Move ProcMountNSGuard to separate file

This moves ProcMountNS[Guard] classes to a separate header file and implementation. The goal will be to use these more directly in libbpf.c without creating a circular dependency. Removed the friend class statements and exposed a few public getters instead. Slightly changed the implementation in ProcMountNS constructor to avoid a few error cases and the use of snprintf. Signed-off-by: Brenden Blanco <bblanco@gmail.com>

Move ProcMountNSGuard to separate file
This moves ProcMountNS[Guard] classes to a separate header file and implementation. The goal will be to use these more directly in libbpf.c without creating a circular dependency. Removed the friend class statements and exposed a few public getters instead. Slightly changed the implementation in ProcMountNS constructor to avoid a few error cases and the use of snprintf. Signed-off-by: Brenden Blanco <bblanco@gmail.com>
cb7855bb · Brenden Blanco · 5a7882e3 · cb7855bb · cb7855bb · cb7855bb
Commit cb7855bb authored May 25, 2017 by Brenden Blanco
5 changed files
--- a/src/cc/CMakeLists.txt
+++ b/src/cc/CMakeLists.txt
@@ -35,12 +35,18 @@ if (CMAKE_COMPILER_IS_GNUCC AND LIBCLANG_ISSTATIC)
  endif()
 endif()
-add_library(bcc-shared SHARED bpf_common.cc bpf_module.cc libbpf.c perf_reader.c table_storage.cc shared_table.cc bpffs_table.cc json_map_decl_visitor.cc exported_files.cc bcc_elf.c bcc_perf_map.c bcc_proc.c bcc_syms.cc usdt_args.cc usdt.cc common.cc BPF.cc BPFTable.cc)
+add_library(bcc-shared SHARED bpf_common.cc bpf_module.cc libbpf.c perf_reader.c
+  table_storage.cc shared_table.cc bpffs_table.cc json_map_decl_visitor.cc
+  exported_files.cc bcc_elf.c bcc_perf_map.c bcc_proc.c bcc_syms.cc ns_guard.cc
+  usdt_args.cc usdt.cc common.cc BPF.cc BPFTable.cc)
 set_target_properties(bcc-shared PROPERTIES VERSION ${REVISION_LAST} SOVERSION 0)
 set_target_properties(bcc-shared PROPERTIES OUTPUT_NAME bcc)
-add_library(bcc-loader-static STATIC libbpf.c perf_reader.c bcc_elf.c bcc_perf_map.c bcc_proc.c bcc_syms.cc)
+add_library(bcc-loader-static STATIC libbpf.c perf_reader.c bcc_elf.c
-add_library(bcc-static STATIC bpf_common.cc bpf_module.cc shared_table.cc bpffs_table.cc json_map_decl_visitor.cc table_storage.cc exported_files.cc usdt_args.cc usdt.cc common.cc BPF.cc BPFTable.cc)
+  bcc_perf_map.c bcc_proc.c bcc_syms.cc ns_guard.cc)
+add_library(bcc-static STATIC bpf_common.cc bpf_module.cc shared_table.cc
+  bpffs_table.cc json_map_decl_visitor.cc table_storage.cc exported_files.cc
+  usdt_args.cc usdt.cc common.cc BPF.cc BPFTable.cc)
 set_target_properties(bcc-static PROPERTIES OUTPUT_NAME bcc)
 set(llvm_raw_libs bitwriter bpfcodegen irreader linker

--- a/src/cc/bcc_syms.cc
+++ b/src/cc/bcc_syms.cc
@@ -96,66 +96,6 @@ bool KSyms::resolve_name(const char *_unused, const char *name,
  return true;
 }
-ProcMountNS::ProcMountNS(int pid) {
-  if (pid < 0)
-    return;
-  ebpf::FileDesc self_fd;
-  ebpf::FileDesc target_fd;
-  char path[256];
-  int res;
-  res = std::snprintf(path, 256, "/proc/self/ns/mnt");
-  if (res <= 0 || res >= 256)
-    return;
-  if ((self_fd = open(path, O_RDONLY)) < 0)
-    return;
-  res = std::snprintf(path, 256, "/proc/%d/ns/mnt", pid);
-  if (res <= 0 || res >= 256)
-    return;
-  if ((target_fd = open(path, O_RDONLY)) < 0)
-    return;
-  struct stat self_stat, target_stat;
-  if (fstat(self_fd, &self_stat) != 0)
-    return;
-  if (fstat(target_fd, &target_stat) != 0)
-    return;
-  if (self_stat.st_ino == target_stat.st_ino)
-    // Both current and target Process are in same mount namespace
-    return;
-  self_fd_ = std::move(self_fd);
-  target_fd_ = std::move(target_fd);
-}
-ProcMountNSGuard::ProcMountNSGuard(ProcMountNS *mount_ns)
-    : mount_ns_instance_(nullptr), mount_ns_(mount_ns), entered_(false) {
-  init();
-}
-ProcMountNSGuard::ProcMountNSGuard(int pid)
-    : mount_ns_instance_(pid > 0 ? new ProcMountNS(pid) : nullptr),
-      mount_ns_(mount_ns_instance_.get()),
-      entered_(false) {
-  init();
-}
-void ProcMountNSGuard::init() {
-  if (!mount_ns_ || mount_ns_->self_fd_ < 0 || mount_ns_->target_fd_ < 0)
-    return;
-  if (setns(mount_ns_->target_fd_, CLONE_NEWNS) == 0)
-    entered_ = true;
-}
-ProcMountNSGuard::~ProcMountNSGuard() {
-  if (mount_ns_ && entered_ && mount_ns_->self_fd_ >= 0)
-    setns(mount_ns_->self_fd_, CLONE_NEWNS);
-}
 ProcSyms::ProcSyms(int pid, struct bcc_symbol_option *option)
    : pid_(pid), procstat_(pid), mount_ns_instance_(new ProcMountNS(pid_)) {
  if (option)

--- a/src/cc/ns_guard.cc
+++ b/src/cc/ns_guard.cc
+/*
+ * Copyright (c) 2017 Facebook, Inc.
+ * Copyright (c) 2017 VMware, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <string>
+#include "ns_guard.h"
+ProcMountNS::ProcMountNS(int pid) {
+  if (pid < 0)
+    return;
+  std::string target_path = "/proc/" + std::to_string(pid) + "/ns/mnt";
+  ebpf::FileDesc target_fd(open(target_path.c_str(), O_RDONLY));
+  ebpf::FileDesc self_fd(open("/proc/self/ns/mnt", O_RDONLY));
+  if (self_fd < 0 || target_fd < 0)
+    return;
+  struct stat self_stat, target_stat;
+  if (fstat(self_fd, &self_stat) != 0)
+    return;
+  if (fstat(target_fd, &target_stat) != 0)
+    return;
+  if (self_stat.st_ino == target_stat.st_ino)
+    // Both current and target Process are in same mount namespace
+    return;
+  self_fd_ = std::move(self_fd);
+  target_fd_ = std::move(target_fd);
+}
+ProcMountNSGuard::ProcMountNSGuard(ProcMountNS *mount_ns)
+    : mount_ns_instance_(nullptr), mount_ns_(mount_ns), entered_(false) {
+  init();
+}
+ProcMountNSGuard::ProcMountNSGuard(int pid)
+    : mount_ns_instance_(pid > 0 ? new ProcMountNS(pid) : nullptr),
+      mount_ns_(mount_ns_instance_.get()),
+      entered_(false) {
+  init();
+}
+void ProcMountNSGuard::init() {
+  if (!mount_ns_ || mount_ns_->self() < 0 || mount_ns_->target() < 0)
+    return;
+  if (setns(mount_ns_->target(), CLONE_NEWNS) == 0)
+    entered_ = true;
+}
+ProcMountNSGuard::~ProcMountNSGuard() {
+  if (mount_ns_ && entered_ && mount_ns_->self() >= 0)
+    setns(mount_ns_->self(), CLONE_NEWNS);
+}
--- a/src/cc/ns_guard.h
+++ b/src/cc/ns_guard.h
+/*
+ * Copyright (c) 2017 Facebook, Inc.
+ * Copyright (c) 2017 VMware, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#pragma once
+#include <memory>
+#include "file_desc.h"
+class ProcMountNSGuard;
+// ProcMountNS opens an fd corresponding to the current mount namespace and the
+// mount namespace of the target process.
+// The fds will remain uninitialized (<0) if the open fails, or if the current
+// and target namespaces are identical.
+class ProcMountNS {
+ public:
+  explicit ProcMountNS(int pid);
+  int self() const { return self_fd_; }
+  int target() const { return target_fd_; }
+ private:
+  ebpf::FileDesc self_fd_;
+  ebpf::FileDesc target_fd_;
+};
+// ProcMountNSGuard switches to the target mount namespace and restores the
+// original upon going out of scope.
+class ProcMountNSGuard {
+ public:
+  explicit ProcMountNSGuard(ProcMountNS *mount_ns);
+  explicit ProcMountNSGuard(int pid);
+  ~ProcMountNSGuard();
+ private:
+  void init();
+  std::unique_ptr<ProcMountNS> mount_ns_instance_;
+  ProcMountNS *mount_ns_;
+  bool entered_;
+};
--- a/src/cc/syms.h
+++ b/src/cc/syms.h
@@ -23,8 +23,9 @@
 #include <unordered_set>
 #include <vector>
-#include "file_desc.h"
 #include "bcc_syms.h"
+#include "file_desc.h"
+#include "ns_guard.h"
 class ProcStat {
  std::string procfs_;
@@ -67,35 +68,6 @@ public:
  virtual void refresh();
 };
-class ProcMountNSGuard;
-class ProcSyms;
-class ProcMountNS {
-private:
-  explicit ProcMountNS(int pid);
-  ebpf::FileDesc self_fd_;
-  ebpf::FileDesc target_fd_;
-  friend class ProcMountNSGuard;
-  friend class ProcSyms;
-};
-class ProcMountNSGuard {
-public:
-  explicit ProcMountNSGuard(ProcMountNS *mount_ns);
-  explicit ProcMountNSGuard(int pid);
-  ~ProcMountNSGuard();
-private:
-  void init();
-  std::unique_ptr<ProcMountNS> mount_ns_instance_;
-  ProcMountNS *mount_ns_;
-  bool entered_;
-};
 class ProcSyms : SymbolCache {
  struct Symbol {
    Symbol(const std::string *name, uint64_t start, uint64_t size)