Commit Graph

9063 Commits

Author SHA1 Message Date
Christian Brauner
52d08ab033
cgroups/cgfsng: rework cgfsng_escape()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:16:59 +01:00
Christian Brauner
4490328e59
cgroups/cgfsng: rework cgfsng_payload_enter()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
f3839f1225
cgroups/cgfsng: rework cgfsng_payload_create()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
53675a8d1f
tree-wide: s/__unused/__lxc_unused/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
ad275c1605
cgroups/cgfsng: rework cgroup attach
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
6e8703a411
cgroups/cgfsng: don't dereference NULL-pointer
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
803e41235f
cgroups/cgfsng: log chown_cgroup_wrapper()
It's becoming more important on cgroup2 to properly delegate cgroups.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
d606c4e9d2
cgroups/cgfsng: rework cgroup2 unprivileged delegation
We accidently checked files to delegate for privileged container and not for
unprivileged containers in the pure unified case. Fix that and clean up the
delegation file parsing.

Closes #3206.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
61fbc369f9
cgroups/cgfsng: rework cgfsng_{monitor,payload}_delegate_controllers()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
797fa65e6d
cgroups/cgfsng: rework cgfsng_monitor_enter()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:13:37 +01:00
Christian Brauner
0d66e29ae6
cgroups/cgfsng: rework cgfsng_monitor_create()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-08 00:10:30 +01:00
Christian Brauner
b376d3d03a
cgroups/cgfsng: rework cgfsng_monitor_destroy()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 18:08:25 +01:00
Christian Brauner
fc1c3af911
cgroups/cgfsng: rework cgfsng_payload_destroy()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 18:04:17 +01:00
Christian Brauner
41ad3c9068
log: remove unused compiler attribute
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:40:32 +01:00
Christian Brauner
9ff57a5918
start: replace compiler attributes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:40:05 +01:00
Christian Brauner
47d8afa2a6
log: replace compiler attributes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:39:49 +01:00
Christian Brauner
8110276810
attach: replace closing helpers
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:39:03 +01:00
Christian Brauner
1a080cd740
compiler: add __unused attribute
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:38:42 +01:00
Christian Brauner
08e8091de8
{log, macro}: remove unused logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:31:50 +01:00
Christian Brauner
b18f6aac91
lxccontainer: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:31:36 +01:00
Christian Brauner
bf39128d81
confile_utils: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:31:21 +01:00
Christian Brauner
341e6516f2
cgroups: rework return values of some functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:30:57 +01:00
Christian Brauner
55cc111685
cgroups/cgroup2_devices: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:30:07 +01:00
Christian Brauner
102dca2622
cgroups/cgroup: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:29:12 +01:00
Christian Brauner
d220323012
cgroups/cgfsng: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:28:06 +01:00
Christian Brauner
21fce08cb6
confile: replace logging helpers
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:25:28 +01:00
Christian Brauner
596a002c68
network: replace logging helpers
s/error_log_errno(/log_error_errno(-1, /g
s/minus_one_set_errno(/ret_set_errno(-1, /g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:24:29 +01:00
Christian Brauner
3d0327ed24
commands: replace logging helpers
s/error_log_errno(/log_error_errno(-1, /g
s/minus_one_set_errno(/ret_set_errno(-1, /g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:23:24 +01:00
Christian Brauner
540a2f7092
attach: s/minus_one_set_errno(/ret_set_errno(-1, /g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:22:53 +01:00
Christian Brauner
db1b8b0f5e
af_unix: s/minus_one_set_errno(/ret_set_errno(-1, /g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:22:14 +01:00
Christian Brauner
9958e6fe7f
macro: add ret_errno()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:21:53 +01:00
Christian Brauner
2b0c584613
log: rearrange
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-07 17:21:18 +01:00
Stéphane Graber
0374aacd73
Merge pull request #3215 from brauner/cgroup2_controller_delegation
cgroup2: rework controller delegation
2019-12-06 09:54:57 -05:00
Christian Brauner
c581d2a673
cgroup2: rework controller delegation
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-06 15:38:33 +01:00
Christian Brauner
92ef1f8ae2
Merge pull request #3214 from Rachid-Koucha/patch-1
"busy" field init to -1 instead of 0
2019-12-06 15:34:14 +01:00
Christian Brauner
6b3dccea88
Merge pull request #3213 from blenk92/fix-mount-parsing
config: Fix parsing of mount options
2019-12-06 15:10:27 +01:00
Rachid Koucha
730aaf46e0
"busy" field set to -1 instead of 0
"busy" field is assigned with the command socket descriptor when the terminal is in use. So, use "-1" to disable it.

Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
2019-12-06 15:07:47 +01:00
Rachid Koucha
7581d645ee
"busy" field set to 1 instead of 0
"busy" field is assigned with the command socket descriptor when the terminal is in use. So, use "-1" to disable it.

Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
2019-12-06 15:04:31 +01:00
Rachid Koucha
dd3de5683d
Init "busy" field to -1 as 0 is valid fd
"busy" field is assigned with the command socket descriptor when the terminal is in use. So, use "-1" to disable it.
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
2019-12-06 14:59:52 +01:00
Maximilian Blenk
85c2de3902 config: Fix parsing of mount options
When parsing mount options e.g. from lxc.mount.entry the specified
options are mapped to the flags constants. To do so, the strings
are compared to the options contained in mount_opt. However,
when comparing the strings, the length of the string is not
checked. That entails that the option "rootcontext=selinux-context"
is mapped to the mount option read-only (ro). This commit fixes
this issue by checking if a '=' is contained in the specified option
and additionally comparing the length of the strings.

Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de>
2019-12-06 14:17:37 +01:00
Stéphane Graber
750012991f
Merge pull request #3204 from brauner/switch_to_spdx
lxc: switch to SPDX
2019-12-04 09:59:20 -05:00
Stéphane Graber
8a7d02b712
Merge pull request #3207 from brauner/cgroup2_improvements_2
cgroups: improve container cgroup attaching
2019-12-04 09:57:57 -05:00
Christian Brauner
9994db5125
cgroups/devices: correctly verify bpf device useability in cgfsng_devices_activate()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-04 14:03:48 +01:00
Christian Brauner
900b660658
cgroups: improve container cgroup attaching
The current attach.c codepath which handles moving the attaching process into
the container's cgroups allocates a whole new struct cgroup_ops and goes
through the trouble of reparsing the whole cgroup layout.
That's costly and wasteful. My plan has always been to move this into the
command api by getting fds for attaching back but but it's not worth going
through that hazzle for non-unified hosts. On pure unified hosts however -
being the future - we can just attach through a single fd so there's no need to
allocate and setup struct cgroup_ops.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-04 13:53:56 +01:00
Christian Brauner
cc73685dd0
lxc: switch to SPDX
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-04 13:48:46 +01:00
Christian Brauner
23a917e5d2
commands: use logging return helpers
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-04 13:26:23 +01:00
Stéphane Graber
c10ac1b13b
Merge pull request #3205 from brauner/cgroup2_improvements
cgroup: add command to retrieve cgroup2 fd and rework cgroup2 attach
2019-12-03 22:57:08 -05:00
Christian Brauner
bad788b08f
cgfsng: rework cgroup2 attach
On pure unified systemd we can use a single file descriptor to interact with
the cgroup filesystem. Add a method to retrieve it and as a start use it in our
unified attach codepath.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-04 02:56:25 +01:00
Christian Brauner
6900ebfa2d
cgroups/devices: do not log error when bpf device feature is not available
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-04 00:55:42 +01:00
Stéphane Graber
02294d4ef7
Merge pull request #3203 from brauner/freezer_fixes
freezer: cleanup
2019-12-03 17:41:11 -05:00