The gcc implementation and the C standard are not to be considered sane
in this respect. We don't want to risk reordering of writes when the
compiler incorrectly *thinks* two types do not alias each other.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Testing 'lxc <container> stop --stateful' crashed LXD:
fatal error: unexpected signal during runtime execution
[signal SIGSEGV: segmentation violation code=0x1 addr=0xe8 pc=0x7f3198ff0592]
runtime stack:
runtime.throw(0x117fe4a, 0x2a)
/opt/rh/go-toolset-1.10/root/usr/lib/go-toolset-1.10-golang/src/runtime/panic.go:616 +0x81
runtime.sigpanic()
/opt/rh/go-toolset-1.10/root/usr/lib/go-toolset-1.10-golang/src/runtime/signal_unix.go:372 +0x28e
goroutine 375 [syscall]:
runtime.cgocall(0xef38e3, 0xc420731630, 0x29)
/opt/rh/go-toolset-1.10/root/usr/lib/go-toolset-1.10-golang/src/runtime/cgocall.go:128 +0x64 fp=0xc4207315f0 sp=0xc4207315b8 pc=0x410fc4
gopkg.in/lxc/go-lxc%2ev2._Cfunc_go_lxc_migrate(0x7f316c001220, 0xc400000001, 0xc420302460, 0xc4205d6080, 0x0)
_cgo_gotypes.go:752 +0x4d fp=0xc420731630 sp=0xc4207315f0 pc=0x909d7d
gopkg.in/lxc/go-lxc%2ev2.(*Container).Migrate.func4(0x7f316c001220, 0xc400000001, 0xc420302460, 0xc4205d6080, 0x0)
/share/go/src/gopkg.in/lxc/go-lxc.v2/container.go:1798 +0x160 fp=0xc420731668 sp=0xc420731630 pc=0x91b970
gopkg.in/lxc/go-lxc%2ev2.(*Container).Migrate(0xc4207a52f0, 0x1, 0xc42051ec00, 0x20, 0x0, 0x0, 0x0, 0x0, 0x101, 0x10000000, ...)
/share/go/src/gopkg.in/lxc/go-lxc.v2/container.go:1798 +0x29f fp=0xc420731760 sp=0xc420731668 pc=0x9160ef
The commit 5a087e056f introduced a second parameter (conf) to the
cgroup escape() function which was never set in do_dump(). Instead of
taking it from opts->handler->conf it is now used from c->lxc_conf.
Fixes: 5a087e056f ("cgroups: don't escape if lxc.cgroup.keep is true")
Suggested-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Adrian Reber <areber@redhat.com>
Make use of the new socket option, NETLINK_DUMP_STRICT_CHK, that
userspace can use via setsockopt to request strict checking of headers
and attributes on dump requests.
To get dump features such as kernel side filtering based on data in
the header or attributes appended to the dump request, userspace
must call setsockopt() for NETLINK_DUMP_STRICT_CHK and a non-zero
value. This is necessary to make use of the IFA_TARGET_NETNSID property.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This adds support for the new socket option, NETLINK_DUMP_STRICT_CHK,
that userspace can use via setsockopt to request strict checking of
headers and attributes on dump requests.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Since we introduced clean exit from the mainloop when SIGTERM is sent we
changed the signal mask of the parent process but we never reset the
signal mask for the actual attached process.
Closes#399.
Fixes: 1349e92e4d ("console: exit mainloop on SIGTERM")
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
