[lxc-devel] [lxc/master] new mount api support: basics
brauner on Github
lxc-bot at linuxcontainers.org
Wed Jul 22 17:22:18 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200722/9bc3ce38/attachment-0001.bin>
-------------- next part --------------
From 63c2a0bf06d5ddd7cbbc908ea1e403b69f4b6a0c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sat, 18 Jul 2020 19:07:31 +0200
Subject: [PATCH 01/37] confile: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 25 +++++++++++++++++++
src/lxc/confile.h | 57 ++++++++++++++++++++-----------------------
src/tests/Makefile.am | 18 +++++++++++++-
3 files changed, 68 insertions(+), 32 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 814d96d210..4adcc679d7 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -334,6 +334,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -341,60 +342,70 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -402,6 +413,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -409,6 +421,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -416,30 +429,35 @@ lxc_start_SOURCES = tools/lxc_start.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -448,12 +466,14 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -461,12 +481,14 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
endif
@@ -488,6 +510,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
@@ -500,6 +523,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
log.c log.h \
memory_utils.h \
network.c network.h \
@@ -514,6 +538,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
file_utils.c file_utils.h \
list.h \
log.c log.h \
diff --git a/src/lxc/confile.h b/src/lxc/confile.h
index a457c9a17f..df80f639a3 100644
--- a/src/lxc/confile.h
+++ b/src/lxc/confile.h
@@ -45,66 +45,61 @@ struct new_config_item {
};
/* Get the jump table entry for the given configuration key. */
-extern struct lxc_config_t *lxc_get_config(const char *key);
+__hidden extern struct lxc_config_t *lxc_get_config(const char *key);
/* List all available config items. */
-extern int lxc_list_config_items(char *retv, int inlen)
+__hidden extern int lxc_list_config_items(char *retv, int inlen)
__access_rw(1, 2);
/* Given a configuration key namespace (e.g. lxc.apparmor) list all associated
* subkeys for that namespace.
* Must be implemented when adding a new configuration key.
*/
-extern int lxc_list_subkeys(struct lxc_conf *conf, const char *key, char *retv,
- int inlen)
-__access_rw(3, 4);
+__hidden extern int lxc_list_subkeys(struct lxc_conf *conf, const char *key, char *retv, int inlen)
+ __access_rw(3, 4);
/* List all configuration items associated with a given network. For example
* pass "lxc.net.[i]" to retrieve all configuration items associated with
* the network associated with index [i].
*/
-extern int lxc_list_net(struct lxc_conf *c, const char *key, char *retv,
- int inlen)
-__access_rw(3, 4);
+__hidden extern int lxc_list_net(struct lxc_conf *c, const char *key, char *retv, int inlen)
+ __access_rw(3, 4);
-extern int lxc_config_read(const char *file, struct lxc_conf *conf,
- bool from_include);
+__hidden extern int lxc_config_read(const char *file, struct lxc_conf *conf, bool from_include);
-extern int append_unexp_config_line(const char *line, struct lxc_conf *conf);
+__hidden extern int append_unexp_config_line(const char *line, struct lxc_conf *conf);
-extern int lxc_config_define_add(struct lxc_list *defines, char* arg);
+__hidden extern int lxc_config_define_add(struct lxc_list *defines, char *arg);
-extern bool lxc_config_define_load(struct lxc_list *defines,
- struct lxc_container *c);
+__hidden extern bool lxc_config_define_load(struct lxc_list *defines, struct lxc_container *c);
-extern void lxc_config_define_free(struct lxc_list *defines);
+__hidden extern void lxc_config_define_free(struct lxc_list *defines);
/* needed for lxc-attach */
-extern signed long lxc_config_parse_arch(const char *arch);
+__hidden extern signed long lxc_config_parse_arch(const char *arch);
-extern int lxc_fill_elevated_privileges(char *flaglist, int *flags);
+__hidden extern int lxc_fill_elevated_privileges(char *flaglist, int *flags);
-extern int lxc_clear_config_item(struct lxc_conf *c, const char *key);
+__hidden extern int lxc_clear_config_item(struct lxc_conf *c, const char *key);
-extern int write_config(int fd, const struct lxc_conf *conf);
+__hidden extern int write_config(int fd, const struct lxc_conf *conf);
-extern bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key,
- const char *v);
+__hidden extern bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key,
+ const char *v);
/* These are used when cloning a container */
-extern void clear_unexp_config_line(struct lxc_conf *conf, const char *key,
- bool rm_subkeys);
+__hidden extern void clear_unexp_config_line(struct lxc_conf *conf, const char *key, bool rm_subkeys);
-extern bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
- const char *newpath, const char *oldname,
- const char *newmame);
+__hidden extern bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
+ const char *newpath, const char *oldname,
+ const char *newmame);
-bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
- const char *newpath, const char *oldname,
- const char *newname, const char *ovldir);
+__hidden extern bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
+ const char *newpath, const char *oldname,
+ const char *newname, const char *ovldir);
-extern bool network_new_hwaddrs(struct lxc_conf *conf);
+__hidden extern bool network_new_hwaddrs(struct lxc_conf *conf);
-extern int add_elem_to_mount_list(const char *value, struct lxc_conf *lxc_conf);
+__hidden extern int add_elem_to_mount_list(const char *value, struct lxc_conf *lxc_conf);
#endif /* __LXC_CONFILE_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 0380f89b57..78a7b1aa00 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -8,12 +8,25 @@ lxc_test_attach_SOURCES = attach.c
lxc_test_basic_SOURCES = basic.c
lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_clonetest_SOURCES = clonetest.c
lxc_test_concurrent_SOURCES = concurrent.c
-lxc_test_config_jump_table_SOURCES = config_jump_table.c lxctest.h
+lxc_test_config_jump_table_SOURCES = config_jump_table.c \
+ lxctest.h \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_console_SOURCES = console.c
lxc_test_console_log_SOURCES = console_log.c lxctest.h
lxc_test_containertests_SOURCES = containertests.c
@@ -56,12 +69,15 @@ AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXCPATH=\"$(LXCPATH)\" \
-DLXC_GLOBAL_CONF=\"$(LXC_GLOBAL_CONF)\" \
-DLXCINITDIR=\"$(LXCINITDIR)\" \
+ -DLIBEXECDIR=\"$(LIBEXECDIR)\" \
-DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \
-DRUNTIME_PATH=\"$(RUNTIME_PATH)\" \
+ -DSBINDIR=\"$(SBINDIR)\" \
-I $(top_srcdir)/src \
-I $(top_srcdir)/src/lxc \
-I $(top_srcdir)/src/lxc/cgroups \
-I $(top_srcdir)/src/lxc/tools \
+ -I $(top_srcdir)/src/lxc/storage \
-pthread
if ENABLE_APPARMOR
From f64e249db789bbe05e8228f07032b34b06158f77 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:10:28 +0200
Subject: [PATCH 02/37] confile_utils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 25 ++++++++++++++
src/lxc/confile_utils.h | 74 +++++++++++++++++++----------------------
src/tests/Makefile.am | 28 ++++++++++++++--
3 files changed, 85 insertions(+), 42 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 4adcc679d7..de22ab0cdf 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -335,6 +335,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -343,6 +344,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
@@ -350,6 +352,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
@@ -357,6 +360,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
@@ -364,6 +368,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
@@ -371,6 +376,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
@@ -378,6 +384,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
@@ -385,6 +392,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
@@ -392,6 +400,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
@@ -399,6 +408,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
@@ -406,6 +416,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -414,6 +425,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -422,6 +434,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -430,6 +443,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
@@ -437,6 +451,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
@@ -444,6 +459,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
@@ -451,6 +467,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
@@ -458,6 +475,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -467,6 +485,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
@@ -474,6 +493,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -482,6 +502,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
@@ -489,6 +510,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
endif
@@ -511,6 +533,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
@@ -524,6 +547,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
log.c log.h \
memory_utils.h \
network.c network.h \
@@ -539,6 +563,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
list.h \
log.c log.h \
diff --git a/src/lxc/confile_utils.h b/src/lxc/confile_utils.h
index 7c59deae5a..3da1f462a3 100644
--- a/src/lxc/confile_utils.h
+++ b/src/lxc/confile_utils.h
@@ -29,48 +29,44 @@
} \
} while (0);
-extern int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
- unsigned long *hostid, unsigned long *range);
+__hidden extern int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
+ unsigned long *hostid, unsigned long *range);
-extern bool lxc_config_value_empty(const char *value);
-extern struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx,
- bool tail);
-extern struct lxc_netdev *
-lxc_get_netdev_by_idx(struct lxc_conf *conf, unsigned int idx, bool allocate);
-extern void lxc_log_configured_netdevs(const struct lxc_conf *conf);
-extern bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx);
-extern void lxc_free_networks(struct lxc_list *networks);
-extern int lxc_veth_mode_to_flag(int *mode, const char *value);
-extern char *lxc_veth_flag_to_mode(int mode);
-extern int lxc_macvlan_mode_to_flag(int *mode, const char *value);
-extern char *lxc_macvlan_flag_to_mode(int mode);
-extern int lxc_ipvlan_mode_to_flag(int *mode, const char *value);
-extern char *lxc_ipvlan_flag_to_mode(int mode);
-extern int lxc_ipvlan_isolation_to_flag(int *mode, const char *value);
-extern char *lxc_ipvlan_flag_to_isolation(int mode);
+__hidden extern bool lxc_config_value_empty(const char *value);
+__hidden extern struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx, bool tail);
+__hidden extern struct lxc_netdev *lxc_get_netdev_by_idx(struct lxc_conf *conf, unsigned int idx,
+ bool allocate);
+__hidden extern void lxc_log_configured_netdevs(const struct lxc_conf *conf);
+__hidden extern bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx);
+__hidden extern void lxc_free_networks(struct lxc_list *networks);
+__hidden extern int lxc_veth_mode_to_flag(int *mode, const char *value);
+__hidden extern char *lxc_veth_flag_to_mode(int mode);
+__hidden extern int lxc_macvlan_mode_to_flag(int *mode, const char *value);
+__hidden extern char *lxc_macvlan_flag_to_mode(int mode);
+__hidden extern int lxc_ipvlan_mode_to_flag(int *mode, const char *value);
+__hidden extern char *lxc_ipvlan_flag_to_mode(int mode);
+__hidden extern int lxc_ipvlan_isolation_to_flag(int *mode, const char *value);
+__hidden extern char *lxc_ipvlan_flag_to_isolation(int mode);
-extern int set_config_string_item(char **conf_item, const char *value);
-extern int set_config_string_item_max(char **conf_item, const char *value,
- size_t max)
-__access_r(2, 3);
+__hidden extern int set_config_string_item(char **conf_item, const char *value);
+__hidden extern int set_config_string_item_max(char **conf_item, const char *value, size_t max)
+ __access_r(2, 3);
-extern int set_config_path_item(char **conf_item, const char *value);
-extern int set_config_bool_item(bool *conf_item, const char *value,
- bool empty_conf_action);
-extern int config_ip_prefix(struct in_addr *addr);
-extern int network_ifname(char *valuep, const char *value, size_t size)
-__access_r(2, 3);
+__hidden extern int set_config_path_item(char **conf_item, const char *value);
+__hidden extern int set_config_bool_item(bool *conf_item, const char *value, bool empty_conf_action);
+__hidden extern int config_ip_prefix(struct in_addr *addr);
+__hidden extern int network_ifname(char *valuep, const char *value, size_t size) __access_r(2, 3);
-extern void rand_complete_hwaddr(char *hwaddr);
-extern bool lxc_config_net_is_hwaddr(const char *line);
-extern bool new_hwaddr(char *hwaddr);
-extern int lxc_get_conf_str(char *retv, int inlen, const char *value);
-extern int lxc_get_conf_bool(struct lxc_conf *c, char *retv, int inlen, bool v);
-extern int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v);
-extern int lxc_get_conf_size_t(struct lxc_conf *c, char *retv, int inlen, size_t v);
-extern int lxc_get_conf_uint64(struct lxc_conf *c, char *retv, int inlen, uint64_t v);
-extern int lxc_inherit_namespace(const char *lxcname_or_pid,
- const char *lxcpath, const char *namespace);
-extern int sig_parse(const char *signame);
+__hidden extern void rand_complete_hwaddr(char *hwaddr);
+__hidden extern bool lxc_config_net_is_hwaddr(const char *line);
+__hidden extern bool new_hwaddr(char *hwaddr);
+__hidden extern int lxc_get_conf_str(char *retv, int inlen, const char *value);
+__hidden extern int lxc_get_conf_bool(struct lxc_conf *c, char *retv, int inlen, bool v);
+__hidden extern int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v);
+__hidden extern int lxc_get_conf_size_t(struct lxc_conf *c, char *retv, int inlen, size_t v);
+__hidden extern int lxc_get_conf_uint64(struct lxc_conf *c, char *retv, int inlen, uint64_t v);
+__hidden extern int lxc_inherit_namespace(const char *lxcname_or_pid, const char *lxcpath,
+ const char *namespace);
+__hidden extern int sig_parse(const char *signame);
#endif /* __LXC_CONFILE_UTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 78a7b1aa00..bdf8fdcce6 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -13,6 +13,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -22,8 +23,11 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -43,7 +47,15 @@ lxc_test_lxcpath_SOURCES = lxcpath.c
lxc_test_may_control_SOURCES = may_control.c
lxc_test_mount_injection_SOURCES = mount_injection.c lxctest.h
lxc_test_parse_config_file_SOURCES = parse_config_file.c \
- lxctest.h
+ lxctest.h \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
../lxc/namespace.c ../lxc/namespace.h \
@@ -62,8 +74,18 @@ lxc_test_startone_SOURCES = startone.c
lxc_test_state_server_SOURCES = state_server.c \
lxctest.h \
../lxc/compiler.h
-lxc_test_utils_SOURCES = lxc-test-utils.c lxctest.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+lxc_test_utils_SOURCES = lxc-test-utils.c \
+ lxctest.h \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXCPATH=\"$(LXCPATH)\" \
From 590b39e50bbd8fff52efad3b39e0edf359121301 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:11:14 +0200
Subject: [PATCH 03/37] criu: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/criu.h | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lxc/criu.h b/src/lxc/criu.h
index 3411542aee..2e0ca7febb 100644
--- a/src/lxc/criu.h
+++ b/src/lxc/criu.h
@@ -7,9 +7,9 @@
#include <lxc/lxccontainer.h>
-extern bool __criu_pre_dump(struct lxc_container *c, struct migrate_opts *opts);
-extern bool __criu_dump(struct lxc_container *c, struct migrate_opts *opts);
-extern bool __criu_restore(struct lxc_container *c, struct migrate_opts *opts);
-extern bool __criu_check_feature(uint64_t *features_to_check);
+__hidden extern bool __criu_pre_dump(struct lxc_container *c, struct migrate_opts *opts);
+__hidden extern bool __criu_dump(struct lxc_container *c, struct migrate_opts *opts);
+__hidden extern bool __criu_restore(struct lxc_container *c, struct migrate_opts *opts);
+__hidden extern bool __criu_check_feature(uint64_t *features_to_check);
#endif
From a10ce5a8a5cee0abfc8b5c44b3d1fb66712d2f25 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:11:48 +0200
Subject: [PATCH 04/37] error: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 2 +-
src/lxc/error.c | 2 +-
src/lxc/error.h | 4 +++-
3 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index de22ab0cdf..d1a4498cda 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -518,7 +518,7 @@ if ENABLE_COMMANDS
# Binaries shipping with liblxc
init_lxc_SOURCES = cmd/lxc_init.c \
compiler.h \
- error.h \
+ error.c error.h \
initutils.c initutils.h \
memory_utils.h \
parse.c parse.h \
diff --git a/src/lxc/error.c b/src/lxc/error.c
index 6e49eca2da..51fe5092aa 100644
--- a/src/lxc/error.c
+++ b/src/lxc/error.c
@@ -18,7 +18,7 @@ lxc_log_define(error, lxc);
* 128+n signal n received by the application
* 255 lxc error
*/
-extern int lxc_error_set_and_log(int pid, int status)
+int lxc_error_set_and_log(int pid, int status)
{
int ret = 0;
diff --git a/src/lxc/error.h b/src/lxc/error.h
index 49323d5bfc..3934585201 100644
--- a/src/lxc/error.h
+++ b/src/lxc/error.h
@@ -6,6 +6,8 @@
#define LXC_CLONE_ERROR "Failed to clone a new set of namespaces"
#define LXC_UNPRIV_EOPNOTSUPP "the requested function %s is not currently supported with unprivileged containers"
-extern int lxc_error_set_and_log(int pid, int status);
+#include "compiler.h"
+
+__hidden extern int lxc_error_set_and_log(int pid, int status);
#endif
From 4a9ee78a84589118d5ff3bf2fa94caa4adca2ffc Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:21:38 +0200
Subject: [PATCH 05/37] file_utils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 26 +++++++++++-
src/lxc/file_utils.h | 92 +++++++++++++++++++------------------------
src/tests/Makefile.am | 39 ++++++++++++++++--
3 files changed, 101 insertions(+), 56 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index d1a4498cda..0cb3be1680 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -336,6 +336,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -345,6 +346,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
@@ -353,6 +355,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
@@ -361,6 +364,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
@@ -369,6 +373,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
@@ -377,6 +382,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
@@ -385,6 +391,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
@@ -393,6 +400,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
@@ -401,6 +409,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
@@ -409,6 +418,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
@@ -417,6 +427,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -426,6 +437,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -435,6 +447,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -444,6 +457,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
@@ -452,6 +466,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
@@ -460,6 +475,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
@@ -468,6 +484,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
@@ -476,6 +493,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -486,6 +504,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
@@ -494,6 +513,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -503,6 +523,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
@@ -511,6 +532,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
endif
@@ -520,6 +542,7 @@ init_lxc_SOURCES = cmd/lxc_init.c \
compiler.h \
error.c error.h \
initutils.c initutils.h \
+ file_utils.c file_utils.h \
memory_utils.h \
parse.c parse.h \
process_utils.c process_utils.h \
@@ -534,6 +557,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
@@ -548,6 +572,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
log.c log.h \
memory_utils.h \
network.c network.h \
@@ -555,7 +580,6 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
parse.c parse.h \
process_utils.c process_utils.h \
syscall_numbers.h \
- file_utils.c file_utils.h \
string_utils.c string_utils.h \
syscall_wrappers.h
lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
diff --git a/src/lxc/file_utils.h b/src/lxc/file_utils.h
index 6f11ec9d7a..a759a6f361 100644
--- a/src/lxc/file_utils.h
+++ b/src/lxc/file_utils.h
@@ -15,73 +15,63 @@
#include "compiler.h"
/* read and write whole files */
-extern int lxc_write_to_file(const char *filename, const void *buf,
- size_t count, bool add_newline, mode_t mode)
-__access_r(2, 3);
+__hidden extern int lxc_write_to_file(const char *filename, const void *buf, size_t count,
+ bool add_newline, mode_t mode) __access_r(2, 3);
-extern int lxc_readat(int dirfd, const char *filename, void *buf, size_t count)
-__access_w(3, 4);
+__hidden extern int lxc_readat(int dirfd, const char *filename, void *buf, size_t count)
+ __access_w(3, 4);
-extern int lxc_writeat(int dirfd, const char *filename, const void *buf,
- size_t count)
-__access_r(3, 4);
+__hidden extern int lxc_writeat(int dirfd, const char *filename, const void *buf, size_t count)
+ __access_r(3, 4);
-extern int lxc_write_openat(const char *dir, const char *filename,
- const void *buf, size_t count)
-__access_r(3, 4);
+__hidden extern int lxc_write_openat(const char *dir, const char *filename, const void *buf,
+ size_t count) __access_r(3, 4);
-extern int lxc_read_from_file(const char *filename, void *buf, size_t count)
-__access_w(2, 3);
+__hidden extern int lxc_read_from_file(const char *filename, void *buf, size_t count)
+ __access_w(2, 3);
/* send and receive buffers completely */
-extern ssize_t lxc_write_nointr(int fd, const void *buf, size_t count)
-__access_r(2, 3);
+__hidden extern ssize_t lxc_write_nointr(int fd, const void *buf, size_t count) __access_r(2, 3);
-extern ssize_t lxc_pwrite_nointr(int fd, const void *buf, size_t count,
- off_t offset)
-__access_r(2, 3);
+__hidden extern ssize_t lxc_pwrite_nointr(int fd, const void *buf, size_t count, off_t offset)
+ __access_r(2, 3);
-extern ssize_t lxc_send_nointr(int sockfd, void *buf, size_t len, int flags)
-__access_r(2, 3);
+__hidden extern ssize_t lxc_send_nointr(int sockfd, void *buf, size_t len, int flags)
+ __access_r(2, 3);
-extern ssize_t lxc_read_nointr(int fd, void *buf, size_t count)
-__access_w(2, 3);
+__hidden extern ssize_t lxc_read_nointr(int fd, void *buf, size_t count) __access_w(2, 3);
-extern ssize_t lxc_read_nointr_expect(int fd, void *buf, size_t count,
- const void *expected_buf)
-__access_w(2, 3);
+__hidden extern ssize_t lxc_read_nointr_expect(int fd, void *buf, size_t count,
+ const void *expected_buf) __access_w(2, 3);
-extern ssize_t lxc_read_file_expect(const char *path, void *buf, size_t count,
- const void *expected_buf)
-__access_w(2, 3);
+__hidden extern ssize_t lxc_read_file_expect(const char *path, void *buf, size_t count,
+ const void *expected_buf) __access_w(2, 3);
-extern ssize_t lxc_recv_nointr(int sockfd, void *buf, size_t len, int flags)
-__access_w(2, 3);
+__hidden extern ssize_t lxc_recv_nointr(int sockfd, void *buf, size_t len, int flags)
+ __access_w(2, 3);
-ssize_t lxc_recvmsg_nointr_iov(int sockfd, struct iovec *iov, size_t iovlen,
- int flags);
+__hidden extern ssize_t lxc_recvmsg_nointr_iov(int sockfd, struct iovec *iov, size_t iovlen,
+ int flags);
-extern bool file_exists(const char *f);
-extern int print_to_file(const char *file, const char *content);
-extern int is_dir(const char *path);
-extern int lxc_count_file_lines(const char *fn);
-extern int lxc_make_tmpfile(char *template, bool rm);
+__hidden extern bool file_exists(const char *f);
+__hidden extern int print_to_file(const char *file, const char *content);
+__hidden extern int is_dir(const char *path);
+__hidden extern int lxc_count_file_lines(const char *fn);
+__hidden extern int lxc_make_tmpfile(char *template, bool rm);
/* __typeof__ should be safe to use with all compilers. */
typedef __typeof__(((struct statfs *)NULL)->f_type) fs_type_magic;
-extern bool has_fs_type(const char *path, fs_type_magic magic_val);
-extern bool fhas_fs_type(int fd, fs_type_magic magic_val);
-extern bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
-extern FILE *fopen_cloexec(const char *path, const char *mode);
-extern ssize_t lxc_sendfile_nointr(int out_fd, int in_fd, off_t *offset,
- size_t count);
-extern char *file_to_buf(const char *path, size_t *length);
-extern int fd_to_buf(int fd, char **buf, size_t *length);
-extern int fd_to_fd(int from, int to);
-extern int lxc_open_dirfd(const char *dir);
-extern FILE *fdopen_cached(int fd, const char *mode, void **caller_freed_buffer);
-extern FILE *fopen_cached(const char *path, const char *mode,
- void **caller_freed_buffer);
-extern int timens_offset_write(clockid_t clk_id, int64_t s_offset, int64_t ns_offset);
+__hidden extern bool has_fs_type(const char *path, fs_type_magic magic_val);
+__hidden extern bool fhas_fs_type(int fd, fs_type_magic magic_val);
+__hidden extern bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
+__hidden extern FILE *fopen_cloexec(const char *path, const char *mode);
+__hidden extern ssize_t lxc_sendfile_nointr(int out_fd, int in_fd, off_t *offset, size_t count);
+__hidden extern char *file_to_buf(const char *path, size_t *length);
+__hidden extern int fd_to_buf(int fd, char **buf, size_t *length);
+__hidden extern int fd_to_fd(int from, int to);
+__hidden extern int lxc_open_dirfd(const char *dir);
+__hidden extern FILE *fdopen_cached(int fd, const char *mode, void **caller_freed_buffer);
+__hidden extern FILE *fopen_cached(const char *path, const char *mode, void **caller_freed_buffer);
+__hidden extern int timens_offset_write(clockid_t clk_id, int64_t s_offset, int64_t ns_offset);
#endif /* __LXC_FILE_UTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index bdf8fdcce6..5309d5a7d6 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -2,9 +2,31 @@ if ENABLE_TESTS
LDADD = ../lxc/liblxc.la
-lxc_test_api_reboot_SOURCES = api_reboot.c
+lxc_test_api_reboot_SOURCES = api_reboot.c \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_apparmor_SOURCES = aa.c
-lxc_test_attach_SOURCES = attach.c
+lxc_test_attach_SOURCES = attach.c \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_basic_SOURCES = basic.c
lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -14,6 +36,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -28,6 +51,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -45,7 +69,10 @@ lxc_test_list_SOURCES = list.c
lxc_test_locktests_SOURCES = locktests.c
lxc_test_lxcpath_SOURCES = lxcpath.c
lxc_test_may_control_SOURCES = may_control.c
-lxc_test_mount_injection_SOURCES = mount_injection.c lxctest.h
+lxc_test_mount_injection_SOURCES = mount_injection.c \
+ lxctest.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_parse_config_file_SOURCES = parse_config_file.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -53,6 +80,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -67,7 +95,9 @@ lxc_test_saveconfig_SOURCES = saveconfig.c
lxc_test_share_ns_SOURCES = share_ns.c \
lxctest.h \
../lxc/compiler.h
-lxc_test_shortlived_SOURCES = shortlived.c
+lxc_test_shortlived_SOURCES = shortlived.c \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_shutdowntest_SOURCES = shutdowntest.c
lxc_test_snapshot_SOURCES = snapshot.c
lxc_test_startone_SOURCES = startone.c
@@ -83,6 +113,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
From f575e7efccdabdde1d61db4f83b5124c31b1b58c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:32:52 +0200
Subject: [PATCH 06/37] initutils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 29 +++++++++++++++++++++++++++--
src/lxc/initutils.h | 5 +++--
src/tests/Makefile.am | 7 +++++++
3 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 0cb3be1680..472e8dfbc2 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -337,6 +337,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -347,6 +348,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
@@ -356,6 +358,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
@@ -365,6 +368,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
@@ -374,6 +378,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
@@ -383,6 +388,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
@@ -392,6 +398,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
@@ -401,6 +408,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
@@ -410,6 +418,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
@@ -419,6 +428,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
@@ -428,6 +438,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -438,6 +449,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -448,6 +460,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -458,6 +471,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
@@ -467,6 +481,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
@@ -476,6 +491,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
@@ -485,6 +501,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
@@ -494,6 +511,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -505,6 +523,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
@@ -514,6 +533,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -524,6 +544,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
@@ -533,6 +554,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
endif
@@ -541,8 +563,8 @@ if ENABLE_COMMANDS
init_lxc_SOURCES = cmd/lxc_init.c \
compiler.h \
error.c error.h \
- initutils.c initutils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
memory_utils.h \
parse.c parse.h \
process_utils.c process_utils.h \
@@ -558,6 +580,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
@@ -573,6 +596,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
log.c log.h \
memory_utils.h \
network.c network.h \
@@ -589,6 +613,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
list.h \
log.c log.h \
macro.h \
@@ -613,8 +638,8 @@ init_lxc_static_SOURCES = cmd/lxc_init.c \
af_unix.c af_unix.h \
caps.c caps.h \
error.c error.h \
- initutils.c initutils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
log.c log.h \
macro.h \
memory_utils.h \
diff --git a/src/lxc/initutils.h b/src/lxc/initutils.h
index e11c789c70..74cbb85661 100644
--- a/src/lxc/initutils.h
+++ b/src/lxc/initutils.h
@@ -15,6 +15,7 @@
#include <sys/types.h>
#include <unistd.h>
+#include "compiler.h"
#include "string_utils.h"
#define DEFAULT_VG "lxc"
@@ -47,8 +48,8 @@ struct prctl_mm_map {
};
#endif
-extern const char *lxc_global_config_value(const char *option_name);
+__hidden extern const char *lxc_global_config_value(const char *option_name);
-extern int setproctitle(char *title);
+__hidden extern int setproctitle(char *title);
#endif /* __LXC_INITUTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 5309d5a7d6..d587c4b7fa 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -11,6 +11,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -24,6 +25,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -37,6 +39,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -52,6 +55,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -81,6 +85,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -114,6 +119,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -124,6 +130,7 @@ AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXCINITDIR=\"$(LXCINITDIR)\" \
-DLIBEXECDIR=\"$(LIBEXECDIR)\" \
-DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \
+ -DDEFAULT_CGROUP_PATTERN=\"$(DEFAULT_CGROUP_PATTERN)\" \
-DRUNTIME_PATH=\"$(RUNTIME_PATH)\" \
-DSBINDIR=\"$(SBINDIR)\" \
-I $(top_srcdir)/src \
From 07d1f84ab27ff35e15259294f65445550b133826 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:45:34 +0200
Subject: [PATCH 07/37] log: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 24 ++++++++++++++++++++++++
src/lxc/file_utils.c | 4 ++--
src/lxc/log.h | 32 +++++++++++++++++---------------
src/lxc/utils.h | 6 ------
src/tests/Makefile.am | 17 ++++++++++++++---
5 files changed, 57 insertions(+), 26 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 472e8dfbc2..32ab6eeb06 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -338,6 +338,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -349,6 +350,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
@@ -359,6 +361,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
@@ -369,6 +372,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
@@ -379,6 +383,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
@@ -389,6 +394,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
@@ -399,6 +405,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
@@ -409,6 +416,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
@@ -419,6 +427,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
@@ -429,6 +438,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
@@ -439,6 +449,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -450,6 +461,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -461,6 +473,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -472,6 +485,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
@@ -482,6 +496,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
@@ -492,6 +507,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
@@ -502,6 +518,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
@@ -512,6 +529,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -524,6 +542,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
@@ -534,6 +553,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -545,6 +565,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
@@ -555,16 +576,19 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
endif
if ENABLE_COMMANDS
# Binaries shipping with liblxc
init_lxc_SOURCES = cmd/lxc_init.c \
+ caps.c caps.h \
compiler.h \
error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
memory_utils.h \
parse.c parse.h \
process_utils.c process_utils.h \
diff --git a/src/lxc/file_utils.c b/src/lxc/file_utils.c
index 0ec1f21c48..70791f29fa 100644
--- a/src/lxc/file_utils.c
+++ b/src/lxc/file_utils.c
@@ -8,16 +8,16 @@
#include <linux/magic.h>
#include <stdio.h>
#include <stdlib.h>
-#include <sys/stat.h>
#include <sys/sendfile.h>
+#include <sys/stat.h>
#include <sys/types.h>
+#include <time.h>
#include "config.h"
#include "file_utils.h"
#include "macro.h"
#include "memory_utils.h"
#include "string_utils.h"
-#include <time.h>
#include "utils.h"
int lxc_open_dirfd(const char *dir)
diff --git a/src/lxc/log.h b/src/lxc/log.h
index 3f91d9bc50..153302fdec 100644
--- a/src/lxc/log.h
+++ b/src/lxc/log.h
@@ -16,6 +16,7 @@
#include <syslog.h>
#include <time.h>
+#include "compiler.h"
#include "conf.h"
#include "config.h"
@@ -84,7 +85,7 @@ struct lxc_log_category {
};
#ifndef NO_LXC_CONF
-extern int lxc_log_use_global_fd;
+__hidden extern int lxc_log_use_global_fd;
#endif
/*
@@ -560,17 +561,18 @@ __lxc_unused static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
__internal_ret__; \
})
-extern int lxc_log_fd;
-
-extern int lxc_log_syslog(int facility);
-extern void lxc_log_syslog_enable(void);
-extern void lxc_log_syslog_disable(void);
-extern int lxc_log_set_level(int *dest, int level);
-extern int lxc_log_get_level(void);
-extern bool lxc_log_has_valid_level(void);
-extern int lxc_log_set_file(int *fd, const char *fname);
-extern const char *lxc_log_get_file(void);
-extern void lxc_log_set_prefix(const char *prefix);
-extern const char *lxc_log_get_prefix(void);
-extern void lxc_log_options_no_override(void);
-#endif
+__hidden extern int lxc_log_fd;
+
+__hidden extern int lxc_log_syslog(int facility);
+__hidden extern void lxc_log_syslog_enable(void);
+__hidden extern void lxc_log_syslog_disable(void);
+__hidden extern int lxc_log_set_level(int *dest, int level);
+__hidden extern int lxc_log_get_level(void);
+__hidden extern bool lxc_log_has_valid_level(void);
+__hidden extern int lxc_log_set_file(int *fd, const char *fname);
+__hidden extern const char *lxc_log_get_file(void);
+__hidden extern void lxc_log_set_prefix(const char *prefix);
+__hidden extern const char *lxc_log_get_prefix(void);
+__hidden extern void lxc_log_options_no_override(void);
+
+#endif /* __LXC_LOG_H */
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index 8c0e0c4aa5..8e6fbc44f5 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -203,12 +203,6 @@ extern int run_command(char *buf, size_t buf_size, int (*child_fn)(void *),
extern int run_command_status(char *buf, size_t buf_size, int (*child_fn)(void *),
void *args);
-/* return copy of string @entry; do not fail. */
-extern char *must_copy_string(const char *entry);
-
-/* Re-allocate a pointer, do not fail */
-extern void *must_realloc(void *orig, size_t sz);
-
extern bool lxc_nic_exists(char *nic);
static inline uint64_t lxc_getpagesize(void)
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index d587c4b7fa..cf1447b52c 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -12,6 +12,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -26,6 +27,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -40,6 +42,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -56,6 +59,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -86,15 +90,19 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/namespace.c ../lxc/namespace.h \
- ../lxc/process_utils.c ../lxc/process_utils.h
- ../lxc/utils.c ../lxc/utils.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/utils.c ../lxc/utils.h
lxc_test_reboot_SOURCES = reboot.c
lxc_test_saveconfig_SOURCES = saveconfig.c
lxc_test_share_ns_SOURCES = share_ns.c \
@@ -120,6 +128,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -129,6 +138,8 @@ AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXC_GLOBAL_CONF=\"$(LXC_GLOBAL_CONF)\" \
-DLXCINITDIR=\"$(LXCINITDIR)\" \
-DLIBEXECDIR=\"$(LIBEXECDIR)\" \
+ -DLOGPATH=\"$(LOGPATH)\" \
+ -DLXCTEMPLATEDIR=\"$(LXCTEMPLATEDIR)\" \
-DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \
-DDEFAULT_CGROUP_PATTERN=\"$(DEFAULT_CGROUP_PATTERN)\" \
-DRUNTIME_PATH=\"$(RUNTIME_PATH)\" \
From a7692df573ffd5a69eb086ac9e457c6bda961edb Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 17:22:31 +0200
Subject: [PATCH 08/37] lxclock: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/compiler.h | 4 ++++
src/lxc/lxclock.h | 22 ++++++++++++----------
src/tests/Makefile.am | 7 ++++++-
3 files changed, 22 insertions(+), 11 deletions(-)
diff --git a/src/lxc/compiler.h b/src/lxc/compiler.h
index 1852f1c0af..c230e510ce 100644
--- a/src/lxc/compiler.h
+++ b/src/lxc/compiler.h
@@ -79,4 +79,8 @@
#define __hidden __attribute__((visibility("hidden")))
#endif
+#ifndef __public
+#define __public __attribute__((visibility("default")))
+#endif
+
#endif /* __LXC_COMPILER_H */
diff --git a/src/lxc/lxclock.h b/src/lxc/lxclock.h
index 9f9bc3bf6d..38f49b5b4b 100644
--- a/src/lxc/lxclock.h
+++ b/src/lxc/lxclock.h
@@ -11,6 +11,8 @@
#include <time.h>
#include <unistd.h>
+#include "compiler.h"
+
#ifndef F_OFD_GETLK
#define F_OFD_GETLK 36
#endif
@@ -71,7 +73,7 @@ struct lxc_lock {
* freed when the container is freed), and \c u.f.fd = -1.
*
*/
-extern struct lxc_lock *lxc_newlock(const char *lxcpath, const char *name);
+__hidden extern struct lxc_lock *lxc_newlock(const char *lxcpath, const char *name);
/*!
* \brief Take an existing lock.
@@ -89,7 +91,7 @@ extern struct lxc_lock *lxc_newlock(const char *lxcpath, const char *name);
* (except in the test case) I may remove the support for it in sem as
* well.
*/
-extern int lxclock(struct lxc_lock *lock, int timeout);
+__hidden extern int lxclock(struct lxc_lock *lock, int timeout);
/*!
* \brief Unlock specified lock previously locked using \ref lxclock().
@@ -99,24 +101,24 @@ extern int lxclock(struct lxc_lock *lock, int timeout);
* \return \c 0 on success, \c -2 if provided lock was not already held,
* otherwise \c -1 with \c errno saved from \c fcntl(2) or sem_post function.
*/
-extern int lxcunlock(struct lxc_lock *lock);
+__hidden extern int lxcunlock(struct lxc_lock *lock);
/*!
* \brief Free a lock created by \ref lxc_newlock().
*
* \param lock Lock.
*/
-extern void lxc_putlock(struct lxc_lock *lock);
+__hidden extern void lxc_putlock(struct lxc_lock *lock);
/*!
* \brief Lock the current process.
*/
-extern void process_lock(void);
+__hidden extern void process_lock(void);
/*!
* \brief Unlock the current process.
*/
-extern void process_unlock(void);
+__hidden extern void process_unlock(void);
struct lxc_container;
@@ -127,14 +129,14 @@ struct lxc_container;
*
* \return As for \ref lxclock().
*/
-extern int container_mem_lock(struct lxc_container *c);
+__hidden extern int container_mem_lock(struct lxc_container *c);
/*!
* \brief Unlock the containers memory.
*
* \param c Container.
*/
-extern void container_mem_unlock(struct lxc_container *c);
+__hidden extern void container_mem_unlock(struct lxc_container *c);
/*!
* \brief Lock the containers disk data.
@@ -144,7 +146,7 @@ extern void container_mem_unlock(struct lxc_container *c);
* \return \c 0 on success, or an \ref lxclock() error return
* values on error.
*/
-extern int container_disk_lock(struct lxc_container *c);
+__hidden extern int container_disk_lock(struct lxc_container *c);
/*!
* \brief Unlock the containers disk data.
@@ -152,6 +154,6 @@ extern int container_disk_lock(struct lxc_container *c);
* \param c Container.
*
*/
-extern void container_disk_unlock(struct lxc_container *c);
+__hidden extern void container_disk_unlock(struct lxc_container *c);
#endif
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index cf1447b52c..8c84c1d2bc 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -74,7 +74,12 @@ lxc_test_device_add_remove_SOURCES = device_add_remove.c
lxc_test_getkeys_SOURCES = getkeys.c
lxc_test_get_item_SOURCES = get_item.c
lxc_test_list_SOURCES = list.c
-lxc_test_locktests_SOURCES = locktests.c
+lxc_test_locktests_SOURCES = locktests.c \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_lxcpath_SOURCES = lxcpath.c
lxc_test_may_control_SOURCES = may_control.c
lxc_test_mount_injection_SOURCES = mount_injection.c \
From d6e12907a06e7254540efea060a524f02959d56f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 17:26:12 +0200
Subject: [PATCH 09/37] lxcseccomp: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 104 +++++++++++++++++++++++++++++++++++++++++-
src/lxc/lxcseccomp.h | 29 ++++++------
src/tests/Makefile.am | 30 +++++++++++-
3 files changed, 146 insertions(+), 17 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 32ab6eeb06..2caaaad252 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -183,7 +183,7 @@ endif
endif
if ENABLE_SECCOMP
-liblxc_la_SOURCES += seccomp.c
+liblxc_la_SOURCES += seccomp.c lxcseccomp.h
endif
if !HAVE_STRLCPY
@@ -341,6 +341,10 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
log.c log.h \
rexec.c rexec.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_attach_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_autostart_SOURCES = tools/lxc_autostart.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -352,6 +356,10 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -363,6 +371,10 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -374,6 +386,10 @@ lxc_config_SOURCES = tools/lxc_config.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_config_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -385,6 +401,10 @@ lxc_console_SOURCES = tools/lxc_console.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_console_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -396,6 +416,10 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -407,6 +431,10 @@ lxc_device_SOURCES = tools/lxc_device.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_device_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -418,6 +446,10 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_execute_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -429,6 +461,10 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -440,6 +476,10 @@ lxc_info_SOURCES = tools/lxc_info.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_info_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -452,6 +492,10 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
log.c log.h \
macro.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_ls_SOURCES = tools/lxc_ls.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -464,6 +508,10 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
log.c log.h \
memory_utils.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_ls_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_copy_SOURCES = tools/lxc_copy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -476,6 +524,10 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
log.c log.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_copy_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_start_SOURCES = tools/lxc_start.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -487,6 +539,10 @@ lxc_start_SOURCES = tools/lxc_start.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_start_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -498,6 +554,10 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_stop_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -509,6 +569,10 @@ lxc_top_SOURCES = tools/lxc_top.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_top_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -520,6 +584,10 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -533,6 +601,10 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
+if ENABLE_SECCOMP
+lxc_unshare_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_wait_SOURCES = tools/lxc_wait.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -544,6 +616,10 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_wait_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -556,6 +632,10 @@ lxc_create_SOURCES = tools/lxc_create.c \
log.c log.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_create_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -567,6 +647,10 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -578,6 +662,10 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
+endif
+
endif
if ENABLE_COMMANDS
@@ -594,6 +682,9 @@ init_lxc_SOURCES = cmd/lxc_init.c \
process_utils.c process_utils.h \
syscall_numbers.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+init_lxc_SOURCES += seccomp.c lxcseccomp.h
+endif
init_lxc_LDFLAGS = -pthread
@@ -612,6 +703,10 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
string_utils.c string_utils.h \
syscall_numbers.h \
utils.c utils.h
+if ENABLE_SECCOMP
+lxc_monitord_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
af_unix.c af_unix.h \
@@ -630,6 +725,10 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
syscall_numbers.h \
string_utils.c string_utils.h \
syscall_wrappers.h
+if ENABLE_SECCOMP
+lxc_user_nic_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
af_unix.c af_unix.h \
caps.c caps.h \
@@ -645,6 +744,9 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
+if ENABLE_SECCOMP
+lxc_usernsexec_SOURCES += seccomp.c lxcseccomp.h
+endif
endif
diff --git a/src/lxc/lxcseccomp.h b/src/lxc/lxcseccomp.h
index d96a015b22..2e9bda5a43 100644
--- a/src/lxc/lxcseccomp.h
+++ b/src/lxc/lxcseccomp.h
@@ -16,6 +16,7 @@
#include <sys/un.h>
#endif
+#include "compiler.h"
#include "conf.h"
#include "config.h"
#include "memory_utils.h"
@@ -77,21 +78,19 @@ struct lxc_seccomp {
#endif /* HAVE_DECL_SECCOMP_NOTIFY_FD */
};
-extern int lxc_seccomp_load(struct lxc_conf *conf);
-extern int lxc_read_seccomp_config(struct lxc_conf *conf);
-extern void lxc_seccomp_free(struct lxc_seccomp *seccomp);
-extern int seccomp_notify_handler(int fd, uint32_t events, void *data,
- struct lxc_epoll_descr *descr);
-extern void seccomp_conf_init(struct lxc_conf *conf);
-extern int lxc_seccomp_setup_proxy(struct lxc_seccomp *seccomp,
- struct lxc_epoll_descr *descr,
- struct lxc_handler *handler);
-extern int lxc_seccomp_send_notifier_fd(struct lxc_seccomp *seccomp,
- int socket_fd);
-extern int lxc_seccomp_recv_notifier_fd(struct lxc_seccomp *seccomp,
- int socket_fd);
-extern int lxc_seccomp_add_notifier(const char *name, const char *lxcpath,
- struct lxc_seccomp *seccomp);
+__hidden extern int lxc_seccomp_load(struct lxc_conf *conf);
+__hidden extern int lxc_read_seccomp_config(struct lxc_conf *conf);
+__hidden extern void lxc_seccomp_free(struct lxc_seccomp *seccomp);
+__hidden extern int seccomp_notify_handler(int fd, uint32_t events, void *data,
+ struct lxc_epoll_descr *descr);
+__hidden extern void seccomp_conf_init(struct lxc_conf *conf);
+__hidden extern int lxc_seccomp_setup_proxy(struct lxc_seccomp *seccomp,
+ struct lxc_epoll_descr *descr,
+ struct lxc_handler *handler);
+__hidden extern int lxc_seccomp_send_notifier_fd(struct lxc_seccomp *seccomp, int socket_fd);
+__hidden extern int lxc_seccomp_recv_notifier_fd(struct lxc_seccomp *seccomp, int socket_fd);
+__hidden extern int lxc_seccomp_add_notifier(const char *name, const char *lxcpath,
+ struct lxc_seccomp *seccomp);
static inline int lxc_seccomp_get_notify_fd(struct lxc_seccomp *seccomp)
{
#if HAVE_DECL_SECCOMP_NOTIFY_FD
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 8c84c1d2bc..064b2b0f63 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -1,6 +1,11 @@
if ENABLE_TESTS
-LDADD = ../lxc/liblxc.la
+LDADD = ../lxc/liblxc.la \
+ @CAP_LIBS@ \
+ @OPENSSL_LIBS@ \
+ @SECCOMP_LIBS@ \
+ @SELINUX_LIBS@ \
+ @DLOG_LIBS@
lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -16,6 +21,10 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_apparmor_SOURCES = aa.c
lxc_test_attach_SOURCES = attach.c \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -31,6 +40,10 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_basic_SOURCES = basic.c
lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -46,6 +59,10 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_clonetest_SOURCES = clonetest.c
lxc_test_concurrent_SOURCES = concurrent.c
lxc_test_config_jump_table_SOURCES = config_jump_table.c \
@@ -63,6 +80,10 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_console_SOURCES = console.c
lxc_test_console_log_SOURCES = console_log.c lxctest.h
lxc_test_containertests_SOURCES = containertests.c
@@ -99,6 +120,10 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
../lxc/caps.c ../lxc/caps.h \
@@ -137,6 +162,9 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXCPATH=\"$(LXCPATH)\" \
From d50aa57f9b769df9f3a4dbfd80e44b61d5483055 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 17:47:58 +0200
Subject: [PATCH 10/37] mainloop: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 2 ++
src/lxc/mainloop.h | 20 +++++++++-----------
src/tests/Makefile.am | 5 +++++
3 files changed, 16 insertions(+), 11 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 2caaaad252..fd3eec9940 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -553,6 +553,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ mainloop.c mainloop.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -568,6 +569,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ mainloop.c mainloop.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
diff --git a/src/lxc/mainloop.h b/src/lxc/mainloop.h
index e6ab9a6d9e..2a16c94e06 100644
--- a/src/lxc/mainloop.h
+++ b/src/lxc/mainloop.h
@@ -5,6 +5,7 @@
#include <stdint.h>
+#include "compiler.h"
#include "list.h"
#include "memory_utils.h"
@@ -20,21 +21,18 @@ struct lxc_epoll_descr {
typedef int (*lxc_mainloop_callback_t)(int fd, uint32_t event, void *data,
struct lxc_epoll_descr *descr);
-extern int lxc_mainloop(struct lxc_epoll_descr *descr, int timeout_ms);
+__hidden extern int lxc_mainloop(struct lxc_epoll_descr *descr, int timeout_ms);
-extern int lxc_mainloop_add_handler_events(struct lxc_epoll_descr *descr,
- int fd, int events,
- lxc_mainloop_callback_t callback,
- void *data);
-extern int lxc_mainloop_add_handler(struct lxc_epoll_descr *descr, int fd,
- lxc_mainloop_callback_t callback,
- void *data);
+__hidden extern int lxc_mainloop_add_handler_events(struct lxc_epoll_descr *descr, int fd, int events,
+ lxc_mainloop_callback_t callback, void *data);
+__hidden extern int lxc_mainloop_add_handler(struct lxc_epoll_descr *descr, int fd,
+ lxc_mainloop_callback_t callback, void *data);
-extern int lxc_mainloop_del_handler(struct lxc_epoll_descr *descr, int fd);
+__hidden extern int lxc_mainloop_del_handler(struct lxc_epoll_descr *descr, int fd);
-extern int lxc_mainloop_open(struct lxc_epoll_descr *descr);
+__hidden extern int lxc_mainloop_open(struct lxc_epoll_descr *descr);
-extern void lxc_mainloop_close(struct lxc_epoll_descr *descr);
+__hidden extern void lxc_mainloop_close(struct lxc_epoll_descr *descr);
define_cleanup_function(struct lxc_epoll_descr *, lxc_mainloop_close);
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 064b2b0f63..b660e0a0da 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -18,6 +18,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -37,6 +38,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -56,6 +58,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -77,6 +80,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -159,6 +163,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
From 85b035a134410a2845984d92b6adfa7c2c2f016f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:09:19 +0200
Subject: [PATCH 11/37] monitor: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 1 +
src/lxc/monitor.h | 31 +++++++++++++++----------------
2 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index fd3eec9940..b4cc216a3c 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -491,6 +491,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
initutils.c initutils.h \
log.c log.h \
macro.h \
+ monitor.c monitor.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
diff --git a/src/lxc/monitor.h b/src/lxc/monitor.h
index 61278c2b21..0f89e4ff65 100644
--- a/src/lxc/monitor.h
+++ b/src/lxc/monitor.h
@@ -8,6 +8,8 @@
#include <sys/param.h>
#include <sys/un.h>
+#include "compiler.h"
+
typedef enum {
lxc_msg_state,
lxc_msg_priority,
@@ -16,25 +18,23 @@ typedef enum {
struct lxc_msg {
lxc_msg_type_t type;
- char name[NAME_MAX+1];
+ char name[NAME_MAX + 1];
int value;
};
-extern int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr);
-extern int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path,
- size_t fifo_path_sz, int do_mkdirp);
-extern void lxc_monitor_send_state(const char *name, lxc_state_t state,
- const char *lxcpath);
-extern void lxc_monitor_send_exit_code(const char *name, int exit_code,
- const char *lxcpath);
-extern int lxc_monitord_spawn(const char *lxcpath);
+__hidden extern int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr);
+__hidden extern int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path_sz,
+ int do_mkdirp);
+__hidden extern void lxc_monitor_send_state(const char *name, lxc_state_t state, const char *lxcpath);
+__hidden extern void lxc_monitor_send_exit_code(const char *name, int exit_code, const char *lxcpath);
+__hidden extern int lxc_monitord_spawn(const char *lxcpath);
/*
* Open the monitoring mechanism for a specific container
* The function will return an fd corresponding to the events
* Returns a file descriptor on success, < 0 otherwise
*/
-extern int lxc_monitor_open(const char *lxcpath);
+__hidden extern int lxc_monitor_open(const char *lxcpath);
/*
* Blocking read for the next container state change
@@ -43,7 +43,7 @@ extern int lxc_monitor_open(const char *lxcpath);
* Returns 0 if the monitored container has exited, > 0 if
* data was read, < 0 otherwise
*/
-extern int lxc_monitor_read(int fd, struct lxc_msg *msg);
+__hidden extern int lxc_monitor_read(int fd, struct lxc_msg *msg);
/*
* Blocking read for the next container state change with timeout
@@ -53,7 +53,7 @@ extern int lxc_monitor_read(int fd, struct lxc_msg *msg);
* Returns 0 if the monitored container has exited, > 0 if
* data was read, < 0 otherwise
*/
-extern int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout);
+__hidden extern int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout);
/*
* Blocking read from multiple monitors for the next container state
@@ -65,8 +65,7 @@ extern int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout);
* Returns 0 if the monitored container has exited, > 0 if
* data was read, < 0 otherwise
*/
-extern int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
- int timeout);
-
+__hidden extern int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
+ int timeout);
-#endif
+#endif /* __LXC_MONITOR_H */
From 9e20bf04e03d48fa516cd1000c527f87b9a4e67e Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:11:02 +0200
Subject: [PATCH 12/37] namespace: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 25 +++++++++++++++++++++++++
src/lxc/namespace.h | 14 ++++++++------
src/tests/Makefile.am | 6 ++++++
3 files changed, 39 insertions(+), 6 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index b4cc216a3c..84c13eefd1 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -339,6 +339,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
rexec.c rexec.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -355,6 +356,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -370,6 +372,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -385,6 +388,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -400,6 +404,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -415,6 +420,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -430,6 +436,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -445,6 +452,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -460,6 +468,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -475,6 +484,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -492,6 +502,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
log.c log.h \
macro.h \
monitor.c monitor.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -508,6 +519,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
initutils.c initutils.h \
log.c log.h \
memory_utils.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -523,6 +535,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -539,6 +552,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -555,6 +569,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
initutils.c initutils.h \
log.c log.h \
mainloop.c mainloop.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -571,6 +586,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
initutils.c initutils.h \
log.c log.h \
mainloop.c mainloop.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -586,6 +602,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -601,6 +618,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -618,6 +636,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -633,6 +652,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -649,6 +669,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -664,6 +685,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -702,6 +724,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
+ namespace.c namespace.h \
process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
@@ -721,6 +744,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
initutils.c initutils.h \
log.c log.h \
memory_utils.h \
+ namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
@@ -744,6 +768,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
log.c log.h \
macro.h \
memory_utils.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/namespace.h b/src/lxc/namespace.h
index 59b26fa60d..4e3fc3dfc1 100644
--- a/src/lxc/namespace.h
+++ b/src/lxc/namespace.h
@@ -7,6 +7,8 @@
#include <unistd.h>
#include <sys/syscall.h>
+#include "compiler.h"
+
enum {
LXC_NS_USER,
LXC_NS_MNT,
@@ -19,16 +21,16 @@ enum {
LXC_NS_MAX
};
-extern const struct ns_info {
+__hidden extern const struct ns_info {
const char *proc_name;
int clone_flag;
const char *flag_name;
const char *env_name;
} ns_info[LXC_NS_MAX];
-extern int lxc_namespace_2_cloneflag(const char *namespace);
-extern int lxc_namespace_2_ns_idx(const char *namespace);
-extern int lxc_namespace_2_std_identifiers(char *namespaces);
-extern int lxc_fill_namespace_flags(char *flaglist, int *flags);
+__hidden extern int lxc_namespace_2_cloneflag(const char *namespace);
+__hidden extern int lxc_namespace_2_ns_idx(const char *namespace);
+__hidden extern int lxc_namespace_2_std_identifiers(char *namespaces);
+__hidden extern int lxc_fill_namespace_flags(char *flaglist, int *flags);
-#endif
+#endif /* __LXC_NAMESPACE_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index b660e0a0da..7c26aa0e19 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -19,6 +19,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -39,6 +40,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -59,6 +61,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -81,6 +84,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -121,6 +125,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -164,6 +169,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
From 1d332c47dce1bcd19babfd5d7716eb0cdbc3ad50 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:25:57 +0200
Subject: [PATCH 13/37] network: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 50 ++++++++++++++++++-
src/lxc/network.h | 118 +++++++++++++++++++++-----------------------
2 files changed, 106 insertions(+), 62 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 84c13eefd1..7c181d44c9 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -127,8 +127,8 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
memory_utils.h \
mainloop.c mainloop.h \
namespace.c namespace.h \
- nl.c nl.h \
network.c network.h \
+ nl.c nl.h \
monitor.c monitor.h \
parse.c parse.h \
process_utils.c process_utils.h \
@@ -340,6 +340,8 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
rexec.c rexec.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -357,6 +359,8 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -373,6 +377,8 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -389,6 +395,8 @@ lxc_config_SOURCES = tools/lxc_config.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -405,6 +413,8 @@ lxc_console_SOURCES = tools/lxc_console.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -421,6 +431,8 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -437,6 +449,8 @@ lxc_device_SOURCES = tools/lxc_device.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -453,6 +467,8 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -469,6 +485,8 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -485,6 +503,8 @@ lxc_info_SOURCES = tools/lxc_info.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -503,6 +523,8 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
macro.h \
monitor.c monitor.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -520,6 +542,8 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
log.c log.h \
memory_utils.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -536,6 +560,8 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -553,6 +579,8 @@ lxc_start_SOURCES = tools/lxc_start.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -570,6 +598,8 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
log.c log.h \
mainloop.c mainloop.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -587,6 +617,8 @@ lxc_top_SOURCES = tools/lxc_top.c \
log.c log.h \
mainloop.c mainloop.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -603,6 +635,8 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -619,6 +653,8 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -637,6 +673,8 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -653,6 +691,8 @@ lxc_create_SOURCES = tools/lxc_create.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -670,6 +710,8 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -686,6 +728,8 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -725,6 +769,8 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
mainloop.c mainloop.h \
monitor.c monitor.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
@@ -769,6 +815,8 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
macro.h \
memory_utils.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/network.h b/src/lxc/network.h
index 5e91e4eba5..9b06551b60 100644
--- a/src/lxc/network.h
+++ b/src/lxc/network.h
@@ -10,6 +10,7 @@
#include <sys/socket.h>
#include <unistd.h>
+#include "compiler.h"
#include "list.h"
struct lxc_conf;
@@ -180,107 +181,102 @@ struct lxc_netdev {
};
/* Convert a string mac address to a socket structure. */
-extern int lxc_convert_mac(char *macaddr, struct sockaddr *sockaddr);
+__hidden extern int lxc_convert_mac(char *macaddr, struct sockaddr *sockaddr);
/* Move a device between namespaces. */
-extern int lxc_netdev_move_by_index(int ifindex, pid_t pid, const char *ifname);
-extern int lxc_netdev_move_by_name(const char *ifname, pid_t pid,
- const char *newname);
+__hidden extern int lxc_netdev_move_by_index(int ifindex, pid_t pid, const char *ifname);
+__hidden extern int lxc_netdev_move_by_name(const char *ifname, pid_t pid, const char *newname);
/* Delete a network device. */
-extern int lxc_netdev_delete_by_name(const char *name);
-extern int lxc_netdev_delete_by_index(int ifindex);
+__hidden extern int lxc_netdev_delete_by_name(const char *name);
+__hidden extern int lxc_netdev_delete_by_index(int ifindex);
/* Change the device name. */
-extern int lxc_netdev_rename_by_name(const char *oldname, const char *newname);
-extern int lxc_netdev_rename_by_index(int ifindex, const char *newname);
+__hidden extern int lxc_netdev_rename_by_name(const char *oldname, const char *newname);
+__hidden extern int lxc_netdev_rename_by_index(int ifindex, const char *newname);
-extern int netdev_set_flag(const char *name, int flag);
+__hidden extern int netdev_set_flag(const char *name, int flag);
/* Set the device network up or down. */
-extern int lxc_netdev_isup(const char *name);
-extern int lxc_netdev_up(const char *name);
-extern int lxc_netdev_down(const char *name);
+__hidden extern int lxc_netdev_isup(const char *name);
+__hidden extern int lxc_netdev_up(const char *name);
+__hidden extern int lxc_netdev_down(const char *name);
/* Change the mtu size for the specified device. */
-extern int lxc_netdev_set_mtu(const char *name, int mtu);
+__hidden extern int lxc_netdev_set_mtu(const char *name, int mtu);
/* Create a virtual network devices. */
-extern int lxc_veth_create(const char *name1, const char *name2, pid_t pid,
- unsigned int mtu);
-extern int lxc_macvlan_create(const char *parent, const char *name, int mode);
-extern int lxc_vlan_create(const char *parent, const char *name,
- unsigned short vid);
+__hidden extern int lxc_veth_create(const char *name1, const char *name2, pid_t pid,
+ unsigned int mtu);
+__hidden extern int lxc_macvlan_create(const char *parent, const char *name, int mode);
+__hidden extern int lxc_vlan_create(const char *parent, const char *name, unsigned short vid);
/* Set ip address. */
-extern int lxc_ipv6_addr_add(int ifindex, struct in6_addr *addr,
- struct in6_addr *mcast,
- struct in6_addr *acast, int prefix);
+__hidden extern int lxc_ipv6_addr_add(int ifindex, struct in6_addr *addr, struct in6_addr *mcast,
+ struct in6_addr *acast, int prefix);
-extern int lxc_ipv4_addr_add(int ifindex, struct in_addr *addr,
- struct in_addr *bcast, int prefix);
+__hidden extern int lxc_ipv4_addr_add(int ifindex, struct in_addr *addr, struct in_addr *bcast,
+ int prefix);
/* Get ip address. */
-extern int lxc_ipv4_addr_get(int ifindex, struct in_addr **res);
-extern int lxc_ipv6_addr_get(int ifindex, struct in6_addr **res);
+__hidden extern int lxc_ipv4_addr_get(int ifindex, struct in_addr **res);
+__hidden extern int lxc_ipv6_addr_get(int ifindex, struct in6_addr **res);
/* Set default route. */
-extern int lxc_ipv4_gateway_add(int ifindex, struct in_addr *gw);
-extern int lxc_ipv6_gateway_add(int ifindex, struct in6_addr *gw);
+__hidden extern int lxc_ipv4_gateway_add(int ifindex, struct in_addr *gw);
+__hidden extern int lxc_ipv6_gateway_add(int ifindex, struct in6_addr *gw);
/* Attach an interface to the bridge. */
-extern int lxc_bridge_attach(const char *bridge, const char *ifname);
-extern int lxc_ovs_delete_port(const char *bridge, const char *nic);
+__hidden extern int lxc_bridge_attach(const char *bridge, const char *ifname);
+__hidden extern int lxc_ovs_delete_port(const char *bridge, const char *nic);
-extern bool is_ovs_bridge(const char *bridge);
+__hidden extern bool is_ovs_bridge(const char *bridge);
/* Create default gateway. */
-extern int lxc_route_create_default(const char *addr, const char *ifname,
- int gateway);
+__hidden extern int lxc_route_create_default(const char *addr, const char *ifname, int gateway);
/* Delete default gateway. */
-extern int lxc_route_delete_default(const char *addr, const char *ifname,
- int gateway);
+__hidden extern int lxc_route_delete_default(const char *addr, const char *ifname, int gateway);
/* Activate neighbor proxying. */
-extern int lxc_neigh_proxy_on(const char *name, int family);
+__hidden extern int lxc_neigh_proxy_on(const char *name, int family);
/* Disable neighbor proxying. */
-extern int lxc_neigh_proxy_off(const char *name, int family);
+__hidden extern int lxc_neigh_proxy_off(const char *name, int family);
/* Activate IP forwarding. */
-extern int lxc_ip_forwarding_on(const char *name, int family);
+__hidden extern int lxc_ip_forwarding_on(const char *name, int family);
/* Disable IP forwarding. */
-extern int lxc_ip_forwarding_off(const char *name, int family);
+__hidden extern int lxc_ip_forwarding_off(const char *name, int family);
/*
* Generate a new unique network interface name.
*
* Allows for 62^n unique combinations.
*/
-extern char *lxc_ifname_alnum_case_sensitive(char *template);
-
-extern const char *lxc_net_type_to_str(int type);
-extern int setup_private_host_hw_addr(char *veth1);
-extern int netdev_get_mtu(int ifindex);
-extern int lxc_network_move_created_netdev_priv(struct lxc_handler *handler);
-extern void lxc_delete_network(struct lxc_handler *handler);
-extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
-extern int lxc_requests_empty_network(struct lxc_handler *handler);
-extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler);
-extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf,
- struct lxc_list *network);
-extern int lxc_network_send_to_child(struct lxc_handler *handler);
-extern int lxc_network_recv_from_parent(struct lxc_handler *handler);
-extern int lxc_network_send_name_and_ifindex_to_parent(struct lxc_handler *handler);
-extern int lxc_network_recv_name_and_ifindex_from_child(struct lxc_handler *handler);
-extern int lxc_netns_set_nsid(int netns_fd);
-extern int lxc_netns_get_nsid(__s32 fd);
-extern int lxc_create_network(struct lxc_handler *handler);
-
-extern char *is_wlan(const char *ifname);
-extern int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
- const char *newname);
+__hidden extern char *lxc_ifname_alnum_case_sensitive(char *template);
+
+__hidden extern const char *lxc_net_type_to_str(int type);
+__hidden extern int setup_private_host_hw_addr(char *veth1);
+__hidden extern int netdev_get_mtu(int ifindex);
+__hidden extern int lxc_network_move_created_netdev_priv(struct lxc_handler *handler);
+__hidden extern void lxc_delete_network(struct lxc_handler *handler);
+__hidden extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
+__hidden extern int lxc_requests_empty_network(struct lxc_handler *handler);
+__hidden extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler);
+__hidden extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf,
+ struct lxc_list *network);
+__hidden extern int lxc_network_send_to_child(struct lxc_handler *handler);
+__hidden extern int lxc_network_recv_from_parent(struct lxc_handler *handler);
+__hidden extern int lxc_network_send_name_and_ifindex_to_parent(struct lxc_handler *handler);
+__hidden extern int lxc_network_recv_name_and_ifindex_from_child(struct lxc_handler *handler);
+__hidden extern int lxc_netns_set_nsid(int netns_fd);
+__hidden extern int lxc_netns_get_nsid(__s32 fd);
+__hidden extern int lxc_create_network(struct lxc_handler *handler);
+
+__hidden extern char *is_wlan(const char *ifname);
+__hidden extern int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
+ const char *newname);
#endif /* __LXC_NETWORK_H */
From a804cff7497a7b6ca7be79cb0d8deb675d435caa Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:38:05 +0200
Subject: [PATCH 14/37] parse: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 24 ++++++++++++++++++++++++
src/lxc/parse.h | 15 +++++++--------
src/tests/Makefile.am | 6 ++++++
3 files changed, 37 insertions(+), 8 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 7c181d44c9..456dded39e 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -342,6 +342,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
rexec.c rexec.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -361,6 +362,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -379,6 +381,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -397,6 +400,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -415,6 +419,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -433,6 +438,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -451,6 +457,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -469,6 +476,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -487,6 +495,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -505,6 +514,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -525,6 +535,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -544,6 +555,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -562,6 +574,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -581,6 +594,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -600,6 +614,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -619,6 +634,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -637,6 +653,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -655,6 +672,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -675,6 +693,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -693,6 +712,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -712,6 +732,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -730,6 +751,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -771,6 +793,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
@@ -817,6 +840,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/parse.h b/src/lxc/parse.h
index 19d2b20bb5..e4808ed0fb 100644
--- a/src/lxc/parse.h
+++ b/src/lxc/parse.h
@@ -13,17 +13,16 @@ typedef int (*lxc_dir_cb)(const char *name, const char *directory,
typedef int (*lxc_file_cb)(char *buffer, void *data);
-__hot extern int lxc_file_for_each_line(const char *file, lxc_file_cb callback,
- void *data);
+__hidden __hot extern int lxc_file_for_each_line(const char *file, lxc_file_cb callback, void *data);
-__hot extern int lxc_file_for_each_line_mmap(const char *file,
- lxc_file_cb callback, void *data);
+__hidden __hot extern int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback,
+ void *data);
/* mmap() wrapper. lxc_strmmap() will take care to \0-terminate files so that
* normal string-handling functions can be used on the buffer. */
-extern void *lxc_strmmap(void *addr, size_t length, int prot, int flags, int fd,
- off_t offset);
+__hidden extern void *lxc_strmmap(void *addr, size_t length, int prot, int flags, int fd,
+ off_t offset);
/* munmap() wrapper. Use it to free memory mmap()ed with lxc_strmmap(). */
-extern int lxc_strmunmap(void *addr, size_t length);
+__hidden extern int lxc_strmunmap(void *addr, size_t length);
-#endif
+#endif /* __LXC_PARSE_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 7c26aa0e19..64979d3a63 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -22,6 +22,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -43,6 +44,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -64,6 +66,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -87,6 +90,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -128,6 +132,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -172,6 +177,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
From 92a10958c91a86a217fb4e0d364624aa568d6562 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:45:02 +0200
Subject: [PATCH 15/37] process_utils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 23 +++++++++++++++++++++++
src/lxc/process_utils.h | 14 +++++++-------
src/tests/Makefile.am | 6 ++++++
3 files changed, 36 insertions(+), 7 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 456dded39e..1bfcfcabb7 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -343,6 +343,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
rexec.c rexec.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -363,6 +364,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -382,6 +384,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -401,6 +404,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -420,6 +424,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -439,6 +444,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -458,6 +464,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -477,6 +484,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -496,6 +504,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -515,6 +524,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -536,6 +546,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -556,6 +567,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -575,6 +587,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -595,6 +608,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -615,6 +629,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -635,6 +650,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -654,6 +670,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -673,6 +690,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -694,6 +712,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -713,6 +732,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -733,6 +753,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -752,6 +773,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -841,6 +863,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/process_utils.h b/src/lxc/process_utils.h
index 61b0e412b7..e0157c631b 100644
--- a/src/lxc/process_utils.h
+++ b/src/lxc/process_utils.h
@@ -209,7 +209,7 @@ int clone(int (*fn)(void *), void *child_stack, int flags, void *arg, ...
* - should call lxc_raw_getpid():
* The child should use lxc_raw_getpid() to retrieve its pid.
*/
-extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd);
+__hidden extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd);
/*
@@ -239,8 +239,8 @@ extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd);
* - must call lxc_raw_getpid():
* The child must use lxc_raw_getpid() to retrieve its pid.
*/
-extern pid_t lxc_raw_clone(unsigned long flags, int *pidfd);
-extern pid_t lxc_raw_legacy_clone(unsigned long flags, int *pidfd);
+__hidden extern pid_t lxc_raw_clone(unsigned long flags, int *pidfd);
+__hidden extern pid_t lxc_raw_legacy_clone(unsigned long flags, int *pidfd);
/*
* lxc_raw_clone_cb() - create a new process
@@ -253,8 +253,8 @@ extern pid_t lxc_raw_legacy_clone(unsigned long flags, int *pidfd);
* All other comments that apply to lxc_raw_clone() apply to lxc_raw_clone_cb()
* as well.
*/
-extern pid_t lxc_raw_clone_cb(int (*fn)(void *), void *args,
- unsigned long flags, int *pidfd);
+__hidden extern pid_t lxc_raw_clone_cb(int (*fn)(void *), void *args, unsigned long flags,
+ int *pidfd);
#ifndef HAVE_EXECVEAT
static inline int execveat(int dirfd, const char *pathname, char *const argv[],
@@ -285,7 +285,7 @@ static inline pid_t lxc_raw_gettid(void)
#endif
}
-extern int lxc_raw_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
- unsigned int flags);
+__hidden extern int lxc_raw_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
+ unsigned int flags);
#endif /* __LXC_PROCESS_UTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 64979d3a63..c0ea315a8c 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -23,6 +23,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -45,6 +46,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -67,6 +69,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -91,6 +94,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -133,6 +137,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -178,6 +183,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
From 0b07c6c1624683443b1db7b4b27a6d699c303f19 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:46:13 +0200
Subject: [PATCH 16/37] rexec: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/rexec.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/lxc/rexec.h b/src/lxc/rexec.h
index 1889b2b644..198d6cb08f 100644
--- a/src/lxc/rexec.h
+++ b/src/lxc/rexec.h
@@ -3,6 +3,8 @@
#ifndef __LXC_REXEC_H
#define __LXC_REXEC_H
-extern int lxc_rexec(const char *memfd_name);
+#include "compiler.h"
+
+__hidden extern int lxc_rexec(const char *memfd_name);
#endif /* __LXC_REXEC_H */
From f6fea47396eae592b7111086dd16a2b8ffba855c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:49:55 +0200
Subject: [PATCH 17/37] ringbuf: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/ringbuf.h | 10 ++++++----
src/tests/Makefile.am | 6 ++++++
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/src/lxc/ringbuf.h b/src/lxc/ringbuf.h
index dbbc7dacae..889b6e65ce 100644
--- a/src/lxc/ringbuf.h
+++ b/src/lxc/ringbuf.h
@@ -8,6 +8,8 @@
#include <stdio.h>
#include <sys/mman.h>
+#include "compiler.h"
+
/**
* lxc_ringbuf - Implements a simple and efficient memory mapped ringbuffer.
* - The "addr" field of struct lxc_ringbuf is considered immutable. Instead the
@@ -29,10 +31,10 @@ struct lxc_ringbuf {
*
* @param[in] size Size of the new ringbuffer as a power of 2.
*/
-extern int lxc_ringbuf_create(struct lxc_ringbuf *buf, size_t size);
-extern void lxc_ringbuf_move_read_addr(struct lxc_ringbuf *buf, size_t len);
-extern int lxc_ringbuf_write(struct lxc_ringbuf *buf, const char *msg, size_t len);
-extern int lxc_ringbuf_read(struct lxc_ringbuf *buf, char *out, size_t *len);
+__hidden extern int lxc_ringbuf_create(struct lxc_ringbuf *buf, size_t size);
+__hidden extern void lxc_ringbuf_move_read_addr(struct lxc_ringbuf *buf, size_t len);
+__hidden extern int lxc_ringbuf_write(struct lxc_ringbuf *buf, const char *msg, size_t len);
+__hidden extern int lxc_ringbuf_read(struct lxc_ringbuf *buf, char *out, size_t *len);
static inline void lxc_ringbuf_release(struct lxc_ringbuf *buf)
{
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index c0ea315a8c..6a6f5ff281 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -24,6 +24,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -47,6 +48,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -70,6 +72,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -95,6 +98,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -138,6 +142,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -184,6 +189,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
From 8c8cd087120d80b916b29ca38cf7dbcdc736fa92 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 12:24:45 +0200
Subject: [PATCH 18/37] start: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 202 +++++++++++++++++++++++++++++++++++++++++-
src/lxc/start.h | 37 ++++----
src/tests/Makefile.am | 27 ++++++
3 files changed, 244 insertions(+), 22 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 1bfcfcabb7..5c99913a81 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -333,18 +333,26 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
rexec.c rexec.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_attach_SOURCES += seccomp.c lxcseccomp.h
@@ -354,17 +362,25 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -374,17 +390,25 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -394,17 +418,25 @@ lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -414,17 +446,25 @@ lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -434,17 +474,25 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -454,17 +502,25 @@ lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -474,17 +530,25 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -494,17 +558,25 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -514,17 +586,25 @@ lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -534,19 +614,26 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
macro.h \
+ mainloop.c mainloop.h \
monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -556,18 +643,26 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
memory_utils.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -577,17 +672,25 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -598,17 +701,25 @@ lxc_start_SOURCES = tools/lxc_start.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -618,18 +729,25 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -639,18 +757,25 @@ lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -660,17 +785,25 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -680,17 +813,25 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -702,17 +843,25 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -722,17 +871,25 @@ lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -743,17 +900,25 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -763,17 +928,25 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -793,8 +966,9 @@ init_lxc_SOURCES = cmd/lxc_init.c \
memory_utils.h \
parse.c parse.h \
process_utils.c process_utils.h \
- syscall_numbers.h \
- string_utils.c string_utils.h
+ ringbuf.c ringbuf.h \
+ string_utils.c string_utils.h \
+ syscall_numbers.h
if ENABLE_SECCOMP
init_lxc_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -804,12 +978,16 @@ init_lxc_LDFLAGS = -pthread
lxc_monitord_SOURCES = cmd/lxc_monitord.c \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
namespace.c namespace.h \
@@ -817,6 +995,8 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h \
syscall_numbers.h \
utils.c utils.h
@@ -828,20 +1008,28 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ lxclock.c lxclock.h \
+ mainloop.c mainloop.h \
memory_utils.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
- syscall_numbers.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h \
+ syscall_numbers.h \
syscall_wrappers.h
if ENABLE_SECCOMP
lxc_user_nic_SOURCES += seccomp.c lxcseccomp.h
@@ -850,20 +1038,28 @@ endif
lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
af_unix.c af_unix.h \
caps.c caps.h \
+ commands.c commands.h \
+ commands_utils.c commands_utils.h \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
list.h \
log.c log.h \
+ lxclock.c lxclock.h \
macro.h \
+ mainloop.c mainloop.h \
memory_utils.h \
+ monitor.c monitor.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
process_utils.c process_utils.h \
+ ringbuf.c ringbuf.h \
+ start.c start.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/start.h b/src/lxc/start.h
index ba66b05535..69b7362f3c 100644
--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -11,6 +11,7 @@
#include <sys/socket.h>
#include <sys/un.h>
+#include "compiler.h"
#include "conf.h"
#include "macro.h"
#include "namespace.h"
@@ -140,20 +141,17 @@ struct lxc_operations {
int (*post_start)(struct lxc_handler *, void *);
};
-extern int lxc_poll(const char *name, struct lxc_handler *handler);
-extern int lxc_set_state(const char *name, struct lxc_handler *handler,
- lxc_state_t state);
-extern int lxc_serve_state_clients(const char *name,
- struct lxc_handler *handler,
- lxc_state_t state);
-extern void lxc_abort(struct lxc_handler *handler);
-extern struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
- const char *name,
- struct lxc_conf *conf,
- const char *lxcpath, bool daemonize);
-extern void lxc_put_handler(struct lxc_handler *handler);
-extern int lxc_init(const char *name, struct lxc_handler *handler);
-extern void lxc_end(struct lxc_handler *handler);
+__hidden extern int lxc_poll(const char *name, struct lxc_handler *handler);
+__hidden extern int lxc_set_state(const char *name, struct lxc_handler *handler, lxc_state_t state);
+__hidden extern int lxc_serve_state_clients(const char *name, struct lxc_handler *handler,
+ lxc_state_t state);
+__hidden extern void lxc_abort(struct lxc_handler *handler);
+__hidden extern struct lxc_handler *lxc_init_handler(struct lxc_handler *old, const char *name,
+ struct lxc_conf *conf, const char *lxcpath,
+ bool daemonize);
+__hidden extern void lxc_put_handler(struct lxc_handler *handler);
+__hidden extern int lxc_init(const char *name, struct lxc_handler *handler);
+__hidden extern void lxc_end(struct lxc_handler *handler);
/* lxc_check_inherited: Check for any open file descriptors and close them if
* requested.
@@ -162,16 +160,17 @@ extern void lxc_end(struct lxc_handler *handler);
* @param[in] fds_to_ignore Array of file descriptors to ignore.
* @param[in] len_fds Length of fds_to_ignore array.
*/
-extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
- int *fds_to_ignore, size_t len_fds);
+__hidden extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall, int *fds_to_ignore,
+ size_t len_fds);
static inline int inherit_fds(struct lxc_handler *handler, bool closeall)
{
return lxc_check_inherited(handler->conf, closeall, handler->keep_fds,
ARRAY_SIZE(handler->keep_fds));
}
-extern int __lxc_start(struct lxc_handler *, struct lxc_operations *, void *,
- const char *, bool, int *);
-extern int resolve_clone_flags(struct lxc_handler *handler);
+__hidden extern int __lxc_start(struct lxc_handler *, struct lxc_operations *, void *, const char *,
+ bool, int *);
+
+__hidden extern int resolve_clone_flags(struct lxc_handler *handler);
#endif
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 6a6f5ff281..0b354437ef 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -15,16 +15,20 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -39,16 +43,20 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -63,16 +71,20 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -89,16 +101,20 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -131,18 +147,25 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -180,16 +203,20 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
From 1bf5f8123e32461a64a022a30a67a14d761d1932 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 12:30:53 +0200
Subject: [PATCH 19/37] state: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 25 +++++++++++++++++++++++++
src/lxc/state.h | 13 ++++++++-----
src/tests/Makefile.am | 6 ++++++
3 files changed, 39 insertions(+), 5 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 5c99913a81..e5878459e9 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -353,6 +353,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
rexec.c rexec.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_attach_SOURCES += seccomp.c lxcseccomp.h
@@ -381,6 +382,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -409,6 +411,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -437,6 +440,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -465,6 +469,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -493,6 +498,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -521,6 +527,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -549,6 +556,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -577,6 +585,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -605,6 +614,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -634,6 +644,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -663,6 +674,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -691,6 +703,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -720,6 +733,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -748,6 +762,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -776,6 +791,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -804,6 +820,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -832,6 +849,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -862,6 +880,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -890,6 +909,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -919,6 +939,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -947,6 +968,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -997,6 +1019,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h \
syscall_numbers.h \
utils.c utils.h
@@ -1028,6 +1051,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -1060,6 +1084,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
process_utils.c process_utils.h \
ringbuf.c ringbuf.h \
start.c start.h \
+ state.c state.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/state.h b/src/lxc/state.h
index 994d1b792a..afb2fbb785 100644
--- a/src/lxc/state.h
+++ b/src/lxc/state.h
@@ -3,6 +3,8 @@
#ifndef __LXC_STATE_H
#define __LXC_STATE_H
+#include "compiler.h"
+
#define MAX_STATE_LENGTH (8 + 1)
typedef enum {
@@ -23,10 +25,11 @@ enum {
REBOOT_INIT
};
-extern lxc_state_t lxc_getstate(const char *name, const char *lxcpath);
+__hidden extern lxc_state_t lxc_getstate(const char *name, const char *lxcpath);
-extern lxc_state_t lxc_str2state(const char *state);
-extern const char *lxc_state2str(lxc_state_t state);
-extern int lxc_wait(const char *lxcname, const char *states, int timeout, const char *lxcpath);
+__hidden extern lxc_state_t lxc_str2state(const char *state);
+__hidden extern const char *lxc_state2str(lxc_state_t state);
+__hidden extern int lxc_wait(const char *lxcname, const char *states, int timeout,
+ const char *lxcpath);
-#endif
+#endif /* __LXC_STATE_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 0b354437ef..7c68e69e4b 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -29,6 +29,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -57,6 +58,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -85,6 +87,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -115,6 +118,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -166,6 +170,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -217,6 +222,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
From bf1ca416a22e31ae9c5ae3fdd79a19c873ecd940 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 12:37:28 +0200
Subject: [PATCH 20/37] sync: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 67 +++++++++++++++++++++++++++++--------------
src/lxc/sync.h | 44 ++++++++++++++--------------
src/tests/Makefile.am | 6 ++++
3 files changed, 75 insertions(+), 42 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index e5878459e9..71c45ffa9f 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -354,7 +354,8 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_attach_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -383,7 +384,8 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -412,7 +414,8 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -441,7 +444,8 @@ lxc_config_SOURCES = tools/lxc_config.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -470,7 +474,8 @@ lxc_console_SOURCES = tools/lxc_console.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -499,7 +504,8 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -528,7 +534,8 @@ lxc_device_SOURCES = tools/lxc_device.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -557,7 +564,8 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -586,7 +594,8 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -615,7 +624,8 @@ lxc_info_SOURCES = tools/lxc_info.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -645,7 +655,8 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -675,7 +686,8 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -705,7 +717,8 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
start.c start.h \
state.c state.h \
storage/storage_utils.c storage/storage_utils.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_copy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -734,7 +747,8 @@ lxc_start_SOURCES = tools/lxc_start.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -763,7 +777,8 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -792,7 +807,8 @@ lxc_top_SOURCES = tools/lxc_top.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -821,7 +837,8 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -851,6 +868,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
+ sync.c sync.h \
syscall_numbers.h \
syscall_wrappers.h
if ENABLE_SECCOMP
@@ -881,7 +899,8 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -911,7 +930,8 @@ lxc_create_SOURCES = tools/lxc_create.c \
start.c start.h \
state.c state.h \
storage/storage_utils.c storage/storage_utils.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_create_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -940,7 +960,8 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -969,7 +990,8 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
- string_utils.c string_utils.h
+ string_utils.c string_utils.h \
+ sync.c sync.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1021,6 +1043,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
+ sync.c sync.h \
syscall_numbers.h \
utils.c utils.h
if ENABLE_SECCOMP
@@ -1053,6 +1076,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
+ sync.c sync.h \
syscall_numbers.h \
syscall_wrappers.h
if ENABLE_SECCOMP
@@ -1086,6 +1110,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
+ sync.c sync.h \
syscall_wrappers.h \
utils.c utils.h
if ENABLE_SECCOMP
diff --git a/src/lxc/sync.h b/src/lxc/sync.h
index ff7a1eb18a..c09ac8fb05 100644
--- a/src/lxc/sync.h
+++ b/src/lxc/sync.h
@@ -3,30 +3,32 @@
#ifndef __LXC_SYNC_H
#define __LXC_SYNC_H
+#include "compiler.h"
+
struct lxc_handler;
enum {
- LXC_SYNC_STARTUP,
- LXC_SYNC_CONFIGURE,
- LXC_SYNC_POST_CONFIGURE,
- LXC_SYNC_CGROUP,
- LXC_SYNC_CGROUP_UNSHARE,
- LXC_SYNC_CGROUP_LIMITS,
- LXC_SYNC_READY_START,
- LXC_SYNC_RESTART,
- LXC_SYNC_POST_RESTART,
- LXC_SYNC_ERROR = -1 /* Used to report errors from another process */
+ LXC_SYNC_STARTUP = 0,
+ LXC_SYNC_CONFIGURE = 1,
+ LXC_SYNC_POST_CONFIGURE = 2,
+ LXC_SYNC_CGROUP = 3,
+ LXC_SYNC_CGROUP_UNSHARE = 4,
+ LXC_SYNC_CGROUP_LIMITS = 5,
+ LXC_SYNC_READY_START = 6,
+ LXC_SYNC_RESTART = 7,
+ LXC_SYNC_POST_RESTART = 8,
+ LXC_SYNC_ERROR = -1 /* Used to report errors from another process */
};
-int lxc_sync_init(struct lxc_handler *handler);
-void lxc_sync_fini(struct lxc_handler *);
-void lxc_sync_fini_parent(struct lxc_handler *);
-void lxc_sync_fini_child(struct lxc_handler *);
-int lxc_sync_wake_child(struct lxc_handler *, int);
-int lxc_sync_wait_child(struct lxc_handler *, int);
-int lxc_sync_wake_parent(struct lxc_handler *, int);
-int lxc_sync_wait_parent(struct lxc_handler *, int);
-int lxc_sync_barrier_parent(struct lxc_handler *, int);
-int lxc_sync_barrier_child(struct lxc_handler *, int);
+__hidden extern int lxc_sync_init(struct lxc_handler *handler);
+__hidden extern void lxc_sync_fini(struct lxc_handler *);
+__hidden extern void lxc_sync_fini_parent(struct lxc_handler *);
+__hidden extern void lxc_sync_fini_child(struct lxc_handler *);
+__hidden extern int lxc_sync_wake_child(struct lxc_handler *, int);
+__hidden extern int lxc_sync_wait_child(struct lxc_handler *, int);
+__hidden extern int lxc_sync_wake_parent(struct lxc_handler *, int);
+__hidden extern int lxc_sync_wait_parent(struct lxc_handler *, int);
+__hidden extern int lxc_sync_barrier_parent(struct lxc_handler *, int);
+__hidden extern int lxc_sync_barrier_child(struct lxc_handler *, int);
-#endif
+#endif /* __LXC_SYNC_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 7c68e69e4b..ffec3e36b5 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -30,6 +30,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -59,6 +60,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -88,6 +90,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -119,6 +122,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -171,6 +175,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -223,6 +228,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
From cd6b82e44c9cb6d2b473aaca7015831d29d7bb59 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 12:44:09 +0200
Subject: [PATCH 21/37] terminal: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 73 +++++++++++++++++++++++++++++--------------
src/lxc/terminal.h | 69 +++++++++++++++++++---------------------
src/tests/Makefile.am | 18 +++++++----
3 files changed, 94 insertions(+), 66 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 71c45ffa9f..57b9536362 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -151,7 +151,7 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
sync.c sync.h \
syscall_numbers.h \
syscall_wrappers.h \
- terminal.c \
+ terminal.c terminal.h \
utils.c utils.h \
uuid.c uuid.h \
version.h \
@@ -355,7 +355,8 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_attach_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -385,7 +386,8 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -415,7 +417,8 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -445,7 +448,8 @@ lxc_config_SOURCES = tools/lxc_config.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -475,7 +479,8 @@ lxc_console_SOURCES = tools/lxc_console.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -505,7 +510,8 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -535,7 +541,8 @@ lxc_device_SOURCES = tools/lxc_device.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -565,7 +572,8 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -595,7 +603,8 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -625,7 +634,8 @@ lxc_info_SOURCES = tools/lxc_info.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -656,7 +666,8 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -687,7 +698,8 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -718,7 +730,8 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
state.c state.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_copy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -748,7 +761,8 @@ lxc_start_SOURCES = tools/lxc_start.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -778,7 +792,8 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -808,7 +823,8 @@ lxc_top_SOURCES = tools/lxc_top.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -838,7 +854,8 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -870,7 +887,8 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
string_utils.c string_utils.h \
sync.c sync.h \
syscall_numbers.h \
- syscall_wrappers.h
+ syscall_wrappers.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_unshare_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -900,7 +918,8 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -931,7 +950,8 @@ lxc_create_SOURCES = tools/lxc_create.c \
state.c state.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_create_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -961,7 +981,8 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -991,7 +1012,8 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
start.c start.h \
state.c state.h \
string_utils.c string_utils.h \
- sync.c sync.h
+ sync.c sync.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1045,6 +1067,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
string_utils.c string_utils.h \
sync.c sync.h \
syscall_numbers.h \
+ terminal.c terminal.h \
utils.c utils.h
if ENABLE_SECCOMP
lxc_monitord_SOURCES += seccomp.c lxcseccomp.h
@@ -1078,7 +1101,8 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
string_utils.c string_utils.h \
sync.c sync.h \
syscall_numbers.h \
- syscall_wrappers.h
+ syscall_wrappers.h \
+ terminal.c terminal.h
if ENABLE_SECCOMP
lxc_user_nic_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1112,6 +1136,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
string_utils.c string_utils.h \
sync.c sync.h \
syscall_wrappers.h \
+ terminal.c terminal.h \
utils.c utils.h
if ENABLE_SECCOMP
lxc_usernsexec_SOURCES += seccomp.c lxcseccomp.h
diff --git a/src/lxc/terminal.h b/src/lxc/terminal.h
index 0b652001df..e17a7a9fef 100644
--- a/src/lxc/terminal.h
+++ b/src/lxc/terminal.h
@@ -6,6 +6,7 @@
#include <signal.h>
#include <stdio.h>
+#include "compiler.h"
#include "list.h"
#include "macro.h"
#include "ringbuf.h"
@@ -98,7 +99,7 @@ struct lxc_terminal {
* indication that the console or tty is no longer in use
* @ttyreq : the tty requested to be opened, -1 for any, 0 for the console
*/
-extern int lxc_terminal_allocate(struct lxc_conf *conf, int sockfd, int *ttynum);
+__hidden extern int lxc_terminal_allocate(struct lxc_conf *conf, int sockfd, int *ttynum);
/**
* Create a new terminal:
@@ -109,19 +110,19 @@ extern int lxc_terminal_allocate(struct lxc_conf *conf, int sockfd, int *ttynum
* - sets up SIGWINCH handler, winsz, and new terminal settings
* (Handlers for SIGWINCH and I/O are not registered in a mainloop.)
*/
-extern int lxc_terminal_create(struct lxc_terminal *console);
+__hidden extern int lxc_terminal_create(struct lxc_terminal *console);
/**
* lxc_terminal_setup: Create a new terminal.
* - In addition to lxc_terminal_create() also sets up logging.
*/
-extern int lxc_terminal_setup(struct lxc_conf *);
+__hidden extern int lxc_terminal_setup(struct lxc_conf *);
/**
* Delete a terminal created via lxc_terminal_create() or lxc_terminal_setup():
* Note, registered handlers are not automatically deleted.
*/
-extern void lxc_terminal_delete(struct lxc_terminal *);
+__hidden extern void lxc_terminal_delete(struct lxc_terminal *);
/**
* lxc_terminal_free: mark the terminal as unallocated and free any resources
@@ -132,17 +133,17 @@ extern void lxc_terminal_delete(struct lxc_terminal *);
* the terminal is no longer in use. this is used to match
* which terminal is being freed.
*/
-extern void lxc_terminal_free(struct lxc_conf *conf, int fd);
+__hidden extern void lxc_terminal_free(struct lxc_conf *conf, int fd);
/**
* Register terminal event handlers in an open mainloop.
*/
-extern int lxc_terminal_mainloop_add(struct lxc_epoll_descr *, struct lxc_terminal *);
+__hidden extern int lxc_terminal_mainloop_add(struct lxc_epoll_descr *, struct lxc_terminal *);
/**
* Handle SIGWINCH events on the allocated terminals.
*/
-extern void lxc_terminal_sigwinch(int sig);
+__hidden extern void lxc_terminal_sigwinch(int sig);
/**
* Connect to one of the ttys given to the container via lxc.tty.max.
@@ -153,9 +154,8 @@ extern void lxc_terminal_sigwinch(int sig);
* - registers SIGWINCH, I/O handlers in the mainloop
* - performs all necessary cleanup operations
*/
-extern int lxc_console(struct lxc_container *c, int ttynum,
- int stdinfd, int stdoutfd, int stderrfd,
- int escape);
+__hidden extern int lxc_console(struct lxc_container *c, int ttynum, int stdinfd, int stdoutfd,
+ int stderrfd, int escape);
/**
* Allocate one of the tty given to the container via lxc.tty.max. Returns an
@@ -163,15 +163,14 @@ extern int lxc_console(struct lxc_container *c, int ttynum,
* Set ttynum to -1 to allocate the first available tty, or to a value within
* the range specified by lxc.tty.max to allocate a specific tty.
*/
-extern int lxc_terminal_getfd(struct lxc_container *c, int *ttynum,
- int *ptxfd);
+__hidden extern int lxc_terminal_getfd(struct lxc_container *c, int *ttynum, int *ptxfd);
/**
* Make fd a duplicate of the standard file descriptors. The fd is made a
* duplicate of a specific standard file descriptor iff the standard file
* descriptor refers to a terminal.
*/
-extern int lxc_terminal_set_stdfds(int fd);
+__hidden extern int lxc_terminal_set_stdfds(int fd);
/**
* Handler for events on the stdin fd of the terminal. To be registered via the
@@ -179,8 +178,8 @@ extern int lxc_terminal_set_stdfds(int fd);
* lxc_terminal_mainloop_add().
* This function exits the loop cleanly when an EPOLLHUP event is received.
*/
-extern int lxc_terminal_stdin_cb(int fd, uint32_t events, void *cbdata,
- struct lxc_epoll_descr *descr);
+__hidden extern int lxc_terminal_stdin_cb(int fd, uint32_t events, void *cbdata,
+ struct lxc_epoll_descr *descr);
/**
* Handler for events on the ptx fd of the terminal. To be registered via
@@ -188,15 +187,14 @@ extern int lxc_terminal_stdin_cb(int fd, uint32_t events, void *cbdata,
* lxc_terminal_mainloop_add().
* This function exits the loop cleanly when an EPOLLHUP event is received.
*/
-extern int lxc_terminal_ptx_cb(int fd, uint32_t events, void *cbdata,
- struct lxc_epoll_descr *descr);
+__hidden extern int lxc_terminal_ptx_cb(int fd, uint32_t events, void *cbdata,
+ struct lxc_epoll_descr *descr);
/**
* Setup new terminal properties. The old terminal settings are stored in
* oldtios.
*/
-extern int lxc_setup_tios(int fd, struct termios *oldtios);
-
+__hidden extern int lxc_setup_tios(int fd, struct termios *oldtios);
/**
* lxc_terminal_winsz: propagate winsz from one terminal to another
@@ -206,7 +204,7 @@ extern int lxc_setup_tios(int fd, struct termios *oldtios);
* @dstfd
* - terminal to set size on (typically a ptx pty)
*/
-extern void lxc_terminal_winsz(int srcfd, int dstfd);
+__hidden extern void lxc_terminal_winsz(int srcfd, int dstfd);
/*
* lxc_terminal_signal_init: install signal handler
@@ -232,26 +230,25 @@ extern void lxc_terminal_winsz(int srcfd, int dstfd);
*
* This function allocates memory. It is up to the caller to free it.
*/
-extern struct lxc_terminal_state *lxc_terminal_signal_init(int srcfd, int dstfd);
+__hidden extern struct lxc_terminal_state *lxc_terminal_signal_init(int srcfd, int dstfd);
/**
* Handler for signal events. To be registered via the corresponding functions
* declared and defined in mainloop.{c,h} or lxc_terminal_mainloop_add().
*/
-extern int lxc_terminal_signalfd_cb(int fd, uint32_t events, void *cbdata,
- struct lxc_epoll_descr *descr);
-
-extern int lxc_terminal_write_ringbuffer(struct lxc_terminal *terminal);
-extern int lxc_terminal_create_log_file(struct lxc_terminal *terminal);
-extern int lxc_terminal_io_cb(int fd, uint32_t events, void *data,
- struct lxc_epoll_descr *descr);
-
-extern int lxc_make_controlling_terminal(int fd);
-extern int lxc_terminal_prepare_login(int fd);
-extern void lxc_terminal_conf_free(struct lxc_terminal *terminal);
-extern void lxc_terminal_info_init(struct lxc_terminal_info *terminal);
-extern void lxc_terminal_init(struct lxc_terminal *terminal);
-extern int lxc_terminal_map_ids(struct lxc_conf *c,
- struct lxc_terminal *terminal);
+__hidden extern int lxc_terminal_signalfd_cb(int fd, uint32_t events, void *cbdata,
+ struct lxc_epoll_descr *descr);
+
+__hidden extern int lxc_terminal_write_ringbuffer(struct lxc_terminal *terminal);
+__hidden extern int lxc_terminal_create_log_file(struct lxc_terminal *terminal);
+__hidden extern int lxc_terminal_io_cb(int fd, uint32_t events, void *data,
+ struct lxc_epoll_descr *descr);
+
+__hidden extern int lxc_make_controlling_terminal(int fd);
+__hidden extern int lxc_terminal_prepare_login(int fd);
+__hidden extern void lxc_terminal_conf_free(struct lxc_terminal *terminal);
+__hidden extern void lxc_terminal_info_init(struct lxc_terminal_info *terminal);
+__hidden extern void lxc_terminal_init(struct lxc_terminal *terminal);
+__hidden extern int lxc_terminal_map_ids(struct lxc_conf *c, struct lxc_terminal *terminal);
#endif /* __LXC_TERMINAL_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index ffec3e36b5..1fdcee07ad 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -31,7 +31,8 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -61,7 +62,8 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -91,7 +93,8 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -123,7 +126,8 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -176,7 +180,8 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -229,7 +234,8 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
From 5f1b09866fee830291e3558262f5d71305888d69 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 13:15:25 +0200
Subject: [PATCH 22/37] utils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 69 ++++++++++++++++++---------
src/lxc/utils.h | 99 +++++++++++++++++++-------------------
src/tests/Makefile.am | 107 ++++++++++++++++++++++++++++++++++++++----
3 files changed, 193 insertions(+), 82 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 57b9536362..f3e15f6b95 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -356,7 +356,8 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_attach_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -387,7 +388,8 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -418,7 +420,8 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -449,7 +452,8 @@ lxc_config_SOURCES = tools/lxc_config.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -480,7 +484,8 @@ lxc_console_SOURCES = tools/lxc_console.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -511,7 +516,8 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -542,7 +548,8 @@ lxc_device_SOURCES = tools/lxc_device.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -573,7 +580,8 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -604,7 +612,8 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -635,7 +644,8 @@ lxc_info_SOURCES = tools/lxc_info.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -667,7 +677,8 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -699,7 +710,8 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -731,7 +743,8 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_copy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -762,7 +775,8 @@ lxc_start_SOURCES = tools/lxc_start.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -793,7 +807,8 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -824,7 +839,8 @@ lxc_top_SOURCES = tools/lxc_top.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -855,7 +871,8 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -888,7 +905,8 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
sync.c sync.h \
syscall_numbers.h \
syscall_wrappers.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_unshare_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -919,7 +937,8 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -951,7 +970,8 @@ lxc_create_SOURCES = tools/lxc_create.c \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_create_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -982,7 +1002,8 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1013,7 +1034,8 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
state.c state.h \
string_utils.c string_utils.h \
sync.c sync.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1102,7 +1124,8 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
sync.c sync.h \
syscall_numbers.h \
syscall_wrappers.h \
- terminal.c terminal.h
+ terminal.c terminal.h \
+ utils.c utils.h
if ENABLE_SECCOMP
lxc_user_nic_SOURCES += seccomp.c lxcseccomp.h
endif
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index 8e6fbc44f5..3f9a409150 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -21,6 +21,7 @@
#include <sys/vfs.h>
#include <unistd.h>
+#include "compiler.h"
#include "file_utils.h"
#include "initutils.h"
#include "macro.h"
@@ -29,10 +30,10 @@
#include "string_utils.h"
/* returns 1 on success, 0 if there were any failures */
-extern int lxc_rmdir_onedev(const char *path, const char *exclude);
-extern int get_u16(unsigned short *val, const char *arg, int base);
-extern int mkdir_p(const char *dir, mode_t mode);
-extern char *get_rundir(void);
+__hidden extern int lxc_rmdir_onedev(const char *path, const char *exclude);
+__hidden extern int get_u16(unsigned short *val, const char *arg, int base);
+__hidden extern int mkdir_p(const char *dir, mode_t mode);
+__hidden extern char *get_rundir(void);
/* Define getline() if missing from the C library */
#ifndef HAVE_GETLINE
@@ -64,14 +65,14 @@ struct lxc_popen_FILE {
* Returns pointer to struct lxc_popen_FILE, that should be freed with lxc_pclose().
* On error returns NULL.
*/
-extern struct lxc_popen_FILE *lxc_popen(const char *command);
+__hidden extern struct lxc_popen_FILE *lxc_popen(const char *command);
/* pclose() replacement to be used on struct lxc_popen_FILE *,
* returned by lxc_popen().
* Waits for associated process to terminate, returns its exit status and
* frees resources, pointed to by struct lxc_popen_FILE *.
*/
-extern int lxc_pclose(struct lxc_popen_FILE *fp);
+__hidden extern int lxc_pclose(struct lxc_popen_FILE *fp);
static inline void __auto_lxc_pclose__(struct lxc_popen_FILE **f)
{
@@ -83,16 +84,16 @@ static inline void __auto_lxc_pclose__(struct lxc_popen_FILE **f)
/*
* wait on a child we forked
*/
-extern int wait_for_pid(pid_t pid);
-extern int lxc_wait_for_pid_status(pid_t pid);
-extern int wait_for_pidfd(int pidfd);
+__hidden extern int wait_for_pid(pid_t pid);
+__hidden extern int lxc_wait_for_pid_status(pid_t pid);
+__hidden extern int wait_for_pidfd(int pidfd);
#if HAVE_OPENSSL
-extern int sha1sum_file(char *fnam, unsigned char *md_value, unsigned int *md_len);
+__hidden extern int sha1sum_file(char *fnam, unsigned char *md_value, unsigned int *md_len);
#endif
/* initialize rand with urandom */
-extern int randseed(bool);
+__hidden extern int randseed(bool);
/* are we unprivileged with respect to our namespaces */
inline static bool am_guest_unpriv(void) {
@@ -126,52 +127,51 @@ inline static bool am_host_unpriv(void)
/*
* parse /proc/self/uid_map to find what @orig maps to
*/
-extern uid_t get_ns_uid(uid_t orig);
+__hidden extern uid_t get_ns_uid(uid_t orig);
/*
* parse /proc/self/gid_map to find what @orig maps to
*/
-extern gid_t get_ns_gid(gid_t orig);
+__hidden extern gid_t get_ns_gid(gid_t orig);
-extern bool dir_exists(const char *path);
+__hidden extern bool dir_exists(const char *path);
#define FNV1A_64_INIT ((uint64_t)0xcbf29ce484222325ULL)
-extern uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval);
-
-extern bool is_shared_mountpoint(const char *path);
-extern int detect_shared_rootfs(void);
-extern bool detect_ramfs_rootfs(void);
-extern char *on_path(const char *cmd, const char *rootfs);
-extern bool cgns_supported(void);
-extern char *choose_init(const char *rootfs);
-extern bool switch_to_ns(pid_t pid, const char *ns);
-extern char *get_template_path(const char *t);
-extern int safe_mount(const char *src, const char *dest, const char *fstype,
- unsigned long flags, const void *data,
- const char *rootfs);
-extern int lxc_mount_proc_if_needed(const char *rootfs);
-extern int open_devnull(void);
-extern int set_stdfds(int fd);
-extern int null_stdfds(void);
-extern int lxc_preserve_ns(const int pid, const char *ns);
+__hidden extern uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval);
+
+__hidden extern bool is_shared_mountpoint(const char *path);
+__hidden extern int detect_shared_rootfs(void);
+__hidden extern bool detect_ramfs_rootfs(void);
+__hidden extern char *on_path(const char *cmd, const char *rootfs);
+__hidden extern bool cgns_supported(void);
+__hidden extern char *choose_init(const char *rootfs);
+__hidden extern bool switch_to_ns(pid_t pid, const char *ns);
+__hidden extern char *get_template_path(const char *t);
+__hidden extern int safe_mount(const char *src, const char *dest, const char *fstype,
+ unsigned long flags, const void *data, const char *rootfs);
+__hidden extern int lxc_mount_proc_if_needed(const char *rootfs);
+__hidden extern int open_devnull(void);
+__hidden extern int set_stdfds(int fd);
+__hidden extern int null_stdfds(void);
+__hidden extern int lxc_preserve_ns(const int pid, const char *ns);
/* Check whether a signal is blocked by a process. */
-extern bool task_blocks_signal(pid_t pid, int signal);
+__hidden extern bool task_blocks_signal(pid_t pid, int signal);
/* Switch to a new uid and gid.
* If LXC_INVALID_{G,U}ID is passed then the set{g,u}id() will not be called.
*/
-extern bool lxc_switch_uid_gid(uid_t uid, gid_t gid);
-extern bool lxc_setgroups(int size, gid_t list[]);
+__hidden extern bool lxc_switch_uid_gid(uid_t uid, gid_t gid);
+__hidden extern bool lxc_setgroups(int size, gid_t list[]);
/* Find an unused loop device and associate it with source. */
-extern int lxc_prepare_loop_dev(const char *source, char *loop_dev, int flags);
+__hidden extern int lxc_prepare_loop_dev(const char *source, char *loop_dev, int flags);
/* Clear all mounts on a given node.
* >= 0 successfully cleared. The number returned is the number of umounts
* performed.
* < 0 error umounting. Return -errno.
*/
-extern int lxc_unstack_mountpoint(const char *path, bool lazy);
+__hidden extern int lxc_unstack_mountpoint(const char *path, bool lazy);
/*
* run_command runs a command and collect it's std{err,out} output in buf.
@@ -185,8 +185,7 @@ extern int lxc_unstack_mountpoint(const char *path, bool lazy);
* function must exec.
* @param[in] args Arguments to be passed to child_fn.
*/
-extern int run_command(char *buf, size_t buf_size, int (*child_fn)(void *),
- void *args);
+__hidden extern int run_command(char *buf, size_t buf_size, int (*child_fn)(void *), void *args);
/*
* run_command runs a command and collect it's std{err,out} output in buf, returns exit status.
@@ -200,10 +199,10 @@ extern int run_command(char *buf, size_t buf_size, int (*child_fn)(void *),
* function must exec.
* @param[in] args Arguments to be passed to child_fn.
*/
-extern int run_command_status(char *buf, size_t buf_size, int (*child_fn)(void *),
- void *args);
+__hidden extern int run_command_status(char *buf, size_t buf_size, int (*child_fn)(void *),
+ void *args);
-extern bool lxc_nic_exists(char *nic);
+__hidden extern bool lxc_nic_exists(char *nic);
static inline uint64_t lxc_getpagesize(void)
{
@@ -224,16 +223,16 @@ static inline uint64_t lxc_getpagesize(void)
* If the caller passes in 0 they will receive 0 in return since this is invalid
* input and 0 is not a power of 2.
*/
-extern uint64_t lxc_find_next_power2(uint64_t n);
+__hidden extern uint64_t lxc_find_next_power2(uint64_t n);
/* Set a signal the child process will receive after the parent has died. */
-extern int lxc_set_death_signal(int signal, pid_t parent, int parent_status_fd);
-extern int fd_cloexec(int fd, bool cloexec);
-extern int lxc_rm_rf(const char *dirname);
-extern int lxc_setup_keyring(char *keyring_label);
-extern bool lxc_can_use_pidfd(int pidfd);
+__hidden extern int lxc_set_death_signal(int signal, pid_t parent, int parent_status_fd);
+__hidden extern int fd_cloexec(int fd, bool cloexec);
+__hidden extern int lxc_rm_rf(const char *dirname);
+__hidden extern int lxc_setup_keyring(char *keyring_label);
+__hidden extern bool lxc_can_use_pidfd(int pidfd);
-extern int fix_stdio_permissions(uid_t uid);
+__hidden extern int fix_stdio_permissions(uid_t uid);
static inline bool uid_valid(uid_t uid)
{
@@ -245,6 +244,6 @@ static inline bool gid_valid(gid_t gid)
return gid != LXC_INVALID_GID;
}
-extern bool multiply_overflow(int64_t base, uint64_t mult, int64_t *res);
+__hidden extern bool multiply_overflow(int64_t base, uint64_t mult, int64_t *res);
#endif /* __LXC_UTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 1fdcee07ad..3a544c3c08 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -32,12 +32,43 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
- ../lxc/terminal.c ../lxc/terminal.h
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
-lxc_test_apparmor_SOURCES = aa.c
+lxc_test_apparmor_SOURCES = aa.c \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
+if ENABLE_SECCOMP
+lxc_test_apparmor_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_attach_SOURCES = attach.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
@@ -63,7 +94,8 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
- ../lxc/terminal.c ../lxc/terminal.h
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -94,7 +126,8 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
- ../lxc/terminal.c ../lxc/terminal.h
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -127,7 +160,8 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
- ../lxc/terminal.c ../lxc/terminal.h
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -144,17 +178,70 @@ lxc_test_getkeys_SOURCES = getkeys.c
lxc_test_get_item_SOURCES = get_item.c
lxc_test_list_SOURCES = list.c
lxc_test_locktests_SOURCES = locktests.c \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
+if ENABLE_SECCOMP
+lxc_test_locktests_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_lxcpath_SOURCES = lxcpath.c
lxc_test_may_control_SOURCES = may_control.c
lxc_test_mount_injection_SOURCES = mount_injection.c \
lxctest.h \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
+if ENABLE_SECCOMP
+lxc_test_mount_injection_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_parse_config_file_SOURCES = parse_config_file.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -181,7 +268,8 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
- ../lxc/terminal.c ../lxc/terminal.h
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -235,7 +323,8 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/state.c ../lxc/state.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
- ../lxc/terminal.c ../lxc/terminal.h
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
From 78ad1eb09dafabf39a741dacd0a227b2f91296b5 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 13:19:03 +0200
Subject: [PATCH 23/37] uuid: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 75 ++++++++++++++++++++++++++++---------------
src/lxc/uuid.h | 18 ++++++-----
src/tests/Makefile.am | 27 ++++++++++------
3 files changed, 78 insertions(+), 42 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index f3e15f6b95..76902e363a 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -357,7 +357,8 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_attach_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -389,7 +390,8 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -421,7 +423,8 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -453,7 +456,8 @@ lxc_config_SOURCES = tools/lxc_config.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -485,7 +489,8 @@ lxc_console_SOURCES = tools/lxc_console.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -517,7 +522,8 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -549,7 +555,8 @@ lxc_device_SOURCES = tools/lxc_device.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -581,7 +588,8 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -613,7 +621,8 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -645,7 +654,8 @@ lxc_info_SOURCES = tools/lxc_info.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -678,7 +688,8 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -711,7 +722,8 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -744,7 +756,8 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_copy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -776,7 +789,8 @@ lxc_start_SOURCES = tools/lxc_start.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -808,7 +822,8 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -840,7 +855,8 @@ lxc_top_SOURCES = tools/lxc_top.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -872,7 +888,8 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -906,7 +923,8 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
syscall_numbers.h \
syscall_wrappers.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_unshare_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -938,7 +956,8 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -971,7 +990,8 @@ lxc_create_SOURCES = tools/lxc_create.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_create_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1003,7 +1023,8 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1035,7 +1056,8 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1090,7 +1112,8 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
sync.c sync.h \
syscall_numbers.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_monitord_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1125,7 +1148,8 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
syscall_numbers.h \
syscall_wrappers.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_user_nic_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1160,7 +1184,8 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
sync.c sync.h \
syscall_wrappers.h \
terminal.c terminal.h \
- utils.c utils.h
+ utils.c utils.h \
+ uuid.c uuid.h
if ENABLE_SECCOMP
lxc_usernsexec_SOURCES += seccomp.c lxcseccomp.h
endif
diff --git a/src/lxc/uuid.h b/src/lxc/uuid.h
index beb50a2caa..ca94254288 100644
--- a/src/lxc/uuid.h
+++ b/src/lxc/uuid.h
@@ -9,16 +9,18 @@
#define __STDC_FORMAT_MACROS
#include <inttypes.h>
+#include "compiler.h"
+
typedef union lxc_id128 lxc_id128_t;
union lxc_id128 {
- uint8_t bytes[16];
- uint64_t qwords[2];
-}
-;
-extern int lxc_id128_randomize(lxc_id128_t *ret);
-extern int lxc_id128_write(const char *p, lxc_id128_t id);
-extern int lxc_id128_write_fd(int fd, lxc_id128_t id);
-extern char *id128_to_uuid_string(lxc_id128_t id, char s[37]);
+ uint8_t bytes[16];
+ uint64_t qwords[2];
+};
+
+__hidden extern int lxc_id128_randomize(lxc_id128_t *ret);
+__hidden extern int lxc_id128_write(const char *p, lxc_id128_t id);
+__hidden extern int lxc_id128_write_fd(int fd, lxc_id128_t id);
+__hidden extern char *id128_to_uuid_string(lxc_id128_t id, char s[37]);
#endif /* __LXC_UUID_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 3a544c3c08..daced9bb03 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -33,7 +33,8 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -64,7 +65,8 @@ lxc_test_apparmor_SOURCES = aa.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_apparmor_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -95,7 +97,8 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -127,7 +130,8 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -161,7 +165,8 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -203,7 +208,8 @@ lxc_test_locktests_SOURCES = locktests.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_locktests_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -237,7 +243,8 @@ lxc_test_mount_injection_SOURCES = mount_injection.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_mount_injection_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -269,7 +276,8 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -324,7 +332,8 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
From c332ec90f0cd65fae777016aaba4d7063e903da1 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 13:28:08 +0200
Subject: [PATCH 24/37] cgroups: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 75 +++++++++++++++++++++++++++++++
src/lxc/cgroups/cgroup.h | 13 +++---
src/lxc/cgroups/cgroup2_devices.h | 28 +++++++-----
src/lxc/cgroups/cgroup_utils.h | 14 +++---
src/tests/Makefile.am | 30 +++++++++++++
5 files changed, 136 insertions(+), 24 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 76902e363a..4ec6c7b8df 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -333,6 +333,9 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -367,6 +370,9 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -400,6 +406,9 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -433,6 +442,9 @@ lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -466,6 +478,9 @@ lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -499,6 +514,9 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -532,6 +550,9 @@ lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -565,6 +586,9 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -598,6 +622,9 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -631,6 +658,9 @@ lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -664,6 +694,9 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -698,6 +731,9 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -732,6 +768,9 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -766,6 +805,9 @@ lxc_start_SOURCES = tools/lxc_start.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -799,6 +841,9 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -832,6 +877,9 @@ lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -865,6 +913,9 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -898,6 +949,9 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -933,6 +987,9 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -966,6 +1023,9 @@ lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -1000,6 +1060,9 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -1033,6 +1096,9 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -1088,6 +1154,9 @@ init_lxc_LDFLAGS = -pthread
lxc_monitord_SOURCES = cmd/lxc_monitord.c \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -1122,6 +1191,9 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
@@ -1157,6 +1229,9 @@ endif
lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgroup.c cgroups/cgroup.h \
+ cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
+ cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
commands.c commands.h \
commands_utils.c commands_utils.h \
conf.c conf.h \
diff --git a/src/lxc/cgroups/cgroup.h b/src/lxc/cgroups/cgroup.h
index e3712b710e..7dec05a5c2 100644
--- a/src/lxc/cgroups/cgroup.h
+++ b/src/lxc/cgroups/cgroup.h
@@ -7,6 +7,7 @@
#include <stddef.h>
#include <sys/types.h>
+#include "compiler.h"
#include "macro.h"
#include "memory_utils.h"
@@ -179,15 +180,15 @@ struct cgroup_ops {
const char *(*get_limiting_cgroup)(struct cgroup_ops *ops, const char *controller);
};
-extern struct cgroup_ops *cgroup_init(struct lxc_conf *conf);
+__hidden extern struct cgroup_ops *cgroup_init(struct lxc_conf *conf);
-extern void cgroup_exit(struct cgroup_ops *ops);
+__hidden extern void cgroup_exit(struct cgroup_ops *ops);
define_cleanup_function(struct cgroup_ops *, cgroup_exit);
-extern void prune_init_scope(char *cg);
+__hidden extern void prune_init_scope(char *cg);
-extern int cgroup_attach(const struct lxc_conf *conf, const char *name,
- const char *lxcpath, pid_t pid);
+__hidden extern int cgroup_attach(const struct lxc_conf *conf, const char *name,
+ const char *lxcpath, pid_t pid);
static inline bool pure_unified_layout(const struct cgroup_ops *ops)
{
@@ -202,4 +203,4 @@ static inline int cgroup_unified_fd(const struct cgroup_ops *ops)
return ops->unified->cgfd_con;
}
-#endif
+#endif /* __LXC_CGROUP_H */
diff --git a/src/lxc/cgroups/cgroup2_devices.h b/src/lxc/cgroups/cgroup2_devices.h
index 5c848d81e5..83d2fd3cc1 100644
--- a/src/lxc/cgroups/cgroup2_devices.h
+++ b/src/lxc/cgroups/cgroup2_devices.h
@@ -15,6 +15,7 @@
#include <sys/types.h>
#include <unistd.h>
+#include "compiler.h"
#include "conf.h"
#include "config.h"
#include "syscall_numbers.h"
@@ -52,17 +53,17 @@ struct bpf_program {
};
#ifdef HAVE_STRUCT_BPF_CGROUP_DEV_CTX
-struct bpf_program *bpf_program_new(uint32_t prog_type);
-int bpf_program_init(struct bpf_program *prog);
-int bpf_program_append_device(struct bpf_program *prog,
- struct device_item *device);
-int bpf_program_finalize(struct bpf_program *prog);
-int bpf_program_cgroup_attach(struct bpf_program *prog, int type,
- const char *path, uint32_t flags);
-int bpf_program_cgroup_detach(struct bpf_program *prog);
-void bpf_program_free(struct bpf_program *prog);
-void lxc_clear_cgroup2_devices(struct lxc_conf *conf);
-bool bpf_devices_cgroup_supported(void);
+__hidden extern struct bpf_program *bpf_program_new(uint32_t prog_type);
+__hidden extern int bpf_program_init(struct bpf_program *prog);
+__hidden extern int bpf_program_append_device(struct bpf_program *prog, struct device_item *device);
+__hidden extern int bpf_program_finalize(struct bpf_program *prog);
+__hidden extern int bpf_program_cgroup_attach(struct bpf_program *prog, int type, const char *path,
+ uint32_t flags);
+__hidden extern int bpf_program_cgroup_detach(struct bpf_program *prog);
+__hidden extern void bpf_program_free(struct bpf_program *prog);
+__hidden extern void lxc_clear_cgroup2_devices(struct lxc_conf *conf);
+__hidden extern bool bpf_devices_cgroup_supported(void);
+
static inline void __auto_bpf_program_free__(struct bpf_program **prog)
{
if (*prog) {
@@ -70,8 +71,11 @@ static inline void __auto_bpf_program_free__(struct bpf_program **prog)
*prog = NULL;
}
}
-int bpf_list_add_device(struct lxc_conf *conf, struct device_item *device);
+
+__hidden extern int bpf_list_add_device(struct lxc_conf *conf, struct device_item *device);
+
#else /* !HAVE_STRUCT_BPF_CGROUP_DEV_CTX */
+
static inline struct bpf_program *bpf_program_new(uint32_t prog_type)
{
errno = ENOSYS;
diff --git a/src/lxc/cgroups/cgroup_utils.h b/src/lxc/cgroups/cgroup_utils.h
index 5e7c582b0e..17d7b2ffee 100644
--- a/src/lxc/cgroups/cgroup_utils.h
+++ b/src/lxc/cgroups/cgroup_utils.h
@@ -6,26 +6,28 @@
#include <stdbool.h>
#include <stdio.h>
+#include "compiler.h"
+
/* Retrieve the cgroup version of a given entry from /proc/<pid>/mountinfo. */
-extern int get_cgroup_version(char *line);
+__hidden extern int get_cgroup_version(char *line);
/* Check if given entry from /proc/<pid>/mountinfo is a cgroupfs v1 mount. */
-extern bool is_cgroupfs_v1(char *line);
+__hidden extern bool is_cgroupfs_v1(char *line);
/* Check if given entry from /proc/<pid>/mountinfo is a cgroupfs v2 mount. */
-extern bool is_cgroupfs_v2(char *line);
+__hidden extern bool is_cgroupfs_v2(char *line);
/* Given a v1 hierarchy @mountpoint and base @path, verify that we can create
* directories underneath it.
*/
-extern bool test_writeable_v1(char *mountpoint, char *path);
+__hidden extern bool test_writeable_v1(char *mountpoint, char *path);
/* Given a v2 hierarchy @mountpoint and base @path, verify that we can create
* directories underneath it and that we have write access to the cgroup's
* "cgroup.procs" file.
*/
-extern bool test_writeable_v2(char *mountpoint, char *path);
+__hidden extern bool test_writeable_v2(char *mountpoint, char *path);
-extern int unified_cgroup_hierarchy(void);
+__hidden extern int unified_cgroup_hierarchy(void);
#endif /* __LXC_CGROUP_UTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index daced9bb03..c63799bbdf 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -10,6 +10,9 @@ LDADD = ../lxc/liblxc.la \
lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
@@ -42,6 +45,9 @@ endif
lxc_test_apparmor_SOURCES = aa.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
@@ -74,6 +80,9 @@ endif
lxc_test_attach_SOURCES = attach.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
@@ -107,6 +116,9 @@ lxc_test_basic_SOURCES = basic.c
lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
@@ -142,6 +154,9 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
@@ -185,6 +200,9 @@ lxc_test_list_SOURCES = list.c
lxc_test_locktests_SOURCES = locktests.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
@@ -220,6 +238,9 @@ lxc_test_mount_injection_SOURCES = mount_injection.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
@@ -253,6 +274,9 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
@@ -285,6 +309,9 @@ endif
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/log.c ../lxc/log.h \
../lxc/namespace.c ../lxc/namespace.h \
@@ -309,6 +336,9 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
+ ../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
+ ../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
From ebbde1732ca86cce5686cd1ef672a9bae23e7959 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 13:40:57 +0200
Subject: [PATCH 25/37] lsm: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 75 ++++++++++++++++++++++++++++---------------
src/lxc/lsm/lsm.h | 23 +++++++------
src/tests/Makefile.am | 66 +++++++++++++++++++++++++++++++------
3 files changed, 117 insertions(+), 47 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 4ec6c7b8df..0c9215bb0f 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -361,7 +361,8 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_attach_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -397,7 +398,8 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -433,7 +435,8 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -469,7 +472,8 @@ lxc_config_SOURCES = tools/lxc_config.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -505,7 +509,8 @@ lxc_console_SOURCES = tools/lxc_console.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -541,7 +546,8 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -577,7 +583,8 @@ lxc_device_SOURCES = tools/lxc_device.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -613,7 +620,8 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -649,7 +657,8 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -685,7 +694,8 @@ lxc_info_SOURCES = tools/lxc_info.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -722,7 +732,8 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -759,7 +770,8 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -796,7 +808,8 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_copy_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -832,7 +845,8 @@ lxc_start_SOURCES = tools/lxc_start.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -868,7 +882,8 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -904,7 +919,8 @@ lxc_top_SOURCES = tools/lxc_top.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -940,7 +956,8 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -978,7 +995,8 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
syscall_wrappers.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_unshare_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1014,7 +1032,8 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1051,7 +1070,8 @@ lxc_create_SOURCES = tools/lxc_create.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_create_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1087,7 +1107,8 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1123,7 +1144,8 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
sync.c sync.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1182,7 +1204,8 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
syscall_numbers.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_monitord_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1221,7 +1244,8 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
syscall_wrappers.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_user_nic_SOURCES += seccomp.c lxcseccomp.h
endif
@@ -1260,7 +1284,8 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
syscall_wrappers.h \
terminal.c terminal.h \
utils.c utils.h \
- uuid.c uuid.h
+ uuid.c uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_usernsexec_SOURCES += seccomp.c lxcseccomp.h
endif
diff --git a/src/lxc/lsm/lsm.h b/src/lxc/lsm/lsm.h
index ee578bb035..8c7b4661c8 100644
--- a/src/lxc/lsm/lsm.h
+++ b/src/lxc/lsm/lsm.h
@@ -7,6 +7,7 @@ struct lxc_conf;
#include <sys/types.h>
+#include "compiler.h"
#include "macro.h"
#include "utils.h"
@@ -22,17 +23,15 @@ struct lsm_drv {
void (*cleanup)(struct lxc_conf *conf, const char *lxcpath);
};
-extern void lsm_init(void);
-extern int lsm_enabled(void);
-extern const char *lsm_name(void);
-extern char *lsm_process_label_get(pid_t pid);
-extern int lsm_process_prepare(struct lxc_conf *conf, const char *lxcpath);
-extern int lsm_process_label_set(const char *label, struct lxc_conf *conf,
- bool on_exec);
-extern int lsm_process_label_fd_get(pid_t pid, bool on_exec);
-extern int lsm_process_label_set_at(int label_fd, const char *label,
- bool on_exec);
-extern void lsm_process_cleanup(struct lxc_conf *conf, const char *lxcpath);
-extern int lsm_keyring_label_set(char *label);
+__hidden extern void lsm_init(void);
+__hidden extern int lsm_enabled(void);
+__hidden extern const char *lsm_name(void);
+__hidden extern char *lsm_process_label_get(pid_t pid);
+__hidden extern int lsm_process_prepare(struct lxc_conf *conf, const char *lxcpath);
+__hidden extern int lsm_process_label_set(const char *label, struct lxc_conf *conf, bool on_exec);
+__hidden extern int lsm_process_label_fd_get(pid_t pid, bool on_exec);
+__hidden extern int lsm_process_label_set_at(int label_fd, const char *label, bool on_exec);
+__hidden extern void lsm_process_cleanup(struct lxc_conf *conf, const char *lxcpath);
+__hidden extern int lsm_keyring_label_set(char *label);
#endif /* __LXC_LSM_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index c63799bbdf..02f554ce39 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -7,6 +7,18 @@ LDADD = ../lxc/liblxc.la \
@SELINUX_LIBS@ \
@DLOG_LIBS@
+LSM_SOURCES = ../lxc/lsm/lsm.c \
+ ../lxc/lsm/lsm.h \
+ ../lxc/lsm/nop.c
+
+if ENABLE_APPARMOR
+LSM_SOURCES += ../lxc/lsm/apparmor.c
+endif
+
+if ENABLE_SELINUX
+LSM_SOURCES += ../lxc/lsm/selinux.c
+endif
+
lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
@@ -37,7 +49,8 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -72,7 +85,8 @@ lxc_test_apparmor_SOURCES = aa.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_apparmor_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -107,7 +121,8 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -143,7 +158,8 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -181,7 +197,8 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -227,7 +244,8 @@ lxc_test_locktests_SOURCES = locktests.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_locktests_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -265,7 +283,8 @@ lxc_test_mount_injection_SOURCES = mount_injection.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_mount_injection_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
@@ -301,23 +320,49 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/monitor.c ../lxc/monitor.h \
../lxc/namespace.c ../lxc/namespace.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
+ ../lxc/start.c ../lxc/start.h \
+ ../lxc/state.c ../lxc/state.h \
+ ../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
- ../lxc/utils.c ../lxc/utils.h
+ ../lxc/terminal.c ../lxc/terminal.h \
+ ../lxc/utils.c ../lxc/utils.h \
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
+if ENABLE_SECCOMP
+lxc_test_raw_clone_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_reboot_SOURCES = reboot.c
lxc_test_saveconfig_SOURCES = saveconfig.c
lxc_test_share_ns_SOURCES = share_ns.c \
@@ -363,7 +408,8 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
../lxc/utils.c ../lxc/utils.h \
- ../lxc/uuid.c ../lxc/uuid.h
+ ../lxc/uuid.c ../lxc/uuid.h \
+ $(LSM_SOURCES)
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
endif
From d6728cb356fab10028995d64808d71d3cd6bc21f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 13:45:37 +0200
Subject: [PATCH 26/37] arguments: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/tools/arguments.h | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/lxc/tools/arguments.h b/src/lxc/tools/arguments.h
index cb0ba744df..0af6f33329 100644
--- a/src/lxc/tools/arguments.h
+++ b/src/lxc/tools/arguments.h
@@ -11,6 +11,8 @@
#include <lxc/lxccontainer.h>
+#include "compiler.h"
+
struct lxc_arguments;
typedef int (*lxc_arguments_parser_t)(struct lxc_arguments *, int, char *);
@@ -152,13 +154,11 @@ struct lxc_arguments {
#define OPT_SHARE_UTS OPT_USAGE - 5
#define OPT_SHARE_PID OPT_USAGE - 6
-extern int lxc_arguments_parse(struct lxc_arguments *args, int argc,
- char *const argv[]);
+__hidden extern int lxc_arguments_parse(struct lxc_arguments *args, int argc, char *const argv[]);
-extern int lxc_arguments_str_to_int(struct lxc_arguments *args,
- const char *str);
+__hidden extern int lxc_arguments_str_to_int(struct lxc_arguments *args, const char *str);
-extern bool lxc_setup_shared_ns(struct lxc_arguments *args, struct lxc_container *c);
+__hidden extern bool lxc_setup_shared_ns(struct lxc_arguments *args, struct lxc_container *c);
#define lxc_info(arg, fmt, args...) \
do { \
From 2284f8a505b6cf5f1fb196a964f650f37b882ff7 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 13:57:16 +0200
Subject: [PATCH 27/37] storage: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 274 +++++++++++++++++++++++++++++++-
src/lxc/storage/btrfs.h | 77 ++++-----
src/lxc/storage/dir.h | 22 +--
src/lxc/storage/loop.h | 22 +--
src/lxc/storage/lvm.h | 36 +++--
src/lxc/storage/nbd.h | 29 ++--
src/lxc/storage/overlay.h | 36 ++---
src/lxc/storage/rbd.h | 22 +--
src/lxc/storage/rsync.h | 10 +-
src/lxc/storage/storage.h | 34 ++--
src/lxc/storage/storage_utils.h | 30 ++--
src/lxc/storage/zfs.h | 31 ++--
src/tests/Makefile.am | 110 +++++++++++++
13 files changed, 558 insertions(+), 175 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 0c9215bb0f..60e120bd88 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -48,7 +48,6 @@ noinst_HEADERS = api_extensions.h \
terminal.h \
../tests/lxctest.h \
tools/arguments.h \
- storage/storage_utils.h \
utils.h \
uuid.h
@@ -357,6 +356,17 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -394,6 +404,17 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -431,6 +452,17 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -468,6 +500,17 @@ lxc_config_SOURCES = tools/lxc_config.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -505,6 +548,17 @@ lxc_console_SOURCES = tools/lxc_console.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -542,6 +596,17 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -579,6 +644,17 @@ lxc_device_SOURCES = tools/lxc_device.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -616,6 +692,17 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -653,6 +740,17 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -690,6 +788,17 @@ lxc_info_SOURCES = tools/lxc_info.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -728,6 +837,17 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -766,6 +886,17 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -803,7 +934,17 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -841,6 +982,17 @@ lxc_start_SOURCES = tools/lxc_start.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -878,6 +1030,17 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -915,6 +1078,17 @@ lxc_top_SOURCES = tools/lxc_top.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -952,6 +1126,17 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -989,6 +1174,17 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
syscall_numbers.h \
@@ -1028,6 +1224,17 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -1065,7 +1272,17 @@ lxc_create_SOURCES = tools/lxc_create.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -1103,6 +1320,17 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -1140,6 +1368,17 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
terminal.c terminal.h \
@@ -1199,6 +1438,17 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
syscall_numbers.h \
@@ -1238,6 +1488,17 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
syscall_numbers.h \
@@ -1279,6 +1540,17 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
ringbuf.c ringbuf.h \
start.c start.h \
state.c state.h \
+ storage/btrfs.c storage/btrfs.h \
+ storage/dir.c storage/dir.h \
+ storage/loop.c storage/loop.h \
+ storage/lvm.c storage/lvm.h \
+ storage/nbd.c storage/nbd.h \
+ storage/overlay.c storage/overlay.h \
+ storage/rbd.c storage/rbd.h \
+ storage/rsync.c storage/rsync.h \
+ storage/storage.c storage/storage.h \
+ storage/storage_utils.c storage/storage_utils.h \
+ storage/zfs.c storage/zfs.h \
string_utils.c string_utils.h \
sync.c sync.h \
syscall_wrappers.h \
diff --git a/src/lxc/storage/btrfs.h b/src/lxc/storage/btrfs.h
index c7f45eb4dc..210a4e21d3 100644
--- a/src/lxc/storage/btrfs.h
+++ b/src/lxc/storage/btrfs.h
@@ -8,8 +8,10 @@
#include <stdbool.h>
#include <stdint.h>
+#include "compiler.h"
+
#ifndef BTRFS_SUPER_MAGIC
-# define BTRFS_SUPER_MAGIC 0x9123683E
+#define BTRFS_SUPER_MAGIC 0x9123683E
#endif
typedef uint8_t u8;
@@ -31,8 +33,7 @@ struct btrfs_ioctl_space_args {
#define BTRFS_IOCTL_MAGIC 0x94
#define BTRFS_IOC_SUBVOL_GETFLAGS _IOR(BTRFS_IOCTL_MAGIC, 25, unsigned long long)
-#define BTRFS_IOC_SPACE_INFO _IOWR(BTRFS_IOCTL_MAGIC, 20, \
- struct btrfs_ioctl_space_args)
+#define BTRFS_IOC_SPACE_INFO _IOWR(BTRFS_IOCTL_MAGIC, 20, struct btrfs_ioctl_space_args)
#define BTRFS_FSID_SIZE 16
struct btrfs_ioctl_fs_info_args {
@@ -42,9 +43,7 @@ struct btrfs_ioctl_fs_info_args {
unsigned long long reserved[124];
};
-#define BTRFS_IOC_FS_INFO _IOR(BTRFS_IOCTL_MAGIC, 31, \
- struct btrfs_ioctl_fs_info_args)
-
+#define BTRFS_IOC_FS_INFO _IOR(BTRFS_IOCTL_MAGIC, 31, struct btrfs_ioctl_fs_info_args)
#define BTRFS_SUBVOL_NAME_MAX 4039
#define BTRFS_PATH_NAME_MAX 4087
@@ -55,14 +54,10 @@ struct btrfs_ioctl_vol_args {
};
#define BTRFS_IOCTL_MAGIC 0x94
-#define BTRFS_IOC_SUBVOL_CREATE_V2 _IOW(BTRFS_IOCTL_MAGIC, 24, \
- struct btrfs_ioctl_vol_args_v2)
-#define BTRFS_IOC_SNAP_CREATE_V2 _IOW(BTRFS_IOCTL_MAGIC, 23, \
- struct btrfs_ioctl_vol_args_v2)
-#define BTRFS_IOC_SUBVOL_CREATE _IOW(BTRFS_IOCTL_MAGIC, 14, \
- struct btrfs_ioctl_vol_args)
-#define BTRFS_IOC_SNAP_DESTROY _IOW(BTRFS_IOCTL_MAGIC, 15, \
- struct btrfs_ioctl_vol_args)
+#define BTRFS_IOC_SUBVOL_CREATE_V2 _IOW(BTRFS_IOCTL_MAGIC, 24, struct btrfs_ioctl_vol_args_v2)
+#define BTRFS_IOC_SNAP_CREATE_V2 _IOW(BTRFS_IOCTL_MAGIC, 23, struct btrfs_ioctl_vol_args_v2)
+#define BTRFS_IOC_SUBVOL_CREATE _IOW(BTRFS_IOCTL_MAGIC, 14, struct btrfs_ioctl_vol_args)
+#define BTRFS_IOC_SNAP_DESTROY _IOW(BTRFS_IOCTL_MAGIC, 15, struct btrfs_ioctl_vol_args)
#define BTRFS_QGROUP_INHERIT_SET_LIMITS (1ULL << 0)
@@ -185,8 +180,7 @@ struct btrfs_ioctl_search_args {
char buf[BTRFS_SEARCH_ARGS_BUFSIZE];
};
-#define BTRFS_IOC_TREE_SEARCH _IOWR(BTRFS_IOCTL_MAGIC, 17, \
- struct btrfs_ioctl_search_args)
+#define BTRFS_IOC_TREE_SEARCH _IOWR(BTRFS_IOCTL_MAGIC, 17, struct btrfs_ioctl_search_args)
#define BTRFS_UUID_SIZE 16
struct btrfs_timespec {
@@ -283,8 +277,7 @@ struct btrfs_root_item {
__le64 reserved[8]; /* for future */
} __attribute__ ((__packed__));
-#define BTRFS_IOC_INO_LOOKUP _IOWR(BTRFS_IOCTL_MAGIC, 18, \
- struct btrfs_ioctl_ino_lookup_args)
+#define BTRFS_IOC_INO_LOOKUP _IOWR(BTRFS_IOCTL_MAGIC, 18, struct btrfs_ioctl_ino_lookup_args)
#define BTRFS_INO_LOOKUP_PATH_MAX 4080
struct btrfs_ioctl_ino_lookup_args {
@@ -362,30 +355,28 @@ struct my_btrfs_tree {
int num;
};
-extern int btrfs_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
- const char *oldname, const char *cname,
- const char *oldpath, const char *lxcpath, int snap,
- uint64_t newsize, struct lxc_conf *conf);
-extern int btrfs_create(struct lxc_storage *bdev, const char *dest, const char *n,
- struct bdev_specs *specs, const struct lxc_conf *conf);
-extern int btrfs_destroy(struct lxc_storage *orig);
-extern bool btrfs_detect(const char *path);
-extern int btrfs_mount(struct lxc_storage *bdev);
-extern int btrfs_umount(struct lxc_storage *bdev);
-
-extern char *get_btrfs_subvol_path(int fd, u64 dir_id, u64 objid, char *name,
- u16 name_len);
-extern int btrfs_list_get_path_rootid(int fd, u64 *treeid);
-extern bool is_btrfs_fs(const char *path);
-extern int is_btrfs_subvol(const char *path);
-extern bool btrfs_try_remove_subvol(const char *path);
-extern int btrfs_same_fs(const char *orig, const char *new);
-extern int btrfs_snapshot(const char *orig, const char *new);
-extern int btrfs_snapshot_wrapper(void *data);
-extern bool btrfs_create_clone(struct lxc_conf *conf, struct lxc_storage *orig,
- struct lxc_storage *new, uint64_t newsize);
-extern bool btrfs_create_snapshot(struct lxc_conf *conf,
- struct lxc_storage *orig,
- struct lxc_storage *new, uint64_t newsize);
+__hidden extern int btrfs_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
+ const char *oldname, const char *cname, const char *oldpath,
+ const char *lxcpath, int snap, uint64_t newsize,
+ struct lxc_conf *conf);
+__hidden extern int btrfs_create(struct lxc_storage *bdev, const char *dest, const char *n,
+ struct bdev_specs *specs, const struct lxc_conf *conf);
+__hidden extern int btrfs_destroy(struct lxc_storage *orig);
+__hidden extern bool btrfs_detect(const char *path);
+__hidden extern int btrfs_mount(struct lxc_storage *bdev);
+__hidden extern int btrfs_umount(struct lxc_storage *bdev);
+
+__hidden extern char *get_btrfs_subvol_path(int fd, u64 dir_id, u64 objid, char *name, u16 name_len);
+__hidden extern int btrfs_list_get_path_rootid(int fd, u64 *treeid);
+__hidden extern bool is_btrfs_fs(const char *path);
+__hidden extern int is_btrfs_subvol(const char *path);
+__hidden extern bool btrfs_try_remove_subvol(const char *path);
+__hidden extern int btrfs_same_fs(const char *orig, const char *new);
+__hidden extern int btrfs_snapshot(const char *orig, const char *new);
+__hidden extern int btrfs_snapshot_wrapper(void *data);
+__hidden extern bool btrfs_create_clone(struct lxc_conf *conf, struct lxc_storage *orig,
+ struct lxc_storage *new, uint64_t newsize);
+__hidden extern bool btrfs_create_snapshot(struct lxc_conf *conf, struct lxc_storage *orig,
+ struct lxc_storage *new, uint64_t newsize);
#endif /* __LXC_BTRFS_H */
diff --git a/src/lxc/storage/dir.h b/src/lxc/storage/dir.h
index d24a71fb44..24d8c53ff2 100644
--- a/src/lxc/storage/dir.h
+++ b/src/lxc/storage/dir.h
@@ -6,21 +6,23 @@
#include <stdbool.h>
#include <stdint.h>
+#include "compiler.h"
+
struct lxc_storage;
struct bdev_specs;
struct lxc_conf;
-extern int dir_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
- const char *oldname, const char *cname,
- const char *oldpath, const char *lxcpath, int snap,
- uint64_t newsize, struct lxc_conf *conf);
-extern int dir_create(struct lxc_storage *bdev, const char *dest, const char *n,
- struct bdev_specs *specs, const struct lxc_conf *conf);
-extern int dir_destroy(struct lxc_storage *orig);
-extern bool dir_detect(const char *path);
-extern int dir_mount(struct lxc_storage *bdev);
-extern int dir_umount(struct lxc_storage *bdev);
+__hidden extern int dir_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
+ const char *oldname, const char *cname, const char *oldpath,
+ const char *lxcpath, int snap, uint64_t newsize,
+ struct lxc_conf *conf);
+__hidden extern int dir_create(struct lxc_storage *bdev, const char *dest, const char *n,
+ struct bdev_specs *specs, const struct lxc_conf *conf);
+__hidden extern int dir_destroy(struct lxc_storage *orig);
+__hidden extern bool dir_detect(const char *path);
+__hidden extern int dir_mount(struct lxc_storage *bdev);
+__hidden extern int dir_umount(struct lxc_storage *bdev);
#endif /* __LXC_DIR_H */
diff --git a/src/lxc/storage/loop.h b/src/lxc/storage/loop.h
index 66681db8fe..9b04f09b23 100644
--- a/src/lxc/storage/loop.h
+++ b/src/lxc/storage/loop.h
@@ -6,21 +6,23 @@
#include <stdbool.h>
#include <stdint.h>
+#include "compiler.h"
+
struct lxc_storage;
struct bdev_specs;
struct lxc_conf;
-extern int loop_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
- const char *oldname, const char *cname,
- const char *oldpath, const char *lxcpath, int snap,
- uint64_t newsize, struct lxc_conf *conf);
-extern int loop_create(struct lxc_storage *bdev, const char *dest,
- const char *n, struct bdev_specs *specs, const struct lxc_conf *conf);
-extern int loop_destroy(struct lxc_storage *orig);
-extern bool loop_detect(const char *path);
-extern int loop_mount(struct lxc_storage *bdev);
-extern int loop_umount(struct lxc_storage *bdev);
+__hidden extern int loop_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
+ const char *oldname, const char *cname, const char *oldpath,
+ const char *lxcpath, int snap, uint64_t newsize,
+ struct lxc_conf *conf);
+__hidden extern int loop_create(struct lxc_storage *bdev, const char *dest, const char *n,
+ struct bdev_specs *specs, const struct lxc_conf *conf);
+__hidden extern int loop_destroy(struct lxc_storage *orig);
+__hidden extern bool loop_detect(const char *path);
+__hidden extern int loop_mount(struct lxc_storage *bdev);
+__hidden extern int loop_umount(struct lxc_storage *bdev);
#endif /* __LXC_LOOP_H */
diff --git a/src/lxc/storage/lvm.h b/src/lxc/storage/lvm.h
index 7c2fbea658..8d3dd6a9f9 100644
--- a/src/lxc/storage/lvm.h
+++ b/src/lxc/storage/lvm.h
@@ -6,28 +6,30 @@
#include <stdbool.h>
#include <stdint.h>
+#include "compiler.h"
+
struct lxc_storage;
struct bdev_specs;
struct lxc_conf;
-extern bool lvm_detect(const char *path);
-extern int lvm_mount(struct lxc_storage *bdev);
-extern int lvm_umount(struct lxc_storage *bdev);
-extern int lvm_compare_lv_attr(const char *path, int pos, const char expected);
-extern int lvm_is_thin_volume(const char *path);
-extern int lvm_is_thin_pool(const char *path);
-extern int lvm_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
- const char *oldname, const char *cname,
- const char *oldpath, const char *lxcpath, int snap,
- uint64_t newsize, struct lxc_conf *conf);
-extern int lvm_destroy(struct lxc_storage *orig);
-extern int lvm_create(struct lxc_storage *bdev, const char *dest, const char *n,
- struct bdev_specs *specs, const struct lxc_conf *conf);
-extern bool lvm_create_clone(struct lxc_conf *conf, struct lxc_storage *orig,
- struct lxc_storage *new, uint64_t newsize);
-extern bool lvm_create_snapshot(struct lxc_conf *conf, struct lxc_storage *orig,
- struct lxc_storage *new, uint64_t newsize);
+__hidden extern bool lvm_detect(const char *path);
+__hidden extern int lvm_mount(struct lxc_storage *bdev);
+__hidden extern int lvm_umount(struct lxc_storage *bdev);
+__hidden extern int lvm_compare_lv_attr(const char *path, int pos, const char expected);
+__hidden extern int lvm_is_thin_volume(const char *path);
+__hidden extern int lvm_is_thin_pool(const char *path);
+__hidden extern int lvm_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
+ const char *oldname, const char *cname, const char *oldpath,
+ const char *lxcpath, int snap, uint64_t newsize,
+ struct lxc_conf *conf);
+__hidden extern int lvm_destroy(struct lxc_storage *orig);
+__hidden extern int lvm_create(struct lxc_storage *bdev, const char *dest, const char *n,
+ struct bdev_specs *specs, const struct lxc_conf *conf);
+__hidden extern bool lvm_create_clone(struct lxc_conf *conf, struct lxc_storage *orig,
+ struct lxc_storage *new, uint64_t newsize);
+__hidden extern bool lvm_create_snapshot(struct lxc_conf *conf, struct lxc_storage *orig,
+ struct lxc_storage *new, uint64_t newsize);
#endif /* __LXC_LVM_H */
diff --git a/src/lxc/storage/nbd.h b/src/lxc/storage/nbd.h
index b01c486dfc..f6e4fb87c5 100644
--- a/src/lxc/storage/nbd.h
+++ b/src/lxc/storage/nbd.h
@@ -6,25 +6,26 @@
#include <stdbool.h>
#include <stdint.h>
+#include "compiler.h"
+
struct lxc_storage;
struct bdev_specs;
struct lxc_conf;
-extern int nbd_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
- const char *oldname, const char *cname,
- const char *oldpath, const char *lxcpath, int snap,
- uint64_t newsize, struct lxc_conf *conf);
-extern int nbd_create(struct lxc_storage *bdev, const char *dest, const char *n,
- struct bdev_specs *specs, const struct lxc_conf *conf);
-extern int nbd_destroy(struct lxc_storage *orig);
-extern bool nbd_detect(const char *path);
-extern int nbd_mount(struct lxc_storage *bdev);
-extern int nbd_umount(struct lxc_storage *bdev);
-
-extern bool attach_nbd(char *src, struct lxc_conf *conf);
-extern void detach_nbd_idx(int idx);
-extern bool requires_nbd(const char *path);
+__hidden extern int nbd_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
+ const char *oldname, const char *cname, const char *oldpath,
+ const char *lxcpath, int snap, uint64_t newsize,
+ struct lxc_conf *conf);
+__hidden extern int nbd_create(struct lxc_storage *bdev, const char *dest, const char *n,
+ struct bdev_specs *specs, const struct lxc_conf *conf);
+__hidden extern int nbd_destroy(struct lxc_storage *orig);
+__hidden extern bool nbd_detect(const char *path);
+__hidden extern int nbd_mount(struct lxc_storage *bdev);
+__hidden extern int nbd_umount(struct lxc_storage *bdev);
+__hidden extern bool attach_nbd(char *src, struct lxc_conf *conf);
+__hidden extern void detach_nbd_idx(int idx);
+__hidden extern bool requires_nbd(const char *path);
#endif /* __LXC_NBD_H */
diff --git a/src/lxc/storage/overlay.h b/src/lxc/storage/overlay.h
index b64406b0c8..d4c780ff42 100644
--- a/src/lxc/storage/overlay.h
+++ b/src/lxc/storage/overlay.h
@@ -10,6 +10,7 @@
#include <unistd.h>
#include <sys/types.h>
+#include "compiler.h"
#include "storage.h"
struct lxc_storage;
@@ -20,16 +21,16 @@ struct lxc_conf;
struct lxc_rootfs;
-extern int ovl_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
- const char *oldname, const char *cname,
- const char *oldpath, const char *lxcpath, int snap,
- uint64_t newsize, struct lxc_conf *conf);
-extern int ovl_create(struct lxc_storage *bdev, const char *dest, const char *n,
- struct bdev_specs *specs, const struct lxc_conf *conf);
-extern int ovl_destroy(struct lxc_storage *orig);
-extern bool ovl_detect(const char *path);
-extern int ovl_mount(struct lxc_storage *bdev);
-extern int ovl_umount(struct lxc_storage *bdev);
+__hidden extern int ovl_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
+ const char *oldname, const char *cname, const char *oldpath,
+ const char *lxcpath, int snap, uint64_t newsize,
+ struct lxc_conf *conf);
+__hidden extern int ovl_create(struct lxc_storage *bdev, const char *dest, const char *n,
+ struct bdev_specs *specs, const struct lxc_conf *conf);
+__hidden extern int ovl_destroy(struct lxc_storage *orig);
+__hidden extern bool ovl_detect(const char *path);
+__hidden extern int ovl_mount(struct lxc_storage *bdev);
+__hidden extern int ovl_umount(struct lxc_storage *bdev);
/* To be called from lxcapi_clone() in lxccontainer.c: When we clone a container
* with overlay lxc.mount.entry entries we need to update absolute paths for
@@ -38,24 +39,23 @@ extern int ovl_umount(struct lxc_storage *bdev);
* independent of each other since lxc_conf->mountlist may container more mount
* entries (e.g. from other included files) than lxc_conf->unexpanded_config .
*/
-extern int ovl_update_abs_paths(struct lxc_conf *lxc_conf, const char *lxc_path,
- const char *lxc_name, const char *newpath,
- const char *newname);
+__hidden extern int ovl_update_abs_paths(struct lxc_conf *lxc_conf, const char *lxc_path,
+ const char *lxc_name, const char *newpath,
+ const char *newname);
/* To be called from functions in lxccontainer.c: Get lower directory for
* overlay rootfs.
*/
-extern const char *ovl_get_lower(const char *rootfs_path);
+__hidden extern const char *ovl_get_lower(const char *rootfs_path);
/* Get rootfs path for overlay backed containers. Allocated memory must be freed
* by caller.
*/
-extern char *ovl_get_rootfs(const char *rootfs_path, size_t *rootfslen);
+__hidden extern char *ovl_get_rootfs(const char *rootfs_path, size_t *rootfslen);
/* Create upper- and workdirs for overlay mounts.
*/
-extern int ovl_mkdir(const struct mntent *mntent,
- const struct lxc_rootfs *rootfs, const char *lxc_name,
- const char *lxc_path);
+__hidden extern int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
+ const char *lxc_name, const char *lxc_path);
#endif /* __LXC_OVERLAY_H */
diff --git a/src/lxc/storage/rbd.h b/src/lxc/storage/rbd.h
index f051c2ad0a..56bfcb214c 100644
--- a/src/lxc/storage/rbd.h
+++ b/src/lxc/storage/rbd.h
@@ -6,21 +6,23 @@
#include <stdbool.h>
#include <stdint.h>
+#include "compiler.h"
+
struct lxc_storage;
struct bdev_specs;
struct lxc_conf;
-extern int rbd_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
- const char *oldname, const char *cname,
- const char *oldpath, const char *lxcpath, int snap,
- uint64_t newsize, struct lxc_conf *conf);
-extern int rbd_create(struct lxc_storage *bdev, const char *dest, const char *n,
- struct bdev_specs *specs, const struct lxc_conf *conf);
-extern int rbd_destroy(struct lxc_storage *orig);
-extern bool rbd_detect(const char *path);
-extern int rbd_mount(struct lxc_storage *bdev);
-extern int rbd_umount(struct lxc_storage *bdev);
+__hidden extern int rbd_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
+ const char *oldname, const char *cname, const char *oldpath,
+ const char *lxcpath, int snap, uint64_t newsize,
+ struct lxc_conf *conf);
+__hidden extern int rbd_create(struct lxc_storage *bdev, const char *dest, const char *n,
+ struct bdev_specs *specs, const struct lxc_conf *conf);
+__hidden extern int rbd_destroy(struct lxc_storage *orig);
+__hidden extern bool rbd_detect(const char *path);
+__hidden extern int rbd_mount(struct lxc_storage *bdev);
+__hidden extern int rbd_umount(struct lxc_storage *bdev);
#endif /* __LXC_RDB_H */
diff --git a/src/lxc/storage/rsync.h b/src/lxc/storage/rsync.h
index 4d65fe0308..c9e3210a1a 100644
--- a/src/lxc/storage/rsync.h
+++ b/src/lxc/storage/rsync.h
@@ -5,6 +5,8 @@
#include <stdio.h>
+#include "compiler.h"
+
struct rsync_data {
struct lxc_storage *orig;
struct lxc_storage *new;
@@ -16,9 +18,9 @@ struct rsync_data_char {
};
/* new helpers */
-extern int lxc_rsync_exec_wrapper(void *data);
-extern int lxc_storage_rsync_exec_wrapper(void *data);
-extern int lxc_rsync_exec(const char *src, const char *dest);
-extern int lxc_rsync(struct rsync_data *data);
+__hidden extern int lxc_rsync_exec_wrapper(void *data);
+__hidden extern int lxc_storage_rsync_exec_wrapper(void *data);
+__hidden extern int lxc_rsync_exec(const char *src, const char *dest);
+__hidden extern int lxc_rsync(struct rsync_data *data);
#endif /* __LXC_RSYNC_H */
diff --git a/src/lxc/storage/storage.h b/src/lxc/storage/storage.h
index 59ec5a9892..ed369ec361 100644
--- a/src/lxc/storage/storage.h
+++ b/src/lxc/storage/storage.h
@@ -14,6 +14,8 @@
#include <mntent.h>
#endif
+#include "compiler.h"
+
#ifndef MS_DIRSYNC
#define MS_DIRSYNC 128
#endif
@@ -99,23 +101,19 @@ struct lxc_storage {
* type specifications. If the <storage type> prefix is not
* detected liblxc will try to detect the storage type.
*/
-extern bool storage_is_dir(struct lxc_conf *conf);
-extern bool storage_can_backup(struct lxc_conf *conf);
-
-extern struct lxc_storage *storage_init(struct lxc_conf *conf);
-
-extern struct lxc_storage *storage_copy(struct lxc_container *c,
- const char *cname, const char *lxcpath,
- const char *bdevtype, int flags,
- const char *bdevdata, uint64_t newsize,
- bool *needs_rdep);
-extern struct lxc_storage *storage_create(const char *dest, const char *type,
- const char *cname,
- struct bdev_specs *specs,
- const struct lxc_conf *conf);
-extern void storage_put(struct lxc_storage *bdev);
-extern bool storage_destroy(struct lxc_conf *conf);
-extern bool rootfs_is_blockdev(struct lxc_conf *conf);
-extern const char *lxc_storage_get_path(char *src, const char *prefix);
+__hidden extern bool storage_is_dir(struct lxc_conf *conf);
+__hidden extern bool storage_can_backup(struct lxc_conf *conf);
+__hidden extern struct lxc_storage *storage_init(struct lxc_conf *conf);
+__hidden extern struct lxc_storage *storage_copy(struct lxc_container *c, const char *cname,
+ const char *lxcpath, const char *bdevtype,
+ int flags, const char *bdevdata, uint64_t newsize,
+ bool *needs_rdep);
+__hidden extern struct lxc_storage *storage_create(const char *dest, const char *type,
+ const char *cname, struct bdev_specs *specs,
+ const struct lxc_conf *conf);
+__hidden extern void storage_put(struct lxc_storage *bdev);
+__hidden extern bool storage_destroy(struct lxc_conf *conf);
+__hidden extern bool rootfs_is_blockdev(struct lxc_conf *conf);
+__hidden extern const char *lxc_storage_get_path(char *src, const char *prefix);
#endif /* #define __LXC_STORAGE_H */
diff --git a/src/lxc/storage/storage_utils.h b/src/lxc/storage/storage_utils.h
index 81c1e2bfec..470e754c9c 100644
--- a/src/lxc/storage/storage_utils.h
+++ b/src/lxc/storage/storage_utils.h
@@ -8,6 +8,7 @@
#include <string.h>
#include <stdio.h>
+#include "compiler.h"
#include "conf.h"
#include "macro.h"
@@ -22,20 +23,19 @@
struct lxc_storage;
struct lxc_conf;
-extern bool attach_block_device(struct lxc_conf *conf);
-extern void detach_block_device(struct lxc_conf *conf);
-extern int blk_getsize(struct lxc_storage *bdev, uint64_t *size);
-extern int detect_fs(struct lxc_storage *bdev, char *type, int len);
-extern int do_mkfs_exec_wrapper(void *args);
-extern int is_blktype(struct lxc_storage *b);
-extern int mount_unknown_fs(const char *rootfs, const char *target,
- const char *options);
-extern int find_fstype_cb(char *buffer, void *data);
-extern const char *linkderef(const char *path, char *dest);
-extern bool unpriv_snap_allowed(struct lxc_storage *b, const char *t, bool snap,
- bool maybesnap);
-extern uint64_t get_fssize(char *s);
-extern bool is_valid_storage_type(const char *type);
-extern int storage_destroy_wrapper(void *data);
+__hidden extern bool attach_block_device(struct lxc_conf *conf);
+__hidden extern void detach_block_device(struct lxc_conf *conf);
+__hidden extern int blk_getsize(struct lxc_storage *bdev, uint64_t *size);
+__hidden extern int detect_fs(struct lxc_storage *bdev, char *type, int len);
+__hidden extern int do_mkfs_exec_wrapper(void *args);
+__hidden extern int is_blktype(struct lxc_storage *b);
+__hidden extern int mount_unknown_fs(const char *rootfs, const char *target, const char *options);
+__hidden extern int find_fstype_cb(char *buffer, void *data);
+__hidden extern const char *linkderef(const char *path, char *dest);
+__hidden extern bool unpriv_snap_allowed(struct lxc_storage *b, const char *t, bool snap,
+ bool maybesnap);
+__hidden extern uint64_t get_fssize(char *s);
+__hidden extern bool is_valid_storage_type(const char *type);
+__hidden extern int storage_destroy_wrapper(void *data);
#endif /* __LXC_STORAGE_UTILS_H */
diff --git a/src/lxc/storage/zfs.h b/src/lxc/storage/zfs.h
index bacbcb242b..da8f66becc 100644
--- a/src/lxc/storage/zfs.h
+++ b/src/lxc/storage/zfs.h
@@ -7,26 +7,27 @@
#include <stdio.h>
#include <stdint.h>
+#include "compiler.h"
+
struct lxc_storage;
struct bdev_specs;
struct lxc_conf;
-extern int zfs_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
- const char *oldname, const char *cname,
- const char *oldpath, const char *lxcpath, int snap,
- uint64_t newsize, struct lxc_conf *conf);
-extern int zfs_create(struct lxc_storage *bdev, const char *dest, const char *n,
- struct bdev_specs *specs, const struct lxc_conf *conf);
-extern int zfs_destroy(struct lxc_storage *orig);
-extern bool zfs_detect(const char *path);
-extern int zfs_mount(struct lxc_storage *bdev);
-extern int zfs_umount(struct lxc_storage *bdev);
-
-extern bool zfs_copy(struct lxc_conf *conf, struct lxc_storage *orig,
- struct lxc_storage *new, uint64_t newsize);
-extern bool zfs_snapshot(struct lxc_conf *conf, struct lxc_storage *orig,
- struct lxc_storage *new, uint64_t newsize);
+__hidden extern int zfs_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
+ const char *oldname, const char *cname, const char *oldpath,
+ const char *lxcpath, int snap, uint64_t newsize,
+ struct lxc_conf *conf);
+__hidden extern int zfs_create(struct lxc_storage *bdev, const char *dest, const char *n,
+ struct bdev_specs *specs, const struct lxc_conf *conf);
+__hidden extern int zfs_destroy(struct lxc_storage *orig);
+__hidden extern bool zfs_detect(const char *path);
+__hidden extern int zfs_mount(struct lxc_storage *bdev);
+__hidden extern int zfs_umount(struct lxc_storage *bdev);
+__hidden extern bool zfs_copy(struct lxc_conf *conf, struct lxc_storage *orig,
+ struct lxc_storage *new, uint64_t newsize);
+__hidden extern bool zfs_snapshot(struct lxc_conf *conf, struct lxc_storage *orig,
+ struct lxc_storage *new, uint64_t newsize);
#endif /* __LXC_ZFS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 02f554ce39..8e4e49668d 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -45,6 +45,17 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -81,6 +92,17 @@ lxc_test_apparmor_SOURCES = aa.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -117,6 +139,17 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -154,6 +187,17 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -193,6 +237,17 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -240,6 +295,17 @@ lxc_test_locktests_SOURCES = locktests.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -279,6 +345,17 @@ lxc_test_mount_injection_SOURCES = mount_injection.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -316,6 +393,17 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -353,6 +441,17 @@ lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
@@ -404,6 +503,17 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/start.c ../lxc/start.h \
../lxc/state.c ../lxc/state.h \
+ ../lxc/storage/btrfs.c ../lxc/storage/btrfs.h \
+ ../lxc/storage/dir.c ../lxc/storage/dir.h \
+ ../lxc/storage/loop.c ../lxc/storage/loop.h \
+ ../lxc/storage/lvm.c ../lxc/storage/lvm.h \
+ ../lxc/storage/nbd.c ../lxc/storage/nbd.h \
+ ../lxc/storage/overlay.c ../lxc/storage/overlay.h \
+ ../lxc/storage/rbd.c ../lxc/storage/rbd.h \
+ ../lxc/storage/rsync.c ../lxc/storage/rsync.h \
+ ../lxc/storage/storage.c ../lxc/storage/storage.h \
+ ../lxc/storage/storage_utils.c ../lxc/storage/storage_utils.h \
+ ../lxc/storage/zfs.c ../lxc/storage/zfs.h \
../lxc/sync.c ../lxc/sync.h \
../lxc/string_utils.c ../lxc/string_utils.h \
../lxc/terminal.c ../lxc/terminal.h \
From 59eac805a379c65573698dd4d4d0651170463538 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 21 Jul 2020 14:50:38 +0200
Subject: [PATCH 28/37] tree-wide: hide further unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/include/netns_ifaddrs.h | 7 ++---
src/lxc/Makefile.am | 51 +++++++++++++++++++++++++++++++++++-
src/lxc/af_unix.c | 3 ++-
src/lxc/cgroups/cgfsng.c | 22 +++++++---------
src/lxc/cgroups/cgroup.c | 3 ++-
src/lxc/cmd/lxc_usernsexec.c | 3 ++-
src/lxc/conf.c | 8 +++---
src/lxc/conf.h | 2 +-
src/lxc/log.c | 2 +-
src/lxc/log.h | 18 ++++++-------
src/lxc/lsm/lsm.c | 7 ++---
src/lxc/lxc.h | 28 +++++++++-----------
src/lxc/lxccontainer.c | 2 +-
src/lxc/network.c | 6 ++---
src/lxc/nl.h | 11 ++++----
src/lxc/rexec.c | 1 +
src/lxc/seccomp.c | 10 +++----
src/lxc/start.c | 1 +
src/lxc/storage/rbd.c | 8 +++---
src/lxc/storage/storage.c | 4 +--
src/lxc/storage/zfs.c | 12 ++++-----
src/lxc/utils.c | 2 +-
src/tests/Makefile.am | 20 ++++++++++++++
23 files changed, 150 insertions(+), 81 deletions(-)
diff --git a/src/include/netns_ifaddrs.h b/src/include/netns_ifaddrs.h
index 0290e84ac1..1b8703ee7d 100644
--- a/src/include/netns_ifaddrs.h
+++ b/src/include/netns_ifaddrs.h
@@ -12,6 +12,7 @@ extern "C" {
#include <stdbool.h>
#include <sys/socket.h>
+#include "compiler.h"
#include "netns_ifaddrs.h"
struct netns_ifaddrs {
@@ -50,9 +51,9 @@ struct netns_ifaddrs {
#define __ifa_broadaddr ifa_ifu.ifu_broadaddr
#define __ifa_dstaddr ifa_ifu.ifu_dstaddr
-extern void netns_freeifaddrs(struct netns_ifaddrs *);
-extern int netns_getifaddrs(struct netns_ifaddrs **ifap, __s32 netns_id,
- bool *netnsid_aware);
+__hidden extern void netns_freeifaddrs(struct netns_ifaddrs *);
+__hidden extern int netns_getifaddrs(struct netns_ifaddrs **ifap, __s32 netns_id,
+ bool *netnsid_aware);
#ifdef __cplusplus
}
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 60e120bd88..d217821362 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -332,6 +332,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -342,6 +343,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -381,6 +383,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -391,6 +394,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -429,6 +433,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -439,6 +444,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -477,6 +483,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -487,6 +494,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -525,6 +533,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -535,6 +544,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -573,6 +583,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -583,6 +594,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -621,6 +633,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -631,6 +644,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -669,6 +683,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -679,6 +694,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -717,6 +733,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -727,6 +744,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -765,6 +783,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -775,6 +794,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -813,6 +833,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -823,6 +844,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -862,6 +884,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -872,6 +895,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -911,6 +935,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -921,6 +946,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -959,6 +985,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -969,6 +996,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1007,6 +1035,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1017,6 +1046,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1055,6 +1085,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1065,6 +1096,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1103,6 +1135,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1113,6 +1146,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1151,6 +1185,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1161,6 +1196,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1201,6 +1237,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1211,6 +1248,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1249,6 +1287,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1259,6 +1298,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1297,6 +1337,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1307,6 +1348,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1345,6 +1387,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1355,6 +1398,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1415,6 +1459,7 @@ init_lxc_LDFLAGS = -pthread
lxc_monitord_SOURCES = cmd/lxc_monitord.c \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1425,6 +1470,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1461,9 +1507,9 @@ lxc_monitord_SOURCES += seccomp.c lxcseccomp.h
endif
lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
- ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1474,6 +1520,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
log.c log.h \
lxclock.c lxclock.h \
@@ -1514,6 +1561,7 @@ endif
lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
af_unix.c af_unix.h \
caps.c caps.h \
+ cgroups/cgfsng.c \
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -1524,6 +1572,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
confile_utils.c confile_utils.h \
error.c error.h \
file_utils.c file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
initutils.c initutils.h \
list.h \
log.c log.h \
diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c
index 5cf54917f1..bd29b09da0 100644
--- a/src/lxc/af_unix.c
+++ b/src/lxc/af_unix.c
@@ -14,6 +14,7 @@
#include <sys/syscall.h>
#include <sys/un.h>
+#include "af_unix.h"
#include "config.h"
#include "log.h"
#include "macro.h"
@@ -349,7 +350,7 @@ int lxc_unix_connect_type(struct sockaddr_un *addr, int type)
return move_fd(fd);
}
-int lxc_unix_connect(struct sockaddr_un *addr, int type)
+int lxc_unix_connect(struct sockaddr_un *addr)
{
return lxc_unix_connect_type(addr, SOCK_STREAM);
}
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index da78f552c2..8d9e3d5117 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -145,7 +145,7 @@ static void must_append_controller(char **klist, char **nlist, char ***clist,
/* Given a handler's cgroup data, return the struct hierarchy for the controller
* @c, or NULL if there is none.
*/
-struct hierarchy *get_hierarchy(struct cgroup_ops *ops, const char *controller)
+static struct hierarchy *get_hierarchy(struct cgroup_ops *ops, const char *controller)
{
if (!ops->hierarchies)
return log_trace_errno(NULL, errno, "There are no useable cgroup controllers");
@@ -948,8 +948,7 @@ static void lxc_cgfsng_print_basecg_debuginfo(char *basecginfo, char **klist,
TRACE("named subsystem %d: %s", k, *it);
}
-static int cgroup_tree_remove(struct hierarchy **hierarchies,
- const char *container_cgroup)
+static int cgroup_tree_remove(struct hierarchy **hierarchies, const char *container_cgroup)
{
if (!container_cgroup || !hierarchies)
return 0;
@@ -1283,8 +1282,7 @@ static bool check_cgroup_dir_config(struct lxc_conf *conf)
return true;
}
-__cgfsng_ops static inline bool cgfsng_monitor_create(struct cgroup_ops *ops,
- struct lxc_handler *handler)
+__cgfsng_ops static bool cgfsng_monitor_create(struct cgroup_ops *ops, struct lxc_handler *handler)
{
__do_free char *monitor_cgroup = NULL, *__cgroup_tree = NULL;
const char *cgroup_tree;
@@ -1372,8 +1370,7 @@ __cgfsng_ops static inline bool cgfsng_monitor_create(struct cgroup_ops *ops,
* Try to create the same cgroup in all hierarchies. Start with cgroup_pattern;
* next cgroup_pattern-1, -2, ..., -999.
*/
-__cgfsng_ops static inline bool cgfsng_payload_create(struct cgroup_ops *ops,
- struct lxc_handler *handler)
+__cgfsng_ops static bool cgfsng_payload_create(struct cgroup_ops *ops, struct lxc_handler *handler)
{
__do_free char *container_cgroup = NULL,
*__cgroup_tree = NULL,
@@ -1672,7 +1669,7 @@ __cgfsng_ops static bool cgfsng_chown(struct cgroup_ops *ops,
return true;
}
-__cgfsng_ops void cgfsng_payload_finalize(struct cgroup_ops *ops)
+__cgfsng_ops static void cgfsng_payload_finalize(struct cgroup_ops *ops)
{
if (!ops)
return;
@@ -2947,8 +2944,7 @@ __cgfsng_ops static bool cgfsng_setup_limits(struct cgroup_ops *ops,
return log_info(true, "Limits for the unified cgroup hierarchy have been setup");
}
-__cgfsng_ops bool cgfsng_devices_activate(struct cgroup_ops *ops,
- struct lxc_handler *handler)
+__cgfsng_ops static bool cgfsng_devices_activate(struct cgroup_ops *ops, struct lxc_handler *handler)
{
#ifdef HAVE_STRUCT_BPF_CGROUP_DEV_CTX
__do_bpf_program_free struct bpf_program *devices = NULL;
@@ -3023,7 +3019,7 @@ __cgfsng_ops bool cgfsng_devices_activate(struct cgroup_ops *ops,
return true;
}
-bool __cgfsng_delegate_controllers(struct cgroup_ops *ops, const char *cgroup)
+static bool __cgfsng_delegate_controllers(struct cgroup_ops *ops, const char *cgroup)
{
__do_free char *add_controllers = NULL, *base_path = NULL;
__do_free_string_list char **parts = NULL;
@@ -3082,7 +3078,7 @@ bool __cgfsng_delegate_controllers(struct cgroup_ops *ops, const char *cgroup)
return true;
}
-__cgfsng_ops bool cgfsng_monitor_delegate_controllers(struct cgroup_ops *ops)
+__cgfsng_ops static bool cgfsng_monitor_delegate_controllers(struct cgroup_ops *ops)
{
if (!ops)
return ret_set_errno(false, ENOENT);
@@ -3090,7 +3086,7 @@ __cgfsng_ops bool cgfsng_monitor_delegate_controllers(struct cgroup_ops *ops)
return __cgfsng_delegate_controllers(ops, ops->monitor_cgroup);
}
-__cgfsng_ops bool cgfsng_payload_delegate_controllers(struct cgroup_ops *ops)
+__cgfsng_ops static bool cgfsng_payload_delegate_controllers(struct cgroup_ops *ops)
{
if (!ops)
return ret_set_errno(false, ENOENT);
diff --git a/src/lxc/cgroups/cgroup.c b/src/lxc/cgroups/cgroup.c
index 7c94fd83b1..6a46fb651f 100644
--- a/src/lxc/cgroups/cgroup.c
+++ b/src/lxc/cgroups/cgroup.c
@@ -10,6 +10,7 @@
#include "cgroup.h"
#include "cgroup2_devices.h"
+#include "compiler.h"
#include "conf.h"
#include "config.h"
#include "initutils.h"
@@ -18,7 +19,7 @@
lxc_log_define(cgroup, lxc);
-extern struct cgroup_ops *cgfsng_ops_init(struct lxc_conf *conf);
+__hidden extern struct cgroup_ops *cgfsng_ops_init(struct lxc_conf *conf);
struct cgroup_ops *cgroup_init(struct lxc_conf *conf)
{
diff --git a/src/lxc/cmd/lxc_usernsexec.c b/src/lxc/cmd/lxc_usernsexec.c
index aee7448ce1..5c12dad3b8 100644
--- a/src/lxc/cmd/lxc_usernsexec.c
+++ b/src/lxc/cmd/lxc_usernsexec.c
@@ -20,6 +20,7 @@
#include <sys/wait.h>
#include <unistd.h>
+#include "compiler.h"
#include "conf.h"
#include "config.h"
#include "list.h"
@@ -31,7 +32,7 @@
#include "syscall_wrappers.h"
#include "utils.h"
-extern int lxc_log_fd;
+__hidden extern int lxc_log_fd;
static void usage(const char *name)
{
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index b26bbfa326..7ea13e4504 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -903,7 +903,7 @@ static int lxc_setup_ttys(struct lxc_conf *conf)
define_cleanup_function(struct lxc_tty_info *, lxc_delete_tty);
-int lxc_allocate_ttys(struct lxc_conf *conf)
+static int lxc_allocate_ttys(struct lxc_conf *conf)
{
struct lxc_terminal_info *tty_new = NULL;
int ret;
@@ -1262,7 +1262,7 @@ static int lxc_mount_rootfs(struct lxc_conf *conf)
return 0;
}
-int lxc_chroot(const struct lxc_rootfs *rootfs)
+static int lxc_chroot(const struct lxc_rootfs *rootfs)
{
__do_free char *nroot = NULL;
int i, ret;
@@ -2702,7 +2702,7 @@ static int idmaptool_on_path_and_privileged(const char *binary, cap_value_t cap)
return 1;
}
-int lxc_map_ids_exec_wrapper(void *args)
+static int lxc_map_ids_exec_wrapper(void *args)
{
execl("/bin/sh", "sh", "-c", (char *)args, (char *)NULL);
return -1;
@@ -2898,7 +2898,7 @@ int find_unmapped_nsid(const struct lxc_conf *conf, enum idtype idtype)
}
/* NOTE: Must not be called from inside the container namespace! */
-int lxc_create_tmp_proc_mount(struct lxc_conf *conf)
+static int lxc_create_tmp_proc_mount(struct lxc_conf *conf)
{
int mounted;
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 6ec8936da9..d78bfffb3e 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -206,7 +206,7 @@ enum lxchooks {
NUM_LXC_HOOKS
};
-extern char *lxchook_names[NUM_LXC_HOOKS];
+__hidden extern char *lxchook_names[NUM_LXC_HOOKS];
struct lxc_state_client {
int clientfd;
diff --git a/src/lxc/log.c b/src/lxc/log.c
index 59644aa7a3..824c3f5fa6 100644
--- a/src/lxc/log.c
+++ b/src/lxc/log.c
@@ -45,7 +45,7 @@
int lxc_log_fd = -EBADF;
static bool wants_syslog = false;
-int lxc_quiet_specified;
+static int lxc_quiet_specified;
int lxc_log_use_global_fd;
static int lxc_loglevel_specified;
diff --git a/src/lxc/log.h b/src/lxc/log.h
index 153302fdec..0ddcfa20a5 100644
--- a/src/lxc/log.h
+++ b/src/lxc/log.h
@@ -28,8 +28,8 @@
#define F_DUPFD_CLOEXEC 1030
#endif
-#define LXC_LOG_PREFIX_SIZE 32
-#define LXC_LOG_BUFFER_SIZE 4096
+#define LXC_LOG_PREFIX_SIZE 32
+#define LXC_LOG_BUFFER_SIZE 4096
/* predefined lxc log priorities. */
enum lxc_loglevel {
@@ -277,13 +277,13 @@ __lxc_unused static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
/*
* Helper macro to define and use static categories.
*/
-#define lxc_log_category_define(name, parent) \
- extern struct lxc_log_category lxc_log_category_##parent; \
- struct lxc_log_category lxc_log_category_##name = { \
- #name, \
- LXC_LOG_LEVEL_NOTSET, \
- NULL, \
- &lxc_log_category_##parent \
+#define lxc_log_category_define(name, parent) \
+ __hidden extern struct lxc_log_category lxc_log_category_##parent; \
+ __hidden struct lxc_log_category lxc_log_category_##name = { \
+ #name, \
+ LXC_LOG_LEVEL_NOTSET, \
+ NULL, \
+ &lxc_log_category_##parent \
};
#define lxc_log_define(name, parent) \
diff --git a/src/lxc/lsm/lsm.c b/src/lxc/lsm/lsm.c
index 553e0c99a1..cd1f4696c6 100644
--- a/src/lxc/lsm/lsm.c
+++ b/src/lxc/lsm/lsm.c
@@ -9,6 +9,7 @@
#include <sys/param.h>
#include <unistd.h>
+#include "compiler.h"
#include "conf.h"
#include "config.h"
#include "log.h"
@@ -18,9 +19,9 @@ lxc_log_define(lsm, lxc);
static struct lsm_drv *drv = NULL;
-extern struct lsm_drv *lsm_apparmor_drv_init(void);
-extern struct lsm_drv *lsm_selinux_drv_init(void);
-extern struct lsm_drv *lsm_nop_drv_init(void);
+__hidden extern struct lsm_drv *lsm_apparmor_drv_init(void);
+__hidden extern struct lsm_drv *lsm_selinux_drv_init(void);
+__hidden extern struct lsm_drv *lsm_nop_drv_init(void);
__attribute__((constructor))
void lsm_init(void)
diff --git a/src/lxc/lxc.h b/src/lxc/lxc.h
index 630eff0b49..9e31366eb5 100644
--- a/src/lxc/lxc.h
+++ b/src/lxc/lxc.h
@@ -12,6 +12,7 @@ extern "C" {
#include <sys/select.h>
#include <sys/types.h>
+#include "compiler.h"
#include "state.h"
struct lxc_msg;
@@ -32,8 +33,8 @@ struct lxc_handler;
* @daemonize : whether or not the container is daemonized
* Returns 0 on success, < 0 otherwise
*/
-extern int lxc_start(char *const argv[], struct lxc_handler *handler,
- const char *lxcpath, bool daemonize, int *error_num);
+__hidden extern int lxc_start(char *const argv[], struct lxc_handler *handler, const char *lxcpath,
+ bool daemonize, int *error_num);
/*
* Start the specified command inside an application container
@@ -44,39 +45,37 @@ extern int lxc_start(char *const argv[], struct lxc_handler *handler,
* @daemonize : whether or not the container is daemonized
* Returns 0 on success, < 0 otherwise
*/
-extern int lxc_execute(const char *name, char *const argv[], int quiet,
- struct lxc_handler *handler, const char *lxcpath,
- bool daemonize, int *error_num);
+__hidden extern int lxc_execute(const char *name, char *const argv[], int quiet,
+ struct lxc_handler *handler, const char *lxcpath, bool daemonize,
+ int *error_num);
/*
* Close the fd associated with the monitoring
* @fd : the file descriptor provided by lxc_monitor_open
* Returns 0 on success, < 0 otherwise
*/
-extern int lxc_monitor_close(int fd);
+__hidden extern int lxc_monitor_close(int fd);
/*
* Freeze all the tasks running inside the container <name>
* @name : the container name
* Returns 0 on success, < 0 otherwise
*/
-extern int lxc_freeze(struct lxc_conf *conf, const char *name,
- const char *lxcpath);
+__hidden extern int lxc_freeze(struct lxc_conf *conf, const char *name, const char *lxcpath);
/*
* Unfreeze all previously frozen tasks.
* @name : the name of the container
* Return 0 on success, < 0 otherwise
*/
-extern int lxc_unfreeze(struct lxc_conf *conf, const char *name,
- const char *lxcpath);
+__hidden extern int lxc_unfreeze(struct lxc_conf *conf, const char *name, const char *lxcpath);
/*
* Retrieve the container state
* @name : the name of the container
* Returns the state of the container on success, < 0 otherwise
*/
-extern lxc_state_t lxc_state(const char *name, const char *lxcpath);
+__hidden extern lxc_state_t lxc_state(const char *name, const char *lxcpath);
/*
* Create and return a new lxccontainer struct.
@@ -105,17 +104,16 @@ extern int lxc_get_wait_states(const char **states);
/*
* Add a dependency to a container
*/
-extern int add_rdepend(struct lxc_conf *lxc_conf, char *rdepend);
+__hidden extern int add_rdepend(struct lxc_conf *lxc_conf, char *rdepend);
/*
* Set a key/value configuration option. Requires that to take a lock on the
* in-memory config of the container.
*/
-extern int lxc_set_config_item_locked(struct lxc_conf *conf, const char *key,
- const char *v);
+__hidden extern int lxc_set_config_item_locked(struct lxc_conf *conf, const char *key, const char *v);
#ifdef __cplusplus
}
#endif
-#endif
+#endif /* __LXC_LXC_H */
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 21b1cb0715..baffaae78a 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -3540,7 +3540,7 @@ static bool add_rdepends(struct lxc_container *c, struct lxc_container *c0)
* then default to those even if not requested.
* Currently we only do this for btrfs.
*/
-bool should_default_to_snapshot(struct lxc_container *c0,
+static bool should_default_to_snapshot(struct lxc_container *c0,
struct lxc_container *c1)
{
__do_free char *p0 = NULL, *p1 = NULL;
diff --git a/src/lxc/network.c b/src/lxc/network.c
index ff0f7bf6d5..bfffb2256b 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -1737,7 +1737,7 @@ int netdev_set_flag(const char *name, int flag)
return netlink_transaction(nlh_ptr, nlmsg, answer);
}
-int netdev_get_flag(const char *name, int *flag)
+static int netdev_get_flag(const char *name, int *flag)
{
call_cleaner(nlmsg_free) struct nlmsg *answer = NULL, *nlmsg = NULL;
struct nl_handler nlh;
@@ -3084,7 +3084,7 @@ static int lxc_delete_network_unpriv_exec(const char *lxcpath, const char *lxcna
return 0;
}
-bool lxc_delete_network_unpriv(struct lxc_handler *handler)
+static bool lxc_delete_network_unpriv(struct lxc_handler *handler)
{
int ret;
struct lxc_list *iterator;
@@ -3464,7 +3464,7 @@ static int lxc_create_network_unpriv(struct lxc_handler *handler)
return 0;
}
-bool lxc_delete_network_priv(struct lxc_handler *handler)
+static bool lxc_delete_network_priv(struct lxc_handler *handler)
{
int ret;
struct lxc_list *iterator;
diff --git a/src/lxc/nl.h b/src/lxc/nl.h
index ab8368fe64..1135d1f665 100644
--- a/src/lxc/nl.h
+++ b/src/lxc/nl.h
@@ -122,7 +122,7 @@ __hidden extern int __netlink_transaction(struct nl_handler *handler, struct nlm
*
* Returns 0 on success, < 0 otherwise
*/
-__hidden int nla_put_string(struct nlmsg *nlmsg, int attr, const char *string);
+__hidden extern int nla_put_string(struct nlmsg *nlmsg, int attr, const char *string);
/*
* nla_put_buffer: copy a buffer with a specified size to a netlink
@@ -135,8 +135,7 @@ __hidden int nla_put_string(struct nlmsg *nlmsg, int attr, const char *string);
*
* Returns 0 on success, < 0 otherwise
*/
-int nla_put_buffer(struct nlmsg *nlmsg, int attr,
- const void *data, size_t size);
+__hidden extern int nla_put_buffer(struct nlmsg *nlmsg, int attr, const void *data, size_t size);
/*
* nla_put_u32: copy an integer to a netlink message attribute
@@ -147,7 +146,7 @@ int nla_put_buffer(struct nlmsg *nlmsg, int attr,
*
* Returns 0 on success, < 0 otherwise
*/
-int nla_put_u32(struct nlmsg *nlmsg, int attr, int value);
+__hidden extern int nla_put_u32(struct nlmsg *nlmsg, int attr, int value);
/*
* nla_put_u16: copy an integer to a netlink message attribute
@@ -158,7 +157,7 @@ int nla_put_u32(struct nlmsg *nlmsg, int attr, int value);
*
* Returns 0 on success, < 0 otherwise
*/
-int nla_put_u16(struct nlmsg *nlmsg, int attr, unsigned short value);
+__hidden extern int nla_put_u16(struct nlmsg *nlmsg, int attr, unsigned short value);
/*
* nla_put_attr: add an attribute name to a netlink
@@ -168,7 +167,7 @@ int nla_put_u16(struct nlmsg *nlmsg, int attr, unsigned short value);
*
* Returns 0 on success, < 0 otherwise
*/
-int nla_put_attr(struct nlmsg *nlmsg, int attr);
+__hidden extern int nla_put_attr(struct nlmsg *nlmsg, int attr);
/*
* nla_begin_nested: begin the nesting attribute
diff --git a/src/lxc/rexec.c b/src/lxc/rexec.c
index cf198c0211..95a038272b 100644
--- a/src/lxc/rexec.c
+++ b/src/lxc/rexec.c
@@ -14,6 +14,7 @@
#include "macro.h"
#include "memory_utils.h"
#include "process_utils.h"
+#include "rexec.h"
#include "string_utils.h"
#include "syscall_wrappers.h"
diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index d9541fb572..66f9a70f22 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -317,7 +317,7 @@ enum lxc_hostarch_t {
lxc_seccomp_arch_unknown = 999,
};
-int get_hostarch(void)
+static int get_hostarch(void)
{
struct utsname uts;
if (uname(&uts) < 0) {
@@ -351,8 +351,8 @@ int get_hostarch(void)
return lxc_seccomp_arch_unknown;
}
-scmp_filter_ctx get_new_ctx(enum lxc_hostarch_t n_arch,
- uint32_t default_policy_action, bool *needs_merge)
+static scmp_filter_ctx get_new_ctx(enum lxc_hostarch_t n_arch, uint32_t default_policy_action,
+ bool *needs_merge)
{
int ret;
uint32_t arch;
@@ -485,8 +485,8 @@ scmp_filter_ctx get_new_ctx(enum lxc_hostarch_t n_arch,
return ctx;
}
-bool do_resolve_add_rule(uint32_t arch, char *line, scmp_filter_ctx ctx,
- struct seccomp_v2_rule *rule)
+static bool do_resolve_add_rule(uint32_t arch, char *line, scmp_filter_ctx ctx,
+ struct seccomp_v2_rule *rule)
{
int i, nr, ret;
struct scmp_arg_cmp arg_cmp[6];
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 11f452e78a..da6323035d 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -30,6 +30,7 @@
#include "cgroup.h"
#include "commands.h"
#include "commands_utils.h"
+#include "compiler.h"
#include "conf.h"
#include "config.h"
#include "confile_utils.h"
diff --git a/src/lxc/storage/rbd.c b/src/lxc/storage/rbd.c
index e7ba8930c9..7a8a8b8be2 100644
--- a/src/lxc/storage/rbd.c
+++ b/src/lxc/storage/rbd.c
@@ -29,7 +29,7 @@ struct rbd_args {
const char *size;
};
-int rbd_create_wrapper(void *data)
+static int rbd_create_wrapper(void *data)
{
struct rbd_args *args = data;
@@ -39,7 +39,7 @@ int rbd_create_wrapper(void *data)
return -1;
}
-int rbd_map_wrapper(void *data)
+static int rbd_map_wrapper(void *data)
{
struct rbd_args *args = data;
@@ -49,7 +49,7 @@ int rbd_map_wrapper(void *data)
return -1;
}
-int rbd_unmap_wrapper(void *data)
+static int rbd_unmap_wrapper(void *data)
{
struct rbd_args *args = data;
@@ -58,7 +58,7 @@ int rbd_unmap_wrapper(void *data)
return -1;
}
-int rbd_delete_wrapper(void *data)
+static int rbd_delete_wrapper(void *data)
{
struct rbd_args *args = data;
diff --git a/src/lxc/storage/storage.c b/src/lxc/storage/storage.c
index 3f1b713f6a..b613f888de 100644
--- a/src/lxc/storage/storage.c
+++ b/src/lxc/storage/storage.c
@@ -109,7 +109,7 @@ static const struct lxc_storage_ops lvm_ops = {
};
/* nbd */
-const struct lxc_storage_ops nbd_ops = {
+static const struct lxc_storage_ops nbd_ops = {
.detect = &nbd_detect,
.mount = &nbd_mount,
.umount = &nbd_umount,
@@ -234,7 +234,7 @@ static const struct lxc_storage_type *storage_query(struct lxc_conf *conf)
return &bdevs[i];
}
-struct lxc_storage *storage_get(const char *type)
+static struct lxc_storage *storage_get(const char *type)
{
size_t i;
struct lxc_storage *bdev;
diff --git a/src/lxc/storage/zfs.c b/src/lxc/storage/zfs.c
index ee9e32d0a6..b6a26a1b0d 100644
--- a/src/lxc/storage/zfs.c
+++ b/src/lxc/storage/zfs.c
@@ -28,7 +28,7 @@ struct zfs_args {
void *argv;
};
-int zfs_detect_exec_wrapper(void *data)
+static int zfs_detect_exec_wrapper(void *data)
{
struct zfs_args *args = data;
@@ -38,7 +38,7 @@ int zfs_detect_exec_wrapper(void *data)
return -1;
}
-int zfs_create_exec_wrapper(void *args)
+static int zfs_create_exec_wrapper(void *args)
{
struct zfs_args *zfs_args = args;
@@ -47,7 +47,7 @@ int zfs_create_exec_wrapper(void *args)
return -1;
}
-int zfs_delete_exec_wrapper(void *args)
+static int zfs_delete_exec_wrapper(void *args)
{
struct zfs_args *zfs_args = args;
@@ -56,7 +56,7 @@ int zfs_delete_exec_wrapper(void *args)
return -1;
}
-int zfs_snapshot_exec_wrapper(void *args)
+static int zfs_snapshot_exec_wrapper(void *args)
{
struct zfs_args *zfs_args = args;
@@ -65,7 +65,7 @@ int zfs_snapshot_exec_wrapper(void *args)
return -1;
}
-int zfs_clone_exec_wrapper(void *args)
+static int zfs_clone_exec_wrapper(void *args)
{
struct zfs_args *zfs_args = args;
@@ -76,7 +76,7 @@ int zfs_clone_exec_wrapper(void *args)
return -1;
}
-int zfs_get_parent_snapshot_exec_wrapper(void *args)
+static int zfs_get_parent_snapshot_exec_wrapper(void *args)
{
struct zfs_args *zfs_args = args;
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index cb7ca1d887..39de189afc 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -1544,7 +1544,7 @@ int lxc_unstack_mountpoint(const char *path, bool lazy)
return umounts;
}
-int run_command_internal(char *buf, size_t buf_size, int (*child_fn)(void *), void *args, bool wait_status)
+static int run_command_internal(char *buf, size_t buf_size, int (*child_fn)(void *), void *args, bool wait_status)
{
pid_t child;
int ret, fret, pipefd[2];
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 8e4e49668d..2b66bc9cd5 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -22,6 +22,7 @@ endif
lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -32,6 +33,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -69,6 +71,7 @@ endif
lxc_test_apparmor_SOURCES = aa.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -79,6 +82,7 @@ lxc_test_apparmor_SOURCES = aa.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -116,6 +120,7 @@ endif
lxc_test_attach_SOURCES = attach.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -126,6 +131,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -164,6 +170,7 @@ lxc_test_basic_SOURCES = basic.c
lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -174,6 +181,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -214,6 +222,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -224,6 +233,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -272,6 +282,7 @@ lxc_test_list_SOURCES = list.c
lxc_test_locktests_SOURCES = locktests.c \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -282,6 +293,7 @@ lxc_test_locktests_SOURCES = locktests.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -322,6 +334,7 @@ lxc_test_mount_injection_SOURCES = mount_injection.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -332,6 +345,7 @@ lxc_test_mount_injection_SOURCES = mount_injection.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -370,6 +384,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -380,6 +395,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -418,6 +434,7 @@ lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -428,6 +445,7 @@ lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
@@ -480,6 +498,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/cgroups/cgfsng.c \
../lxc/cgroups/cgroup.c ../lxc/cgroups/cgroup.h \
../lxc/cgroups/cgroup2_devices.c ../lxc/cgroups/cgroup2_devices.h \
../lxc/cgroups/cgroup_utils.c ../lxc/cgroups/cgroup_utils.h \
@@ -490,6 +509,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/error.c ../lxc/error.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/lxclock.c ../lxc/lxclock.h \
From 945daa24062ad6c154753b779a359aa3f8a10bff Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 10:46:05 +0200
Subject: [PATCH 29/37] start: simplify gotos
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/start.c | 20 +++++++++-----------
1 file changed, 9 insertions(+), 11 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index da6323035d..4d356af157 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -2126,30 +2126,28 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
if (error_num)
*error_num = handler->exit_status;
-/* These are not the droids you are looking for. */
-__private_goto1:
lxc_delete_network(handler);
-
-__private_goto2:
detach_block_device(handler->conf);
-
-__private_goto3:
lxc_end(handler);
-
return ret;
-/* These are the droids you are looking for. */
out_abort:
lxc_abort(handler);
- goto __private_goto3;
+ lxc_end(handler);
+ return ret;
out_detach_blockdev:
lxc_abort(handler);
- goto __private_goto2;
+ detach_block_device(handler->conf);
+ lxc_end(handler);
+ return ret;
out_delete_network:
lxc_abort(handler);
- goto __private_goto1;
+ lxc_delete_network(handler);
+ detach_block_device(handler->conf);
+ lxc_end(handler);
+ return ret;
}
struct start_args {
From c7e10fc193ccf23de3916ead92c8a9c619391a7b Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 10:50:20 +0200
Subject: [PATCH 30/37] syscalls: add fsopen()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 2 +-
src/lxc/syscall_numbers.h | 20 ++++++++++++++++++++
src/lxc/syscall_wrappers.h | 10 ++++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index f74d29a726..85d2668850 100644
--- a/configure.ac
+++ b/configure.ac
@@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen])
AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
diff --git a/src/lxc/syscall_numbers.h b/src/lxc/syscall_numbers.h
index bfd0e57ab9..6786830924 100644
--- a/src/lxc/syscall_numbers.h
+++ b/src/lxc/syscall_numbers.h
@@ -563,4 +563,24 @@
#endif
#endif
+#ifndef __NR_fsopen
+ #if defined __alpha__
+ #define __NR_fsopen 540
+ #elif defined _MIPS_SIM
+ #if _MIPS_SIM == _MIPS_SIM_ABI32 /* o32 */
+ #define __NR_fsopen 4430
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_NABI32 /* n32 */
+ #define __NR_fsopen 6430
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_ABI64 /* n64 */
+ #define __NR_fsopen 5430
+ #endif
+ #elif defined __ia64__
+ #define __NR_fsopen (430 + 1024)
+ #else
+ #define __NR_fsopen 430
+ #endif
+#endif
+
#endif /* __LXC_SYSCALL_NUMBERS_H */
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index 041daf3575..8e7937d4d4 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -161,4 +161,14 @@ static inline int open_tree_lxc(int dfd, const char *filename, unsigned int flag
extern int open_tree(int dfd, const char *filename, unsigned int flags);
#endif
+#ifndef HAVE_FSOPEN
+static inline int fsopen_lxc(const char *fs_name, unsigned int flags)
+{
+ return syscall(__NR_fsopen, fs_name, flags);
+}
+#define fsopen fsopen_lxc
+#else
+extern int fsopen(const char *fs_name, unsigned int flags);
+#endif
+
#endif /* __LXC_SYSCALL_WRAPPER_H */
From cb63fcb521d7884d5ef68bc935e4e97c11a69c73 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 10:54:12 +0200
Subject: [PATCH 31/37] syscalls: add fspick()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 2 +-
src/lxc/syscall_numbers.h | 20 ++++++++++++++++++++
src/lxc/syscall_wrappers.h | 10 ++++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 85d2668850..32fcdc230d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick])
AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
diff --git a/src/lxc/syscall_numbers.h b/src/lxc/syscall_numbers.h
index 6786830924..cbd69803ea 100644
--- a/src/lxc/syscall_numbers.h
+++ b/src/lxc/syscall_numbers.h
@@ -583,4 +583,24 @@
#endif
#endif
+#ifndef __NR_fspick
+ #if defined __alpha__
+ #define __NR_fspick 543
+ #elif defined _MIPS_SIM
+ #if _MIPS_SIM == _MIPS_SIM_ABI32 /* o32 */
+ #define __NR_fspick 4433
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_NABI32 /* n32 */
+ #define __NR_fspick 6433
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_ABI64 /* n64 */
+ #define __NR_fspick 5433
+ #endif
+ #elif defined __ia64__
+ #define __NR_fspick (433 + 1024)
+ #else
+ #define __NR_fspick 433
+ #endif
+#endif
+
#endif /* __LXC_SYSCALL_NUMBERS_H */
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index 8e7937d4d4..6d4f8f42cd 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -171,4 +171,14 @@ static inline int fsopen_lxc(const char *fs_name, unsigned int flags)
extern int fsopen(const char *fs_name, unsigned int flags);
#endif
+#ifndef HAVE_FSPICK
+static inline int fspick_lxc(int dfd, const char *path, unsigned int flags)
+{
+ return syscall(__NR_fspick, dfd, path, flags);
+}
+#define fspick fspick_lxc
+#else
+extern int fspick(int dfd, const char *path, unsigned int flags);
+#endif
+
#endif /* __LXC_SYSCALL_WRAPPER_H */
From ad76e2e636fd9ff099fdebaba6c7d768acfdebea Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 10:59:49 +0200
Subject: [PATCH 32/37] syscalls: add fsconfig()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 2 +-
src/lxc/syscall_numbers.h | 20 ++++++++++++++++++++
src/lxc/syscall_wrappers.h | 10 ++++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 32fcdc230d..8178a4452e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick fsconfig])
AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
diff --git a/src/lxc/syscall_numbers.h b/src/lxc/syscall_numbers.h
index cbd69803ea..0cc2d67426 100644
--- a/src/lxc/syscall_numbers.h
+++ b/src/lxc/syscall_numbers.h
@@ -603,4 +603,24 @@
#endif
#endif
+#ifndef __NR_fsconfig
+ #if defined __alpha__
+ #define __NR_fsconfig 541
+ #elif defined _MIPS_SIM
+ #if _MIPS_SIM == _MIPS_SIM_ABI32 /* o32 */
+ #define __NR_fsconfig 4431
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_NABI32 /* n32 */
+ #define __NR_fsconfig 6431
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_ABI64 /* n64 */
+ #define __NR_fsconfig 5431
+ #endif
+ #elif defined __ia64__
+ #define __NR_fsconfig (431 + 1024)
+ #else
+ #define __NR_fsconfig 431
+ #endif
+#endif
+
#endif /* __LXC_SYSCALL_NUMBERS_H */
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index 6d4f8f42cd..aeb1db8ac9 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -181,4 +181,14 @@ static inline int fspick_lxc(int dfd, const char *path, unsigned int flags)
extern int fspick(int dfd, const char *path, unsigned int flags);
#endif
+#ifndef HAVE_FSCONFIG
+static inline int fsconfig_lxc(int fd, unsigned int cmd, const char *key, const void *value, int aux)
+{
+ return syscall(__NR_fsconfig, fd, cmd, key, value, aux);
+}
+#define fsconfig fsconfig_lxc
+#else
+extern int fsconfig(int fd, unsigned int cmd, const char *key, const void *value, int aux);
+#endif
+
#endif /* __LXC_SYSCALL_WRAPPER_H */
From 43bc5cbd520754b1ec510cabcb49a21b051a3a2a Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 11:02:33 +0200
Subject: [PATCH 33/37] syscalls: add fsmount()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 2 +-
src/lxc/syscall_numbers.h | 20 ++++++++++++++++++++
src/lxc/syscall_wrappers.h | 10 ++++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 8178a4452e..70099e3ad0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick fsconfig])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick fsconfig fsmount])
AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
diff --git a/src/lxc/syscall_numbers.h b/src/lxc/syscall_numbers.h
index 0cc2d67426..e2e7883786 100644
--- a/src/lxc/syscall_numbers.h
+++ b/src/lxc/syscall_numbers.h
@@ -623,4 +623,24 @@
#endif
#endif
+#ifndef __NR_fsmount
+ #if defined __alpha__
+ #define __NR_fsmount 542
+ #elif defined _MIPS_SIM
+ #if _MIPS_SIM == _MIPS_SIM_ABI32 /* o32 */
+ #define __NR_fsmount 4432
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_NABI32 /* n32 */
+ #define __NR_fsmount 6432
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_ABI64 /* n64 */
+ #define __NR_fsmount 5432
+ #endif
+ #elif defined __ia64__
+ #define __NR_fsmount (432 + 1024)
+ #else
+ #define __NR_fsmount 432
+ #endif
+#endif
+
#endif /* __LXC_SYSCALL_NUMBERS_H */
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index aeb1db8ac9..220ef65fde 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -191,4 +191,14 @@ static inline int fsconfig_lxc(int fd, unsigned int cmd, const char *key, const
extern int fsconfig(int fd, unsigned int cmd, const char *key, const void *value, int aux);
#endif
+#ifndef HAVE_FSMOUNT
+static inline int fsmount_lxc(int fs_fd, unsigned int flags, unsigned int attr_flags)
+{
+ return syscall(__NR_fsmount, fs_fd, flags, attr_flags);
+}
+#define fsmount fsmount_lxc
+#else
+extern int fsmount(int fs_fd, unsigned int flags, unsigned int attr_flags);
+#endif
+
#endif /* __LXC_SYSCALL_WRAPPER_H */
From cdb689ab5bb1b88a4fe456c990bdd638bf1fbbe8 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 11:32:28 +0200
Subject: [PATCH 34/37] mount_utils: add mount utils
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 2 +
src/lxc/conf.c | 1 +
src/lxc/macro.h | 14 ----
src/lxc/mount_utils.c | 110 ++++++++++++++++++++++++++++++
src/lxc/mount_utils.h | 151 ++++++++++++++++++++++++++++++++++++++++++
5 files changed, 264 insertions(+), 14 deletions(-)
create mode 100644 src/lxc/mount_utils.c
create mode 100644 src/lxc/mount_utils.h
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index d217821362..442112353c 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -26,6 +26,7 @@ noinst_HEADERS = api_extensions.h \
macro.h \
memory_utils.h \
monitor.h \
+ mount_utils.h \
namespace.h \
process_utils.h \
rexec.h \
@@ -125,6 +126,7 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
macro.h \
memory_utils.h \
mainloop.c mainloop.h \
+ mount_utils.c mount_utils.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 7ea13e4504..9410cac920 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -48,6 +48,7 @@
#include "lxcseccomp.h"
#include "macro.h"
#include "memory_utils.h"
+#include "mount_utils.h"
#include "namespace.h"
#include "network.h"
#include "parse.h"
diff --git a/src/lxc/macro.h b/src/lxc/macro.h
index 2ae1a7bb32..5155f7b162 100644
--- a/src/lxc/macro.h
+++ b/src/lxc/macro.h
@@ -57,20 +57,6 @@
#define CAP_SETGID 6
#endif
-/* move_mount */
-#ifndef MOVE_MOUNT_F_EMPTY_PATH
-#define MOVE_MOUNT_F_EMPTY_PATH 0x00000004 /* Empty from path permitted */
-#endif
-
-/* open_tree */
-#ifndef OPEN_TREE_CLONE
-#define OPEN_TREE_CLONE 1 /* Clone the target tree and attach the clone */
-#endif
-
-#ifndef OPEN_TREE_CLOEXEC
-#define OPEN_TREE_CLOEXEC O_CLOEXEC /* Close the file on execve() */
-#endif
-
/* prctl */
#ifndef PR_CAPBSET_READ
#define PR_CAPBSET_READ 23
diff --git a/src/lxc/mount_utils.c b/src/lxc/mount_utils.c
new file mode 100644
index 0000000000..f8e0f6e006
--- /dev/null
+++ b/src/lxc/mount_utils.c
@@ -0,0 +1,110 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+
+#include "macro.h"
+#include "memory_utils.h"
+#include "mount_utils.h"
+#include "syscall_numbers.h"
+#include "syscall_wrappers.h"
+
+int mnt_attributes_new(unsigned int old_flags, unsigned int *new_flags)
+{
+ unsigned int flags = 0;
+
+ if (old_flags & MS_RDONLY) {
+ flags |= MOUNT_ATTR_RDONLY;
+ old_flags &= ~MS_RDONLY;
+ }
+
+ if (old_flags & MS_NOSUID) {
+ flags |= MOUNT_ATTR_NOSUID;
+ old_flags &= ~MS_NOSUID;
+ }
+
+ if (old_flags & MS_NODEV) {
+ flags |= MOUNT_ATTR_NODEV;
+ old_flags &= ~MS_NODEV;
+ }
+
+ if (old_flags & MS_NOEXEC) {
+ flags |= MOUNT_ATTR_NOEXEC;
+ old_flags &= ~MS_NOEXEC;
+ }
+
+ if (old_flags & MS_RELATIME) {
+ flags |= MOUNT_ATTR_RELATIME;
+ old_flags &= ~MS_RELATIME;
+ }
+
+ if (old_flags & MS_NOATIME) {
+ flags |= MOUNT_ATTR_NOATIME;
+ old_flags &= ~MS_NOATIME;
+ }
+
+ if (old_flags & MS_STRICTATIME) {
+ flags |= MOUNT_ATTR_STRICTATIME;
+ old_flags &= ~MS_STRICTATIME;
+ }
+
+ if (old_flags & MS_NODIRATIME) {
+ flags |= MOUNT_ATTR_NODIRATIME;
+ old_flags &= ~MS_NODIRATIME;
+ }
+
+ *new_flags |= flags;
+ return old_flags;
+}
+
+int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags)
+{
+ unsigned int flags = 0;
+
+ if (new_flags & MOUNT_ATTR_RDONLY) {
+ flags |= MS_RDONLY;
+ new_flags &= ~MOUNT_ATTR_RDONLY;
+ }
+
+ if (new_flags & MOUNT_ATTR_NOSUID) {
+ flags |= MS_NOSUID;
+ new_flags &= ~MOUNT_ATTR_NOSUID;
+ }
+
+ if (new_flags & MS_NODEV) {
+ flags |= MOUNT_ATTR_NODEV;
+ new_flags &= ~MS_NODEV;
+ }
+
+ if (new_flags & MOUNT_ATTR_NOEXEC) {
+ flags |= MS_NOEXEC;
+ new_flags &= ~MOUNT_ATTR_NOEXEC;
+ }
+
+ if (new_flags & MS_RELATIME) {
+ flags |= MS_RELATIME;
+ new_flags &= ~MOUNT_ATTR_RELATIME;
+ }
+
+ if (new_flags & MS_NOATIME) {
+ flags |= MS_NOATIME;
+ new_flags &= ~MOUNT_ATTR_NOATIME;
+ }
+
+ if (new_flags & MS_STRICTATIME) {
+ flags |= MS_STRICTATIME;
+ new_flags &= ~MOUNT_ATTR_STRICTATIME;
+ }
+
+ if (new_flags & MS_NODIRATIME) {
+ flags |= MS_NODIRATIME;
+ new_flags &= ~MOUNT_ATTR_NODIRATIME;
+ }
+
+ *old_flags |= flags;
+ return new_flags;
+}
diff --git a/src/lxc/mount_utils.h b/src/lxc/mount_utils.h
new file mode 100644
index 0000000000..19d7b95cce
--- /dev/null
+++ b/src/lxc/mount_utils.h
@@ -0,0 +1,151 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#ifndef __LXC_MOUNT_UTILS_H
+#define __LXC_MOUNT_UTILS_H
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+
+#include "compiler.h"
+
+/* open_tree() flags */
+#ifndef OPEN_TREE_CLONE
+#define OPEN_TREE_CLONE 1
+#endif
+
+#ifndef OPEN_TREE_CLOEXEC
+#define OPEN_TREE_CLOEXEC O_CLOEXEC
+#endif
+
+/* move_mount() flags */
+#ifndef MOVE_MOUNT_F_SYMLINKS
+#define MOVE_MOUNT_F_SYMLINKS 0x00000001 /* Follow symlinks on from path */
+#endif
+
+#ifndef MOVE_MOUNT_F_AUTOMOUNTS
+#define MOVE_MOUNT_F_AUTOMOUNTS 0x00000002 /* Follow automounts on from path */
+#endif
+
+#ifndef MOVE_MOUNT_F_EMPTY_PATH
+#define MOVE_MOUNT_F_EMPTY_PATH 0x00000004 /* Empty from path permitted */
+#endif
+
+#ifndef MOVE_MOUNT_T_SYMLINKS
+#define MOVE_MOUNT_T_SYMLINKS 0x00000010 /* Follow symlinks on to path */
+#endif
+
+#ifndef MOVE_MOUNT_T_AUTOMOUNTS
+#define MOVE_MOUNT_T_AUTOMOUNTS 0x00000020 /* Follow automounts on to path */
+#endif
+
+#ifndef MOVE_MOUNT_T_EMPTY_PATH
+#define MOVE_MOUNT_T_EMPTY_PATH 0x00000040 /* Empty to path permitted */
+#endif
+
+#ifndef MOVE_MOUNT__MASK
+#define MOVE_MOUNT__MASK 0x00000077
+#endif
+
+/* fsopen() flags */
+#ifndef FSOPEN_CLOEXEC
+#define FSOPEN_CLOEXEC 0x00000001
+#endif
+
+/* fspick() flags */
+#ifndef FSPICK_CLOEXEC
+#define FSPICK_CLOEXEC 0x00000001
+#endif
+
+#ifndef FSPICK_SYMLINK_NOFOLLOW
+#define FSPICK_SYMLINK_NOFOLLOW 0x00000002
+#endif
+
+#ifndef FSPICK_NO_AUTOMOUNT
+#define FSPICK_NO_AUTOMOUNT 0x00000004
+#endif
+
+#ifndef FSPICK_EMPTY_PATH
+#define FSPICK_EMPTY_PATH 0x00000008
+#endif
+
+/* fsconfig() commands */
+#ifndef FSCONFIG_SET_FLAG
+#define FSCONFIG_SET_FLAG 0 /* Set parameter, supplying no value */
+#endif
+
+#ifndef FSCONFIG_SET_STRING
+#define FSCONFIG_SET_STRING 1 /* Set parameter, supplying a string value */
+#endif
+
+#ifndef FSCONFIG_SET_BINARY
+#define FSCONFIG_SET_BINARY 2 /* Set parameter, supplying a binary blob value */
+#endif
+
+#ifndef FSCONFIG_SET_PATH
+#define FSCONFIG_SET_PATH 3 /* Set parameter, supplying an object by path */
+#endif
+
+#ifndef FSCONFIG_SET_PATH_EMPTY
+#define FSCONFIG_SET_PATH_EMPTY 4 /* Set parameter, supplying an object by (empty) path */
+#endif
+
+#ifndef FSCONFIG_SET_FD
+#define FSCONFIG_SET_FD 5 /* Set parameter, supplying an object by fd */
+#endif
+
+#ifndef FSCONFIG_CMD_CREATE
+#define FSCONFIG_CMD_CREATE 6 /* Invoke superblock creation */
+#endif
+
+#ifndef FSCONFIG_CMD_RECONFIGURE
+#define FSCONFIG_CMD_RECONFIGURE 7 /* Invoke superblock reconfiguration */
+#endif
+
+/* fsmount() flags */
+#ifndef FSMOUNT_CLOEXEC
+#define FSMOUNT_CLOEXEC 0x00000001
+#endif
+
+/* mount attributes */
+#ifndef MOUNT_ATTR_RDONLY
+#define MOUNT_ATTR_RDONLY 0x00000001 /* Mount read-only */
+#endif
+
+#ifndef MOUNT_ATTR_NOSUID
+#define MOUNT_ATTR_NOSUID 0x00000002 /* Ignore suid and sgid bits */
+#endif
+
+#ifndef MOUNT_ATTR_NODEV
+#define MOUNT_ATTR_NODEV 0x00000004 /* Disallow access to device special files */
+#endif
+
+#ifndef MOUNT_ATTR_NOEXEC
+#define MOUNT_ATTR_NOEXEC 0x00000008 /* Disallow program execution */
+#endif
+
+#ifndef MOUNT_ATTR__ATIME
+#define MOUNT_ATTR__ATIME 0x00000070 /* Setting on how atime should be updated */
+#endif
+
+#ifndef MOUNT_ATTR_RELATIME
+#define MOUNT_ATTR_RELATIME 0x00000000 /* - Update atime relative to mtime/ctime. */
+#endif
+
+#ifndef MOUNT_ATTR_NOATIME
+#define MOUNT_ATTR_NOATIME 0x00000010 /* - Do not update access times. */
+#endif
+
+#ifndef MOUNT_ATTR_STRICTATIME
+#define MOUNT_ATTR_STRICTATIME 0x00000020 /* - Always perform atime updates */
+#endif
+
+#ifndef MOUNT_ATTR_NODIRATIME
+#define MOUNT_ATTR_NODIRATIME 0x00000080 /* Do not update directory access times */
+#endif
+
+__hidden extern int mnt_attributes_new(unsigned int old_flags, unsigned int *new_flags);
+
+__hidden extern int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags);
+
+#endif /* __LXC_MOUNT_UTILS_H */
From 9d005ee5c42046730b0bcccf2aa5e423ea8c2e49 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 11:45:15 +0200
Subject: [PATCH 35/37] mount_utils: add mount_filesystem() helper
that translates between the two mount apis.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/mount_utils.c | 30 ++++++++++++++++++++++++++++++
src/lxc/mount_utils.h | 2 ++
2 files changed, 32 insertions(+)
diff --git a/src/lxc/mount_utils.c b/src/lxc/mount_utils.c
index f8e0f6e006..f07cddd8a0 100644
--- a/src/lxc/mount_utils.c
+++ b/src/lxc/mount_utils.c
@@ -3,16 +3,22 @@
#ifndef _GNU_SOURCE
#define _GNU_SOURCE 1
#endif
+#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include "log.h"
#include "macro.h"
#include "memory_utils.h"
#include "mount_utils.h"
#include "syscall_numbers.h"
#include "syscall_wrappers.h"
+lxc_log_define(mount_utils, lxc);
+
int mnt_attributes_new(unsigned int old_flags, unsigned int *new_flags)
{
unsigned int flags = 0;
@@ -108,3 +114,27 @@ int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags)
*old_flags |= flags;
return new_flags;
}
+
+int mount_filesystem(const char *fs_name, const char *path, unsigned int attr_flags)
+{
+ __do_close int fsfd = -EBADF;
+ unsigned int old_flags = 0;
+
+ fsfd = fsopen(fs_name, FSOPEN_CLOEXEC);
+ if (fsfd >= 0) {
+ __do_close int mfd = -EBADF;
+
+ if (fsconfig(fsfd, FSCONFIG_CMD_CREATE, NULL, NULL, 0))
+ return -1;
+
+ mfd = fsmount(fsfd, FSMOUNT_CLOEXEC, attr_flags);
+ if (mfd < 0)
+ return -1;
+
+ return move_mount(mfd, "", AT_FDCWD, path, MOVE_MOUNT_F_EMPTY_PATH);
+ }
+
+ TRACE("Falling back to old mount api");
+ mnt_attributes_old(attr_flags, &old_flags);
+ return mount("none", path, fs_name, old_flags, NULL);
+}
diff --git a/src/lxc/mount_utils.h b/src/lxc/mount_utils.h
index 19d7b95cce..bdcf8a3907 100644
--- a/src/lxc/mount_utils.h
+++ b/src/lxc/mount_utils.h
@@ -148,4 +148,6 @@ __hidden extern int mnt_attributes_new(unsigned int old_flags, unsigned int *new
__hidden extern int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags);
+__hidden extern int mount_filesystem(const char *fs_name, const char *path, unsigned int attr_flags);
+
#endif /* __LXC_MOUNT_UTILS_H */
From 54698a51e9ba08a02435f26b5c8ddb1648076075 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 11:47:21 +0200
Subject: [PATCH 36/37] attach: use new mount api
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/attach.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 5443fee5f7..ad25aada9e 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -39,6 +39,7 @@
#include "macro.h"
#include "mainloop.h"
#include "memory_utils.h"
+#include "mount_utils.h"
#include "namespace.h"
#include "process_utils.h"
#include "syscall_wrappers.h"
@@ -202,7 +203,7 @@ int lxc_attach_remount_sys_proc(void)
if (ret < 0)
return log_error_errno(-1, errno, "Failed to unmount /proc");
- ret = mount("none", "/proc", "proc", 0, NULL);
+ ret = mount_filesystem("proc", "/proc", 0);
if (ret < 0)
return log_error_errno(-1, errno, "Failed to remount /proc");
@@ -215,7 +216,7 @@ int lxc_attach_remount_sys_proc(void)
return log_error_errno(-1, errno, "Failed to unmount /sys");
/* Remount it. */
- if (ret == 0 && mount("none", "/sys", "sysfs", 0, NULL))
+ if (ret == 0 && mount_filesystem("sysfs", "/sys", 0))
return log_error_errno(-1, errno, "Failed to remount /sys");
return 0;
From 0ff8b56400ea0747301b8148939f91555b61ee7b Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 12:04:52 +0200
Subject: [PATCH 37/37] log: don't break logging by hiding symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/log.h | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lxc/log.h b/src/lxc/log.h
index 0ddcfa20a5..0361db40fa 100644
--- a/src/lxc/log.h
+++ b/src/lxc/log.h
@@ -85,7 +85,7 @@ struct lxc_log_category {
};
#ifndef NO_LXC_CONF
-__hidden extern int lxc_log_use_global_fd;
+extern int lxc_log_use_global_fd;
#endif
/*
@@ -278,8 +278,8 @@ __lxc_unused static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
* Helper macro to define and use static categories.
*/
#define lxc_log_category_define(name, parent) \
- __hidden extern struct lxc_log_category lxc_log_category_##parent; \
- __hidden struct lxc_log_category lxc_log_category_##name = { \
+ extern struct lxc_log_category lxc_log_category_##parent; \
+ struct lxc_log_category lxc_log_category_##name = { \
#name, \
LXC_LOG_LEVEL_NOTSET, \
NULL, \
@@ -561,7 +561,7 @@ __lxc_unused static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
__internal_ret__; \
})
-__hidden extern int lxc_log_fd;
+extern int lxc_log_fd;
__hidden extern int lxc_log_syslog(int facility);
__hidden extern void lxc_log_syslog_enable(void);
More information about the lxc-devel
mailing list