@@ -895,97 +895,71 @@ int kbox_run_image(const struct kbox_image_args *args)
895895
896896 /* Mount the filesystem. */
897897 opts = join_mount_opts (args , opts_buf , sizeof (opts_buf ));
898- if (!opts ) {
899- if (args -> net )
900- kbox_net_cleanup ();
901- return -1 ;
902- }
898+ if (!opts )
899+ goto err_post_boot ;
903900 ret = lkl_mount_dev ((unsigned ) disk_id , args -> part , fs_type , 0 ,
904901 opts [0 ] ? opts : NULL , mount_buf , sizeof (mount_buf ));
905902 if (ret < 0 ) {
906903 fprintf (stderr , "lkl_mount_dev: %s (%ld)\n" , kbox_err_text (ret ), ret );
907- if (args -> net )
908- kbox_net_cleanup ();
909- return -1 ;
904+ goto err_post_boot ;
910905 }
911906
912907 /* Detect syscall ABI. */
913908 sysnrs = detect_sysnrs ();
914909 if (!sysnrs ) {
915910 fprintf (stderr , "detect_sysnrs failed\n" );
916- if (args -> net )
917- kbox_net_cleanup ();
918- return -1 ;
911+ goto err_post_boot ;
919912 }
920913
921914 /* Chroot into mountpoint. */
922915 ret = kbox_lkl_chroot (sysnrs , mount_buf );
923916 if (ret < 0 ) {
924917 fprintf (stderr , "chroot(%s): %s\n" , mount_buf , kbox_err_text (ret ));
925- if (args -> net )
926- kbox_net_cleanup ();
927- return -1 ;
918+ goto err_post_boot ;
928919 }
929920
930921 /* Recommended mounts. */
931922 if (args -> recommended || args -> system_root ) {
932- if (kbox_apply_recommended_mounts (sysnrs , args -> mount_profile ) < 0 ) {
933- if (args -> net )
934- kbox_net_cleanup ();
935- return -1 ;
936- }
923+ if (kbox_apply_recommended_mounts (sysnrs , args -> mount_profile ) < 0 )
924+ goto err_post_boot ;
937925 }
938926
939927 /* Bind mounts. */
940928 if (bind_count > 0 ) {
941- if (kbox_apply_bind_mounts (sysnrs , bind_specs , bind_count ) < 0 ) {
942- if (args -> net )
943- kbox_net_cleanup ();
944- return -1 ;
945- }
929+ if (kbox_apply_bind_mounts (sysnrs , bind_specs , bind_count ) < 0 )
930+ goto err_post_boot ;
946931 }
947932
948933 /* Working directory. */
949934 ret = kbox_lkl_chdir (sysnrs , work_dir );
950935 if (ret < 0 ) {
951936 fprintf (stderr , "chdir(%s): %s\n" , work_dir , kbox_err_text (ret ));
952- if (args -> net )
953- kbox_net_cleanup ();
954- return -1 ;
937+ goto err_post_boot ;
955938 }
956939
957940 /* Identity. */
958941 if (args -> change_id ) {
959942 if (kbox_parse_change_id (args -> change_id , & override_uid ,
960- & override_gid ) < 0 ) {
961- if (args -> net )
962- kbox_net_cleanup ();
963- return -1 ;
964- }
943+ & override_gid ) < 0 )
944+ goto err_post_boot ;
965945 }
966946
967947 {
968948 int root_id = args -> root_id || args -> system_root ;
969949 if (kbox_apply_guest_identity (sysnrs , root_id , override_uid ,
970- override_gid ) < 0 ) {
971- if (args -> net )
972- kbox_net_cleanup ();
973- return -1 ;
974- }
950+ override_gid ) < 0 )
951+ goto err_post_boot ;
975952 }
976953
977954 /* Probe host features. Rewrite mode skips seccomp-specific probes. */
978- if (kbox_probe_host_features (probe_mode ) < 0 ) {
979- if (args -> net )
980- kbox_net_cleanup ();
981- return -1 ;
982- }
955+ if (kbox_probe_host_features (probe_mode ) < 0 )
956+ goto err_post_boot ;
983957
984958 /* Networking: configure interface (optional). */
985959 if (args -> net ) {
986960 if (kbox_net_configure (sysnrs ) < 0 ) {
987961 kbox_net_cleanup ();
988- return -1 ;
962+ goto err_post_boot ;
989963 }
990964 }
991965
@@ -1558,6 +1532,7 @@ int kbox_run_image(const struct kbox_image_args *args)
15581532 close (exec_memfd );
15591533
15601534 err_net :
1535+ kbox_halt_kernel ();
15611536#ifdef KBOX_HAS_WEB
15621537 if (web_ctx )
15631538 kbox_web_shutdown (web_ctx );
@@ -1566,4 +1541,10 @@ int kbox_run_image(const struct kbox_image_args *args)
15661541 kbox_net_cleanup ();
15671542 return rc ;
15681543 }
1544+
1545+ err_post_boot :
1546+ kbox_halt_kernel ();
1547+ if (args -> net )
1548+ kbox_net_cleanup ();
1549+ return -1 ;
15691550}
0 commit comments