minijail0: convert to linux style

Used indent(1) with --linux-style, then manual cleanup.

BUG=None
TEST=None

Checkpatch: ok
Change-Id: I52dbd329215680e9d42ce4f11df110cf2f341e90
Signed-off-by: Elly Jones <ellyjones@chromium.org>
Reviewed-on: http://gerrit.chromium.org/gerrit/8732
Reviewed-by: Kees Cook <keescook@chromium.org>

1 files changed, 91 insertions, 79 deletions

diff --git a/libminijailpreload.c b/libminijailpreload.c
index fb74e93..9b7d338 100644
--- a/libminijailpreload.c
+++ b/libminijailpreload.c
@@ -6,7 +6,8 @@
  * This library is preloaded into every program launched by minijail_run().
  * DO NOT EXPORT ANY SYMBOLS FROM THIS LIBRARY. They will replace other symbols
  * in the programs it is preloaded into and cause impossible-to-debug failures.
- * See the minijail0.1 for a design explanation. */
+ * See the minijail0.1 for a design explanation.
+ */
 
 #include "libminijail.h"
 #include "libminijail-private.h"
@@ -19,19 +20,21 @@
 #include <syslog.h>
 #include <unistd.h>
 
-static int (*real_main)(int, char **, char **) = NULL;
-static void *libc_handle = NULL;
+static int (*real_main) (int, char **, char **);
+static void *libc_handle;
 
-static void die(const char *failed) {
-  syslog(LOG_ERR, "libminijail: %s", failed);
-  abort();
+static void die(const char *failed)
+{
+	syslog(LOG_ERR, "libminijail: %s", failed);
+	abort();
 }
 
-static void unset_in_env(char **envp, const char *name) {
-  int i;
-  for (i = 0; envp[i]; i++)
-    if (!strncmp(envp[i], name, strlen(name)))
-      envp[i][0] = '\0';
+static void unset_in_env(char **envp, const char *name)
+{
+	int i;
+	for (i = 0; envp[i]; i++)
+		if (!strncmp(envp[i], name, strlen(name)))
+			envp[i][0] = '\0';
 }
 
 /** @brief Fake main(), spliced in before the real call to main() by
@@ -41,46 +44,49 @@ static void unset_in_env(char **envp, const char *name) {
  *  of key=value pairs (see move_commands_to_env); we use them to construct a
  *  jail, then enter it.
  */
-static int fake_main(int argc, char **argv, char **envp) {
-  char *fd_name = getenv(kFdEnvVar);
-  int fd = -1;
-  struct minijail *j;
-  if (geteuid() != getuid() || getegid() != getgid())
-    /* If we didn't do this check, an attacker could set kFdEnvVar for
-     * any setuid program that uses libminijail to cause it to get capabilities
-     * or a uid it did not expect. */
-    /* TODO(wad) why would libminijail interact here? */
-    return MINIJAIL_ERR_PRELOAD;
-  if (!fd_name)
-    return MINIJAIL_ERR_PRELOAD;
-  fd = atoi(fd_name);
-  if (fd < 0)
-    return MINIJAIL_ERR_PRELOAD;
+static int fake_main(int argc, char **argv, char **envp)
+{
+	char *fd_name = getenv(kFdEnvVar);
+	int fd = -1;
+	struct minijail *j;
+	if (geteuid() != getuid() || getegid() != getgid())
+		/* If we didn't do this check, an attacker could set kFdEnvVar
+		 * for any setuid program that uses libminijail to cause it to
+		 * get capabilities or a uid it did not expect.
+		 */
+		/* TODO(wad) why would libminijail interact here? */
+		return MINIJAIL_ERR_PRELOAD;
+	if (!fd_name)
+		return MINIJAIL_ERR_PRELOAD;
+	fd = atoi(fd_name);
+	if (fd < 0)
+		return MINIJAIL_ERR_PRELOAD;
 
-  j = minijail_new();
-  if (!j)
-    die("preload: out of memory");
-  if (minijail_from_fd(fd, j))
-    die("preload: failed to parse minijail from parent");
-  close(fd);
+	j = minijail_new();
+	if (!j)
+		die("preload: out of memory");
+	if (minijail_from_fd(fd, j))
+		die("preload: failed to parse minijail from parent");
+	close(fd);
 
-  /* TODO(ellyjones): this trashes existing preloads, so one can't do:
-   * LD_PRELOAD="/tmp/test.so libminijailpreload.so" prog; the descendants of
-   * prog will have no LD_PRELOAD set at all. */
-  unset_in_env(envp, kLdPreloadEnvVar);
-  /* Strip out flags meant for the parent. */
-  minijail_preenter(j);
-  minijail_enter(j);
-  minijail_destroy(j);
-  dlclose(libc_handle);
-  return real_main(argc, argv, envp);
+	/* TODO(ellyjones): this trashes existing preloads, so one can't do:
+	 * LD_PRELOAD="/tmp/test.so libminijailpreload.so" prog; the
+	 * descendants of prog will have no LD_PRELOAD set at all.
+	 */
+	unset_in_env(envp, kLdPreloadEnvVar);
+	/* Strip out flags meant for the parent. */
+	minijail_preenter(j);
+	minijail_enter(j);
+	minijail_destroy(j);
+	dlclose(libc_handle);
+	return real_main(argc, argv, envp);
 }
 
 /** @brief LD_PRELOAD override of __libc_start_main.
  *
- *  It is really best if you do not look too closely at this function.
- *  We need to ensure that some of our code runs before the target program (see
- *  the minijail0.1 file in this directory for high-level details about this), and
+ *  It is really best if you do not look too closely at this function.  We need
+ *  to ensure that some of our code runs before the target program (see the
+ *  minijail0.1 file in this directory for high-level details about this), and
  *  the only available place to hook is this function, which is normally
  *  responsible for calling main(). Our LD_PRELOAD will overwrite the real
  *  __libc_start_main with this one, so we have to look up the real one from
@@ -91,41 +97,47 @@ static int fake_main(int argc, char **argv, char **envp) {
  */
 
 int __libc_start_main(int (*main) (int, char **, char **),
-                      int argc, char ** ubp_av, void (*init) (void),
-                      void (*fini) (void), void (*rtld_fini) (void),
-                      void (* stack_end)) {
-  void *sym;
-  /* This hack is unfortunately required by C99 - casting directly from void* to
-   * function pointers is left undefined. See POSIX.1-2003, the Rationale for
-   * the specification of dlsym(), and dlsym(3). This deliberately violates
-   * strict-aliasing rules, but gcc can't tell. */
-  union {
-    int (*fn)(int (*main) (int, char **, char **), int argc,
-                     char **ubp_av, void (*init) (void), void (*fini) (void),
-                     void (*rtld_fini) (void), void (* stack_end));
-    void *symval;
-  } real_libc_start_main;
+		      int argc, char **ubp_av, void (*init) (void),
+		      void (*fini) (void), void (*rtld_fini) (void),
+		      void (*stack_end))
+{
+	void *sym;
+	/* This hack is unfortunately required by C99 - casting directly from
+	 * void* to function pointers is left undefined. See POSIX.1-2003, the
+	 * Rationale for the specification of dlsym(), and dlsym(3). This
+	 * deliberately violates strict-aliasing rules, but gcc can't tell.
+	 */
+	union {
+		int (*fn) (int (*main) (int, char **, char **), int argc,
+			   char **ubp_av, void (*init) (void),
+			   void (*fini) (void), void (*rtld_fini) (void),
+			   void (*stack_end));
+		void *symval;
+	} real_libc_start_main;
 
-  /* We hold this handle for the duration of the real __libc_start_main() and
-   * drop it just before calling the real main(). */
-  libc_handle = dlopen("libc.so.6", RTLD_NOW);
+	/* We hold this handle for the duration of the real __libc_start_main()
+	 * and drop it just before calling the real main().
+	 */
+	libc_handle = dlopen("libc.so.6", RTLD_NOW);
 
-  if (!libc_handle) {
-    syslog(LOG_ERR, "can't dlopen() libc");
-    /* We dare not use abort() here because it will run atexit() handlers and
-     * try to flush stdio. */
-    _exit(1);
-  }
-  sym = dlsym(libc_handle, "__libc_start_main");
-  if (!sym) {
-    syslog(LOG_ERR, "can't find the real __libc_start_main()");
-    _exit(1);
-  }
-  real_libc_start_main.symval = sym;
-  real_main = main;
+	if (!libc_handle) {
+		syslog(LOG_ERR, "can't dlopen() libc");
+		/* We dare not use abort() here because it will run atexit()
+		 * handlers and try to flush stdio.
+		 */
+		_exit(1);
+	}
+	sym = dlsym(libc_handle, "__libc_start_main");
+	if (!sym) {
+		syslog(LOG_ERR, "can't find the real __libc_start_main()");
+		_exit(1);
+	}
+	real_libc_start_main.symval = sym;
+	real_main = main;
 
-  /* Note that we swap fake_main in for main - fake_main knows that it should
-   * call real_main after it's done. */
-  return real_libc_start_main.fn(fake_main, argc, ubp_av, init, fini, rtld_fini,
-                                 stack_end);
+	/* Note that we swap fake_main in for main - fake_main knows that it
+	 * should call real_main after it's done.
+	 */
+	return real_libc_start_main.fn(fake_main, argc, ubp_av, init, fini,
+				       rtld_fini, stack_end);
 }