nspawn: rename pin_fully_visible_fs() → pin_fully_visible_api_fs()

This function pins the *API* FS, i.e. /proc/ + /sys/, not just any fs. Hence clarify this in the name. (At least we call these two fs "API (V)FS" in our codebase, hence continue to do so here)
2025-03-06 00:58:29 +03:00 · 2024-11-25 11:32:35 +01:00 · 2024-11-25 11:32:35 +01:00 · b83358b87f
commit b83358b87f
parent bf1ef54d30
3 changed files with 9 additions and 8 deletions
--- a/src/nspawn/nspawn-mount.c
+++ b/src/nspawn/nspawn-mount.c
@ -1406,7 +1406,7 @@ done:
 #define NSPAWN_PRIVATE_FULLY_VISIBLE_PROCFS "/run/host/proc"
 #define NSPAWN_PRIVATE_FULLY_VISIBLE_SYSFS "/run/host/sys"

-int pin_fully_visible_fs(void) {
+int pin_fully_visible_api_fs(void) {
        int r;

        log_debug("Pinning fully visible API FS");
@ -1425,7 +1425,7 @@ int pin_fully_visible_fs(void) {
        return 0;
 }

-static int do_wipe_fully_visible_fs(void) {
+static int do_wipe_fully_visible_api_fs(void) {
        if (umount2(NSPAWN_PRIVATE_FULLY_VISIBLE_PROCFS, MNT_DETACH) < 0)
                return log_error_errno(errno, "Failed to unmount temporary proc: %m");

@ -1441,7 +1441,7 @@ static int do_wipe_fully_visible_fs(void) {
        return 0;
 }

-int wipe_fully_visible_fs(int mntns_fd) {
+int wipe_fully_visible_api_fs(int mntns_fd) {
        _cleanup_close_ int orig_mntns_fd = -EBADF;
        int r, rr;

@ -1464,7 +1464,7 @@ int wipe_fully_visible_fs(int mntns_fd) {
        if (r < 0)
                return log_error_errno(r, "Failed to enter mount namespace: %m");

-        rr = do_wipe_fully_visible_fs();
+        rr = do_wipe_fully_visible_api_fs();

        r = namespace_enter(/* pidns_fd = */ -EBADF,
                            orig_mntns_fd,
--- a/src/nspawn/nspawn-mount.h
+++ b/src/nspawn/nspawn-mount.h
@ -73,5 +73,6 @@ int pivot_root_parse(char **pivot_root_new, char **pivot_root_old, const char *s
 int setup_pivot_root(const char *directory, const char *pivot_root_new, const char *pivot_root_old);

 int tmpfs_patch_options(const char *options,uid_t uid_shift, const char *selinux_apifs_context, char **ret);
-int pin_fully_visible_fs(void);
-int wipe_fully_visible_fs(int mntns_fd);
+
+int pin_fully_visible_api_fs(void);
+int wipe_fully_visible_api_fs(int mntns_fd);
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@ -4357,7 +4357,7 @@ static int outer_child(
                         * Note, the inner child wouldn't be able to unmount the instances on its own since
                         * it doesn't own the originating mount namespace. IOW, the outer child needs to do
                         * this. */
-                        r = pin_fully_visible_fs();
+                        r = pin_fully_visible_api_fs();
                        if (r < 0)
                                return r;
                }
@ -5625,7 +5625,7 @@ static int run_container(
                return log_error_errno(SYNTHETIC_ERRNO(ESRCH), "Child died too early.");

        if (arg_userns_mode != USER_NAMESPACE_NO) {
-                r = wipe_fully_visible_fs(mntns_fd);
+                r = wipe_fully_visible_api_fs(mntns_fd);
                if (r < 0)
                        return r;
                mntns_fd = safe_close(mntns_fd);