From 2259663ca03d516dc4b2e71734a937075f1860ce Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Fri, 24 Aug 2018 12:25:28 +0200 Subject: [PATCH 01/27] build: fix musl Signed-off-by: Christian Brauner --- src/lxc/macro.h | 1 + src/lxc/parse.c | 5 ++--- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/lxc/macro.h b/src/lxc/macro.h index ba2c242c5..d6e871272 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -27,6 +27,7 @@ #include #include #include +#include #include #include diff --git a/src/lxc/parse.c b/src/lxc/parse.c index d1d7cf8e1..3ae96f307 100644 --- a/src/lxc/parse.c +++ b/src/lxc/parse.c @@ -21,9 +21,9 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ -#define _GNU_SOURCE +#include "config.h" + #include -#undef _GNU_SOURCE #include #include #include @@ -31,7 +31,6 @@ #include #include "parse.h" -#include "config.h" #include "utils.h" #include "log.h" From 8bc781b4195e30e4b860d7b27ef67e5b34ccfe50 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Fri, 24 Aug 2018 12:44:21 +0200 Subject: [PATCH 02/27] configure: reorder header checks Signed-off-by: Christian Brauner --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 0139a746b..54964fb40 100644 --- a/configure.ac +++ b/configure.ac @@ -611,7 +611,7 @@ AC_CHECK_DECLS([PR_SET_NO_NEW_PRIVS], [], [], [#include ]) AC_CHECK_DECLS([PR_GET_NO_NEW_PRIVS], [], [], [#include ]) # Check for some headers -AC_CHECK_HEADERS([sys/signalfd.h pty.h sys/memfd.h sys/personality.h utmpx.h sys/timerfd.h sys/resource.h]) +AC_CHECK_HEADERS([pty.h sys/memfd.h sys/personality.h sys/resource.h sys/signalfd.h sys/timerfd.h utmpx.h]) AC_CHECK_HEADER([ifaddrs.h], AM_CONDITIONAL(HAVE_IFADDRS_H, true) From d7f19646dfacc7bc7a9cb7af1a44033f6d7de84f Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Fri, 24 Aug 2018 16:07:07 +0200 Subject: [PATCH 03/27] compiler: add compiler.h header Signed-off-by: Christian Brauner --- src/lxc/Makefile.am | 2 ++ src/lxc/compiler.h | 35 +++++++++++++++++++++++++++++++++++ src/lxc/conf.c | 2 +- src/lxc/conf.h | 3 ++- src/lxc/initutils.c | 5 +++-- 5 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 src/lxc/compiler.h diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am index 0322a0d65..266b2a36a 100644 --- a/src/lxc/Makefile.am +++ b/src/lxc/Makefile.am @@ -6,6 +6,7 @@ noinst_HEADERS = attach.h \ caps.h \ cgroups/cgroup.h \ cgroups/cgroup_utils.h \ + compiler.h \ conf.h \ confile.h \ confile_utils.h \ @@ -86,6 +87,7 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \ cgroups/cgfsng.c \ cgroups/cgroup.c cgroups/cgroup.h \ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \ + compiler.h \ commands.c commands.h \ commands_utils.c commands_utils.h \ conf.c conf.h \ diff --git a/src/lxc/compiler.h b/src/lxc/compiler.h new file mode 100644 index 000000000..cda44c987 --- /dev/null +++ b/src/lxc/compiler.h @@ -0,0 +1,35 @@ +/* liblxcapi + * + * Copyright © 2018 Christian Brauner . + * Copyright © 2018 Canonical Ltd. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef __LXC_COMPILER_H +#define __LXC_COMPILER_H + +#include "config.h" + +#ifndef thread_local +#if __STDC_VERSION__ >= 201112L && \ + !(defined(__STDC_NO_THREADS__) || \ + (defined(__GNU_LIBRARY__) && __GLIBC__ == 2 && __GLIBC_MINOR__ < 16)) +#define thread_local _Thread_local +#else +#define thread_local __thread +#endif +#endif + +#endif /* __LXC_COMPILER_H */ diff --git a/src/lxc/conf.c b/src/lxc/conf.c index dfca5923a..306633120 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -125,7 +125,7 @@ lxc_log_define(conf, lxc); * This is used in the error calls. */ #ifdef HAVE_TLS -__thread struct lxc_conf *current_config; +thread_local struct lxc_conf *current_config; #else struct lxc_conf *current_config; #endif diff --git a/src/lxc/conf.h b/src/lxc/conf.h index 070dd2292..eddf97a1a 100644 --- a/src/lxc/conf.h +++ b/src/lxc/conf.h @@ -38,6 +38,7 @@ #include #endif +#include "compiler.h" #include "list.h" #include "ringbuf.h" #include "start.h" /* for lxc_handler */ @@ -395,7 +396,7 @@ extern int write_id_mapping(enum idtype idtype, pid_t pid, const char *buf, size_t buf_size); #ifdef HAVE_TLS -extern __thread struct lxc_conf *current_config; +extern thread_local struct lxc_conf *current_config; #else extern struct lxc_conf *current_config; #endif diff --git a/src/lxc/initutils.c b/src/lxc/initutils.c index c582b2d00..467d3f0bc 100644 --- a/src/lxc/initutils.c +++ b/src/lxc/initutils.c @@ -28,6 +28,7 @@ #include "initutils.h" #include "log.h" #include "macro.h" +#include "compiler.h" #ifndef HAVE_STRLCPY #include "include/strlcpy.h" @@ -72,9 +73,9 @@ const char *lxc_global_config_value(const char *option_name) /* placed in the thread local storage pool for non-bionic targets */ #ifdef HAVE_TLS - static __thread const char *values[sizeof(options) / sizeof(options[0])] = { 0 }; + static thread_local const char *values[sizeof(options) / sizeof(options[0])] = {0}; #else - static const char *values[sizeof(options) / sizeof(options[0])] = { 0 }; + static const char *values[sizeof(options) / sizeof(options[0])] = {0}; #endif /* user_config_path is freed as soon as it is used */ From b1234129fba58edb85d85dd92c66a4b17c6c4bd8 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 07:24:37 +0200 Subject: [PATCH 04/27] macro: add LXC_AUDS_ADDR_LEN Signed-off-by: Christian Brauner --- src/lxc/commands.c | 2 +- src/lxc/commands_utils.c | 2 +- src/lxc/macro.h | 4 ++++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/lxc/commands.c b/src/lxc/commands.c index 30d6b6047..0eeb1b5be 100644 --- a/src/lxc/commands.c +++ b/src/lxc/commands.c @@ -1234,7 +1234,7 @@ out_close: int lxc_cmd_init(const char *name, const char *lxcpath, const char *suffix) { int fd, len, ret; - char path[sizeof(((struct sockaddr_un *)0)->sun_path)] = {0}; + char path[LXC_AUDS_ADDR_LEN] = {0}; char *offset = &path[1]; /* -2 here because this is an abstract unix socket so it needs a diff --git a/src/lxc/commands_utils.c b/src/lxc/commands_utils.c index 854d90ce5..c6544631d 100644 --- a/src/lxc/commands_utils.c +++ b/src/lxc/commands_utils.c @@ -162,7 +162,7 @@ int lxc_cmd_connect(const char *name, const char *lxcpath, const char *hashed_sock_name, const char *suffix) { int ret, client_fd; - char path[sizeof(((struct sockaddr_un *)0)->sun_path)] = {0}; + char path[LXC_AUDS_ADDR_LEN] = {0}; char *offset = &path[1]; /* -2 here because this is an abstract unix socket so it needs a diff --git a/src/lxc/macro.h b/src/lxc/macro.h index d6e871272..aa1d5478c 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -30,6 +30,7 @@ #include #include #include +#include /* Define __S_ISTYPE if missing from the C library. */ #ifndef __S_ISTYPE @@ -238,6 +239,9 @@ extern int __build_bug_on_failed; #define MACVLAN_MODE_PASSTHRU 8 #endif +/* Length of abstract unix domain socket socket address. */ +#define LXC_AUDS_ADDR_LEN sizeof(((struct sockaddr_un *)0)->sun_path) + /* mount */ #ifndef MS_REC #define MS_REC 16384 From 9b8d4c58d460efeae3773210db1a463635d5a3be Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 11:30:39 +0200 Subject: [PATCH 05/27] macro: move LXC_CMD_DATA_MAX from commands.h Signed-off-by: Christian Brauner --- src/lxc/commands.h | 8 +++----- src/lxc/macro.h | 1 + 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/src/lxc/commands.h b/src/lxc/commands.h index 816cd7483..24c0a22d8 100644 --- a/src/lxc/commands.h +++ b/src/lxc/commands.h @@ -25,17 +25,15 @@ #define __LXC_COMMANDS_H #include -#include #include +#include -#include "state.h" #include "lxccontainer.h" - -#define LXC_CMD_DATA_MAX (MAXPATHLEN * 2) - /* https://developer.gnome.org/glib/2.28/glib-Type-Conversion-Macros.html */ #define INT_TO_PTR(n) ((void *)(long)(n)) #define PTR_TO_INT(p) ((int)(long)(p)) +#include "macro.h" +#include "state.h" typedef enum { LXC_CMD_CONSOLE, diff --git a/src/lxc/macro.h b/src/lxc/macro.h index aa1d5478c..6bdda6e3e 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -122,6 +122,7 @@ #define LXC_PROC_PID_FD_LEN (6 + LXC_NUMSTRLEN64 + 4 + LXC_NUMSTRLEN64 + 1) /* /proc/pid-to-str/status\0 = (5 + 21 + 7 + 1) */ #define LXC_PROC_STATUS_LEN (5 + (LXC_NUMSTRLEN64) + 7 + 1) +#define LXC_CMD_DATA_MAX (MAXPATHLEN * 2) /* loop devices */ #ifndef LO_FLAGS_AUTOCLEAR From 245532a2adc8eedd48c05d513b74fa9a7102b3f7 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 11:31:36 +0200 Subject: [PATCH 06/27] macro: add PTR_TO_INT() and INT_TO_PTR() Signed-off-by: Christian Brauner --- src/lxc/commands.h | 3 --- src/lxc/macro.h | 5 +++++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/src/lxc/commands.h b/src/lxc/commands.h index 24c0a22d8..2c024b65d 100644 --- a/src/lxc/commands.h +++ b/src/lxc/commands.h @@ -29,9 +29,6 @@ #include #include "lxccontainer.h" -/* https://developer.gnome.org/glib/2.28/glib-Type-Conversion-Macros.html */ -#define INT_TO_PTR(n) ((void *)(long)(n)) -#define PTR_TO_INT(p) ((int)(long)(p)) #include "macro.h" #include "state.h" diff --git a/src/lxc/macro.h b/src/lxc/macro.h index 6bdda6e3e..17cf0eb19 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -266,4 +267,8 @@ extern int __build_bug_on_failed; #define SOCK_CLOEXEC 02000000 #endif +/* pointer conversion macros */ +#define PTR_TO_INT(p) ((int)((intptr_t)(p))) +#define INT_TO_PTR(u) ((void *)((intptr_t)(u))) + #endif /* __LXC_MACRO_H */ From f246d9b89f4e5c6d1ec18f704b95ddd40584b108 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 11:56:10 +0200 Subject: [PATCH 07/27] macro: add INTTYPE_TO_STRLEN() Signed-off-by: Christian Brauner --- src/lxc/macro.h | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/src/lxc/macro.h b/src/lxc/macro.h index 17cf0eb19..8e7ef12c6 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -104,9 +104,24 @@ #define OVERLAY_SUPER_MAGIC 0x794c7630 #endif +/* Calculate the number of chars needed to represent a given integer as a C + * string. Include room for '-' to indicate negative numbers and the \0 byte. + * This is based on systemd. + */ +#define INTTYPE_TO_STRLEN(type) \ + (2 + (sizeof(type) <= 1 \ + ? 3 \ + : sizeof(type) <= 2 \ + ? 5 \ + : sizeof(type) <= 4 \ + ? 10 \ + : sizeof(type) <= 8 \ + ? 20 \ + : sizeof(int[-2 * (sizeof(type) > 8)]))) + /* Useful macros */ /* Maximum number for 64 bit integer is a string with 21 digits: 2^64 - 1 = 21 */ -#define LXC_NUMSTRLEN64 21 +#define LXC_NUMSTRLEN64 INTTYPE_TO_STRLEN(int64_t) #define LXC_LINELEN 4096 #define LXC_IDMAPLEN 4096 #define LXC_MAX_BUFFER 4096 From 69623bfc3d0f0bee5097cc044c0a818b97141d27 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:04:17 +0200 Subject: [PATCH 08/27] caps: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/caps.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lxc/caps.c b/src/lxc/caps.c index acc5788ae..1c8c03bd6 100644 --- a/src/lxc/caps.c +++ b/src/lxc/caps.c @@ -321,10 +321,10 @@ static long int _real_caps_last_cap(void) if (fd >= 0) { ssize_t n; char *ptr; - char buf[LXC_NUMSTRLEN64 + 1]; + char buf[INTTYPE_TO_STRLEN(int)]; again: - n = read(fd, buf, LXC_NUMSTRLEN64); + n = read(fd, buf, INTTYPE_TO_STRLEN(int)); if (n < 0 && errno == EINTR) { goto again; } else if (n >= 0) { From c19ad94b0af04a7c0533a626791fbc505a110154 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:04:56 +0200 Subject: [PATCH 09/27] cgfsng: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/cgroups/cgfsng.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c index e7a242910..82eb46a3b 100644 --- a/src/lxc/cgroups/cgfsng.c +++ b/src/lxc/cgroups/cgfsng.c @@ -55,6 +55,7 @@ #include "commands.h" #include "conf.h" #include "log.h" +#include "macro.h" #include "storage/storage.h" #include "utils.h" @@ -314,14 +315,14 @@ static char *lxc_cpumask_to_cpulist(uint32_t *bitarr, size_t nbits) int ret; size_t i; char **cpulist = NULL; - char numstr[LXC_NUMSTRLEN64] = {0}; + char numstr[INTTYPE_TO_STRLEN(size_t)] = {0}; for (i = 0; i <= nbits; i++) { if (!is_set(i, bitarr)) continue; - ret = snprintf(numstr, LXC_NUMSTRLEN64, "%zu", i); - if (ret < 0 || (size_t)ret >= LXC_NUMSTRLEN64) { + ret = snprintf(numstr, INTTYPE_TO_STRLEN(size_t), "%zu", i); + if (ret < 0 || (size_t)ret >= INTTYPE_TO_STRLEN(size_t)) { lxc_free_array((void **)cpulist, free); return NULL; } From c77aee6475026e8e404cc395b57a234a116652d6 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:09:41 +0200 Subject: [PATCH 10/27] confile: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/confile.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/src/lxc/confile.c b/src/lxc/confile.c index b94703084..349631325 100644 --- a/src/lxc/confile.c +++ b/src/lxc/confile.c @@ -3236,19 +3236,19 @@ static int get_config_idmaps(const char *key, char *retv, int inlen, * + * sizeof(" ") * + - * sizeof(uint64_t) + * sizeof(uint32_t) * + * sizeof(" ") * + - * sizeof(uint64_t) + * sizeof(uint32_t) * + * sizeof(" ") * + - * sizeof(uint64_t) + * sizeof(uint32_t) * + * \0 */ -#define __LXC_IDMAP_STR_BUF (3 * LXC_NUMSTRLEN64 + 3 + 1 + 1) +#define __LXC_IDMAP_STR_BUF (3 * INTTYPE_TO_STRLEN(uint32_t) + 3 + 1 + 1) char buf[__LXC_IDMAP_STR_BUF]; if (!retv) @@ -3257,8 +3257,7 @@ static int get_config_idmaps(const char *key, char *retv, int inlen, memset(retv, 0, inlen); listlen = lxc_list_len(&c->id_map); - lxc_list_for_each(it, &c->id_map) - { + lxc_list_for_each(it, &c->id_map) { struct id_map *map = it->elem; ret = snprintf(buf, __LXC_IDMAP_STR_BUF, "%c %lu %lu %lu", (map->idtype == ID_TYPE_UID) ? 'u' : 'g', @@ -3706,9 +3705,8 @@ static int get_config_prlimit(const char *key, char *retv, int inlen, return -1; lxc_list_for_each(it, &c->limits) { - char buf[LXC_NUMSTRLEN64 * 2 + 2]; /* 2 colon separated 64 bit - integers or the word - 'unlimited' */ + /* 2 colon separated 64 bit integers or the word 'unlimited' */ + char buf[INTTYPE_TO_STRLEN(uint64_t) * 2 + 2]; int partlen; struct lxc_limit *lim = it->elem; From 3a2c65f8778bfe93d410df35566a5b359a8b133d Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:11:42 +0200 Subject: [PATCH 11/27] log: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/log.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/lxc/log.c b/src/lxc/log.c index d944273b6..38f7c889c 100644 --- a/src/lxc/log.c +++ b/src/lxc/log.c @@ -53,7 +53,7 @@ * datatype is currently at maximum a 64bit integer, we have a date string that * is of maximum length (2^64 - 1) * 2 = (21 + 21) = 42. */ -#define LXC_LOG_TIME_SIZE ((LXC_NUMSTRLEN64)*2) +#define LXC_LOG_TIME_SIZE ((INTTYPE_TO_STRLEN(uint64_t)) * 2) int lxc_log_fd = -1; static int syslog_enable = 0; @@ -170,7 +170,7 @@ static int lxc_unix_epoch_to_utc(char *buf, size_t bufsize, const struct timespe { int64_t epoch_to_days, z, era, doe, yoe, year, doy, mp, day, month, d_in_s, hours, h_in_s, minutes, seconds; - char nanosec[LXC_NUMSTRLEN64]; + char nanosec[INTTYPE_TO_STRLEN(int64_t)]; int ret; /* See https://howardhinnant.github.io/date_algorithms.html for an @@ -247,8 +247,8 @@ static int lxc_unix_epoch_to_utc(char *buf, size_t bufsize, const struct timespe seconds = (time->tv_sec - d_in_s - h_in_s - (minutes * 60)); /* Make string from nanoseconds. */ - ret = snprintf(nanosec, LXC_NUMSTRLEN64, "%"PRId64, (int64_t)time->tv_nsec); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) + ret = snprintf(nanosec, INTTYPE_TO_STRLEN(int64_t), "%"PRId64, (int64_t)time->tv_nsec); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(int64_t)) return -1; /* Create final timestamp for the log and shorten nanoseconds to 3 From c6de4db4f658bfd6b516cbd344f08fa52efe8093 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:13:55 +0200 Subject: [PATCH 12/27] lsm: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/lsm/lsm.h | 3 +-- src/lxc/macro.h | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lxc/lsm/lsm.h b/src/lxc/lsm/lsm.h index 52e656d6f..dda740b3d 100644 --- a/src/lxc/lsm/lsm.h +++ b/src/lxc/lsm/lsm.h @@ -28,10 +28,9 @@ struct lxc_conf; #include +#include "macro.h" #include "utils.h" -#define LXC_LSMATTRLEN (5 + (LXC_NUMSTRLEN64) + 7 + 1) - struct lsm_drv { const char *name; diff --git a/src/lxc/macro.h b/src/lxc/macro.h index 8e7ef12c6..79bbdb751 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -139,6 +139,7 @@ /* /proc/pid-to-str/status\0 = (5 + 21 + 7 + 1) */ #define LXC_PROC_STATUS_LEN (5 + (LXC_NUMSTRLEN64) + 7 + 1) #define LXC_CMD_DATA_MAX (MAXPATHLEN * 2) +#define LXC_LSMATTRLEN (5 + (INTTYPE_TO_STRLEN(pid_t)) + 7 + 1) /* loop devices */ #ifndef LO_FLAGS_AUTOCLEAR From 2955a58ab426137544c5c6325e35f3ccb350fb07 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:15:15 +0200 Subject: [PATCH 13/27] macro: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/macro.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/lxc/macro.h b/src/lxc/macro.h index 79bbdb751..68bdfdcc9 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -32,6 +32,7 @@ #include #include #include +#include /* Define __S_ISTYPE if missing from the C library. */ #ifndef __S_ISTYPE @@ -135,9 +136,9 @@ * + * \0 = 1 */ -#define LXC_PROC_PID_FD_LEN (6 + LXC_NUMSTRLEN64 + 4 + LXC_NUMSTRLEN64 + 1) +#define LXC_PROC_PID_FD_LEN (6 + INTTYPE_TO_STRLEN(pid_t) + 4 + INTTYPE_TO_STRLEN(int) + 1) /* /proc/pid-to-str/status\0 = (5 + 21 + 7 + 1) */ -#define LXC_PROC_STATUS_LEN (5 + (LXC_NUMSTRLEN64) + 7 + 1) +#define LXC_PROC_STATUS_LEN (5 + (INTTYPE_TO_STRLEN(pid_t)) + 7 + 1) #define LXC_CMD_DATA_MAX (MAXPATHLEN * 2) #define LXC_LSMATTRLEN (5 + (INTTYPE_TO_STRLEN(pid_t)) + 7 + 1) From da07fe61fc389c7caeae37d9bfcfaab3ed91ea44 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:16:32 +0200 Subject: [PATCH 14/27] lxccontainer: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/lxccontainer.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c index 2c37caefd..002c4ec70 100644 --- a/src/lxc/lxccontainer.c +++ b/src/lxc/lxccontainer.c @@ -1037,10 +1037,10 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a */ if (c->pidfile) { int ret, w; - char pidstr[LXC_NUMSTRLEN64]; + char pidstr[INTTYPE_TO_STRLEN(int)]; - w = snprintf(pidstr, LXC_NUMSTRLEN64, "%d", (int)lxc_raw_getpid()); - if (w < 0 || (size_t)w >= LXC_NUMSTRLEN64) { + w = snprintf(pidstr, INTTYPE_TO_STRLEN(int), "%d", (int)lxc_raw_getpid()); + if (w < 0 || (size_t)w >= INTTYPE_TO_STRLEN(int)) { free_init_cmd(init_cmd); lxc_free_handler(handler); From 397a8d30a8497aeafc992f4c596e54ee19037e94 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:17:36 +0200 Subject: [PATCH 15/27] monitor: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/monitor.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c index 5aa8e6036..cdf15b659 100644 --- a/src/lxc/monitor.c +++ b/src/lxc/monitor.c @@ -46,6 +46,7 @@ #include "error.h" #include "log.h" #include "lxclock.h" +#include "macro.h" #include "monitor.h" #include "state.h" #include "utils.h" @@ -299,7 +300,7 @@ int lxc_monitord_spawn(const char *lxcpath) { int ret; int pipefd[2]; - char pipefd_str[LXC_NUMSTRLEN64]; + char pipefd_str[INTTYPE_TO_STRLEN(int)]; pid_t pid1, pid2; char *const args[] = { @@ -370,8 +371,8 @@ int lxc_monitord_spawn(const char *lxcpath) close(pipefd[0]); - ret = snprintf(pipefd_str, LXC_NUMSTRLEN64, "%d", pipefd[1]); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) { + ret = snprintf(pipefd_str, INTTYPE_TO_STRLEN(int), "%d", pipefd[1]); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(int)) { ERROR("Failed to create pid argument to pass to monitord."); _exit(EXIT_FAILURE); } From 8335fd40ef1012bec4bedfd42cda833b8174a436 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:20:12 +0200 Subject: [PATCH 16/27] network: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/network.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/lxc/network.c b/src/lxc/network.c index dd294cd91..56ca12b3b 100644 --- a/src/lxc/network.c +++ b/src/lxc/network.c @@ -49,6 +49,7 @@ #include "conf.h" #include "config.h" #include "log.h" +#include "macro.h" #include "network.h" #include "nl.h" #include "utils.h" @@ -2102,7 +2103,7 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna if (child == 0) { int ret; size_t retlen; - char pidstr[LXC_NUMSTRLEN64]; + char pidstr[INTTYPE_TO_STRLEN(pid_t)]; close(pipefd[0]); @@ -2124,10 +2125,10 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna _exit(EXIT_FAILURE); } - ret = snprintf(pidstr, LXC_NUMSTRLEN64, "%d", pid); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) + ret = snprintf(pidstr, sizeof(pidstr), "%d", pid); + if (ret < 0 || ret >= sizeof(pidstr)) _exit(EXIT_FAILURE); - pidstr[LXC_NUMSTRLEN64 - 1] = '\0'; + pidstr[sizeof(pidstr) - 1] = '\0'; INFO("Execing lxc-user-nic create %s %s %s veth %s %s", lxcpath, lxcname, pidstr, netdev_link, @@ -2329,15 +2330,15 @@ bool lxc_delete_network_unpriv(struct lxc_handler *handler) struct lxc_list *network = &handler->conf->network; /* strlen("/proc/") = 6 * + - * LXC_NUMSTRLEN64 + * INTTYPE_TO_STRLEN(pid_t) * + * strlen("/fd/") = 4 * + - * LXC_NUMSTRLEN64 + * INTTYPE_TO_STRLEN(int) * + * \0 */ - char netns_path[6 + LXC_NUMSTRLEN64 + 4 + LXC_NUMSTRLEN64 + 1]; + char netns_path[6 + INTTYPE_TO_STRLEN(pid_t) + 4 + INTTYPE_TO_STRLEN(int) + 1]; *netns_path = '\0'; From f1eacafbc83aade26bd79b82fc93fe9448051f92 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:22:53 +0200 Subject: [PATCH 17/27] string_utils: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/string_utils.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/lxc/string_utils.c b/src/lxc/string_utils.c index 74cea3c70..0a1e3e3bf 100644 --- a/src/lxc/string_utils.c +++ b/src/lxc/string_utils.c @@ -43,6 +43,7 @@ #include "log.h" #include "lxclock.h" +#include "macro.h" #include "namespace.h" #include "parse.h" #include "string_utils.h" @@ -860,7 +861,7 @@ int parse_byte_size_string(const char *s, int64_t *converted) long long int conv; int64_t mltpl, overflow; char *end; - char dup[LXC_NUMSTRLEN64 + 2]; + char dup[INTTYPE_TO_STRLEN(int64_t)]; char suffix[3] = {0}; if (!s || !strcmp(s, "")) From 40464e8ac60e151633aa605188278b21cd88c0c5 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:25:27 +0200 Subject: [PATCH 18/27] utils: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/utils.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/lxc/utils.c b/src/lxc/utils.c index 58dd223a9..1f0ba8971 100644 --- a/src/lxc/utils.c +++ b/src/lxc/utils.c @@ -1157,7 +1157,7 @@ int lxc_mount_proc_if_needed(const char *rootfs) { char path[MAXPATHLEN]; int link_to_pid, linklen, mypid, ret; - char link[LXC_NUMSTRLEN64] = {0}; + char link[INTTYPE_TO_STRLEN(pid_t)] = {0}; ret = snprintf(path, MAXPATHLEN, "%s/proc/self", rootfs); if (ret < 0 || ret >= MAXPATHLEN) { @@ -1165,7 +1165,7 @@ int lxc_mount_proc_if_needed(const char *rootfs) return -1; } - linklen = readlink(path, link, LXC_NUMSTRLEN64); + linklen = readlink(path, link, INTTYPE_TO_STRLEN(pid_t)); ret = snprintf(path, MAXPATHLEN, "%s/proc", rootfs); if (ret < 0 || ret >= MAXPATHLEN) { @@ -1179,7 +1179,7 @@ int lxc_mount_proc_if_needed(const char *rootfs) return -1; goto domount; - } else if (linklen >= LXC_NUMSTRLEN64) { + } else if (linklen >= INTTYPE_TO_STRLEN(pid_t)) { link[linklen - 1] = '\0'; ERROR("readlink returned truncated content: \"%s\"", link); return -1; @@ -1260,7 +1260,7 @@ int null_stdfds(void) /* Check whether a signal is blocked by a process. */ /* /proc/pid-to-str/status\0 = (5 + 21 + 7 + 1) */ -#define __PROC_STATUS_LEN (6 + (LXC_NUMSTRLEN64) + 7 + 1) +#define __PROC_STATUS_LEN (6 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1) bool task_blocks_signal(pid_t pid, int signal) { int ret; From 9d6ade4ace278fa7c4ae59342237debe1a6f9c45 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:27:10 +0200 Subject: [PATCH 19/27] tools: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/Makefile.am | 1 + src/lxc/tools/lxc_monitor.c | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am index 266b2a36a..9499d5121 100644 --- a/src/lxc/Makefile.am +++ b/src/lxc/Makefile.am @@ -302,6 +302,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \ lxc_info_SOURCES = tools/lxc_info.c \ tools/arguments.c tools/arguments.h lxc_monitor_SOURCES = tools/lxc_monitor.c \ + macro.h \ tools/arguments.c tools/arguments.h lxc_ls_SOURCES = tools/lxc_ls.c \ tools/arguments.c tools/arguments.h diff --git a/src/lxc/tools/lxc_monitor.c b/src/lxc/tools/lxc_monitor.c index df4d00f42..5e296082e 100644 --- a/src/lxc/tools/lxc_monitor.c +++ b/src/lxc/tools/lxc_monitor.c @@ -47,6 +47,7 @@ #include "af_unix.h" #include "arguments.h" #include "log.h" +#include "macro.h" #include "monitor.h" #include "state.h" #include "utils.h" @@ -156,7 +157,7 @@ static int lxc_tool_monitord_spawn(const char *lxcpath) { int ret; int pipefd[2]; - char pipefd_str[LXC_NUMSTRLEN64]; + char pipefd_str[INTTYPE_TO_STRLEN(int)]; pid_t pid1, pid2; char *const args[] = { @@ -223,8 +224,8 @@ static int lxc_tool_monitord_spawn(const char *lxcpath) close(pipefd[0]); - ret = snprintf(pipefd_str, LXC_NUMSTRLEN64, "%d", pipefd[1]); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) { + ret = snprintf(pipefd_str, INTTYPE_TO_STRLEN(int), "%d", pipefd[1]); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(int)) { ERROR("Failed to create pid argument to pass to monitord"); _exit(EXIT_FAILURE); } From d33968ade38d33826d08a701d686e9a825f8fadf Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:28:32 +0200 Subject: [PATCH 20/27] conf: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/lxc/conf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 306633120..ba4ac502a 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -2952,7 +2952,7 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) * + * strlen(" ") = 1 * + - * LXC_NUMSTRLEN64 + * INTTYPE_TO_STRLEN(uint32_t) * + * strlen(" ") = 1 * @@ -2960,7 +2960,7 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) * LXC_IDMAPLEN bytes available for our the {g,u]id mapping. */ int ret = 0, gidmap = 0, uidmap = 0; - char mapbuf[9 + 1 + LXC_NUMSTRLEN64 + 1 + LXC_IDMAPLEN] = {0}; + char mapbuf[9 + 1 + INTTYPE_TO_STRLEN(uint32_t) + 1 + LXC_IDMAPLEN] = {0}; bool had_entry = false, use_shadow = false; int hostuid, hostgid; From 84226232fbcfc6185520b9daa989b90e79dd2afd Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:39:57 +0200 Subject: [PATCH 21/27] tests: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ Signed-off-by: Christian Brauner --- src/tests/lxc-test-utils.c | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/src/tests/lxc-test-utils.c b/src/tests/lxc-test-utils.c index 8a1ecc1dd..20f71b9a5 100644 --- a/src/tests/lxc-test-utils.c +++ b/src/tests/lxc-test-utils.c @@ -39,6 +39,7 @@ #include #include "lxctest.h" +#include "macro.h" #include "utils.h" void test_lxc_deslashify(void) @@ -81,7 +82,7 @@ void test_lxc_deslashify(void) } /* /proc/int_as_str/ns/mnt\0 = (5 + 21 + 7 + 1) */ -#define __MNTNS_LEN (5 + (LXC_NUMSTRLEN64) + 7 + 1) +#define __MNTNS_LEN (5 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1) void test_detect_ramfs_rootfs(void) { size_t i; @@ -246,19 +247,19 @@ void test_lxc_safe_uint(void) { int ret; unsigned int n; - char numstr[LXC_NUMSTRLEN64]; + char numstr[INTTYPE_TO_STRLEN(uint64_t)]; lxc_test_assert_abort((-EINVAL == lxc_safe_uint(" -123", &n))); lxc_test_assert_abort((-EINVAL == lxc_safe_uint("-123", &n))); - ret = snprintf(numstr, LXC_NUMSTRLEN64, "%" PRIu64, (uint64_t)UINT_MAX); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) + ret = snprintf(numstr, INTTYPE_TO_STRLEN(uint64_t), "%" PRIu64, (uint64_t)UINT_MAX); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(uint64_t)) exit(EXIT_FAILURE); lxc_test_assert_abort((0 == lxc_safe_uint(numstr, &n)) && n == UINT_MAX); - ret = snprintf(numstr, LXC_NUMSTRLEN64, "%" PRIu64, (uint64_t)UINT_MAX + 1); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) + ret = snprintf(numstr, INTTYPE_TO_STRLEN(uint64_t), "%" PRIu64, (uint64_t)UINT_MAX + 1); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(uint64_t)) exit(EXIT_FAILURE); lxc_test_assert_abort((-ERANGE == lxc_safe_uint(numstr, &n))); @@ -282,28 +283,28 @@ void test_lxc_safe_int(void) { int ret; signed int n; - char numstr[LXC_NUMSTRLEN64]; + char numstr[INTTYPE_TO_STRLEN(uint64_t)]; - ret = snprintf(numstr, LXC_NUMSTRLEN64, "%" PRIu64, (uint64_t)INT_MAX); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) + ret = snprintf(numstr, INTTYPE_TO_STRLEN(uint64_t), "%" PRIu64, (uint64_t)INT_MAX); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(uint64_t)) exit(EXIT_FAILURE); lxc_test_assert_abort((0 == lxc_safe_int(numstr, &n)) && n == INT_MAX); - ret = snprintf(numstr, LXC_NUMSTRLEN64, "%" PRIu64, (uint64_t)INT_MAX + 1); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) + ret = snprintf(numstr, INTTYPE_TO_STRLEN(uint64_t), "%" PRIu64, (uint64_t)INT_MAX + 1); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(uint64_t)) exit(EXIT_FAILURE); lxc_test_assert_abort((-ERANGE == lxc_safe_int(numstr, &n))); - ret = snprintf(numstr, LXC_NUMSTRLEN64, "%" PRId64, (int64_t)INT_MIN); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) + ret = snprintf(numstr, INTTYPE_TO_STRLEN(int64_t), "%" PRId64, (int64_t)INT_MIN); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(int64_t)) exit(EXIT_FAILURE); lxc_test_assert_abort((0 == lxc_safe_int(numstr, &n)) && n == INT_MIN); - ret = snprintf(numstr, LXC_NUMSTRLEN64, "%" PRId64, (int64_t)INT_MIN - 1); - if (ret < 0 || ret >= LXC_NUMSTRLEN64) + ret = snprintf(numstr, INTTYPE_TO_STRLEN(int64_t), "%" PRId64, (int64_t)INT_MIN - 1); + if (ret < 0 || ret >= INTTYPE_TO_STRLEN(int64_t)) exit(EXIT_FAILURE); lxc_test_assert_abort((-ERANGE == lxc_safe_int(numstr, &n))); From 0c5ea884e892c4038724b3603431220f15978cdc Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sat, 25 Aug 2018 12:30:50 +0200 Subject: [PATCH 22/27] macro: final INTTYPE_TO_STRLEN() related cleanups Signed-off-by: Christian Brauner --- src/lxc/macro.h | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/src/lxc/macro.h b/src/lxc/macro.h index 68bdfdcc9..c0af5a055 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -121,26 +121,29 @@ : sizeof(int[-2 * (sizeof(type) > 8)]))) /* Useful macros */ -/* Maximum number for 64 bit integer is a string with 21 digits: 2^64 - 1 = 21 */ -#define LXC_NUMSTRLEN64 INTTYPE_TO_STRLEN(int64_t) #define LXC_LINELEN 4096 #define LXC_IDMAPLEN 4096 #define LXC_MAX_BUFFER 4096 + /* /proc/ = 6 * + - * = LXC_NUMSTRLEN64 + * = INTTYPE_TO_STRLEN(pid_t) * + * /fd/ = 4 * + - * = LXC_NUMSTRLEN64 + * = INTTYPE_TO_STRLEN(int) * + * \0 = 1 */ #define LXC_PROC_PID_FD_LEN (6 + INTTYPE_TO_STRLEN(pid_t) + 4 + INTTYPE_TO_STRLEN(int) + 1) -/* /proc/pid-to-str/status\0 = (5 + 21 + 7 + 1) */ -#define LXC_PROC_STATUS_LEN (5 + (INTTYPE_TO_STRLEN(pid_t)) + 7 + 1) + +/* /proc/pid-to-str/status\0 = (5 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1) */ +#define LXC_PROC_STATUS_LEN (5 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1) + +/* /proc/pid-to-str/attr/current = (5 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1) */ +#define LXC_LSMATTRLEN (5 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1) + #define LXC_CMD_DATA_MAX (MAXPATHLEN * 2) -#define LXC_LSMATTRLEN (5 + (INTTYPE_TO_STRLEN(pid_t)) + 7 + 1) /* loop devices */ #ifndef LO_FLAGS_AUTOCLEAR From ba2b6354b267324937e6f8d13d666fd0a4a80ec7 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sun, 26 Aug 2018 12:34:11 +0200 Subject: [PATCH 23/27] macro: coding style fixes Signed-off-by: Christian Brauner --- src/lxc/macro.h | 50 +++++++++++++++++++++++-------------------------- 1 file changed, 23 insertions(+), 27 deletions(-) diff --git a/src/lxc/macro.h b/src/lxc/macro.h index c0af5a055..e19b31632 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -39,7 +39,11 @@ #define __S_ISTYPE(mode, mask) (((mode)&S_IFMT) == (mask)) #endif -#if HAVE_LIBCAP +/* capabilities */ +#ifndef CAP_SYS_ADMIN +#define CAP_SYS_ADMIN 21 +#endif + #ifndef CAP_SETFCAP #define CAP_SETFCAP 31 #endif @@ -51,11 +55,6 @@ #ifndef CAP_MAC_ADMIN #define CAP_MAC_ADMIN 33 #endif -#endif - -#ifndef PR_CAPBSET_DROP -#define PR_CAPBSET_DROP 24 -#endif #ifndef CAP_SETUID #define CAP_SETUID 7 @@ -65,25 +64,20 @@ #define CAP_SETGID 6 #endif -/* needed for cgroup automount checks, regardless of whether we - * have included linux/capability.h or not */ -#ifndef CAP_SYS_ADMIN -#define CAP_SYS_ADMIN 21 -#endif - -#ifndef HAVE_DECL_PR_CAPBSET_DROP +/* prctl */ +#ifndef PR_CAPBSET_DROP #define PR_CAPBSET_DROP 24 #endif -/* prctl */ -#ifndef HAVE_DECL_PR_SET_NO_NEW_PRIVS +#ifndef PR_SET_NO_NEW_PRIVS #define PR_SET_NO_NEW_PRIVS 38 #endif -#ifndef HAVE_DECL_PR_GET_NO_NEW_PRIVS +#ifndef PR_GET_NO_NEW_PRIVS #define PR_GET_NO_NEW_PRIVS 39 #endif +/* filesystem magic values */ #ifndef CGROUP_SUPER_MAGIC #define CGROUP_SUPER_MAGIC 0x27e0eb #endif @@ -96,15 +90,16 @@ #define NSFS_MAGIC 0x6e736673 #endif -/* We have two different magic values for overlayfs, yay. */ -#ifndef OVERLAYFS_SUPER_MAGIC -#define OVERLAYFS_SUPER_MAGIC 0x794c764f -#endif - +/* current overlayfs */ #ifndef OVERLAY_SUPER_MAGIC #define OVERLAY_SUPER_MAGIC 0x794c7630 #endif +/* legacy overlayfs */ +#ifndef OVERLAYFS_SUPER_MAGIC +#define OVERLAYFS_SUPER_MAGIC 0x794c764f +#endif + /* Calculate the number of chars needed to represent a given integer as a C * string. Include room for '-' to indicate negative numbers and the \0 byte. * This is based on systemd. @@ -179,14 +174,15 @@ * though, hence the two different methods. */ #ifndef __OPTIMIZE__ -#define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2*!!(condition)])) +#define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2 * !!(condition)])) #else extern int __build_bug_on_failed; -#define BUILD_BUG_ON(condition) \ - do { \ - ((void)sizeof(char[1 - 2*!!(condition)])); \ - if (condition) __build_bug_on_failed = 1; \ - } while(0) +#define BUILD_BUG_ON(condition) \ + do { \ + ((void)sizeof(char[1 - 2 * !!(condition)])); \ + if (condition) \ + __build_bug_on_failed = 1; \ + } while (0) #endif #define lxc_iterate_parts(__iterator, __splitme, __separators) \ From 9978b4d34208a0a4fab5c5f49bc0aa1da78df8fd Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sun, 26 Aug 2018 17:24:27 +0200 Subject: [PATCH 24/27] Makefile: correctly add ifaddrs to noinst_HEADERS Before this we only added ifaddrs.h to noinst_HEADERS when we were running on Android's bionic. That obviously doesn't make sense since it is possible that ifaddrs.h is not defined and we're also not running on Android's bionic. Signed-off-by: Christian Brauner --- src/lxc/Makefile.am | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am index 9499d5121..1f8c5d980 100644 --- a/src/lxc/Makefile.am +++ b/src/lxc/Makefile.am @@ -40,9 +40,12 @@ noinst_HEADERS = attach.h \ tools/arguments.h \ utils.h +if !HAVE_IFADDRS_H +noinst_HEADERS += ../include/ifaddrs.h +endif + if IS_BIONIC -noinst_HEADERS += ../include/ifaddrs.h \ - ../include/lxcmntent.h \ +noinst_HEADERS += ../include/lxcmntent.h \ ../include/openpty.h endif From 3ef9b3d30fb94b6db8f1a06f8c3fdbbac8291e2b Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 27 Aug 2018 00:59:12 +0200 Subject: [PATCH 25/27] start: remove duplicate macros Signed-off-by: Christian Brauner --- src/lxc/start.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/src/lxc/start.c b/src/lxc/start.c index 086a874f0..b5c248974 100644 --- a/src/lxc/start.c +++ b/src/lxc/start.c @@ -53,18 +53,6 @@ #include #endif -#if !HAVE_DECL_PR_CAPBSET_DROP -#define PR_CAPBSET_DROP 24 -#endif - -#if !HAVE_DECL_PR_SET_NO_NEW_PRIVS -#define PR_SET_NO_NEW_PRIVS 38 -#endif - -#if !HAVE_DECL_PR_GET_NO_NEW_PRIVS -#define PR_GET_NO_NEW_PRIVS 39 -#endif - #include "af_unix.h" #include "caps.h" #include "cgroup.h" @@ -79,6 +67,7 @@ #include "lxccontainer.h" #include "lxclock.h" #include "lxcseccomp.h" +#include "macro.h" #include "mainloop.h" #include "monitor.h" #include "namespace.h" From 1f207a5cd9a6df9796edafb101a3b6bb0b6b34b7 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 27 Aug 2018 01:01:47 +0200 Subject: [PATCH 26/27] caps: move macros to macro header Signed-off-by: Christian Brauner --- src/lxc/caps.c | 25 ------------------------- src/lxc/macro.h | 25 +++++++++++++++++++++++++ 2 files changed, 25 insertions(+), 25 deletions(-) diff --git a/src/lxc/caps.c b/src/lxc/caps.c index 1c8c03bd6..c56fe732e 100644 --- a/src/lxc/caps.c +++ b/src/lxc/caps.c @@ -39,31 +39,6 @@ lxc_log_define(caps, lxc); #if HAVE_LIBCAP -#ifndef PR_CAPBSET_READ -#define PR_CAPBSET_READ 23 -#endif - -/* Control the ambient capability set */ -#ifndef PR_CAP_AMBIENT -#define PR_CAP_AMBIENT 47 -#endif - -#ifndef PR_CAP_AMBIENT_IS_SET -#define PR_CAP_AMBIENT_IS_SET 1 -#endif - -#ifndef PR_CAP_AMBIENT_RAISE -#define PR_CAP_AMBIENT_RAISE 2 -#endif - -#ifndef PR_CAP_AMBIENT_LOWER -#define PR_CAP_AMBIENT_LOWER 3 -#endif - -#ifndef PR_CAP_AMBIENT_CLEAR_ALL -#define PR_CAP_AMBIENT_CLEAR_ALL 4 -#endif - int lxc_caps_down(void) { cap_t caps; diff --git a/src/lxc/macro.h b/src/lxc/macro.h index e19b31632..8bad2d89d 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -65,10 +65,35 @@ #endif /* prctl */ +#ifndef PR_CAPBSET_READ +#define PR_CAPBSET_READ 23 +#endif + #ifndef PR_CAPBSET_DROP #define PR_CAPBSET_DROP 24 #endif +/* Control the ambient capability set */ +#ifndef PR_CAP_AMBIENT +#define PR_CAP_AMBIENT 47 +#endif + +#ifndef PR_CAP_AMBIENT_IS_SET +#define PR_CAP_AMBIENT_IS_SET 1 +#endif + +#ifndef PR_CAP_AMBIENT_RAISE +#define PR_CAP_AMBIENT_RAISE 2 +#endif + +#ifndef PR_CAP_AMBIENT_LOWER +#define PR_CAP_AMBIENT_LOWER 3 +#endif + +#ifndef PR_CAP_AMBIENT_CLEAR_ALL +#define PR_CAP_AMBIENT_CLEAR_ALL 4 +#endif + #ifndef PR_SET_NO_NEW_PRIVS #define PR_SET_NO_NEW_PRIVS 38 #endif From 62fc84030b41e8df5bae6fb1cd64735611bdf485 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 27 Aug 2018 01:05:18 +0200 Subject: [PATCH 27/27] string_utils: use UINT64_MAX macro Signed-off-by: Christian Brauner --- src/lxc/string_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lxc/string_utils.c b/src/lxc/string_utils.c index 0a1e3e3bf..fb5cb54e7 100644 --- a/src/lxc/string_utils.c +++ b/src/lxc/string_utils.c @@ -679,7 +679,7 @@ int lxc_safe_uint64(const char *numstr, uint64_t *converted, int base) errno = 0; u = strtoull(numstr, &err, base); - if (errno == ERANGE && u == ULLONG_MAX) + if (errno == ERANGE && u == UINT64_MAX) return -ERANGE; if (err == numstr || *err != '\0')