diff --git a/src/core/import-creds.c b/src/core/import-creds.c index dc37c0d573..0f35514079 100644 --- a/src/core/import-creds.c +++ b/src/core/import-creds.c @@ -66,19 +66,19 @@ * Net result: the service manager can pick up trusted credentials from $CREDENTIALS_DIRECTORY afterwards, * and untrusted ones from $ENCRYPTED_CREDENTIALS_DIRECTORY. */ -typedef struct ImportCredentialContext { +typedef struct ImportCredentialsContext { int target_dir_fd; size_t size_sum; unsigned n_credentials; -} ImportCredentialContext; +} ImportCredentialsContext; -static void import_credentials_context_free(ImportCredentialContext *c) { +static void import_credentials_context_done(ImportCredentialsContext *c) { assert(c); - c->target_dir_fd = safe_close(c->target_dir_fd); + safe_close(c->target_dir_fd); } -static int acquire_credential_directory(ImportCredentialContext *c, const char *path, bool with_mount) { +static int acquire_credential_directory(ImportCredentialsContext *c, const char *path, bool with_mount) { int r; assert(c); @@ -130,7 +130,7 @@ static int open_credential_file_for_write(int target_dir_fd, const char *dir_nam return fd; } -static bool credential_size_ok(ImportCredentialContext *c, const char *name, uint64_t size) { +static bool credential_size_ok(const ImportCredentialsContext *c, const char *name, uint64_t size) { assert(c); assert(name); @@ -169,7 +169,7 @@ static int finalize_credentials_dir(const char *dir, const char *envvar) { } static int import_credentials_boot(void) { - _cleanup_(import_credentials_context_free) ImportCredentialContext context = { + _cleanup_(import_credentials_context_done) ImportCredentialsContext context = { .target_dir_fd = -EBADF, }; int r; @@ -285,7 +285,7 @@ static int import_credentials_boot(void) { } static int proc_cmdline_callback(const char *key, const char *value, void *data) { - ImportCredentialContext *c = ASSERT_PTR(data); + ImportCredentialsContext *c = ASSERT_PTR(data); _cleanup_free_ void *binary = NULL; _cleanup_free_ char *n = NULL; _cleanup_close_ int nfd = -EBADF; @@ -360,7 +360,7 @@ static int proc_cmdline_callback(const char *key, const char *value, void *data) return 0; } -static int import_credentials_proc_cmdline(ImportCredentialContext *c) { +static int import_credentials_proc_cmdline(ImportCredentialsContext *c) { int r; assert(c); @@ -374,7 +374,7 @@ static int import_credentials_proc_cmdline(ImportCredentialContext *c) { #define QEMU_FWCFG_PATH "/sys/firmware/qemu_fw_cfg/by_name/opt/io.systemd.credentials" -static int import_credentials_qemu(ImportCredentialContext *c) { +static int import_credentials_qemu(ImportCredentialsContext *c) { _cleanup_free_ DirectoryEntries *de = NULL; _cleanup_close_ int source_dir_fd = -EBADF; int r; @@ -404,8 +404,8 @@ static int import_credentials_qemu(ImportCredentialContext *c) { return 0; } - for (size_t i = 0; i < de->n_entries; i++) { - const struct dirent *d = de->entries[i]; + FOREACH_ARRAY(i, de->entries, de->n_entries) { + const struct dirent *d = *i; _cleanup_close_ int vfd = -EBADF, rfd = -EBADF, nfd = -EBADF; _cleanup_free_ char *szs = NULL; uint64_t sz; @@ -471,7 +471,7 @@ static int import_credentials_qemu(ImportCredentialContext *c) { return 0; } -static int parse_smbios_strings(ImportCredentialContext *c, const char *data, size_t size) { +static int parse_smbios_strings(ImportCredentialsContext *c, const char *data, size_t size) { size_t left, skip; const char *p; int r; @@ -573,9 +573,11 @@ static int parse_smbios_strings(ImportCredentialContext *c, const char *data, si return 0; } -static int import_credentials_smbios(ImportCredentialContext *c) { +static int import_credentials_smbios(ImportCredentialsContext *c) { int r; + assert(c); + /* Parses DMI OEM strings fields (SMBIOS type 11), as settable with qemu's -smbios type=11,value=… switch. */ if (detect_container() > 0) /* don't access /sys/ in a container */ @@ -607,7 +609,7 @@ static int import_credentials_smbios(ImportCredentialContext *c) { return 0; } -static int import_credentials_initrd(ImportCredentialContext *c) { +static int import_credentials_initrd(ImportCredentialsContext *c) { _cleanup_free_ DirectoryEntries *de = NULL; _cleanup_close_ int source_dir_fd = -EBADF; int r; @@ -700,35 +702,33 @@ static int import_credentials_initrd(ImportCredentialContext *c) { } static int import_credentials_trusted(void) { - _cleanup_(import_credentials_context_free) ImportCredentialContext c = { + _cleanup_(import_credentials_context_done) ImportCredentialsContext c = { .target_dir_fd = -EBADF, }; - int q, w, r, y; + int r, ret = 0; /* This is invoked during early boot when no credentials have been imported so far. (Specifically, if * the $CREDENTIALS_DIRECTORY or $ENCRYPTED_CREDENTIALS_DIRECTORY environment variables are not set * yet.) */ - r = import_credentials_qemu(&c); - w = import_credentials_smbios(&c); - q = import_credentials_proc_cmdline(&c); - y = import_credentials_initrd(&c); + RET_GATHER(ret, import_credentials_qemu(&c)); + RET_GATHER(ret, import_credentials_smbios(&c)); + RET_GATHER(ret, import_credentials_proc_cmdline(&c)); + RET_GATHER(ret, import_credentials_initrd(&c)); if (c.n_credentials > 0) { - int z; - log_debug("Imported %u credentials from kernel command line/smbios/fw_cfg/initrd.", c.n_credentials); - z = finalize_credentials_dir(SYSTEM_CREDENTIALS_DIRECTORY, "CREDENTIALS_DIRECTORY"); - if (z < 0) - return z; + r = finalize_credentials_dir(SYSTEM_CREDENTIALS_DIRECTORY, "CREDENTIALS_DIRECTORY"); + if (r < 0) + return r; } - return r < 0 ? r : w < 0 ? w : q < 0 ? q : y; + return ret; } static int merge_credentials_trusted(const char *creds_dir) { - _cleanup_(import_credentials_context_free) ImportCredentialContext c = { + _cleanup_(import_credentials_context_done) ImportCredentialsContext c = { .target_dir_fd = -EBADF, }; int r;