping(enum idtype idtype, pid_t pid, const char *buf, fprintf(stderr, "%s: path name too long", __func__); return -E2BIG; } - process_lock(); f = fopen(path, "w"); - process_unlock(); if (!f) { perror("open"); return -EINVAL; @@ -3122,9 +3062,7 @@ static int write_id_mapping(enum idtype idtype, pid_t pid, const char *buf, ret = fwrite(buf, buf_size, 1, f); if (ret < 0) SYSERROR("writing id mapping"); - process_lock(); closeret = fclose(f); - process_unlock(); if (closeret) SYSERROR("writing id mapping"); return ret < 0 ? ret : closeret; @@ -3344,10 +3282,8 @@ void lxc_delete_tty(struct lxc_tty_info *tty_info) for (i = 0; i < tty_info->nbtty; i++) { struct lxc_pty_info *pty_info = &tty_info->pty_info[i]; - process_lock(); close(pty_info->master); close(pty_info->slave); - process_unlock(); } free(tty_info->pty_info); @@ -4084,9 +4020,7 @@ int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data) int p[2]; struct lxc_list *idmap; - process_lock(); ret = pipe(p); - process_unlock(); if (ret < 0) { SYSERROR("opening pipe"); return -1; @@ -4098,9 +4032,7 @@ int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data) pid = lxc_clone(run_userns_fn, &d, CLONE_NEWUSER); if (pid < 0) goto err; - process_lock(); close(p[0]); - process_unlock(); p[0] = -1; if ((idmap = idmap_add_id(conf, geteuid())) == NULL) { @@ -4127,10 +4059,8 @@ int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data) goto err; } err: - process_lock(); if (p[0] != -1) close(p[0]); close(p[1]); - process_unlock(); return -1; } diff --git a/src/lxc/console.c b/src/lxc/console.c index 5d91f24f5..86e5e0593 100644 --- a/src/lxc/console.c +++ b/src/lxc/console.c @@ -202,9 +202,7 @@ out: static void lxc_console_sigwinch_fini(struct lxc_tty_state *ts) { if (ts->sigfd >= 0) { - process_lock(); close(ts->sigfd); - process_unlock(); } lxc_list_del(&ts->node); sigprocmask(SIG_SETMASK, &ts->oldmask, NULL); @@ -227,9 +225,7 @@ static int lxc_console_cb_con(int fd, uint32_t events, void *data, if (!r) { INFO("console client on fd %d has exited", fd); lxc_mainloop_del_handler(descr, fd); - process_lock(); close(fd); - process_unlock(); return 0; } @@ -345,10 +341,8 @@ static void lxc_console_peer_proxy_free(struct lxc_console *console) lxc_console_sigwinch_fini(console->tty_state); console->tty_state = NULL; } - process_lock(); close(console->peerpty.master); close(console->peerpty.slave); - process_unlock(); console->peerpty.master = -1; console->peerpty.slave = -1; console->peerpty.busy = -1; @@ -492,23 +486,19 @@ static void lxc_console_peer_default(struct lxc_console *console) */ if (!path && !access("/dev/tty", F_OK)) { int fd; - process_lock(); fd = open("/dev/tty", O_RDWR); if (fd >= 0) { close(fd); path = "/dev/tty"; } - process_unlock(); } if (!path) goto out; DEBUG("opening %s for console peer", path); - process_lock(); console->peer = lxc_unpriv(open(path, O_CLOEXEC | O_RDWR | O_CREAT | O_APPEND, 0600)); - process_unlock(); if (console->peer < 0) goto out; @@ -539,9 +529,7 @@ err2: free(console->tios); console->tios = NULL; err1: - process_lock(); close(console->peer); - process_unlock(); console->peer = -1; out: DEBUG("no console peer"); @@ -555,13 +543,11 @@ void lxc_console_delete(struct lxc_console *console) free(console->tios); console->tios = NULL; - process_lock(); close(console->peer); close(console->master); close(console->slave); if (console->log_fd >= 0) close(console->log_fd); - process_unlock(); console->peer = -1; console->master = -1; @@ -607,11 +593,9 @@ int lxc_console_create(struct lxc_conf *conf) lxc_console_peer_default(console); if (console->log_path) { - process_lock(); console->log_fd = lxc_unpriv(open(console->log_path, O_CLOEXEC | O_RDWR | O_CREAT | O_APPEND, 0600)); - process_unlock(); if (console->log_fd < 0) { SYSERROR("failed to open '%s'", console->log_path); goto err; @@ -774,10 +758,8 @@ err4: err3: lxc_console_sigwinch_fini(ts); err2: - process_lock(); close(masterfd); close(ttyfd); - process_unlock(); err1: tcsetattr(stdinfd, TCSAFLUSH, &oldtios); diff --git a/src/lxc/freezer.c b/src/lxc/freezer.c index 41dc61e84..be97d757e 100644 --- a/src/lxc/freezer.c +++ b/src/lxc/freezer.c @@ -34,7 +34,6 @@ #include "error.h" #include "state.h" #include "monitor.h" -#include "lxclock.h" #include #include @@ -53,9 +52,7 @@ static int do_unfreeze(const char *nsgroup, int freeze, const char *name, const return -1; } - process_lock(); fd = open(freezer, O_RDWR); - process_unlock(); if (fd < 0) { SYSERROR("failed to open freezer at '%s'", nsgroup); return -1; @@ -117,9 +114,7 @@ static int do_unfreeze(const char *nsgroup, int freeze, const char *name, const } out: - process_lock(); close(fd); - process_unlock(); return ret; } diff --git a/src/lxc/log.c b/src/lxc/log.c index d6ce3613a..86f7cd40c 100644 --- a/src/lxc/log.c +++ b/src/lxc/log.c @@ -36,7 +36,6 @@ #include "log.h" #include "caps.h" #include "utils.h" -#include "lxclock.h" #define LXC_LOG_PREFIX_SIZE 32 #define LXC_LOG_BUFFER_SIZE 512 @@ -162,10 +161,8 @@ static int log_open(const char *name) int fd; int newfd; - process_lock(); fd = lxc_unpriv(open(name, O_CREAT | O_WRONLY | O_APPEND | O_CLOEXEC, 0666)); - process_unlock(); if (fd == -1) { ERROR("failed to open log file \"%s\" : %s", name, strerror(errno)); @@ -179,9 +176,7 @@ static int log_open(const char *name) if (newfd == -1) ERROR("failed to dup log fd %d : %s", fd, strerror(errno)); - process_lock(); close(fd); - process_unlock(); return newfd; } @@ -248,9 +243,7 @@ static int __lxc_log_set_file(const char *fname, int create_dirs) { if (lxc_log_fd != -1) { // we are overriding the default. - process_lock(); close(lxc_log_fd); - process_unlock(); free(log_fname); } diff --git a/src/lxc/lsm/apparmor.c b/src/lxc/lsm/apparmor.c index f7f2ff966..fdae5e699 100644 --- a/src/lxc/lsm/apparmor.c +++ b/src/lxc/lsm/apparmor.c @@ -27,7 +27,6 @@ #include #include #include "log.h" -#include "lxclock.h" #include "lsm/lsm.h" lxc_log_define(lxc_apparmor, lxc); @@ -50,15 +49,11 @@ static int apparmor_enabled(void) ret = stat(AA_MOUNT_RESTR, &statbuf); if (ret != 0) return 0; - process_lock(); fin = fopen(AA_ENABLED_FILE, "r"); - process_unlock(); if (!fin) return 0; ret = fscanf(fin, "%c", &e); - process_lock(); fclose(fin); - process_unlock(); if (ret == 1 && e == 'Y') return 1; return 0; @@ -78,9 +73,7 @@ static char *apparmor_process_label_get(pid_t pid) return NULL; } again: - process_lock(); f = fopen(path, "r"); - process_unlock(); if (!f) { SYSERROR("opening %s\n", path); if (buf) @@ -92,17 +85,13 @@ again: if (!newbuf) { free(buf); ERROR("out of memory"); - process_lock(); fclose(f); - process_unlock(); return NULL; } buf = newbuf; memset(buf, 0, sz); ret = fread(buf, 1, sz - 1, f); - process_lock(); fclose(f); - process_unlock(); if (ret < 0) { ERROR("reading %s\n", path); free(buf); diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c index 203f4a85b..e1d004f3f 100644 --- a/src/lxc/lxccontainer.c +++ b/src/lxc/lxccontainer.c @@ -112,9 +112,7 @@ int ongoing_create(struct lxc_container *c) if (!file_exists(path)) return 0; - process_lock(); fd = open(path, O_RDWR); - process_unlock(); if (fd < 0) { // give benefit of the doubt SYSERROR("Error opening partial file"); @@ -127,15 +125,11 @@ int ongoing_create(struct lxc_container *c) lk.l_pid = -1; if (fcntl(fd, F_GETLK, &lk) == 0 && lk.l_pid != -1) { // create is still ongoing - process_lock(); close(fd); - process_unlock(); return 1; } // create completed but partial is still there. - process_lock(); close(fd); - process_unlock(); return 2; } @@ -152,10 +146,8 @@ int create_partial(struct lxc_container *c) ERROR("Error writing partial pathname"); return -1; } - process_lock(); if ((fd=open(path, O_RDWR | O_CREAT | O_EXCL, 0755)) < 0) { SYSERROR("Erorr creating partial file"); - process_unlock(); return -1; } lk.l_type = F_WRLCK; @@ -165,10 +157,8 @@ int create_partial(struct lxc_container *c) if (fcntl(fd, F_SETLKW, &lk) < 0) { SYSERROR("Error locking partial file %s", path); close(fd); - process_unlock(); return -1; } - process_unlock(); return fd; } @@ -180,9 +170,7 @@ void remove_partial(struct lxc_container *c, int fd) char *path = alloca(len); int ret; - process_lock(); close(fd); - process_unlock(); ret = snprintf(path, len, "%s/%s/partial", c->config_path, c->name); if (ret < 0 || ret >= len) { ERROR("Error writing partial pathname"); @@ -518,9 +506,7 @@ static bool am_single_threaded(void) DIR *dir; int count=0; - process_lock(); dir = opendir("/proc/self/task"); - process_unlock(); if (!dir) { INFO("failed to open /proc/self/task"); return false; @@ -538,9 +524,7 @@ static bool am_single_threaded(void) if (++count > 1) break; } - process_lock(); closedir(dir); - process_unlock(); return count == 1; } @@ -1063,9 +1047,7 @@ bool prepend_lxc_header(char *path, const char *t, char *const argv[]) char *tpath; #endif - process_lock(); f = fopen(path, "r"); - process_unlock(); if (f == NULL) return false; @@ -1081,9 +1063,7 @@ bool prepend_lxc_header(char *path, const char *t, char *const argv[]) goto out_free_contents; contents[flen] = '\0'; - process_lock(); ret = fclose(f); - process_unlock(); f = NULL; if (ret < 0) goto out_free_contents; @@ -1104,9 +1084,7 @@ bool prepend_lxc_header(char *path, const char *t, char *const argv[]) free(tpath); #endif - process_lock(); f = fopen(path, "w"); - process_unlock(); if (f == NULL) { SYSERROR("reopening config for writing"); free(contents); @@ -1131,9 +1109,7 @@ bool prepend_lxc_header(char *path, const char *t, char *const argv[]) if (fwrite(contents, 1, flen, f) != flen) { SYSERROR("Writing original contents"); free(contents); - process_lock(); fclose(f); - process_unlock(); return false; } ret = 0; @@ -1142,9 +1118,7 @@ out_free_contents: out_error: if (f) { int newret; - process_lock(); newret = fclose(f); - process_unlock(); if (ret == 0) ret = newret; } @@ -1400,12 +1374,10 @@ static inline void exit_from_ns(struct lxc_container *c, int *old_netns, int *ne /* Switch back to original netns */ if (*old_netns >= 0 && setns(*old_netns, CLONE_NEWNET)) SYSERROR("failed to setns"); - process_lock(); if (*new_netns >= 0) close(*new_netns); if (*old_netns >= 0) close(*old_netns); - process_unlock(); } static inline bool enter_to_ns(struct lxc_container *c, int *old_netns, int *new_netns) { @@ -1416,9 +1388,7 @@ static inline bool enter_to_ns(struct lxc_container *c, int *old_netns, int *new goto out; /* Save reference to old netns */ - process_lock(); *old_netns = open("/proc/self/ns/net", O_RDONLY); - process_unlock(); if (*old_netns < 0) { SYSERROR("failed to open /proc/self/ns/net"); goto out; @@ -1429,9 +1399,7 @@ static inline bool enter_to_ns(struct lxc_container *c, int *old_netns, int *new if (ret < 0 || ret >= MAXPATHLEN) goto out; - process_lock(); *new_netns = open(new_netns_path, O_RDONLY); - process_unlock(); if (*new_netns < 0) { SYSERROR("failed to open %s", new_netns_path); goto out; @@ -1712,15 +1680,11 @@ static bool lxcapi_save_config(struct lxc_container *c, const char *alt_file) if (lret) return false; - process_lock(); fout = fopen(alt_file, "w"); - process_unlock(); if (!fout) goto out; write_config(fout, c->lxc_conf); - process_lock(); fclose(fout); - process_unlock(); ret = true; out: @@ -1744,35 +1708,25 @@ static bool mod_rdep(struct lxc_container *c, bool inc) c->name); if (ret < 0 || ret > MAXPATHLEN) goto out; - process_lock(); f = fopen(path, "r"); - process_unlock(); if (f) { ret = fscanf(f, "%d", &v); - process_lock(); fclose(f); - process_unlock(); if (ret != 1) { ERROR("Corrupted file %s", path); goto out; } } v += inc ? 1 : -1; - process_lock(); f = fopen(path, "w"); - process_unlock(); if (!f) goto out; if (fprintf(f, "%d\n", v) < 0) { ERROR("Error writing new snapshots value"); - process_lock(); fclose(f); - process_unlock(); goto out; } - process_lock(); ret = fclose(f); - process_unlock(); if (ret != 0) { SYSERROR("Error writing to or closing snapshots file"); goto out; @@ -1808,9 +1762,7 @@ static void mod_all_rdeps(struct lxc_container *c, bool inc) ERROR("Path name too long"); return; } - process_lock(); f = fopen(path, "r"); - process_unlock(); if (f == NULL) return; while (getline(&lxcpath, &pathlen, f) != -1) { @@ -1833,9 +1785,7 @@ static void mod_all_rdeps(struct lxc_container *c, bool inc) out: if (lxcpath) free(lxcpath); if (lxcname) free(lxcname); - process_lock(); fclose(f); - process_unlock(); } static bool has_snapshots(struct lxc_container *c) @@ -1849,15 +1799,11 @@ static bool has_snapshots(struct lxc_container *c) c->name); if (ret < 0 || ret > MAXPATHLEN) goto out; - process_lock(); f = fopen(path, "r"); - process_unlock(); if (!f) goto out; ret = fscanf(f, "%d", &v); - process_lock(); fclose(f); - process_unlock(); if (ret != 1) goto out; bret = v != 0; @@ -2128,21 +2074,15 @@ static int copy_file(const char *old, const char *new) return -1; } - process_lock(); in = open(old, O_RDONLY); - process_unlock(); if (in < 0) { SYSERROR("Error opening original file %s", old); return -1; } - process_lock(); out = open(new, O_CREAT | O_EXCL | O_WRONLY, 0644); - process_unlock(); if (out < 0) { SYSERROR("Error opening new file %s", new); - process_lock(); close(in); - process_unlock(); return -1; } @@ -2160,10 +2100,8 @@ static int copy_file(const char *old, const char *new) goto err; } } - process_lock(); close(in); close(out); - process_unlock(); // we set mode, but not owner/group ret = chmod(new, sbuf.st_mode); @@ -2175,10 +2113,8 @@ static int copy_file(const char *old, const char *new) return 0; err: - process_lock(); close(in); close(out); - process_unlock(); return -1; } @@ -2229,17 +2165,13 @@ static int copyhooks(struct lxc_container *oldc, struct lxc_container *c) static void new_hwaddr(char *hwaddr) { FILE *f; - process_lock(); f = fopen("/dev/urandom", "r"); - process_unlock(); if (f) { unsigned int seed; int ret = fread(&seed, sizeof(seed), 1, f); if (ret != 1) seed = time(NULL); - process_lock(); fclose(f); - process_unlock(); srand(seed); } else srand(time(NULL)); @@ -2329,19 +2261,15 @@ static bool add_rdepends(struct lxc_container *c, struct lxc_container *c0) c->name); if (ret < 0 || ret >= MAXPATHLEN) return false; - process_lock(); f = fopen(path, "a"); - process_unlock(); if (!f) return false; bret = true; // if anything goes wrong, just return an error if (fprintf(f, "%s\n%s\n", c0->config_path, c0->name) < 0) bret = false; - process_lock(); if (fclose(f) != 0) bret = false; - process_unlock(); return bret; } @@ -2526,17 +2454,13 @@ struct lxc_container *lxcapi_clone(struct lxc_container *c, const char *newname, } // copy the configuration, tweak it as needed, - process_lock(); fout = fopen(newpath, "w"); - process_unlock(); if (!fout) { SYSERROR("open %s", newpath); goto out; } write_config(fout, c->lxc_conf); - process_lock(); fclose(fout); - process_unlock(); sprintf(newpath, "%s/%s/rootfs", l, n); if (mkdir(newpath, 0755) < 0) { @@ -2720,9 +2644,7 @@ static int lxcapi_snapshot(struct lxc_container *c, const char *commentfile) char *dfnam = alloca(strlen(snappath) + strlen(newname) + 5); sprintf(dfnam, "%s/%s/ts", snappath, newname); - process_lock(); f = fopen(dfnam, "w"); - process_unlock(); if (!f) { ERROR("Failed to open %s\n", dfnam); return -1; @@ -2732,9 +2654,7 @@ static int lxcapi_snapshot(struct lxc_container *c, const char *commentfile) fclose(f); return -1; } - process_lock(); ret = fclose(f); - process_unlock(); if (ret != 0) { SYSERROR("Writing timestamp"); return -1; @@ -2788,9 +2708,7 @@ static char *get_timestamp(char* snappath, char *name) ret = snprintf(path, MAXPATHLEN, "%s/%s/ts", snappath, name); if (ret < 0 || ret >= MAXPATHLEN) return NULL; - process_lock(); fin = fopen(path, "r"); - process_unlock(); if (!fin) return NULL; (void) fseek(fin, 0, SEEK_END); @@ -2807,9 +2725,7 @@ static char *get_timestamp(char* snappath, char *name) } } } - process_lock(); fclose(fin); - process_unlock(); return s; } @@ -2829,9 +2745,7 @@ static int lxcapi_snapshot_list(struct lxc_container *c, struct lxc_snapshot **r ERROR("path name too long"); return -1; } - process_lock(); dir = opendir(snappath); - process_unlock(); if (!dir) { INFO("failed to open %s - assuming no snapshots", snappath); return 0; @@ -2874,10 +2788,8 @@ static int lxcapi_snapshot_list(struct lxc_container *c, struct lxc_snapshot **r count++; } - process_lock(); if (closedir(dir)) WARN("failed to close directory"); - process_unlock(); *ret_snaps = snaps; return count; @@ -2889,10 +2801,8 @@ out_free: lxcsnap_free(&snaps[i]); free(snaps); } - process_lock(); if (closedir(dir)) WARN("failed to close directory"); - process_unlock(); return -1; } @@ -3242,10 +3152,7 @@ int list_defined_containers(const char *lxcpath, char ***names, struct lxc_conta if (!lxcpath) lxcpath = default_lxc_path(); - process_lock(); dir = opendir(lxcpath); - process_unlock(); - if (!dir) { SYSERROR("opendir on lxcpath"); return -1; @@ -3304,9 +3211,7 @@ int list_defined_containers(const char *lxcpath, char ***names, struct lxc_conta nfound++; } - process_lock(); closedir(dir); - process_unlock(); return nfound; free_bad: @@ -3320,9 +3225,7 @@ free_bad: lxc_container_put((*cret)[i]); free(*cret); } - process_lock(); closedir(dir); - process_unlock(); return -1; } @@ -3345,9 +3248,7 @@ int list_active_containers(const char *lxcpath, char ***nret, if (nret) *nret = NULL; - process_lock(); FILE *f = fopen("/proc/net/unix", "r"); - process_unlock(); if (!f) return -1; @@ -3429,9 +3330,7 @@ out: if (line) free(line); - process_lock(); fclose(f); - process_unlock(); return ret; } diff --git a/src/lxc/lxclock.c b/src/lxc/lxclock.c index 64823d2a5..28691b083 100644 --- a/src/lxc/lxclock.c +++ b/src/lxc/lxclock.c @@ -119,9 +119,7 @@ static char *lxclock_name(const char *p, const char *n) free(dest); return NULL; } - process_lock(); ret = mkdir_p(dest, 0755); - process_unlock(); if (ret < 0) { free(dest); return NULL; @@ -217,12 +215,10 @@ int lxclock(struct lxc_lock *l, int timeout) ret = -2; goto out; } - process_lock(); if (l->u.f.fd == -1) { l->u.f.fd = open(l->u.f.fname, O_RDWR|O_CREAT, S_IWUSR | S_IRUSR); if (l->u.f.fd == -1) { - process_unlock(); ERROR("Error opening %s", l->u.f.fname); goto out; } @@ -232,7 +228,6 @@ int lxclock(struct lxc_lock *l, int timeout) lk.l_start = 0; lk.l_len = 0; ret = fcntl(l->u.f.fd, F_SETLKW, &lk); - process_unlock(); if (ret == -1) saved_errno = errno; break; @@ -258,7 +253,6 @@ int lxcunlock(struct lxc_lock *l) } break; case LXC_LOCK_FLOCK: - process_lock(); if (l->u.f.fd != -1) { lk.l_type = F_UNLCK; lk.l_whence = SEEK_SET; @@ -271,7 +265,6 @@ int lxcunlock(struct lxc_lock *l) l->u.f.fd = -1; } else ret = -2; - process_unlock(); break; } @@ -299,12 +292,10 @@ void lxc_putlock(struct lxc_lock *l) } break; case LXC_LOCK_FLOCK: - process_lock(); if (l->u.f.fd != -1) { close(l->u.f.fd); l->u.f.fd = -1; } - process_unlock(); if (l->u.f.fname) { free(l->u.f.fname); l->u.f.fname = NULL; diff --git a/src/lxc/lxcutmp.c b/src/lxc/lxcutmp.c index d4a180c6e..6c9e6f2b9 100644 --- a/src/lxc/lxcutmp.c +++ b/src/lxc/lxcutmp.c @@ -62,7 +62,6 @@ static int timerfd_settime (int __ufd, int __flags, #include "mainloop.h" #include "lxc.h" #include "log.h" -#include "lxclock.h" #ifndef __USE_GNU #define __USE_GNU @@ -344,9 +343,7 @@ run_ok: memset(utmp_data, 0, sizeof(struct lxc_utmp)); - process_lock(); fd = inotify_init(); - process_unlock(); if (fd < 0) { SYSERROR("failed to inotify_init"); goto out; @@ -380,9 +377,7 @@ run_ok: return 0; out_close: - process_lock(); close(fd); - process_unlock(); out: free(utmp_data); return -1; @@ -432,9 +427,7 @@ int lxc_utmp_add_timer(struct lxc_epoll_descr *descr, struct itimerspec timeout; struct lxc_utmp *utmp_data = (struct lxc_utmp *)data; - process_lock(); fd = timerfd_create(CLOCK_MONOTONIC, TFD_NONBLOCK | TFD_CLOEXEC); - process_unlock(); if (fd < 0) { SYSERROR("failed to create timer"); return -1; @@ -458,9 +451,7 @@ int lxc_utmp_add_timer(struct lxc_epoll_descr *descr, if (lxc_mainloop_add_handler(descr, fd, callback, utmp_data)) { SYSERROR("failed to add utmp timer to mainloop"); - process_lock(); close(fd); - process_unlock(); return -1; } @@ -481,9 +472,7 @@ int lxc_utmp_del_timer(struct lxc_epoll_descr *descr, SYSERROR("failed to del utmp timer from mainloop"); /* shutdown timer_fd */ - process_lock(); close(utmp_data->timer_fd); - process_unlock(); utmp_data->timer_fd = -1; if (result < 0) diff --git a/src/lxc/mainloop.c b/src/lxc/mainloop.c index ec0c2525c..85b3ab979 100644 --- a/src/lxc/mainloop.c +++ b/src/lxc/mainloop.c @@ -29,7 +29,6 @@ #include #include "mainloop.h" -#include "lxclock.h" struct mainloop_handler { lxc_mainloop_callback_t callback; @@ -133,16 +132,12 @@ int lxc_mainloop_del_handler(struct lxc_epoll_descr *descr, int fd) int lxc_mainloop_open(struct lxc_epoll_descr *descr) { /* hint value passed to epoll create */ - process_lock(); descr->epfd = epoll_create(2); - process_unlock(); if (descr->epfd < 0) return -1; if (fcntl(descr->epfd, F_SETFD, FD_CLOEXEC)) { - process_lock(); close(descr->epfd); - process_unlock(); return -1; } @@ -153,7 +148,6 @@ int lxc_mainloop_open(struct lxc_epoll_descr *descr) int lxc_mainloop_close(struct lxc_epoll_descr *descr) { struct lxc_list *iterator, *next; - int ret; iterator = descr->handlers.next; while (iterator != &descr->handlers) { @@ -165,9 +159,6 @@ int lxc_mainloop_close(struct lxc_epoll_descr *descr) iterator = next; } - process_lock(); - ret = close(descr->epfd); - process_unlock(); - return ret; + return close(descr->epfd); } diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c index 1eae8e625..7e0a713f7 100644 --- a/src/lxc/monitor.c +++ b/src/lxc/monitor.c @@ -64,9 +64,7 @@ int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath); return -1; } - process_lock(); ret = mkdir_p(fifo_path, 0755); - process_unlock(); if (ret < 0) { ERROR("unable to create monitor fifo dir %s", fifo_path); return ret; @@ -91,9 +89,7 @@ static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath) if (ret < 0) return; - process_lock(); fd = open(fifo_path, O_WRONLY); - process_unlock(); if (fd < 0) { /* it is normal for this open to fail when there is no monitor * running, so we don't log it @@ -103,16 +99,12 @@ static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath) ret = write(fd, msg, sizeof(*msg)); if (ret != sizeof(*msg)) { - process_lock(); close(fd); - process_unlock(); SYSERROR("failed to write monitor fifo %s", fifo_path); return; } - process_lock(); close(fd); - process_unlock(); } void lxc_monitor_send_state(const char *name, lxc_state_t state, const char *lxcpath) @@ -129,12 +121,7 @@ void lxc_monitor_send_state(const char *name, lxc_state_t state, const char *lxc /* routines used by monitor subscribers (lxc-monitor) */ int lxc_monitor_close(int fd) { - int ret; - - process_lock(); - ret = close(fd); - process_unlock(); - return ret; + return close(fd); } /* Note we don't use SHA-1 here as we don't want to depend on HAVE_GNUTLS. @@ -200,9 +187,7 @@ int lxc_monitor_open(const char *lxcpath) if (lxc_monitor_sock_name(lxcpath, &addr) < 0) return -1; - process_lock(); fd = socket(PF_UNIX, SOCK_STREAM, 0); - process_unlock(); if (fd < 0) { ERROR("socket : %s", strerror(errno)); return -1; @@ -229,9 +214,7 @@ int lxc_monitor_open(const char *lxcpath) } return fd; err1: - process_lock(); close(fd); - process_unlock(); return ret; } diff --git a/src/lxc/network.c b/src/lxc/network.c index e5dc34df2..361bb9945 100644 --- a/src/lxc/network.c +++ b/src/lxc/network.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -48,7 +49,6 @@ #include "nl.h" #include "network.h" #include "conf.h" -#include "lxclock.h" #if HAVE_IFADDRS_H #include @@ -588,18 +588,14 @@ static int proc_sys_net_write(const char *path, const char *value) { int fd, err = 0; - process_lock(); fd = open(path, O_WRONLY); - process_unlock(); if (fd < 0) return -errno; if (write(fd, value, strlen(value)) < 0) err = -errno; - process_lock(); close(fd); - process_unlock(); return err; } @@ -1081,9 +1077,7 @@ int lxc_bridge_attach(const char *bridge, const char *ifname) if (!index) return -EINVAL; - process_lock(); fd = socket(AF_INET, SOCK_STREAM, 0); - process_unlock(); if (fd < 0) return -errno; @@ -1091,9 +1085,7 @@ int lxc_bridge_attach(const char *bridge, const char *ifname) ifr.ifr_name[IFNAMSIZ-1] = '\0'; ifr.ifr_ifindex = index; err = ioctl(fd, SIOCBRADDIF, &ifr); - process_lock(); close(fd); - process_unlock(); if (err) err = -errno; @@ -1131,15 +1123,11 @@ char *lxc_mkifname(char *template) getifaddrs(&ifaddr); /* Initialize the random number generator */ - process_lock(); urandom = fopen ("/dev/urandom", "r"); - process_unlock(); if (urandom != NULL) { if (fread (&seed, sizeof(seed), 1, urandom) <= 0) seed = time(0); - process_lock(); fclose(urandom); - process_unlock(); } else seed = time(0); @@ -1189,26 +1177,20 @@ int setup_private_host_hw_addr(char *veth1) int err; int sockfd; - process_lock(); sockfd = socket(AF_INET, SOCK_DGRAM, 0); - process_unlock(); if (sockfd < 0) return -errno; snprintf((char *)ifr.ifr_name, IFNAMSIZ, "%s", veth1); err = ioctl(sockfd, SIOCGIFHWADDR, &ifr); if (err < 0) { - process_lock(); close(sockfd); - process_unlock(); return -errno; } ifr.ifr_hwaddr.sa_data[0] = 0xfe; err = ioctl(sockfd, SIOCSIFHWADDR, &ifr); - process_lock(); close(sockfd); - process_unlock(); if (err < 0) return -errno; diff --git a/src/lxc/nl.c b/src/lxc/nl.c index 615316167..7c0f1e53b 100644 --- a/src/lxc/nl.c +++ b/src/lxc/nl.c @@ -31,7 +31,6 @@ #include #include "nl.h" -#include "lxclock.h" #define NLMSG_TAIL(nmsg) \ ((struct rtattr *) (((void *) (nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len))) @@ -223,9 +222,7 @@ extern int netlink_open(struct nl_handler *handler, int protocol) memset(handler, 0, sizeof(*handler)); - process_lock(); handler->fd = socket(AF_NETLINK, SOCK_RAW, protocol); - process_unlock(); if (handler->fd < 0) return -errno; @@ -263,9 +260,7 @@ extern int netlink_open(struct nl_handler *handler, int protocol) extern int netlink_close(struct nl_handler *handler) { - process_lock(); close(handler->fd); - process_unlock(); handler->fd = -1; return 0; } diff --git a/src/lxc/parse.c b/src/lxc/parse.c index dcf5cf02d..c2cd62162 100644 --- a/src/lxc/parse.c +++ b/src/lxc/parse.c @@ -31,7 +31,6 @@ #include "parse.h" #include "config.h" #include "utils.h" -#include "lxclock.h" #include /* Workaround for the broken signature of alphasort() in bionic. @@ -91,9 +90,7 @@ int lxc_file_for_each_line(const char *file, lxc_file_cb callback, void *data) char *line = NULL; size_t len = 0; - process_lock(); f = fopen(file, "r"); - process_unlock(); if (!f) { SYSERROR("failed to open %s", file); return -1; @@ -112,9 +109,7 @@ int lxc_file_for_each_line(const char *file, lxc_file_cb callback, void *data) if (line) free(line); - process_lock(); fclose(f); - process_unlock(); return err; } diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c index 9246f2d7d..1abd69711 100644 --- a/src/lxc/seccomp.c +++ b/src/lxc/seccomp.c @@ -29,7 +29,6 @@ #include #include "config.h" #include "lxcseccomp.h" -#include "lxclock.h" #include "log.h" @@ -115,17 +114,13 @@ int lxc_read_seccomp_config(struct lxc_conf *conf) return -1; } - process_lock(); f = fopen(conf->seccomp, "r"); - process_unlock(); if (!f) { SYSERROR("failed to open seccomp policy file %s\n", conf->seccomp); return -1; } ret = parse_config(f, conf); - process_lock(); fclose(f); - process_unlock(); return ret; } diff --git a/src/lxc/start.c b/src/lxc/start.c index 251bd26bb..7395aeac6 100644 --- a/src/lxc/start.c +++ b/src/lxc/start.c @@ -70,7 +70,6 @@ #include "namespace.h" #include "lxcseccomp.h" #include "caps.h" -#include "lxclock.h" #include "lsm/lsm.h" lxc_log_define(lxc_start, lxc); @@ -87,14 +86,12 @@ const struct ns_info ns_info[LXC_NS_MAX] = { static void close_ns(int ns_fd[LXC_NS_MAX]) { int i; - process_lock(); for (i = 0; i < LXC_NS_MAX; i++) { if (ns_fd[i] > -1) { close(ns_fd[i]); ns_fd[i] = -1; } } - process_unlock(); } static int preserve_ns(int ns_fd[LXC_NS_MAX], int clone_flags) { @@ -113,9 +110,7 @@ static int preserve_ns(int ns_fd[LXC_NS_MAX], int clone_flags) { if ((clone_flags & ns_info[i].clone_flag) == 0) continue; snprintf(path, MAXPATHLEN, "/proc/self/ns/%s", ns_info[i].proc_name); - process_lock(); ns_fd[i] = open(path, O_RDONLY | O_CLOEXEC); - process_unlock(); if (ns_fd[i] < 0) goto error; } @@ -159,9 +154,7 @@ int lxc_check_inherited(struct lxc_conf *conf, int fd_to_ignore) DIR *dir; restart: - process_lock(); dir = opendir("/proc/self/fd"); - process_unlock(); if (!dir) { WARN("failed to open directory: %m"); return -1; @@ -188,19 +181,15 @@ restart: continue; if (conf->close_all_fds) { - process_lock(); close(fd); closedir(dir); - process_unlock(); INFO("closed inherited fd %d", fd); goto restart; } WARN("inherited fd %d", fd); } - process_lock(); closedir(dir); /* cannot fail */ - process_unlock(); return 0; } @@ -337,9 +326,7 @@ int lxc_poll(const char *name, struct lxc_handler *handler) out_mainloop_open: lxc_mainloop_close(&descr); out_sigfd: - process_lock(); close(sigfd); - process_unlock(); return -1; } @@ -440,9 +427,7 @@ out_delete_tty: out_aborting: lxc_set_state(name, handler, ABORTING); out_close_maincmd_fd: - process_lock(); close(conf->maincmd_fd); - process_unlock(); conf->maincmd_fd = -1; out_free_name: free(handler->name); @@ -469,9 +454,7 @@ static void lxc_fini(const char *name, struct lxc_handler *handler) lxc_console_delete(&handler->conf->console); lxc_delete_tty(&handler->conf->tty_info); - process_lock(); close(handler->conf->maincmd_fd); - process_unlock(); handler->conf->maincmd_fd = -1; free(handler->name); if (handler->cgroup) { @@ -519,18 +502,14 @@ static int must_drop_cap_sys_boot(struct lxc_conf *conf) int status; pid_t pid; - process_lock(); f = fopen("/proc/sys/kernel/ctrl-alt-del", "r"); - process_unlock(); if (!f) { DEBUG("failed to open /proc/sys/kernel/ctrl-alt-del"); return 1; } ret = fscanf(f, "%d", &v); - process_lock(); fclose(f); - process_unlock(); if (ret != 1) { DEBUG("Failed to read /proc/sys/kernel/ctrl-alt-del"); return 1; @@ -587,9 +566,7 @@ static int do_start(void *data) /* don't leak the pinfd to the container */ if (handler->pinfd >= 0) { - process_lock(); close(handler->pinfd); - process_unlock(); } /* Tell the parent task it can begin to configure the @@ -666,9 +643,7 @@ static int do_start(void *data) goto out_warn_father; } - process_lock(); close(handler->sigfd); - process_unlock(); /* after this call, we are in error because this * ops should not return as it execs */ @@ -913,9 +888,7 @@ out_abort: lxc_abort(name, handler); lxc_sync_fini(handler); if (handler->pinfd >= 0) { - process_lock(); close(handler->pinfd); - process_unlock(); handler->pinfd = -1; } @@ -987,9 +960,7 @@ int __lxc_start(const char *name, struct lxc_conf *conf, lxc_rename_phys_nics_on_shutdown(handler->conf); if (handler->pinfd >= 0) { - process_lock(); close(handler->pinfd); - process_unlock(); handler->pinfd = -1; } diff --git a/src/lxc/state.c b/src/lxc/state.c index 92be56053..398833aa9 100644 --- a/src/lxc/state.c +++ b/src/lxc/state.c @@ -39,7 +39,6 @@ #include #include "commands.h" #include "config.h" -#include "lxclock.h" lxc_log_define(lxc_state, lxc); @@ -84,18 +83,14 @@ static lxc_state_t freezer_state(const char *name, const char *lxcpath) if (ret < 0 || ret >= MAXPATHLEN) goto out; - process_lock(); file = fopen(freezer, "r"); - process_unlock(); if (!file) { ret = -1; goto out; } ret = fscanf(file, "%s", status); - process_lock(); fclose(file); - process_unlock(); if (ret == EOF) { SYSERROR("failed to read %s", freezer); diff --git a/src/lxc/sync.c b/src/lxc/sync.c index a3b4a1af3..52e02aeed 100644 --- a/src/lxc/sync.c +++ b/src/lxc/sync.c @@ -29,7 +29,6 @@ #include "log.h" #include "start.h" -#include "lxclock.h" lxc_log_define(lxc_sync, lxc); @@ -102,9 +101,7 @@ int lxc_sync_init(struct lxc_handler *handler) { int ret; - process_lock(); ret = socketpair(AF_LOCAL, SOCK_STREAM, 0, handler->sv); - process_unlock(); if (ret) { SYSERROR("failed to create synchronization socketpair"); return -1; @@ -119,9 +116,7 @@ int lxc_sync_init(struct lxc_handler *handler) void lxc_sync_fini_child(struct lxc_handler *handler) { if (handler->sv[0] != -1) { - process_lock(); close(handler->sv[0]); - process_unlock(); handler->sv[0] = -1; } } @@ -129,9 +124,7 @@ void lxc_sync_fini_child(struct lxc_handler *handler) void lxc_sync_fini_parent(struct lxc_handler *handler) { if (handler->sv[1] != -1) { - process_lock(); close(handler->sv[1]); - process_unlock(); handler->sv[1] = -1; } } diff --git a/src/lxc/utils.c b/src/lxc/utils.c index dc30a778b..9f618e766 100644 --- a/src/lxc/utils.c +++ b/src/lxc/utils.c @@ -61,9 +61,7 @@ static int _recursive_rmdir_onedev(char *dirname, dev_t pdev) int ret, failed=0; char pathname[MAXPATHLEN]; - process_lock(); dir = opendir(dirname); - process_unlock(); if (!dir) { ERROR("%s: failed to open %s", __func__, dirname); return -1; @@ -110,9 +108,7 @@ static int _recursive_rmdir_onedev(char *dirname, dev_t pdev) failed=1; } - process_lock(); ret = closedir(dir); - process_unlock(); if (ret) { ERROR("%s: failed to close directory %s", __func__, dirname); failed=1; @@ -303,10 +299,8 @@ const char *lxc_global_config_value(const char *option_name) } static_unlock(); - process_lock(); fin = fopen_cloexec(user_config_path, "r"); free(user_config_path); - process_unlock(); if (fin) { while (fgets(buf, 1024, fin)) { if (buf[0] == '#') @@ -362,10 +356,8 @@ const char *lxc_global_config_value(const char *option_name) static_unlock(); out: - process_lock(); if (fin) fclose(fin); - process_unlock(); static_lock(); value = values[i]; @@ -482,15 +474,6 @@ ssize_t lxc_read_nointr_expect(int fd, void* buf, size_t count, const void* expe return ret; } -static inline int lock_fclose(FILE *f) -{ - int ret; - process_lock(); - ret = fclose(f); - process_unlock(); - return ret; -} - #if HAVE_LIBGNUTLS #include #include @@ -510,40 +493,38 @@ int sha1sum_file(char *fnam, unsigned char *digest) if (!fnam) return -1; - process_lock(); f = fopen_cloexec(fnam, "r"); - process_unlock(); if (!f) { SYSERROR("Error opening template"); return -1; } if (fseek(f, 0, SEEK_END) < 0) { SYSERROR("Error seeking to end of template"); - lock_fclose(f); + fclose(f); return -1; } if ((flen = ftell(f)) < 0) { SYSERROR("Error telling size of template"); - lock_fclose(f); + fclose(f); return -1; } if (fseek(f, 0, SEEK_SET) < 0) { SYSERROR("Error seeking to start of template"); - lock_fclose(f); + fclose(f); return -1; } if ((buf = malloc(flen+1)) == NULL) { SYSERROR("Out of memory"); - lock_fclose(f); + fclose(f); return -1; } if (fread(buf, 1, flen, f) != flen) { SYSERROR("Failure reading template"); free(buf); - lock_fclose(f); + fclose(f); return -1; } - if (lock_fclose(f) < 0) { + if (fclose(f) < 0) { SYSERROR("Failre closing template"); free(buf); return -1; @@ -600,10 +581,6 @@ const char** lxc_va_arg_list_to_argv_const(va_list ap, size_t skip) return (const char**)lxc_va_arg_list_to_argv(ap, skip, 0); } -/* - * fopen_cloexec: must be called with process_lock() held - * if it is needed. - */ FILE *fopen_cloexec(const char *path, const char *mode) { int open_mode = 0; @@ -648,7 +625,6 @@ FILE *fopen_cloexec(const char *path, const char *mode) return ret; } -/* must be called with process_lock() held */ extern struct lxc_popen_FILE *lxc_popen(const char *command) { struct lxc_popen_FILE *fp = NULL; @@ -746,7 +722,6 @@ error: return NULL; } -/* must be called with process_lock() held */ extern int lxc_pclose(struct lxc_popen_FILE *fp) { FILE *f = NULL; @@ -1086,9 +1061,7 @@ int lxc_write_to_file(const char *filename, const void* buf, size_t count, bool int fd, saved_errno; ssize_t ret; - process_lock(); fd = open(filename, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0666); - process_unlock(); if (fd < 0) return -1; ret = lxc_write_nointr(fd, buf, count); @@ -1101,16 +1074,12 @@ int lxc_write_to_file(const char *filename, const void* buf, size_t count, bool if (ret != 1) goto out_error; } - process_lock(); close(fd); - process_unlock(); return 0; out_error: saved_errno = errno; - process_lock(); close(fd); - process_unlock(); errno = saved_errno; return -1; } @@ -1120,9 +1089,7 @@ int lxc_read_from_file(const char *filename, void* buf, size_t count) int fd = -1, saved_errno; ssize_t ret; - process_lock(); fd = open(filename, O_RDONLY | O_CLOEXEC); - process_unlock(); if (fd < 0) return -1; @@ -1142,9 +1109,7 @@ int lxc_read_from_file(const char *filename, void* buf, size_t count) ERROR("read %s: %s", filename, strerror(errno)); saved_errno = errno; - process_lock(); close(fd); - process_unlock(); errno = saved_errno; return ret; } diff --git a/src/lxc/utils.h b/src/lxc/utils.h index 945f1de31..2992f9016 100644 --- a/src/lxc/utils.h +++ b/src/lxc/utils.h @@ -172,7 +172,6 @@ struct lxc_popen_FILE { * via sigprocmask(2) (unblocks all signals) after fork(2) but prior to calling exec(3). * In short, popen(command, "re") does pipe() + fork() + exec() * while lxc_popen(command) does pipe() + fork() + sigprocmask() + exec(). - * Must be called with process_lock() held. * Returns pointer to struct lxc_popen_FILE, that should be freed with lxc_pclose(). * On error returns NULL. */ @@ -182,7 +181,6 @@ extern struct lxc_popen_FILE *lxc_popen(const char *command); * returned by lxc_popen(). * Waits for associated process to terminate, returns its exit status and * frees resources, pointed to by struct lxc_popen_FILE *. - * Must be called with process_lock() held. */ extern int lxc_pclose(struct lxc_popen_FILE *fp);