[lxc-devel] [lxc/master] further lxc 2.1 preparations
brauner on Github
lxc-bot at linuxcontainers.org
Wed Aug 23 10:18:04 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170823/ff24ad18/attachment.bin>
-------------- next part --------------
From 17c9b8c9775afd0dcf685f9829b2937032c70452 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 23 Aug 2017 10:58:22 +0200
Subject: [PATCH 1/3] tree-wide: non-functional changes
- replace all "//" with "/* */"
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/cgroups/cgfsng.c | 29 +++++++++++++++--------------
1 file changed, 15 insertions(+), 14 deletions(-)
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index f1cb1de61..c1b1036d6 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -90,8 +90,8 @@ struct hierarchy {
*/
struct cgfsng_handler_data {
char *cgroup_pattern;
- char *container_cgroup; // cgroup we created for the container
- char *name; // container name
+ char *container_cgroup; /* cgroup we created for the container */
+ char *name; /* container name */
};
/*
@@ -386,7 +386,7 @@ static ssize_t get_max_cpus(char *cpulist)
c2 = c1;
else if (c1 < c2)
c1 = c2;
- else if (!c1 && c2) // The reverse case is obvs. not needed.
+ else if (!c1 && c2) /* The reverse case is obvs. not needed. */
c1 = c2;
/* If the above logic is correct, c1 should always hold a valid string
@@ -414,7 +414,7 @@ static bool filter_and_set_cpus(char *path, bool am_initialized)
bool bret = false, flipped_bit = false;
lastslash = strrchr(path, '/');
- if (!lastslash) { // bug... this shouldn't be possible
+ if (!lastslash) { /* bug... this shouldn't be possible */
ERROR("Invalid path: %s.", path);
return bret;
}
@@ -546,7 +546,7 @@ static bool copy_parent_file(char *path, char *file)
int ret;
lastslash = strrchr(path, '/');
- if (!lastslash) { // bug... this shouldn't be possible
+ if (!lastslash) { /* bug... this shouldn't be possible */
ERROR("cgfsng:copy_parent_file: bad path %s", path);
return false;
}
@@ -1141,7 +1141,7 @@ static bool collect_hierarchy_info(void)
const char *tmp;
errno = 0;
tmp = lxc_global_config_value("lxc.cgroup.use");
- if (!cgroup_use && errno != 0) { // lxc.cgroup.use can be NULL
+ if (!cgroup_use && errno != 0) { /* lxc.cgroup.use can be NULL */
SYSERROR("cgfsng: error reading list of cgroups to use");
return false;
}
@@ -1161,7 +1161,7 @@ static void *cgfsng_init(const char *name)
d->name = must_copy_string(name);
cgroup_pattern = lxc_global_config_value("lxc.cgroup.pattern");
- if (!cgroup_pattern) { // lxc.cgroup.pattern is only NULL on error
+ if (!cgroup_pattern) { /* lxc.cgroup.pattern is only NULL on error */
ERROR("Error getting cgroup pattern");
goto out_free;
}
@@ -1291,7 +1291,7 @@ struct cgroup_ops *cgfsng_ops_init(void)
static bool create_path_for_hierarchy(struct hierarchy *h, char *cgname)
{
h->fullcgpath = must_make_path(h->mountpoint, h->base_cgroup, cgname, NULL);
- if (dir_exists(h->fullcgpath)) { // it must not already exist
+ if (dir_exists(h->fullcgpath)) { /* it must not already exist */
ERROR("Path \"%s\" already existed.", h->fullcgpath);
return false;
}
@@ -1334,7 +1334,7 @@ static inline bool cgfsng_create(void *hdata)
ERROR("Failed expanding cgroup name pattern");
return false;
}
- len = strlen(tmp) + 5; // leave room for -NNN\0
+ len = strlen(tmp) + 5; /* leave room for -NNN\0 */
cgname = must_alloc(len);
strcpy(cgname, tmp);
free(tmp);
@@ -1405,7 +1405,7 @@ static bool cgfsng_enter(void *hdata, pid_t pid)
struct chown_data {
struct cgfsng_handler_data *d;
- uid_t origuid; // target uid in parent namespace
+ uid_t origuid; /* target uid in parent namespace */
};
/*
@@ -1814,7 +1814,7 @@ static bool cgfsng_attach(const char *name, const char *lxcpath, pid_t pid)
struct hierarchy *h = hierarchies[i];
path = lxc_cmd_get_cgroup_path(name, lxcpath, h->controllers[0]);
- if (!path) // not running
+ if (!path) /* not running */
continue;
fullpath = build_full_cgpath_from_monitorpath(h, path, "cgroup.procs");
@@ -1847,7 +1847,7 @@ static int cgfsng_get(const char *filename, char *value, size_t len, const char
*p = '\0';
path = lxc_cmd_get_cgroup_path(name, lxcpath, subsystem);
- if (!path) // not running
+ if (!path) /* not running */
return -1;
h = get_hierarchy(subsystem);
@@ -1879,7 +1879,7 @@ static int cgfsng_set(const char *filename, const char *value, const char *name,
*p = '\0';
path = lxc_cmd_get_cgroup_path(name, lxcpath, subsystem);
- if (!path) // not running
+ if (!path) /* not running */
return -1;
h = get_hierarchy(subsystem);
@@ -1979,7 +1979,8 @@ static int lxc_cgroup_set_data(const char *filename, const char *value, struct c
char *subsystem = NULL, *p;
int ret = 0;
struct hierarchy *h;
- char converted_value[50]; // "b|c <2^64-1>:<2^64-1> r|w|m" = 47 chars max
+ /* "b|c <2^64-1>:<2^64-1> r|w|m" = 47 chars max */
+ char converted_value[50];
subsystem = alloca(strlen(filename) + 1);
strcpy(subsystem, filename);
From 027b8b444e9eb8815af3fa2ad22097177245ea20 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 23 Aug 2017 11:00:33 +0200
Subject: [PATCH 2/3] attach_options: remove unused LXC_ATTACH_LSM_NOW
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/arguments.h | 2 +-
src/lxc/attach_options.h | 3 +-
src/lxc/cgroups/cgfs.c | 11 ++--
src/lxc/cgroups/cgmanager.c | 36 +++++------
src/lxc/conf.c | 20 +++---
src/lxc/conf.h | 81 +++++++++++-------------
src/lxc/criu.c | 14 ++--
src/lxc/list.h | 63 +++++++++---------
src/lxc/log.c | 15 +++--
src/lxc/lsm/apparmor.c | 4 +-
src/lxc/lxc_user_nic.c | 18 ++----
src/lxc/lxccontainer.c | 137 +++++++++++++++++++++-------------------
src/lxc/lxccontainer.h | 4 +-
src/lxc/lxclock.c | 2 +-
src/lxc/lxclock.h | 12 ++--
src/lxc/monitor.c | 2 +-
src/lxc/network.c | 13 ++--
src/lxc/nl.c | 8 +--
src/lxc/parse.c | 5 +-
src/lxc/seccomp.c | 8 +--
src/lxc/start.h | 13 ++--
src/lxc/storage/btrfs.c | 6 +-
src/lxc/storage/btrfs.h | 2 +-
src/lxc/storage/loop.c | 2 +-
src/lxc/storage/rsync.h | 2 +-
src/lxc/storage/storage.h | 3 +-
src/lxc/storage/storage_utils.c | 33 ++++++----
src/lxc/tools/lxc_clone.c | 9 +--
src/lxc/tools/lxc_copy.c | 2 +-
src/lxc/tools/lxc_create.c | 4 +-
src/lxc/tools/lxc_ls.c | 12 ++--
src/lxc/tools/lxc_unshare.c | 2 +-
src/lxc/tools/lxc_usernsexec.c | 10 +--
src/lxc/utils.c | 25 ++++----
src/lxc/utils.h | 100 ++++++++++++++++-------------
src/python-lxc/lxc.c | 1 -
src/tests/aa.c | 1 -
src/tests/attach.c | 1 -
38 files changed, 353 insertions(+), 333 deletions(-)
diff --git a/src/lxc/arguments.h b/src/lxc/arguments.h
index d51db4559..3d7e4cca2 100644
--- a/src/lxc/arguments.h
+++ b/src/lxc/arguments.h
@@ -58,7 +58,7 @@ struct lxc_arguments {
int lxcpath_additional;
/* for lxc-start */
- const char *share_ns[32]; // size must be greater than LXC_NS_MAX
+ const char *share_ns[32]; /* size must be greater than LXC_NS_MAX */
/* for lxc-console */
unsigned int ttynum;
diff --git a/src/lxc/attach_options.h b/src/lxc/attach_options.h
index 1df69924c..27009ecd9 100644
--- a/src/lxc/attach_options.h
+++ b/src/lxc/attach_options.h
@@ -48,7 +48,6 @@ enum {
/* the following are off by default */
LXC_ATTACH_REMOUNT_PROC_SYS = 0x00010000, //!< Remount /proc filesystem
- LXC_ATTACH_LSM_NOW = 0x00020000, //!< FIXME: unknown
/* Set PR_SET_NO_NEW_PRIVS to block execve() gainable privileges. */
LXC_ATTACH_NO_NEW_PRIVS = 0x00040000, //!< PR_SET_NO_NEW_PRIVS
@@ -61,7 +60,7 @@ enum {
};
/*! All Linux Security Module flags */
-#define LXC_ATTACH_LSM (LXC_ATTACH_LSM_EXEC | LXC_ATTACH_LSM_NOW)
+#define LXC_ATTACH_LSM LXC_ATTACH_LSM_EXEC
/*! LXC attach function type.
*
diff --git a/src/lxc/cgroups/cgfs.c b/src/lxc/cgroups/cgfs.c
index 066a93a4c..0e50dd3f5 100644
--- a/src/lxc/cgroups/cgfs.c
+++ b/src/lxc/cgroups/cgfs.c
@@ -1800,7 +1800,9 @@ static char **subsystems_from_mount_options(const char *mount_options,
goto out_free;
result[result_count + 1] = NULL;
if (strncmp(token, "name=", 5) && !lxc_string_in_array(token, (const char **)kernel_list)) {
- // this is eg 'systemd' but the mount will be 'name=systemd'
+ /* this is eg 'systemd' but the mount will be
+ * 'name=systemd'
+ */
result[result_count] = malloc(strlen(token) + 6);
if (result[result_count])
sprintf(result[result_count], "name=%s", token);
@@ -2068,9 +2070,10 @@ static bool cgroup_devices_has_allow_or_deny(struct cgfs_data *d,
NULL
};
- // XXX FIXME if users could use something other than 'lxc.devices.deny = a'.
- // not sure they ever do, but they *could*
- // right now, I'm assuming they do NOT
+ /* XXX FIXME if users could use something other than 'lxc.devices.deny =
+ * a'. not sure they ever do, but they *could* right now, I'm assuming
+ * they do NOT
+ */
if (!for_allow && strcmp(v, "a") != 0 && strcmp(v, "a *:* rwm") != 0)
return false;
diff --git a/src/lxc/cgroups/cgmanager.c b/src/lxc/cgroups/cgmanager.c
index d8aac8911..cb98ce7b7 100644
--- a/src/lxc/cgroups/cgmanager.c
+++ b/src/lxc/cgroups/cgmanager.c
@@ -139,7 +139,7 @@ static bool cgm_dbus_connect(void)
cgm_lock();
if (!dbus_threads_initialized) {
- // tell dbus to do struct locking for thread safety
+ /* tell dbus to do struct locking for thread safety */
dbus_threads_init_default();
dbus_threads_initialized = true;
}
@@ -169,7 +169,7 @@ static bool cgm_dbus_connect(void)
return false;
}
- // get the api version
+ /* get the api version */
if (cgmanager_get_api_version_sync(NULL, cgroup_manager, &api_version) != 0) {
NihError *nerr;
nerr = nih_error_get();
@@ -562,7 +562,7 @@ static void *cgm_init(const char *name)
d->cgroup_pattern = lxc_global_config_value("lxc.cgroup.pattern");
- // cgm_create immediately gets called so keep the connection open
+ /* cgm_create immediately gets called so keep the connection open */
return d;
err1:
@@ -620,10 +620,10 @@ static inline bool cgm_create(void *hdata)
if (!d)
return false;
-// XXX we should send a hint to the cgmanager that when these
-// cgroups become empty they should be deleted. Requires a cgmanager
-// extension
+ /* XXX we should send a hint to the cgmanager that when these cgroups
+ * become empty they should be deleted. Requires a cgmanager extension.
+ */
memset(result, 0, MAXPATHLEN);
tmp = lxc_string_replace("%n", d->name, d->cgroup_pattern);
if (!tmp)
@@ -639,7 +639,7 @@ static inline bool cgm_create(void *hdata)
while (*tmp == '/')
tmp++;
again:
- if (index == 100) { // turn this into a warn later
+ if (index == 100) { /* turn this into a warn later */
ERROR("cgroup error? 100 cgroups with this name already running");
goto bad;
}
@@ -662,7 +662,7 @@ static inline bool cgm_create(void *hdata)
if (existed == 1)
goto next;
}
- // success
+ /* success */
cgroup_path = strdup(tmp);
if (!cgroup_path) {
cleanup_cgroups(tmp);
@@ -947,7 +947,7 @@ static int cgm_get(const char *filename, char *value, size_t len, const char *na
close(p[1]);
return -1;
}
- if (!pid) // do_cgm_get exits
+ if (!pid) /* do_cgm_get exits */
do_cgm_get(name, lxcpath, filename, p[1], len && value);
close(p[1]);
ret = read(p[0], &newlen, sizeof(newlen));
@@ -962,12 +962,12 @@ static int cgm_get(const char *filename, char *value, size_t len, const char *na
goto out;
}
memset(value, 0, len);
- if (newlen < 0) { // child is reporting an error
+ if (newlen < 0) { /* child is reporting an error */
close(p[0]);
ret = -1;
goto out;
}
- if (newlen == 0) { // empty read
+ if (newlen == 0) { /* empty read */
close(p[0]);
ret = 0;
goto out;
@@ -983,7 +983,7 @@ static int cgm_get(const char *filename, char *value, size_t len, const char *na
value[len-1] = '\0';
newlen = len-1;
} else if (newlen+1 < len) {
- // cgmanager doesn't add eol to last entry
+ /* cgmanager doesn't add eol to last entry */
value[newlen++] = '\n';
value[newlen] = '\0';
}
@@ -997,7 +997,7 @@ static int cgm_get(const char *filename, char *value, size_t len, const char *na
static void do_cgm_set(const char *name, const char *lxcpath, const char *filename, const char *value, int outp)
{
char *controller, *key, *cgroup = NULL;
- int retval = 0; // value we are sending to the parent over outp
+ int retval = 0; /* value we are sending to the parent over outp */
int ret;
char *cglast;
@@ -1083,7 +1083,7 @@ static int cgm_set(const char *filename, const char *value, const char *name, co
close(p[0]);
return -1;
}
- if (!pid) // do_cgm_set exits
+ if (!pid) /* do_cgm_set exits */
do_cgm_set(name, lxcpath, filename, value, p[1]);
close(p[1]);
ret = read(p[0], &v, sizeof(v));
@@ -1328,7 +1328,7 @@ static bool collect_subsystems(void)
size_t sz = 0;
FILE *f = NULL;
- if (subsystems) // already initialized
+ if (subsystems) /* already initialized */
return true;
subsystems_inone = malloc(2 * sizeof(char *));
@@ -1439,7 +1439,7 @@ struct cgroup_ops *cgm_ops_init(void)
if (api_version < CGM_SUPPORTS_MULT_CONTROLLERS)
cgm_all_controllers_same = false;
- // if root, try to escape to root cgroup
+ /* if root, try to escape to root cgroup */
if (geteuid() == 0 && !cgm_escape(NULL)) {
free_subsystems();
return NULL;
@@ -1502,7 +1502,7 @@ static bool cgm_setup_limits(void *hdata, struct lxc_list *cgroup_settings, bool
cg = iterator->elem;
if (do_devices != !strncmp("devices", cg->subsystem, 7))
continue;
- if (strlen(cg->subsystem) > 100) // i smell a rat
+ if (strlen(cg->subsystem) > 100) /* i smell a rat */
goto out;
strcpy(controller, cg->subsystem);
p = strchr(controller, '.');
@@ -1648,7 +1648,7 @@ static bool cgm_mount_cgroup(void *hdata, const char *root, int type)
return cgm_bind_dir(root, CGMANAGER_LOWER_SOCK);
if (dir_exists(CGMANAGER_UPPER_SOCK))
return cgm_bind_dir(root, CGMANAGER_UPPER_SOCK);
- // Host doesn't have cgmanager running? Then how did we get here?
+ /* Host doesn't have cgmanager running? Then how did we get here? */
return false;
}
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 9508f6946..380624a9c 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2289,7 +2289,7 @@ static int dropcaps_except(struct lxc_list *caps)
if (numcaps <= 0 || numcaps > 200)
return -1;
- // caplist[i] is 1 if we keep capability i
+ /* caplist[i] is 1 if we keep capability i */
int *caplist = alloca(numcaps * sizeof(int));
memset(caplist, 0, numcaps * sizeof(int));
@@ -3292,7 +3292,7 @@ static int unpriv_assign_nic(const char *lxcpath, char *lxcname,
return -1;
}
- if (child == 0) { // child
+ if (child == 0) { /* child */
/* Call lxc-user-nic pid type bridge. */
int ret;
char pidstr[LXC_NUMSTRLEN64];
@@ -3870,7 +3870,7 @@ int chown_mapped_root(char *path, struct lxc_conf *conf)
}
if (rootuid == hostuid) {
- // nothing to do
+ /* nothing to do */
INFO("Container root is our uid; no need to chown");
return 0;
}
@@ -3897,28 +3897,28 @@ int chown_mapped_root(char *path, struct lxc_conf *conf)
return -1;
}
- // "u:0:rootuid:1"
+ /* "u:0:rootuid:1" */
ret = snprintf(map1, 100, "u:0:%d:1", rootuid);
if (ret < 0 || ret >= 100) {
ERROR("Error uid printing map string");
return -1;
}
- // "u:hostuid:hostuid:1"
+ /* "u:hostuid:hostuid:1" */
ret = snprintf(map2, 100, "u:%d:%d:1", hostuid, hostuid);
if (ret < 0 || ret >= 100) {
ERROR("Error uid printing map string");
return -1;
}
- // "g:0:rootgid:1"
+ /* "g:0:rootgid:1" */
ret = snprintf(map3, 100, "g:0:%d:1", rootgid);
if (ret < 0 || ret >= 100) {
ERROR("Error gid printing map string");
return -1;
}
- // "g:pathgid:rootgid+pathgid:1"
+ /* "g:pathgid:rootgid+pathgid:1" */
ret = snprintf(map4, 100, "g:%d:%d:1", (gid_t)sb.st_gid,
rootgid + (gid_t)sb.st_gid);
if (ret < 0 || ret >= 100) {
@@ -3926,14 +3926,14 @@ int chown_mapped_root(char *path, struct lxc_conf *conf)
return -1;
}
- // "g:hostgid:hostgid:1"
+ /* "g:hostgid:hostgid:1" */
ret = snprintf(map5, 100, "g:%d:%d:1", hostgid, hostgid);
if (ret < 0 || ret >= 100) {
ERROR("Error gid printing map string");
return -1;
}
- // "0:pathgid" (chown)
+ /* "0:pathgid" (chown) */
ret = snprintf(ugid, 100, "0:%d", (gid_t)sb.st_gid);
if (ret < 0 || ret >= 100) {
ERROR("Error owner printing format string for chown");
@@ -4367,7 +4367,7 @@ int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf,
int lxc_clear_config_caps(struct lxc_conf *c)
{
- struct lxc_list *it,*next;
+ struct lxc_list *it, *next;
lxc_list_for_each_safe(it, &c->caps, next) {
lxc_list_del(it);
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 9dd16250a..b12b1afb9 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -26,8 +26,8 @@
#include "config.h"
#include <stdio.h>
-#include <netinet/in.h>
#include <net/if.h>
+#include <netinet/in.h>
#include <sys/param.h>
#include <sys/types.h>
#if HAVE_SYS_RESOURCE_H
@@ -301,9 +301,17 @@ enum {
* @lsm_se_context : selinux type to switch to or NULL
*/
enum lxchooks {
- LXCHOOK_PRESTART, LXCHOOK_PREMOUNT, LXCHOOK_MOUNT, LXCHOOK_AUTODEV,
- LXCHOOK_START, LXCHOOK_STOP, LXCHOOK_POSTSTOP, LXCHOOK_CLONE, LXCHOOK_DESTROY,
- NUM_LXC_HOOKS};
+ LXCHOOK_PRESTART,
+ LXCHOOK_PREMOUNT,
+ LXCHOOK_MOUNT,
+ LXCHOOK_AUTODEV,
+ LXCHOOK_START,
+ LXCHOOK_STOP,
+ LXCHOOK_POSTSTOP,
+ LXCHOOK_CLONE,
+ LXCHOOK_DESTROY,
+ NUM_LXC_HOOKS
+};
extern char *lxchook_names[NUM_LXC_HOOKS];
struct saved_nic {
@@ -341,24 +349,24 @@ struct lxc_conf {
unsigned int lsm_aa_allow_incomplete;
char *lsm_se_context;
int tmp_umount_proc;
- char *seccomp; // filename with the seccomp rules
+ char *seccomp; /* filename with the seccomp rules */
#if HAVE_SCMP_FILTER_CTX
scmp_filter_ctx seccomp_ctx;
#endif
int maincmd_fd;
- unsigned int autodev; // if 1, mount and fill a /dev at start
- int haltsignal; // signal used to halt container
- int rebootsignal; // signal used to reboot container
- int stopsignal; // signal used to hard stop container
- char *rcfile; // Copy of the top level rcfile we read
-
- // Logfile and logleve can be set in a container config file.
- // Those function as defaults. The defaults can be overriden
- // by command line. However we don't want the command line
- // specified values to be saved on c->save_config(). So we
- // store the config file specified values here.
- char *logfile; // the logfile as specifed in config
- int loglevel; // loglevel as specifed in config (if any)
+ unsigned int autodev; /* if 1, mount and fill a /dev at start */
+ int haltsignal; /* signal used to halt container */
+ int rebootsignal; /* signal used to reboot container */
+ int stopsignal; /* signal used to hard stop container */
+ char *rcfile; /* Copy of the top level rcfile we read */
+
+ /* Logfile and logleve can be set in a container config file. Those
+ * function as defaults. The defaults can be overriden by command line.
+ * However we don't want the command line specified values to be saved
+ * on c->save_config(). So we store the config file specified values
+ * here. */
+ char *logfile; /* the logfile as specifed in config */
+ int loglevel; /* loglevel as specifed in config (if any) */
int logfd;
int inherit_ns_fd[LXC_NS_MAX];
@@ -422,19 +430,12 @@ extern __thread struct lxc_conf *current_config;
extern struct lxc_conf *current_config;
#endif
-int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf,
- const char *lxcpath, char *argv[]);
-
+extern int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf,
+ const char *lxcpath, char *argv[]);
extern int detect_shared_rootfs(void);
-
-/*
- * Initialize the lxc configuration structure
- */
extern struct lxc_conf *lxc_conf_init(void);
extern void lxc_conf_free(struct lxc_conf *conf);
-
extern int pin_rootfs(const char *rootfs);
-
extern int lxc_requests_empty_network(struct lxc_handler *handler);
extern int lxc_setup_networks_in_parent_namespaces(struct lxc_handler *handler);
extern bool lxc_delete_network(struct lxc_handler *handler);
@@ -442,10 +443,8 @@ extern int lxc_assign_network(const char *lxcpath, char *lxcname,
struct lxc_list *networks, pid_t pid);
extern int lxc_map_ids(struct lxc_list *idmap, pid_t pid);
extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
-
extern int lxc_create_tty(const char *name, struct lxc_conf *conf);
extern void lxc_delete_tty(struct lxc_tty_info *tty_info);
-
extern int lxc_clear_config_caps(struct lxc_conf *c);
extern int lxc_clear_config_keepcaps(struct lxc_conf *c);
extern int lxc_clear_cgroups(struct lxc_conf *c, const char *key);
@@ -458,23 +457,15 @@ extern int lxc_clear_environment(struct lxc_conf *c);
extern int lxc_clear_limits(struct lxc_conf *c, const char *key);
extern int lxc_delete_autodev(struct lxc_handler *handler);
extern void lxc_clear_includes(struct lxc_conf *conf);
-
extern int do_rootfs_setup(struct lxc_conf *conf, const char *name,
const char *lxcpath);
-
-/*
- * Configure the container from inside
- */
-
struct cgroup_process_info;
extern int lxc_setup(struct lxc_handler *handler);
-
extern int setup_resource_limits(struct lxc_list *limits, pid_t pid);
-
extern void lxc_restore_phys_nics_to_netns(int netnsfd, struct lxc_conf *conf);
-
extern int find_unmapped_nsid(struct lxc_conf *conf, enum idtype idtype);
-extern int mapped_hostid(unsigned id, struct lxc_conf *conf, enum idtype idtype);
+extern int mapped_hostid(unsigned id, struct lxc_conf *conf,
+ enum idtype idtype);
extern int chown_mapped_root(char *path, struct lxc_conf *conf);
extern int lxc_ttys_shift_ids(struct lxc_conf *c);
extern int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data,
@@ -482,11 +473,11 @@ extern int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data,
extern int parse_mntopts(const char *mntopts, unsigned long *mntflags,
char **mntdata);
extern void tmp_proc_unmount(struct lxc_conf *lxc_conf);
-void remount_all_slave(void);
+extern void remount_all_slave(void);
extern void suggest_default_idmap(void);
-FILE *make_anonymous_mount_file(struct lxc_list *mount);
-struct lxc_list *sort_cgroup_settings(struct lxc_list* cgroup_settings);
-unsigned long add_required_remount_flags(const char *s, const char *d,
- unsigned long flags);
+extern FILE *make_anonymous_mount_file(struct lxc_list *mount);
+extern struct lxc_list *sort_cgroup_settings(struct lxc_list *cgroup_settings);
+extern unsigned long add_required_remount_flags(const char *s, const char *d,
+ unsigned long flags);
-#endif
+#endif /* __LXC_CONF_H */
diff --git a/src/lxc/criu.c b/src/lxc/criu.c
index c9384bdd2..62a0eb7d6 100644
--- a/src/lxc/criu.c
+++ b/src/lxc/criu.c
@@ -779,8 +779,9 @@ static bool restore_net_info(struct lxc_container *c)
return !has_error;
}
-// do_restore never returns, the calling process is used as the
-// monitor process. do_restore calls exit() if it fails.
+/* do_restore never returns, the calling process is used as the monitor process.
+ * do_restore calls exit() if it fails.
+ */
static void do_restore(struct lxc_container *c, int status_pipe, struct migrate_opts *opts, char *criu_version)
{
pid_t pid;
@@ -1214,7 +1215,7 @@ bool __criu_restore(struct lxc_container *c, struct migrate_opts *opts)
if (pid == 0) {
close(pipefd[0]);
- // this never returns
+ /* this never returns */
do_restore(c, pipefd[1], opts, criu_version);
}
@@ -1227,9 +1228,10 @@ bool __criu_restore(struct lxc_container *c, struct migrate_opts *opts)
goto err_wait;
}
- // If the criu process was killed or exited nonzero, wait() for the
- // handler, since the restore process died. Otherwise, we don't need to
- // wait, since the child becomes the monitor process.
+ /* If the criu process was killed or exited nonzero, wait() for the
+ * handler, since the restore process died. Otherwise, we don't need to
+ * wait, since the child becomes the monitor process.
+ */
if (!WIFEXITED(status) || WEXITSTATUS(status))
goto err_wait;
return true;
diff --git a/src/lxc/list.h b/src/lxc/list.h
index 91ea3a495..9858081ab 100644
--- a/src/lxc/list.h
+++ b/src/lxc/list.h
@@ -24,45 +24,44 @@
#ifndef __LXC_LIST_H
#define __LXC_LIST_H
+#include <stdio.h>
+
struct lxc_list {
void *elem;
struct lxc_list *next;
struct lxc_list *prev;
};
-#define lxc_init_list(l) { .next = l, .prev = l }
+#define lxc_init_list(l) \
+ { \
+ .next = l, .prev = l \
+ }
/*
* Iterate through an lxc list. An example for an idiom would be:
*
* struct lxc_list *iterator;
- * type *tmp; // where "type" can be an int, char * etc.
* lxc_list_for_each(iterator, list) {
+ * type *tmp;
* tmp = iterator->elem;
- * // Do stuff with tmp.
* }
- * free(iterator);
*/
-#define lxc_list_for_each(__iterator, __list) \
- for (__iterator = (__list)->next; \
- __iterator != __list; \
+#define lxc_list_for_each(__iterator, __list) \
+ for (__iterator = (__list)->next; __iterator != __list; \
__iterator = __iterator->next)
-/*
- * Iterate safely through an lxc list. An example for an appropriate use case
+/* Iterate safely through an lxc list. An example for an appropriate use case
* would be:
*
- * struct lxc_list *iterator;
- * lxc_list_for_each_safe(iterator, list, list->next) {
- * tmp = iterator->elem;
- * // Do stuff with tmp.
+ * struct lxc_list *cur, *next;
+ * lxc_list_for_each_safe(cur, list, next) {
+ * type *tmp;
+ * tmp = cur->elem;
* }
- * free(iterator);
*/
-#define lxc_list_for_each_safe(__iterator, __list, __next) \
- for (__iterator = (__list)->next, __next = __iterator->next; \
- __iterator != __list; \
- __iterator = __next, __next = __next->next)
+#define lxc_list_for_each_safe(__iterator, __list, __next) \
+ for (__iterator = (__list)->next, __next = __iterator->next; \
+ __iterator != __list; __iterator = __next, __next = __next->next)
/* Initalize list. */
static inline void lxc_list_init(struct lxc_list *list)
@@ -72,7 +71,8 @@ static inline void lxc_list_init(struct lxc_list *list)
}
/* Add an element to a list. See lxc_list_add() and lxc_list_add_tail() for an
- * idiom. */
+ * idiom.
+ */
static inline void lxc_list_add_elem(struct lxc_list *list, void *elem)
{
list->elem = elem;
@@ -97,8 +97,7 @@ static inline int lxc_list_empty(struct lxc_list *list)
}
/* Workhorse to be called from lxc_list_add() and lxc_list_add_tail(). */
-static inline void __lxc_list_add(struct lxc_list *new,
- struct lxc_list *prev,
+static inline void __lxc_list_add(struct lxc_list *new, struct lxc_list *prev,
struct lxc_list *next)
{
next->prev = new;
@@ -107,8 +106,7 @@ static inline void __lxc_list_add(struct lxc_list *new,
prev->next = new;
}
-/*
- * Idiom to add an element to the beginning of an lxc list:
+/* Idiom to add an element to the beginning of an lxc list:
*
* struct lxc_list *tmp = malloc(sizeof(*tmp));
* if (tmp == NULL)
@@ -121,8 +119,7 @@ static inline void lxc_list_add(struct lxc_list *head, struct lxc_list *list)
__lxc_list_add(list, head, head->next);
}
-/*
- * Idiom to add an element to the end of an lxc list:
+/* Idiom to add an element to the end of an lxc list:
*
* struct lxc_list *tmp = malloc(sizeof(*tmp));
* if (tmp == NULL)
@@ -136,14 +133,13 @@ static inline void lxc_list_add_tail(struct lxc_list *head,
__lxc_list_add(list, head->prev, head);
}
-/*
- * Idiom to free an lxc list:
- *
- * lxc_list_for_each_safe(iterator, list, list->next) {
- * lxc_list_del(iterator);
- * free(iterator);
+/* Idiom to remove an element from a list:
+ * struct lxc_list *cur, *next;
+ * lxc_list_for_each_safe(cur, list, next) {
+ * lxc_list_del(cur);
+ * free(cur->elem);
+ * free(cur);
* }
- * free(iterator);
*/
static inline void lxc_list_del(struct lxc_list *list)
{
@@ -160,6 +156,7 @@ static inline size_t lxc_list_len(struct lxc_list *list)
{
size_t i = 0;
struct lxc_list *iter;
+
lxc_list_for_each(iter, list) {
i++;
}
@@ -167,4 +164,4 @@ static inline size_t lxc_list_len(struct lxc_list *list)
return i;
}
-#endif
+#endif /* __LXC_LIST_H */
diff --git a/src/lxc/log.c b/src/lxc/log.c
index 8105aca7c..6ca315bd6 100644
--- a/src/lxc/log.c
+++ b/src/lxc/log.c
@@ -340,10 +340,11 @@ struct lxc_log_category lxc_log_category_lxc = {
/*---------------------------------------------------------------------------*/
static int build_dir(const char *name)
{
- char *n = strdup(name); // because we'll be modifying it
- char *p, *e;
int ret;
+ char *e, *n, *p;
+ /* Make copy of string since we'll be modifying it. */
+ n = strdup(name);
if (!n) {
ERROR("Out of memory while creating directory '%s'.", name);
return -1;
@@ -470,10 +471,9 @@ extern void lxc_log_close(void)
*/
static int __lxc_log_set_file(const char *fname, int create_dirs)
{
- if (lxc_log_fd != -1) {
- // we are overriding the default.
+ /* we are overriding the default. */
+ if (lxc_log_fd != -1)
lxc_log_close();
- }
if (!fname)
return -1;
@@ -484,8 +484,9 @@ static int __lxc_log_set_file(const char *fname, int create_dirs)
}
#if USE_CONFIGPATH_LOGS
- // we don't build_dir for the default if the default is
- // i.e. /var/lib/lxc/$container/$container.log
+ /* We don't build_dir for the default if the default is i.e.
+ * /var/lib/lxc/$container/$container.log.
+ */
if (create_dirs)
#endif
if (build_dir(fname)) {
diff --git a/src/lxc/lsm/apparmor.c b/src/lxc/lsm/apparmor.c
index 8098fde9e..e74f7c20d 100644
--- a/src/lxc/lsm/apparmor.c
+++ b/src/lxc/lsm/apparmor.c
@@ -189,10 +189,10 @@ static int apparmor_process_label_set(const char *inlabel, struct lxc_conf *conf
curlabel = apparmor_process_label_get(getpid());
if (!aa_stacking_supported() && aa_needs_transition(curlabel)) {
- // we're already confined, and stacking isn't supported
+ /* we're already confined, and stacking isn't supported */
if (!label || strcmp(curlabel, label) == 0) {
- // no change requested
+ /* no change requested */
free(curlabel);
return 0;
}
diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
index c93b4cc70..db54cf7e0 100644
--- a/src/lxc/lxc_user_nic.c
+++ b/src/lxc/lxc_user_nic.c
@@ -208,7 +208,7 @@ static struct alloted_s *append_alloted(struct alloted_s **head, char *name, int
struct alloted_s *cur, *al;
if (!head || !name) {
- // sanity check. parameters should not be null
+ /* sanity check. parameters should not be null */
usernic_error("%s\n", "Unexpected NULL argument.");
return NULL;
}
@@ -797,9 +797,10 @@ static int rename_in_ns(int pid, char *oldname, char **newnamep)
"user id and real user id to %d, and saved user "
"ID to 0: %s.\n",
ruid, strerror(errno));
- // COMMENT(brauner): It's ok to jump to do_full_cleanup here
- // since setresuid() will succeed when trying to set real,
- // effective, and saved to values they currently have.
+ /* It's ok to jump to do_full_cleanup here since setresuid()
+ * will succeed when trying to set real, effective, and saved to
+ * values they currently have.
+ */
goto do_full_cleanup;
}
@@ -844,9 +845,6 @@ static int rename_in_ns(int pid, char *oldname, char **newnamep)
"ID to %d: %s.\n",
ruid, euid, suid, strerror(errno));
fret = -1;
- // COMMENT(brauner): setns() should fail if setresuid() doesn't
- // succeed but there's no harm in falling through; keeps the
- // code cleaner.
}
ret = setns(ofd, CLONE_NEWNET);
@@ -865,10 +863,8 @@ static int rename_in_ns(int pid, char *oldname, char **newnamep)
return fret;
}
-/*
- * If the caller (real uid, not effective uid) may read the
- * /proc/[pid]/ns/net, then it is either the caller's netns or one
- * which it created.
+/* If the caller (real uid, not effective uid) may read the /proc/[pid]/ns/net,
+ * then it is either the caller's netns or one which it created.
*/
static bool may_access_netns(int pid)
{
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 1f15ee1df..093a2992b 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -151,7 +151,7 @@ static int ongoing_create(struct lxc_container *c)
return 0;
fd = open(path, O_RDWR);
if (fd < 0) {
- // give benefit of the doubt
+ /* give benefit of the doubt */
SYSERROR("Error opening partial file");
return 0;
}
@@ -161,18 +161,18 @@ static int ongoing_create(struct lxc_container *c)
lk.l_len = 0;
lk.l_pid = -1;
if (fcntl(fd, F_GETLK, &lk) == 0 && lk.l_pid != -1) {
- // create is still ongoing
+ /* create is still ongoing */
close(fd);
return 1;
}
- // create completed but partial is still there.
+ /* create completed but partial is still there. */
close(fd);
return 2;
}
static int create_partial(struct lxc_container *c)
{
- // $lxcpath + '/' + $name + '/partial' + \0
+ /* $lxcpath + '/' + $name + '/partial' + \0 */
int len = strlen(c->config_path) + strlen(c->name) + 10;
char *path = alloca(len);
int fd, ret;
@@ -202,7 +202,7 @@ static int create_partial(struct lxc_container *c)
static void remove_partial(struct lxc_container *c, int fd)
{
- // $lxcpath + '/' + $name + '/partial' + \0
+ /* $lxcpath + '/' + $name + '/partial' + \0 */
int len = strlen(c->config_path) + strlen(c->name) + 10;
char *path = alloca(len);
int ret;
@@ -296,18 +296,21 @@ int lxc_container_get(struct lxc_container *c)
if (!c)
return 0;
- // if someone else has already started freeing the container, don't
- // try to take the lock, which may be invalid
+ /* If someone else has already started freeing the container, don't try
+ * to take the lock, which may be invalid.
+ */
if (c->numthreads < 1)
return 0;
if (container_mem_lock(c))
return 0;
- if (c->numthreads < 1) {
- // bail without trying to unlock, bc the privlock is now probably
- // in freed memory
+
+ /* Bail without trying to unlock, bc the privlock is now probably in
+ * freed memory.
+ */
+ if (c->numthreads < 1)
return 0;
- }
+
c->numthreads++;
container_mem_unlock(c);
return 1;
@@ -1219,7 +1222,7 @@ static bool create_run_template(struct lxc_container *c, char *tpath, bool need_
return false;
}
- if (pid == 0) { // child
+ if (pid == 0) { /* child */
char *patharg, *namearg, *rootfsarg;
struct lxc_storage *bdev = NULL;
int i;
@@ -1292,7 +1295,7 @@ static bool create_run_template(struct lxc_container *c, char *tpath, bool need_
exit(EXIT_FAILURE);
}
}
- } else { // TODO come up with a better way here!
+ } else { /* TODO come up with a better way here! */
char *src;
free(bdev->dest);
src = lxc_storage_get_path(bdev->src, bdev->type);
@@ -1305,7 +1308,7 @@ static bool create_run_template(struct lxc_container *c, char *tpath, bool need_
*/
if (argv)
for (nargs = 0; argv[nargs]; nargs++) ;
- nargs += 4; // template, path, rootfs and name args
+ nargs += 4; /* template, path, rootfs and name args */
newargv = malloc(nargs * sizeof(*newargv));
if (!newargv)
@@ -1440,15 +1443,16 @@ static bool create_run_template(struct lxc_container *c, char *tpath, bool need_
for (i = 0; i < nargs; i++)
n2[i + n2args] = newargv[i];
n2args += nargs;
- // Finally add "--mapped-uid $uid" to tell template what to chown
- // cached images to
+ /* Finally add "--mapped-uid $uid" to tell template
+ * what to chown cached images to.
+ */
n2args += 4;
n2 = realloc(n2, n2args * sizeof(char *));
if (!n2) {
SYSERROR("out of memory");
exit(1);
}
- // note n2[n2args-1] is NULL
+ /* note n2[n2args-1] is NULL */
n2[n2args-5] = "--mapped-uid";
snprintf(txtuid, 20, "%d", hostid_mapped);
n2[n2args-4] = txtuid;
@@ -1682,7 +1686,7 @@ static bool do_lxcapi_create(struct lxc_container *c, const char *t,
goto out_unlock;
}
- if (pid == 0) { // child
+ if (pid == 0) { /* child */
struct lxc_storage *bdev = NULL;
bdev = do_storage_create(c, bdevtype, specs);
@@ -1695,7 +1699,7 @@ static bool do_lxcapi_create(struct lxc_container *c, const char *t,
/* save config file again to store the new rootfs location */
if (!do_lxcapi_save_config(c, NULL)) {
ERROR("failed to save starting configuration for %s", c->name);
- // parent task won't see bdev in config so we delete it
+ /* Parent task won't see bdev in config so we delete it. */
bdev->ops->umount(bdev);
bdev->ops->destroy(bdev);
exit(EXIT_FAILURE);
@@ -1714,8 +1718,9 @@ static bool do_lxcapi_create(struct lxc_container *c, const char *t,
if (!create_run_template(c, tpath, !!(flags & LXC_CREATE_QUIET), argv))
goto out_unlock;
- // now clear out the lxc_conf we have, reload from the created
- // container
+ /* Now clear out the lxc_conf we have, reload from the created
+ * container.
+ */
do_lxcapi_clear_config(c);
if (t) {
@@ -1928,14 +1933,15 @@ static inline bool enter_net_ns(struct lxc_container *c)
return switch_to_ns(pid, "net");
}
-// used by qsort and bsearch functions for comparing names
+/* Used by qsort and bsearch functions for comparing names. */
static inline int string_cmp(char **first, char **second)
{
return strcmp(*first, *second);
}
-// used by qsort and bsearch functions for comparing container names
-static inline int container_cmp(struct lxc_container **first, struct lxc_container **second)
+/* Used by qsort and bsearch functions for comparing container names. */
+static inline int container_cmp(struct lxc_container **first,
+ struct lxc_container **second)
{
return strcmp((*first)->name, (*second)->name);
}
@@ -1953,15 +1959,17 @@ static bool add_to_array(char ***names, char *cname, int pos)
if (!newnames[pos])
return false;
- // sort the arrray as we will use binary search on it
- qsort(newnames, pos + 1, sizeof(char *), (int (*)(const void *,const void *))string_cmp);
+ /* Sort the arrray as we will use binary search on it. */
+ qsort(newnames, pos + 1, sizeof(char *),
+ (int (*)(const void *, const void *))string_cmp);
return true;
}
-static bool add_to_clist(struct lxc_container ***list, struct lxc_container *c, int pos, bool sort)
+static bool add_to_clist(struct lxc_container ***list, struct lxc_container *c,
+ int pos, bool sort)
{
- struct lxc_container **newlist = realloc(*list, (pos+1) * sizeof(struct lxc_container *));
+ struct lxc_container **newlist = realloc(*list, (pos + 1) * sizeof(struct lxc_container *));
if (!newlist) {
ERROR("Out of memory");
return false;
@@ -1970,9 +1978,10 @@ static bool add_to_clist(struct lxc_container ***list, struct lxc_container *c,
*list = newlist;
newlist[pos] = c;
- // sort the arrray as we will use binary search on it
+ /* Sort the arrray as we will use binary search on it. */
if (sort)
- qsort(newlist, pos + 1, sizeof(struct lxc_container *), (int (*)(const void *,const void *))container_cmp);
+ qsort(newlist, pos + 1, sizeof(struct lxc_container *),
+ (int (*)(const void *, const void *))container_cmp);
return true;
}
@@ -2019,7 +2028,7 @@ static char ** do_lxcapi_get_interfaces(struct lxc_container *c)
return NULL;
}
- if (pid == 0) { // child
+ if (pid == 0) { /* child */
int ret = 1, nbytes;
struct ifaddrs *interfaceArray = NULL, *tempIfAddr = NULL;
@@ -2108,7 +2117,7 @@ static char** do_lxcapi_get_ips(struct lxc_container *c, const char* interface,
return NULL;
}
- if (pid == 0) { // child
+ if (pid == 0) { /* child */
int ret = 1, nbytes;
struct ifaddrs *interfaceArray = NULL, *tempIfAddr = NULL;
char addressOutputBuffer[INET6_ADDRSTRLEN];
@@ -2286,9 +2295,9 @@ static bool do_lxcapi_save_config(struct lxc_container *c, const char *alt_file)
if (!alt_file)
alt_file = c->configfile;
if (!alt_file)
- return false; // should we write to stdout if no file is specified?
+ return false;
- // If we haven't yet loaded a config, load the stock config
+ /* If we haven't yet loaded a config, load the stock config. */
if (!c->lxc_conf) {
if (!do_lxcapi_load_config(c, lxc_global_config_value("lxc.default_config"))) {
ERROR("Error loading default configuration file %s while saving %s", lxc_global_config_value("lxc.default_config"), c->name);
@@ -2299,10 +2308,9 @@ static bool do_lxcapi_save_config(struct lxc_container *c, const char *alt_file)
if (!create_container_dir(c))
return false;
- /*
- * If we're writing to the container's config file, take the
- * disk lock. Otherwise just take the memlock to protect the
- * struct lxc_container while we're traversing it.
+ /* If we're writing to the container's config file, take the disk lock.
+ * Otherwise just take the memlock to protect the struct lxc_container
+ * while we're traversing it.
*/
if (strcmp(c->configfile, alt_file) == 0)
need_disklock = true;
@@ -2522,7 +2530,7 @@ static bool has_fs_snapshots(struct lxc_container *c)
goto out;
ret = fscanf(f, "%d", &v);
fclose(f);
- // TODO: Figure out what to do with the return value of fscanf.
+ /* TODO: Figure out what to do with the return value of fscanf. */
if (ret != 1)
INFO("Container uses new lxc-snapshots format %s", path);
}
@@ -2600,7 +2608,7 @@ static bool container_destroy(struct lxc_container *c,
return false;
if (!is_stopped(c)) {
- // we should queue some sort of error - in c->error_string?
+ /* We should queue some sort of error - in c->error_string? */
ERROR("container %s is not stopped", c->name);
goto out;
}
@@ -2972,7 +2980,7 @@ static int copy_file(const char *old, const char *new)
if (len == 0)
break;
ret = write(out, buf, len);
- if (ret < len) { // should we retry?
+ if (ret < len) { /* should we retry? */
SYSERROR("Error: write to new file %s was interrupted", new);
goto err;
}
@@ -2980,7 +2988,7 @@ static int copy_file(const char *old, const char *new)
close(in);
close(out);
- // we set mode, but not owner/group
+ /* We set mode, but not owner/group. */
ret = chmod(new, sbuf.st_mode);
if (ret) {
SYSERROR("Error setting mode on %s", new);
@@ -3012,13 +3020,13 @@ static int copyhooks(struct lxc_container *oldc, struct lxc_container *c)
char *hookname = it->elem;
char *fname = strrchr(hookname, '/');
char tmppath[MAXPATHLEN];
- if (!fname) // relative path - we don't support, but maybe we should
+ if (!fname) /* relative path - we don't support, but maybe we should */
return 0;
if (strncmp(hookname, cpath, len - 1) != 0) {
- // this hook is public - ignore
+ /* this hook is public - ignore */
continue;
}
- // copy the script, and change the entry in confile
+ /* copy the script, and change the entry in confile */
ret = snprintf(tmppath, MAXPATHLEN, "%s/%s/%s",
c->config_path, c->name, fname+1);
if (ret < 0 || ret >= MAXPATHLEN)
@@ -3131,7 +3139,7 @@ static bool add_rdepends(struct lxc_container *c, struct lxc_container *c0)
if (!f)
return false;
bret = true;
- // if anything goes wrong, just return an error
+ /* If anything goes wrong, just return an error. */
if (fprintf(f, "%s\n%s\n", c0->config_path, c0->name) < 0)
bret = false;
if (fclose(f) != 0)
@@ -3277,7 +3285,7 @@ static int clone_update_rootfs(struct clone_update_data *data)
storage_put(bdev);
return -1;
}
- } else { // TODO come up with a better way
+ } else { /* TODO come up with a better way */
free(bdev->dest);
bdev->dest = strdup(bdev->src);
}
@@ -3389,7 +3397,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char
goto out;
}
- // Make sure the container doesn't yet exist.
+ /* Make sure the container doesn't yet exist. */
if (!newname)
newname = c->name;
if (!lxcpath)
@@ -3411,7 +3419,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char
goto out;
}
- // copy the configuration, tweak it as needed,
+ /* Copy the configuration. Tweak it as needed. */
if (c->lxc_conf->rootfs.path) {
origroot = c->lxc_conf->rootfs.path;
c->lxc_conf->rootfs.path = NULL;
@@ -3478,13 +3486,13 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char
goto out;
}
- // copy/snapshot rootfs's
+ /* copy/snapshot rootfs's */
ret = copy_storage(c, c2, bdevtype, flags, bdevdata, newsize);
if (ret < 0)
goto out;
- // update utsname
+ /* update utsname */
if (!(flags & LXC_CLONE_KEEPNAME)) {
clear_unexp_config_line(c2->lxc_conf, "lxc.utsname", false);
clear_unexp_config_line(c2->lxc_conf, "lxc.uts.name", false);
@@ -3495,7 +3503,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char
}
}
- // copy hooks
+ /* copy hooks */
ret = copyhooks(c, c2);
if (ret < 0) {
ERROR("error copying hooks");
@@ -3507,7 +3515,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char
goto out;
}
- // update macaddrs
+ /* update macaddrs */
if (!(flags & LXC_CLONE_KEEPMACADDR)) {
if (!network_new_hwaddrs(c2->lxc_conf)) {
ERROR("Error updating mac addresses");
@@ -3515,12 +3523,13 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char
}
}
- // update absolute paths for overlay mount directories
+ /* Update absolute paths for overlay mount directories. */
if (ovl_update_abs_paths(c2->lxc_conf, c->config_path, c->name, lxcpath, newname) < 0)
goto out;
- // We've now successfully created c2's storage, so clear it out if we
- // fail after this
+ /* We've now successfully created c2's storage, so clear it out if we
+ * fail after this.
+ */
storage_copied = 1;
if (!c2->save_config(c2, NULL))
@@ -3748,7 +3757,7 @@ static int do_lxcapi_snapshot(struct lxc_container *c, const char *commentfile)
lxc_container_put(c2);
- // Now write down the creation time
+ /* Now write down the creation time. */
time_t timer;
char buffer[25];
struct tm* tm_info;
@@ -3778,7 +3787,7 @@ static int do_lxcapi_snapshot(struct lxc_container *c, const char *commentfile)
}
if (commentfile) {
- // $p / $name / comment \0
+ /* $p / $name / comment \0 */
int len = strlen(snappath) + strlen(newname) + 10;
char *path = alloca(len);
sprintf(path, "%s/%s/comment", snappath, newname);
@@ -3800,7 +3809,7 @@ static void lxcsnap_free(struct lxc_snapshot *s)
static char *get_snapcomment_path(char* snappath, char *name)
{
- // $snappath/$name/comment
+ /* $snappath/$name/comment */
int ret, len = strlen(snappath) + strlen(name) + 10;
char *s = malloc(len);
@@ -3960,7 +3969,7 @@ static bool do_lxcapi_snapshot_restore(struct lxc_container *c, const char *snap
storage_put(bdev);
return false;
}
- // how should we lock this?
+ /* how should we lock this? */
snap = lxc_container_new(snapname, clonelxcpath);
if (!snap || !lxcapi_is_defined(snap)) {
@@ -4276,7 +4285,7 @@ static bool do_lxcapi_detach_interface(struct lxc_container *c, const char *ifna
return false;
}
- if (pid == 0) { // child
+ if (pid == 0) { /* child */
int ret = 0;
if (!enter_net_ns(c)) {
ERROR("failed to enter namespace");
@@ -4499,7 +4508,7 @@ struct lxc_container *lxc_container_new(const char *name, const char *configpath
c->daemonize = true;
c->pidfile = NULL;
- // assign the member functions
+ /* Assign the member functions. */
c->is_defined = lxcapi_is_defined;
c->state = lxcapi_state;
c->is_running = lxcapi_is_running;
@@ -4600,7 +4609,7 @@ int list_defined_containers(const char *lxcpath, char ***names, struct lxc_conta
if (!direntp)
break;
- // Ignore '.', '..' and any hidden directory
+ /* Ignore '.', '..' and any hidden directory. */
if (!strncmp(direntp->d_name, ".", 1))
continue;
@@ -4709,7 +4718,7 @@ int list_active_containers(const char *lxcpath, char ***nret,
while (*p == '/')
p++;
- // Now p is the start of lxc_name
+ /* Now p is the start of lxc_name. */
p2 = strchr(p, '/');
if (!p2 || strncmp(p2, "/command", 8) != 0)
continue;
diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h
index fe8e73811..3aee440e4 100644
--- a/src/lxc/lxccontainer.h
+++ b/src/lxc/lxccontainer.h
@@ -59,7 +59,7 @@ struct migrate_opts;
* changes, whenever possible stick to simply appending new members.
*/
struct lxc_container {
- // private fields
+ /* private fields */
/*!
* \private
* Name of container.
@@ -105,7 +105,7 @@ struct lxc_container {
*/
struct lxc_conf *lxc_conf;
- // public fields
+ /* public fields */
/*! Human-readable string representing last error */
char *error_string;
diff --git a/src/lxc/lxclock.c b/src/lxc/lxclock.c
index 1f6b8438b..c85a8461c 100644
--- a/src/lxc/lxclock.c
+++ b/src/lxc/lxclock.c
@@ -54,7 +54,7 @@ static inline void dump_stacktrace(void)
size = backtrace(array, MAX_STACKDEPTH);
strings = backtrace_symbols(array, size);
- // Using fprintf here as our logging module is not thread safe
+ /* Using fprintf here as our logging module is not thread safe. */
fprintf(stderr, "\tObtained %zu stack frames.\n", size);
for (i = 0; i < size; i++)
diff --git a/src/lxc/lxclock.h b/src/lxc/lxclock.h
index e097216ee..64975dbdf 100644
--- a/src/lxc/lxclock.h
+++ b/src/lxc/lxclock.h
@@ -33,21 +33,21 @@
#define LXC_LOCK_ANON_SEM 1 /*!< Anonymous semaphore lock */
#define LXC_LOCK_FLOCK 2 /*!< flock(2) lock */
-// private
+/* private */
/*!
* LXC Lock
*/
struct lxc_lock {
- short type; //!< Lock type
+ short type; /*!< Lock type */
union {
- sem_t *sem; //!< Anonymous semaphore (LXC_LOCK_ANON_SEM)
+ sem_t *sem; /*!< Anonymous semaphore (LXC_LOCK_ANON_SEM) */
/*! LXC_LOCK_FLOCK details */
struct {
- int fd; //!< fd on which a lock is held (if not -1)
- char *fname; //!< Name of lock
+ int fd; /*!< fd on which a lock is held (if not -1) */
+ char *fname; /*!< Name of lock */
} f;
- } u; //!< Container for lock type elements
+ } u; /*!< Container for lock type elements */
};
/*!
diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
index ba062e8d9..63a404d62 100644
--- a/src/lxc/monitor.c
+++ b/src/lxc/monitor.c
@@ -262,7 +262,7 @@ int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
if (ret == -1)
return -1;
else if (ret == 0)
- return -2; // timed out
+ return -2; /* timed out */
/* Only read from the first ready fd, the others will remain ready for
* when this routine is called again.
diff --git a/src/lxc/network.c b/src/lxc/network.c
index 0295d5d41..f3cd0f5c1 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -156,7 +156,7 @@ static char * is_wlan(const char *ifname)
goto bad;
if (!(f = fopen(path, "r")))
goto bad;
- // feh - sb.st_size is always 4096
+ /* Feh - sb.st_size is always 4096. */
fseek(f, 0, SEEK_END);
physlen = ftell(f);
fseek(f, 0, SEEK_SET);
@@ -223,7 +223,7 @@ lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid, const char*
sprintf(pidstr, "%d", pid);
if (execlp("iw", "iw", "phy", physname, "set", "netns", pidstr, (char *)NULL))
exit(1);
- exit(0); // notreached
+ exit(0); /* notreached */
}
if (wait_for_pid(fpid))
goto out1;
@@ -1438,7 +1438,7 @@ static int attach_to_ovs_bridge(const char *lxcpath, const char *name, const cha
return ret;
pid = fork();
if (pid < 0)
- return -1; // how to properly recover?
+ return -1; /* how to properly recover? */
if (pid > 0)
return 0;
ovs_cleanup_nic(lxcpath, name, bridge, nic);
@@ -1447,13 +1447,12 @@ static int attach_to_ovs_bridge(const char *lxcpath, const char *name, const cha
if (execlp("ovs-vsctl", "ovs-vsctl", "add-port", bridge, nic, (char *)NULL))
exit(1);
- // not reached
+ /* not reached */
exit(1);
}
-/*
- * There is a lxc_bridge_attach, but no need of a bridge detach
- * as automatically done by kernel when a netdev is deleted.
+/* There is a lxc_bridge_attach, but no need of a bridge detach as automatically
+ * done by kernel when a netdev is deleted.
*/
int lxc_bridge_attach(const char *lxcpath, const char *name, const char *bridge, const char *ifname)
{
diff --git a/src/lxc/nl.c b/src/lxc/nl.c
index f194efcf2..994c960df 100644
--- a/src/lxc/nl.c
+++ b/src/lxc/nl.c
@@ -156,7 +156,7 @@ extern struct nlmsg *nlmsg_alloc_reserve(size_t size)
if (!nlmsg)
return NULL;
- // just set message length to cap directly
+ /* Just set message length to cap directly. */
nlmsg->nlmsghdr->nlmsg_len = nlmsg->cap;
return nlmsg;
}
@@ -178,14 +178,14 @@ extern int netlink_rcv(struct nl_handler *handler, struct nlmsg *answer)
.iov_base = answer->nlmsghdr,
.iov_len = answer->nlmsghdr->nlmsg_len,
};
-
+
struct msghdr msg = {
.msg_name = &nladdr,
.msg_namelen = sizeof(nladdr),
.msg_iov = &iov,
.msg_iovlen = 1,
};
-
+
memset(&nladdr, 0, sizeof(nladdr));
nladdr.nl_family = AF_NETLINK;
nladdr.nl_pid = 0;
@@ -223,7 +223,7 @@ extern int netlink_send(struct nl_handler *handler, struct nlmsg *nlmsg)
.msg_iovlen = 1,
};
int ret;
-
+
memset(&nladdr, 0, sizeof(nladdr));
nladdr.nl_family = AF_NETLINK;
nladdr.nl_pid = 0;
diff --git a/src/lxc/parse.c b/src/lxc/parse.c
index b8eef7f04..9242763e9 100644
--- a/src/lxc/parse.c
+++ b/src/lxc/parse.c
@@ -51,8 +51,9 @@ int lxc_file_for_each_line(const char *file, lxc_file_cb callback, void *data)
while (getline(&line, &len, f) != -1) {
err = callback(line, data);
if (err) {
- // callback rv > 0 means stop here
- // callback rv < 0 means error
+ /* Callback rv > 0 means stop here callback rv < 0 means
+ * error.
+ */
if (err < 0)
ERROR("Failed to parse config: %s", line);
break;
diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 7eee8cea7..deacd1217 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -75,7 +75,7 @@ static uint32_t get_v2_default_action(char *line)
while (*line == ' ')
line++;
- // after 'whitelist' or 'blacklist' comes default behavior
+ /* After 'whitelist' or 'blacklist' comes default behavior. */
if (strncmp(line, "kill", 4) == 0)
ret_action = SCMP_ACT_KILL;
else if (strncmp(line, "errno", 5) == 0) {
@@ -94,7 +94,7 @@ static uint32_t get_v2_default_action(char *line)
static const char *get_action_name(uint32_t action)
{
- // The upper 16 bits indicate the type of the seccomp action
+ /* The upper 16 bits indicate the type of the seccomp action. */
switch(action & 0xffff0000){
case SCMP_ACT_KILL:
return "kill";
@@ -170,7 +170,7 @@ int get_hostarch(void)
}
if (strcmp(uts.machine, "i686") == 0)
return lxc_seccomp_arch_i386;
- // no x32 kernels
+ /* no x32 kernels */
else if (strcmp(uts.machine, "x86_64") == 0)
return lxc_seccomp_arch_amd64;
else if (strncmp(uts.machine, "armv7", 5) == 0)
@@ -434,7 +434,7 @@ static int parse_config_v2(FILE *f, char *line, struct lxc_conf *conf)
remove_trailing_newlines(line);
INFO("processing: .%s.", line);
if (line[0] == '[') {
- // read the architecture for next set of rules
+ /* Read the architecture for next set of rules. */
if (strcmp(line, "[x86]") == 0 ||
strcmp(line, "[X86]") == 0) {
if (native_arch != lxc_seccomp_arch_i386 &&
diff --git a/src/lxc/start.h b/src/lxc/start.h
index d8d06cfbf..f0858926c 100644
--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -48,13 +48,16 @@ struct lxc_handler {
int pinfd;
const char *lxcpath;
void *cgroup_data;
- int ttysock[2]; // socketpair for child->parent tty fd passing
- bool backgrounded; // indicates whether should we close std{in,out,err} on start
+
+ /* socketpair for child->parent tty fd passing */
+ int ttysock[2];
+
+ /* indicates whether should we close std{in,out,err} on start */
+ bool backgrounded;
int nsfd[LXC_NS_MAX];
int netnsfd;
- /* The socketpair() fds used to wait on successful daemonized
- * startup.
- */
+
+ /* The socketpair() fds used to wait on successful daemonized startup. */
int state_socket_pair[2];
struct lxc_list state_clients;
};
diff --git a/src/lxc/storage/btrfs.c b/src/lxc/storage/btrfs.c
index 3057cf546..1fe0d5acd 100644
--- a/src/lxc/storage/btrfs.c
+++ b/src/lxc/storage/btrfs.c
@@ -99,10 +99,6 @@ char *get_btrfs_subvol_path(int fd, u64 dir_id, u64 objid, char *name,
return retpath;
}
-//
-// btrfs ops
-//
-
int btrfs_list_get_path_rootid(int fd, u64 *treeid)
{
int ret;
@@ -126,7 +122,7 @@ bool is_btrfs_fs(const char *path)
int fd, ret;
struct btrfs_ioctl_space_args sargs;
- // make sure this is a btrfs filesystem
+ /* Make sure this is a btrfs filesystem. */
fd = open(path, O_RDONLY);
if (fd < 0)
return false;
diff --git a/src/lxc/storage/btrfs.h b/src/lxc/storage/btrfs.h
index 7d0253994..4bf459a94 100644
--- a/src/lxc/storage/btrfs.h
+++ b/src/lxc/storage/btrfs.h
@@ -95,7 +95,7 @@ struct btrfs_ioctl_vol_args_v2 {
union {
struct {
unsigned long long size;
- //struct btrfs_qgroup_inherit *qgroup_inherit;
+ /*struct btrfs_qgroup_inherit *qgroup_inherit; */
void *qgroup_inherit;
};
unsigned long long unused[4];
diff --git a/src/lxc/storage/loop.c b/src/lxc/storage/loop.c
index 8ceddc60a..68a1b0ffe 100644
--- a/src/lxc/storage/loop.c
+++ b/src/lxc/storage/loop.c
@@ -322,7 +322,7 @@ static int do_loop_create(const char *path, uint64_t size, const char *fstype)
return -1;
}
- // create an fs in the loopback file
+ /* Create an fs in the loopback file. */
ret = run_command(cmd_output, sizeof(cmd_output), do_mkfs_exec_wrapper,
(void *)cmd_args);
if (ret < 0) {
diff --git a/src/lxc/storage/rsync.h b/src/lxc/storage/rsync.h
index 9984bc98b..fca81a724 100644
--- a/src/lxc/storage/rsync.h
+++ b/src/lxc/storage/rsync.h
@@ -43,4 +43,4 @@ extern int lxc_storage_rsync_exec_wrapper(void *data);
extern int lxc_rsync_exec(const char *src, const char *dest);
extern int lxc_rsync(struct rsync_data *data);
-#endif // __LXC_RSYNC_H
+#endif /* __LXC_RSYNC_H */
diff --git a/src/lxc/storage/storage.h b/src/lxc/storage/storage.h
index 66d71fdf2..aa819df65 100644
--- a/src/lxc/storage/storage.h
+++ b/src/lxc/storage/storage.h
@@ -70,7 +70,8 @@ struct lxc_storage;
struct lxc_storage_ops {
/* detect whether path is of this bdev type */
bool (*detect)(const char *path);
- // mount requires src and dest to be set.
+
+ /* mount requires src and dest to be set. */
int (*mount)(struct lxc_storage *bdev);
int (*umount)(struct lxc_storage *bdev);
int (*destroy)(struct lxc_storage *bdev);
diff --git a/src/lxc/storage/storage_utils.c b/src/lxc/storage/storage_utils.c
index 728a11211..787f13854 100644
--- a/src/lxc/storage/storage_utils.c
+++ b/src/lxc/storage/storage_utils.c
@@ -85,13 +85,17 @@ char *dir_new_path(char *src, const char *oldname, const char *name,
}
while ((p2 = strstr(src, oldname)) != NULL) {
- strncpy(p, src, p2 - src); // copy text up to oldname
- p += p2 - src; // move target pointer (p)
- p += sprintf(p, "%s",
- name); // print new name in place of oldname
- src = p2 + l2; // move src to end of oldname
+ /* copy text up to oldname */
+ strncpy(p, src, p2 - src);
+ /* move target pointer (p) */
+ p += p2 - src;
+ /* print new name in place of oldname */
+ p += sprintf(p, "%s", name);
+ /* move src to end of oldname */
+ src = p2 + l2;
}
- sprintf(p, "%s", src); // copy the rest of src
+ /* copy the rest of src */
+ sprintf(p, "%s", src);
return ret;
}
@@ -136,7 +140,8 @@ int blk_getsize(struct lxc_storage *bdev, uint64_t *size)
if (fd < 0)
return -1;
- ret = ioctl(fd, BLKGETSIZE64, size); // size of device in bytes
+ /* size of device in bytes */
+ ret = ioctl(fd, BLKGETSIZE64, size);
close(fd);
return ret;
}
@@ -213,7 +218,7 @@ int detect_fs(struct lxc_storage *bdev, char *type, int len)
exit(1);
}
- // if symlink, get the real dev name
+ /* if symlink, get the real dev name */
char devpath[MAXPATHLEN];
char *l = linkderef(srcdev, devpath);
if (!l)
@@ -410,9 +415,10 @@ bool unpriv_snap_allowed(struct lxc_storage *b, const char *t, bool snap,
bool maybesnap)
{
if (!t) {
- // new type will be same as original
- // (unless snap && b->type == dir, in which case it will be
- // overlayfs -- which is also allowed)
+ /* New type will be same as original (unless snap && b->type ==
+ * dir, in which case it will be overlayfs -- which is also
+ * allowed).
+ */
if (strcmp(b->type, "dir") == 0 ||
strcmp(b->type, "aufs") == 0 ||
strcmp(b->type, "overlay") == 0 ||
@@ -424,8 +430,9 @@ bool unpriv_snap_allowed(struct lxc_storage *b, const char *t, bool snap,
return false;
}
- // unprivileged users can copy and snapshot dir, overlayfs,
- // and loop. In particular, not zfs, btrfs, or lvm.
+ /* Unprivileged users can copy and snapshot dir, overlayfs, and loop.
+ * In particular, not zfs, btrfs, or lvm.
+ */
if (strcmp(t, "dir") == 0 ||
strcmp(t, "aufs") == 0 ||
strcmp(t, "overlay") == 0 ||
diff --git a/src/lxc/tools/lxc_clone.c b/src/lxc/tools/lxc_clone.c
index e7ecd0c51..b1062c822 100644
--- a/src/lxc/tools/lxc_clone.c
+++ b/src/lxc/tools/lxc_clone.c
@@ -53,7 +53,7 @@ static uint64_t get_fssize(char *s)
while (isblank(*end))
end++;
if (*end == '\0')
- ret *= 1024ULL * 1024ULL; // MB by default
+ ret *= 1024ULL * 1024ULL; /* MB by default */
else if (*end == 'b' || *end == 'B')
ret *= 1ULL;
else if (*end == 'k' || *end == 'K')
@@ -163,9 +163,10 @@ int main(int argc, char *argv[])
if (keepname) flags |= LXC_CLONE_KEEPNAME;
if (keepmac) flags |= LXC_CLONE_KEEPMACADDR;
- // vgname and fstype could be supported by sending them through the
- // bdevdata. However, they currently are not yet. I'm not convinced
- // they are worthwhile.
+ /* vgname and fstype could be supported by sending them through the
+ * bdevdata. However, they currently are not yet. I'm not convinced
+ * they are worthwhile.
+ */
if (vgname) {
printf("Error: vgname not supported\n");
usage(argv[0]);
diff --git a/src/lxc/tools/lxc_copy.c b/src/lxc/tools/lxc_copy.c
index 63bf2f59e..f1b51c4c7 100644
--- a/src/lxc/tools/lxc_copy.c
+++ b/src/lxc/tools/lxc_copy.c
@@ -575,7 +575,7 @@ static uint64_t get_fssize(char *s)
while (isblank(*end))
end++;
if (*end == '\0') {
- ret *= 1024ULL * 1024ULL; // MB by default
+ ret *= 1024ULL * 1024ULL; /* MB by default */
} else if (*end == 'b' || *end == 'B') {
ret *= 1ULL;
} else if (*end == 'k' || *end == 'K') {
diff --git a/src/lxc/tools/lxc_create.c b/src/lxc/tools/lxc_create.c
index d1486e409..7d925f5e0 100644
--- a/src/lxc/tools/lxc_create.c
+++ b/src/lxc/tools/lxc_create.c
@@ -49,7 +49,7 @@ static uint64_t get_fssize(char *s)
while (isblank(*end))
end++;
if (*end == '\0')
- ret *= 1024ULL * 1024ULL; // MB by default
+ ret *= 1024ULL * 1024ULL; /* MB by default */
else if (*end == 'b' || *end == 'B')
ret *= 1ULL;
else if (*end == 'k' || *end == 'K')
@@ -248,7 +248,7 @@ int main(int argc, char *argv[])
if (strcmp(my_args.bdevtype, "none") == 0)
my_args.bdevtype = "dir";
- // Final check whether the user gave use a valid bdev type.
+ /* Final check whether the user gave use a valid bdev type. */
if (strcmp(my_args.bdevtype, "best") &&
strcmp(my_args.bdevtype, "_unset") &&
!is_valid_storage_type(my_args.bdevtype)) {
diff --git a/src/lxc/tools/lxc_ls.c b/src/lxc/tools/lxc_ls.c
index ad102886b..21f8d9264 100644
--- a/src/lxc/tools/lxc_ls.c
+++ b/src/lxc/tools/lxc_ls.c
@@ -677,18 +677,22 @@ static char *ls_get_interface(struct lxc_container *c)
*/
static double ls_get_swap(struct lxc_container *c)
{
+ char *stat, *swap, *tmp;
unsigned long long int num = 0;
- char *stat = ls_get_cgroup_item(c, "memory.stat");
+
+ stat = ls_get_cgroup_item(c, "memory.stat");
if (!stat)
goto out;
- char *swap = strstr(stat, "\nswap");
+ swap = strstr(stat, "\nswap");
if (!swap)
goto out;
- swap = 1 + swap + 4 + 1; // start_of_swap_value = '\n' + strlen(swap) + ' '
+ /* start_of_swap_value = '\n' + strlen(swap) + ' ' */
+ swap = 1 + swap + 4 + 1;
- char *tmp = strchr(swap, '\n'); // find end of swap value
+ /* find end of swap value */
+ tmp = strchr(swap, '\n');
if (!tmp)
goto out;
diff --git a/src/lxc/tools/lxc_unshare.c b/src/lxc/tools/lxc_unshare.c
index a0f943fd5..c294a6085 100644
--- a/src/lxc/tools/lxc_unshare.c
+++ b/src/lxc/tools/lxc_unshare.c
@@ -137,7 +137,7 @@ static int do_start(void *arg)
exit(EXIT_FAILURE);
}
- // Setuid is useful even without a new user id space
+ /* Setuid is useful even without a new user id space. */
if (start_arg->setuid && setuid(uid)) {
ERROR("failed to set uid %d: %s", uid, strerror(errno));
exit(EXIT_FAILURE);
diff --git a/src/lxc/tools/lxc_usernsexec.c b/src/lxc/tools/lxc_usernsexec.c
index 7fd2acabb..86e9c4027 100644
--- a/src/lxc/tools/lxc_usernsexec.c
+++ b/src/lxc/tools/lxc_usernsexec.c
@@ -99,13 +99,13 @@ static void opentty(const char * tty, int which) {
close(fd);
}
}
-// Code copy end
+/* Code copy end */
static int do_child(void *vargv)
{
char **argv = (char **)vargv;
- // Assume we want to become root
+ /* Assume we want to become root */
if (setgid(0) < 0) {
perror("setgid");
return -1;
@@ -272,8 +272,8 @@ int main(int argc, char *argv[])
int pid;
char *default_args[] = {"/bin/sh", NULL};
char buf[1];
- int pipe1[2], // child tells parent it has unshared
- pipe2[2]; // parent tells child it is mapped and may proceed
+ int pipe1[2], /* child tells parent it has unshared */
+ pipe2[2]; /* parent tells child it is mapped and may proceed */
memset(ttyname0, '\0', sizeof(ttyname0));
memset(ttyname1, '\0', sizeof(ttyname1));
@@ -326,7 +326,7 @@ int main(int argc, char *argv[])
exit(EXIT_FAILURE);
}
if ((pid = fork()) == 0) {
- // Child.
+ /* Child. */
close(pipe1[0]);
close(pipe2[1]);
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index d36107020..0a345adb3 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -1069,7 +1069,7 @@ bool dir_exists(const char *path)
ret = stat(path, &sb);
if (ret < 0)
- // could be something other than eexist, just say no
+ /* Could be something other than eexist, just say "no". */
return false;
return S_ISDIR(sb.st_mode);
}
@@ -1125,7 +1125,7 @@ int detect_shared_rootfs(void)
continue;
*p2 = '\0';
if (strcmp(p + 1, "/") == 0) {
- // this is '/'. is it shared?
+ /* This is '/'. Is it shared? */
p = strchr(p2 + 1, ' ');
if (p && strstr(p, "shared:")) {
fclose(f);
@@ -1191,7 +1191,7 @@ bool detect_ramfs_rootfs(void)
continue;
*p2 = '\0';
if (strcmp(p + 1, "/") == 0) {
- // this is '/'. is it the ramfs?
+ /* This is '/'. Is it the ramfs? */
p = strchr(p2 + 1, '-');
if (p && strncmp(p, "- rootfs rootfs ", 16) == 0) {
free(line);
@@ -1572,20 +1572,21 @@ static int check_symlink(int fd)
static int open_if_safe(int dirfd, const char *nextpath)
{
int newfd = openat(dirfd, nextpath, O_RDONLY | O_NOFOLLOW);
- if (newfd >= 0) // was not a symlink, all good
+ if (newfd >= 0) /* Was not a symlink, all good. */
return newfd;
if (errno == ELOOP)
return newfd;
if (errno == EPERM || errno == EACCES) {
- /* we're not root (cause we got EPERM) so
- try opening with O_PATH */
+ /* We're not root (cause we got EPERM) so try opening with
+ * O_PATH.
+ */
newfd = openat(dirfd, nextpath, O_PATH | O_NOFOLLOW);
if (newfd >= 0) {
- /* O_PATH will return an fd for symlinks. We know
- * nextpath wasn't a symlink at last openat, so if fd
- * is now a link, then something * fishy is going on
+ /* O_PATH will return an fd for symlinks. We know
+ * nextpath wasn't a symlink at last openat, so if fd is
+ * now a link, then something * fishy is going on.
*/
int ret = check_symlink(newfd);
if (ret < 0) {
@@ -1685,8 +1686,10 @@ static int open_without_symlink(const char *target, const char *prefix_skip)
int safe_mount(const char *src, const char *dest, const char *fstype,
unsigned long flags, const void *data, const char *rootfs)
{
- int srcfd = -1, destfd, ret, saved_errno;
- char srcbuf[50], destbuf[50]; // only needs enough for /proc/self/fd/<fd>
+ int destfd, ret, saved_errno;
+ /* Only needs enough for /proc/self/fd/<fd>. */
+ char srcbuf[50], destbuf[50];
+ int srcfd = -1;
const char *mntsrc = src;
if (!rootfs)
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index 4408c6d69..f0b9bfbba 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -92,7 +92,7 @@ static inline int unshare(int flags)
#endif
}
#else
-int unshare(int);
+extern int unshare(int);
#endif
/* Define signalfd() if missing from the C library */
@@ -245,24 +245,30 @@ extern int lxc_wait_for_pid_status(pid_t pid);
/* send and receive buffers completely */
extern ssize_t lxc_write_nointr(int fd, const void* buf, size_t count);
extern ssize_t lxc_read_nointr(int fd, void* buf, size_t count);
-extern ssize_t lxc_read_nointr_expect(int fd, void* buf, size_t count, const void* expected_buf);
+extern ssize_t lxc_read_nointr_expect(int fd, void *buf, size_t count,
+ const void *expected_buf);
#if HAVE_LIBGNUTLS
#define SHA_DIGEST_LENGTH 20
extern int sha1sum_file(char *fnam, unsigned char *md_value);
#endif
/* read and write whole files */
-extern int lxc_write_to_file(const char *filename, const void* buf, size_t count, bool add_newline);
+extern int lxc_write_to_file(const char *filename, const void *buf,
+ size_t count, bool add_newline);
extern int lxc_read_from_file(const char *filename, void* buf, size_t count);
/* convert variadic argument lists to arrays (for execl type argument lists) */
extern char** lxc_va_arg_list_to_argv(va_list ap, size_t skip, int do_strdup);
extern const char** lxc_va_arg_list_to_argv_const(va_list ap, size_t skip);
-/* Some simple string functions; if they return pointers, they are allocated buffers. */
-extern char *lxc_string_replace(const char *needle, const char *replacement, const char *haystack);
+/* Some simple string functions; if they return pointers, they are allocated
+ * buffers.
+ */
+extern char *lxc_string_replace(const char *needle, const char *replacement,
+ const char *haystack);
extern bool lxc_string_in_array(const char *needle, const char **haystack);
-extern char *lxc_string_join(const char *sep, const char **parts, bool use_as_prefix);
+extern char *lxc_string_join(const char *sep, const char **parts,
+ bool use_as_prefix);
/* Normalize and split path: Leading and trailing / are removed, multiple
* / are compactified, .. and . are resolved (.. on the top level is considered
* identical to .).
@@ -281,7 +287,8 @@ extern char *lxc_append_paths(const char *first, const char *second);
* consider an empty element, even if two delimiters are next to
* each other.
*/
-extern bool lxc_string_in_list(const char *needle, const char *haystack, char sep);
+extern bool lxc_string_in_list(const char *needle, const char *haystack,
+ char sep);
extern char **lxc_string_split(const char *string, char sep);
extern char **lxc_string_split_and_trim(const char *string, char sep);
/* Append string to NULL-terminated string array. */
@@ -290,7 +297,8 @@ extern int lxc_append_string(char ***list, char *entry);
/* some simple array manipulation utilities */
typedef void (*lxc_free_fn)(void *);
typedef void *(*lxc_dup_fn)(void *);
-extern int lxc_grow_array(void ***array, size_t* capacity, size_t new_size, size_t capacity_increment);
+extern int lxc_grow_array(void ***array, size_t *capacity, size_t new_size,
+ size_t capacity_increment);
extern void lxc_free_array(void **array, lxc_free_fn element_free_fn);
extern size_t lxc_array_len(void **array);
@@ -303,7 +311,7 @@ extern void *lxc_strmmap(void *addr, size_t length, int prot, int flags, int fd,
/* munmap() wrapper. Use it to free memory mmap()ed with lxc_strmmap(). */
extern int lxc_strmunmap(void *addr, size_t length);
-//initialize rand with urandom
+/* initialize rand with urandom */
extern int randseed(bool);
inline static bool am_unpriv(void) {
@@ -318,50 +326,51 @@ extern uid_t get_ns_uid(uid_t orig);
extern bool dir_exists(const char *path);
#define FNV1A_64_INIT ((uint64_t)0xcbf29ce484222325ULL)
-uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval);
-
-int detect_shared_rootfs(void);
-bool detect_ramfs_rootfs(void);
-char *on_path(const char *cmd, const char *rootfs);
-bool file_exists(const char *f);
-bool cgns_supported(void);
-char *choose_init(const char *rootfs);
-int print_to_file(const char *file, const char *content);
-bool switch_to_ns(pid_t pid, const char *ns);
-int is_dir(const char *path);
-char *get_template_path(const char *t);
-int setproctitle(char *title);
-int safe_mount(const char *src, const char *dest, const char *fstype,
- unsigned long flags, const void *data, const char *rootfs);
-int lxc_mount_proc_if_needed(const char *rootfs);
-int open_devnull(void);
-int set_stdfds(int fd);
-int null_stdfds(void);
-int lxc_count_file_lines(const char *fn);
-int lxc_preserve_ns(const int pid, const char *ns);
+extern uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval);
+
+extern int detect_shared_rootfs(void);
+extern bool detect_ramfs_rootfs(void);
+extern char *on_path(const char *cmd, const char *rootfs);
+extern bool file_exists(const char *f);
+extern bool cgns_supported(void);
+extern char *choose_init(const char *rootfs);
+extern int print_to_file(const char *file, const char *content);
+extern bool switch_to_ns(pid_t pid, const char *ns);
+extern int is_dir(const char *path);
+extern char *get_template_path(const char *t);
+extern int setproctitle(char *title);
+extern int safe_mount(const char *src, const char *dest, const char *fstype,
+ unsigned long flags, const void *data,
+ const char *rootfs);
+extern int lxc_mount_proc_if_needed(const char *rootfs);
+extern int open_devnull(void);
+extern int set_stdfds(int fd);
+extern int null_stdfds(void);
+extern int lxc_count_file_lines(const char *fn);
+extern int lxc_preserve_ns(const int pid, const char *ns);
/* Check whether a signal is blocked by a process. */
-bool task_blocking_signal(pid_t pid, int signal);
+extern bool task_blocking_signal(pid_t pid, int signal);
/* Helper functions to parse numbers. */
-int lxc_safe_uint(const char *numstr, unsigned int *converted);
-int lxc_safe_int(const char *numstr, int *converted);
-int lxc_safe_long(const char *numstr, long int *converted);
-int lxc_safe_ulong(const char *numstr, unsigned long *converted);
+extern int lxc_safe_uint(const char *numstr, unsigned int *converted);
+extern int lxc_safe_int(const char *numstr, int *converted);
+extern int lxc_safe_long(const char *numstr, long int *converted);
+extern int lxc_safe_ulong(const char *numstr, unsigned long *converted);
/* Switch to a new uid and gid. */
-int lxc_switch_uid_gid(uid_t uid, gid_t gid);
-int lxc_setgroups(int size, gid_t list[]);
+extern int lxc_switch_uid_gid(uid_t uid, gid_t gid);
+extern int lxc_setgroups(int size, gid_t list[]);
/* Find an unused loop device and associate it with source. */
-int lxc_prepare_loop_dev(const char *source, char *loop_dev, int flags);
+extern int lxc_prepare_loop_dev(const char *source, char *loop_dev, int flags);
/* Clear all mounts on a given node.
* >= 0 successfully cleared. The number returned is the number of umounts
* performed.
* < 0 error umounting. Return -errno.
*/
-int lxc_unstack_mountpoint(const char *path, bool lazy);
+extern int lxc_unstack_mountpoint(const char *path, bool lazy);
/*
* run_command runs a command and collect it's std{err,out} output in buf.
@@ -375,22 +384,23 @@ int lxc_unstack_mountpoint(const char *path, bool lazy);
* function must exec.
* @param[in] args Arguments to be passed to child_fn.
*/
-int run_command(char *buf, size_t buf_size, int (*child_fn)(void *), void *args);
+extern int run_command(char *buf, size_t buf_size, int (*child_fn)(void *),
+ void *args);
/* Concatenate all passed-in strings into one path. Do not fail. If any piece
* is not prefixed with '/', add a '/'.
*/
-char *must_make_path(const char *first, ...) __attribute__((sentinel));
+extern char *must_make_path(const char *first, ...) __attribute__((sentinel));
/* return copy of string @entry; do not fail. */
-char *must_copy_string(const char *entry);
+extern char *must_copy_string(const char *entry);
/* Re-alllocate a pointer, do not fail */
-void *must_realloc(void *orig, size_t sz);
+extern void *must_realloc(void *orig, size_t sz);
/* __typeof__ should be safe to use with all compilers. */
typedef __typeof__(((struct statfs *)NULL)->f_type) fs_type_magic;
-bool has_fs_type(const char *path, fs_type_magic magic_val);
-bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
+extern bool has_fs_type(const char *path, fs_type_magic magic_val);
+extern bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
#endif /* __LXC_UTILS_H */
diff --git a/src/python-lxc/lxc.c b/src/python-lxc/lxc.c
index 70176cdc6..b50fa09f5 100644
--- a/src/python-lxc/lxc.c
+++ b/src/python-lxc/lxc.c
@@ -2006,7 +2006,6 @@ PyInit__lxc(void)
PYLXC_EXPORT_CONST(LXC_ATTACH_DEFAULT);
PYLXC_EXPORT_CONST(LXC_ATTACH_DROP_CAPABILITIES);
PYLXC_EXPORT_CONST(LXC_ATTACH_LSM_EXEC);
- PYLXC_EXPORT_CONST(LXC_ATTACH_LSM_NOW);
PYLXC_EXPORT_CONST(LXC_ATTACH_MOVE_TO_CGROUP);
PYLXC_EXPORT_CONST(LXC_ATTACH_REMOUNT_PROC_SYS);
PYLXC_EXPORT_CONST(LXC_ATTACH_SET_PERSONALITY);
diff --git a/src/tests/aa.c b/src/tests/aa.c
index c96b4666a..195d22ef1 100644
--- a/src/tests/aa.c
+++ b/src/tests/aa.c
@@ -76,7 +76,6 @@ static int do_test_file_open(struct lxc_container *c, char *fnam)
}
attach_options.stdout_fd = pipefd[1];
attach_options.attach_flags &= ~(LXC_ATTACH_LSM_EXEC|LXC_ATTACH_DROP_CAPABILITIES);
- attach_options.attach_flags |= LXC_ATTACH_LSM_NOW;
ret = c->attach(c, test_attach_write_file, fnam, &attach_options, &pid);
if (ret < 0) {
fprintf(stderr, "attach failed\n");
diff --git a/src/tests/attach.c b/src/tests/attach.c
index 02c221e1a..ce86764c5 100644
--- a/src/tests/attach.c
+++ b/src/tests/attach.c
@@ -99,7 +99,6 @@ static int test_attach_lsm_func(struct lxc_container *ct)
}
attach_options.stdout_fd = pipefd[1];
attach_options.attach_flags &= ~(LXC_ATTACH_LSM_EXEC|LXC_ATTACH_DROP_CAPABILITIES);
- attach_options.attach_flags |= LXC_ATTACH_LSM_NOW;
ret = ct->attach(ct, test_attach_lsm_func_func, NULL, &attach_options, &pid);
if (ret < 0) {
TSTERR("attach failed");
From fe31c16c7a2370ce63f821bed0abb220836c2fb9 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 23 Aug 2017 11:05:24 +0200
Subject: [PATCH 3/3] attach_options: improve coding style
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/attach_options.h | 62 ++++++++++++++++++++++++------------------------
1 file changed, 31 insertions(+), 31 deletions(-)
diff --git a/src/lxc/attach_options.h b/src/lxc/attach_options.h
index 27009ecd9..cb4179fd1 100644
--- a/src/lxc/attach_options.h
+++ b/src/lxc/attach_options.h
@@ -35,28 +35,27 @@ extern "C" {
* LXC environment policy.
*/
typedef enum lxc_attach_env_policy_t {
- LXC_ATTACH_KEEP_ENV, //!< Retain the environment
- LXC_ATTACH_CLEAR_ENV //!< Clear the environment
+ LXC_ATTACH_KEEP_ENV, /*!< Retain the environment */
+ LXC_ATTACH_CLEAR_ENV /*!< Clear the environment */
} lxc_attach_env_policy_t;
enum {
- /* the following are on by default: */
- LXC_ATTACH_MOVE_TO_CGROUP = 0x00000001, //!< Move to cgroup
- LXC_ATTACH_DROP_CAPABILITIES = 0x00000002, //!< Drop capabilities
- LXC_ATTACH_SET_PERSONALITY = 0x00000004, //!< Set personality
- LXC_ATTACH_LSM_EXEC = 0x00000008, //!< Execute under a Linux Security Module
-
- /* the following are off by default */
- LXC_ATTACH_REMOUNT_PROC_SYS = 0x00010000, //!< Remount /proc filesystem
+ /* The following are on by default: */
+ LXC_ATTACH_MOVE_TO_CGROUP = 0x00000001, /*!< Move to cgroup */
+ LXC_ATTACH_DROP_CAPABILITIES = 0x00000002, /*!< Drop capabilities */
+ LXC_ATTACH_SET_PERSONALITY = 0x00000004, /*!< Set personality */
+ LXC_ATTACH_LSM_EXEC = 0x00000008, /*!< Execute under a Linux Security Module */
+
+ /* The following are off by default: */
+ LXC_ATTACH_REMOUNT_PROC_SYS = 0x00010000, /*!< Remount /proc filesystem */
/* Set PR_SET_NO_NEW_PRIVS to block execve() gainable privileges. */
- LXC_ATTACH_NO_NEW_PRIVS = 0x00040000, //!< PR_SET_NO_NEW_PRIVS
+ LXC_ATTACH_NO_NEW_PRIVS = 0x00040000, /*!< PR_SET_NO_NEW_PRIVS */
- /* we have 16 bits for things that are on by default
- * and 16 bits that are off by default, that should
- * be sufficient to keep binary compatibility for
- * a while
+ /* We have 16 bits for things that are on by default and 16 bits that
+ * are off by default, that should be sufficient to keep binary
+ * compatibility for a while
*/
- LXC_ATTACH_DEFAULT = 0x0000FFFF //!< Mask of flags to apply by default
+ LXC_ATTACH_DEFAULT = 0x0000FFFF /*!< Mask of flags to apply by default */
};
/*! All Linux Security Module flags */
@@ -83,13 +82,14 @@ typedef struct lxc_attach_options_t {
int namespaces;
/*! Initial personality (\c -1 to autodetect).
- * \warning This may be ignored if lxc is compiled without personality support)
+ * \warning This may be ignored if lxc is compiled without personality
+ * support)
*/
long personality;
/*! Initial current directory, use \c NULL to use cwd.
- * If the current directory does not exist in the container, the
- * root directory will be used instead because of kernel defaults.
+ * If the current directory does not exist in the container, the root
+ * directory will be used instead because of kernel defaults.
*/
char* initial_cwd;
@@ -133,18 +133,18 @@ typedef struct lxc_attach_options_t {
} lxc_attach_options_t;
/*! Default attach options to use */
-#define LXC_ATTACH_OPTIONS_DEFAULT \
- { \
- /* .attach_flags = */ LXC_ATTACH_DEFAULT, \
- /* .namespaces = */ -1, \
- /* .personality = */ -1, \
- /* .initial_cwd = */ NULL, \
- /* .uid = */ (uid_t)-1, \
- /* .gid = */ (gid_t)-1, \
- /* .env_policy = */ LXC_ATTACH_KEEP_ENV, \
- /* .extra_env_vars = */ NULL, \
- /* .extra_keep_env = */ NULL, \
- /* .stdin_fd = */ 0, 1, 2 \
+#define LXC_ATTACH_OPTIONS_DEFAULT \
+ { \
+ /* .attach_flags = */ LXC_ATTACH_DEFAULT, \
+ /* .namespaces = */ -1, \
+ /* .personality = */ -1, \
+ /* .initial_cwd = */ NULL, \
+ /* .uid = */ (uid_t)-1, \
+ /* .gid = */ (gid_t)-1, \
+ /* .env_policy = */ LXC_ATTACH_KEEP_ENV, \
+ /* .extra_env_vars = */ NULL, \
+ /* .extra_keep_env = */ NULL, \
+ /* .stdin_fd = */ 0, 1, 2 \
}
/*!
More information about the lxc-devel
mailing list