If liblxc is used multi-threaded do_lxcapi_save_config() could be called from
threads that fork() which to not risk ending up with invalid locking states we
should avoid using functions like fopen() that internally allocate memory and
use locking. Let's replace it with the async-signal safe combination of
open() + write().
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Sigh, this is going to be fun. Essentially, dynamic memory allocation through
malloc() and friends is unsafe when fork()ing in threads. The locking state
that glibc maintains internally might get messed up when the process that
fork()ed calls malloc or calls functions that malloc() internally. Functions
that internally malloc() include fopen(). One solution here is to use open() +
mmap() instead of fopen() + getline().
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
The container name can't be NULL so don't give coverity the impression that it
could be.
Silences coverity #1426123.
Silences coverity #1426124.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
The only cases where we really need to be privileged with respect
to the host is when we are trying to mknod, and in some cases
to do with a physical network device. This patch leaves the
detection of the network device cases as a TODO.
This should fix the currently broken case of starting a privileged
container with at least one veth nic, nested inside an unprivileged
container.
Cc: Tycho Andersen <tycho@tycho.ws>
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
error_num seems to be trying to remember the exit code of the init process,
except that nothing actually keeps track of it anywhere. So, let's add a
field to the handler, so that we can keep track of the process' exit
status, and the propagate it to error_num in struct lxc_container so that
people can use it.
Note that this is a slight behavior change, essentially instead of making
error_num always == the return code from start, now it contains slightly
more useful information (the actual exit status). But, there is only one
internal user of error_num which I'll fix in later in the series, so IMO
this is ok.
Signed-off-by: Tycho Andersen <tycho@tycho.ws>
- As discussed we will have a proper API extension that will allow updating
various parts of a running container. The prior approach wasn't a good idea.
- Revert this is not a problem since we haven't released any version with the
set_running_config_item() API extension.
- I'm not simply reverting so that master users can still call into new
liblxc's without crashing the container. This is achieved by keeping the
commands callback struct member number identical.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This is to avoid bad surprises caused by older glibc's pid cache (up to 2.25)
when using clone().
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
For migration optimization features like pre-copy or post-copy migration
the support cannot be determined by simply looking at the CRIU version.
Features like that depend on the architecture/kernel/criu combination
and CRIU offers a feature checking interface to query if it is
supported.
This adds a LXC interface to query CRIU for those feature via the
migrate() API call. For the recent pre-copy migration support in LXD
this can be used to automatically detect if pre-copy migration should be
used.
In addition to the existing migrate() API commands this adds a new
command: 'MIGRATE_FEATURE_CHECK'.
The migrate_opts{} structure is extended by the member features_to_check
which is a bitmask defining which CRIU features should be queried.
Currently only the querying of the features FEATURE_MEM_TRACK and
FEATURE_LAZY_PAGES is supported.
Signed-off-by: Adrian Reber <areber@redhat.com>
