From 517ad25b5fe83376af258acef646551cb97af97c Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Mon, 10 Aug 2020 23:58:11 +0100 Subject: [PATCH] context: Only parse filesystem/mode strings in one place This gives us the ability for the parse function (the former verify function) to carry out a normalization step as well. Signed-off-by: Simon McVittie Conflict:NA Reference:https://github.com/flatpak/flatpak/commit/517ad25b5fe83376af258acef646551cb97af97c --- common/flatpak-context.c | 77 +++++++++++++++++--------------- common/flatpak-exports-private.h | 1 + common/flatpak-exports.c | 14 +++--- 3 files changed, 48 insertions(+), 44 deletions(-) diff --git a/common/flatpak-context.c b/common/flatpak-context.c index 4892d7b..3a99646 100644 --- a/common/flatpak-context.c +++ b/common/flatpak-context.c @@ -92,6 +92,7 @@ flatpak_context_new (void) context = g_slice_new0 (FlatpakContext); context->env_vars = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); context->persistent = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); + /* filename or special filesystem name => FlatpakFilesystemMode */ context->filesystems = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); context->session_bus_policy = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); context->system_bus_policy = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); @@ -748,19 +749,23 @@ parse_filesystem_flags (const char *filesystem, } static gboolean -flatpak_context_verify_filesystem (const char *filesystem_and_mode, - GError **error) +flatpak_context_parse_filesystem (const char *filesystem_and_mode, + char **filesystem_out, + FlatpakFilesystemMode *mode_out, + GError **error) { - g_autofree char *filesystem = parse_filesystem_flags (filesystem_and_mode, NULL); + g_autofree char *filesystem = parse_filesystem_flags (filesystem_and_mode, mode_out); - if (g_strv_contains (flatpak_context_special_filesystems, filesystem)) - return TRUE; - if (get_xdg_user_dir_from_string (filesystem, NULL, NULL, NULL)) - return TRUE; - if (g_str_has_prefix (filesystem, "~/")) - return TRUE; - if (g_str_has_prefix (filesystem, "/")) - return TRUE; + if (g_strv_contains (flatpak_context_special_filesystems, filesystem) || + get_xdg_user_dir_from_string (filesystem, NULL, NULL, NULL) || + g_str_has_prefix (filesystem, "~/") || + g_str_has_prefix (filesystem, "/")) + { + if (filesystem_out != NULL) + *filesystem_out = g_steal_pointer (&filesystem); + + return TRUE; + } g_set_error (error, G_OPTION_ERROR, G_OPTION_ERROR_FAILED, _("Unknown filesystem location %s, valid locations are: host, home, xdg-*[/...], ~/dir, /dir"), filesystem); @@ -768,24 +773,13 @@ flatpak_context_verify_filesystem (const char *filesystem_and_mode, } static void -flatpak_context_add_filesystem (FlatpakContext *context, - const char *what) +flatpak_context_take_filesystem (FlatpakContext *context, + char *fs, + FlatpakFilesystemMode mode) { - FlatpakFilesystemMode mode; - char *fs = parse_filesystem_flags (what, &mode); - g_hash_table_insert (context->filesystems, fs, GINT_TO_POINTER (mode)); } -static void -flatpak_context_remove_filesystem (FlatpakContext *context, - const char *what) -{ - g_hash_table_insert (context->filesystems, - parse_filesystem_flags (what, NULL), - NULL); -} - void flatpak_context_merge (FlatpakContext *context, FlatpakContext *other) @@ -999,11 +993,13 @@ option_filesystem_cb (const gchar *option_name, GError **error) { FlatpakContext *context = data; + g_autofree char *fs = NULL; + FlatpakFilesystemMode mode; - if (!flatpak_context_verify_filesystem (value, error)) + if (!flatpak_context_parse_filesystem (value, &fs, &mode, error)) return FALSE; - flatpak_context_add_filesystem (context, value); + flatpak_context_take_filesystem (context, g_steal_pointer (&fs), mode); return TRUE; } @@ -1014,11 +1010,14 @@ option_nofilesystem_cb (const gchar *option_name, GError **error) { FlatpakContext *context = data; + g_autofree char *fs = NULL; + FlatpakFilesystemMode mode; - if (!flatpak_context_verify_filesystem (value, error)) + if (!flatpak_context_parse_filesystem (value, &fs, &mode, error)) return FALSE; - flatpak_context_remove_filesystem (context, value); + flatpak_context_take_filesystem (context, g_steal_pointer (&fs), + FLATPAK_FILESYSTEM_MODE_NONE); return TRUE; } @@ -1441,14 +1440,18 @@ flatpak_context_load_metadata (FlatpakContext *context, for (i = 0; filesystems[i] != NULL; i++) { const char *fs = parse_negated (filesystems[i], &remove); - if (!flatpak_context_verify_filesystem (fs, NULL)) + g_autofree char *filesystem = NULL; + FlatpakFilesystemMode mode; + + if (!flatpak_context_parse_filesystem (fs, &filesystem, &mode, NULL)) g_debug ("Unknown filesystem type %s", filesystems[i]); else { if (remove) - flatpak_context_remove_filesystem (context, fs); + flatpak_context_take_filesystem (context, g_steal_pointer (&filesystem), + FLATPAK_FILESYSTEM_MODE_NONE); else - flatpak_context_add_filesystem (context, fs); + flatpak_context_take_filesystem (context, g_steal_pointer (&filesystem), mode); } } } @@ -1674,7 +1677,7 @@ flatpak_context_save_metadata (FlatpakContext *context, { FlatpakFilesystemMode mode = GPOINTER_TO_INT (value); - if (mode != 0) + if (mode != FLATPAK_FILESYSTEM_MODE_NONE) g_ptr_array_add (array, unparse_filesystem_flags (key, mode)); else g_ptr_array_add (array, g_strconcat ("!", key, NULL)); @@ -1781,7 +1784,7 @@ flatpak_context_save_metadata (FlatpakContext *context, void flatpak_context_allow_host_fs (FlatpakContext *context) { - flatpak_context_add_filesystem (context, "host"); + flatpak_context_take_filesystem (context, g_strdup ("host"), FLATPAK_FILESYSTEM_MODE_READ_WRITE); } gboolean @@ -1846,7 +1849,7 @@ flatpak_context_to_args (FlatpakContext *context, { FlatpakFilesystemMode mode = GPOINTER_TO_INT (value); - if (mode != 0) + if (mode != FLATPAK_FILESYSTEM_MODE_NONE) { g_autofree char *fs = unparse_filesystem_flags (key, mode); g_ptr_array_add (args, g_strdup_printf ("--filesystem=%s", fs)); @@ -1949,7 +1952,7 @@ flatpak_context_export (FlatpakContext *context, gpointer key, value; fs_mode = (FlatpakFilesystemMode) g_hash_table_lookup (context->filesystems, "host"); - if (fs_mode != 0) + if (fs_mode != FLATPAK_FILESYSTEM_MODE_NONE) { DIR *dir; struct dirent *dirent; @@ -1978,7 +1981,7 @@ flatpak_context_export (FlatpakContext *context, } home_mode = (FlatpakFilesystemMode) g_hash_table_lookup (context->filesystems, "home"); - if (home_mode != 0) + if (home_mode != FLATPAK_FILESYSTEM_MODE_NONE) { g_debug ("Allowing homedir access"); home_access = TRUE; diff --git a/common/flatpak-exports-private.h b/common/flatpak-exports-private.h index 64cf59a..e4b2c14 100644 --- a/common/flatpak-exports-private.h +++ b/common/flatpak-exports-private.h @@ -26,6 +26,7 @@ /* In numerical order of more privs */ typedef enum { + FLATPAK_FILESYSTEM_MODE_NONE = 0, FLATPAK_FILESYSTEM_MODE_READ_ONLY = 1, FLATPAK_FILESYSTEM_MODE_READ_WRITE = 2, FLATPAK_FILESYSTEM_MODE_CREATE = 3, diff --git a/common/flatpak-exports.c b/common/flatpak-exports.c index 21a8b17..d31ef95 100644 --- a/common/flatpak-exports.c +++ b/common/flatpak-exports.c @@ -80,7 +80,7 @@ make_relative (const char *base, const char *path) } #define FAKE_MODE_DIR -1 /* Ensure a dir, either on tmpfs or mapped parent */ -#define FAKE_MODE_TMPFS 0 +#define FAKE_MODE_TMPFS FLATPAK_FILESYSTEM_MODE_NONE #define FAKE_MODE_SYMLINK G_MAXINT typedef struct @@ -278,7 +278,7 @@ flatpak_exports_append_bwrap_args (FlatpakExports *exports, } } - if (exports->host_fs != 0) + if (exports->host_fs != FLATPAK_FILESYSTEM_MODE_NONE) { if (g_file_test ("/usr", G_FILE_TEST_IS_DIR)) flatpak_bwrap_add_args (bwrap, @@ -337,7 +337,7 @@ flatpak_exports_path_get_mode (FlatpakExports *exports, break; } - return 0; + return FLATPAK_FILESYSTEM_MODE_NONE; } if (S_ISLNK (st.st_mode)) @@ -347,7 +347,7 @@ flatpak_exports_path_get_mode (FlatpakExports *exports, int j; if (resolved == NULL) - return 0; + return FLATPAK_FILESYSTEM_MODE_NONE; path2_builder = g_string_new (resolved); @@ -361,7 +361,7 @@ flatpak_exports_path_get_mode (FlatpakExports *exports, } } else if (parts[i + 1] == NULL) - return 0; /* Last part was not mapped */ + return FLATPAK_FILESYSTEM_MODE_NONE; /* Last part was not mapped */ } if (is_readonly) @@ -374,7 +374,7 @@ gboolean flatpak_exports_path_is_visible (FlatpakExports *exports, const char *path) { - return flatpak_exports_path_get_mode (exports, path) > 0; + return flatpak_exports_path_get_mode (exports, path) > FLATPAK_FILESYSTEM_MODE_NONE; } static gboolean @@ -605,7 +605,7 @@ flatpak_exports_add_path_expose_or_hide (FlatpakExports *exports, FlatpakFilesystemMode mode, const char *path) { - if (mode == 0) + if (mode == FLATPAK_FILESYSTEM_MODE_NONE) flatpak_exports_add_path_tmpfs (exports, path); else flatpak_exports_add_path_expose (exports, mode, path); -- 2.27.0