mirror of
https://git.proxmox.com/git/mirror_lxc
synced 2025-07-29 19:38:31 +00:00
process_utils: introduce new process_utils.{c,h}
This will be the central place for all process management helpers. This also removes raw_syscalls.{c,h}. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
parent
923d3a2dba
commit
f40988c773
@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
|
|||||||
AC_HEADER_MAJOR
|
AC_HEADER_MAJOR
|
||||||
|
|
||||||
# Check for some syscalls functions
|
# Check for some syscalls functions
|
||||||
AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree])
|
AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat])
|
||||||
|
|
||||||
# Check for strerror_r() support. Defines:
|
# Check for strerror_r() support. Defines:
|
||||||
# - HAVE_STRERROR_R if available
|
# - HAVE_STRERROR_R if available
|
||||||
|
@ -29,7 +29,7 @@
|
|||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
#include "macro.h"
|
#include "macro.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
|
|
||||||
int fexecve(int fd, char *const argv[], char *const envp[])
|
int fexecve(int fd, char *const argv[], char *const envp[])
|
||||||
{
|
{
|
||||||
|
@ -27,7 +27,7 @@ noinst_HEADERS = api_extensions.h \
|
|||||||
memory_utils.h \
|
memory_utils.h \
|
||||||
monitor.h \
|
monitor.h \
|
||||||
namespace.h \
|
namespace.h \
|
||||||
raw_syscalls.h \
|
process_utils.h \
|
||||||
rexec.h \
|
rexec.h \
|
||||||
start.h \
|
start.h \
|
||||||
state.h \
|
state.h \
|
||||||
@ -128,7 +128,7 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
|
|||||||
network.c network.h \
|
network.c network.h \
|
||||||
monitor.c monitor.h \
|
monitor.c monitor.h \
|
||||||
parse.c parse.h \
|
parse.c parse.h \
|
||||||
raw_syscalls.c raw_syscalls.h \
|
process_utils.c process_utils.h \
|
||||||
ringbuf.c ringbuf.h \
|
ringbuf.c ringbuf.h \
|
||||||
rtnl.c rtnl.h \
|
rtnl.c rtnl.h \
|
||||||
state.c state.h \
|
state.c state.h \
|
||||||
@ -384,7 +384,7 @@ init_lxc_SOURCES = cmd/lxc_init.c \
|
|||||||
initutils.c initutils.h \
|
initutils.c initutils.h \
|
||||||
memory_utils.h \
|
memory_utils.h \
|
||||||
parse.c parse.h \
|
parse.c parse.h \
|
||||||
raw_syscalls.c raw_syscalls.h \
|
process_utils.c process_utils.h \
|
||||||
syscall_numbers.h \
|
syscall_numbers.h \
|
||||||
string_utils.c string_utils.h
|
string_utils.c string_utils.h
|
||||||
|
|
||||||
@ -395,7 +395,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
|
|||||||
log.c log.h \
|
log.c log.h \
|
||||||
mainloop.c mainloop.h \
|
mainloop.c mainloop.h \
|
||||||
monitor.c monitor.h \
|
monitor.c monitor.h \
|
||||||
raw_syscalls.c raw_syscalls.h \
|
process_utils.c process_utils.h \
|
||||||
syscall_numbers.h \
|
syscall_numbers.h \
|
||||||
utils.c utils.h
|
utils.c utils.h
|
||||||
lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
|
lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
|
||||||
@ -404,7 +404,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
|
|||||||
memory_utils.h \
|
memory_utils.h \
|
||||||
network.c network.h \
|
network.c network.h \
|
||||||
parse.c parse.h \
|
parse.c parse.h \
|
||||||
raw_syscalls.c raw_syscalls.h \
|
process_utils.c process_utils.h \
|
||||||
syscall_numbers.h \
|
syscall_numbers.h \
|
||||||
file_utils.c file_utils.h \
|
file_utils.c file_utils.h \
|
||||||
string_utils.c string_utils.h \
|
string_utils.c string_utils.h \
|
||||||
|
@ -18,7 +18,7 @@
|
|||||||
#include "log.h"
|
#include "log.h"
|
||||||
#include "macro.h"
|
#include "macro.h"
|
||||||
#include "memory_utils.h"
|
#include "memory_utils.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
#ifndef HAVE_STRLCPY
|
#ifndef HAVE_STRLCPY
|
||||||
|
@ -40,7 +40,7 @@
|
|||||||
#include "mainloop.h"
|
#include "mainloop.h"
|
||||||
#include "memory_utils.h"
|
#include "memory_utils.h"
|
||||||
#include "namespace.h"
|
#include "namespace.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "syscall_wrappers.h"
|
#include "syscall_wrappers.h"
|
||||||
#include "terminal.h"
|
#include "terminal.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
@ -28,7 +28,7 @@
|
|||||||
#include "initutils.h"
|
#include "initutils.h"
|
||||||
#include "memory_utils.h"
|
#include "memory_utils.h"
|
||||||
#include "parse.h"
|
#include "parse.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "string_utils.h"
|
#include "string_utils.h"
|
||||||
|
|
||||||
/* option keys for long only options */
|
/* option keys for long only options */
|
||||||
|
@ -28,7 +28,7 @@
|
|||||||
#include "log.h"
|
#include "log.h"
|
||||||
#include "mainloop.h"
|
#include "mainloop.h"
|
||||||
#include "monitor.h"
|
#include "monitor.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
#define CLIENTFDS_CHUNK 64
|
#define CLIENTFDS_CHUNK 64
|
||||||
|
@ -36,7 +36,7 @@
|
|||||||
#include "memory_utils.h"
|
#include "memory_utils.h"
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
#include "parse.h"
|
#include "parse.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "string_utils.h"
|
#include "string_utils.h"
|
||||||
#include "syscall_wrappers.h"
|
#include "syscall_wrappers.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
@ -51,7 +51,7 @@
|
|||||||
#include "namespace.h"
|
#include "namespace.h"
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
#include "parse.h"
|
#include "parse.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "ringbuf.h"
|
#include "ringbuf.h"
|
||||||
#include "start.h"
|
#include "start.h"
|
||||||
#include "storage.h"
|
#include "storage.h"
|
||||||
@ -3245,7 +3245,7 @@ static bool verify_start_hooks(struct lxc_conf *conf)
|
|||||||
|
|
||||||
static bool execveat_supported(void)
|
static bool execveat_supported(void)
|
||||||
{
|
{
|
||||||
lxc_raw_execveat(-1, "", NULL, NULL, AT_EMPTY_PATH);
|
execveat(-1, "", NULL, NULL, AT_EMPTY_PATH);
|
||||||
if (errno == ENOSYS)
|
if (errno == ENOSYS)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
@ -14,7 +14,7 @@
|
|||||||
#include "config.h"
|
#include "config.h"
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
#include "start.h"
|
#include "start.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
lxc_log_define(execute, start);
|
lxc_log_define(execute, start);
|
||||||
@ -66,7 +66,7 @@ static int execute_start(struct lxc_handler *handler, void* data)
|
|||||||
NOTICE("Exec'ing \"%s\"", my_args->argv[0]);
|
NOTICE("Exec'ing \"%s\"", my_args->argv[0]);
|
||||||
|
|
||||||
if (my_args->init_fd >= 0)
|
if (my_args->init_fd >= 0)
|
||||||
lxc_raw_execveat(my_args->init_fd, "", argv, environ, AT_EMPTY_PATH);
|
execveat(my_args->init_fd, "", argv, environ, AT_EMPTY_PATH);
|
||||||
else
|
else
|
||||||
execvp(argv[0], argv);
|
execvp(argv[0], argv);
|
||||||
SYSERROR("Failed to exec %s", argv[0]);
|
SYSERROR("Failed to exec %s", argv[0]);
|
||||||
|
@ -19,7 +19,7 @@
|
|||||||
#include "log.h"
|
#include "log.h"
|
||||||
#include "lsm.h"
|
#include "lsm.h"
|
||||||
#include "parse.h"
|
#include "parse.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
lxc_log_define(apparmor, lsm);
|
lxc_log_define(apparmor, lsm);
|
||||||
|
@ -49,7 +49,7 @@
|
|||||||
#include "namespace.h"
|
#include "namespace.h"
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
#include "parse.h"
|
#include "parse.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "start.h"
|
#include "start.h"
|
||||||
#include "state.h"
|
#include "state.h"
|
||||||
#include "storage.h"
|
#include "storage.h"
|
||||||
|
@ -21,33 +21,6 @@
|
|||||||
|
|
||||||
lxc_log_define(namespace, lxc);
|
lxc_log_define(namespace, lxc);
|
||||||
|
|
||||||
/*
|
|
||||||
* Let's use the "standard stack limit" (i.e. glibc thread size default) for
|
|
||||||
* stack sizes: 8MB.
|
|
||||||
*/
|
|
||||||
#define __LXC_STACK_SIZE (8 * 1024 * 1024)
|
|
||||||
pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd)
|
|
||||||
{
|
|
||||||
pid_t ret;
|
|
||||||
void *stack;
|
|
||||||
|
|
||||||
stack = malloc(__LXC_STACK_SIZE);
|
|
||||||
if (!stack) {
|
|
||||||
SYSERROR("Failed to allocate clone stack");
|
|
||||||
return -ENOMEM;
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef __ia64__
|
|
||||||
ret = __clone2(fn, stack, __LXC_STACK_SIZE, flags | SIGCHLD, arg, pidfd);
|
|
||||||
#else
|
|
||||||
ret = clone(fn, stack + __LXC_STACK_SIZE, flags | SIGCHLD, arg, pidfd);
|
|
||||||
#endif
|
|
||||||
if (ret < 0)
|
|
||||||
SYSERROR("Failed to clone (%#x)", flags);
|
|
||||||
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Leave the user namespace at the first position in the array of structs so
|
/* Leave the user namespace at the first position in the array of structs so
|
||||||
* that we always attach to it first when iterating over the struct and using
|
* that we always attach to it first when iterating over the struct and using
|
||||||
* setns() to switch namespaces. This especially affects lxc_attach(): Suppose
|
* setns() to switch namespaces. This especially affects lxc_attach(): Suppose
|
||||||
|
@ -7,63 +7,6 @@
|
|||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <sys/syscall.h>
|
#include <sys/syscall.h>
|
||||||
|
|
||||||
#ifndef CLONE_PARENT_SETTID
|
|
||||||
#define CLONE_PARENT_SETTID 0x00100000
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef CLONE_CHILD_CLEARTID
|
|
||||||
#define CLONE_CHILD_CLEARTID 0x00200000
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef CLONE_CHILD_SETTID
|
|
||||||
#define CLONE_CHILD_SETTID 0x01000000
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef CLONE_VFORK
|
|
||||||
#define CLONE_VFORK 0x00004000
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef CLONE_THREAD
|
|
||||||
#define CLONE_THREAD 0x00010000
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef CLONE_SETTLS
|
|
||||||
#define CLONE_SETTLS 0x00080000
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef CLONE_VM
|
|
||||||
#define CLONE_VM 0x00000100
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef CLONE_FILES
|
|
||||||
#define CLONE_FILES 0x00000400
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef CLONE_FS
|
|
||||||
# define CLONE_FS 0x00000200
|
|
||||||
#endif
|
|
||||||
#ifndef CLONE_NEWNS
|
|
||||||
# define CLONE_NEWNS 0x00020000
|
|
||||||
#endif
|
|
||||||
#ifndef CLONE_NEWCGROUP
|
|
||||||
# define CLONE_NEWCGROUP 0x02000000
|
|
||||||
#endif
|
|
||||||
#ifndef CLONE_NEWUTS
|
|
||||||
# define CLONE_NEWUTS 0x04000000
|
|
||||||
#endif
|
|
||||||
#ifndef CLONE_NEWIPC
|
|
||||||
# define CLONE_NEWIPC 0x08000000
|
|
||||||
#endif
|
|
||||||
#ifndef CLONE_NEWUSER
|
|
||||||
# define CLONE_NEWUSER 0x10000000
|
|
||||||
#endif
|
|
||||||
#ifndef CLONE_NEWPID
|
|
||||||
# define CLONE_NEWPID 0x20000000
|
|
||||||
#endif
|
|
||||||
#ifndef CLONE_NEWNET
|
|
||||||
# define CLONE_NEWNET 0x40000000
|
|
||||||
#endif
|
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
LXC_NS_USER,
|
LXC_NS_USER,
|
||||||
LXC_NS_MNT,
|
LXC_NS_MNT,
|
||||||
@ -82,39 +25,6 @@ extern const struct ns_info {
|
|||||||
const char *env_name;
|
const char *env_name;
|
||||||
} ns_info[LXC_NS_MAX];
|
} ns_info[LXC_NS_MAX];
|
||||||
|
|
||||||
#if defined(__ia64__)
|
|
||||||
int __clone2(int (*__fn) (void *__arg), void *__child_stack_base,
|
|
||||||
size_t __child_stack_size, int __flags, void *__arg, ...);
|
|
||||||
#else
|
|
||||||
int clone(int (*fn)(void *), void *child_stack,
|
|
||||||
int flags, void *arg, ...
|
|
||||||
/* pid_t *ptid, struct user_desc *tls, pid_t *ctid */ );
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/**
|
|
||||||
* lxc_clone() - create a new process
|
|
||||||
*
|
|
||||||
* - allocate stack:
|
|
||||||
* This function allocates a new stack the size of page and passes it to the
|
|
||||||
* kernel.
|
|
||||||
*
|
|
||||||
* - support all CLONE_*flags:
|
|
||||||
* This function supports all CLONE_* flags. If in doubt or not sufficiently
|
|
||||||
* familiar with process creation in the kernel and interactions with libcs
|
|
||||||
* this function should be used.
|
|
||||||
*
|
|
||||||
* - pthread_atfork() handlers depending on libc:
|
|
||||||
* Whether this function runs pthread_atfork() handlers depends on the
|
|
||||||
* corresponding libc wrapper. glibc currently does not run pthread_atfork()
|
|
||||||
* handlers but does not guarantee that they are not. Other libcs might or
|
|
||||||
* might not run pthread_atfork() handlers. If you require guarantees please
|
|
||||||
* refer to the lxc_raw_clone*() functions in raw_syscalls.{c,h}.
|
|
||||||
*
|
|
||||||
* - should call lxc_raw_getpid():
|
|
||||||
* The child should use lxc_raw_getpid() to retrieve its pid.
|
|
||||||
*/
|
|
||||||
extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd);
|
|
||||||
|
|
||||||
extern int lxc_namespace_2_cloneflag(const char *namespace);
|
extern int lxc_namespace_2_cloneflag(const char *namespace);
|
||||||
extern int lxc_namespace_2_ns_idx(const char *namespace);
|
extern int lxc_namespace_2_ns_idx(const char *namespace);
|
||||||
extern int lxc_namespace_2_std_identifiers(char *namespaces);
|
extern int lxc_namespace_2_std_identifiers(char *namespaces);
|
||||||
|
@ -36,7 +36,7 @@
|
|||||||
#include "memory_utils.h"
|
#include "memory_utils.h"
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
#include "nl.h"
|
#include "nl.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "syscall_wrappers.h"
|
#include "syscall_wrappers.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
|
@ -13,15 +13,12 @@
|
|||||||
|
|
||||||
#include "compiler.h"
|
#include "compiler.h"
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
#include "log.h"
|
||||||
#include "macro.h"
|
#include "macro.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "syscall_numbers.h"
|
#include "syscall_numbers.h"
|
||||||
|
|
||||||
int lxc_raw_execveat(int dirfd, const char *pathname, char *const argv[],
|
lxc_log_define(process_utils, lxc);
|
||||||
char *const envp[], int flags)
|
|
||||||
{
|
|
||||||
return syscall(__NR_execveat, dirfd, pathname, argv, envp, flags);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This is based on raw_clone in systemd but adapted to our needs. This uses
|
* This is based on raw_clone in systemd but adapted to our needs. This uses
|
||||||
@ -124,3 +121,30 @@ int lxc_raw_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
|
|||||||
{
|
{
|
||||||
return syscall(__NR_pidfd_send_signal, pidfd, sig, info, flags);
|
return syscall(__NR_pidfd_send_signal, pidfd, sig, info, flags);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Let's use the "standard stack limit" (i.e. glibc thread size default) for
|
||||||
|
* stack sizes: 8MB.
|
||||||
|
*/
|
||||||
|
#define __LXC_STACK_SIZE (8 * 1024 * 1024)
|
||||||
|
pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd)
|
||||||
|
{
|
||||||
|
pid_t ret;
|
||||||
|
void *stack;
|
||||||
|
|
||||||
|
stack = malloc(__LXC_STACK_SIZE);
|
||||||
|
if (!stack) {
|
||||||
|
SYSERROR("Failed to allocate clone stack");
|
||||||
|
return -ENOMEM;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef __ia64__
|
||||||
|
ret = __clone2(fn, stack, __LXC_STACK_SIZE, flags | SIGCHLD, arg, pidfd);
|
||||||
|
#else
|
||||||
|
ret = clone(fn, stack + __LXC_STACK_SIZE, flags | SIGCHLD, arg, pidfd);
|
||||||
|
#endif
|
||||||
|
if (ret < 0)
|
||||||
|
SYSERROR("Failed to clone (%#x)", flags);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
248
src/lxc/process_utils.h
Normal file
248
src/lxc/process_utils.h
Normal file
@ -0,0 +1,248 @@
|
|||||||
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||||
|
|
||||||
|
#ifndef __LXC_PROCESS_UTILS_H
|
||||||
|
#define __LXC_PROCESS_UTILS_H
|
||||||
|
|
||||||
|
#ifndef _GNU_SOURCE
|
||||||
|
#define _GNU_SOURCE 1
|
||||||
|
#endif
|
||||||
|
#include <sched.h>
|
||||||
|
#include <signal.h>
|
||||||
|
#include <stdbool.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <sys/syscall.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
#ifndef CSIGNAL
|
||||||
|
#define CSIGNAL 0x000000ff /* signal mask to be sent at exit */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_VM
|
||||||
|
#define CLONE_VM 0x00000100 /* set if VM shared between processes */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_FS
|
||||||
|
#define CLONE_FS 0x00000200 /* set if fs info shared between processes */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_FILES
|
||||||
|
#define CLONE_FILES 0x00000400 /* set if open files shared between processes */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_SIGHAND
|
||||||
|
#define CLONE_SIGHAND 0x00000800 /* set if signal handlers and blocked signals shared */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_PIDFD
|
||||||
|
#define CLONE_PIDFD 0x00001000 /* set if a pidfd should be placed in parent */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_PTRACE
|
||||||
|
#define CLONE_PTRACE 0x00002000 /* set if we want to let tracing continue on the child too */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_VFORK
|
||||||
|
#define CLONE_VFORK 0x00004000 /* set if the parent wants the child to wake it up on mm_release */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_PARENT
|
||||||
|
#define CLONE_PARENT 0x00008000 /* set if we want to have the same parent as the cloner */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_THREAD
|
||||||
|
#define CLONE_THREAD 0x00010000 /* Same thread group? */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_NEWNS
|
||||||
|
#define CLONE_NEWNS 0x00020000 /* New mount namespace group */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_SYSVSEM
|
||||||
|
#define CLONE_SYSVSEM 0x00040000 /* share system V SEM_UNDO semantics */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_SETTLS
|
||||||
|
#define CLONE_SETTLS 0x00080000 /* create a new TLS for the child */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_PARENT_SETTID
|
||||||
|
#define CLONE_PARENT_SETTID 0x00100000 /* set the TID in the parent */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_CHILD_CLEARTID
|
||||||
|
#define CLONE_CHILD_CLEARTID 0x00200000 /* clear the TID in the child */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_DETACHED
|
||||||
|
#define CLONE_DETACHED 0x00400000 /* Unused, ignored */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_UNTRACED
|
||||||
|
#define CLONE_UNTRACED 0x00800000 /* set if the tracing process can't force CLONE_PTRACE on this clone */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_CHILD_SETTID
|
||||||
|
#define CLONE_CHILD_SETTID 0x01000000 /* set the TID in the child */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_NEWCGROUP
|
||||||
|
#define CLONE_NEWCGROUP 0x02000000 /* New cgroup namespace */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_NEWUTS
|
||||||
|
#define CLONE_NEWUTS 0x04000000 /* New utsname namespace */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_NEWIPC
|
||||||
|
#define CLONE_NEWIPC 0x08000000 /* New ipc namespace */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_NEWUSER
|
||||||
|
#define CLONE_NEWUSER 0x10000000 /* New user namespace */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_NEWPID
|
||||||
|
#define CLONE_NEWPID 0x20000000 /* New pid namespace */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_NEWNET
|
||||||
|
#define CLONE_NEWNET 0x40000000 /* New network namespace */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_IO
|
||||||
|
#define CLONE_IO 0x80000000 /* Clone io context */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Flags for the clone3() syscall. */
|
||||||
|
#ifndef CLONE_CLEAR_SIGHAND
|
||||||
|
#define CLONE_CLEAR_SIGHAND 0x100000000ULL /* Clear any signal handler and reset to SIG_DFL. */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef CLONE_INTO_CGROUP
|
||||||
|
#define CLONE_INTO_CGROUP 0x200000000ULL /* Clone into a specific cgroup given the right permissions. */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* cloning flags intersect with CSIGNAL so can be used with unshare and clone3
|
||||||
|
* syscalls only:
|
||||||
|
*/
|
||||||
|
#ifndef CLONE_NEWTIME
|
||||||
|
#define CLONE_NEWTIME 0x00000080 /* New time namespace */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* waitid */
|
||||||
|
#ifndef P_PIDFD
|
||||||
|
#define P_PIDFD 3
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
#if defined(__ia64__)
|
||||||
|
int __clone2(int (*__fn)(void *__arg), void *__child_stack_base,
|
||||||
|
size_t __child_stack_size, int __flags, void *__arg, ...);
|
||||||
|
#else
|
||||||
|
int clone(int (*fn)(void *), void *child_stack, int flags, void *arg, ...
|
||||||
|
/* pid_t *ptid, struct user_desc *tls, pid_t *ctid */);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/**
|
||||||
|
* lxc_clone() - create a new process
|
||||||
|
*
|
||||||
|
* - allocate stack:
|
||||||
|
* This function allocates a new stack the size of page and passes it to the
|
||||||
|
* kernel.
|
||||||
|
*
|
||||||
|
* - support all CLONE_*flags:
|
||||||
|
* This function supports all CLONE_* flags. If in doubt or not sufficiently
|
||||||
|
* familiar with process creation in the kernel and interactions with libcs
|
||||||
|
* this function should be used.
|
||||||
|
*
|
||||||
|
* - pthread_atfork() handlers depending on libc:
|
||||||
|
* Whether this function runs pthread_atfork() handlers depends on the
|
||||||
|
* corresponding libc wrapper. glibc currently does not run pthread_atfork()
|
||||||
|
* handlers but does not guarantee that they are not. Other libcs might or
|
||||||
|
* might not run pthread_atfork() handlers. If you require guarantees please
|
||||||
|
* refer to the lxc_raw_clone*() functions in process_utils.{c,h}.
|
||||||
|
*
|
||||||
|
* - should call lxc_raw_getpid():
|
||||||
|
* The child should use lxc_raw_getpid() to retrieve its pid.
|
||||||
|
*/
|
||||||
|
extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd);
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* lxc_raw_clone() - create a new process
|
||||||
|
*
|
||||||
|
* - fork() behavior:
|
||||||
|
* This function returns 0 in the child and > 0 in the parent.
|
||||||
|
*
|
||||||
|
* - copy-on-write:
|
||||||
|
* This function does not allocate a new stack and relies on copy-on-write
|
||||||
|
* semantics.
|
||||||
|
*
|
||||||
|
* - supports subset of ClONE_* flags:
|
||||||
|
* lxc_raw_clone() intentionally only supports a subset of the flags available
|
||||||
|
* to the actual system call. Please refer to the implementation what flags
|
||||||
|
* cannot be used. Also, please don't assume that just because a flag isn't
|
||||||
|
* explicitly checked for as being unsupported that it is supported. If in
|
||||||
|
* doubt or not sufficiently familiar with process creation in the kernel and
|
||||||
|
* interactions with libcs this function should be used.
|
||||||
|
*
|
||||||
|
* - no pthread_atfork() handlers:
|
||||||
|
* This function circumvents - as much as this this is possible - any libc
|
||||||
|
* wrappers and thus does not run any pthread_atfork() handlers. Make sure
|
||||||
|
* that this is safe to do in the context you are trying to call this
|
||||||
|
* function.
|
||||||
|
*
|
||||||
|
* - must call lxc_raw_getpid():
|
||||||
|
* The child must use lxc_raw_getpid() to retrieve its pid.
|
||||||
|
*/
|
||||||
|
extern pid_t lxc_raw_clone(unsigned long flags, int *pidfd);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* lxc_raw_clone_cb() - create a new process
|
||||||
|
*
|
||||||
|
* - non-fork() behavior:
|
||||||
|
* Function does return pid of the child or -1 on error. Pass in a callback
|
||||||
|
* function via the "fn" argument that gets executed in the child process.
|
||||||
|
* The "args" argument is passed to "fn".
|
||||||
|
*
|
||||||
|
* All other comments that apply to lxc_raw_clone() apply to lxc_raw_clone_cb()
|
||||||
|
* as well.
|
||||||
|
*/
|
||||||
|
extern pid_t lxc_raw_clone_cb(int (*fn)(void *), void *args,
|
||||||
|
unsigned long flags, int *pidfd);
|
||||||
|
|
||||||
|
#ifndef HAVE_EXECVEAT
|
||||||
|
static inline int execveat(int dirfd, const char *pathname, char *const argv[],
|
||||||
|
char *const envp[], int flags)
|
||||||
|
{
|
||||||
|
return syscall(__NR_execveat, dirfd, pathname, argv, envp, flags);
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
extern int execveat(int dirfd, const char *pathname, char *const argv[],
|
||||||
|
char *const envp[], int flags);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Because of older glibc's pid cache (up to 2.25) whenever clone() is called
|
||||||
|
* the child must must retrieve it's own pid via lxc_raw_getpid().
|
||||||
|
*/
|
||||||
|
static inline pid_t lxc_raw_getpid(void)
|
||||||
|
{
|
||||||
|
return (pid_t)syscall(SYS_getpid);
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline pid_t lxc_raw_gettid(void)
|
||||||
|
{
|
||||||
|
#if __NR_gettid > 0
|
||||||
|
return syscall(__NR_gettid);
|
||||||
|
#else
|
||||||
|
return lxc_raw_getpid();
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
extern int lxc_raw_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
#endif /* __LXC_PROCESS_UTILS_H */
|
@ -1,94 +0,0 @@
|
|||||||
/* SPDX-License-Identifier: LGPL-2.1+ */
|
|
||||||
|
|
||||||
#ifndef __LXC_RAW_SYSCALL_H
|
|
||||||
#define __LXC_RAW_SYSCALL_H
|
|
||||||
|
|
||||||
#ifndef _GNU_SOURCE
|
|
||||||
#define _GNU_SOURCE 1
|
|
||||||
#endif
|
|
||||||
#include <sched.h>
|
|
||||||
#include <stdbool.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <signal.h>
|
|
||||||
#include <sys/syscall.h>
|
|
||||||
#include <unistd.h>
|
|
||||||
|
|
||||||
/* clone */
|
|
||||||
#ifndef CLONE_PIDFD
|
|
||||||
#define CLONE_PIDFD 0x00001000
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* waitid */
|
|
||||||
#ifndef P_PIDFD
|
|
||||||
#define P_PIDFD 3
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* lxc_raw_clone() - create a new process
|
|
||||||
*
|
|
||||||
* - fork() behavior:
|
|
||||||
* This function returns 0 in the child and > 0 in the parent.
|
|
||||||
*
|
|
||||||
* - copy-on-write:
|
|
||||||
* This function does not allocate a new stack and relies on copy-on-write
|
|
||||||
* semantics.
|
|
||||||
*
|
|
||||||
* - supports subset of ClONE_* flags:
|
|
||||||
* lxc_raw_clone() intentionally only supports a subset of the flags available
|
|
||||||
* to the actual system call. Please refer to the implementation what flags
|
|
||||||
* cannot be used. Also, please don't assume that just because a flag isn't
|
|
||||||
* explicitly checked for as being unsupported that it is supported. If in
|
|
||||||
* doubt or not sufficiently familiar with process creation in the kernel and
|
|
||||||
* interactions with libcs this function should be used.
|
|
||||||
*
|
|
||||||
* - no pthread_atfork() handlers:
|
|
||||||
* This function circumvents - as much as this this is possible - any libc
|
|
||||||
* wrappers and thus does not run any pthread_atfork() handlers. Make sure
|
|
||||||
* that this is safe to do in the context you are trying to call this
|
|
||||||
* function.
|
|
||||||
*
|
|
||||||
* - must call lxc_raw_getpid():
|
|
||||||
* The child must use lxc_raw_getpid() to retrieve its pid.
|
|
||||||
*/
|
|
||||||
extern pid_t lxc_raw_clone(unsigned long flags, int *pidfd);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* lxc_raw_clone_cb() - create a new process
|
|
||||||
*
|
|
||||||
* - non-fork() behavior:
|
|
||||||
* Function does return pid of the child or -1 on error. Pass in a callback
|
|
||||||
* function via the "fn" argument that gets executed in the child process.
|
|
||||||
* The "args" argument is passed to "fn".
|
|
||||||
*
|
|
||||||
* All other comments that apply to lxc_raw_clone() apply to lxc_raw_clone_cb()
|
|
||||||
* as well.
|
|
||||||
*/
|
|
||||||
extern pid_t lxc_raw_clone_cb(int (*fn)(void *), void *args,
|
|
||||||
unsigned long flags, int *pidfd);
|
|
||||||
|
|
||||||
extern int lxc_raw_execveat(int dirfd, const char *pathname, char *const argv[],
|
|
||||||
char *const envp[], int flags);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Because of older glibc's pid cache (up to 2.25) whenever clone() is called
|
|
||||||
* the child must must retrieve it's own pid via lxc_raw_getpid().
|
|
||||||
*/
|
|
||||||
static inline pid_t lxc_raw_getpid(void)
|
|
||||||
{
|
|
||||||
return (pid_t)syscall(SYS_getpid);
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline pid_t lxc_raw_gettid(void)
|
|
||||||
{
|
|
||||||
#if __NR_gettid > 0
|
|
||||||
return syscall(__NR_gettid);
|
|
||||||
#else
|
|
||||||
return lxc_raw_getpid();
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
extern int lxc_raw_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
|
|
||||||
unsigned int flags);
|
|
||||||
|
|
||||||
#endif /* __LXC_RAW_SYSCALL_H */
|
|
@ -13,7 +13,7 @@
|
|||||||
#include "file_utils.h"
|
#include "file_utils.h"
|
||||||
#include "macro.h"
|
#include "macro.h"
|
||||||
#include "memory_utils.h"
|
#include "memory_utils.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "string_utils.h"
|
#include "string_utils.h"
|
||||||
#include "syscall_wrappers.h"
|
#include "syscall_wrappers.h"
|
||||||
|
|
||||||
|
@ -47,7 +47,7 @@
|
|||||||
#include "monitor.h"
|
#include "monitor.h"
|
||||||
#include "namespace.h"
|
#include "namespace.h"
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "start.h"
|
#include "start.h"
|
||||||
#include "storage/storage.h"
|
#include "storage/storage.h"
|
||||||
#include "storage/storage_utils.h"
|
#include "storage/storage_utils.h"
|
||||||
|
@ -35,7 +35,7 @@
|
|||||||
#include "memory_utils.h"
|
#include "memory_utils.h"
|
||||||
#include "namespace.h"
|
#include "namespace.h"
|
||||||
#include "parse.h"
|
#include "parse.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "syscall_wrappers.h"
|
#include "syscall_wrappers.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
|
@ -25,7 +25,7 @@
|
|||||||
#include "initutils.h"
|
#include "initutils.h"
|
||||||
#include "macro.h"
|
#include "macro.h"
|
||||||
#include "memory_utils.h"
|
#include "memory_utils.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "string_utils.h"
|
#include "string_utils.h"
|
||||||
|
|
||||||
/* returns 1 on success, 0 if there were any failures */
|
/* returns 1 on success, 0 if there were any failures */
|
||||||
|
@ -30,7 +30,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
|
|||||||
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
|
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
|
||||||
lxctest.h \
|
lxctest.h \
|
||||||
../lxc/namespace.c ../lxc/namespace.h \
|
../lxc/namespace.c ../lxc/namespace.h \
|
||||||
../lxc/raw_syscalls.c ../lxc/raw_syscalls.h
|
../lxc/process_utils.c ../lxc/process_utils.h
|
||||||
../lxc/utils.c ../lxc/utils.h
|
../lxc/utils.c ../lxc/utils.h
|
||||||
lxc_test_reboot_SOURCES = reboot.c
|
lxc_test_reboot_SOURCES = reboot.c
|
||||||
lxc_test_saveconfig_SOURCES = saveconfig.c
|
lxc_test_saveconfig_SOURCES = saveconfig.c
|
||||||
|
@ -39,7 +39,7 @@
|
|||||||
|
|
||||||
#include "lxctest.h"
|
#include "lxctest.h"
|
||||||
#include "namespace.h"
|
#include "namespace.h"
|
||||||
#include "raw_syscalls.h"
|
#include "process_utils.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
int main(int argc, char *argv[])
|
int main(int argc, char *argv[])
|
||||||
|
Loading…
Reference in New Issue
Block a user